• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.1
• /
• pp.147-169
• /
• 2024

In pace with the development of network technology at lightning speed, social networks have been extensively applied in our lives. However, as social networks retain a large number of users' sensitive information, the openness of this information makes social networks vulnerable to attacks by malicious attackers. To preserve the link privacy of individuals in social networks, an uncertain graph method based on node random response is devised, which satisfies differential privacy while maintaining expected data utility. In this method, to achieve privacy preserving, the random response is applied on nodes to achieve edge modification on an original graph and node differential privacy is introduced to inject uncertainty on the edges. Simultaneously, to keep data utility, a divide and conquer strategy is adopted to decompose the original graph into many sub-graphs and each sub-graph is dealt with separately. In particular, only some larger sub-graphs selected by the exponent mechanism are modified, which further reduces the perturbation to the original graph. The presented method is proven to satisfy differential privacy. The performances of experiments demonstrate that this uncertain graph method can effectively provide a strict privacy guarantee and maintain data utility.

• Journal of Intelligence and Information Systems
• /
• v.17 no.1
• /
• pp.153-169
• /
• 2011

Today using Internet environment is considered absolutely essential for establishing corporate marketing strategy. Companies have promoted their products and services through various ways of on-line marketing activities such as providing gifts and points to customers in exchange for participating in events, which is based on customers' membership data. Since companies can use these membership data to enhance their marketing efforts through various data analysis, appropriate website membership management may play an important role in increasing the effectiveness of on-line marketing campaign. Despite the growing interests in proper membership management, however, there have been difficulties in identifying inappropriate members who can weaken on-line marketing effectiveness. In on-line environment, customers tend to not reveal themselves clearly compared to off-line market. Customers who have malicious intent are able to create duplicate IDs by using others' names illegally or faking login information during joining membership. Since the duplicate members are likely to intercept gifts and points that should be sent to appropriate customers who deserve them, this can result in ineffective marketing efforts. Considering that the number of website members and its related marketing costs are significantly increasing, it is necessary for companies to find efficient ways to screen and exclude unfavorable troublemakers who are duplicate members. With this motivation, this study proposes an approach for managing duplicate membership based on the social network analysis and verifies its effectiveness using membership data gathered from real websites. A social network is a social structure made up of actors called nodes, which are tied by one or more specific types of interdependency. Social networks represent the relationship between the nodes and show the direction and strength of the relationship. Various analytical techniques have been proposed based on the social relationships, such as centrality analysis, structural holes analysis, structural equivalents analysis, and so on. Component analysis, one of the social network analysis techniques, deals with the sub-networks that form meaningful information in the group connection. We propose a method for managing duplicate memberships using component analysis. The procedure is as follows. First step is to identify membership attributes that will be used for analyzing relationship patterns among memberships. Membership attributes include ID, telephone number, address, posting time, IP address, and so on. Second step is to compose social matrices based on the identified membership attributes and aggregate the values of each social matrix into a combined social matrix. The combined social matrix represents how strong pairs of nodes are connected together. When a pair of nodes is strongly connected, we expect that those nodes are likely to be duplicate memberships. The combined social matrix is transformed into a binary matrix with '0' or '1' of cell values using a relationship criterion that determines whether the membership is duplicate or not. Third step is to conduct a component analysis for the combined social matrix in order to identify component nodes and isolated nodes. Fourth, identify the number of real memberships and calculate the reliability of website membership based on the component analysis results. The proposed procedure was applied to three real websites operated by a pharmaceutical company. The empirical results showed that the proposed method was superior to the traditional database approach using simple address comparison. In conclusion, this study is expected to shed some light on how social network analysis can enhance a reliable on-line marketing performance by efficiently and effectively identifying duplicate memberships of websites.

