• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.434-437
• /
• 2010

NIPS(Network Intrusion Prevention System) is in line at the end of the external and internal networks which performed two kinds of action: Signature-based filtering and anomaly detection and prevention-based on self-learning. Among them, a signature-based filtering is well known to defend against attacks. By using signature-based filtering, intrusion prevention system passing a payload of packets is compared with attack patterns which are signature. If match, the packet is discard. However, when there is packet delay, it will increase the required pattern matching time as the number of signature is increasing whenever there is delay occur. Therefore, to ensure the performance of IPS, we needed more efficient pattern matching algorithm for high-performance ISP. To improve the performance of pattern matching the most important part is to reduce the number of comparisons signature rules and the packet whenever the packets arrive. In this paper, we propose an improve signature hashing-based pattern matching method. We use tuple pruning algorithm with Bloom filters, which effectively remove unnecessary tuples. Unlike other existing signature hashing-based IPS, our proposed method to improve the performance of IPS.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.1045-1054
• /
• 2021

As APT attacks become more frequent and sophisticated, not only the advancement of the security systems but also the competence of the cybersecurity officers of each institution that operates them is becoming increasingly important. In a large-scale cyber defence exercise with many blue teams participating and many systems to simulate and defend against, it should be possible to simulate attacks to generate various attack patterns, network payloads, and system events. However, if one RT framework is used, there is a limitation that it can be easily detected by the blue team. In the case of operating multiple RT frameworks, a lot of time and effort by experts for exercise setup and operation for each framework is required. In this paper, we propose iRF(integrated RT framework) that can automatically operate large-scale cyber defence exercise by integrating a number of open RT frameworks and RT frameworks created by ourselves.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.14 no.2
• /
• pp.109-114
• /
• 2021

As various users increase in a network environment, it is difficult to protect sensitive and confidential information transmitted and received from attackers. Concealing bitwise secret data in an image using the LSB technique can be very vulnerable to attack. To solve this problem, a hybrid method that combines encryption and information hiding is used. Therefore, an effective method for users to securely protect secret messages and implement secret communication is required. A new approach is needed to improve security and imperceptibility to ensure image quality. In this paper, I propose an LSB steganography technique that hides Hangul messages in a cover image based on MSB and LSB. At this time, after separating Hangul into chosung, jungsung and jongsung, the secret message is applied with Exclusive-OR or Exclusive-NOR operation depending on the selected MSB. In addition, the calculated secret data is hidden in the LSB n bits of the cover image converted by Fibonacci technique. PSNR was used to confirm the effectiveness of the applied results. It was confirmed 41.517(dB) which is suitable as an acceptable result.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.7
• /
• pp.993-999
• /
• 2021

Recently, many studies on VNDN technology have been conducted to graft Named Data Networking (NDN) into VANET as a core network technology. VNDN can use the content name to deliver various infotainment application content data through name-based forwarding. When VNDN is used as a communication technology for infotainment applications in connected vehicles, it is possible to realize data-centric networking technology in which data is the subject of communication. It can overcome the limitations of connected vehicle infotainment application service technology based on the host-centric current Internet, such as security attack/hacking, performance degradation in long-distance data transmission, frequent data cut-off. In this paper, we present the main functions provided by VNDN technology, and systematically analyze and organize the issues necessary to realize infotainment application services for connected vehicles in the VNDN environment. Based on this, it can be utilized as basic information necessary to establish infotainment application requirements in VNDN environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.729-738
• /
• 2019

In this paper, we propose two-way authentication protocol between unmanned systems in tactical wireless networks in which long distance communications are not guaranteed due to a poor channel conditions. It is assumed that every unmanned systems have same random data set before they put into combat. The proposed protocol generates authentication code(AC) using random data that causes hash collision. The requester for authentication encrypts the materials such as their identifier, time-stamp, authentication code with the secret key. After then the requester transmits the encrypted message to the receiver. The receiver authenticates the requester by verifying the authentication code included in the request message. The performance analysis of the proposed protocol shows that it guarantees the security for various attack scenarios and efficiency in terms of communication overhead and computational cost. Furthermore, we analyzed the effect of the parameter values of the proposed protocol on the performance and suggest appropriate parameter value selection guide according to the level of security requirement.

