• Convergence Security Journal
• /
• 제19권1호
• /
• pp.3-10
• /
• 2019

The 5G network is a next-generation converged network that combines various ICT technologies to realize the need for high speed, hyper connection and ultra low delay, and various efforts have been made to address the security vulnerabilities of the previous generation mobile networks. However, the standards released so far still have potential security vulnerabilities, such as USIM deception and replication attack, message re-transmission attack, and race-condition attack. In order to solve these security problems, this paper proposes a new 5G-AKA protocol with PUF technology, which is a physical unclonable function. The proposed PUF-based 5G-AKA improves the security vulnerabilities identified so far using the device-specific response for a specific challenge and hash function. This approach enables a strong white-list policy through the addition of inexpensive PUF circuits when utilizing 5G networks in areas where security is critical. In addition, since additional cryptographic algorithms are not applied to existing protocols, there is relatively little burden on increasing computational costs or increasing authentication parameter storage.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제26권9호
• /
• pp.1374-1381
• /
• 2022

Existing research on security technology related to network attack response has focused on research using hardware network security technology, network attacks that wiretap and wiretap network packets, denial of service attack that consumes server resources to bring down the system, and network by identifying vulnerabilities before attack. It is classified as a scanning attack. In addition, methods for increasing network security, antivirus vaccines and antivirus systems have been mainly proposed and designed. In particular, many users do not fully utilize the security function of the router. In order to overcome this problem, it is classified according to the network security level to block external attacks through layered security management through layer-by-layer experiments. The scope of the study was presented by examining the security technology trends of edge routers, and suggested methods and implementation examples to protect from threats related to edge router-based network attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제14권6호
• /
• pp.1423-1428
• /
• 2010

This paper designs file security function on Windows O.S. Whenever you use Windows O.S, you need to protect some file data. This paper designs these security protection functions. This paper proposes two security functions on Windows O.S. One is file security. the other is directory access protection. To check the proposed functions well, I experiment the above functions on the Windows O.S. By this experiment, I confirmed that the proposed function worked well.

• Journal of information and communication convergence engineering
• /
• 제3권1호
• /
• pp.38-42
• /
• 2005

The cyber attacks on the computer system in nowadays are focused on works that do not operate specific application. The main key point that we protect information security system has an access control to keep an application. Most of system has a main function to protect an infrastructure such as hardware, network and operating system. In this paper, we have presented an intrusion tolerance system that can service an application in spite of cyber attacks. The proposed system is based on the middle ware integrating security mechanism and separate function of application and intrusion tolerance. The main factor we use security system in nowadays is service to keep a persistency. The proposed intrusion tolerance system is applicable to such as medical, national defense and banking system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제27권6호
• /
• pp.1295-1305
• /
• 2017

There is SEED cryptosystem in domestic block cipher standard. This code was drafted by the Korea Information Security Agency (KISA) in October 1998 and underwent a public verification process in December of the same year, which resulted in the final amendment to improve safety and performance. Unlike DES, it is a 128-bit block cipher that has been passed through various processes and established in 2005 as an international standard. It is a block cipher with a pastel structure like DES, but the input bit block has been increased to 128 bits, double DES. In this paper, first, we introduce the general algorithm of SEED cryptosystem and analyzed mathematically generating principle of key-value which is used in F-function. Secondly, we developed a table that calculates the exponent of the primitive element ${\alpha}$ corresponding to the 8-bit input value of the S-function and finally analyzed calculating principle of S-function designed in G-function through the new theorem and example. Through this course, we hope that it is to be suggest the ideas and background theory needed in developing new cryptosystem to cover the weakness of SEED cryptosystem.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• 제47권1호
• /
• pp.104-115
• /
• 2010

Development of the system which provides services using diverse sensors is expanding due to the widespread use of ubiquitous technology, and the research on the security technologies gaining attention to solve the vulnerability of ubiquitous environment's security. However, there are many instances in which flexible security services should be considered instead of strong only security function depending on the context. This paper used Fuzzy algorithm and MAUT to be aware of the diverse contexts and to propose context-aware security service which provides flexible security function according to the context.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제11권4호
• /
• pp.55-66
• /
• 2001

In this paper, we analyze the security of OFB encryption mode which is one of the basic modes of operation for the block cipher and the security of 3GPP f8 encryption mode used to provide the data confidentiality over a radio access link of W-CDMA IMT-2000. We provide the lower bound and the upper bound on security of both modes in random function model and random permutation model, respectively, by means of the left-or-right security notion, and prove the security of both modes using a pseudorandom function and a pseudorandom permutation, respectively.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2005년도 ICCAS
• /
• pp.1602-1605
• /
• 2005

An audit tracer is one of the last ways to defend an attack for network equipments. Firewall and IDS which block off an attack in advance are active way and audit tracing is passive way which analogizes a type and a situation of an attack from log after an attack. This paper explains importance of audit trace function in network equipment for security and defines events which we must leave by security audit log. We design and implement security audit system for secure router. This paper explains the reason why we separate general audit log and security audit log.

• Korean Security Journal
• /
• 제3호
• /
• pp.306-335
• /
• 2000

The desires for safety of body and life can be said to be fundamental and natural in human beings. But the rapid industrialization and urbanization phenomena in our modern society is accelerating the treand for increasing diverse social pathology. Rise of serious crimes such as robbery and rape has already become an especially serious social problem and is at the point of threatening our welfare and social order. But the police, which is primarily responsible for the maintenance of welfare and social order of the public, is unable to respond actively to the increasing demand for policing due to the lack of available manpower and overwork. Thus, the purpose of this thesis is to look for a plan to actively respond to the daily increasing outcry for law and order so that the public may maintain safe and happy lifestyles without the threat of crime. One concrete and practical strategy is to resolutely separate and transfer some of the many functions of the police that can be handled by citizen organizations to those groups so that the police can be relied upon to become functionally efficient. This will decrease the work of the police, thereby allowing the police to concentrate on its inherent responsibilities. As its primary example, 'transferring the function of security' of the police to the private security industry is suggested in this thesis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제17권3호
• /
• pp.35-42
• /
• 2007

We describe the problem of reducing the key material in the Even-Mansour cipher without security degradation. Even and Mansour proposed a block cipher based on XORing secret key material just prior to and after applying random oracle permutation P such that $C=k_2\bigoplus P(M\bigoplus k_1)$. Recently, Gentry and Ramzan showed that this scheme in the random permutation oracle can be replaced by the four-round Feistel network construction in the random function oracle and also proved that their scheme is super-pseudorandom. In this paper we reduce the key size from 2n to n, which is the optimal key size of Even-Mansour cipher in the random function oracle model and also give almost the same level of security.