• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1493-1500
• /
• 2004

Today's Commercial security server system which provide secrecy, integrity and availability may still be vulnerable to denial-of-service attacks. Authentication system whith use a public key cryptography and process RSA encryption is relatively slow and the slowness has become a major security threat specifically in service flooding attacks caused by authentication requests. The service flooding attacks render the server incapable of providing its service to legitimitive clients. Therefore the importance of implementing systems that prevent denial of service attacks and provide service to legitimitive users cannot be overemphasized. In this paper, we propose a puzzle protocol which applies to authentication model. our gradually strengthening authentication model improves the availability and continuity of services and prevent denial of service attacks and we implement flooding of service tolerance system to verify the efficiency of our model. This system is expected to be ensure in the promotion of reliability.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.113-120
• /
• 2006

A node of mobile IPv6 moving foreign networks needs authentication process to support right services against from security threat. AAA is a trust infrastructure that authenticates, authorizes, and accounts nodes receiving a network service. And Mobile IPv6 Working Group recommends use of AAA infrastructure to authenticate mobile nodes. Event though AAA infrastructure provides strong authentication functions, it should exchange a lot of messages to authenticate mobile nodes every movement. The exchange of lots of messages causes latency and it is interfered with realization of real-time communication. This paper proposes an authentication method of improved speed using hash value of mobile node to reduce authentication latency. Directly after movement, a mobile node applying a Proposed method uses extended existing security authentication for a while and deletes the establishment latency of new security authentication. Performance evaluation of a proposed method verifies the efficiency through the analysis of cost comparison with other methods. The conclusion of performance evaluation is that the proposed method gets more 25% performance improvement than a general method when a mobile node moves another subnet.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.775-781
• /
• 2013

N-screen is a Service that can be provide for One Service Multi Device. If the network is changed or if the device is changed after authentication the device fits seamlessly send footage. Security threats that occur here have a problem with user authentication. In this paper proposes available in a multi-device the authentication system. Homomorphic Encryption Algorithm of authentication scheme used. Among the authentication mechanism that already exists is a simple and lightweight authentication mechanism. In addition, N-screen service that uses multiple devices is simple authentication process of the device. Review the results of proposed authentication protocol, encryption algorithm to process a small storage capacity and is easy to work in low processor. And was suitable for use with multiple devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.481-491
• /
• 2020

The malicious URLs which can be used for sending malicious codes and illegally acquiring private information is one of the biggest threat of information security field. Particularly, recent prevalence of smart-phone increases the possibility of the user's exposing to malicious URLs. Since the way of hiding the URL from the user is getting more sophisticated, it is getting harder to detect it. In this paper, after conducting a survey of the user experiences related to malicious URLs, we are proposing the rule-based malicious URL detection method. In addition, we have developed java library which can be applied to any other applications which need to handle the malicious URL. Each class of the library is implementation of a rule for detecting a characteristics of a malicious URL and the library itself is the set of rule which can have the chain of rule for deteciing more complicated situation and enhancing the accuracy. This kinds of rule based approach can enhance the extensibility considering the diversity of malicious URLs.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.17 no.2
• /
• pp.31-40
• /
• 2009

South Korea opened Incheon international airport(IIA) in march 29, 2001, with high expectations of becoming the distribution hub of Northeast Asia and aiming at a world best air hub. IIA compares quite well with any other leading airports in the world in it's facilities for the movement of people and vehicles. However, with the sequence of events following the September, 2001. terrorist attack and the war in Iraq, South Korea, an ally of the US, cannot be considered a safe haven from terrorism. At a point in time when national security is given utmost importance, it is necessary to reevaluate the security of airports, because international terrorism can only occur via air and seaports. Nowadays all the countries of the world have entered into competition for their national interests and innovation of their images. with the increasing role of international airports also comes an increased likelihood as a terrorist target, because it can affect so many people and countries. From the condition of current international terrorism, we can realize that our IIA is not completely safe from a terrorist attack. The major part of counterterrorism is event control process. It's very important for quickly saves an accident and rescues a life of person, In addition for the normalization which the airport operation is prompt. In conclusion, we should secure the legal responsibility and establish and establish a system under which we can work actively in order to implement counter terror activities from being taken an airport.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.920-925
• /
• 2010

