• Journal of Information Processing Systems
• /
• 제20권2호
• /
• pp.252-262
• /
• 2024

The multi-hop wireless sensor network (WSN) suffers from energy limitation and eavesdropping attacks. We propose a simple and energy-efficient convergecast mechanism using inter-flow random linear network coding that can provide confidentiality to the multi-hop WSN. Our scheme consists of two steps, constructing a logical tree of sensor nodes rooted at the sink node, with using the Bloom filter, and transmitting sensory data encoded by sensor nodes along the logical tree upward to the sink where the encoded data are decoded according to our proposed multi-hop network coding (MHNC) mechanism. We conducted simulations using OMNET++ CASTALIA-3.3 framework and validated that MHNC outperforms the conventional mechanism in terms of packet delivery ratio, data delivery time and energy efficiency.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2024년도 춘계학술발표대회
• /
• pp.41-44
• /
• 2024

원격 컴퓨팅 환경에서 오프로딩된 사용자의 코드와 데이터를 악의적인 내부 위협자(클라우드 운영체제 등)으로부터 안전하게 지켜주는 하드웨어 신뢰실행환경은 보안성을 위하여 사용되는 메모리 물리 주소가 하나의 실행환경에 귀속되는 공간적 격리(spatial isolation) 모델을 사용한다. 허나 이러한 메모리 모델은 상호작용하는 신뢰실행환경 프로그램들 사이 메모리 공유를 허락하지 않으며, 이는 성능 및 기존 어플리케이션과의 호환성에서의 문제를 야기한다. 본 논문에서는 최근 ARM사에서 발표된 새로운 신뢰실행환경인 기밀 컴퓨팅 아키텍처를 분석하여 메모리 공유 가능성을 파악하고, 공유가 단순히 허용되어 있을 때의 보안 문제와 이에 대한 기본적인 해결책 및 그 한계점을 제시한다.

• 한국정보통신학회논문지
• /
• 제18권1호
• /
• pp.91-96
• /
• 2014

최근 컴퓨터의 보급과 정보사회의 발달로 인해 개인 신상 정보에 대한 관심이 증대되고, 이와 관련된 정책과 기술이 발전함에 따라서 개인 신상 정보를 보호하려는 시도가 다양하게 이루어지고 있다. 본 논문에서는 컴퓨터를 사용하면서, 개인의 중요한 자료나 신상정보 또는 회사의 기밀 내용을 다루는 기관 및 부서를 대상으로 중요한 자료와 신상정보 및 회사의 기밀을 보호하는 방안을 제안 하였다. 결과적으로 공공기관 또는 개인 컴퓨터 내에서 타인의 정보를 악의적으로 도용하거나 도취하는 것을 방지하고, 기관 내의 시스템들 사이에서 정보가 오가는 동안 중요한 자료와 신상 정보들의 노출을 1차적으로 막을 수 있다.

• 디지털산업정보학회논문지
• /
• 제13권4호
• /
• pp.13-23
• /
• 2017

In order to protect personal information and important information (confidential information, sales information, user information, etc.) in the internal network, companies and organizations apply encryption to the Server-To-Server or Server-To-Client communication section, And are experiencing difficulties due to the increasing number of known attacks and intelligent security attacks. In order to apply the existing S / W encryption technology, it is necessary to modify the application. In the financial sector, "Comprehensive Measures to Prevent the Recurrence of Personal Information Leakage in the Domestic Financial Sector" has been issued, and standard guidelines for financial computing security have been laid out, and it is required to expand the whole area of encryption to the internal network. In addition, even in environments such as U-Health and Smart Grid, which are based on the Internet of Things (IoT) environment, which is increasingly used, security requirements for each collection gateway and secure transmission of the transmitted and received data The requirements of the secure channel for the use of the standard are specified in the standard. Therefore, in this paper, we propose a secure encryption algorithm through mutual authentication and grouping for each node through H / W based Network Control Server (NCS) applicable to internal system and IoT environment provided by enterprises and organizations. We propose a protocol design that can set the channel.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권12호
• /
• pp.4909-4926
• /
• 2020

Cyberattacks penetrate the server and perform various malicious acts such as stealing confidential information, destroying systems, and exposing personal information. To achieve this, attackers perform various malicious actions by infecting endpoints and accessing the internal network. However, the current countermeasures are only anti-viruses that operate in a signature or pattern manner, allowing initial unknown attacks. Endpoint Detection and Response (EDR) technology is focused on providing visibility, and strong countermeasures are lacking. If you fail to respond to the initial attack, it is difficult to respond additionally because malicious behavior like Advanced Persistent Threat (APT) attack does not occur immediately, but occurs over a long period of time. In this paper, we propose a technique that detects an unknown attack using an event log without prior knowledge, although the initial response failed with anti-virus. The proposed technology uses a combination of AutoEncoder and 1D CNN (1-Dimention Convolutional Neural Network) based on semi-supervised learning. The experiment trained a dataset collected over a month in a real-world commercial endpoint environment, and tested the data collected over the next month. As a result of the experiment, 37 unknown attacks were detected in the event log collected for one month in the actual commercial endpoint environment, and 26 of them were verified as malicious through VirusTotal (VT). In the future, it is expected that the proposed model will be applied to EDR technology to form a secure endpoint environment and reduce time and labor costs to effectively detect unknown attacks.

