• Journal of Internet Computing and Services
• /
• v.7 no.5
• /
• pp.33-41
• /
• 2006

Wireless LAN is intrinsically weak in security of transmissions. WPKI (Wireless Public Key Infrastructure) is a well known Method to deal with the security issues in wireless LAN. The authentication required by the method becomes a source of unrellability of the hand-off performance. This paper suggests a solution to overcome the instability while using the WPKI technique, Prior to getting into the next region, a station is provided with the keys of the surrounding regions so that the possible delay problem can be avoided during the actual hand-off time. Thereby the hand-off instability can be solved in the WPKI framework.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.6
• /
• pp.29-36
• /
• 2005

RFID(Radio Frequency Identification) will be used for recognizing things and offering distinctive information in Ubiquitous environment. But we are not ready to provide security service to RFID. Therefore we propose the approach of safe RFID system which provides the solution for eavesdrop, forgery, and modification based on Pre-Distribution protocol and RC5 security algorithm. First We distributes the secret key to the Tag with the Reader that is major subject on RFID system using Pre-Distribution protocol. Then we will provide to various security services and privacy protection using RC5 security algorithm. The proposed safe RFID system simulated on ATmega128 evaluate environment.

• Journal of KIISE:Software and Applications
• /
• v.31 no.9
• /
• pp.1233-1245
• /
• 2004

Though biometrics to authenticate a person is a good tool in terms of security and convenience, typical authentication algorithms using biometrics may not be executed on resource-constrained devices such as smart cards. Thus, to execute biometric processing on resource-constrained devices, it is desirable to develop lightweight authentication algorithm that requires only small amount of memory and computation. Also, among biological features, face is one of the most acceptable biometrics, because humans use it in their visual interactions and acquiring face images is non-intrusive. We present a new face authentication algorithm in this paper. Our achievement is two-fold. One is to present a face authentication algorithm with low memory requirement, which uses support vector machines (SVM) with the feature set extracted by genetic algorithms (GA). The other contribution is to suggest a method to reduce further, if needed, the amount of memory required in the authentication at the expense of verification rate by changing a controllable system parameter for a feature set size. Given a pre-defined amount of memory, this capability is quite effective to mount our algorithm on memory-constrained devices. The experimental results on various databases show that our face authentication algorithm with SVM whose input vectors consist of discriminating features extracted by GA has much better performance than the algorithm without feature selection process by GA has, in terms of accuracy and memory requirement. Experiment also shows that the number of the feature ttl be selected is controllable by a system parameter.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.61 no.8
• /
• pp.1186-1192
• /
• 2012

In Jeju Smart Grid field test, Zigbee technology is being used as one of customer side solutions for AMI. Although Zigbee networks that provides effective connectivity and control among devices are advantages in ease of implementation and use, the data can be exposed to cyber attacks such as eavesdrop, unauthorized data dissemination and forgery. Currently authentication and confidentiality services are provided with the network and link keys generated based on public key pairs that are pre-installed in offline. However, the network is vulnerable once a hacker intrudes into a local network because operation and management policies for the generated keys are not well-established yet. In this paper, the vulnerability of the Zigbee security system in the customer side environment of Jeju Smart Grid field test is analyzed. Then, two-way authentication with the unique identifiers of devices and user-specific group management policies are proposed to resolve the vulnerability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.616-619
• /
• 2008

In this paper, we design and implement the authentication system for home network service and applied it to actual sensor nodes. We achieved authentication key, encryption and decryption applied RC5 encryption algorithm of SNEP. In addition, we used pair-wise key pre-distribution for prevention of authentication sniffing in wireless sensor network. The experiment environment consists of a base station receiving data and sensor nodes sending data. Each sensor nodes sends both the data and encrypted authentication key to the base station. As a simulation environment, we assumed some what-if scenarios of security menaces in home network service. And we slightly altered the TOS_Msg construction of TinyOS. The experiences had shown that the malfunction doesn't happen in communication among other groups. And we confirmed in tests that the system is secure when a sensor having malicious propose is added.

• Annual Conference of KIPS
• /
• 2006.05a
• /
• pp.1113-1116
• /
• 2006

Security in wireless sensor networks is very pressing especially when sensor nodes are deployed in hostile environments. To obtain security purposes, it is essential to be able to encrypt and authenticate messages sent amongst sensor nodes. Keys for encryption and authentication must be agreed upon by communicating nodes. Due to resource limitations and other unique features, obtaining such key agreement in wireless sensor network is extremely complex. Many key agreement schemes used in general networks, such as trusted server, Diffie-Hellman and public-key based schemes, are not suitable for wireless sensor networks [1], [2], [5], [7], [8]. In that situation, key pre-distribution scheme has been emerged and considered as the most appropriate scheme [2], [5], [7]. Based on that sense, we propose a new resource-optimal key pre-distribution scheme utilizing merits of the two existing key pre-distribution schemes [3], [4]. Our scheme exhibits the fascinating properties: substantial improvement in sensors' resource usage, rigorous guarantee of successfully deriving pairwise keys between any pair of nodes, greatly improved network resiliency against node capture attack. We also present a detailed analysis in terms of security and resource usage of the scheme.

• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.19-23
• /
• 2009

In this paper, we propose a general idea about an RFID system which provides lighted weight algorithm. We discuss how RFID could be applied for this kind of system, especially, compact protocol. We evaluate a few protocols that have been suggested for use in passive RFID tagged systems. We can reduce security computation without losing security features by message integration and pre-computation in this paper. And the proposed protocol can be used in low-cost RFID systems that require a small computational load for both the back-end database and the tags.

• Proceedings of the Korean Institute of Communication Sciences Conference
• /
• 2004.07a
• /
• pp.64-64
• /
• 2004

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.103-110
• /
• 2015

The security of the data exchanged between sensor nodes in IoT (Internet of Things) environment becomes increasing. In the conventional IEEE 802.15.4, the key for secure communication between the sensor node and the sensor node and the PAN Coordinator or the sensor node is assumed to be pre-shared in advance. Especially, there is another problem in that sensor node authentication is not considered during the association process. In this paper, we propose a security scheme that solves the problems of previously proposed protocols with the pre-shared key for all devices.

• The Journal of Korean Association of Computer Education
• /
• v.13 no.6
• /
• pp.91-98
• /
• 2010

NAC(Network Access Control) has been developed as a solution for the security of end-point user, to be a target computer of worm attack which does not use security patch of OS and install Anti-Virus, which spreads the viruses in the Intra-net. Currently the NAC products in market have a sufficient technology of pre-connect, but insufficient one of post-connect which detects the threats after the connect through regular authentication. Therefore NAC users have been suffered from Zero-day attacks and malware infection. In this paper, to solve the problems in the post-connect step we generate the normal behavior profiles using the traffic information of each host, host information through agent, information of open port and network configuration modification through network scanner addition to authentication of host and inspection of policy violation used before. Based on these we propose the system to detect the hosts infected malware.