• Journal of Communications and Networks
• /
• v.14 no.1
• /
• pp.104-110
• /
• 2012

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.853-856
• /
• 2013

최근 클라우드 서비스가 발전함에 따라 향상된 자원 활용과 소프트웨어 이식성을 증가시키기 위한 하드웨어 가상화 기술 또한 성장하고 있다. 가상화의 특성상 이를 구동하고 관리하는 시스템 관리자가 메모리, 하드디스크 드라이브와 같은 컴퓨팅 리소스에 접근할 수 있다. 관리자에 의한 Cold-boot Attack이나 내부 명령어를 통해서 메모리 상의 데이터가 유출될 수 있으므로 개인정보와 기밀문서와 같은 민감한 데이터의 노출 위험이 발생한다. C. Li 등은 Guest OS의 가상 메모리 기본 단위인 페이지를 암호화하여 관리자에게 메모리 상의 데이터가 노출되지 않도록 막는 기법을 제안하였다. 하지만 페이지 암호화에 사용되는 키를 하이퍼바이저상에서 구하는 과정에서 키가 노출된다는 문제점이 발생한다. 본 논문에서는 내부자 공격에 안전한 가상 머신 프레임워크를 제안한다. IOMMU(Input/Output Memory Management Unit)를 사용하여 직접 하드웨어 디바이스에 접근 가능한 Guest OS를 생성하고 TPM(Trusted Platform Module) 가상화를 사용하여 시스템 관리자가 알 수 없도록 암호 키를 생성/관리한다. 하이퍼바이저는 이 암호 키를 사용하여 Guest OS의 페이지를 암호화한다. 이를 통해 관리자에게 키를 노출하지 않고 Guest OS 메모리 상의 데이터를 보호할 수 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4508-4530
• /
• 2021

Today distributed data storage service are being widely used. However lack of proper means of security makes the user data vulnerable. In this work, we propose a Randomized Block Size (RBS) model for secure data storage in distributed environments. The model work with multifold block sizes encrypted with the Chinese Remainder Theorem-based RSA (C-RSA) technique for end-to-end security of multimedia data. The proposed RBS model has a key generation phase (KGP) for constructing asymmetric keys, and a rand generation phase (RGP) for applying optimal asymmetric encryption padding (OAEP) to the original message. The experimental results obtained with text and image files show that the post encryption file size is not much affected, and data is efficiently encrypted while storing at the distributed storage server (DSS). The parameters such as ciphertext size, encryption time, and throughput have been considered for performance evaluation, whereas statistical analysis like similarity measurement, correlation coefficient, histogram, and entropy analysis uses to check image pixels deviation. The number of pixels change rate (NPCR) and unified averaged changed intensity (UACI) were used to check the strength of the proposed encryption technique. The proposed model is robust with high resilience against eavesdropping, insider attack, and chosen-plaintext attack.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.01a
• /
• pp.115-118
• /
• 2019

무선 센서 네트워크(Wireless Sensor Network)는 낮은 배터리, 짧은 통신거리 등의 제한된 센서들의 성능에 기인하여 내부자공격(insider attacks)에 취약한 것으로 알려져 있는데, 내부자 공격에 대응하기 위한 대표저인 방법으로 노드들의 행위 관찰하여 신뢰도를 평가하고 낮은 신뢰도를 갖는 노드들을 제거하는 신뢰메커니즘(Trust Mechanism: TM)이 있다. TM은 평가노드 자신의 직접관찰 정보뿐만 아니라 이웃노드의 간접관찰 정보를 함께 고려하도록 발전되어 왔는데, False-Praise 공격은 의도적으로 거짓 관찰 정보를 평가노드에게 제공하여 TM의 신뢰도 평가 프로세스의 신뢰성을 훼손하는 지능적 공격이다. 본 논문에서는 False-Praise 공격에 대응을 위한 합의 알고리즘을 기반의 개선된 TM 제안하고, 실험을 통해 제안 체계의 성능과 효과를 검증한다.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.77-85
• /
• 2018

With the convergence of communications network between control system and public network, such threats like information leakage/falsification could be fully shown in control system through diverse routes. Due to the recent diversification of security issues and violation cases of new attack techniques, the security system based on the information database that simply blocks and identifies, is not good enough to cope with the new types of threat. The current control system operates its security system focusing on the outside threats to the inside, and it is insufficient to detect the security threats by insiders with　the authority of security access. Thus, this study conducted the importance analysis based on the main event log list of "Spotting the Adversary with Windows Event Log Monitoring" announced by NSA. In the results, the matter of importance of event log for the detection of insider threats to control system was understood, and the results of this study could be contributing to researches in this area.

• The Journal of the Korea Contents Association
• /
• v.19 no.12
• /
• pp.313-320
• /
• 2019

One of the causes of many damage cases that occur today by hacking attack is social engineering attack. The attacker is usually a malicious traitor or an ignorant insider. As a solution, we are strengthening security training for all employees in the organization. Nevertheless, there are frequent situations in which computers are shared. In this case, the person in charge of the computer has difficulty in tracking and responding when a specific representative accessed and what a specific representative did. In this paper, we propose the method that the person in charge of the computer tracks in real time through the smartphone when a representative access the computer, when a representative access offline using hacked or shared authentication. Also, we propose a method to prevent the leakage of important information by encrypting and backing up important files of the PC through the smartphone in case of abnormal access.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1131-1141
• /
• 2013

Most of the single server model of cloud computing services have problems that are hard to solve, such as a service availability, insider attack, and vendor lock-in, etc. To solve these problems, the research about multicloud has emerged. Multicloud model can supplement previous cloud model's weakness and provides new services to user. In this paper, we focus on a user authentication problem in multicloud model and propose a scheme to resolve it. We define a cloud broker-based multicloud model. And we propose an authentication protocol that is applicable at presented model. The proposed scheme can provide service transparency to user and prevent an impersonation attack by service provider.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.139-145
• /
• 2016

Recently, The attack on the USB and network are increasing in many domestic infrastructure. These attacks are the most independent of insider intention, caused by the Anthropogenic Manipulation. These attacks are Anthropogenic Response Measures for Physical Security. and Representative Technology has CCTV, Access Control System, Sensor Technology. However, Physical Security, it is represented by several Product family according to the Market, has become an obstacle but rather a variety of Physical Security Technology Development and Application. As the Anthropogenic Attacks have occur continually in the network, it need to the proper Physical Response Techniques in this situation. Therefore, In this paper, we will find out about the awareness and demand trends of Physical Security. And The Physical Vulnerable Factors of Network. Thereby this is expected to be utilized as a basis for the domestic Physical Security Technology development and deployment Road-map in a future.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4C
• /
• pp.197-206
• /
• 2011

In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.11
• /
• pp.503-510
• /
• 2013

Recently, the rapid development of network technology has enabled people to use various services on the internet. However, the existing password-based user authentication system used in the internet environment requires a password table, which is a potential security threat as it could be leaked by an insider. To solve this issue, remote user authentication methods that do not require a user password table have been proposed. Regarding remote user authentication using a smart card in particular, various methods have been suggested to reduce expenses and to improve stability and efficiency, but the possibility of impersonation attacks and password-guessing attacks using information saved in a user's smart card still exist. Therefore, this study proposes a remote user authentication method that can safeguard against impersonation attacks and password guessing attacks, by analyzing weak points of conventional methods and creating a smart card's ID and password that are based on the user's ID and password.