• ETRI Journal
• /
• 제37권4호
• /
• pp.696-706
• /
• 2015

This paper presents an achievable secure videoconferencing system based on quantum key encryption in which key management can be directly applied and embedded in a server/client videoconferencing model using, for example, OpenMeeting. A secure key management methodology is proposed to ensure both a trusted quantum network and a secure videoconferencing system. The proposed methodology presents architecture on how to share secret keys between key management servers and distant parties in a secure domain without transmitting any secrets over insecure channels. The advantages of the proposed secure key management methodology overcome the limitations of quantum point-to-point key sharing by simultaneously distributing keys to multiple users; thus, it makes quantum cryptography a more practical and secure solution. The time required for the encryption and decryption may cause a few seconds delay in video transmission, but this proposed method protects against adversary attacks.

• 한국통신학회논문지
• /
• 제29권12C호
• /
• pp.1729-1738
• /
• 2004

RFID 기술은 유비쿼터스 컴퓨팅 환경을 구현하는데 핵심이 되는 주요기술로 최근 들어 활발 연구되고 있다. 그러나 RFID 시스템이 많은 장점을 가지고 있는 반면, 사용자의 프라이버시 침해와 같은 새로운 문제점들 야기시킨다. 본 논문에서는 사용자의 프라이버시를 보호하기 위해 제안된 기존의 방식들과 이들이 가지고 있는 취약점에 대하여 설명하고, 이를 해결할 수 있는 보다 안전한 사용자의 프라이버시 보호 기능을 제공하는 RFID 시스템을 제안한다. 본 논문에서 제안하는 RFID 시스템은 사용자가 원하지 않는 정보의 유출과 공격자에 의한 트래킹이 불가능하며, 펄요 시 권한을 가진 관리자에 의해서만 추적이 가능한 안전한 RFID 시스템이다.

• 정보처리학회논문지C
• /
• 제10C권6호
• /
• pp.825-834
• /
• 2003

본 논문에서는 매일 사용자의 오버헤드를 최소화하고 TTP(Trusted Third Party)의 기밀성을 분산시킨 새로운 Certified E-mail System을 제안한다. 제안 시스템은 전달 메시지의 공정성 및 기밀성 보장을 위하여 전통적인 암호기법과 함께 서버 지원된 서명 기법을 사용함으로써, 매일 사용자의 공개키 암호 알고리즘 연산에 따른 오버해드를 최소화하는 구조를 가진다. 따라서, 제안 방안은 셀룰러 폰이나 무선 PDA와 같은 컴퓨팅 파워가 취약한 이동 장치를 이용하는 매일 사용자에 적합하다. 또한, 제안된 시스템은 임계 암호시스쳄에 기반하여 설계되었으므로 이동 공격자에 대하여 강겅하며 공모 공격으로부터 안전하다.

• 정보과학회 컴퓨팅의 실제 논문지
• /
• 제22권8호
• /
• pp.345-350
• /
• 2016

클라우드 컴퓨팅 서비스는 개별 사용자가 자원을 서로 공유하고 가상화 기술 등을 적용하여 기존의 컴퓨팅 환경과는 다른 특성을 가지고 있다. 이러한 특성으로 인해 클라우드 컴퓨팅 환경에 적합한 사용자 식별 접근제어 기술 및 보안 통제 사항 등이 요구된다. 최근 Yoo는 안전한 클라우드 컴퓨팅을 위한 속성기반 접근제어를 이용한 새로운 인증 기법을 제안하였다. 해당 기법은 속성이라는 개념을 이용하여 클라우드 자원에 대한 안전한 접근을 제공한다. 그러나 Yoo의 기법은 악의적인 서비스 제공자에 의해 인증서버의 비밀키 해시 값이 유출될 수 있는 취약점을 가지고 있으며 이를 이용한 서비스 제공자 공격을 통해 인증 요청 메시지 공격이 가능하다. 본 논문에서는 Yoo가 제안한 기법이 가진 취약점을 개선하여 클라우드 컴퓨팅을 위한 안전하고 효율적인 속성기반 인증 기법을 제안하고자 한다.

• 한국시뮬레이션학회논문지
• /
• 제27권1호
• /
• pp.39-49
• /
• 2018

잠수함으로부터 발사되는 SLBM은 은밀성으로 인해 탐지가 매우 제한적이며 이는 안보에 심각한 위협으로 인식된다. 본 연구는 SLBM의 효과적인 탐지를 위한 구축함 배치 최적화 문제를 고려한다. 최적화 모델은 2인 제로섬 게임을 기반으로 하여, 상대방의 입장에서 SLBM이 최대한 탐지되지 않는 발사 및 도착 지점과 비행궤적을 결정하고자 하며, 우리의 입장에서는 상대방의 SLBM 탐지를 최대화할 수 있는 구축함의 배치 계획을 수립한다. 제시된 2인 제로섬 게임 모델은 선형계획법으로 변환하여 최적해를 구할 수 있으며, 가상의 임의 구역과 시나리오를 생성하여 계산 실험을 수행하고 본 연구에서 제시하는 모델을 통해 게임에서의 상대방과 우리의 최적 혼합전략을 도출한 결과를 보여준다.

