• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.6
• /
• pp.1320-1326
• /
• 2011

National institutions on the importance of information security is being recognized, information security laws are being discussed in Congress 3.4 DDoS incident and Nonghyup hacking, etc. However, National Assembly Secretariat when the results of the Information Security Consulting has been assessed very low 61.2 points, evaluation of hardware and software in secure areas were vulnerable. This paper, the legislative support agencies National Assembly and National Assembly Secretariat on the network and computer systems, and managerial, technical and physical security elements are analyzed for the status. And network should have the legislative support agencies and system for the physical network separation, DDoS attack response, Virus attack response, hacking attacks response, and Cyber Emergency Response Team/Coordination Center for Cyber infringing design and research through the confidentiality, integrity, availability, access control, authentication and security analysis is based on the evaluation criteria. Through this study, the legislative support agencies to strengthen the security of data and security laws enacted to provide the basis for.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.1-7
• /
• 2008

The hacking method came to be more complicated, became program ant it was automated. That is hacking trend of recent times. Before, The password crack, catch root authority is trend of hacking which uses the vulnerability of server. Hacker attack network or all of domain not some host. Web application system at hacking technique develops and improve transmitted data through the network shows many vulnerability. The massive data are transmitted through the network without encipherment filtering. It will be able to bring about the neck of a bottle actual condition which is serious in security system because of the network where the user comes to be many it leads and the data which is delivered comes to be many. In this paper, we propose web application system to prevent overload from bottleneck in encipherment system. It can solve security key trust problem in encoding and decoding with public key infrastructure.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.33-38
• /
• 2013

Security between mobile nodes and efficient communication is one of the most important parts of the MANET. In particular, the wireless network is significantly higher for the attack threats because of collaborative structure for open communication media and communication. However, application of existing security mechanisms and intrusion detection system is not easy due to the characteristics of MANET. It is because collection and integration of adult data by the dynamic topology due to the mobility of nodes and many network sensors is difficult. In this study, we propose cooperative security system technique that can improve the reliability based on authentication assessing confidence about the whole nodes which joins to network and detect effectively this when intrusion occurs. Cluster head which manages the cluster performs CA role for the certificate issue and the gateway node performs role of intrusion detection system. Intrusion detection is performed by cooperating with neighboring nodes when attack is not detected in one intrusion detection node. The performance of the proposed method was confirmed through experiments comparing with the SRP technique.

• Smart Media Journal
• /
• v.9 no.1
• /
• pp.9-15
• /
• 2020

Recently there have been increasing attempts to apply blockchains to businesses and public institutions. Blockchain is a distributed shared ledger with excellent transparency and security of data and through consensus algorithm, the same data can be shared to all nodes in order. In this paper, Modified PBFT which does not modify the PBFT consensus algorithm is proposed. MPBFT is able to tolerate Byzantine faults on a private blockchain on an asynchronous network. Even with the increase of participating nodes, the network communication cost can be effectively maintained. Modified PBFT takes into account the characteristics of an asynchronous network environment where node-to-node trust is guaranteed. In response to the client's request, PBFT performed the entire participation broadcast several times, but Modified PBFT enabled consensus and authentication through the 2 / N leader. By applying the Modified PBFT consensus algorithm, the broadcast process can be simplified to maintain the minimum number of nodes for consensus and to efficiently manage network communication costs.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.2
• /
• pp.73-80
• /
• 2009

Security is critically important for ubiquitous sensor networks that are usually used for the military and serveillance in environments that are opened to attacks, such as, eavesdroping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for ubiquitous sensor networks. ZigBee is used for low data rate and low power wireless sensor network applications. To deploy ubiquitous sensor networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.2
• /
• pp.143-151
• /
• 2008

74% of Internet users use the UCC, and You Tube using firearms in a crime occurred. Internet crime occurred in the online, non-face transaction, anonymous, encapsulation. In this paper, we are studied a Network Forensic Way and a technique analyze an aspect criminal the Internet haying appeared at Internet UCC, and to chase. Study ID, IP back-tracking and position chase through corroborative facts collections of the UCC which used UCC search way study of the police and a public prosecutor and storage way and network forensic related to crimes of Internet UCC. Proof data encrypt, and store, and study through approach control and user authentication so that they are adopted to legal proof data through integrity verification after transmission and storages. This research via the Internet and criminal conspiracy to block the advance promotion, and for the criminal investigative agencies of the Internet will contribute to the advancement forensics research.