A home network system is made up of home devices and wire and wireless network can not only be the subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. As a result, a variety of problems such as abuse of private life, and exposure and stealing of personal information arose. Therefore, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this dissertation designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• Nuclear Engineering and Technology
• /
• v.50 no.6
• /
• pp.820-828
• /
• 2018

The growing nuclear threat has amplified the need for developing diverse and accurate nuclear forensics analysis techniques to strengthen nuclear security measures. The work presented here is part of a research effort focused on developing a methodology for reactor-type discrimination of weapons-grade plutonium. To verify the developed methodology, natural $UO_2$ fuel samples were irradiated in a thermal neutron spectrum at the University of Missouri Research Reactor (MURR) and produced approximately $20{\mu}g$ of weapons-grade plutonium test material. Radiation transport simulations of common thermal reactor types that can produce weapons-grade plutonium were performed, and the results are presented here. These simulations were needed to verify whether the plutonium produced in the natural $UO_2$ fuel samples during the experimental irradiation at MURR was a suitable representative to plutonium produced in common thermal reactor types. Also presented are comparisons of fission product and plutonium concentrations obtained from computational simulations of the experimental irradiation at MURR to the nondestructive and destructive measurements of the irradiated natural $UO_2$ fuel samples. Gamma spectroscopy measurements of radioactive fission products were mostly within 10%, mass spectroscopy measurements of the total plutonium mass were within 4%, and mass spectroscopy measurements of stable fission products were mostly within 5%.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.19-30
• /
• 2019

As the 4th industrial revolution has recently become a hot topic, the importance of autonomous vehicles has increased and interest has been increasing worldwide, and accidents involving autonomous vehicles have also occurred. With the development of autonomous vehicles, the possibility of a cyber-hacking threat to the car network is increasing. Various countries, including the US, UK and Germany, have developed guidelines to counter cyber-hacking of autonomous vehicles, In the case of Korea, limited temporary operation of autonomous vehicles is being carried out, but the legal system to be applied in case of accidents caused by vehicle network hacking is insufficient. In this paper, based on the existing legal system, we examine the civil liability caused by the cyber hacking of the autonomous driving car, while we propose a law amendment suited to the characteristics of autonomous driving car and a legal system improvement plan that can give sustainable trust to autonomous driving car.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.755-758
• /
• 2016

The use of smart phones has had a great impact on the mobile internet business. It shows a lot of growth in the healthcare sector not only commerce, advertising, billing, games, video content, media, amd O2O business. The United States has eased the regulations for healthcare apps smart phone devices in 2015, and China has established a five-year road map to solve shortage of doctors and hospital beds by utilizing mobile devices such as wearable in the same year. The application of wearable devices in the medical field is gradually increasing in Korea too, but there is a security problem as leading challenge. Security incidents in non-ICT sectors such as financial, medical, etc. have increased by using ICT each year. Personal information leakage is also increasing in field likely occurring the potential secondary damages such as financial fraud, illegal promotions, insurance and pharmaceutical companies abuse. In this study, we analyze malwares as the mobile threats, the five risks of mobile smart phone, mobile use cases and the mobile threat countermeasures for healthcare.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.59-72
• /
• 2019

In this day and age physical and cyber boundaries have converged due to the development of new technologies, such as the Internet of Things (IoT) and the Cyber Physical System (CPS). As the relationship between physical system and cyber technology strengthens, more diverse and complex forms of risk emerge. As a result, it is becoming difficult for single organization or government to fully handle this situation alone and cooperation based on information sharing and the strengthening of active defense systems are needed. Shifting to a system in which information suitable for various entities can be shared and automatically responded to is also necessary. Therefore, this study tries to find improvements for the current system of threat information collecting and sharing that can actively and practically maintain cyber defense posture, focusing particularly on the structuring of information sharing platforms. To achieve our objective, we use a risk communication theory from the safety field and propose a new platform by combining an action-oriented security process model.