• 제목/요약/키워드: Forgery Analysis

검색결과 70건 처리시간 0.019초

Fragile Watermarking Based on LBP for Blind Tamper Detection in Images

  • Zhang, Heng;Wang, Chengyou;Zhou, Xiao
    • Journal of Information Processing Systems
    • /
    • 제13권2호
    • /
    • pp.385-399
    • /
    • 2017
  • Nowadays, with the development of signal processing technique, the protection to the integrity and authenticity of images has become a topic of great concern. A blind image authentication technology with high tamper detection accuracy for different common attacks is urgently needed. In this paper, an improved fragile watermarking method based on local binary pattern (LBP) is presented for blind tamper location in images. In this method, a binary watermark is generated by LBP operator which is often utilized in face identification and texture analysis. In order to guarantee the safety of the proposed algorithm, Arnold transform and logistic map are used to scramble the authentication watermark. Then, the least significant bits (LSBs) of original pixels are substituted by the encrypted watermark. Since the authentication data is constructed from the image itself, no original image is needed in tamper detection. The LBP map of watermarked image is compared to the extracted authentication data to determine whether it is tampered or not. In comparison with other state-of-the-art schemes, various experiments prove that the proposed algorithm achieves better performance in forgery detection and location for baleful attacks.

Cryptanalysis and improvement of a Multi-server Authentication protocol by Lu et al.

  • Irshad, Azeem;Sher, Muhammad;Alzahrani, Bander A.;Albeshri, Aiiad;Chaudhry, Shehzad Ashraf;Kumari, Saru
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제12권1호
    • /
    • pp.523-549
    • /
    • 2018
  • The increasing number of subscribers and demand of multiplicity of services has turned Multi-Server Authentication (MSA) into an integral part of remote authentication paradigm. MSA not only offers an efficient mode to register the users by engaging a trusted third party (Registration Centre), but also a cost-effective architecture for service procurement, onwards. Recently, Lu et al.'s scheme demonstrated that Mishra et al.'s scheme is unguarded to perfect forward secrecy compromise, server masquerading, and forgery attacks, and presented a better scheme. However, we discovered that Lu et al.'s scheme is still susceptible to malicious insider attack and non-compliant to perfect forward secrecy. This study presents a critical review on Lu et al.'s scheme and then proposes a secure multi-server authentication scheme. The security properties of contributed work are validated with automated Proverif tool and proved under formal security analysis.

A Dynamic Defense Using Client Puzzle for Identity-Forgery Attack on the South-Bound of Software Defined Networks

  • Wu, Zehui;Wei, Qiang;Ren, Kailei;Wang, Qingxian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제11권2호
    • /
    • pp.846-864
    • /
    • 2017
  • Software Defined Network (SDN) realizes management and control over the underlying forwarding device, along with acquisition and analysis of network topology and flow characters through south bridge protocol. Data path Identification (DPID) is the unique identity for managing the underlying device, so forged DPID can be used to attack the link of underlying forwarding devices, as well as carry out DoS over the upper-level controller. This paper proposes a dynamic defense method based on Client-Puzzle model, in which the controller achieves dynamic management over requests from forwarding devices through generating questions with multi-level difficulty. This method can rapidly reduce network load, and at the same time separate attack flow from legal flow, enabling the controller to provide continuous service for legal visit. We conduct experiments on open-source SDN controllers like Fluid and Ryu, the result of which verifies feasibility of this defense method. The experimental result also shows that when cost of controller and forwarding device increases by about 2%-5%, the cost of attacker's CPU increases by near 90%, which greatly raises the attack difficulty for attackers.

