• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.56-62
• /
• 2021

The surge in generic attacks execution against cipher text on the computer network has led to the continuous advancement of the mechanisms to protect information integrity and confidentiality. The implementation of explicit decision tree machine learning algorithm is reported to accurately classifier generic attacks better than some multi-classification algorithms as the multi-classification method suffers from detection oversight. However, there is a need to improve the accuracy and reduce the false alarm rate. Therefore, this study aims to improve generic attack classification by implementing two hybridized decision tree algorithms namely Naïve Bayes Decision tree (NBTree) and Logistic Model tree (LMT). The proposed hybridized methods were developed using the 10-fold cross-validation technique to avoid overfitting. The generic attack detector produced a 99.8% accuracy, an FPR score of 0.002 and an MCC score of 0.995. The performances of the proposed methods were better than the existing decision tree method. Similarly, the proposed method outperformed multi-classification methods for detecting generic attacks. Hence, it is recommended to implement hybridized decision tree method for detecting generic attacks on a computer network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1261-1269
• /
• 2017

Feistel Networks are one of the most well-known schemes to design block ciphers. Generalized Feistel Networks are used to construct only block ciphers but also hash functions. Many generic attacks on Feistel schemes have been studied. Among these attacks, recently proposed meet-in-the-middle attacks are one of the most effective attacks. In this paper, we analyze the security of meet-in-the-middle attacks on generalized Feistel Networks.

• Journal of Communications and Networks
• /
• v.12 no.4
• /
• pp.382-394
• /
• 2010

Cross-domain event information sharing is a topic of great interest in the area of event based network management. In this work we use data sets which represent actual attacks in the operational Internet. We analyze the data sets to understand the dynamics of the attacks and then go onto show the effectiveness of sharing incident related information to contain these attacks. We describe universal data acquisition system for event based management (UniDAS), a novel system for secure and automated cross-domain event information sharing. The system uses a generic, structured data format based on a standardized incident object description and exchange format (IODEF). IODEF is an XML-based extensible data format for security incident information exchange. We propose a simple and effective security model for IODEF and apply it to the secure and automated generic event information sharing system UniDAS. We present the system we have developed and evaluate its effectiveness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.169-177
• /
• 2003

We establish the security requirements and derive a generic condition of elliptic curve scalar multiplication to resist against DPA and Goubin’s attack. Also we show that if a scalar multiplication algorithm satisfies our generic condition, then both attacks are infeasible. Showing that the randomized signed scalar multiplication using Ha-Moon's receding algorithm satisfies the generic condition, we recommend the randomized signed scalar multiplication using Ha-Moon's receding algorithm to be protective against both attacks. Also we newly design a random recoding method to Prevent two attacks. Finally, in efficiency comparison, it is shown that the recommended method is a bit faster than Izu-Takagi’s method which uses Montgomery-ladder without computing y-coordinate combined with randomized projective coordinates and base point blinding or isogeny method. Moreover. Izu-Takagi’s method uses additional storage, but it is not the case of ours.

• ETRI Journal
• /
• v.45 no.3
• /
• pp.365-378
• /
• 2023

ARIA is a block cipher proposed by Kwon et al. at ICISC 2003 that is widely used as the national standard block cipher in the Republic of Korea. Herein, we identify some flaws in the quantum rebound attack on seven-round ARIA-DM proposed by Dou et al. and reveal that the limit of this attack is up to five rounds. Our revised attack applies to not only ARIA-DM but also ARIA-MMO and ARIA-MP among the PGV models, and it is valid for all ARIA key lengths. Furthermore, we present dedicated quantum rebound attacks on seven-round ARIA-Hirose and ARIA-MJH for the first time. These attacks are only valid for the 256-bit key length of ARIA because they are constructed using the degrees of freedom in the key schedule. All our attacks are faster than the generic quantum attack in the cost metric of the time-space tradeoff.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.9 no.2 s.25
• /
• pp.143-151
• /
• 2006

This paper investigates effects of reaction control jet on the aerodynamic performance of generic interceptor missile operating at supersonic flight condition. Parallelized CFDS code is used as a viscous flow solver. The generic interceptor missile configuration composed of a long and slender body and fixed tail fins. The behavior of normal force, axial force and pitching moment characteristics at altitude conditions corresponding to 10 km is studied according to the given control jet conditions, different angle of attacks based on the analysis of aerodynamic characteristics.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.4
• /
• pp.1538-1552
• /
• 2021

Machine learning models are vulnerable to adversarial examples generated by adding a deliberately designed perturbation to a benign sample. Particularly, for automatic speech recognition (ASR) system, a benign audio which sounds normal could be decoded as a harmful command due to potential adversarial attacks. In this paper, we focus on the countermeasures against audio adversarial examples. By analyzing the characteristics of ASR systems, we find that frame offsets with silence clip appended at the beginning of an audio can degenerate adversarial perturbations to normal noise. For various scenarios, we exploit frame offsets by different strategies such as defending, detecting and hybrid strategy. Compared with the previous methods, our proposed method can defense audio adversarial example in a simpler, more generic and efficient way. Evaluated on three state-of-the-arts adversarial attacks against different ASR systems respectively, the experimental results demonstrate that the proposed method can effectively improve the robustness of ASR systems.

• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.73-79
• /
• 2008

Nowadays, all over the world's banks use internet banking through various authentication methods. Although there are strong authentication methods using OTP (One Time Password), there still has vulnerability from sophisticated attacks such as MITM (Man In The Middle). This letter proposes signing-based authentication protocol that copes with attacks, such as MITB (Man In The Browser), and provides non-repudiation function. The protocol shows generic method to prevent the sophisticated attacks through connecting advantages from OTP and PKI (Public Key Infrastructure) certificate, and that can be deployed to various extended form in internet banking.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.6
• /
• pp.201-208
• /
• 2010

The classical iterated hash function is vulnerable to a multi-collision attack. Gauravaram et al. proposed 3C and 3C+ hash functions, in which an accumulation chain is added to usual Merkle-Damgard changing. Their goal is to design composition schemes resistant to generic attacks of Joux's type, but Joscak and Tuma have shown that 3C and 3C+ schemes are not better than Merkle-Damgard scheme in term of security against multi-collision attacks under some mild assumptions. In this dissertation, in order to increase security of 3C hash function, we proposed secure double pipe hash function which was effectively using XOR and XNOR operations per blocks of message. We seek to improve on the work of Lucks in a way. Proposed secure double pipe hash function takes resistance to multi-block collision, fixed point and pre-image attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.4C
• /
• pp.451-457
• /
• 2006

A peer-to-peer(P2P) network is inherently vulnerable to malicious attacks from participating peers because of its open, flat, and autonomous nature. This paper addresses the problem of effectively defending from active attacks of malicious peers at bootstrapping phase and at online phase, respectively. We propose a secure membership handling protocol to protect the assignment of ID related things to a newly joining peer with the aid of a trusted entity in the network. The trusted entities are only consulted when new peers are joining and are otherwise uninvolved in the actions of the P2P networks. For the attacks in online phase, we present a novel message structure applied to each message transmitted on the P2P overlay. It facilitates the detection of message alteration, replay attack and a message with wrong information. Taken together, the proposed techniques deter malicious peers from cheating and encourage good peers to obey the protocol of the network. The techniques assume a basic P2P overlay network model, which is generic enough to encompass a large class of well-known P2P networks, either unstructured or not.