• Title/Summary/Keyword: Network Attack

Search Result 1,264, Processing Time 0.024 seconds

A Design of Key Generation and Communication for Device Access Control based on Smart Health Care (스마트 헬스케어 기반의 디바이스 접근제어를 위한 키 생성 및 통신기법 설계)

  • Min, So-Yeon;Lee, Kwang-Hyong;Jin, Byung-Wook
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.17 no.11
    • /
    • pp.746-754
    • /
    • 2016
  • Smart healthcare systems, a convergent industry based on information and communications technologies (ICT), has emerged from personal health management to remote medical treatment as a distinguished industry. The smart healthcare environment provides technology to deliver vital information, such as pulse rate, body temperature, health status, and so on, from wearable devices to the hospital network where the physician is located. However, since it deals with the patient's personal medical information, there is a security issue for personal information management, and the system may be vulnerable to cyber-attacks in wireless networks. Therefore, this study focuses on a key-development and device-management system to generate keys in the smart environment to safely manage devices. The protocol is designed to provide safe communications with the generated key and to manage the devices, as well as the generated key. The security level is analyzed against attack methods that may occur in a healthcare environment, and it was compared with existing key methods and coding capabilities. In the performance evaluation, we analyze the security against attacks occurring in a smart healthcare environment, and the security and efficiency of the existing key encryption method, and we confirmed an improvement of about 15%, compared to the existing cipher systems.

Comparative Study of Machine learning Techniques for Spammer Detection in Social Bookmarking Systems (소셜 복마킹 시스템의 스패머 탐지를 위한 기계학습 기술의 성능 비교)

  • Kim, Chan-Ju;Hwang, Kyu-Baek
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.15 no.5
    • /
    • pp.345-349
    • /
    • 2009
  • Social bookmarking systems are a typical web 2.0 service based on folksonomy, providing the platform for storing and sharing bookmarking information. Spammers in social bookmarking systems denote the users who abuse the system for their own interests in an improper way. They can make the entire resources in social bookmarking systems useless by posting lots of wrong information. Hence, it is important to detect spammers as early as possible and protect social bookmarking systems from their attack. In this paper, we applied a diverse set of machine learning approaches, i.e., decision tables, decision trees (ID3), $na{\ddot{i}}ve$ Bayes classifiers, TAN (tree-augment $na{\ddot{i}}ve$ Bayes) classifiers, and artificial neural networks to this task. In our experiments, $na{\ddot{i}}ve$ Bayes classifiers performed significantly better than other methods with respect to the AUC (area under the ROC curve) score as veil as the model building time. Plausible explanations for this result are as follows. First, $na{\ddot{i}}ve$> Bayes classifiers art known to usually perform better than decision trees in terms of the AUC score. Second, the spammer detection problem in our experiments is likely to be linearly separable.

Study on the Technical Security Factor for the Implementation of Secure DB System (안정적인 DB보안 시스템 구축을 위한 보안기술요소 분석에 관한 연구)

  • Yoon, Sun-Hee
    • Journal of the Korea Society of Computer and Information
    • /
    • v.19 no.12
    • /
    • pp.143-152
    • /
    • 2014
  • This paper introduces Database security to prevent the rapidly increasing issue of private information leakage. The Database security examined in the paper separates into DB access control area and DB encryption area which further leads the paper to analyze the factors of the two areas and suggest necessary elements for creating stable Database security. In addition, the paper examines previous DB security programs by areas and analyzes pros and cons from the tested result. The experiment indicated that while DB access control presents less degradation and reduced the need to modify the existing DBMS since the access control operates at the end point of the network, DB encryption presented strength in protecting the data from unauthorized access. On the other hand, DB access control is less useful in preventing the attack in advance which leaves the log to enable tracking afterward while DB encryption can only be operated by limited types of Database and causes degradation due to system load and shows higher percentage of failure when creating the system. This paper examines characteristics of Database security areas in order to be used as a reference for institutions or companies seeking stable Database security.

Flying Cake: An Augmented Game on Mobile Device (Flying Cake: 모바일 단말기를 이용한 실감형 게임)