• Journal of Internet Computing and Services
• /
• v.21 no.1
• /
• pp.17-31
• /
• 2020

With the rapid development of block chain technology, attempts have been made to put the block chain technology into practical use in various fields such as finance and logistics, and also in the public sector where data integrity is very important. Defense Operations In addition, strengthening security and ensuring complete integrity of the command communication network is crucial for operational operation under the network-centered operational environment (NCOE). For this purpose, it is necessary to construct a command communication network applying the block chain network. However, the block chain technology up to now can not solve the security issues such as the 51% attack. In particular, the Practical Byzantine fault tolerance (PBFT) algorithm which is now widely used in blockchain, does not have a penalty factor for nodes that behave maliciously, and there is a problem of failure to make a consensus even if malicious nodes are more than 33% of all nodes. In this paper, we propose a Adaptive Consensus Bound PBFT (ACB-PBFT) algorithm that incorporates a penalty mechanism for anomalous behavior by combining the Trust model to improve the security of the PBFT, which is the main agreement algorithm of the blockchain.

• Journal of the Korea Society for Simulation
• /
• v.20 no.3
• /
• pp.69-78
• /
• 2011

A large-scale sensor network usually operates in open and unattended environments, hence individual sensor node is vulnerable to various attacks. Therefore, malicious attackers can physically capture sensor nodes and inject false reports into the network easily through compromised nodes. These false reports are forwarded to the base station. The false report injection attack causes not only false alarms, but also the depletion of the restricted energy resources in a battery powered network. The statistical en-route filtering (SEF) mechanism was proposed to detect and drop false reports en route. In SEF, the choice of routing paths largely affect the energy consumption rate and the detecting power of the false report. To sustain the secure routing path, when and how to execute the path re-selection is greatly need by reason of the frequent network topology change and the nodes's limitations. In this paper, the regional path re-selection period determination method is proposed for efficient usage of the limited energy resource. A fuzzy logic system is exploited in order to dynamically determine the path re-selection period and compose the routing path. The simulation results show that up to 50% of the energy is saved by applying the proposed method.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.151-164
• /
• 2009

The importance of sensor networks as a base of ubiquitous computing realization is being highlighted, and espicially the security is recognized as an important research isuue, because of their characteristics.Several efforts are underway to provide security services in sensor networks, but most of them are preventive approaches based on cryptography. However, sensor nodes are extremely vulnerable to capture or key compromise. To ensure the security of the network, it is critical to develop security Intrusion Detection System (IDS) that can survive malicious attacks from "insiders" who have access to keying materials or the full control of some nodes, taking their charateristics into consideration. In this perper, we design a distributed and adaptive IDS architecture on sensor networks, respecting both of energy efficiency and IDS efficiency. Utilizing a modified HEED algorithm, a clustering algorithm, distributed IDS nodes (dIDS) are selected according to node's residual energy and degree. Then the monitoring results of dIDSswith detection codes are transferred to dIDSs in next round, in order to perform consecutive and integrated IDS process and urgent report are sent through high priority messages. With the simulation we show that the superiorities of our architecture in the the efficiency, overhead, and detection capability view, in comparison with a recent existent research, adaptive IDS.

• Journal of KIISE:Information Networking
• /
• v.36 no.1
• /
• pp.12-23
• /
• 2009

Sensor networks deployed in battlefields to support military operations or deployed in natural habitats to monitor the rare wildlifes must take account of protection of the location of valuable assets(i.e., soldiers or wildlifes) from an adversary or malicious tracing as well as the security of messages in transit. In this paper we propose a routing protocol GSLP(GPSR-based Source-Location Privacy) that is capable of enhancing the location privacy of an active source node(i.e., message-originating node) in the presence of multiple dormant sources(i.e., nodes lying nearby an asset whose location needs to be secured). Extended is a simple, yet scalable, routing scheme GPSR(greedy perimeter stateless routing) to select randomly a next-hop node with a certain probability for randomizing paths and to perform perimeter routing for detouring dormant sources so that the privacy strength of the active source, defined as safety period, keeps enhanced. The simulation results obtained by increasing the number of dormant sources up to 1.0% of the total number of nodes show that GSLP yields increased and nearly invariant safety periods, while those of PR-SP(Phantom Routing, Single Path), a notable existing protocol for source-location privacy, rapidly drop off as the number of dormant sources increases. It turns out that delivery latencies of GSLP are roughly less than two-fold of the shortest path length between the active source and the destination.

