• International Journal of Computer Science & Network Security
• /
• v.24 no.8
• /
• pp.174-178
• /
• 2024

IoT is collection of different "things" which are associated with open web. As all the things are connected to the Internet, it offers convenience to end users for accessing the resources from "Any Where, Any Time" throughout the globe. At the same time, open nature of IoT provides a fertile ground to an intruder for launching different security related threats. If we can no apply proper security safeguards to the IoT System, then it will be not useful to society. Authentication, Encryption, Trust Management and Secure Routing are different domains to offer security in IoT system. Among them, Authentication is very much important security service as it validates device identity before granting access to system services/ resources. Existing IoT Authentication algorithms are fail to verify device identity in unambiguous way. They are vulnerable to different security threats such as Key Stolen threat, MITM threat and Location Spoofing threat. So, it is a demand of time to design an efficient and secure Multi-factor IoT algorithm which can offer better security and validate device identity in unambiguous way.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.3
• /
• pp.737-744
• /
• 2010

The use of RFID recently tends to increase and is expected to expand all over the industry and life. However, RFID is much vulnerable to the malign threats such as eavesdropping, replay attack, spoofing attack, location tracking in the process of authentication. In particular, it is difficult to apply authentication protocol used in the other previous system to low-priced RFID tag. After all, this paper suggests the scheme of efficient authentication protocol for RFID privacy protection. Compared to the previous scheme, suggested scheme reinforces the checking process of transmission data and is secure from eavesdropping and spoofing attack. It minimizes the operation work of the tag and is very useful to apply to the low-priced tag. It also has the merit to confirm the efficiency of communication by reducing the communication rounds.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.45-53
• /
• 2006

It has been proposed that several RFID authentication protocols based on hash chain. Status based authentication protocol and challenge-response based authentication protocol are secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks but are vulnerable to Dos attacks. RFID authentication protocol with strong resistance against traceability and denial of service attack is secured against location tracking attack, spoofing attacks, replay attacks, DoS attacks but are vulnerable to traffic analysis attacks. The present study suggests a more secure and lightweight RFID authentication protocol which is combining the advantages of hash-chain authentication protocol and RFID authentication protocol with strong resistance against traceability and denial of service attack. The results of the secure analysts for a proposed protocol are illustrated that it is secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks, Dos attacks and is a lightweight operation between server and tag.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.147-153
• /
• 2015

Since the DoS(Denial of Service) attack is still an important vulnerable element in many web service sites, sites including public institution should try their best in constructing defensive systems. Recently, DDoS(Distributed Denial of Service) has been raised by prompting mass network traffic that uses NTP's monlist function or DoS attack has been made related to the DNS infrastructure which is impossible for direct defense. For instance, in June 2013, there has been an outbreak of an infringement accident where Computing and Information Agency was the target. There was a DNS application DoS attack which made the public institution's Information System impossible to run its normal services. Like this, since there is a high possibility in having an extensive damage due to the characteristics of DDoS in attacking unspecific information service and not being limited to a particular information system, efforts have to be made in order to minimize cyber threats. This thesis proposes a method for using TTL (Time To Live) value in IP header to detect DDoS attack with IP spoofing, which occurs when data is transmitted under the agreed regulation between the international and domestic information system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.1
• /
• pp.151-158
• /
• 2010

The industrial foundation of the inside and outside of a country has brought significant damages due to attacks from hackers. Especially, if the national primary core infrastructures(like electric power, dam, railroad, atomic energy, etc.) has been significantly damaged, it can be directly linked not only to economic problems but also to people's lives. These national primary core infrastructures usually constitute SCADA system using Modbus RS486 communication. Because of this characteristic, SCADA system has RTU master and slave linked to RJ11 cables to directly pass commands. RJ11 is possible in data spoofing using physical connection because the transmission range of RJ11 has a wide bandwidth(almost 1km). Hence, this paper designed an idle-time measurement system for SCADA system for emerging security improvement in the national primary core infrastructures.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1997.03a
• /
• pp.163-181
• /
• 1997

