• Smart Media Journal
• /
• v.8 no.3
• /
• pp.9-16
• /
• 2019

Apple provides its own protocol, the Bonjour protocol, for convenient file transmission and reception between device. Airdrop is a Bonjour-based, representative service that is widely used as a simple data transmission/reception protocol for Apple's desktops, laptops and smartphones. However, it was demonstrated in Black Hat, a hacking security conference in 2016, that it is possible to commence a Man-in-the-Middle attack by exploiting the Bonjour protocol's weak points. In this paper, we explain the Bonjour protocol's such vulnerability for secure file transmission/reception between devices and propose an ECDH (Elliptic Curve Diffie-Hellman) based authentication protocol to enhance the protocol's security. The proposed protocol is described along with detailed operational procedures, demonstrating that it is possible to reduce the possibility of Man-in-the-Middle attack and its masquerade variant.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.6
• /
• pp.693-697
• /
• 2010

In current e-commerce system, it happens that client's confidential information such as credit card numbers, pin numbers, or digital certificate may pass through a web proxy server or an altered proxy server without client's awareness. Even though the confidential information is encrypted and sent through SSL(Secure Sockets Layer) or TLS(Transport Layer Security) protocol, it can be exposed to the risk of sniffing by the digital certificate forgery at the proxy server, which is called the SSL MITM(Man-In-The-Middle) Proxy attack. In this paper, current credit card web-payment systems, which is weak at proxy information alternation attack, are analyzed. A resolution with certificate proxy server is also proposed to prevent the MITM attack.

• Journal of KIISE:Information Networking
• /
• v.31 no.4
• /
• pp.405-413
• /
• 2004

Design an efficient and secure electronic payment system is important for M-Commerce. In this paper, we propose an efficient Micro-Payment Protocol that allows multiple transactions using ID-based public key cryptosystem. Current PayWord system requires to generate certificate of the vendor for each transaction. In this paper, we use a session key instead of certificate key generated by Weil Pairing which use an Elliptic Curve Cryptosystem over finite field $F_q$ for transactions Therefore, it is more secure in Known key attacks as well as Man-in-the-middle attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.151-155
• /
• 2006

In 2005, Yong and Lee proposed a buyer-seller fingerprinting protocol using symmetric and commutative encryptions. They claimed that their protocol was practical and anonymous since they used symmetric and commutative encryptions. However, an attacker can get the content embedded with one or more honest buyers' fingerprints using man-in-the-middle attack. In this letter, we point out the weakness and propose methods for improving to their protocol.

• 제어로봇시스템학회:학술대회논문집
• /
• 1988.10a
• /
• pp.518-523
• /
• 1988

A Teaching and Operating Expert System (TOES) was designed in order to perform a task effectively which is inaccessible to man. Once an error occurs in the middle of the task operation, the automatic mode is converted into a manual mode. After recovering the error by the manual mode, the manual mode should be converted into the automatic mode. It was necessary to improve the manual mode in order to increase the availability of a man-robot system, a part of the human interface technique. Therefore, the Error Recovery Expert System must be constructed and developed.

• Nuclear Engineering and Technology
• /
• v.50 no.5
• /
• pp.780-787
• /
• 2018

This article presents a security module based on a field programmable gate array (FPGA) to mitigate man-in-the-middle cyber attacks. Nowadays, the FPGA is considered to be the state of the art in nuclear power plants I&C systems due to its flexibility, reconfigurability, and maintainability of the FPGA technology; it also provides acceptable solutions for embedded computing applications that require cybersecurity. The proposed FPGA-based security module is developed to mitigate information-gathering attacks, which can be made by gaining physical access to the network, e.g., a man-in-the-middle attack, using a cryptographic process to ensure data confidentiality and integrity and prevent injecting malware or malicious data into the critical digital assets of a nuclear power plant data communication system. A model-based system engineering approach is applied. System requirements analysis and enhanced function flow block diagrams are created and simulated using CORE9 to compare the performance of the current and developed systems. Hardware description language code for encryption and serial communication is developed using Vivado Design Suite 2017.2 as a programming tool to run the system synthesis and implementation for performance simulation and design verification. Simple windows are developed using Java for physical testing and communication between a personal computer and the FPGA.

• Journal of Fashion Business
• /
• v.1 no.2
• /
• pp.20-30
• /
• 1997

The purpose of this study is to examine the influence of European middle class, ethos to costume. This study is concerned with historic situation about enlightment and French revolution, and the change process of costume before and after the French Revolution. In order to investigate the relationship, this studies include the phenomenon of costume in the basis of thoughts of the age (enlightment), political event (French revolution) and social system (middle classes). The Influence of enlightment to costume of man and children were which emphasized practical aspect. Children costume was developed independently from costume of adult before French revolution. French revolution played a roll in silhouette, color, texture of costume for man. Especially pantalons which names Sans-culotte generalized as modern clothing for man. Women freed from corset because of the influence of neo-classicism for a while. However, costume of woman did not change much because women were excluded from of enlightment.

• Journal of Korean Public Health Nursing
• /
• v.21 no.2
• /
• pp.230-240
• /
• 2007

Purpose: To identify bullying tendencies among elementary, middle, and high school students. Method: A descriptive study was conducted with 911 participating students. Data were collected using three, self-administered questionnaires that had been modified by the investigator. The data were analyzed by the SPSS Win 10.0 program using descriptive statistics, ANOVA. Result: The level of bullying was significantly different among elementary school, middle school and high school students. Middle school students were higher than elementary and high school students. In subtypes of bullying, language type was higher than alienation and physical damage types in elementary, middle and high school students. The methods to resolve a bullying situation are for the victim to 'speak to parents' in elementary school students, but 'bear alone' in middle school and highschool students. The answer to the question 'how many of your friends have been the victim of bullying' was 3-8 friends'. The reason for being a bully victim was 'because they pretend to be a superior man'. Conclusion: Although much research has been conducted in this area, further study among elementary, middle and high school students needs to be conducted. Furthermore, a variety of programs for preventing bullying among elementary, middle and highschool students should be developed.

• Journal of The Korean Association For Science Education
• /
• v.23 no.2
• /
• pp.117-130
• /
• 2003

The study is to analyze the middle school-science parts among the products of nation-wide science exhibition for eleven years recently and the results of compared to the content of science-textbooks of middle school. The number of observation in the student parts among the products of nation-wide science exhibition was the highest in all methods studied, whereas, most teachers surveyed experiments in their products. The mean Shannon's diversity index (DI) was same trend for students and teachers. There was a non-significant difference of the methods in students and teacher groups according to years and the association between students and teachers were closely connected with methods. The correlation between the content of students' products and texts of middle-school was highly positive for earth science, chemistry, and biology, whereas physics showed negative correlation.

• Convergence Security Journal
• /
• v.11 no.1
• /
• pp.33-38
• /
• 2011

Current IEEE 802.11 standard is very vulnerable that between the AP and STA authentication and security mechanisms is widely known. Therefore, IEEE has proposed security architecture RSN (Robust Security Network) for 802.11. RSN is used the access control, authentication, and key management based on the IEEE 802.1X standard. In this paper, IEEE 802.1X or 802.11 a combination of several models proposed for the vulnerability, and session hijacking or MiM (Man-in the-Middle) attacks to respond, the authentication mechanism Was designed to the access control between the STA and the AP.