• ETRI Journal
• /
• v.42 no.3
• /
• pp.311-323
• /
• 2020

Encrypted traffic classification plays a vital role in cybersecurity as network traffic encryption becomes prevalent. First, we briefly introduce three traffic encryption mechanisms: IPsec, SSL/TLS, and SRTP. After evaluating the performances of support vector machine, random forest, naïve Bayes, and logistic regression for traffic classification, we propose the combined approach of entropy estimation and artificial neural networks. First, network traffic is classified as encrypted or plaintext with entropy estimation. Encrypted traffic is then further classified using neural networks. We propose using traffic packet's sizes, packet's inter-arrival time, and direction as the neural network's input. Our combined approach was evaluated with the dataset obtained from the Canadian Institute for Cybersecurity. Results show an improved precision (from 1 to 7 percentage points), and some application classification metrics improved nearly by 30 percentage points.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6092-6115
• /
• 2017

This paper demonstrates a case for an end-to-end pure Application Security Layer for reliable and confidential communications within an Internet of Things (IoT) constrained environment. To provide a secure key exchange and to setup a secure data connection, Transport Layer Security (TLS) is used, which provides native protection against replay attacks. TLS along with digital signature can be used to achieve non-repudiation within app-to-app communications. This paper studies the use of TLS over the JavaScript Object Notation (JSON) via a The Constrained Application Protocol (CoAP) RESTful service to verify the hypothesis that in this way one can provide end-to-end communication flexibility and potentially retain identity information for repudiation. As a proof of concept, a prototype has been developed to simulate an IoT software client with the capability of hosting a CoAP RESTful service. The prototype studies data requests via a network client establishing a TLS over JSON session using a hosted CoAP RESTful service. To prove reputability and integrity of TLS JSON messages, JSON messages was intercepted and verified against simulated MITM attacks. The experimental results confirm that TLS over JSON works as hypothesised.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1212-1228
• /
• 2016

Secure communication is an important aspect of today's interconnected environments and it can be achieved by the use of cryptographic algorithms and protocols. However, many existing cryptographic mechanisms are tightly integrated into communication protocols. Issues emerge when security vulnerabilities are discovered in cryptographic mechanisms because their replacement would eventually require replacing deployed protocols. The concept of cryptographic agility is the solution to these issues because it allows dynamic switching of cryptographic algorithms and keys prior to and during the communication. Most of today's secure protocols implement cryptographic agility (IPsec, SSL/TLS, SSH), but cryptographic agility mechanisms cannot be used in a standalone manner. In order to deal with the aforementioned limitations, we propose a lightweight cryptographically agile agreement model, which is formally verified. We also present a solution in the Agile Cryptographic Agreement Protocol (ACAP) that can be adapted on various network layers, architectures and devices. The proposed solution is able to provide existing and new communication protocols with secure communication prerequisites in a straightforward way without adding substantial communication overhead. Furthermore, it can be used between previously unknown parties in an opportunistic environment. The proposed model is formally verified, followed by a comprehensive discussion about security considerations. A prototype implementation of the proposed model is demonstrated and evaluated.

• BMB Reports
• /
• v.34 no.5
• /
• pp.457-462
• /
• 2001

Using the monomolecular film technique, we compared the interfacial properties of Staphylococcus simulans lipase (SSL) and Staphylococcus aureus lipase (SAL). These two enzymes act specifically on glycerides without any detectable phospholipase activity when using various phospholipids. Our results show that the maximum rate of racemic dicaprin (rac-dicaprin) hydrolysis was displayed at pH 8.5, or 6.5 with Staphylococcus simulans lipase or Staphylococcus aureus lipase, respectively The two enzymes interact strongly with egg-phosphatidyl choline (egg-PC) monomolecular films, evidenced by a critical surface pressure value of around $23\;mN{\cdot}m^{-1}$. In contrast to pancreatic lipases, $\beta$-lactoglobulin, a tensioactive protein, failed to inhibit Staphylococcus simulans lipase and Staphylococcus aureus lipase. A kinetic study on the surface pressure dependency, stereoselectivity, and regioselectivity of Staphylococcus simulans lipase and Staphylococcus aureus lipase was performed using optically pure stereoisomers of diglycerides (1,2-sn-dicaprin and 2,3-sn-dicaprin) and a prochiral isomer (1,3-sn-dicaprin) that were spread as monomolecular films at the air-water interface. Both staphylococcal lipases acted preferentially on distal carboxylic ester groups of the diglyceride isomer (1,3-sn-dicaprin). Furthermore, Staphylococcus simulans lipase was found to be markedly stereoselective for the sn-3 position of the 2,3-sn-dicaprin isomer.