• 비교문화연구
• /
• 제19권
• /
• pp.101-126
• /
• 2010

Narcissism is a pathological phenomenon and narcissistic subject always needs to put itself on the top and has interest in nothing but its own determination. The protagonist of Adversary by ?mmanuel Carr?re does pay careful attention to what others are thinking of him while he does not distinguish difference between object of love and himself. So he can be allegedly narcissistic subject. And it can be said that the behaviors of Mary in the movie Under the sand by Ozon are included in narcissism in that narcissistic subject has the characteristics that idealizes the object of libido. However, in this study, the heroine is examined based on such a point that the object of love and extreme idealization incline toward others. We call this case reverse-narcissism. In Part 2, it is investigated what relation narcissism as an unconscious psychological tool has with Oedipus complex, which plays an important role in forming human psyche. For instance, disappointment caused by prohibition at the oedipal stage is too severe, which creates superego and its idealization to protect in such a way that narcissistic regression can not be done. Cases of extremely big gap between ego and ideal type are perversion, impostor, mania, paranoia, etc, where narcissistic and oedipal elements are combined to affect.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권11호
• /
• pp.4573-4594
• /
• 2020

Announcement protocol in Internet of Vehicles (IoV) is an intelligent application to enhance public safety, alleviate traffic jams and improve transportation quality. It requires communication between vehicles, roadside units and pedestrian to disseminate safety-related messages. However, as vehicles connected to internet, it makes them accessible globally to a potential adversary. Safety-related application requires a message to be reliable, however it may intrude the privacy of a vehicle. Contrarily, if some misbehaviour emerges, the malicious vehicles must be able to traceable and revoke from the network. This is a contradiction between privacy and accountability since the privacy of a user should be preserved. For a secure communication among intelligent entities, we propose a novel announcement protocol in IoV using group signature. To the best of our knowledge, our work is the first comprehensive construction of an announcement protocol in IoV that deploys group signature. We show that our protocol efficiently solves these conflicting security requirements of message reliability, privacy and accountability using 5G communication channel. The performance analysis and simulation results signify our work achieves performance efficiency in IoV communication.

• International Journal of Computer Science & Network Security
• /
• 제21권6호
• /
• pp.89-100
• /
• 2021

Smart Grid Network (SGN) is a next generation electrical power network which digitizes the power distribution grid and achieves smart, efficient, safe and secure operations of the electricity. The backbone of the SGN is information communication technology that enables the SGN to get full control of network station monitoring and analysis. In any network where communication is involved security is essential. It has been observed from several recent incidents that an adversary causes an interruption to the operation of the networks which lead to the electricity theft. In order to reduce the number of electricity theft cases, companies need to develop preventive and protective methods to minimize the losses from this issue. In this paper, we have introduced a machine learning based SVM method that detects malicious nodes in a smart grid network. The algorithm collects data (electricity consumption/electric bill) from the nodes and compares it with previously obtained data. Support Vector Machine (SVM) classifies nodes into Normal or malicious nodes giving the statues of 1 for normal nodes and status of -1 for malicious -abnormal-nodes. Once the malicious nodes have been detected, we have done a trust evaluation based on the nodes history and recorded data. In the simulation, we have observed that our detection rate is almost 98% where the false alarm rate is only 2%. Moreover, a Trust value of 50 was achieved. As a future work, countermeasures based on the trust value will be developed to solve the problem remotely.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권11호
• /
• pp.4105-4121
• /
• 2021

Recently, malware classification based on Deep Neural Networks (DNN) has gained significant attention due to the rise in popularity of artificial intelligence (AI). DNN-based malware classifiers are a novel solution to combat never-before-seen malware families because this approach is able to classify malwares based on structural characteristics rather than requiring particular signatures like traditional malware classifiers. However, these DNN-based classifiers have been found to lack robustness against malwares that are carefully crafted to evade detection. These specially crafted pieces of malware are referred to as adversarial examples. We consider a clever adversary who has a thorough knowledge of DNN-based malware classifiers and will exploit it to generate a crafty malware to fool DNN-based classifiers. In this paper, we propose a DNN-based malware classifier that becomes resilient to these kinds of attacks by exploiting Generative Adversarial Network (GAN) based data augmentation. The experimental results show that the proposed scheme classifies malware, including AEs, with a false positive rate (FPR) of 3.0% and a balanced accuracy of 70.16%. These are respective 26.1% and 18.5% enhancements when compared to a traditional DNN-based classifier that does not exploit GAN.

• International Journal of Computer Science & Network Security
• /
• 제21권12spc호
• /
• pp.399-408
• /
• 2021

Information security reports four types of basic attacks on information. One of the attacks is named as fabrication. Even though mobile devices and applications are showing its maturity in terms of performance, security and ubiquity, location-based applications still faces challenges of quality of service, privacy, integrity, authentication among mobile devices and hence mobile users associated with the devices. There is always a continued fear as how location information of users or IoT appliances is used by third party LB Service providers. Even adversary or malicious attackers get hold of location information in transit or fraudulently hold this information. In this paper, location information fabrication scenarios are presented after knowing basic model of information attacks. Peer-to-Peer broadcast model of location privacy is proposed. This document contains introduction to fabrication, solutions to such threats, management of fabrication mitigation in collaborative or peer to peer location privacy and its cost analysis. There are various infrastructure components in Location Based Services such as Governance Server, Point of interest POI repository, POI service, End users, Intruders etc. Various algorithms are presented and analyzed for fabrication management, integrity, and authentication. Moreover, anti-fabrication mechanism is devised in the presence of trust. Over cost analysis is done for anti-fabrication management due to nature of various cryptographic combinations.