• Journal of the Korea Computer Industry Society
• /
• v.6 no.3
• /
• pp.465-476
• /
• 2005

The wireless sensor network consists of a number of sensor nodes which have physical constraints. Each sensor node senses surrounding environments and sends the sensed information to Sink. In order to alleviate the inherent vulnerability in security of the wireless sensor nodes with the hardware constraints, the lightweight security protocol is needed and a variety of research is ongoing. In this paper, we propose a non-hierarchical sensor network and a security protocol that is suitable for monitoring man-made objects such as bridges. This paper, furthermore, explores a two-layer authentication, key distribution scheme which distributes the key and location of a sensor node in advance, and an effective security routing protocol which can take advantage of the Sleep and Awake state. This also results in the increased data transfer rate by increasing the number of alternative routing paths and the reduced energy consumption rate.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.155-164
• /
• 2006

VoIP technology is Eight New Services among Ubiquitous-IT839 strategies. This paper tested wiretapping or VoIP service in connected a soft phone and LAN and WAN sections, Internet telephones and a device. IP PBX, a banner operator network to have been connected to VoIP Internet network. As a result of having experimented on wiretapping of VoIP networks, Vulnerability was found. and a wiretapping by attacks of a hacker was succeeded in a terminal and proxy and attachment points of a VoIP network like a hub to follow a CVE list. Currently applied a security plan of an each wiretapping section in viewpoints of 6 security function of Access Control. Confidentiality, Authentication. Availability, Integrity. Non-repudiation in VoIP networks named to 070. Prevented wiretapping of contents by the results, the AES encryption that executed wiretapping experiment about a packet after application of a security plan. Prevented wiretapping, and kept security and audit log. and were able to accomplish VoIP information protection to network monitoring and audit log by an access interception and qualification and message hash functions and use of an incoming refusal.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.79-89
• /
• 2004

Mobile IP Low Latency Handoffs allow greater support for real-time services on a Mobile W network by minimizing the period of time when a mobile node is unable to send or receive IP packets due to the delay in the Mobile IP Registration process. However, on Mobile IP network with AAA servers that are capable of performing Authentication, Authorization, and Accounting(AAA) services, every Registration has to be traversed to the home network to achieve new session keys, that are distributed by home AAA server, for a new Mobile IP session. This communication delay is the time taken to re-authenticate the mobile node and to traverse between foreign and home network even if the mobile node has been previously authorized to old foreign agent. In order to reduce these extra time overheads, we present a method that performs Low Latency Handoffs without requiring funker involvement by home AAA server. The method re-uses the previously assigned session keys. To provide confidentiality and integrity of session keys in the phase of key exchange between agents, it uses a key sharing method by gateway foreign agent that Performs a ousted thirty party. The Proposed method allows the mobile node to perform Low Latency Handoffs with fast as well as secure operation

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.103-109
• /
• 2008

Many Internet application provide the PKI(public key infrastructure)-based service to provide authentication and message integrity. Several researchers proposed PKI-based p2p network framework. However, in the real world, the use of PKI is not suitable for peer to peer network, because the peer-to-peer network is an open and dynamic network. Moreover, currently there is no nation-to-nation interoperable certificate. In this paper, we designed reliable p2p file sharing application without public key infrastructure. To do this we propose reliable public key distribution mechanism to distribute public key safely without PKI infrastructure for two-tier super-peer architecture. In our system, each peer generates and distributes its public/private key pairs, and the public key is securely distributed without PKI. The proposed mechanism is safe against MITM attack. This mechanism can be applied various P2P applications such as file sharing, IPTV, distributed resource sharing and so on