• The Plant Pathology Journal
• /
• v.35 no.4
• /
• pp.330-340
• /
• 2019

The present study was undertaken to evaluate the integrated effect of zinc (Zn) with other nutrients in managing early blight (EB) disease in tomato. A pot experiment was carried out with basal application of the recommended level of macronutrients [nitrogen, phosphorus and potassium (NPK)] and micronutrients [magnesium (Mg) and boron (B)] in bilateral combination with Zn (2.5 and 5.0 mg/kg) in a completely randomized deigned in replicates. Results revealed that interactive effect of Zn with Mg or B was often futile and in some cases synergistic. Zn with NPK yield synergistic outcome, therefore EB disease was managed significantly (disease incidence: 25% and percent severity index: 13%), which resulted in an efficient signaling network that reciprocally controls nutrient acquisition and uses with improved growth and development in a tomato plant. Thus, crosstalk and convergence of mechanisms in metabolic pathways resulted in induction of resistance in tomato plant against a pathogen which significantly improved photosynthetic pigment, total phenolics, total protein content and defense-related enzymes [superoxide dismutase (SOD), catalase (CAT), peroxidase (POX), polyphenol oxidase (PPO) and phenylalanine ammonia-lyase (PAL)]. The tremendous increase in total phenolics and PAL activity suggesting their additive effect on salicylic acid which may help the plant to systemically induce resistance against pathogen attack. It was concluded that interactive effect of Zn (5.0 mg/kg) with NPK significantly managed EB disease and showed positive effect on growth, physiological and biochemical attributes therefor use of Zn + NPK is simple and credible efforts to combat Alternaria stress in tomato plants.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.6
• /
• pp.223-234
• /
• 2019

Cyber attacks are an important factor that determines the victory and defeat of Network-centric wars in which advanced weapon systems are highly interlinked. In addition the increasing dependability on software as its develop as the latest fighter is demanding enhanced security measures for fighter software to Cyber attacks. In this paper, we apply the DO-326A, which is an airworthiness security certification standard, to design a risk-based security threat assessment process by reflecting characteristics and operational environment of fighter aircraft. To do this, we add the following steps in security threat assessment stage of DO-326A's airworthiness security certification process. First, we derive security threats of fighter. And then, we scored the security threat in terms of possibility and impact on the fighter. Finally, we determine the security risk severity.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.1
• /
• pp.103-110
• /
• 2019

Electronic voting has been followed by a lot of research as it provides convenience to voters and increases participation rates. Nevertheless, electronic voting has not been widespread yet. The existing electronic voting system does not guarantee credibility, and there arises a question on the security that the voting could be forged or altered by the attack to the central server. In this paper, we proposed blockchain based systems to solve the problems in electronic voting. Although the blockchain may guarantee the security of transaction data, there have been only a few electronic voting systems implemented using the blockchain. We developed blockchain enabled voting and brought out some of its related legal, technical and operational challenges to enforce more security in voting. Unlike centralized voting, the systems could enforce security and solve the problems such as forgery or alteration of transaction data caused by hacking or any attempts to gain control of the central server system.

• Journal of the Korea Convergence Society
• /
• v.9 no.11
• /
• pp.15-21
• /
• 2018

In this study, we try to detect anomalies on the network intrusion detection system by learning only one class. We use KDD CUP 1999 dataset, an intrusion detection dataset, which is used to evaluate classification performance. One class classification is one of unsupervised learning methods that classifies attack class by learning only normal class. When using unsupervised learning, it difficult to achieve relatively high classification efficiency because it does not use negative instances for learning. However, unsupervised learning has the advantage for classifying unlabeled data. In this study, we use one class classifiers based on support vector machines and density estimation to detect new unknown attacks. The test using the classifier based on density estimation has shown relatively better performance and has a detection rate of about 96% while maintaining a low FPR for the new attacks.

• Convergence Security Journal
• /
• v.18 no.4
• /
• pp.73-79
• /
• 2018

Since 1910s, the drones were mainly used for military purposes for reconnaissance and attack targets, but they are now being used in various fields such as disaster prevention, exploration, broadcasting, and surveillance of risk areas. As drones are widely used from military to civilian field, hacking into the drones such as radio disturbance, GPS spoofing, hijacking, etc. targeting drones has begun to occur. Recently, the use of drones in hacking into wireless network has been reported. If the artificial intelligence technology is applied to the drones in the military, hacking into unmanned combat system using drones will occur. In addition, a drone with a hacking program may be able to relay a hacking program to the hacking drone located far away, just as a drone serves as a wireless communication station. And the drones will be equipped with a portable GPS jamming device, which will enable signal disturbance to unmanned combat systems. In this paper, we propose security threats and the anticipated hacking scenarios using the drones on the battlespace to know the seriousness of the security threats by hacking drones and prepare for future cyberspace.