• Journal of The Institute of Information and Telecommunication Facilities Engineering
• /
• v.4 no.2
• /
• pp.19-27
• /
• 2005

In this paper, we propose 128-bit chaotic block encryption scheme using a PLCM (Piecewise Linear Chaotic Map) having a good dynamical property. The proposed scheme has a block size of 128- bit and a key size of 128-bit. The encrypted code is generated from the output of PLCM. We show the proposed scheme is very secure against statistical attacks and have very good avalanche effect and randomness properties.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.19-22
• /
• 2009

This thesis offers forecast & warning algorithm about the accessing networks though statistical sampling methods to prevent computer terrors. These networks are occurred among U-city network groups. The main characteristic of current computer attacks is avoiding well-known detection patterns by successive changes in spreading speeds and attacking codes. The improvement of attacking stills leads to a problem causing the defense-time delay and creates vicious cycle that tries to fix networks after damage. Proposed algorithm notices and warns the potential attacking areas through defecting previous attacking signs, analysing attaching results ed tracing attaching sources at the beginning of the attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.1
• /
• pp.260-279
• /
• 2015

In this paper, we investigate physical layer security for multiple decode-and-forward (DF) relaying underlay cognitive radio networks (CRNs) with fixed transmit power at the secondary network against passive eavesdropping attacks. We propose a simple relay selection scheme to improve wireless transmission security based on the instantaneous channel information of all legitimate users and the statistical information about the eavesdropper channels. The closed-form expressions of the probability of non-zero secrecy capacity and the secrecy outage probability (SOP) are derived over independent and non-identically distributed Rayleigh fading environments. Furthermore, we conduct the asymptotic analysis to evaluate the secrecy diversity order performance and prove that full diversity is achieved by using the proposed relay selection. Finally, numerical results are presented to verify the theoretical analysis and depict that primary interference constrain has a significant impact on the secure performance and a proper transmit power for the second transmitters is preferred to be energy-efficient and improve the secure performance.

• Journal of the Semiconductor & Display Technology
• /
• v.12 no.2
• /
• pp.51-56
• /
• 2013

Even if transmissions through normal channel between ubiquitous devices and terminal readers are encrypted, any extra sources of information retrieved from encrypting module can be exploited to figure out the key parameters, so called side channel attack. Since side channel attacks are based on statistical methods, making side channel signal weak or complex is the proper solution to prevent the attack. Among many countermeasures, shielding the electromagnetic signal and adding noise to the EM signal were examined by applying different thicknesses of thin films of ferroelectric (BTO) and conductors (copper and gold). As a test vehicle, chip antenna was utilized to see the change in radiation characteristics: return loss and gain. As a result, the ferroelectric BTO showed no recognizable effect on both shielding and adding noise. Cu thin film showed increasing shielding effect with thickness. Nanometer Au exhibited possibility in adding noise by widening of bandwidth and red shifting of resonating frequencies.

• Journal of Information Processing Systems
• /
• v.13 no.5
• /
• pp.1203-1212
• /
• 2017

Intrusion detection systems (IDSs) are crucial in this overwhelming increase of attacks on the computing infrastructure. It intelligently detects malicious and predicts future attack patterns based on the classification analysis using machine learning and data mining techniques. This paper is devoted to thoroughly evaluate classifier ensembles for IDSs in IEEE 802.11 wireless network. Two ensemble techniques, i.e. voting and stacking are employed to combine the three base classifiers, i.e. decision tree (DT), random forest (RF), and support vector machine (SVM). We use area under ROC curve (AUC) value as a performance metric. Finally, we conduct two statistical significance tests to evaluate the performance differences among classifiers.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.45-51
• /
• 2018

As data utilization and importance becomes important, data-related accidents and damages are gradually increasing. Especially, insider threats are the most harmful threats. And these insider threats are difficult to detect by traditional security systems, so rule-based abnormal behavior detection method has been widely used. However, it has a lack of adapting flexibly to changes in new attacks and new environments. Therefore, in this paper, we propose an adaptive anomaly movement detection framework based on a statistical Markov model to detect insider threats in advance. This is designed to minimize false positive rate and false negative rate by adopting environment factors that directly influence the behavior, and learning data based on statistical Markov model. In the experimentation, the framework shows good performance with a high F2-score of 0.92 and suspicious behavior detection, which seen as a normal behavior usually. It is also extendable to detect various types of suspicious activities by applying multiple modeling algorithms based on statistical learning and environment factors.

• KNOM Review
• /
• v.23 no.1
• /
• pp.10-17
• /
• 2020

As the threat of Distributed Denial-of-Service attacks that exploit weakly secure IoT devices has spread, research on source-side Denial-of-Service attack detection is being activated to quickly detect the attack and the location of attacker. In addition, a collaborative source-side attack detection technique that shares detection results of source-side networks located at individual sites is also being activated to overcome regional limitations of source-side detection. In this paper, we evaluate the performance of a collaborative source-side DDoS attack detection using statistical weights. The statistical weight is calculated based on the detection rate and false positive rate corresponding to the time zone of the individual source-side network. By calculating weighted sum of the source-side DoS attack detection results from various sites, the proposed method determines whether a DDoS attack happens. As a result of the experiment based on actual DNS request to traffic, it was confirmed that the proposed technique reduces false positive rate 2% while maintaining a high attack detection rate.

• Journal of Computing Science and Engineering
• /
• v.8 no.4
• /
• pp.187-198
• /
• 2014

In this paper an efficient image encryption scheme based on cyclic rotations and multiple blockwise diffusions with two chaotic maps is proposed. A Sin map is used to generate round keys for the encryption/decryption process. A Pomeau-Manneville map is used to generate chaotic values for permutation, pixel value rotation and diffusion operations. The encryption scheme is composed of three stages: permutation, pixel value rotation and diffusion. The permutation stage performs four operations on the image: row shuffling, column shuffling, cyclic rotation of all the rows and cyclic rotation of all the columns. This stage reduces the correlation significantly among neighboring pixels. The second stage performs circular rotation of pixel values twice by scanning the image horizontally and vertically. The amount of rotation is based on $M{\times}N$ chaotic values. The last stage performs the diffusion four times by scanning the image in four different ways: block of $8{\times}8$ pixels, block of $16{\times}16$ pixels, principal diagonally, and secondary diagonally. Each of the above four diffusions performs the diffusion in two directions (forwards and backwards) with two previously diffused pixels and two chaotic values. This stage makes the scheme resistant to differential attacks. The security and performance of the proposed method is analyzed systematically by using the key space, entropy, statistical, differential and performance analysis. The experimental results confirm that the proposed method is computationally efficient with high security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.71-77
• /
• 2006

Several network attacks, such as distributed denial of service (DDoS) attack, present a very serious threat to the stability of the internet. The threat posed by network attacks on large networks, such as the internet, demands effective detection method. Therefore, a simple intrusion detection system on large-scale backbone network is needed for the sake of real-time detection, preemption and detection efficiency. In this paper, in order to discriminate attack traffic from legitimate traffic on backbone links, we suggest a relatively simple statistical measure, entropy, which can track value frequency. Den is conspicuous distinction of entropy values between attack traffic and legitimate traffic. Therefore, we can identify what kind of attack it is as well as detecting the attack traffic using entropy value.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.