• Journal of the Korea Institute of Military Science and Technology
• /
• v.9 no.4
• /
• pp.5-14
• /
• 2006

The correct and opportune decision of reengaging the intercepted target is required in order to enhance the engagement performance of the surface to air missile systems that has the ability to defense or attack against various targets at the same time. The engagement efficiency and success of these systems will be largely enhanced by assigning quickly its system resources to the intercepted target and minimizing the waste of system resources for the target which is not able to attack any more. The kill-assessment algorithm has to be able to evaluate automatically whether various targets intercepted by missiles are killed or not on the basis of the reasonable confidence level. The definition of kill assessment is discussed and the kill assessment algorithm is designed reliably by using Kalman filter and a probability theory. Finally its performance is evaluated and analyzed by the Monte Carlo simulation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4C
• /
• pp.290-296
• /
• 2012

In this paper, we propose a practical authentication system based on Wireless Body Area Networks(WBAN) for U-healthcare medical information environments. The proposed authentication system is based on symmetric cryptosystem such as AES and is designed to not only provide security such as data secrecy, data authentication, data integrity, but also prevent replay attack by adopting timestamp technique and perform secure authentication between sensor node, master node, base-station, and medical server.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.3A
• /
• pp.310-318
• /
• 2007

The RFID system is a non-contact automatic identification system that identifies tags through a reading device by attaching small, inexpensive tags on goods. This system is expected to supplant barcodes, the contactless reading technique that is most widely used at present. The RFID system can be applied in a variety of areas. Among those, Ari Juels proposed an environment to prove that a pair of tags has been scanned simultaneously And he presented a yoking proof protocol for this. But the yoking-proof protocol is vulnerable to replay attack. Although modified yoking-proof protocols for alleviating this drawback have been proposed, they are not immune to replay attack, either. In this paper, we analyze problems of existing yoking-proof protocols and present a new protocol, which will make replay attack difficult, based on this analysis. We have also extend this protocol so that it can provide yoking proofs for n tags.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.9-19
• /
• 2022

As the expansion of digital transformation, we are more exposed to the threat of cyber attacks, and many institution or company is operating a signature-based intrusion prevention system at the forefront of the network to prevent the inflow of attacks. However, in order to provide appropriate services to the related ICT system, strict blocking rules cannot be applied, causing many false events and lowering operational efficiency. Therefore, many research projects using artificial intelligence are being performed to improve attack detection accuracy. Most researches were performed using a specific research data set which cannot be seen in real network, so it was impossible to use in the actual system. In this paper, we propose a technique for classifying major attack keywords in the security event log collected from the actual system, assigning a weight to each key keyword, and then performing a similarity check using TF-IDF to determine whether an actual attack has occurred.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.24 no.1
• /
• pp.41-49
• /
• 2021

In electronic warfare, beamforming using multiple antennas is applied for effective transmission of electronic attack signals. In order to perform an electronic attack against multiple threats using the same frequency resource, it is necessary to apply a multi-beam transmission algorithm that has been studied in wireless communication systems. For electronic attacks against multiple threats, this paper presents an MMSE(Minimum Mean-Squared Error) beam-forming technique based on the prior location information of threats and an optimization method for power allocation. In addition, the performance of the proposed method is evaluated and received signals of multiple threats are compared and analyzed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.2-4
• /
• 2021

In a distributed machine learning system, sharing gradients was considered safe because it did not share original training data. However, recent studies found that malicious attacker could completely restore the original training data from shared gradients. Gradient Leakage Attack is a technique that restoring original training data by exploiting theses vulnerability. In this study, we present the image transformation method based on Discrete Cosine Transform to defend against the Gradient Leakage Attack on the federated learning setting, which training in local devices and sharing gradients to the server. Experiment shows that our image transformation method cannot be completely restored the original data from Gradient Leakage Attack.

