• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.177-185
• /
• 2007

Lately, it is a trend that diffusion of Mobile Information Appliance that do various function by development of IT technology. There is function that do more convenient and efficient exchange information and business using mobile phone that is Mobile Information Appliance, but disfunction that is utilized by pointed end engineering data leakage, individual's privacy infringement, threat, etc. relationship means to use mobile phone is appeared and problems were appeared much. However, legal research of statute unpreparedness and so on need research and effort to prove delete, copy, integrity of digital evidence that transfer secures special quality of easy digital evidence to objective evidence in investigation vantage point is lacking about crime who use this portable phone. It is known that this Digital Forensic field is Mobile Forensic. In this paper. We are verify about acquisition way of digital evidence that can happen in this treatise through mobile phone that is Mobile Forensic's representative standing and present way to prove integrity of digital evidence using Hash Function.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1121-1129
• /
• 2013

Recent malware distribution causes severe and nation-wide problems such as 3 20 cyber attack in Korea. In particular, Drive-by download attack, which is one of attack types to distribute malware through the web, becomes the most prevalent and serious threat. To prevent Drive-by download attacks, it is necessary to analyze MDN(Malware Distribution Networks) of Drive-by download attacks. Effective analysis of MDN requires a detection of obfuscated and/or encapsulated JavaScript in a web page. In this paper, we propose the scheme called Multi-level emulation to analyze the process of malware distribution. The proposed scheme analyzes web links used for malware distribution to support the efficient analysis of MDN.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.27-32
• /
• 2016

In general, IoT(Internet of things) designate the intelligence technologies and services which interact all necessity information between human and things, things and thing and things and systems with all things connecting through the internet based. The smart home in present of IoT environment fuses the daily supplies/equipment which needs to use for the private life with the internet of things that is the fruit of the converged business through all most private consumption related in vastly. The concept of smart home has been built around early 2000s due to the spread of high speed internet and advanced of smart electronics and internet, furthermore influencing by the enhancement of wireless network and smart devices, it is advanced as a smart home within the internet of things environment. Smart home service inside the house which most closely implemented with personal life is being developed and advanced in various forms. These developments may exert a positive effect, but if it does not resolve the security issues for the smart home service, then it may cause a big plague of privacy and personal life.

• Journal of the Korea Society for Simulation
• /
• v.17 no.3
• /
• pp.27-34
• /
• 2008

Wireless sensor networks are comprised of sensor nodes with resource-constrained hardware. Nodes in the sensor network without adequate protection may be compromised by adversaries. Such compromised nodes are vulnerable to the attacks like false reports injection attacks and false data injection attacks on legitimate reports. In false report injection attacks, an adversary injects false report into the network with the goal of deceiving the sink or the depletion of the finite amount of energy in a battery powered network. In false data injection attacks on legitimate reports, the attacker may inject a false data for every legitimate report. To address such attacks, the probabilistic voting-based filtering scheme (PVFS) has been proposed by Li and Wu. However, each cluster head in PVFS needs additional transmission device. Therefore, this paper proposes a fuzzy logic-based false report detection method (FRD) to mitigate the threat of these attacks. FRD employs the statistical en-route filtering scheme as a basis and improves upon it. We demonstrate that FRD is efficient with respect to the security it provides, and allows a tradeoff between security and energy consumption, as shown in the simulation.

• Convergence Security Journal
• /
• v.15 no.1
• /
• pp.19-26
• /
• 2015

The threat of international terrorism has been increasing in international society. It could be no exception in northeastern Asian countries. First, north eastern Asian countries have exercised influences on many areas in international society such as politics, military and diplomacy. So international terrorism could occur in the countries. Second, as the north eastern Asian countries such as Korea, China, Russia and Japan have their own unique politics, religions, ethnic group and culture, terrorism have happened or could happen in their own countries. In this research, it will analyze the tendency of seven regional international conventions on anti-terrorism of international society. The result is as follows. It dealt with the following issues. 1. Reason and purpose of terrorism, 2. Contents of conventions on anti-terrorism, 3. Psychological and physical aspects of attacking types of terrorism, 4. Personal and physical aspects of damage of terrorism, 5. Hard targets and soft targets of victims of terrorism. It could be necessary for the north eastern Asian countries to review regional international convention on anti-terrorism based on this.

