• Title/Summary/Keyword: Security attack

Search Result 2,449, Processing Time 0.029 seconds

Cyber Attack Detection Using Message Authentication for Controller Area Networks (차량 내부 네트워크에서 메세지 인증을 이용한 사이버 공격 탐지)

  • Lee, Suyun;Park, Seo-Hee;Song, Ho-Jin;Beak, Youngmi
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2022.10a
    • /
    • pp.107-109
    • /
    • 2022
  • This paper proposes a new security system to detect cyber-attacks based on message authentication in a in-vehicle network. In the in-vehicle network, when a sending node transmits messages in a broadcast manner, it only uses a message identifier, rather than a node's identifier. It leads to a problem not identifying the source. In the proposed system, the sending node generates a message authentication code (MAC) using a cryptographic hash function to the control data and transmits it with the control data. When generating the MAC for each message, a multidimensional chaotic map is applied to increase the randomness of the result. The receiving node compares its MAC generated from the control data in the received message with the MAC of the received message to detect whether the message transmitted from the sending node is forged or not. We evaluate the performance of the proposed system by using CANoe and CAPL (Communication Access Programming Language). Our system shows a 100% of detection rate against cyber-attacks injected.

  • PDF

A Technique for Accurate Detection of Container Attacks with eBPF and AdaBoost

  • Hyeonseok Shin;Minjung Jo;Hosang Yoo;Yongwon Lee;Byungchul Tak
    • Journal of the Korea Society of Computer and Information
    • /
    • v.29 no.6
    • /
    • pp.39-51
    • /
    • 2024
  • This paper proposes a novel approach to enhance the security of container-based systems by analyzing system calls to dynamically detect race conditions without modifying the kernel. Container escape attacks allow attackers to break out of a container's isolation and access other systems, utilizing vulnerabilities such as race conditions that can occur in parallel computing environments. To effectively detect and defend against such attacks, this study utilizes eBPF to observe system call patterns during attack attempts and employs a AdaBoost model to detect them. For this purpose, system calls invoked during the attacks such as Dirty COW and Dirty Cred from popular applications such as MongoDB, PostgreSQL, and Redis, were used as training data. The experimental results show that this method achieved a precision of 99.55%, a recall of 99.68%, and an F1-score of 99.62%, with the system overhead of 8%.

A Study on Preprocessing Method in Deep Learning for ICS Cyber Attack Detection (ICS 사이버 공격 탐지를 위한 딥러닝 전처리 방법 연구)

  • Seonghwan Park;Minseok Kim;Eunseo Baek;Junghoon Park
    • Smart Media Journal
    • /
    • v.12 no.11
    • /
    • pp.36-47
    • /
    • 2023
  • Industrial Control System(ICS), which controls facilities at major industrial sites, is increasingly connected to other systems through networks. With this integration and the development of intelligent attacks that can lead to a single external intrusion as a whole system paralysis, the risk and impact of security on industrial control systems are increasing. As a result, research on how to protect and detect cyber attacks is actively underway, and deep learning models in the form of unsupervised learning have achieved a lot, and many abnormal detection technologies based on deep learning are being introduced. In this study, we emphasize the application of preprocessing methodologies to enhance the anomaly detection performance of deep learning models on time series data. The results demonstrate the effectiveness of a Wavelet Transform (WT)-based noise reduction methodology as a preprocessing technique for deep learning-based anomaly detection. Particularly, by incorporating sensor characteristics through clustering, the differential application of the Dual-Tree Complex Wavelet Transform proves to be the most effective approach in improving the detection performance of cyber attacks.