PEC: A Privacy-Preserving Emergency Call Scheme for Mobile Healthcare Social Networks

  • Liang, Xiaohui;Lu, Rongxing;Chen, Le;Lin, Xiaodong;Shen, Xuemin (Sherman)
    • Journal of Communications and Networks
    • /
    • 제13권2호
    • /
    • pp.102-112
    • /
    • 2011
  • In this paper, we propose a privacy-preserving emergency call scheme, called PEC, enabling patients in life-threatening emergencies to fast and accurately transmit emergency data to the nearby helpers via mobile healthcare social networks (MHSNs). Once an emergency happens, the personal digital assistant (PDA) of the patient runs the PEC to collect the emergency data including emergency location, patient health record, as well as patient physiological condition. The PEC then generates an emergency call with the emergency data inside and epidemically disseminates it to every user in the patient's neighborhood. If a physician happens to be nearby, the PEC ensures the time used to notify the physician of the emergency is the shortest. We show via theoretical analysis that the PEC is able to provide fine-grained access control on the emergency data, where the access policy is set by patients themselves. Moreover, the PEC can withstandmultiple types of attacks, such as identity theft attack, forgery attack, and collusion attack. We also devise an effective revocation mechanism to make the revocable PEC (rPEC) resistant to inside attacks. In addition, we demonstrate via simulation that the PEC can significantly reduce the response time of emergency care in MHSNs.

A Study on the Security Technology of Real-time Biometric Data in IoT Environment

  • Shin, Yoon-Hwan
    • 한국컴퓨터정보학회논문지
    • /
    • 제21권1호
    • /
    • pp.85-90
    • /
    • 2016
  • In this paper, the biometric data is transmitted in real time from the IoT environment is runoff, forgery, alteration, prevention of the factors that can be generated from a denial-of-service in advance, and the security strategy for the biometric data to protect the biometric data secure from security threats offer. The convenience of living in our surroundings to life with the development of ubiquitous computing and smart devices are available in real-time. And is also increasing interest in the IOT. IOT environment is giving the convenience of life. However, security threats to privacy also are exposed for 24 hours. This paper examines the security threats to biological data to be transmitted in real time from IOT environment. The technology for such security requirements and security technology according to the analysis of the threat. And with respect to the biometric data transmitted in real time on the IoT environment proposes a security strategy to ensure the stability against security threats and described with respect to its efficiency.

안전한 RFID 환경을 위한 태그-리더 상호 인증 프로토콜 (Tag-Reader Mutual Authentication Protocol for secure RFID environments)

  • 이영석;최훈
    • 한국정보통신학회논문지
    • /
    • 제19권2호
    • /
    • pp.357-364
    • /
    • 2015
  • RFID 환경에서는 태그-리더 사이에 무선으로 데이터를 송수신하기 때문에, 공격자가 물리적인 제약없이 네트워크에 참가할 수 있어 도청 및 데이터 위 변조와 같은 다양한 공격 기법에 쉽게 노출될 수 있다. 또한, RFID 태그의 자원 제약성이 높아 외부 공격에 방어하기 위한 보안 기술을 적용하는 것이 쉽지 않다. 본 논문에서는 스푸핑 공격, 재전송 공격, 트래픽 분석 공격, 위치 트래킹 공격과 같은 외부 사이버 공격에 대해 안전하게 RFID 태그 정보를 보호하고, 다양한 외부 공격에 견딜 수 있는 새로운 태그-리더 상호 인증 프로토콜을 제안한다. 제안된 상호 인증 프로토콜의 성능 평가를 수행하고 시뮬레이션 결과를 제시한다.

DApp 개발을 위한 블록체인 2.0 이더리움 플랫폼 분석 연구 (A Study on the Blockchain 2.0 Ethereum Platform Analysis for DApp Development)

  • 김순곤
    • 한국정보전자통신기술학회논문지
    • /
    • 제11권6호
    • /
    • pp.718-723
    • /
    • 2018
  • 최신 컴퓨터 네트워크 기술과 IoT 기술을 융합하여 의료 사물 인터넷(Internet of Medical Things; IoMT) 환경에서 건강관리 및 모니터링과 같은 원격의료(telemedicine)는 양질의 의료정보 서비스 제공을 통해 삶의 질 향상, 의료비용과 의료기관 혼잡도 감소, 의사와 환자간 정보 공유 및 의사소통 향상 등의 긍정적 요소가 크게 부각되고 있다. 본 논문에서는 블록체인과 관련된 연구 및 블록체인을 적용한 플랫폼에 대해 알아보고 이를 비교 분석하여 제품 유통 탈중앙화 DApp 개발한 결과를 제시하였다. 이 과정에서 기존 제품 유통 순서도에 블록체인 기술을 응용하여 상품 사기 파악, 데이터 관리, 고객 관리, 상품 정보의 위조, 변조 방지, 거래 이력 추적 등을 할 수 있고 제품 거래를 원활히 할 수 있게 하는 유통 DApp 개발을 통해 이더리움 플랫폼의 동작 운영 과정을 검증하였다.

