• Journal of IKEEE
• /
• v.23 no.2
• /
• pp.413-418
• /
• 2019

Attacks on existing sensor networks include sniffing, flooding, and spoofing attacks. The basic countermeasures include encryption and authentication methods and switching methods. Wormhole attack, HELLO flood attack, Sybil attack, sinkhole attack, and selective delivery attack are the attacks on the network layer in wireless sensor network (WSN). These attacks may not be defended by the basic countmeasures mentioned above. In this paper, new countermeasures against these attacks include periodic key changes and regular network monitoring. Moreover, we present various threats (attacks) in the network layer of wireless sensor networks and new countermeasures accordingly.

• Journal of information and communication convergence engineering
• /
• v.12 no.3
• /
• pp.154-160
• /
• 2014

The address resolution protocol (ARP) provides dynamic mapping between two different forms of addresses: the 32-bit Internet protocol (IP) address of the network layer and the 48-bit medium access control (MAC) address of the data link layer. A host computer finds the MAC address of the default gateway or the other hosts on the same subnet by using ARP and can then send IP packets. However, ARP can be used for network attacks, which are one of the most prevalent types of network attacks today. In this study, a new ARP algorithm that can prevent IP spoofing attacks is proposed. The proposed ARP algorithm is a broadcast ARP reply and an ARP notification. The broadcast ARP reply was used for checking whether the ARP information was forged. The broadcast ARP notification was used for preventing a normal host's ARP table from being poisoned. The proposed algorithm is backward compatible with the current ARP protocol and dynamically prevents any ARP spoofing attacks. In this study, the proposed ARP algorithm was implemented on the Linux operating system; here, we present the test results with respect to the prevention of ARP spoofing attacks.

• Journal of KIISE
• /
• v.42 no.4
• /
• pp.483-486
• /
• 2015

Security systems that use face recognition are vulnerable to spoofing attacks where unauthorized individuals use a photo or video of authorized users. In this work, we propose a method to detect a face spoofing attack with a video of an authorized person. The proposed method uses three sequential frames in the video to extract features by using Fourier Transform and Dense-SIFT filter. Then, classification is completed with a Support Vector Machine (SVM). Experimental results with a database of 200 valid and 200 spoof video clips showed 99% detection accuracy. The proposed method uses simplified features that require fewer memory and computational overhead while showing a high spoofing detection accuracy.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.432-435
• /
• 2011

Hacking 공격자에 대한 수사실무에서는 Proxy Server를 연동한 해외에서의 우회공격에 대한 기법과 기술을 알아야 MAC address 또는 Real IP에 대한 역추적이 가능하다. 즉 Proxy Server를 여러 번 거치면서 자신의 Real IP를 숨기고 ARP Spoofing 기법을 사용하여 MAC address를 속이기 때문이다. 본 논문에서는 해외에서의 해킹 공격자들이 어떻게 공격자의 Real IP를 숨기고, ARP Spoofing 기법을 응용하여 공격을 시도하는 기법과 기술을 연구한다. 또한 Proxy Server를 통한 우회공격에서 ARP Spoofing 공격을 보안하는 방법을 연구한다. 본 논문 연구가 해외로 부터의 Hacking과 방어를 위한 기술 발전에 기여 할 것 이다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.3
• /
• pp.737-744
• /
• 2010

The use of RFID recently tends to increase and is expected to expand all over the industry and life. However, RFID is much vulnerable to the malign threats such as eavesdropping, replay attack, spoofing attack, location tracking in the process of authentication. In particular, it is difficult to apply authentication protocol used in the other previous system to low-priced RFID tag. After all, this paper suggests the scheme of efficient authentication protocol for RFID privacy protection. Compared to the previous scheme, suggested scheme reinforces the checking process of transmission data and is secure from eavesdropping and spoofing attack. It minimizes the operation work of the tag and is very useful to apply to the low-priced tag. It also has the merit to confirm the efficiency of communication by reducing the communication rounds.

