• Journal of the Korea Society of Computer and Information
• /
• v.18 no.8
• /
• pp.95-104
• /
• 2013

DDoS attacks have became as a social threat since 2009 7.7 DDoS turmoil. Even though defence techniques have been developing to provide against those threats, they become much more sophisticate. In recent years, the attack form of DDoS is changing from high amount of traffic attack of network layers to highly sophisticate small amount of application layers. To make matters worse, attack agent for the attack has became very intelligent so that it is difficult to be blocked since it can't be distinguished from normal PCs. In the user authentication system(such as CAPTCHA) User intervention is required to distinguish normal PCs and intelligent attack agents and in particular, in a NAT environment, IP-based blocking method can be cut off the normal users traffic at the same time. This research examined defense techniques which are able to distinguish between agent and normal PC and effectively block ways the HTTP DDoS offense applying one-time session key based authentication method using Cookie which is used in HTTP protocol to protect web sever from sophisticate application layer of DDoS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.951-958
• /
• 2021

With the growing cyber threat to information assets, it has become important to share threat information quickly. This paper examines the sharing of cyber threat information and presents a method to determine the importance of threat indicators in the information sharing market by calculating weights. The analysis was conducted using AHP techniques, with a pairwise comparison of the four factors(attacker & infected system indicators, role indicators, malicious file indicators, technique & spread indicators) and the details of each factor. Analysis shows that malicious file indicators are the most important among the higher evaluation factors and infected system IP, C&C and Smishing are the most important factors in comparison between detailed items. These findings could be used to measure the preference of consumers and the contribution of information provider for facilitating information sharing.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.6
• /
• pp.539-544
• /
• 2020

The research is on progressing to operate digital door lock with the method to guarantee the security and safety in the meantime to use digital door lock conveniently using Internet of Things (IoT) standardizing various service providing technology using IoT in home network currently. In this study, compose home network interconnecting Raspberry-PI and web server reflection this trend and composed the system to control the door lock after connect Arduino substituting converter function. Making Raspberry-PI using dynamic IP address using existing open source easily maintain DNS information and possible to connect internet network in home network ethernet and finally, making the smartphone can control door lock remotely entering designated address after connect the internet. The connection between home network and Arduino is executed by Raspberry-PI and bluetooth pairing as 1:1 and make random user's access to be impossible. Especially, to make open/close the door lock with smartphone not by using password on the keypad or using RFID card is judged as the method increasing the security make random user's access to be impossible and also increased the usefulness making remote control to be possible.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.97-107
• /
• 2004

This paper presents an System-on-Chip(SoC) implementation of fingerprint feature extraction system. Typical fingerprint feature extraction systems employ binarization and thinning processes which cause many extraction errors for low qualify fingerprint images and degrade the accuracy of the entire fingerprint recognition system. To solve these problems, an algorithm directly following ridgelines without the binarization and thinning process has been proposed. However, the computational requirement of the algorithm makes it hard to implement it on SoCs by using software only. This paper presents an implementation of the ridge-following algorithm onto SoCs. The algorithm has been modified to increase the efficiency of hardwares. Each function block of the algorithm has been implemented in hardware or in software by considering its computational complexity, cost and utilization of the hardware, and efficiency of the entire system. The fingerprint feature extraction system has been developed as an IP for SoCs, hence it can be used on many kinds of SoCs for smart cards.

• Journal of Internet of Things and Convergence
• /
• v.7 no.1
• /
• pp.71-77
• /
• 2021

As the IOT technology has developed, it becomes more big issues about IOT device security. An account management is a nerve-in-the-box routine job for the system administrator and users who manage the several hundreds IOT devices(IP camera, Home IOT, the various measuring equipment). This study is to propose the account management system by the hierarchical design and it is efficient for the user to manipulate the account management. The designed system supports 6 functions for the account management and apply the advanced technologies for the existed system. After the performance of the designed system is validated successfully by the authoritative test, the designed system is applied for the relative fields. And it is on going for the development of the smart account management system by applying the AI technique.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.1
• /
• pp.122-133
• /
• 1999