Input Certification protocol for Secure Computation

  • Myoungin Jeong
    • Journal of the Korea Society of Computer and Information
    • /
    • v.29 no.8
    • /
    • pp.103-112
    • /
    • 2024
  • This study was initiated with the aim of authenticating that inputs have not been tampered with without disclosing them in the case of computations where multiple inputs are entered by participants using the same key. In general, in the authentication stage, authentication is performed after the input value is disclosed, but we do not want to reveal the inputs until the end. This is a case of deviating from the traditional security model in which malicious participants exist in cryptography, but it is a malicious attack method that can actually occur enough. Privacy infringement or distortion of calculation results can occur due to malicious manipulation of input values. To prevent this, this study studied a method that can authenticate that the message is not a modified message without disclosing the message using the signature system, zero-knowledge proof, and commitment scheme. In particular, by modifying the ElGamal signature system and combining it with the commitment scheme and zero-knowledge proof, we designed and proved a verification protocol that the input data is not a modified data, and the efficiency was improved by applying batch verification between authentication.

An adaptive digital watermark using the spatial masking (공간 마스킹을 이용한 적응적 디지털 워터 마크)

  • 김현태
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.9 no.3
    • /
    • pp.39-52
    • /
    • 1999
  • In this paper we propose a new watermarking technique for copyright protection of images. The proposed technique is based on a spatial masking method with a spatial scale parameter. In general it becomes more robust against various attacks but with some degradations on the image quality as the amplitude of the watermark increases. On the other hand it becomes perceptually more invisible but more vulnerable to various attacks as the amplitude of the watermark decreases. Thus it is quite complex to decide the compromise between the robustness of watermark and its visibility. We note that watermarking using the spread spectrum is not robust enought. That is there may be some areas in the image that are tolerable to strong watermark signals. However large smooth areas may not be strong enough. Thus in order to enhance the invisibility of watermarked image for those areas the spatial masking characteristics of the HVS(Human Visual System) should be exploited. That is for texture regions the magnitude of the watermark can be large whereas for those smooth regions the magnitude of the watermark can be small. As a result the proposed watermarking algorithm is intend to satisfy both the robustness of watermark and the quality of the image. The experimental results show that the proposed algorithm is robust to image deformations(such as compression adding noise image scaling clipping and collusion attack).

Counter-terrorism Safety Measures in Public Facilities (다중이용시설의 대테러 안전대책)

  • Kim, Du-Hyun;Ahn, Kwang-Ho
    • Korean Security Journal
    • /
    • no.22
    • /
    • pp.37-64
    • /
    • 2010
  • Since the September 11, 2001, the motives and objectives of terrorism that have been targeted at hard targets such as key national facilities have now shifted towards soft targets such as subways, department stores, and tourist hotels; the attacks on these soft targets are steadily increasing. Simultaneous, unconventional, and indiscriminate terrorist attacks on civilians has also increased. In November, 2010, nearly forty states of the G20 and B20 (Business 20) will join in international summits to be hosted in Seoul. This coming July, an additional 350 troops will be deployed to Afghanistan for the sustainment of public security. Such events are sensitive topics, and there is the possibility of terrorist movement. Korea has successfully hosted various international events such as the APEC and ASEM Summits, and the 2002 Korea-Japan World Cup. The experiences from these events must be applied to ensure the safety of public facilities against the dangers of terrorism. First, counter-terrorism center must be established for the long-term, above the General Officer level to ensure the safety and efficiency of multilateral, international summits, as well as promoting policies and legislation aimed at preventing terrorism. Second, a terrorist threat management system must be secured and safety measures must be emphasized. Third, a fundamental structure must be established for the prevention of terrorism on public facilities, as well as legal and government action against the new threat of IED. Fourth, the police and fire fighting networks' must have a firm rapid response posture on the scene of an attack. Fifth, the state of mentality on the recognition of terrorist threats must be changed and restructured by promoting to and educating the population. Sixth, prevention measures must be established via research and academia. Seventh, for the guarantee of security in public facilities, safety management should employ cutting edge technology such as the 3D SICS and further develop and apply such technology. All methods and resources must be fully utilized for the establishment and strengthening terrorism prevention measures.