• Journal of Positioning, Navigation, and Timing
• /
• v.4 no.2
• /
• pp.57-65
• /
• 2015

Global Navigation Satellite System (GNSS) including Global Positioning System (GPS) is an important element for navigation of both the military and civil Unmanned Aerial Vehicle (UAV). Contrary to the military UAVs, the civil UAVs use the civil signals which are unencrypted, unauthenticated and predictable. Therefore if the civil signals are counterfeited, the civil UAV’s position can be manipulated and the appropriate movement of the civil UAV to the target point is not achieved. In this paper, spoofing on the autonomous navigation UAV is implemented through field experiments. Although the demanded conditions for appropriate spoofing attack exists, satisfying the conditions is restricted in real environments. So, the Way-point of the UAV is assumed to be known for experiments and assessments. Under the circumstances, GPS spoofing signal is generated based on the Software-based GNSS signal generator. The signal is emitted to the target UAV using the antenna of the spoofer and the effect of the signal is analyzed and evaluated. In conclusion, taking the UAV to the target point is hardly feasible. To implement the spoofing as expectation, the position and guidance system of the UAV has to be known. Additionally, the GPS receiver on the UAV could be checked whether it appropriately tracks the spoofing signal or not. However, the effect of the spoofing signal on the autonomous UAV has been verified and assessed through the experimental results. Spoofing signal affects the navigation system of the UAV so that the UAV goes off course or shows an abnormal operation.

• Journal of Satellite, Information and Communications
• /
• v.7 no.1
• /
• pp.128-133
• /
• 2012

In this paper, we analysis the effect of error of code tracking and frequency tracking according to the chip delay of spoofing signal through the simulation. Firstly, we investigate the type of spoofing signal and defense technical of spoofing attack. For simulation, we generated the intermediate spoofing signal using the software GNSS signal generator simulator(SGGS), the intermediate spoofers synchronize its counterfeit GPS signals with the current broadcast GPS signals. The software GPS receiver simulator(SGRS) received the spoofing signal and normal signal from SGGS, and process the signals. In paper, we can check that the DLL and PLL tracking loop error are generated and pseudo-range is changed non-linear according to chip delay of spoofing signal when the spoofing signal is entered. As a result, we can check that navigation solution is incorrectly effected by spoofing signal.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.12
• /
• pp.2649-2656
• /
• 2012

Today, many enterprises have invested heavily for the part of information security in order to protect the internal critical information assets and the business agility. However, there is a big problem that big budget and too many manpower are needed to set the internal corporate network up to the same high level of defense for all of part. On the distributed enterprise networks in this paper, a defense model for effective and rapid response on the IP spoofing attack was designed to protect the enterprise network through the exchange of information between the trust hosts when an attacker attacked any target system using other trusted host.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.1
• /
• pp.61-71
• /
• 2017

ARP Spoofing is a basic and core hacking technology for almost all sniffing. It makes change the flow of packets by faking the 2nd layer MAC address. In this paper we suggested an efficient hacking technology for sniffing remote servers in the switched network environment. The suggested 'Faked ARP Reply Unicast Spoofing' makes the bidirectional packets sniffing possible between the client and server, and it makes simplify the procedures for ARP sniffing and hacking program. In this paper we researched the network hacking and implementation technologies based on the suggested ARP spoofing. And we researched various types of servers hacking such as Root ID and PW of Telnet/FTP server, Root ID and PW of MySQL DB server, ID and PW of Web Portal Server, and account information and transaction history of Web Banking Server. And also we researched the implementation techniques of core hacking programs for the ARP Spoofing.

• KSCI Review
• /
• v.14 no.2
• /
• pp.235-244
• /
• 2006

This paper attacked the unknown DoS which mixed a DoS attack, Worm and the Trojan horse which used IP Source Address Spoofing and Smurf through the SYN Flooding way that UDP, ICMP, Echo, TCP Syn packet operated. the applications that used TCP/UDP in VoIP service networks. Define necessity of a Dynamic Update Engine for a prevention, and measure Miss traffic at RT statistics of inbound and outbound parts in case of designs of an engine at IPS regarding an Self-learning module and a statistical attack spread. and design a logic engine module. Three engines judge attack grades (Attack Suspicious, Normal), and keep the most suitable filtering engine state through AND or OR algorithms at Footprint Lookup modules. A Real-Time Dynamic Engine and Filter updated protected VoIP service from DoS attacks, and strengthened Ubiquitous Security anger, and were turned out to be.