• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1365-1373
• /
• 2019

Meltdown and Spectre are vulnerabilities that exploit out-of-order execution and speculative execution techniques to read memory regions that are not accessible with user privileges. OS patches were released to prevent this attack, but older systems without appropriate patches are still vulnerable. Currently, there are some research to detect Meltdown and Spectre attacks, but most of them proposed dynamic analysis methods. Therefore, this paper proposes a binary signature that can be used to detect Meltdown and Spectre malware without executing them. For this, we collected 13 malicious codes from GitHub and performed binary pattern analysis. Based on this, we proposed a static detection method for Meltdown and Spectre malware. Our results showed that the method identified all the 19 attack files with 0.94% false positive rate when applied to 2,317 normal files.

• Journal of Information Processing Systems
• /
• v.8 no.3
• /
• pp.495-520
• /
• 2012

A secure Electronic Payment System (EPS) is essential for the booming online shopping market. A successful EPS supports the transfer of electronic money and sensitive information with security, accuracy, and integrity between the seller and buyer over the Internet. SET, CyberCash, Paypal, and iKP are the most popular Credit Card-Based EPSs (CCBEPSs). Some CCBEPSs only use SSL to provide a secure communication channel. Hence, they only prevent "Man in the Middle" fraud but do not protect the sensitive cardholder information such as the credit card number from being passed onto the merchant, who may be unscrupulous. Other CCBEPSs use complex mechanisms such as cryptography, certificate authorities, etc. to fulfill the security schemes. However, factors such as ease of use for the cardholder and the implementation costs for each party are frequently overlooked. In this paper, we propose a Web service based new payment system, based on ANSI X9.59-2006 with extra features added on top of this standard. X9.59 is an Account Based Digital Signature (ABDS) and consumer-oriented payment system. It utilizes the existing financial network and financial messages to complete the payment process. However, there are a number of limitations in this standard. This research provides a solution to solve the limitations of X9.59 by adding a merchant authentication feature during the payment cycle without any addenda records to be added in the existing financial messages. We have conducted performance testing on the proposed system via a comparison with SET and X9.59 using simulation to analyze their levels of performance and security.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.2
• /
• pp.83-92
• /
• 2013

RSA-CRT is a widely used algorithm that provides high performance implementation of the RSA-signature algorithm. Many previous studies on each operation step have been published to verify the physical leakages of RSA-CRT when used in smart devices. This paper proposes SAED (subtraction algorithm analysis on equidistant data), which extracts sensitive information using the event information of the subtraction operation in a reduction algorithm. SAED is an attack method that uses algorithm-dependent power signal changes. An adversary can extract a key using differential power analysis (DPA) of the subtraction operation. This paper indicates the theoretical rationality of SAED, and shows that its results are better than those of other methods. According to our experiments, only 256 power traces are sufficient to acquire one block of data. We verify that this method is more efficient than those proposed in previously published studies.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.8
• /
• pp.335-342
• /
• 2013

Nowadays, the traffic type and behavior are extremely diverse due to the growth of network speed and the appearance of various services on Internet. For efficient network operation and management, the importance of application-level traffic identification is more and more increasing in the area of traffic analysis. In recent years traffic identification methodology using statistical features of traffic flow has been broadly studied. However, there are several problems to be considered in the identification methodology base on statistical features of flow to improve the analysis accuracy. In this paper, we recognize these problems by analyzing the ground-truth traffic and propose the solution of these problems. The four problems considered in this paper are the distance measurement of features, the selection of the representative value of features, the abnormal behavior of TCP sessions, and the weight assignment to the feature. The proposed solutions were verified by showing the performance improvement through experiments in campus network.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.11
• /
• pp.495-502
• /
• 2013

In this paper, we present an anonymous authentication and location assurance protocol for secure location-aware services over vehicular ad hoc networks (VANETs). In other to achieve our goal, we propose the notion of a location-aware signing key so as to strongly bind geographic location information to cryptographic function while providing conditional privacy preservation which is a desirable property for secure vehicular communications. Furthermore, the proposed protocol provides an efficient procedure based on hash chain technique for revocation checking to effectively alleviate communication and computational costs on vehicles in VANETs. Finally, we demonstrate comprehensive analysis to confirm the fulfillment of the security objectives, and the efficiency and effectiveness of the proposed protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.1
• /
• pp.282-304
• /
• 2014

Each cloud service has numerous owners and tenants, so it is necessary to construct a privacy preserving identity management and access control mechanism for cloud computing. On one hand, cloud service providers (CSP) depend on tenant's identity information to enforce appropriate access control so that cloud resources are only accessed by the authorized tenants who are willing to pay. On the other hand, tenants wish to protect their personalized service access patterns, identity privacy information and accessing newfangled cloud services by on-demand ways within the scope of their permissions. There are many identity authentication and access control schemes to address these challenges to some degree, however, there are still some limitations. In this paper, we propose a new comprehensive approach, called Privacy pReserving Identity and Access Management scheme, referred to as PRIAM, which is able to satisfy all the desirable security requirements in cloud computing. The main contributions of the proposed PRIAM scheme are threefold. First, it leverages blind signature and hash chain to protect tenant's identity privacy and implement secure mutual authentication. Second, it employs the service-level agreements to provide flexible and on-demand access control for both tenants and cloud services. Third, it makes use of the BAN logic to formally verify the correctness of the proposed protocols. As a result, our proposed PRIAM scheme is suitable to cloud computing thanks to its simplicity, correctness, low overhead, and efficiency.