• 정보보호학회논문지
• /
• 제26권1호
• /
• pp.237-246
• /
• 2016

최근 다양한 유형의 사이버공격이 발생하였고 공격의 전략적 목적 및 전술적 수단도 진화하고 있다. 특히 한수원 사이버공격은 해킹과 심리전을 결합시킨 핵티비즘형으로 공격자는 국민을 사이버전에 참여시키려 하였고 기밀정보 공개 및 원전중단 협박으로 정부의 의사결정을 지속적으로 강요하였다. 따라서 본 논문에서는 사이버공격시 효과적 전략결정을 도출하기 위하여 개방형 정책결정모델에 공격지성을 포함시키고 게임이론을 활용하여 연구한다.

• 디지털산업정보학회논문지
• /
• 제7권3호
• /
• pp.97-105
• /
• 2011

With the advancement of network, privacy information as well as confidential information that belongs to government and company are exposed to security incident like spreading viruses or DDoS attack. To prevent these security incident and protect information that belongs to government and company, Security system has developed such as antivirus, firewall, IPS, VPN, and other network security system. Network security systems should be selected based on purpose, usage and cost. Verification for network security product's basic features performed in a variety of ways at home and abroad, but consumers who buy these network security product, just rely on the information presented at companies. Therefore, common user doing self performance evaluation for perform Verification before buying network security product but these verification depends on inaccurate data which based on some user's criteria. On this paper, we designing methodology of network security system performance evaluation focused on Korean using other cases of performance evaluation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권9호
• /
• pp.1684-1697
• /
• 2011

We show that two protocols for RFID mutual authentication in pervasive computing environments, recently proposed by Kang et al, are vulnerable to several attacks. First, we show these protocols do not preserve the privacy of users' location. Once a tag is authenticated successfully, we show several scenarios where legitimate or illegitimate readers can trace the location of that tag without any further information about the tag's identifier or initial private key. Second, since the communication between readers and the database takes place over an insecure communication channel and in the plaintext form, we show scenarios where a compromised tag can gain access to confidential information that the tag is not supposed get access to. Finally, we show that these protocols are also vulnerable to the replay and denial-of-service attacks. While some of these attacks are due to simple flaws and can be easily fixed, others are more fundamental and are due to relaxing widely accepted assumptions in the literature. We examine this issue, apply countermeasures, and re-evaluate the protocols overhead after taking these countermeasures into account and compare them to other work in the literature.

• International Journal of Computer Science & Network Security
• /
• 제21권9호
• /
• pp.297-302
• /
• 2021

The development of various phishing websites enables hackers to access confidential personal or financial data, thus, decreasing the trust in e-business. This paper compared the detection techniques utilizing URL-based features. To analyze and compare the performance of supervised machine learning classifiers, the machine learning classifiers were trained by using more than 11,005 phishing and legitimate URLs. 30 features were extracted from the URLs to detect a phishing or legitimate URL. Logistic Regression, Random Forest, and CatBoost classifiers were then analyzed and their performances were evaluated. The results yielded that CatBoost was much better classifier than Random Forest and Logistic Regression with up to 96% of detection accuracy.

• Journal of Information Processing Systems
• /
• 제9권2호
• /
• pp.271-286
• /
• 2013

Recently, a pixel-chaotic-shuffling (PCS) method has been proposed by Huang et al. for encrypting color images using multiple chaotic systems like the Henon, the Lorenz, the Chua, and the Rossler systems. All of which have great encryption performance. The authors claimed that their pixel-chaotic-shuffle (PCS) encryption method has high confidential security. However, the security analysis of the PCS method against the chosen-plaintext attack (CPA) and known-plaintext attack (KPA) performed by Solak et al. successfully breaks the PCS encryption scheme without knowing the secret key. In this paper we present an improved shuffling pattern for the plaintext image bits to make the cryptosystem proposed by Huang et al. resistant to chosen-plaintext attack and known-plaintext attack. The modifications in the existing PCS encryption method are proposed to improve its security performance against the potential attacks described above. The Number of Pixel Change Rate (NPCR), Unified Average Changed Intensity (UACI), information entropy, and correlation coefficient analysis are performed to evaluate the statistical performance of the modified PCS method. The simulation analysis reveals that the modified PCS method has better statistical features and is more resistant to attacks than Huang et al.'s PCS method.