  • PDF

"Liability of Air Carriers for Injuries Resulting from International Aviation Terrorism" (국제항공(國際航空)테러리즘으로 인한 여객손해(旅客損害)에 대한 운송인(運送人)의 책임(責任))

  • Choi, Wan-Sik
    • The Korean Journal of Air & Space Law and Policy
    • /
    • v.1
    • /
    • pp.47-85
    • /
    • 1989
  • The Fundamental purpose of the Warsaw Convention was to establish uniform rules applicable to international air transportation. The emphasis on the benefits of uniformity was considered important in the beginning and continues to be important to the present. If the desire for uniformity is indeed the mortar which holds the Warsaw system together then it should be possible to agree on a worldwide liability limit. This liability limit would not be so unreasonable, that it would be impossible for nations to adhere to it. It would preclude any national supplemental compensation plan or Montreal Agreement type of requirement in any jurisdiction. The differentiation of liability limits by national requirement seems to be what is occurring. There is a plethora of mandated limits and Montreal Agreement type 'voluntary' limits. It is becoming difficult to find more than a few major States where an unmodified Warsaw Convention or Hague Protocol limitation is still in effect. If this is the real world in the 1980's, then let the treaty so reflect it. Upon reviewing the Warsaw Convention, its history and the several attempts to amend it, strengths become apparent. Hijackings of international flights have given rise to a number of lawsuits by passengers to recover damages for injuries suffered. This comment is concerned with the liability of an airline for injuries to its passengers resulting from aviation terrorism. In addition, analysis is focused on current airline security measures, particularly the pre-boarding screening system, and the duty of air carriers to prevent weapons from penetrating that system. An airline has a duty to exercise a high degree of care to protect its passengers from the threat of aviation terrorism. This duty would seemingly require the airline to exercise a high degree of care to prevent any passenger from smuggling a weapon or explosive device aboard its aircraft. In the case an unarmed hijacker who boards having no instrument in his possession with which to promote the hoax, a plaintiff-passenger would be hard-pressed to show that the airline was negligent in screening the hijacker prior to boarding. In light of the airline's duty to exercise a high degree of care to provide for the safety of all the passengers on board, an acquiescene to a hijacker's demands on the part of the air carrier could constitute a breach of duty only when it is clearly shown that the carrier's employees knew or plainly should have known that the hijacker was unarmed. A finding of willful misconduct on the part of an air carrier, which is a prerequisite to imposing unlimited liability, remains a question to be determined by a jury using the definition or standard of willful misconduct prevailing in the jurisdiction of the forum court. Through the willful misconduct provision of the Warsaw Convention, air carrier face the possibility of unlimited liability for failure to implement proper preventive precautions against terrorist. Courts, therefore, should broadly construe the willful misconduct provision of the Warsaw Convention in order to find unlimited liability for passenger injuries whenever air carrier security precautions are lacking. In this way, the courts can help ensure air carrier safety and prevention against terrorist attack. Air carriers, therefore, would have an incentive to increase, impose and maintain security precautions designed to thwart such potential terrorist attacks as in the case of Korean Air Lines Flight No.858 incident having a tremendous impact on the civil aviation community. The crash of a commercial airliner, with the attending tragic loss of life and massive destruction of property, always gives rise to shock and indignation. The general opinion is that the legal system could be sufficient, provided that the political will is there to use and apply it effectively. All agreed that the main responsibility for security has to be borne by the governments. I would like to remind all passengers that every discovery of the human spirit may be used for opposite ends; thus, aircraft can be used for air travel but also as targets of terrorism. A state that supports aviation terrorism is responsible for violation of International Aviation Law. Generally speaking, terrorism is a violation of international law. It violates the soverign rights of the states, and the human rights of the individuals. I think that aviation terrorism as becoming an ever more serious issue, has to be solved by internationally agreed and closely co-ordinated measures. We have to contribute more to the creation of a general consensus amongst all states about the need to combat the threat of aviation terrorism.

