• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.6
• /
• pp.1143-1150
• /
• 2017

In this paper, we proposed a method to display a hazard warning of hacking in the UX(: User Experience) concept level for non experts in the open Wi-Fi access area. According to the dangers of the AP raised by capture, we developed an application that provides a warning pop-up on the danger of hacking before using for APs that are distinguished by color and selected.

• ETRI Journal
• /
• v.31 no.4
• /
• pp.408-418
• /
• 2009

Adopting an encryption function in voice over Wi-Fi service incurs problems such as additional power consumption and degradation of communication quality. To overcome these problems, a partial encryption (PE) algorithm for compressed speech was recently introduced. However, from the security point of view, the partial encryption sets (PESs) of the conventional PE algorithm still have much room for improvement. This paper proposes a new selection method for finding a smaller PES while maintaining the security level of encrypted speech. The proposed PES selection method employs the perceptual evaluation of the speech quality (PESQ) algorithm to objectively measure the distortion of speech. The proposed method is applied to the ITU-T G.729 speech codec, and content protection capability is verified by a range of tests and a reconstruction attack. The experimental results show that encrypting only 20% of the compressed bitstream is sufficient to effectively hide the entire content of speech.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.9
• /
• pp.3250-3265
• /
• 2014

Integrated WiMAX and WiFi networks is of great potential for the future due to the wider coverage of WiMAX and the high data transport capacity of WiFi. However, seamless and secure handover (HO) is one of the most challenging issues in this field. In this paper, we present a novel vertical HO authentication scheme with privacy preserving for WiMAX-WiFi heterogeneous networks. Our scheme uses ticket-based and pseudonym-based cryptographic methods to secure HO process and to achieve high efficiency. The formal verification by the AVISPA tool shows that the proposed scheme is secure against various malicious attacks and the simulation result indicates that it outperforms the existing schemes in terms of communication and computation cost.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.204-206
• /
• 2022

드론과 관련된 기술의 발전으로 인하여, 다양한 민간 및 공공 산업에서 활용되는 실정이며, 이에 따라 드론 시장 역시 확대되면서 일반인들도 드론을 접하거나 활용하는 기회가 많아지고 있다. 특히, 일반인들이 접근하기 용이하고 사용하기 쉬운 WiFi 기반의 상용 드론이 생산되면서 수요 역시 증가하는 추세이다. 이와 같이, 드론이 많이 발전하는 긍정적인 측면과는 반대로, 드론에서 발생하는 다양한 취약점으로 인하여 보안 위협이 발생한다. 최근에는 WiFi 기반의 드론들을 대상으로 공개된 도구를 사용하여 DHCP 고갈 공격의 취약점을 분석하는 연구가 진행되었으며, 공격 결과로 실제 드론이 DHCP 고갈 공격으로 인하여 IP 주소를 할당받지 못하는 보안위협이 도출되었다. 하지만, 이 연구는 대표적인 DHCP 공격 도구인 DHCPig와 Yersinia를 활용하였으며, 이 도구들은 무선이 아닌 유선 네트워크를 기반으로 제작되었기 때문에, 드론 환경에 그대로 적용하기에는 한계점이 존재하며, 실제로 발생 가능한 취약점을 검증하지 못하는 한계점도 존재한다. 따라서 본 논문에서는 WiFi 기반 상용 드론을 대상으로 DHCP 고갈 공격의 취약점을 분석하기 위하여, 공개된 도구들의 문제점을 분석하고 개선함으로써, 드론 환경에서의 DHCP 고갈 공격의 가능성을 검증한다. 본 연구 결과는 DHCP를 제공하는 드론 환경의 안전성을 향상하기 위한 지표로 활용될 것으로 사료된다.

• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.11-17
• /
• 2018

Hardware Keyloggers are available in a variety of modular keylogger products with small size and Wi-Fi communication capabilities that can be concealed inside the keyboard. Such keyloggers are more likely to leak important information and sensitive information from government, military, business and individuals because they are difficult to detect if they are used by a third party for malicious purposes. However, unlike software keyloggers, research on security solutions and detection methods are relatively small in number. This paper, we investigate security vulnerability caused by hardware keylogger and existing detection methods, and improve the detection possibility of modular hardware keylogger through non-destructive measurement methods, such as power consumption of keyboard, infrared temperature, and X-ray. Furthenmore, We propose a method that can be done with experimental results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.893-906
• /
• 2023

