• International journal of advanced smart convergence
• /
• v.10 no.3
• /
• pp.10-16
• /
• 2021

In this paper, we devise a Shapley-value-based covert channel in smartphones. More specifically, unlike ordinary use of Shapley value in cooperative game, we make use of a series of Shapley values, which are computed from sensor data collected from smartphones, in order to create a covert channel between encoding smartphone and decoding smartphone. To the best of our knowledge, we are the first to contrive covert channel based on Shapley values. We evaluate the encoding process of our proposed covert channel through simulation and present our evaluation results.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.4
• /
• pp.131-142
• /
• 2010

Due to the development of the Internet, Internet banking that we are liberated from time and space has evolved into banking system. So modern life became comfortable. However, Dysfunction (malicious Information leakage and hacking etc.) of the Internet development has become a serious social problem. According to this, The need for security is rapidly growing. In this paper, we proposed the Internet Banking Authentication System using a dual-channel in OTP(One Time Password) authentication. This technology is that A user transfer transaction information to Bank through one Internet channel then bank transfer transaction information to user using the registered mobile phone or smart phone. If user confirm transaction information then bank request user's OTP value. User create OTP value and transfer to bank and bank authenticate them throgth the ARS. If authentication is pass then transaction permitted. Security assessment that the proposed system, the security requirement that the confidentiality and integrity, authentication, repudiation of all of the features provide a key length is longer than the current Internet banking systems, such as using encryption, the security provided by the Financial Supervisory Service Level 1 rating can be applied to more than confirmed.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.1
• /
• pp.50-54
• /
• 2010

A Container Security Device (CSD) which is different existing RFID Tag strengthens the physical security as mounted inside the container and the information security as encrypts doubly a data. CSD must use the resources efficiently in order to operate with the battery. Therefore, it needs low-power mechanism which repeats the sleep period and channel scan period. However, by adjusting these periods, the trade-off occurs between energy efficiency and network connectivity. In this paper, we implement low-power CSD and resolve this problem by adjusting beacon period and channel scan time. As a result, We guarantee the network connectivity 95% or more and maximum life up to 16 days using common AA batteries.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.4
• /
• pp.1866-1883
• /
• 2019

As the youngest branch of information hiding, network covert timing channels conceal the existence of secret messages by manipulating the timing information of the overt traffic. The popular model-based framework for constructing covert timing channels always utilizes cumulative distribution function (CDF) of the inter-packet delays (IPDs) to modulate secret messages, whereas discards high-order statistics of the IPDs completely. The consequence is the vulnerability to high-order statistical tests, e.g., entropy test. In this study, a rich security model of covert timing channels is established based on IPD chains, which can be used to measure the distortion of multi-order timing statistics of a covert timing channel. To achieve rich security, we propose two types of covert timing channels based on nested lattices. The CDF of the IPDs is used to construct dot-lattice and interval-lattice for quantization, which can ensure the cell density of the lattice consistent with the joint distribution of the IPDs. Furthermore, compensative quantization and guard band strategy are employed to eliminate the regularity and enhance the robustness, respectively. Experimental results on real traffic show that the proposed schemes are rich-secure, and robust to channel interference, whereas some state-of-the-art covert timing channels cannot evade detection under the rich security model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.55-63
• /
• 2007

This paper has investigated the susceptibility of an FPGA implementation of a block cipher against side channel analysis attacks. We have performed DPA attacks and DEMA attacks (in the nea. and far field) on an FPGA implementation of ARIA which has been implemented into two architectures of S-box. Although the number of needed traces for a successful attack is increased when compared with existing results on smart cards, we have shown that ARIA without countermeasures is indeed very susceptible to side channel analysis attacks regardless of an architecture of S-box.

• ETRI Journal
• /
• v.31 no.5
• /
• pp.625-627
• /
• 2009

This letter describes an improved side-channel attack on DES with the first four rounds masked. Our improvement is based on truncated differentials and power traces which provide knowledge of Hamming weights for the intermediate data computed during the enciphering of plaintexts. Our results support the claim that masking several outer rounds rather than all rounds is not sufficient for the ciphers to be resistant to side-channel attacks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.395-396
• /
• 2024

최근 국가 핵심 기반시설을 중단시키거나 파괴시킴으로서 사회적 혼란 및 국가 경제적 손실을 일으키는 공격 사례가 증가되고 있는 실정이다. 이와 같은 사이버 공격에 대응하기 위해 각 국가는 인터넷이나 다른 네트워크와 물리적 또는 논리적으로 분리되어 있는 폐쇄망 환경을 기반으로 기반시설을 구성함으로서 높은 수준의 보안성과 안정성을 유지하고자 한다. 하지만, 악의적인 공격자들은 Covert Channel을 통해 폐쇄망 환경 내 민감한 데이터 및 기밀 데이터를 탈취하고 있는 실정이다. 이에 본 논문에서는 음향신호 기반 Covert Channel 공격 기술에 대해 분석함으로써 안전한 폐쇄망 환경 구축의 필요성을 보이고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.19-32
• /
• 2013

As cyber stock trading grows rapidly, stock trading using Home Trading System have been brisk recently. Home Trading System is a heavy-weight in the stock market, and the system has shown 75% and 40% market shares for KOSPI and KOSDAQ, respectively. However, since Home Trading System focuses on the convenience and the availability, it has some security problems. In this paper, we found that the authentication information in memory remains during the stock trading and we proposed its countermeasure through two-channel authentication using a mobile device such as a cell phone.

• Journal of Communications and Networks
• /
• v.11 no.6
• /
• pp.556-563
• /
• 2009

A side channel analysis is a very efficient attack against small devices such as smart cards and wireless sensor nodes. In this paper, we propose an efficient key detection method using a peak selection algorithm in order to find the advanced encryption standard secret key from electromagnetic signals. The proposed method is applied to a correlation electromagnetic analysis (CEMA) attack against a wireless sensor node. Our approach results in increase in the correlation coefficient in comparison with the general CEMA. The experimental results show that the proposed method can efficiently and reliably uncover the entire 128-bit key with a small number of traces, whereas some extant methods can reveal only partial subkeys by using a large number of traces in the same conditions.

• ETRI Journal
• /
• v.37 no.5
• /
• pp.898-905
• /
• 2015

In this paper, we consider a joint beamforming and jamming design to enhance physical layer security against potential multiple eavesdroppers in a multiple-input and single-output cellular broadcast channel. With perfect channel state information at the base station, we propose various design approaches to improve the secrecy of the target user. Among the proposed approaches, the combined beamforming of maximum ratio transmission and zero-forcing transmission with a combination of maximum ratio jamming and zero-forcing jamming (MRT + ZFT with MRJ + ZFJ) shows the best security performance because it utilizes the full transmit antenna dimensions for beamforming and jamming with an efficient power allocation. The simulation results show that the secrecy rate of this particular proposed approach is better than the rates of the considered conventional approaches with quality-of-service and outage probability constraints.