• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.339-344
• /
• 2006

Secure delivery of multicast data can be achieved with the use of a group key for data encryption in mobile ad hoc network (MANET) applications based on the group communication. However, for the support of dynamic group membership, the group key has to be updated for each member joining/leaving and, consequently, a mechanism distributing an updated group key to members is required. The two major categories of the group key distribution mechanisms proposed for wired networks are the naive and the tree-based approaches. The naive approach is based on unicast, so it is not appropriate for large group communication environment. On the other hand, the tree-based approach is scalable in terms of the group size, but requires the reliable multicast mechanism for the group key distribution. In the sense that the reliable multicast mechanism requires a large amount of computing resources from mobile nodes, the tree-based approach is not desirable for the small-sized MANET environment. Therefore, in this paper, we propose a new key distribution protocol, called the proxy-based key management protocol (PROMPT), which is based on the naive approach in the small-sized MANET environment. PROMPT reduces the message overhead of the naive through the first-hop grouping from a source node and the last-hop grouping from proxy nodes using the characteristics of a wireless channel.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.844-847
• /
• 2011

Wireless mesh network (WMN) is a type of mobile ad-hoc network consists of wireless router, mobile clients and gateway which connects the network with the Internet. To provide security in the network it is required to encrypt the message sent among the communicating nodes in such way so that only legitimate user can retrieve the original data. Several security mechanisms have been proposed so far to enhance the security of WMN. However, there still exists a need for a comprehensive mechanism to prevent attacks in data communication. Considering the characteristic of mesh network, in this paper we proposed a public key cryptography based security architecture to establish a secure key agreement among communicating nodes in mesh network. The proposed security architecture consists of two major sections: client data protection and network data protection. Client data protection deals with the mutual authentication between the client and the access router and provide client to access router encryption for data confidentiality using standard IEEE 802.11i protocol. On the other hand, network data protection ensures encrypted routing and data transfer in the multi hop backbone network. For the network data protection, we used the pre-distributed public key to form a secure backbone infrastructure.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.561-563
• /
• 2014

애드혹 네트워크(Ad Hoc Network)는 최근 이슈가 되고 있는 사물 간 인터넷(Internet of Things), 스마트그리드(Smart Grid), 사람 중심 도시 센싱(People-Centric Urban Sensing), 해상 통신(Maritime Communications) 환경에서 다양하게 활용되는 네트워크 구조다. 이러한 환경에서의 애플리케이션들은 사용자들에게 다양한 편의성을 제공하기 위하여 사용자의 민감한 프라이버시 정보를 요구하기도 한다. 하지만, 만약 수집되어지는 프라이버시 정보가 인가되지 않은 공격자에게 노출된다면, 사용자는 불안함을 호소할 수 있을 것이고, 동시에 해당 데이터를 수집하고자 했던 서비스제공자는 경제적으로 커다란 손실을 입을 수 있다. 이러한 프라이버시 정보 노출을 방지하기 위하여 안전한 데이터 수집 기법들이 연구되어 왔다. 하지만, 대부분의 기법들은 기밀성만 제공할 뿐, 부인방지 및 익명성은 제공하지 않는다. 그리고 더 나아가 기존 기법들은 통계정보 수집과 개별적인 정보 수집을 동시에 제공하지 않는다. 본 논문은 개별정보수집 및 통계정보 수집을 모두 지원하며 동시에, 사용자에게 강화된 익명성 개념인 비연결성을 제공하는 새로운 데이터 수집 기법을 소개한다.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.4
• /
• pp.1-5
• /
• 2010

To operate safely VANET applications, authenticaton is necessary to identify val d participants and prevent malicious parties from modifying messages. This paper proposes an efficient authentication protocol for the vehicle registration in VANET environment. The topology of VANET changes rapidly due to high-speed movement of vehicles, thus it is need to reduce the computational burden of the authentication protocol. Therefore, this protocol uses only one-way hash functions and EOR operations to register vehicles.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.9
• /
• pp.774-783
• /
• 2012

A simple, accurate, secure, long-lasting, and portable hybrid positioning system is proposed and designed in this paper. It consists of a lighting LED that generates visible light data corresponding to position information of a target and a Zigbee wireless network communication module with low power, security, and service area expansion characteristics. Under an indoor environment where there is 23.62m distance between an observer and the target, the presented hybrid positioning system is tested and is verified with the functions of Zigbee three hop wireless networking and visible light communication (VLC) scheme. The test results are analyzed and discussed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.125-135
• /
• 2004

IEEE 802.15.3 High Rate WPAN is a mechanism for wireless home network such as PDAs, digital video camcoder, etc. While symmetric keys are used for MAC layer security, the process of establishing a secure membership or a secure relationship is outside of the scope of the standard. In addition, to prepare for ubiquitous environment in the near future, it is important to study the process of establishing a secure relationship between DEVs in different dependent piconets. This paper propose a secure model and a process of establishing a secure relationship using PKI without a ousted certificate authority.