• The KIPS Transactions:PartD
• /
• v.10D no.7
• /
• pp.1197-1206
• /
• 2003

This paper describes the IPP (Internet Printing Protocol), a standard that makes network setup for printers potentially much easier and, not so incidentally, also user can print over the Internet and specifies an implementation of IPP client/server system. It allows the system administrator and operators to control IPP system users and printer devices. The focus of this effort is optimized capabilities the security features for authentication, authorization, and policies, also improved compatibility with existing WP devices. Finally this paper presents conclusions and further researches.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.141-144
• /
• 2000

XML은 단순함과 융통성이라는 특징을 가지고 있기 때문에 Internet B2B(Business to Business) 메세지 송수신을 용이하게 한다. Internet B2B에서 메세지 송수신을 하는 데 있어서 보안이 점차 중요하게 대두되고 있다. 인터넷은 공용 네트워크이므로 도청과 위조와 같은 공격에 어떠한 보호장치도 있지 않기 때문에 메시지가 송수신되는 동안 자신의 중요한 정보가 다른곳으로 유출되거나 손실될 경우 B2B 메시지 송수신에 있어서 크나큰 손실을 가져올 수 있다. SSL(Secure Socket Layer)은 transport-level 보안 프로토콜이 제공하는 인증, 무결성, 기밀성을 제공하고 있다. 하지만 부인방지를 제공하고 있지 못하고 있는 실정이다. 하지만 XML-Signature를 이용하면 이러한 문제점을 해결할 수 있고 프로토콜 차원이 아닌 어플리케이션 차원에서 보안 시스템을 설계하므로 B2B 간 메시지 송수신하는데 있어서 서버와 클라이언트에 각각 XML-Signature 사용하여 안전하게 통신 할 수 있도록 해주는 보안모들 설계를 소개한다.

• Journal of the Korean Institute of Electrical and Electronic Material Engineers
• /
• v.20 no.12
• /
• pp.1017-1021
• /
• 2007

To implement tera bit level non-volatile memories of low power and fast operation, proving statistical reproductivity and satisfying reliabilities at the nano-scale are a key challenge. We fabricate the charge trapping nano scaled SONOS unit memories and 64 bit flash arrays and evaluate reliability and performance of them. In case of the dielectric stack thickness of 4.5 /9.3 /6.5 nm with the channel width and length of 34 nm and 31nm respectively, the device has about 3.5 V threshold voltage shift with write voltage of $10\;{\mu}s$, 15 V and erase voltage of 10 ms, -15 V. And retention and endurance characteristics are above 10 years and $10^5$ cycle, respectively. The device with LDD(Lightly Doped Drain) process shows reduction of short channel effect and GIDL(Gate Induced Drain Leakage) current. Moreover we investigate three different types of flash memory arrays.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.8
• /
• pp.1762-1767
• /
• 2005

PKI provides good resolutions for the authentication of user in the situation not to meet each other, but it is not enough to provide the resolution of authorization in distributed computing environments. Especially, we offer a variety forms of the user Authentication, the Integrity and a security service of the Non-Repudiation, but an authorization Policy, because of the complexity with a lot of information, using m understandable XML, makes a simple and easy certificate to read, and we get the information from DOM fee and do a XML analysis and stardardized-method usage easily In this paper, we provide the AAS model being able to use with the solution of the distributed users' authorization, and we implement an authorization policy module, using XML. in the Linux-based Apache Web server.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.682-684
• /
• 2003

With the explosive rapid expansion of computer using during the past few years, security has become a crucial issue for modem computer systems. Today, there are many intrusion detection systems (IDS) on the Internet. A variety of intrusion detection techniques and tools exist in the computer security community such as enterprise security management system (ESM) and system integrity checking tools. However, there is a potential problem involved with intrusion detection systems that are installed locally on the machines to be monitored. If the system being monitored is compromised, it is quite likely that the intruder will after the system logs and the intrusion logs while the intrusion remains undetected. In this project KIT-I, we adopt remote logging server (RLS) mechanism, which is used to backup the log files to the server. Taking into account security, we make use of the function of SSL of Java and certificate authority (CA) based key management. Furthermore, Support Vector Machine (SVM) is applied in our project to detect the intrusion activities.

• Resources Recycling
• /
• v.4 no.4
• /
• pp.70-75
• /
• 1995

Waste tires arc used as landifill, combustion and recycling. Rccenllg. lhc recycling of waste tires received a great attentmu fiam all industries. Thc rccgcling methods for w s l e tires are classified inla three culegoljz, a whole tirc, cmmb rubha and energy. T h ~ ssl iidy invesligvled the pruduclion ol Lhc ruhhcr block by using clumh cubbel oI wasle Ires. The process 01 manulacluring the ~uhher block was co~lsislerl ol several slepc: collecting lilts, ctuilnng and grinding hrcs, mixing crumh ruhher wlth bmder. and shaping under heat and pressure The effccl ol binder on ll~e ~uecl~ilnicaplr opcrlics o l r uhher hlock war also investigalcd. The economic feaqihility of a surface treiilmcnl and multilayas on the rubber block was dclcimincd