• Korean Journal of Remote Sensing
• /
• v.20 no.6
• /
• pp.369-382
• /
• 2004

The purpose of this study is the investigation of applicability of LSMA(Linear Spectral Mixture Analysis) on the geological uses with different radiometric and spatial types of sensor images such as Terra ASTER and LANDSAT 7 ETM+. As for the actual application case, geologic mapping for mineral exploration using ASTER and ETM+ at the Mongolian plateau region was carried out. After the pre-processing such as the geometric corrections and calibration of radiance, 7 endmembers, as spectral classes for geologic rock types, related to spectral signature deviation for the given application was determined by the pre-surveyed geological mapping information and the correlation matrix analysis, and total 20 images of ASTER and ETM+ were used to LSMA processing. As the results, fraction maps showing individual mineral types in the study area are presented. It concluded that this approach based on LSMA using ETM+ and ASTER is regarded as one of the effective schemes for geologic remote sensing.

• Smart Structures and Systems
• /
• v.2 no.2
• /
• pp.101-113
• /
• 2006

Structural health monitoring results obtained with the electro-mechanical (E/M) impedance techniqueand Lamb wave transmission methods during fatigue crack propagation of an Arcan specimen instrumented with piezoelectric wafer active sensors (PWAS) are presented. The specimen was subjected in mixed-mode fatigue loading and a crack was propagated in stages. At each stage, an image of the crack and the location of the crack tip were recorded and the PWAS readings were taken. Hence, the crack-growth in the specimen could be correlated with the PWAS readings. The E/M impedance signature was recorded in the 100 - 500 kHz frequency range. The Lamb-wave transmission method used the pitch-catch approach with a 3-count sine tone burst of 474 kHz transmitted and received between various PWAS pairs. Fatigue loading was applied to initiate and propagate the crack damage of controlled magnitude. As damage progressed, the E/M impedance signatures and the waveforms received by receivers were recorded at predetermined intervals and compared. Data analysis indicated that both the E/M impedance signatures and the Lamb-wave transmission signatures are modified by the crack progression. Damage index values were observed to increase as the crack damage increases. These experiments demonstrated that the use of PWAS in conjunction with the E/M impedance and the Lamb-wave transmission is a potentially powerful tool for crack damage detection and monitoring in structural elements.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.10
• /
• pp.3834-3857
• /
• 2021

The design of cluster-based routing protocols is necessary for Wireless Sensor Networks (WSN). But, due to the lack of features, the traditional methods face issues, especially on unbalanced energy consumption of routing protocol. This work focuses on enhancing the security and energy efficiency of the system by proposing Energy Efficient Based Secure Routing Protocol (EESRP) which integrates trust management, optimization algorithm and key management. Initially, the locations of the deployed nodes are calculated along with their trust values. Here, packet transfer is maintained securely by compiling a Digital Signature Algorithm (DSA) and Elliptic Curve Cryptography (ECC) approach. Finally, trust, key, location and energy parameters are incorporated in Particle Swarm Optimization (PSO) and meta-heuristic based Harmony Search (HS) method to find the secure shortest path. Our results show that the energy consumption of the proposed approach is 1.06mJ during the transmission mode, and 8.69 mJ during the receive mode which is lower than the existing approaches. The average throughput and the average PDR for the attacks are also high with 72 and 62.5 respectively. The significance of the research is its ability to improve the performance metrics of existing work by combining the advantages of different approaches. After simulating the model, the results have been validated with conventional methods with respect to the number of live nodes, energy efficiency, network lifetime, packet loss rate, scalability, and energy consumption of routing protocol.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.2
• /
• pp.65-72
• /
• 2021

Recently, attacks on the network environment have been rapidly escalating and intelligent. Thus, the signature-based network intrusion detection system is becoming clear about its limitations. To solve these problems, research on machine learning-based intrusion detection systems is being conducted in many ways, but two problems are encountered to use machine learning for intrusion detection. The first is to find important features associated with learning for real-time detection, and the second is the imbalance of data used in learning. This problem is fatal because the performance of machine learning algorithms is data-dependent. In this paper, we propose the HSF-DNN, a network intrusion detection model based on a deep neural network to solve the problems presented above. The proposed HFS-DNN was learned through the NSL-KDD data set and performs performance comparisons with existing classification models. Experiments have confirmed that the proposed Hybrid Feature Selection algorithm does not degrade performance, and in an experiment between learning models that solved the imbalance problem, the model proposed in this paper showed the best performance.