• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.783-786
• /
• 2015

Hole attack, which is disturbed transmission function through change of routing information, can cause critical results for MANET as non-infrastructure network. Backhole attack, as a typical hole attack, is one malicious attack which is disabled network transmission function by assumption of transmission data through modification of routing information. It is very important to evaluate transmission performance caused by blackhole attack, because transmission performance of MANET is affective with blackhole attack. In this paper, transmission performance is analyzed with MANET under multiple blackhole attacks caused multiple blackhole nodes. Computer simulation based on NS-2 is used as analysis tool and voice traffic is considered ad application service on MANET.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.12
• /
• pp.2555-2562
• /
• 2009

The algorithm that is proposed in this paper defined a probability function to count connection process and connection-end process to apply TRW algorithm to voice network. Set threshold to evaluate the algorithm that is proposed, Based on the type of connection attack traffic changing the probability to measure the effectiveness of the algorithm, and Attack packets based on the speed of attack detection time was measured. At the result of evaluation, proposed algorithm shows that DDoS attack starts at 10 packets per a second and it detects the attack after 1.2 seconds from the start. Moreover, it shows that the algorithm detects the attack in 0.5 second if the packets were 20 per a second.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.127-132
• /
• 2024

With the rapid evolution of the Internet, the application of artificial intelligence fields is more and more extensive, and the era of AI has come. At the same time, adversarial attacks in the AI field are also frequent. Therefore, the research into adversarial attack security is extremely urgent. An increasing number of researchers are working in this field. We provide a comprehensive review of the theories and methods that enable researchers to enter the field of adversarial attack. This article is according to the "Why? → What? → How?" research line for elaboration. Firstly, we explain the significance of adversarial attack. Then, we introduce the concepts, types, and hazards of adversarial attack. Finally, we review the typical attack algorithms and defense techniques in each application area. Facing the increasingly complex neural network model, this paper focuses on the fields of image, text, and malicious code and focuses on the adversarial attack classifications and methods of these three data types, so that researchers can quickly find their own type of study. At the end of this review, we also raised some discussions and open issues and compared them with other similar reviews.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.1
• /
• pp.296-308
• /
• 2015

Advanced Encryption Standard (AES) is widely used for protecting wireless sensor network (WSN). At the Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2012, G$\acute{e}$rard et al. proposed an optimized collision attack and break a practical implementation of AES. However, the attack needs at least 256 averaged power traces and has a high computational complexity because of its byte wise operation. In this paper, we propose a novel double sieve collision attack based on bitwise collision detection, and an improved version with an error-tolerant mechanism. Practical attacks are successfully conducted on a software implementation of AES in a low-power chip which can be used in wireless sensor node. Simulation results show that our attack needs 90% less time than the work published by G$\acute{e}$rard et al. to reach a success rate of 0.9.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.405-414
• /
• 2006

We present a symptom based taxonomy for network security. This taxonomy classifies attacks in the network using early symptoms of the attacks. Since we use the symptom it is relatively easy to access the information to classify the attack. Furthermore we are able to classify the unknown attack because the symptoms of unknown attacks are correlated with the one of known attacks. The taxonomy classifies the attack in two stages. In the first stage, the taxonomy identifies the attack in a single connection and then, combines the single connections into the aggregated connections to check if the attacks among single connections may create the distribute attack over the aggregated connections. Hence, it is possible to attain the high accuracy in identifying such complex attacks as DDoS, Worm and Bot We demonstrate the classification of the three major attacks in Internet using the proposed taxonomy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.71-77
• /
• 2006

Several network attacks, such as distributed denial of service (DDoS) attack, present a very serious threat to the stability of the internet. The threat posed by network attacks on large networks, such as the internet, demands effective detection method. Therefore, a simple intrusion detection system on large-scale backbone network is needed for the sake of real-time detection, preemption and detection efficiency. In this paper, in order to discriminate attack traffic from legitimate traffic on backbone links, we suggest a relatively simple statistical measure, entropy, which can track value frequency. Den is conspicuous distinction of entropy values between attack traffic and legitimate traffic. Therefore, we can identify what kind of attack it is as well as detecting the attack traffic using entropy value.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.11
• /
• pp.73-81
• /
• 2012

This paper proposes an ETWAD(Encapsulation and Tunneling Wormhole Attack Detection) design based on positional information and hop count on Ad-Hoc Network. The ETWAD technique is designed for generating GAK(Group Authentication Key) to ascertain the node ID and group key within Ad-hoc Network and authenticating a member of Ad-hoc Network by appending it to RREQ and RREP. In addition, A GeoWAD algorithm detecting Encapsulation and Tunneling Wormhole Attack by using a hop count about the number of Hops within RREP message and a critical value about the distance between a source node S and a destination node D is also presented in ETWAD technique. Therefore, as this paper is estimated as the average probability of Wormhole Attack detection 91%and average FPR 4.4%, it improves the reliability and probability of Wormhole Attack Detection.

• Journal of Information Processing Systems
• /
• v.11 no.1
• /
• pp.104-115
• /
• 2015

Along with the evolution of Internet and its new emerging services, the quantity and impact of attacks have been continuously increasing. Currently, the technical capability to attack has tended to decrease. On the contrary, performances of hacking tools are evolving, growing, simple, comprehensive, and accessible to the public. In this work, network penetration testing and auditing of the Redhat operating system (OS) are highlighted as one of the most popular OS for Internet applications. Some types of attacks are from a different side and new attack method have been attempted, such as: scanning for reconnaissance, guessing the password, gaining privileged access, and flooding the victim machine to decrease availability. Some analyses in network auditing and forensic from victim server are also presented in this paper. Our proposed system aims confirmed as hackable or not and we expect for it to be used as a reference for practitioners to protect their systems from cyber-attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.9
• /
• pp.35-42
• /
• 2019

In this paper, we propose an approach to apply network-based moving target defense into Internet of Things (IoT) networks. The IoT is a technology that provides the high interconnectivity of things like electronic devices. However, cyber security risks are expected to increase as the interconnectivity of such devices increases. One recent study demonstrated a man-in-the-middle attack in the statically configured IoT network. In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. The approach continuously changes system's attack surface to prevent attacks. After analyzing IPv4 / IPv6-based moving target defense schemes and IoT network-related technologies, we present our approach in terms of addressing systems, address mutation techniques, communication models, network configuration, and node mobility. In addition, we summarize the direction of future research in relation to the proposed approach.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.67-74
• /
• 2022

One type of network security breach is the availability breach, which deprives legitimate users of their right to access services. The Denial of Service (DoS) attack is one way to have this breach, whereas using the Intrusion Detection System (IDS) is the trending way to detect a DoS attack. However, building IDS has two challenges: reducing the false alert and picking up the right dataset to train the IDS model. The survey concluded, in the end, that using a real dataset such as MAWILab or some tools like ID2T that give the researcher the ability to create a custom dataset may enhance the IDS model to handle the network threats, including DoS attacks. In addition to minimizing the rate of the false alert.