• International journal of advanced smart convergence
• /
• v.9 no.4
• /
• pp.209-214
• /
• 2020

VoIP technology has been widely used for exchanging voice or image data through IP networks. VoIP technology, often called Internet Telephony, sends and receives voice data over the RTP protocol during the session. However, there is an exposition risk in the voice data in VoIP using the RTP protocol, where the RTP protocol does not have a specification for encryption of the original data. We implement programs that can extract meaningful information from the user's dialogue. The meaningful information means the information that the program user wants to obtain. In order to do that, our implementation has two parts. One is the client part, which inputs the keyword of the information that the user wants to obtain, and the other is the server part, which sniffs and performs the speech recognition process. We use the Google Speech API from Google Cloud, which uses machine learning in the speech recognition process. Finally, we discuss the usability and the limitations of the implementation with the example.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.224-226
• /
• 2016

패킷은 데이터 전송에서 송신측과 수신측에 의하여 하나의 단위로 전송되는 집합체를 의미한다. 본 논문에서는 패킷 스니핑을 통해 네트워크 환경에서 송/수신되는 패킷들을 모니터링 함으로써 사용자 보안에 대한 취약점을 최소화하고, 패킷 전송 과정에서 사용자가 정의한 규칙에 의해 필터링하거나 네트워크 트래픽에 대한 통계 수집 등의 기능을 제공하는 C# 기반 패킷 분석기의 설계를 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.540-543
• /
• 2014

수많은 데이터를 사용하는 기업 및 기관들은 전용 데이터베이스를 구축하여 모든 정보들을 저장, 관리하고 있다. 개인정보를 포함하여 비인가된 중요 정보들이 저장되어있음에도 불구하고 대부분의 경우 데이터베이스에 대한 보안적용이 되어있지 않거나 아주 미비한 상태이다. 보안사고의 대부분이 데이터베이스에 저장된 중요 정보가 유출되는 점을 보았을 때 데이터베이스 자체에 대한 보안시스템을 구축하여 예방하는 것이 보안사고의 피해를 막을 수 있는 가장 핵심적인 방법이라 할 수 있다. 이에 본 연구에서는 네트워크 패킷을 모니터링하여 데이터베이스의 성능에 영향을 미치지 않고 보안기능을 수행할 수 있는 Sniffing 을 이용한 방안을 제안한다. 제안 보안시스템은 별도의 하드웨어에서 기능을 수행하며 운영 중인 데이터베이스에 서비스의 중단 없이 보안시스템을 구축할 수 있도록 하였다. Sniffing 방식에서 접근제어 기능을 수행 할 수 있도록 알고리즘 설계를 하였으며 감사 로그를 기록할 때 가장 많은 부분을 차지하는 SQL 에 대해 MD5 해시함수를 적용하여 해당 로그에 대한 데이터크기를 크게 줄일 수 있었다. 운영중인 데이터베이스 환경에 영향을 주지 않으면서 높은 수준의 감사성능을 제공하고 다양한 보안 정책을 간단하게 적용할 수 있도록 구현하였으므로 데이터베이스에 저장된 중요정보의 유출을 예방하고, 보안사고가 일어났을 때 추적 및 증거자료로 활용할 수 있을 것이다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.434-437
• /
• 2021

Canopen over EtherCAT(CoE) is a Canopen protocol that operates based on EtherCAT in industrial sites. In order to analyze a CoE network system and a performance through packet sniffing and reversing, it is necessary to know Data Objects structure and changes of its value. However, since Data Objects in Canopen is dependent on the devices, there is a limitation by using an existing packet analysis program like a Wireshark. Therefore, we designed and developed a system that infers Data Objects structure and system configuration.

• Journal of International Society for Simulation Surgery
• /
• v.4 no.1
• /
• pp.17-20
• /
• 2017

Purpose Interactive 3D visualization system through remote data transmission over heterogeneous network is growing due to the improvement of internet based real time streaming technology. Materials and Methods The current internet's IP layer has several weaknesses against IP spoofing or IP sniffing type of network attacks since it was developed for reliable packet exchange. In order to compensate the security issues with normal IP layer, we designed a remote medical visualization system, based on Virtual Private Network. Results Particularly in hospital, if there are many surgeons that need to receive the streaming information, too much load on the gateway can results in deficit of processing power and cause the delay. Conclusion End to end security through the network method would be required.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.259-266
• /
• 2012

Malicious rogue AP has been used for variety attacks such as packet sniffing and Man-In-The-Middle Attack. It is used for the purpose of data leakage via 3G network within companies, and the unauthorized AP could be a reason of security incidents even though it is not intended. In this paper, we propose the method for detecting unauthorized access point over 3G networks throughout the RTT (Round Trip Time) value for classification. Through the experiments, we show that the method can classify the AP which is installed by normal way and the AP over 3G networks successfully.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.2
• /
• pp.18-25
• /
• 2017

In computer science, an encoding is a standardization of converting information to one format for audio, video or text. Therefore, the encoding information of the data should be known to open and read it and there are algorithms detecting encoder of the data. However, some informations of data could be disappeared by packet loss when transmitted on network, especially, if the data is snatched by packet sniffing or eavesdropping from wireless communications. In this paper, we improve the performance of encoding detection algorithm of 'uchardet' program for multi-byte encoded data with errors based on bit-shift algorithm. To simulate the performance, we generated Korean and Japanese text data with errors that is removed some random bits at random positions. Then the detection algorithm are tested using the data and 'uchardet-bitshift' showed better performance than 'uchardet'. When Korean texts are used, 'uchardet' could detect perfectly with ≤0.005% errors but it showed 0% detection rate with ≥1% errors while 'uchardet-bitshift' detected perfectly with ≤0.05% errors and it showed correct detection cases with ≥1% errors. Japanese texts with errors tend to report falsely as Chinese encoding because Japanese texts include lots of Chinese characters. As a results, we improved encoding detection algorithms by applying bit shift operation.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.55-61
• /
• 2012

Owing to the development of wireless infrastructure and mobile communication technology, There is growing interest in smart phone using it. The resulting popularity of smart phone has increased the Mobile Malicious AP-related security threat and the access to the wireless AP(Access Point) using Wi-Fi. mobile AP mechanism is the use of a mobile device with Internet access such as 3G cellular service to serve as an Internet gateway or access point for other devices. Within the enterprise, the use of mobile AP mechanism made corporate information management difficult owing to use wireless system that is impossible to wire packet monitoring. In this thesis, we propose mobile AP mechanism-based mobile malicious AP detection and prevention mechanism in radius authentication server network. Detection approach detects mobile AP mechanism-based mobile malicious AP by sniffing the beacon frame and analyzing the difference between an authorized AP and a mobile AP mechanism-based mobile malicious AP detection.

• The Journal of the Korea Contents Association
• /
• v.9 no.3
• /
• pp.28-38
• /
• 2009

Login process uses both ID and password information to authenticate someone and to permit its access privilege on system. However, an attacker can get those ID and password information by using existing packet sniffing or key logger programs. It cause privacy problem as those information can be used as a hacking and network attack on web server and web e-mail system. Therefore, a more secure and advanced authentication mechanism should be required to enhance the authentication process on existing system. In this paper, we propose a multi-factor authentication process by using software form of secure card system combined with existing ID/Password based login system. Proposed mechanism uses a random number generated from the his/her own handset with biometric information. Therefore, we can provide a one-time password function on web login system to authenticate the user using multi-factor form. Proposed scheme provide enhanced authentication function and security because it is a 'multi-factor authentication mechanism' combined with handset and biometric information on web login system.