  • Park, An-Jin;Jung, Kee-Chul
    • Journal of KIISE:Software and Applications
    • /
    • v.34 no.1
    • /
    • pp.79-94
    • /
    • 2007
  • In the ubiquitous computing age which uses a high quantity network, mobile devices such as wearable and hand-held ones with a small tamers and a wireless communication module will be widely used in near future. Thus, a lot of researches about an augmented game on mobile devices have been attempted recently. The existing augmented games used a traditional 'backpack' system and a pattern marker. The 'backpack' system is expensive, cumbersome and inconvenient to use, and because of the pattern marker, it is only possible to play the game in the previously installed palace. In this paper, we propose an augmented game called Flying Cake using a face region to create the virtual object(character) without the pattern marker, which manually indicates an overlapped location of the virtual object in the real world, on a small and mobile PDA instead of the cumbersome hardware. Flying Cake is an augmented shooting game. This game supplies us with two types: 1) a single player which attacks a virtual character on images captured by a camera in an outdoor physical area, 2) dual players which attack the virtual character on images which we received through a wireless LAN. We overlap the virtual character on the face region using a face detection technique, and users play Flying Cake though attacking the virtual character. Flying Cake supplies new pleasure to flayers with a new game paradigm through an interaction between the user in the physical world captured by the PDA camera and the virtual character in a virtual world using the face detection.

A Tactical Internet Geocasting Protocol for Efficient Message Delivery (효율적인 메시지 전달을 위한 전술인터넷 지오캐스팅 프로토콜)

  • Yoon, Sun-Joong;Ko, Young-Bae
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.10B
    • /
    • pp.1050-1061
    • /
    • 2009
  • The Tactical Internet(TI) managed by Infantry Brigades is used for the purpose of sharing information of Command Control and Situation Awareness. When there are more than two destinations to transmit data in the TI system, a multicasting is utilized based on pre-defined multicast groups. However even in the case when a source node needs to send some messages like weathercast and attack alarm etc to only a part of Battalion or Brigades in a specific geographical region (destination region), the current TI multicasting protocol is designed to transmit the messages to the pre-defined group or all of the Battalion/Brigade nodes, resulting in inefficiency in terms of end-to-end delay and overhead. In this paper, we propose more efficient protocol for such cases, named as "Tactical Internet Geocasting (TIG)". The proposed scheme firstly checks whether the destination region belongs to one Battalion region or more than two Battalion regions using location information, and then performs a greedy forwarding from the source node to the destination region, followed by a local flooding inside of the destination region. With performance analysis and simulations using NS-2, TIG is compared to the current TI multicasting protocol (i.e., Simplified MDP) and the LBM (Location-based Multicast). The simulation results show that the proposed TIG is more efficient than both in terms of delay and network overhead.

A Design of Secure Communication for Device Management Based on IoT (사물인터넷 기반 디바이스 관리를 위한 안전한 통신 프로토콜 설계)

  • Park, Jung-Oh;Choi, Do-Hyeon;Hong, Chan-Ki
    • Journal of Convergence for Information Technology
    • /
    • v.10 no.11
    • /
    • pp.55-63
    • /
    • 2020
  • The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.

USN's Efforts to Rebuild its Combat Power in an Era of Great Power Competition (강대국 간의 경쟁시대와 미 해군의 증강 노력)

  • Jung, Ho-Sub
    • Strategy21
    • /
    • s.44
    • /
    • pp.5-27
    • /
    • 2018
  • The purpose of this paper is to look at USN's efforts to rebuild its combat power in the face of a reemergence of great powers competition, and to propose some recommendations for the ROKN. In addition to the plan to augment its fleet towards a 355-ships capacity, the USN is pursuing to improve exponentially combat lethality(quality) of its existing fleet by means of innovative science and technology. In other words, the USN is putting its utmost efforts to improve readiness of current forces, to modernize maintenance facilities such as naval shipyards, and simultaneously to invest in innovative weapons system R&D for the future. After all, the USN seems to pursue innovations in advanced military Science & Technology as the best way to ensure continued supremacy in the coming strategic competition between great powers. However, it is to be seen whether the USN can smoothly continue these efforts to rebuild combat strength vis-a-vis its new competition peers, namely China and Russian navy, due to the stringent fiscal constraints, originating, among others, from the 2011 Budget Control Act effective yet. Then, it seems to be China's unilateral and assertive behaviors to expand its maritime jurisdiction in the South China Sea that drives the USN's rebuild-up efforts of the future. Now, some changes began to be perceived in the basic framework of the hitherto regional maritime security, in the name of declining sea control of the USN as well as withering maritime order based on international law and norms. However, the ROK-US alliance system is the most excellent security mechanism upon which the ROK, as a trading power, depends for its survival and prosperity. In addition, as denuclearization of North Korea seems to take significant time and efforts to accomplish in the years to come, nuclear umbrella and extended deterrence by the US is still noting but indispensible for the security of the ROK. In this connection, the naval cooperation between ROKN and USN should be seen and strengthened as the most important deterrents to North Korean nuclear and missile threats, as well as to potential maritime provocation by neighboring countries. Based on these observations, this paper argues that the ROK Navy should try to expand its own deterrent capability by pursuing selective technological innovation in order to prevent this country's destiny from being dictated by other powers. In doing so, however, it may be too risky for the ROK to pursue the emerging, disruptive innovative technologies such as rail gun, hypersonic weapon... etc., due to enormous budget, time, and very thin chance of success. This paper recommends, therefore, to carefully select and extensively invest on the most cost-effective technological innovations, suitable in the operational environments of the ROK. In particular, this paper stresses the following six areas as most potential naval innovations for the ROK Navy: long range precision strike; air and missile defense at sea; ASW with various unmanned maritime system (UMS) such as USV, UUV based on advanced hydraulic acoustic sensor (Sonar) technology; network; digitalization for the use of AI and big data; and nuclear-powered attack submarines as a strategic deterrent.

