• Journal of the Korea Society of Computer and Information
• /
• v.27 no.7
• /
• pp.17-25
• /
• 2022

Hash functions are widely used for fast equality analysis of video files because of their fixed small output sizes regardless of their input sizes. However, the hash function has the possibility of a hash collision in which different inputs derive the same output value, so there is a problem that different video files may be mistaken for the same file. In this paper, we propose an equality analysis scheme in which different video files always derive different output values using identifier information and double hash. The scheme first extracts the identifier information of an original video file, and attaches it into the end of the original file with a steganography method. Next the scheme calculates two hash output values of the original file and the extended file with attached identifier information. Finally the scheme utilizes the identifier information, the hash output value of the original file, and the hash output value of the extended file for the equality analysis of video files. For evaluation, we implement the proposed scheme into a practical software tool and show that the proposed scheme performs well the equality analysis of video files without hash collision problem and increases the resistance against the malicious hash collision attack.

• Journal of Industrial Convergence
• /
• v.20 no.11
• /
• pp.57-63
• /
• 2022

If ECU data, which is responsible for collecting and processing data such as sensors and signals of automobiles, is manipulated by an attack, it can cause damage to the driver. In this paper, we propose a system that verifies the integrity of automotive ECU data using blockchain. Since the car and the server encrypt data using the session key to transmit and receive data, reliability is ensured in the communication process. The server verifies the integrity of the transmitted data using a hash function, and if there is no problem in the data, it is stored in the blockchain and off-chain distributed storage. The ECU data hash value is stored in the blockchain and cannot be tampered with, and the original ECU data is stored in a distributed storage. Using the verification system, users can verify attacks and tampering with ECU data, and malicious users can access ECU data and perform integrity verification when data is tampered with. It can be used according to the user's needs in situations such as insurance, car repair, trading and sales. For future research, it is necessary to establish an efficient system for real-time data integrity verification.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.7
• /
• pp.143-148
• /
• 2020

Recently, web services have been expanded to various areas with the evolution of cloud environment. Whenever a user accesses a web service, the user's log information is stored in the web server. This log information is used as data to analyze the user's web service tendencies and is also used as important data to track the user's system access when a security problem in the system occurs. Currently, most web servers manage user log information in a centralized manner. When user log information is managed in a centralized manner, it is simple in the side of operation, but has a disadvantage of being very vulnerable to external malicious attacks. In the case of centralized management, user log information stored in the web server can be arbitrarily manipulated by external attacks, and in severe cases, the manipulated information can be leaked. In this case, it not only decreases the trust of the web service, but also makes it difficult to trace the source and cause of the attack on the web server. In order to solve these problems, this paper proposes a new method of managing user log information in a cloud environment by applying blockchain technology as an alternative to the existing centralized log management method. The proposed method can manage log information safely from external attacks because user log information is distributed and stored in blockchain on a private network with cloud environment.

• Journal of the Korea Concrete Institute
• /
• v.20 no.5
• /
• pp.565-572
• /
• 2008

It is a trend to increase safekeeping properties in financial company as the world economy situation has been globalized and advanced. The development of a securable vault door resisting to malicious trespass is needed. Therefore, this study focuses on developing high performance concrete placed at the inside of the vault door, and all materials used in this study is easy to obtain in domestic considering economic competitiveness. The compressive strength over 170 MPa was targeted, and structurally strengthening was also planned in order to resist to over $3,000^{\circ}C$ heating by torch and extreme impact loading by hammer drilling machine. Several types of fibers and reinforcing structures were used in order to resist those external heating and loading. This purpose was required to satisfy UL 608 standard of a vault door. Consequently, the result from this study is expected to be applied to construction field of major facilities, which should guarantee the safety from an external attack such as terror.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.11
• /
• pp.46-52
• /
• 2017

Along with the expansion of areas in which ICT and Internet of Things (IoT) devices are utilized, open source software has recently expanded its scope of applications to include computers, smart phones, and IoT devices. Hence, as the scope of open source software applications has varied, there have been increasing malicious attempts to attack the weaknesses of open source software. In order to address this issue, various secure coding programs have been developed. Nevertheless, numerous vulnerabilities are still left unhandled. This paper provides some methods to handle newly raised weaknesses based on the analysis of histories and patterns of previous open source vulnerabilities. Through this study, we have designed a weaknesses analysis system that utilizes weakness histories and pattern learning, and we tested the performance of the system by implementing a prototype model. For five vulnerability categories, the average vulnerability detection time was shortened by about 1.61 sec, and the average detection accuracy was improved by 44%. This paper can provide help for researchers studying the areas of weaknesses analysis and for developers utilizing secure coding for weaknesses analysis.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.4
• /
• pp.226-238
• /
• 2010