Uses can share information and use resources effectively by using TCP/IP-based networks. So, a protocol to manage complex networks effectively is needed. For the management of the distributed networks, the SNMP(Simple Network Management Protocol) has been adopted as an international standard in 1989, and the SNMPv2 in which a security function was added was published in 1993. There are two encryption schemes in SNMPv2, the one is a DES using symmetric encryption scheme and the other is a MD5(Message Digest5) hash function for authentication. But the DES has demerits that a key length is a few short and the encryption and the authentication is executed respectively. In order to solve these problems, wer use a RSA cryptography in this paper. In this paper, we examine the items related with SNMP. In addition to DES and MD5 propose in SNMPv3, we chance security functionality by adopting RSA, a public key algorithm executing the encryption and the authentication simultaneously. The proposed SNMPv3 security module is written in JAVA under Windows NT environment.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.113-120
• /
• 2018

Today, the development of information and communication technology is rapidly increasing the number of users of network-based service, and enables real-time information sharing among users on the Internet. There are various methods in the information sharing process, and information sharing based on portal service is generally used. However, the process of information sharing serves as a cause of illegal activities in order to amplify the social interest of the relevant stakeholders. Public opinion attack using macro function can distort normal public opinion, so security measures are urgent. Therefore, security measures are urgently needed. Macro attacks are generally defined as attacks in which illegal users acquire multiple IP or ID to manipulate public opinion on the content of a particular web page. In this paper, we analyze network path information based on traceback for macro attack of a specific user, and then detect multiple access of the user. This is a macro attack when the access path information for a specific web page and the user information are matched more than once. In addition, when multiple ID is accessed for a specific web page in the same region, it is not possible to distort the overall public opinion on a specific web page by analyzing the threshold count value.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.63-69
• /
• 2017

In the early 1990s, IETF(Internet Engineering TaskForce) had started the discussion on new address protocol that can modify and supplement various drawbacks of existing IPv4 address protocol with the introduction of CIDR(Classless Inter-Domain Routing) which is a temporary solution for IPv4 address depletion, NAT, private IP address. While various standards related to new address protocol has been proposed, the SIPP(Simple Internet Protocol Plus) was adopted among them because it is regarded as the most promising solution. And this protocol has been developed into current IPv6. The new concepts are introduced with modifying a lot of deficiencies in the exisitng IPv4 such as real-time data processing, performance on QoS, security and the efficiency of routing. Since many security threats in IPv6 environment still exist, the necessity of stable data communication environment has been brought up continuously. This paper deveopled one-way communication algorithm in IPv6 based on the high possibility of protecting the system from uncertain and potential risk factors if the data is transmitted in one way. After the analysis of existing IPv6 and ICMPv6, this paper suggests one-way communication algorithm as a solution for existing IPv6 and ICMPv6 environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.36-46
• /
• 2019

The number of hosts connected to the Internet has increased dramatically, introducing the Domain Name System(DNS) in 1984. DNS is now an important key point for all users of the Internet by allowing them to use a convenient character address without memorizing a series of numbers of complex IP address. However, relative to the importance of DNS, there still exist many problems such as the authorization allocation issue, the disputes over public registration, security vulnerability such as DNS cache poisoning, DNS spoofing, man-in-the-middle attack, DNS amplification attack, and the need for many domain names in the age of hyper-connected networks. In this paper, to effectively improve these problems of existing DNS, we proposed a method of implementing DNS using distributed ledger technology, blockchain, and implemented using a Ethereum-based platform. In addition, the qualitative analysis performance comparative evaluation of the existing domain name registration and domain name server was conducted, and conducted security assessments on the proposed system to improve security problem of existing DNS. In conclusion, it was shown that DNS services could be provided high security and high efficiently using blockchain.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.6
• /
• pp.599-603
• /
• 2016

Recently the wireless LAN system is substituting wired LAN system notably as the number of mobile users increases greatly along the advancement of technology. But the wireless LAN has a critical weakness in the security such as data leakage. Thus a safe security system is imperative to avoid threatening from hackers with offering the best convenience to inner users. In this research, we have developed a RADIUS wireless LAN security system for industrial applications, which performs the EAP authentication with the compatibility for any maker of wireless LAN. The system has interfaces based on WEB, providing DB access function for user management so that users can perform authentication of 802.1x in their computers.