• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1165-1170
• /
• 2022

In WSNs, a clustering algorithm groups sensor nodes on a unit called cluster and periodically selects a cluster head (CH) that acts as a communication relay on behalf of nodes in each cluster for the purpose of energy conservation and relay efficiency. Meanwhile, attack techniques also have emerged to intervene in the CH election process through compromised nodes (inside attackers) and have a fatal impact on network operation. However, existing countermeasures such as encryption key-based methods against outside attackers have a limitation to defend against such inside attackers. Therefore, we propose a statistical detection method that detects abnormal CH election behaviors occurs in a WSN cluster. We design two attack methods (Selfish and Greedy attacks) and our proposed defense method in WSNs with two clustering algorithms and conduct experiments to validate our proposed defense method works well against those attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.6
• /
• pp.2168-2187
• /
• 2021

The smart grid replaces the traditional power structure with information inventiveness that contributes to a new physical structure. In such a field, malicious information injection can potentially lead to extreme results. Incorrect, FDI attacks will never be identified by typical residual techniques for false data identification. Most of the work on the detection of FDI attacks is based on the linearized power system model DC and does not detect attacks from the AC model. Also, the overwhelming majority of current FDIA recognition approaches focus on FDIA, whilst significant injection location data cannot be achieved. Building on the continuous developments in deep learning, we propose a Deep Learning based Locational Detection technique to continuously recognize the specific areas of FDIA. In the development area solver gap happiness is a False Data Detector (FDD) that incorporates a Convolutional Neural Network (CNN). The FDD is established enough to catch the fake information. As a multi-label classifier, the following CNN is utilized to evaluate the irregularity and cooccurrence dependency of power flow calculations due to the possible attacks. There are no earlier statistical assumptions in the architecture proposed, as they are "model-free." It is also "cost-accommodating" since it does not alter the current FDD framework and it is only several microseconds on a household computer during the identification procedure. We have shown that ANN-MLP, SVM-RBF, and CNN can conduct locational detection under different noise and attack circumstances through broad experience in IEEE 14, 30, 57, and 118 bus systems. Moreover, the multi-name classification method used successfully improves the precision of the present identification.

• Proceedings of the IEEK Conference
• /
• 2001.09a
• /
• pp.231-234
• /
• 2001

In this paper, we present a robust watermarking technique based on a DCT-domain watermarking approach and an order statistic(OS) filter. The proposed technique inserts one watermark into each of four coefficients within a 2 ${\times}$ 2 block which is scanned on DCT coefficients in the zig-zag ordering from the medium frequency range. The detection algorithm uses an adaptive trimmed mean operator as a local estimator of the embedded watermark to obtain the desired robustness in the presence of additive Gaussian noise and JPEG compression attacks. The performance is analyzed through statistical analysis and numerical experiments. It is shown that the robustness properties against additive noise and JPEG compression attacks are more enhanced than the previous techniques.

• IEIE Transactions on Smart Processing and Computing
• /
• v.5 no.4
• /
• pp.250-255
• /
• 2016

Steganography is the art and science of secure communication. It focuses on both security and camouflage. Steganographic techniques must produce the resultant stego-image with less distortion and high resistance to steganalysis attack. This paper is mainly concerned with two steganographic techniques-least significant bit (LSB)++ and the reversible histogram transformation function (RHTF). LSB++ is likely to produce less distortion in the output image to avoid suspicion, but it is vulnerable to steganalysis attacks. RHTF using a mod function technique is capable of resisting the most popular and efficient steganalysis attacks, such as the regular-singular pair attack and chi-squared detection steganalysis, but it produces a lot of distortion in the output image. In this paper, we propose a new steganographic technique by combining both methods. The experimental results show that the proposed technique overcomes the respective drawbacks of each method.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.31-40
• /
• 2011

Sensor nodes are easily exposed to malicious attackers by physical attacks. The attacker can generate various attacks using compromised nodes in a sensor network. The false report generating application layers injects the network by the compromised node. If a base station has the injected false report, a false alarm also occurs and unnecessary energy of the node is used. In order to defend the attack, a statistical en-route filtering method is proposed to filter the false report that goes to the base station as soon as possible. A path renewal method, which improves the method, is proposed to maintain a detection ability of the statistical en-route filtering method and to consume balanced energy of the node. In this paper, we proposed the secure path cycle method to consume effective energy for a path renewal. To select the secure path cycle, the base station determines through hop counts and the quantity of report transmission by an evaluation function. In addition, three methods, which are statistical en-route filter, path selection method, and path renewal method, are evaluated with our proposed method for efficient energy use. Therefore, the proposed method keeps the secure path and makes the efficiency of energy consumption high.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.1
• /
• pp.125-137
• /
• 2012