Dynamic Threshold Determination Method for Energy Efficient SEF using Fuzzy Logic in Wireless Sensor Networks (무선 센서 네트워크에서 통계적 여과 기법의 에너지 효율 향상을 위한 퍼지논리를 적용한 동적 경계값 결정 기법)

  • Choi, Hyeon-Myeong;Lee, Sun-Ho;Cho, Tae-Ho
    • Journal of the Korea Society for Simulation
    • /
    • v.19 no.1
    • /
    • pp.53-61
    • /
    • 2010
  • In wireless sensor networks(WSNs) individual sensor nodes are subject to security compromises. An adversary can physically capture sensor nodes and obtain the security information. And the adversary injects false reports into the network using compromised nodes. If undetected, these false reports are forwarded to the base station. False reports injection attacks can not only result in false alarms but also depletion of the limited amount of energy in battery powered sensor nodes. To combat these false reports injection attacks, several filtering schemes have been proposed. The statistical en-routing filtering(SEF) scheme can detect and drop false reports during the forwarding process. In SEF, The number of the message authentication codes(threshold) is important for detecting false reports and saving energy. In this paper, we propose a dynamic threshold determination method for energy efficient SEF using fuzzy-logic in wireless sensor networks. The proposed method consider false reports rate and the number of compromised partitions. If low rate of false reports in the networks, the threshold should low. If high rate of false reports in networks, the threshold should high. We evaluated the proposed method’s performance via simulation.

A Study on Ransomware Detection Methods in Actual Cases of Public Institutions (공공기관 실제 사례로 보는 랜섬웨어 탐지 방안에 대한 연구)

  • Yong Ju Park;Huy Kang Kim
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.3
    • /
    • pp.499-510
    • /
    • 2023
  • Recently, an intelligent and advanced cyber attack attacks a computer network of a public institution using a file containing malicious code or leaks information, and the damage is increasing. Even in public institutions with various information protection systems, known attacks can be detected, but unknown dynamic and encryption attacks can be detected when existing signature-based or static analysis-based malware and ransomware file detection methods are used. vulnerable to The detection method proposed in this study extracts the detection result data of the system that can detect malicious code and ransomware among the information protection systems actually used by public institutions, derives various attributes by combining them, and uses a machine learning classification algorithm. Results are derived through experiments on how the derived properties are classified and which properties have a significant effect on the classification result and accuracy improvement. In the experimental results of this paper, although it is different for each algorithm when a specific attribute is included or not, the learning with a specific attribute shows an increase in accuracy, and later detects malicious code and ransomware files and abnormal behavior in the information protection system. It is expected that it can be used for property selection when creating algorithms.

Detecting Adversarial Examples Using Edge-based Classification

  • Jaesung Shim;Kyuri Jo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.28 no.10
    • /
    • pp.67-76
    • /
    • 2023
  • Although deep learning models are making innovative achievements in the field of computer vision, the problem of vulnerability to adversarial examples continues to be raised. Adversarial examples are attack methods that inject fine noise into images to induce misclassification, which can pose a serious threat to the application of deep learning models in the real world. In this paper, we propose a model that detects adversarial examples using differences in predictive values between edge-learned classification models and underlying classification models. The simple process of extracting the edges of the objects and reflecting them in learning can increase the robustness of the classification model, and economical and efficient detection is possible by detecting adversarial examples through differences in predictions between models. In our experiments, the general model showed accuracy of {49.9%, 29.84%, 18.46%, 4.95%, 3.36%} for adversarial examples (eps={0.02, 0.05, 0.1, 0.2, 0.3}), whereas the Canny edge model showed accuracy of {82.58%, 65.96%, 46.71%, 24.94%, 13.41%} and other edge models showed a similar level of accuracy also, indicating that the edge model was more robust against adversarial examples. In addition, adversarial example detection using differences in predictions between models revealed detection rates of {85.47%, 84.64%, 91.44%, 95.47%, and 87.61%} for each epsilon-specific adversarial example. It is expected that this study will contribute to improving the reliability of deep learning models in related research and application industries such as medical, autonomous driving, security, and national defense.