This dissertation provides a theroetic study on the network security in general , the firewall in particular . In fact, the firewall has been recognized as a very promising option to obtain the security in the real world network environment . The dissertation provides a thorough theoretic investigation on the various problems raised in the computer network, and also explores a methodology of the security against IP spoofing. Moreover, it investigates a systematic procedure to make analysis plans of the firewall configuration. Based on the above investigation and analysis , this dissertation provides two approaches to network security, which address a number of issues both at the network and at application level. At the network level. a new methdo is proposed which uses packet filtering based on the analysis of the counter plot about the screen router. On the other hand at the application level, a novel method is exlored which employs security software , Firewall-1, on Bastion host. To demonstrate the feasibility and the effectiveness of the proposed methodologes, a prototype implementation is made. The experiment result shows that the screen router employing the proposesed anti-IP spoofing method at the network level is effective enough for the system to remain secure without being invaded by any illegarl packets entering from external hackers. Meanwhile , at the application level. the proposed software approach employing Firewall -1 is proved to be robust enough to provent hackings from the outer point to point protocol connection. Theoretically, it is not possible to provide complete secuirty to the network system, because the network security involove a number of issues raised from low level network equipments form high level network protocol. The result in this dissertation provides a very promising solution to network security due to its high efficiency of the implementation and superb protectiveness from a variety of hacking.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.11-18
• /
• 2017

Now the ways in which information is exchanged by computers are changing, a variety of this information exchange method also requires corresponding change of responding to an illegal attack. Among these illegal attacks, the IP spoofing attack refers to the attack whose process are accompanied by DDoS attack and resource exhaustion attack. The way to detect an IP spoofing attack is by using traceback information. The basic traceback information analysis method is implemented by comparing and analyzing the normal router information from client with routing information existing in routing path on the server. There fore, Such an attack detection method use all routing IP information on the path in a sequential comparison. It's difficulty to responding with rapidly changing attacks in time. In this paper, all IP addresses on the path to compute in a coordinate manner. Based on this, it was possible to analyze the traceback information to improve the number of traceback required for attack detection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.431-437
• /
• 2024

Drones in the contemporary landscape have transcended their initial public utility, expanding into various industries and making significant inroads into the private sector. The majority of commercially available drones are presently equipped with GPS receivers to relay location signals from artificial satellites, aiming to inform users about the drone's whereabouts. However, a notable drawback arises from the considerable distance over which these location signals travel, resulting in a weakened signal intensity. This limitation introduces vulnerabilities, allowing for the possibility of location manipulation and jamming attacks if the drone receives a stronger signal than the intended location signal from satellites. Thus, this paper focuses on the safety assessment of drones relying on GPS-based location acquisition and addresses potential vulnerabilities in wireless communication scenarios. Targeting commercial drones, the paper analyzes and empirically demonstrates the feasibility of GPS spoofing attacks. The outcomes of this study are anticipated to serve as foundational experiments for conducting more realistic vulnerability analysis and safety evaluations.

• Journal of the Korea Convergence Society
• /
• v.7 no.4
• /
• pp.39-44
• /
• 2016

Due to the dazzling development of IT in this IT-oriented era, information delivering technology among objects, between objects and humans, and among humans has been actively performed. As information delivery technology has been actively performed, IoT became closely related to our daily lives and ubiquitous at any time and place. Therefore, IoT has become a part of our daily lives. CoAp, a web-based protocol, is mostly used in IoT environment. CoAp protocol is mostly used in the network where transmission speed is low along with the huge loss. Therefore, it is mostly used in IoT environment. However, there is a weakness on IoT that it is weak in security. If security issue occurs in IoT environment, there is a possibility for secret information of individuals or companies to be disclosed. If attackers infect the targeted device, and infected device accesses to the wireless frequently used in public areas, the relevant device sends arp spoofing to other devices in the network. Afterward, infected devices receive the packet sent by other devices in the network after occupying the packet flow in the internal network and send them to the designated hacker's server. This study suggests counter-attacks on this issues and a method of coping with them.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.1
• /
• pp.14-26
• /
• 2008

IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.