• The Journal of the Korea Contents Association
• /
• v.12 no.4
• /
• pp.60-68
• /
• 2012

In recent years, the requirements on the high quality environment monitoring by using the sensor nodes which can handle the multimedia data in WSN have been increased. However, because the volume of multimedia data is tremendous, the limited bandwidth of a wireless channel may incur the bottleneck of a system. To solve such a problem, most of the existing distributed multi-path routing protocols based on multimedia data just focused on overcoming the limited bandwidth in order to enhance the energy efficiency and the transmission rate. However, because the existing methods can not apply a key-based technique to encrypt the multimedia data, they are very weak for the security. In this paper, we propose a secure disjointed multipath routing scheme for multimedia data transmission. Since our proposed scheme divides multimedia data(eg. image) into pixels and sends them through disjointed multipath routing, it can provide security to the whole network without using the key-based method. Our experimental results show that our proposed scheme reduces about 10% the amount of the energy consumption and about 65% the amount of the missed data packets caused by malicious nodes over the existing methods on average.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.31-40
• /
• 2011

Sensor nodes are easily exposed to malicious attackers by physical attacks. The attacker can generate various attacks using compromised nodes in a sensor network. The false report generating application layers injects the network by the compromised node. If a base station has the injected false report, a false alarm also occurs and unnecessary energy of the node is used. In order to defend the attack, a statistical en-route filtering method is proposed to filter the false report that goes to the base station as soon as possible. A path renewal method, which improves the method, is proposed to maintain a detection ability of the statistical en-route filtering method and to consume balanced energy of the node. In this paper, we proposed the secure path cycle method to consume effective energy for a path renewal. To select the secure path cycle, the base station determines through hop counts and the quantity of report transmission by an evaluation function. In addition, three methods, which are statistical en-route filter, path selection method, and path renewal method, are evaluated with our proposed method for efficient energy use. Therefore, the proposed method keeps the secure path and makes the efficiency of energy consumption high.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.59-69
• /
• 2005

Ad hoc network is the network which can be considered without a pre-constructed infrastructure, and a mobile node can join the network freely. However, the participation of the mobile nodes to the ad hoc network brings up much burden of re-computation for new routes, because it leads to losing the connection frequently. And, also, it causes serious security problem to be broadcasted wrong information by the malicious user. Therefore, it needs authentication against the mobile nodes. To make that Possible, we have two methods: single CA and distributed CA. In the case of CA method, the wireless network can be collapsed owing to expose the CA, but still the distributed CA method is a little more safe than previous one because it needs attacks toward a lot of CAs to collapse the network We can consider Secret Share scheme as the method that constructs the distributed CA system, but it is weak when the network size is too large. In this paper, we suggest hierarchical structure for the authentication method to solve this problem, and we will show the results of simulation for this suggestion.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.1
• /
• pp.91-98
• /
• 2010

This paper proposes authority delegation for secure social community creation and mutual authentication scheme between the community members using proxy signature in community-based ubiquitous networks. In community-based ubiquitous network, User's context-awareness information is collected and used to provide context-awareness network service and application service for someone who need it. For the many reason, i.e. study, game, information sharing, business and conference, social community could be created by members of a social group. However, in community-based ubiquitous network, this kind of the context-awareness information could be abused and created by a malicious nodes for attack the community. Also, forgery community could be built up to attack the community members. The proposed scheme using the proxy signature provides a mutual authentication and secure secret key exchange between community members, and supports secure authority delegation that can creates social community. Also, when delegation of signing authority and mutual authentication, this scheme reduces total computation time compared to the RSA signature scheme.