• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.17-31
• /
• 2020

With the rapid development of block chain technology, attempts have been made to put the block chain technology into practical use in various fields such as finance and logistics, and also in the public sector where data integrity is very important. Defense Operations In addition, strengthening security and ensuring complete integrity of the command communication network is crucial for operational operation under the network-centered operational environment (NCOE). For this purpose, it is necessary to construct a command communication network applying the block chain network. However, the block chain technology up to now can not solve the security issues such as the 51% attack. In particular, the Practical Byzantine fault tolerance (PBFT) algorithm which is now widely used in blockchain, does not have a penalty factor for nodes that behave maliciously, and there is a problem of failure to make a consensus even if malicious nodes are more than 33% of all nodes. In this paper, we propose a Adaptive Consensus Bound PBFT (ACB-PBFT) algorithm that incorporates a penalty mechanism for anomalous behavior by combining the Trust model to improve the security of the PBFT, which is the main agreement algorithm of the blockchain.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.31-40
• /
• 2011

Sensor nodes are easily exposed to malicious attackers by physical attacks. The attacker can generate various attacks using compromised nodes in a sensor network. The false report generating application layers injects the network by the compromised node. If a base station has the injected false report, a false alarm also occurs and unnecessary energy of the node is used. In order to defend the attack, a statistical en-route filtering method is proposed to filter the false report that goes to the base station as soon as possible. A path renewal method, which improves the method, is proposed to maintain a detection ability of the statistical en-route filtering method and to consume balanced energy of the node. In this paper, we proposed the secure path cycle method to consume effective energy for a path renewal. To select the secure path cycle, the base station determines through hop counts and the quantity of report transmission by an evaluation function. In addition, three methods, which are statistical en-route filter, path selection method, and path renewal method, are evaluated with our proposed method for efficient energy use. Therefore, the proposed method keeps the secure path and makes the efficiency of energy consumption high.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.377-386
• /
• 2003

In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.471-480
• /
• 2016

Recently, the damage of cyber attack toward infra-system, national defence and security system is gradually increasing. In this situation, military recognizes the importance of cyber warfare, and they establish a cyber system in preparation, regardless of the existence of threaten. Thus, the study of Intrusion Detection System(IDS) that plays an important role in network defence system is required. IDS is divided into misuse and anomaly detection methods. Recent studies attempt to combine those two methods to maximize advantagesand to minimize disadvantages both of misuse and anomaly. The combination is called Hybrid IDS. Previous studies would not be inappropriate for near real-time network environments because they have computational complexity problems. It leads to the need of the study considering the structure of IDS that have high detection rate and low computational cost. In this paper, we proposed a Hybrid IDS which combines C4.5 decision tree(misuse detection method) and Weighted K-means algorithm (anomaly detection method) hierarchically. It can detect malicious network packets effectively with low complexity by applying mutual information and genetic algorithm based efficient feature selection technique. Also we construct upgraded the the hierarchical structure of IDS reusing feature weights in anomaly detection section. It is validated that proposed Hybrid IDS ensures high detection accuracy (98.68%) and performance at experiment section.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.4
• /
• pp.669-676
• /
• 2017

Recently, due to the importance of information security, security vulnerability analysis and various information protection technologies and security systems are being introduced as a countermeasure against cyber-attacks in new as well as existing buildings, and information security studies on high-rise buildings are also being conducted. However, security system introduction and research are generally performed from the viewpoint of general IT systems and security policies, so there is little consideration of the infrastructure of the building. In particular, the BAS or building infrastructure, is a closed system, unlike typical IT systems, but has unique structural features that accommodate open functions. Insufficient understanding of these system structures and functions when establishing a building security policy makes the information security policies for the BAS vulnerable and increases the likelihood that all of the components of the building will be exposed to malicious cyber-attacks via the BAS. In this paper, we propose an architecture reference model that integrates three different levels of BAS structure (from?) different vendors. The architectures derived from this study and the security characteristics and vulnerabilities at each level will contribute to the establishment of security policies that reflect the characteristics of the BAS and the improvement of the safety management of buildings.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.