• Journal of the Korea Convergence Society
• /
• v.7 no.4
• /
• pp.33-38
• /
• 2016

DDoS attack has been continuously utilized that caused the excessively large amount of traffic that network bandwidth or server was unable to deal with paralyzing the service. Most of the people regard NTP as the biggest cause of DDoS. However, according to recently executed DDoS attack, there have been many SSDP attack in the use of amplified technique. According to characteristics of SSDP, there is no connection for making a forgery of source IP address and amplified resources feasible. Therefore, it is frequently used for attack. Especially, as it is mostly used as a protocol for causing DDoS attack on IoT devices that constitute smart home including a wireless router, media server, webcam, smart TV, and network printer. Hereupon, it is anticipated for servers of attacks to gradually increase. This might cause a serious threat to major information of human lives, major government bodies, and company system as well as on IoT devices. This study is intended to identify DDoS attack techniques in the use of weakness of SSDP protocol occurring in IoT devices and attacking scenario and counter-measures on them.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.424-427
• /
• 2015

근래 들어 모바일 기기의 시스템을 장악하여 사용자의 기밀 정보를 빼내는 악성 행위의 한 방법으로 Code Reuse Attack (CRA)이 널리 사용되고 있다. 이와 같은 CRA를 막기 위하여 call-return이 일어날 때마다 이들 address를 비교해 보는 shadow stack과 branch에 대한 몇 가지 규칙을 두어 CRA 를 탐지하는 branch regulation과 같은 방식이 연구되었다. 우리는 shadow stack과 branch regulation을 종합하여 여러 종류의 CRA를 적은 성능 오버헤드로 탐지할 수 있는 CRA Detection System을 만들고자 한다. 이를 위하여 반드시 선행 되어야 할 연구인 바이너리 파일 분석과 meta-data 생성 및 압축 기술을 제안한다. 실험 결과 생성된 meta-data는 압축 기술을 적용하기 전보다 1/2에서 1/3 가량으로 그 크기가 줄어들었으며 CRA Detection System의 탐지가 정상적으로 동작하는 것 또한 확인할 수 있었다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.69-78
• /
• 2023

With the global rise of digital data, the uncontrolled quantity of data is susceptible to cyber warfare or cyber attacks. Therefore, it is necessary to improve cyber security systems. This research studies the behavior of malicious acts and uses Higuchi Fractal Dimension (HFD), which is a non-linear mathematical method to examine the intricacy of the behavior of these malicious acts and anomalies within the cyber physical system. The HFD algorithm was tested successfully using synthetic time series network data and validated on real-time network data, producing accurate results. It was found that the highest fractal dimension value was computed from the DoS attack time series data. Furthermore, the difference in the HFD values between the DoS attack data and the normal traffic data was the highest. The malicious network data and the non-malicious network data were successfully classified using the Receiver Operating Characteristics (ROC) method in conjunction with a scaling stationary index that helps to boost the ROC technique in classifying normal and malicious traffic. Hence, the suggested methodology may be utilized to rapidly detect the existence of abnormalities in traffic with the aim of further using other methods of cyber-attack detection.

• Journal of Positioning, Navigation, and Timing
• /
• v.10 no.3
• /
• pp.169-177
• /
• 2021

In this paper, we propose a novel global navigation satellite system (GNSS) spoofing detection technique through an array antenna-based direction of arrival (DoA) estimation of satellite and spoofer. Specifically, we consider a sophisticated GNSS spoofing attack scenario where the spoofer can accurately mimic the multiple pseudo-random number (PRN) signals since the spoofer has its own GNSS receiver and knows the location of the target receiver in advance. The target GNSS receiver precisely estimates the DoA of all PRN signals using compressed sensing-based orthogonal matching pursuit (OMP) even with a small number of samples, and it performs spoofing detection from the DoA estimation results of all PRN signals. In addition, considering the initial situation of a sophisticated spoofing attack scenario, we designed the algorithm to have high spoofing detection performance regardless of the relative spoofing signal power. Therefore, we do not consider the assumption in which the power of the spoofing signal is about 3 dB greater than that of the authentic signal. Then, we introduce design parameters to get high true detection probability and low false alarm probability in tandem by considering the condition for the presence of signal sources and the proximity of the DoA between authentic signals. Through computer simulations, we compare the DoA estimation performance between the conventional signal direction estimation method and the OMP algorithm in few samples. Finally, we show in the sophisticated spoofing attack scenario that the proposed spoofing detection technique using OMP-based estimated DoA of all PRN signals outperforms the conventional spoofing detection scheme in terms of true detection and false alarm probability.