• The Journal of Society for e-Business Studies
• /
• v.22 no.4
• /
• pp.129-139
• /
• 2017

With the advent of FinTech, many financial services have become available in the mobile Internet environment and recently, there is an internet bank that provides all bank services online. As the proportion of financial services over the Internet increases, it offers convenience to users, but at the same time, the threat of financial network is increasing. Financial institutions are investing heavily in security systems in case of an intrusion. However attacks by hackers are getting more sophisticated and difficult to cope with. However, applying an IP Trace-back method that can detect the actual location of an attacker to a financial network can prepare for an attacker's arrest and additional attacks. In this paper, we investigate IP Trace-back technology that can detect the actual location of attacker and analyze it to apply it to financial network. And we propose a new IP Trace-back method through Infra-structure construction through simulation experiments.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.453-458
• /
• 2002

Recently, the number of hacking, that use buffer overflow vulnerabilities, are increasing. Although the buffer overflow Problem has been known for a long time, for the following reasons, it continuos to present a serious security threat. There are three defense method of buffer overflow attack. First, allow overwrite but do not allow unauthorized change of control flow. Second, do not allow overwriting at all. Third, allow change of control flow, but prevents execution of injected code. This paper is for allowing overwrites but do not allow unauthorized change of control flow which is the solution of extending compiler. The previous defense method has two defects. First, a program company with overhead because it do much thing before than applying for the method In execution of process. Second, each time function returns, it store return address in reserved memory created by compiler. This cause waste of memory too much. The new proposed method is to extend compiler, by processing after compiling and linking time. To complement these defects, we can reduce things to do in execution time. By processing additional steps after compile/linking time and before execution time. We can reduce overhead.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.115-123
• /
• 2020

Cyber Attack have evolved more and more in recent years. One of the best countermeasure to counter this advanced and sophisticated cyber threat is to predict cyber attacks in advance. It requires a lot of information and effort to predict cyber threats. If we use Open Source Intelligence(OSINT), the core of recent information acquisition, we can predict cyber threats more accurately. In order to predict cyber threats using OSINT, it is necessary to establish a Database(DB) for cyber attacks from OSINT and to select factors that can evaluate cyber threats from the established DB. We are based on previous researches that built a cyber attack DB using data mining and analyzed the importance of core factors among accumulated DG factors by AHP technique. In this research, we present a method for quantifying cyber threats and propose a cyber threats prediction model based on artificial neural networks.

• Journal of information and communication convergence engineering
• /
• v.8 no.4
• /
• pp.437-442
• /
• 2010

Ubiquitous mobile computing is becoming easier and more attractive in this ambient technological Internet world. However, some portable devices such as Personal Digital Assistant (PDAs) and smart phones are still encountering inherent constraints of limited storages and computing resources. To alleviate this problem, we develop a cost-effective protocol, iATA to transfer ATA commands and data over TCP/IP network between mobile appliances and stationary servers. It provides mobile users a virtual storage platform which is physically resided at remote home or office. As communications are made through insecure Internet connections, security risks of adopting this service become a concern. There are many reported cases in the history where attackers masquerade as legitimate users, illegally access to network-based applications or systems by breaking through the poor authentication gates. In this paper, we propose a mutual authentication and secure session termination scheme as the first and last defense steps to combat identity thief and fraud threat in particular for iATA services. Random validation factors, large prime numbers, current timestamps, one-way hash functions and one-time session key are deployed accordingly in the scheme. Moreover, we employ the concept of hard factorization problem (HFP) in the termination phase to against fraud termination requests. Theoretical security analysis discussed in later section indicates the scheme supports mutual authentication and is robust against several attacks such as verifiers' impersonation, replay attack, denial-of-services (DoS) attack and so on.