OpenSSL is an open-source library implementing SSL that is a secure communication protocol. However, the library has a severe vulnerability that its security information can be easily exposed to malicious software when the library is used in a form of shared library on Linux and UNIX operating systems. We propose a scheme to attack the vulnerability of the OpenSSL library. The scheme injects codes into a running client program to execute the following attacks on the vulnerability in a SSL handshake. First, when a client sends a server a list of cryptographic algorithms that the client is willing to support, our scheme replaces all algorithms in the list with a specific algorithm. Such a replacement causes the server to select the specific algorithm. Second, the scheme steals a key for data encryption and decryption when the key is generated. Then the key is sent to an outside attacker. After that, the outside attacker decrypts encrypted data that has been transmitted between the client and the server, using the specified algorithm and the key. To show that our scheme is realizable, we perform an experiment of collecting encrypted login data that an ftp client using the OpenSSL shared library sends its server and then decrypting the login data.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.1
• /
• pp.32-39
• /
• 2017

Recently, usage of mobile cloud services has been increasing. In particular, beyond the constraints of a single cloud computing service, studies on the multi-cloud have been actively pursued. A user must authenticate multiple cloud service providers to use additional cloud services in a multi-cloud. In previous studies, an authentication method using single sign-on (SSO) was not available in all cloud services. Cloud services will not be available when the SSO server is not available due to malicious attacks, because all authentication is done via the SSO server. Additionally, using a broker, there is a vulnerability that can expose authentication information for the service provider to a user who did not sign up. In this paper, we propose a secure user authentication protocol using biometric authentication that does not expose user information when using additional cloud services. The proposed protocol can use a single biometric authentication for multi-cloud services without storing authentication information in each cloud service. In terms of key stability (to ensure stability through the key agreement process and the key area), by disabling various attack methods, such as man-in-the-middle attacks and replay attacks, we provide secure mobile cloud services.

• Journal of Broadcast Engineering
• /
• v.19 no.3
• /
• pp.342-354
• /
• 2014

This paper deals with digital watermarking methods to protect ownership of image with targeting the ultra-high multi-view or free-view image service in which an arbitrary viewpoint image should be rendered at the user side. The main purpose of it is not to propose a superior method to the previous methods but to show how difficult to construct a watermarking scheme to overcome the viewpoint translation attack. Therefore we target the images with various attacks including viewpoint translation. This paper first shows how high the error rate of the extracted watermark data from viewpoint-translated image by basic schemes of the method using 2DDCT(2D discrete cosine transform) and the one using 2DDWT(2D discrete wavelet transform), which are for 2D image. Because the difficulty in watermarking for the viewpoint-translated image comes from the fact that we don't know the translated viewpoint, we propose a scheme to find the translated viewpoint, which uses the image and the corresponding depth information at the original viewpoint. This method is used to construct the two non-blind watermarking methods to be proposed. They are used to show that recovery of the viewpoint affect a great deal of the error rate of the extracted watermark. Also by comparing the performances of the proposed methods and the previous ones, we show that the proposed ones are better in invisibility and robustness, even if they are non-blind.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.17-31
• /
• 2020

With the rapid development of block chain technology, attempts have been made to put the block chain technology into practical use in various fields such as finance and logistics, and also in the public sector where data integrity is very important. Defense Operations In addition, strengthening security and ensuring complete integrity of the command communication network is crucial for operational operation under the network-centered operational environment (NCOE). For this purpose, it is necessary to construct a command communication network applying the block chain network. However, the block chain technology up to now can not solve the security issues such as the 51% attack. In particular, the Practical Byzantine fault tolerance (PBFT) algorithm which is now widely used in blockchain, does not have a penalty factor for nodes that behave maliciously, and there is a problem of failure to make a consensus even if malicious nodes are more than 33% of all nodes. In this paper, we propose a Adaptive Consensus Bound PBFT (ACB-PBFT) algorithm that incorporates a penalty mechanism for anomalous behavior by combining the Trust model to improve the security of the PBFT, which is the main agreement algorithm of the blockchain.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.31-40
• /
• 2011

Sensor nodes are easily exposed to malicious attackers by physical attacks. The attacker can generate various attacks using compromised nodes in a sensor network. The false report generating application layers injects the network by the compromised node. If a base station has the injected false report, a false alarm also occurs and unnecessary energy of the node is used. In order to defend the attack, a statistical en-route filtering method is proposed to filter the false report that goes to the base station as soon as possible. A path renewal method, which improves the method, is proposed to maintain a detection ability of the statistical en-route filtering method and to consume balanced energy of the node. In this paper, we proposed the secure path cycle method to consume effective energy for a path renewal. To select the secure path cycle, the base station determines through hop counts and the quantity of report transmission by an evaluation function. In addition, three methods, which are statistical en-route filter, path selection method, and path renewal method, are evaluated with our proposed method for efficient energy use. Therefore, the proposed method keeps the secure path and makes the efficiency of energy consumption high.