Awareness that smartphones can be used as tools for criminal activity is prevalent in many organizations, but the functionally smartphone-like smartwatch's potential as a criminal tool is being overlooked. Considering this situation, this research verifies the possibility of information leakage through an insider's smartwatch in a situation where smartphones are controlled by security regulations and technologies, but smart watch are not. By analyzing information related application usage and Wi-Fi connection generated in the smartwatch during the verification process, forensic information and limitations are identified. Finally, this research proposes preventive methods to prepare for potential smartwatch-related crimes, and reconsiders awareness of the possibility of using smartwatches as criminal tools.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.7
• /
• pp.15-21
• /
• 2015

Due to the appearance of various mobile terminals like smartphone, smartpad, and smartwatch and tremendous development of WiFi technology, data utilization rate on WiFi network is significantly increasing. As a result, users are wanting to use WiFi network using only a simple identification at a visited place as if they are at their home institute. In this paper, we review the domestic status of eduroam service which supports global extension of wireless network access environment and present the future development perspective of the service in Korea. Besides, we shed light on the current status of WiFi sharing service between domestic universities and propose some methods to facilitate the join of domestic universities in eduroam service.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.21-28
• /
• 2021

In this paper, a novel data transferring method is introduced that can transmit sensor data without using data bandwidth or an extra-processing cycle in a delay insensitive network. The proposed method uses human devices as Mules, does not disturb the device owner for permission, and saves energy while transferring sensor data to the collection hub in a wireless sensor network. This paper uses IP addressing technique as the data transferring mechanism by embedding the sensor data with the IP address of a Mule. The collection hub uses the ARP sequence method to extract the embedded data from the IP address. The proposed method follows WiFi standard in its every step and ends when data collection is over. Every step of the proposed method is discussed in detail with the help of figures in the paper.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.99-103
• /
• 2009

Recently, as wired and wireless communication services have rapidly developed and multimodal mobile devices which have various characteristics have widely spread, the need for new convergence services increases. The growing population of VoIP technologies and the high communication expense yield that the market of IP based telephony such as WiFi phone and IP phone is substituted for one of the conventional PSTN telephony. With the help of this trend, the wireline network operators desire to find a market in mobile networks. Therefore, they focus on Fixed Mobile Convergence (FMC) service as one of the key factors to accomplish this goal. FMC services are able to provide the mobility of voice services between circuit switched and packet switched networks. IP Multimedia Subsystem (IMS) based Voice Call Continuity (VCC) is one of the schemes to embody FMC services. As Application Server (AS) which has this VCC function provides seamless handover of services between heterogeneous networks, FMC subscribers can communicate seamlessly with others m WiFi domain and COMA domain using WiFi-COMA dual phone. Most of enterprises have already introduced IP network infrastructure and IP-PBX (Private Branch eXchange) for telephony. However, the problems of high communication cost and work inefficiency due to frequent outside jobs or business trips have remained. In order to solve these problems, demands for enterprise FMC services increase. In this paper, we introduce a new IP-PBX based VCC model that can provide seamless handover of voice services between WiFi and COMA networks for enterprise users and we investigate some interworking and security issues between Soft Switch (SSW) and IMS, or between IMSs. In addition, we introduce a new service that can provide the continuity of voice sessions as well as video sessions using Multimedia Session Continuity (MMSC) technology which has evolved from VCC. This service is expected to be one of the next-generation personalized services based on user's context.

• Journal of Internet Computing and Services
• /
• v.17 no.3
• /
• pp.11-18
• /
• 2016

Accessing unauthorized rogue APs in WiFi environments is a very dangerous behavior which may lead WiFi users to be exposed to the various cyber attacks such as sniffing, phishing, and pharming attacks. Therefore, prompt and precise detection of rogue APs and properly alarming to the corresponding users has become one of most essential requirements for the WiFi security. This paper proposes a new rogue AP detection method which is mainly using the installation information of authorized APs and the DHCP snooping information of the corresponding switches. The proposed method detects rogue APs promptly and precisely, and notify in realtime to the corresponding users. Since the proposed method is simple and does not require any special devices, it is very cost-effective comparing to the wireless intrusion prevention systems which are normally based on a number of detection sensors and servers. And it is highly precise and prompt in rogue AP detection and flexible in deployment comparing to the existing rogue AP detection methods based on the timing information, location information, and white list information.