• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.36-46
• /
• 2019

The number of hosts connected to the Internet has increased dramatically, introducing the Domain Name System(DNS) in 1984. DNS is now an important key point for all users of the Internet by allowing them to use a convenient character address without memorizing a series of numbers of complex IP address. However, relative to the importance of DNS, there still exist many problems such as the authorization allocation issue, the disputes over public registration, security vulnerability such as DNS cache poisoning, DNS spoofing, man-in-the-middle attack, DNS amplification attack, and the need for many domain names in the age of hyper-connected networks. In this paper, to effectively improve these problems of existing DNS, we proposed a method of implementing DNS using distributed ledger technology, blockchain, and implemented using a Ethereum-based platform. In addition, the qualitative analysis performance comparative evaluation of the existing domain name registration and domain name server was conducted, and conducted security assessments on the proposed system to improve security problem of existing DNS. In conclusion, it was shown that DNS services could be provided high security and high efficiently using blockchain.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.10
• /
• pp.349-360
• /
• 2015

In recent year, phishing attacks are flooding with services based on the web technology. Phishing is affecting online security significantly day by day with the vulnerability of web pages. To prevent phishing attacks, a lot of anti-phishing techniques has been made with their own advantages and dis-advantages respectively, but the phishing attack has not been eradicated completely yet. In this paper, we have studied phishing in detail and categorize a process of phishing attack in two parts - Landing-phase, Attack-phase. In addition, we propose an phishing detection methodology based on web sites heuristic. To extract web sites features, we focus on URL and source codes of web sites. To evaluate performance of the suggested method, set up an experiment and analyze its results. Our methodology indicates the detection accuracy of 98.9% with random forest algorithm. The evaluation of proof-of-concept reveals that web site features can be used for phishing detection.

• Journal of Convergence for Information Technology
• /
• v.10 no.11
• /
• pp.55-63
• /
• 2020

The IoT technology is a field that applies and converges the technologies in the existing industrial environment, instead of new technologies. The IoT technology is releasing various application services converged with other industries such as smart home, healthcare, construction, and automobile, and it is also possible to secure the work efficiency and convenience of users of IoT-based technologies. However, the security threats occurring in the IoT-based technology environment are succeeding to the vulnerability of the existing wireless network environment. And the occurrence of new and variant attacks in the combination with the ICT convergence environment, is causing damages. Thus, in the IoT technology-based environment, it would be necessary to have researches on the safe transmission of messages in the communication environment between user and device, and device and device. This thesis aims to design a safe communication protocol in the IoT-based technology environment. Regarding the suggested communication protocol, this thesis performed the safety analysis on the attack techniques occurring in the IoT technology-based environment. And through the performance evaluation of the existing PKI-based certificate issuance system and the suggested communication protocol, this thesis verified the high efficiency(about 23%) of communication procedure. Also, this thesis verified the reduced figure(about 65%) of the issued quantity of certificate compared to the existing issuance system and the certificate management technique.