• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.95-101
• /
• 2016

With the rapid development of Internet and communication network technology, various studies had proceeded to develop the technology of wireless sensor networks. Authentication schemes for user and sensor are critical and important security issue to use wireless sensors legally. First, Das introduce a user authentication scheme using smart card and password for wireless sensor networks, various studies had proceeded. Chem et al. suggested a secure user authentication scheme against smart card loss attack but Chen et al. scheme does not still resolve some security vulnerability such as perfect forward secrecy, session key exposure by gateway node, anonymity, and the password check. To resolve the problems, this paper proposes a security enhanced user authentication using the fuzzy extraction, elliptic curves cryptography and dynamic ID and analyzes the security.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.11
• /
• pp.6845-6848
• /
• 2014

This paper proposes a system design of IDS for detecting and defending against DDoS attacks on a network. The proposed system has three parts; the Alert, Attack Analyzer and Defense agent. When the server resource was reduced too much by incoming traffic, the Alert Agent sends message and traffic information to the Attack Analyzer. The message and traffic to the Attack analyzer include only the sender & receiver address and packet numbers for minimizing the overload of Attack Analyzer. Message Received Attack Analyzer investigates the Message. If the pattern of traffic is the same as the DDoS Style, the Analyzer sends a message to the Defense Agent to block that traffic. In this system, at the serious state of the server-down, the Attack analyzer uncovers the DDoS Attacker and send a message to the Defense Agent to block that traffic. This works for server reactivation as soon as possible.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.90-99
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients' browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, and annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.923-941
• /
• 2017

A side-channel attack is a method of attacking a cipher based on physical information of a cryptographic device. The masking method, which is a typical method overcoming this attack, is a method of calculating an arbitrary masking value at the round intermediate value through rounds. Thus, it is difficult to guess the intermediate value by the side-channel attack, but if the masking operation is applied to all rounds of the encryption algorithm, the encryption process may become overloaded. Therefore, it is practical to use a reduced-round masking technique that applies a masking technique to only a part of the cipher for lightweight equipment such as Internet of Things(IoT) and wearable devices. In this paper, we describe a Hamming weight filtering for SIMON family with reduced-round masking technique and it is shown that first round key recovery is possible through actual programming.

• Journal of Internet Computing and Services
• /
• v.7 no.3
• /
• pp.133-142
• /
• 2006

The purpose of the multiple key agreement protocol is to get efficiency in computational and communicational aspects compared to multiple executions of single key agreement protocol. However ID based tripartite multiple key agreement protocols have been proposed, it is reported that they can not resist unknown key-share attack or impersonation attack. How to design a secure and efficient ID-based authenticated tripartite multiple key agreement scheme to prevent all kinds of attacks remains an open problem. This paper proposes a multiple key agreement scheme combing the existing single key agreement protocol with a key derivation function. The proposed scheme can not only increase computational efficiency compared to the existing multiple key agreement protocol, but can ensure security of the proposed schemes by using a security proofed single key agreement protocol and key derivation function.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.5
• /
• pp.9-17
• /
• 2015

The development of wireless communication technology and change in the ICT market has led to the development of the M2M service and technology. Under these circumstances, the M2M environment has been the focus of communication environment construction between machines without control or direct intervention of human being. With characteristics of wireless communication environment, the possibility of being exposed to numerous security threats and safe communication security technology have becoming an issue an important requirements for problems such as data exposure, forgery, modulation, deletion, and privacy. This research analyzes requirements of trapdoor collision hash, generates keys between groups under the M2M environment by using the specificity of trapdoor, and suggests technology to exchange keys with session keys. Further, it also suggests techniques to confirm authentication of device and gateway in accordance with group key generation. The techniques herein suggested are confirmed as safe methods in that they have attack resistance such as Masquerade Attack, Man-in-the-Middle Attack, and Replay Attack in the group communication block by using the speciality of collision message and collision hash.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.5
• /
• pp.131-137
• /
• 2011

Recently Lin et al. proposed a simple remote user authentication scheme using smart cards. But the proposed scheme has not satisfied security requirements which should be considered in the user authentication scheme using the password based smart card. In this paper, we show that Lin et al.'s scheme is insecure against off-line password guessing attack. In their scheme, any legal user's password may be derived from the password guessing when his/her smart card is stolen and the secret information is leaked from the smart card by an attacker. Accordingly, we demonstrate the vulnerability of their scheme and present an enhancement to resolve such security weakness. Our proposed scheme can withstand various possible attacks including password guessing attack. Furthermore, this improved scheme can provide mutual authentication to improve the security robustness. Performance evaluation shows that the proposed scheme is relatively more effective than Lin et al.'s scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.5
• /
• pp.1726-1743
• /
• 2014

DDoS (Distributed Denial of Service) has been a continuous threat to the cyber world with the growth in cyber technology. This technical evolution has given rise to a number of ultra-sophisticated ways for the attackers to perform their DDoS attack. In general, the attackers who generate the denial of service, use the vulnerabilities of the TCP. Some of the vulnerabilities like SYN (synchronization) flooding, and IP spoofing are used by the attacker to create these Distributed Reflected Denial of Service (DrDoS) attacks. An attacker, with the assistance of IP spoofing creates a number of attack packets, which reflects the flooded packets to an attacker's intended victim system, known as the primary target. The proposed scheme, Efficient Spoofed Flooding Defense (ESFD) provides two level checks which, consist of probing and non-repudiation, before allocating a service to the clients. The probing is used to determine the availability of the requested client. Non-repudiation is taken care of by the timestamp enabled in the packet, which is our major contribution. The real time experimental results showed the efficiency of our proposed ESFD scheme, by increasing the performance of the CPU up to 40%, the memory up to 52% and the network bandwidth up to 67%. This proves the fact that the proposed ESFD scheme is fast and efficient, negating the impact on the network, victim and primary target.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.69-81
• /
• 2008

It has become more difficult to correspond a cyber attack quickly as patterns of attack become various and complex. However, current security mechanism just have passive defense functionalities. In this paper, we propose new network security mechanism to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed mechanism makes it possible to deal effectively with cyber attacks such as IP spoofing, by using active packet technology including a mobile code on active network. Also, it is designed to hove more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5C
• /
• pp.523-531
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients'browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, or annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.