네트워크 상에서의 침입차단시스템 영향력 분석 (Analysis on Effects of The Firewall on Networks)

  • 정선이;박정은;유수연;장성은;채기준;노병규
    • 정보보호학회논문지
    • /
    • 제10권4호
    • /
    • pp.95-105
    • /
    • 2000
  • 정보유출, 파괴, 위 변조, 바이러스와 같은 정보화 역 기능으로부터 정보시스템과 통신망을 보호하기 위하여 침입차단시스템에 대한 요구가 증대되고 있다. 실제로 침입차단시스템을 사용하기 위해서는 그것이 네트워크에 미치는 영향에 대해서 보안 관리자가 알고 분석할 수 있어야 한다. 그러나 현재 침입차단시스템의 성능에 대해서 의문을 갖게 될 때 이를 평가할 수 있는 마땅한 도구가 없기에 침입차단시스템이 네트워크에 미치는 영향에 대한 연구가 필요하다. 본 논문에서는 침입차단시스템이 네트워크에 미치는 영향을 파악하기 위하여 실제 네트워크에 다양한 트래픽을 적용해 봄으로써 분석하였다. 또한 COMNET-III를 이용하여 침입차단시스템이 없는 경우와 있는 경우의 네트워크를 모델링하여 다양한 침입차단시스템의 운영환경 및 네트워크 환경 변화에 따른 영향을 분석하였다.

두 인증서 없는 서명 기법들에 관한 안전성 분석 (Security Analysis of Two Certificateless Signature Schemes)

  • 이주희;심경아;이향숙
    • 정보보호학회논문지
    • /
    • 제19권6호
    • /
    • pp.17-22
    • /
    • 2009
  • 인증서 없는 공개키 시스템은 기존의 공개키 암호시스템에서 인증서의 필요성을 제거하고 신원 기반 암호시스템에서 키 위탁 문제를 해결하였다. 본 논문에서는 Guo 등과 Wang 등에 의해서 제안된 각각의 인증서 없는 서명 기법들이 공격자 종류 I에 의해 키 대치공격에 취약하다는 것을 보인다. 다시 말해, 서명자의 공개키를 대치할 수 있는 능력을 가진 공격자가 서명자의 비밀키를 알지 못함에도 불구하고 서명을 위조할 수 있음을 보이고 이러한 공격을 방지하기 위한 대응법을 제안한다.

Development and validation of ultra-fast quantitative real-time PCR method to differentiate between Oncorhynchus keta and Oncorhynchus mykiss

  • Min-Ji Park;Han-Cheol Lee;Ji-Young Yang;Jung-Beom Kim
    • 한국식품저장유통학회지
    • /
    • 제30권3호
    • /
    • pp.383-394
    • /
    • 2023
  • The ultra-fast quantitative real-time polymerase chain reaction (qPCR) assay was developed and validated to differentiate the morphologically similar ones, Oncorhynchus keta and Oncorhynchus mykiss. Species-specific primers were designed for the COI genes of mtDNA. The species-specific primers designed for O. keta and O. mykiss were selectively amplified by O. keta and O. mykiss DNA, respectively. The sensitivity of O. keta and O. mykiss primers was 1 ng/μL. Quantitative testing showed that the results met the 'Guidelines on Standard Procedures for Preparing Analysis Method such as Food' proposed by the Ministry of Food and Drug Safety. The qPCR method developed and validated in this study for identifying O. keta and O. mykiss has advantages such as speed and field applicability. Therefore, this method is expected to help control forgery and alteration of raw materials in the seafood industry.