• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.441-447
• /
• 2004

Information security simulator is required for the study on the cyber intrusion and defense as information security has been increasingly popular Until now, the main purposes of information security simulation are security estimation of small network as well as performance analysis of information protection systems. However, network simulators that can simulate attacks in a huge network are in needs since large scale internet attacks are very common in these days. In this paper we proposed a simulator design and its implementation details. Our simulator is implemented by expanding the SSFNet program to the client-sewer architecture. A cyber attack scenario used in our simulator is composed by the advanced attack tree model. We analyzed the simulation results to show the correctness of our network defense simulator.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.257-262
• /
• 2015

The ministry of security and public administration provide the secure coding guide that can remove the vulnerability of applications and defend cyber attack from the coding step because cyber attack like the hacking about 75% abusing the vulnerability of applications. In this paper we find the oder of priority and did the criticality analysis used by AHP about 7 items in the secure coding which the ministry of security and public administration provide. The result is decided that 'exception handling' is the most important item. There is no secure coding items in software supervision currently, therefore the result of the research will make good use audit standards in the process of the software development.

• Nuclear Engineering and Technology
• /
• v.50 no.5
• /
• pp.780-787
• /
• 2018

This article presents a security module based on a field programmable gate array (FPGA) to mitigate man-in-the-middle cyber attacks. Nowadays, the FPGA is considered to be the state of the art in nuclear power plants I&C systems due to its flexibility, reconfigurability, and maintainability of the FPGA technology; it also provides acceptable solutions for embedded computing applications that require cybersecurity. The proposed FPGA-based security module is developed to mitigate information-gathering attacks, which can be made by gaining physical access to the network, e.g., a man-in-the-middle attack, using a cryptographic process to ensure data confidentiality and integrity and prevent injecting malware or malicious data into the critical digital assets of a nuclear power plant data communication system. A model-based system engineering approach is applied. System requirements analysis and enhanced function flow block diagrams are created and simulated using CORE9 to compare the performance of the current and developed systems. Hardware description language code for encryption and serial communication is developed using Vivado Design Suite 2017.2 as a programming tool to run the system synthesis and implementation for performance simulation and design verification. Simple windows are developed using Java for physical testing and communication between a personal computer and the FPGA.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.5
• /
• pp.27-33
• /
• 2019

One of serious security threats is a botnet-based attack. A botnet in general consists of numerous bots, which are computing devices with networking function, such as personal computers, smartphones, or tiny IoT sensor devices compromised by malicious codes or attackers. Such botnets can launch various serious cyber-attacks like DDoS attacks, propagating mal-wares, and spreading spam e-mails over the network. To establish a botnet, attackers usually inject malicious URLs into web source codes stealthily by using data hiding methods like Javascript obfuscation techniques to avoid being discovered by traditional security systems such as Firewall, IPS(Intrusion Prevention System) or IDS(Intrusion Detection System). Meanwhile, it is non-trivial work in practice for software developers to manually find such malicious URLs which are hidden in numerous web source codes stored in web servers. In this paper, we propose a security defense system to discover such suspicious, malicious URLs hidden in web source codes, and present experiment results that show its discovery performance. In particular, based on our experiment results, our proposed system discovered 100% of URLs hidden by Javascript encoding obfuscation within sample web source files.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• Journal of the Korea Convergence Society
• /
• v.8 no.6
• /
• pp.17-27
• /
• 2017

Recently, as cyber attacks have been activated, many such attacks have come into contact with various media. Research on security engineering and reverse engineering is active, but there is a lack of research that integrates them and applies attack systems through cost effective attack engineering. In this paper, security - enhanced information systems are developed by security engineering and reverse engineering is used to identify vulnerabilities. Using this vulnerability, we compare and analyze lifecycle models that construct or remodel attack system through attack engineering, and specify structure and behavior of each system, and propose more effective modeling. In addition, we extend the existing models and tools to propose graphical attack specification models that specify attack methods and scenarios in terms of models such as functional, static, and dynamic.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3280-3298
• /
• 2019

Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs.

• Journal of Internet Computing and Services
• /
• v.18 no.5
• /
• pp.9-15
• /
• 2017

In the whole world the Attack Technologies of cyber warfare in modern society are growing faster and complicated. The frequency of the new attacks is shorter than before day by day. The defense technologies and experts against these attacks are very few. One of answers to solve these problems is the cyber range as a test-bed to prepare the cyber warfare considered by many countries. This paper examines the foreign cases and similar systems, collects and analyzes various attributes for cyber range. Finally it refines them through system engineering processes. In these processes missions and concepts for administration are set with architecture framework. The logical architecture is designed. Based on designed architecture two goals, defense technologies and procurement of experts, are established. And it shows effective and persistent administration of cyber range.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.561-570
• /
• 2014

Nuclear Power Plant Instrumentation and Control System(NPP I&C) which is used to operate safely is changing from analog technology to digital technology. Ever since NPP Centrifuge of Iran Bushehr was shut down by Stuxnet attack in 2010, the possibility of cyber attacks against the NPP has been increasing. However, the domestic and international regulatory guidelines that was published to strengthen the cyber security of the NPP I&C describes security requirements and method s to establish policies and procedures. These guidelines are not appropriate for the development of real applicable cyber security technology. Therefore, specialized cyber security technologies for the NPP I&C need to be developed to enhance the security of nuclear power plants. This paper proposes a cyber security technology development system which is exclusively for the development of nuclear technology. Furthermore, this method has been applied to the ESF-CCS developed by The KINCS R&D project.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.765-774
• /
• 2018

As the IT technology develops, the military information system develops to the current IT environment for efficient operation and rapid communication, and the threat of cyber attack against the advanced weapon system using network technology is increasing simultaneously. In order to prevent and mitigate these problems, the United States has applied the cybersecurity test evaluation system from the beginning to the beginning of weapon system development. However, in Korea, the evaluation process of cyber security test is weak, and there is concern about the damage due to cyber attack. In this paper, we analyze cybersecurity test evaluation status of U.S. and domestic weapon systems and propose a solution to the problem of cybersecurity test evaluation system.