• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.17-28
• /
• 2019

6LoWPAN based on IEEE 802.15.4 is a realistic standard platform for various Internet of Things (IoT) applications. To bootstrap the LoWPAN (Low-power Wireless Personal Area Network), each device must perform 6LoWPAN-ND address registration to assign a unique IPv6 address. Without adequate security mechanisms, 6LoWPAN-ND is vulnerable to a variety of security attacks including corrupted node attacks. Several security mechanisms have been proposed as a supplement to the vulnerability, but the vulnerability exists because it relies solely on IEEE 802.15.4 hop-by-hop security. In this paper, we propose and analyze a vulnerability of 6LoWPAN-ND address registration and a new security mechanism suitable for preventing the attack of damaged node. It also shows that the proposed security mechanism is compatible with the Internet Engineering Task Force (IETF) standard and is more efficient than the mechanism proposed in the IETF 6 lo WG.

• Convergence Security Journal
• /
• v.8 no.3
• /
• pp.19-24
• /
• 2008

Common Criteria is a standard to estimate safety of information protection product such as network-level firewall system and intrusion detection system. Recently, CC version is changed from CC v.2.3 to CC v.3.1. CC v.3.1 estimation methodology requires a secured dictionary accomodation preparation for information protection product. In this research, progressed CC v3 base composition product test and research about vulnerability analysis method. Further, this paper presents specific plan sorting composition style information protection product examination methodology to existing principle and detailed methodology.

• Journal of Advanced Navigation Technology
• /
• v.14 no.3
• /
• pp.415-425
• /
• 2010

In public network, user authentication is important security technology. Especially, password-based authentication method is used the most widely in distributed environments, and there are many authentication methods. Their SPMA protocol indicates vulnerability about problem that NSPA protocol does not offer mutual authentication, and proposed Strong Password Mutual Authentication protocol with mutual authentication. However, SPMA protocol has vulnerability of replay attack. In the paper, we analyzed vulnerability to replay attack of SPMA protocol. And we also proposed Improved Strong Password Mutual Authentication protocol to secure on replay attack with same efficiency.

• Journal of Advanced Navigation Technology
• /
• v.15 no.5
• /
• pp.722-728
• /
• 2011

Most services need to have authentication protocols to verify users' eligibility in the network environment. For this, a lot of user authentication protocols have been researched and developed. Two of them, SPMA and I-SPMA protocols, introduced the lack of mutual authentication and vulnerability to the reply attack of the prior protocols and suggested revised protocols. Nevertheless, these protocols did not mention about the critical problem caused when the server and the client lose synchronization on the secret information between them. Therefore, in this paper, we analyze the security characteristics of the existing protocols and prove the vulnerability to the synchronization of the protocols.

• Journal of Digital Convergence
• /
• v.5 no.1
• /
• pp.55-68
• /
• 2007

It soaks but 2001 July information communication base step law enforcement and the Enforcement Ordinance are published to follow, in order to support the establishment of evaluation and protective measure in order the vulnerability analysis against the facility of the agency which manages an important information communication base hour opinion to designate information protection specialty enterprise. As information protection specialty enterprise being revealed evacuation laboratory back 12 enterprises from information communication department become designation as the consulting enterprise and they do an enterprise activity actively. It follows in diffusion of the IT and information reconciliation level the other side where our country belongs in the world-wide first group, the research against the disfunction plan of preparation comparison the fact that law it is come negligently all actuality. The network as it will give management coat fatal effect even at obstacle occurrence hour of instant for of case and IT facility of the cyber transactions which leads, in the future there to be to corporate management, there is a possibility the stable civil official of information Facilities for communications very seeing in the portion which is important. Present condition and important propulsion contents of information communication base step law enforcement after, against a vulnerability analysis of information protection relation field and evaluation consulting methodological application situation to sleep it researches from the dissertation which it sees consequently and it does.

• The Journal of Information Technology
• /
• v.3 no.3
• /
• pp.27-37
• /
• 2000

Although an insurance criterion for reliance is unified, the difference in evaluation mechanism in every country is already ambiguity. In other words, the aspect of objectivity would be a little because it is true that the vulnerability evaluation include evaluator, scenario and tools (TSVES) applying in test, depth and scope of evaluation. But evaluation results can be difference in accordance with each evaluation elements. By using TSVES to evaluating network security vulnerability, first, we expected the evaluation results is impartiality, objectivity, repeatability, reproducibility, appropriateness and soundness of results. Second, it could be transferred manual ways into automation ways, and then expected easiness and safety of extension and modification in a quality of products as well as a dramatical reduction of waste of time and energy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.131-139
• /
• 2007

Vulnerability analysis helps to remove discriminating vulnerabilities that exist in various equipment that composes operating information system. It is possible to explain representation and exclusion method about vulnerabilities of each equipment by vulnerability analysis. But it is difficult to display the weakness of whole information system. To do this, analyst synthesizes several information that achieved by vulnerability analysis. But the existing method does not provide fair evaluation because operators' personal opinion. In this paper, we explain about method that unites discriminatively vulnerable point and expresses whole weakness degree in numerical value by equipment, by system class, or by overall system.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.5 no.2
• /
• pp.289-296
• /
• 2015

Java is an interpreted language that can run on a variety of platforms, also Java has a number of useful features for network. Due to theses features of Java language, Java is used in various fields. In this paper, we will talk about how the malware that threaten the Java Security Manager of the Java Virtual Machine is using the vulnerability of the Java Virtual Machine. And for corresponding measures, this paper suggest vulnerability analysis method of Java system class by using Java Call Graph and Java Access Permission Checking Tree. By suggesting that, we want to lay groundwork for preventing Java security threats in advance.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.453-458
• /
• 2013

In a wireless LAN environment, security is the most important. Security of 802.11 standard has many vulnerabilities of the network attack. IEEE has created mechanisms to security for this vulnerability. But the vulnerabilities is characteristic of broadcast in the air in wireless LAN, it is more disclosure then other network environments. In a wireless LAN environment, it can be accessed to the wireless LAN after authentication. Authentication process is one of most important because of the first security step. However, in the authentication process is not mentioned in the method of reducing the disclosure maximum fundamental. Therefore, in this research, the vulnerability of 802.11 are presented and how to do de-authentication in 802.11.

• The Journal of the Korea Contents Association
• /
• v.10 no.10
• /
• pp.19-25
• /
• 2010

While Snoop improves network performance by using local retransmission in case of packet loss in wireless network, it has security vulnerability to be unable to countermeasure against falsified ACKs attacks. Therefore in this paper, we suggest a modified Snoop with an extra buffer in addition to original Snoop buffer. Even though packets are exhausted in original buffer by falsified ACKs attacks, proposed Snoop can locally retransmit the packets saved in the extra buffer. The simulation by NS-2 shows that proposed Snoop countermeasure efficiently against falsified ACKs attack and builds securer Snoop protocol.