• ETRI Journal
• /
• v.37 no.1
• /
• pp.186-196
• /
• 2015

In resource-constrained, low-cost, radio-frequency identification (RFID) sensor-based mobile ad hoc networks (MANETs), ensuring security without performance degradation is a major challenge. This paper introduces a novel combination of steps in lightweight protocol integration to provide a secure network for RFID sensor-based MANETs using error-correcting codes (ECCs). The proposed scheme chooses a quasi-cyclic ECC. Key pairs are generated using the ECC for establishing a secure message communication. Probability analysis shows that code-based identification; key generation; and authentication and trust management schemes protect the network from Sybil, eclipse, and de-synchronization attacks. A lightweight model for the proposed sequence of steps is designed and analyzed using an Alloy analyzer. Results show that selection processes with ten nodes and five subgroup controllers identify attacks in only a few milliseconds. Margrave policy analysis shows that there is no conflict among the roles of network members.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.5
• /
• pp.13-19
• /
• 2008

A mobile ad-hoc network routing protocols for transmission of multimedia contents need to have low delay time and to maintain the established route because it should secure quality of service(QoS) of the network. In this paper, the proposed protocol, termed HODMRP (History-based On-Demand Multicast Routing Protocol), is enhanced On-Demand Multicast Routing Protocol (ODMRP) by adding the criterion which is the session history for establishing route. The characteristic of this protocol is that data can be transmitted using the redundant route which is already selected by session history, if it occurs that the route is broken, HODMRP have better Packet Delivery Ratio (PDR) value and lower delay time than ODMRP by the simulation results.

• Journal of Electrical Engineering and Technology
• /
• v.13 no.5
• /
• pp.2086-2098
• /
• 2018

Security plays a vital role and is the key challenge in Mobile Ad-hoc Networks (MANET). Infrastructure-less nature of MANET makes it arduous to envisage the genre of topology. Due to its inexhaustible access, information disseminated by roaming nodes to other nodes is susceptible to many hazardous attacks. Intrusion Detection and Prevention System (IDPS) is undoubtedly a defense structure to address threats in MANET. Many IDPS methods have been developed to ascertain the exceptional behavior in these networks. Key issue in such IDPS is lack of fast self-organized learning engine that facilitates comprehensive situation awareness for optimum decision making. Proposed "Intelligent Behavioral Hybridized Intrusion Detection and Prevention System (IBH_IDPS)" is built with computational intelligence to detect complex multistage attacks making the system robust and reliable. The System comprises of an Intelligent Client Agent and a Smart Server empowered with fuzzy inference rule-based service engine to ensure confidentiality and integrity of network. Distributed Intelligent Client Agents incorporated with centralized Smart Server makes it capable of analyzing and categorizing unethical incidents appropriately through unsupervised learning mechanism. Experimental analysis proves the proposed model is highly attack resistant, reliable and secure on devices and shows promising gains with assured delivery ratio, low end-to-end delay compared to existing approach.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.712-714
• /
• 2003

최근 새로운 형태의 네트워크 환경인 유비쿼터스 컴퓨팅에 대한 연구가 활발하게 진행되고 있다. 특히 유비쿼터스 컴퓨팅에서 중요한 요소중의 하나는 센서 네트워크로써, 저전력 Ad-hoc 네트워크에 기반한 센서와 센서 노드들로 구성되며, 실제의 환경과 유비쿼터스 컴퓨팅과의 매개 역할을 한다. 따라서 본 논문에서는 센서 네트워크의 일반적인 개요 및 보안에 관해서 알아보고 취약점을 분석한 뒤 이를 바탕으로 안전하고 효율적인 센서 네트워크의 관리 구조를 제안하고자 한다.