As the Internet use explodes recently, the malicious attacks and hacking for a system connected to network occur frequently. For such reason, lots of intrusion detection system has been developed. Intrusion detection system has abilities to detect abnormal behavior and unknown intrusions also it can detect intrusions by using patterns studied from various penetration methods. Various algorithms are studying now such as the statistical method for detecting abnormal behavior, extracting abnormal behavior, and developing patterns that can be expected. Etc. This study using clustering of data mining and association rule analyzes detecting areas based on two models and helps design detection system which detecting abnormal behavior, unknown attack, misuse attack in a large network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.6
• /
• pp.2317-2337
• /
• 2015

Cryptography provides an effective solution to secure the communication over public networks. The communication over public networks that includes electronic commerce, business and military services, necessitates the requirement of simple and robust encryption techniques. In this paper, a novel image encryption method which employs calligraphy based hybrid scan and random number is presented. The original image is scrambled by pixel position permutation with calligraphy based diagonal and novel calligraphy based scan patterns. The cipher image is obtained by XORing the scrambled image with random numbers. The suggested method resists statistical, differential, entropy, and noise attacks which have been demonstrated with a set of standard images.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.12
• /
• pp.1670-1675
• /
• 2020

In this study, to provide the basis for establishing effective network based countermeasures against DRDoS(Distributed Reflection Denial of Service) attacks, we propose a new 'DRDoS attack multi-level detection method' that identifies the network based characteristics of DRDoS and applies probability and statistical techniques. The proposed method removes the limit to which normal traffic can be indiscriminately blocked by unlimited competition in network bandwidth by amplification of reflectors, which is characteristic of DRDoS. This means that by comparing 'Server to Server' and 'Outbound Session Incremental' for it, accurate DRDoS identification and detection is possible and only statistical and probabilistic thresholds are applied to traffic. Thus, network-based information security systems can take advantage of this to completely eliminate DRDoS attack frames. Therefore, it is expected that this study will contribute greatly to identifying and responding to DRDoS attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2518-2533
• /
• 2020

In wireless sensor networks, adversaries may physically capture sensor nodes on the fields, and use them to launch false positive attacks (FPAs). FPAs could be conducted by injecting forged or old sensing reports, which would represent non-existent events on the fields, with the goal of disorientating the base stations and/or reducing the limited energy resources of sensor nodes on the fields. Researchers have proposed various mitigation methods against FPAs, including the statistical en-route filtering scheme (SEF). Most of these methods are based on key pre-distribution schemes and can efficiently filter injected false reports out at relay nodes through the verification of in-transit reports using the pre-distributed keys. However, their filtering power may decrease as time goes by since adversaries would attempt to capture additional nodes as many as possible. In this paper, we propose an adaptive key distribution method that could maintain the security power of SEF in WSNs under such circumstances. The proposed method makes, if necessary, BS update or re-distribute keys, which are used to endorse and verify reports, with the consideration of the filtering power and energy efficiency. Our experimental results show that the proposed method is more effective, compared to SEF, against FPAs in terms of security level and energy saving.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.4285-4299
• /
• 2019

Adversarial attack is a technique that causes a malfunction of classification models by adding noise that cannot be distinguished by humans, which poses a threat to a deep learning model. In this paper, we propose an efficient method to detect adversarial images using Gaussian process regression. Existing deep learning-based adversarial detection methods require numerous adversarial images for their training. The proposed method overcomes this problem by performing classification based on the statistical features of adversarial images and clean images that are extracted by Gaussian process regression with a small number of images. This technique can determine whether the input image is an adversarial image by applying Gaussian process regression based on the intermediate output value of the classification model. Experimental results show that the proposed method achieves higher detection performance than the other deep learning-based adversarial detection methods for powerful attacks. In particular, the Gaussian process regression-based detector shows better detection performance than the baseline models for most attacks in the case with fewer adversarial examples.