  • PDF

The Trend of Aviation Terrorism in the 4th Industrial Revolution Period and the Development Direction for Domestic Counter Terrorism of Aviation (제4차 산업혁명 시대의 항공 테러리즘 양상 및 국내 항공테러 대응체계 발전방향)

  • Hwang, Ho-Won;Kim, Seung-Woo
    • The Korean Journal of Air & Space Law and Policy
    • /
    • v.32 no.2
    • /
    • pp.155-188
    • /
    • 2017
  • On the one hand, the 4th Industrial Revolution provides a positive opportunity to build a new civilization paradigm for mankind. However, on the other hand, due to the 4th Industrial Revolution, artificial intelligence such as 'Goggle Alpha Go' revolutionized and even the human ability was replaced with a 'Silicon Chip' as the opportunity to communicate decreases, the existence of human beings is weakened. And there is a growing concern that the number of violent crimes, such as psychopath, which hunts humans as games, will increase. Moreover, recent international terrorism is being developed in a form similar to 'Psychopathic Violent-Crime' that indiscriminately attacks innocent people. So, the probability that terrorist organizations abuse the positive effects provided by the Fourth Industrial Revolution as means of terrorism is increasing. Therefore, the paradigm of aviation terrorism is expected to change in a way that attacks airport facilities and users rather than aircraft. Because airport facilities are crowded, and psychopathic terrorists are easily accessible. From this point of view, our counter terrorism system of aviation has many weak points in various aspects such as: (1) limitations of counter-terrorism center (2) inefficient on-site command and control system (3) separated organization for aviation security consultation (4) dispersed information collection function in government (5) vulnerable to cyber attack (6) lack of international cooperation network for aviation terrorism. Consequently, it is necessary to improve the domestic counter terrorism system of aviation so as to preemptively respond to the international terrorism. This study propose the following measures to improve the aviation security system by (1) create 'Aviation Special Judicial Police' (2) revise the anti-terrorism law and aviation security law (3) Strengthening the ability respond to terrorism in cyberspace (4) building an international cooperation network for aviation terrorism.

  • PDF

PRC Maritime Operational Capability and the Task for the ROK Military (중국군의 해양작전능력과 한국군의 과제)

  • Kim, Min-Seok
    • Strategy21
    • /
    • s.33
    • /
    • pp.65-112
    • /
    • 2014
  • Recent trends show that the PRC has stepped aside its "army-centered approach" and placed greater emphasis on its Navy and Air Force for a wider range of operations, thereby reducing its ground force and harnessing its economic power and military technology into naval development. A quantitative growth of the PLA Navy itself is no surprise as this is not a recent phenomenon. Now is the time to pay closer attention to the level of PRC naval force's performance and the extent of its warfighting capacity in the maritime domain. It is also worth asking what China can do with its widening naval power foundation. In short, it is time to delve into several possible scenarios I which the PRC poses a real threat. With this in mind, in Section Two the paper seeks to observe the construction progress of PRC's naval power and its future prospects up to the year 2020, and categorize time frame according to its major force improvement trends. By analyzing qualitative improvements made over time, such as the scale of investment and the number of ships compared to increase in displacement (tonnage), this paper attempts to identify salient features in the construction of naval power. Chapter Three sets out performance evaluation on each type of PRC naval ships as well as capabilities of the Navy, Air Force, the Second Artillery (i.e., strategic missile forces) and satellites that could support maritime warfare. Finall, the concluding chapter estimates the PRC's maritime warfighting capability as anticipated in respective conflict scenarios, and considers its impact on the Korean Peninsula and proposes the directions ROK should steer in response. First of all, since the 1980s the PRC navy has undergone transitions as the focus of its military strategic outlook shifted from ground warfare to maritime warfare, and within 30 years of its effort to construct naval power while greatly reducing the size of its ground forces, the PRC has succeeded in building its naval power next to the U.S.'s in the world in terms of number, with acquisition of an aircraft carrier, Chinese-version of the Aegis, submarines and so on. The PRC also enjoys great potentials to qualitatively develop its forces such as indigenous aircraft carriers, next-generation strategic submarines, next-generation destroyers and so forth, which is possible because the PRC has accumulated its independent production capabilities in the process of its 30-year-long efforts. Secondly, one could argue that ROK still has its chances of coping with the PRC in naval power since, despite its continuous efforts, many estimate that the PRC naval force is roughly ten or more years behind that of superpowers such as the U.S., on areas including radar detection capability, EW capability, C4I and data-link systems, doctrines on force employment as well as tactics, and such gap cannot be easily overcome. The most probable scenarios involving the PRC in sea areas surrounding the Korean Peninsula are: first, upon the outbreak of war in the peninsula, the PRC may pursue military intervention through sea, thereby undermining efforts of the ROK-U.S. combined operations; second, ROK-PRC or PRC-Japan conflicts over maritime jurisdiction or ownership over the Senkaku/Diaoyu islands could inflict damage to ROK territorial sovereignty or economic gains. The PRC would likely attempt to resolve the conflict employing blitzkrieg tactics before U.S. forces arrive on the scene, while at the same time delaying and denying access of the incoming U.S. forces. If this proves unattainable, the PRC could take a course of action adopting "long-term attrition warfare," thus weakening its enemy's sustainability. All in all, thiss paper makes three proposals on how the ROK should respond. First, modern warfare as well as the emergent future warfare demonstrates that the center stage of battle is no longer the domestic territory, but rather further away into the sea and space. In this respect, the ROKN should take advantage of the distinct feature of battle space on the peninsula, which is surrounded by the seas, and obtain capabilities to intercept more than 50 percent of the enemy's ballistic missiles, including those of North Korea. In tandem with this capacity, employment of a large scale of UAV/F Carrier for Kill Chain operations should enhance effectiveness. This is because conditions are more favorable to defend from sea, on matters concerning accuracy rates against enemy targets, minimized threat of friendly damage, and cost effectiveness. Second, to maintain readiness for a North Korean crisis where timely deployment of US forces is not possible, the ROKN ought to obtain capabilities to hold the enemy attack at bay while deterring PRC naval intervention. It is also argued that ROKN should strengthen its power so as to protect national interests in the seas surrounding the peninsula without support from the USN, should ROK-PRC or ROK-Japan conflict arise concerning maritime jurisprudence. Third, the ROK should fortify infrastructures for independent construction of naval power and expand its R&D efforts, and for this purpose, the ROK should make the most of the advantages stemming from the ROK-U.S. alliance inducing active support from the United States. The rationale behind this argument is that while it is strategically effective to rely on alliance or jump on the bandwagon, the ultimate goal is always to acquire an independent response capability as much as possible.

A Study on Responses of the Korean kidnapping Terror in overseas (한국인 해외인질납치테러 대응방안)

  • Jeong, Joon-Sik;Kim, Won-Ki
    • Korean Security Journal
    • /
    • no.20
    • /
    • pp.339-363
    • /
    • 2009
  • The 9.11 demonstrated that terrorist attack could be more serious problem than the war in our modern life. No countries in the world have evaded being a target for terrorists today. As well as South Korea, the whole world must share attentions and responsibilities for fighting against the terrorism. Since the international terrorist groups have expanded their targets from Western countries to Koreans, civilian hostages are no longer other's affair; it became a serious threat to public. Increased Korean investment, trade, missionary, and travel overseas also expanded activity regions worldwide. It also result increased terrorist threats and possible abduction. The number of kidnapping crisis has increased since the terrorists use it as an effective method of sending a message. Piracy refers to a broad range of violent acts at sea, and has traditionally been regarded as common enemies. Piracy constitutes a great threat to the security of navigation as well as to the safety of vessels and crews. Lessons from hostage issues such as Korean hostage crisis in Somalia and Afghanistan show that it can cause criticism on moral issues if armed rescue missions fail or hostages are killed, so the governments and related corporations try to solve it by paying ransom. Terrorists and use these advantages in order to put a huge pressure on the governments. In this study we will look at essential characteristics and types of hostage abductions and recognition of national safety, lessons and solutions to previous Korean hostage cases in overseas. At the same time, it provides a guidelines of the direction in the fighting against terrorist groups and Piracy.

  • PDF