• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2007.02a
• /
• pp.116-119
• /
• 2007

In a keyword search scheme a user stores encrypted data on an untrusted server and gives a database manager a capability for a keyword which enables a database manager to find encrypted data containing the keyword without revealing the keyword to the database manager. Conjunctive keyword search scheme enables a user to obtain data containing all of several keywords through only one query. One of the security requirements of conjunctive keyword search schemes is that a malicious adversary should not be able to generate new valid capabilities from the observed capabilities. In U:5 paper we show that conjunctive keyword search schemes are not secure. In particular, given two capabilities corresponding two sets of keywords, an adversary is able to generate a new capability corresponding to the dierence set of two keywords sets.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.159-162
• /
• 2008

Generally, sensor nodes can be easily compromised and seized by an adversary because sensor nodes are hostile environments after dissemination. An adversary may be various security attacks into the networks using compromised node. False data injection attack using compromised node, it may not only cause false alarms, but also the depletion of the severe amount of energy waste. Dynamic en-route scheme for Filtering False Data Injection (DEF) can detect and drop such forged report during the forwarding process. In this scheme, each forwarding nodes verify reports using a regular probability. In this paper, we propose verification probability adjustment scheme of forwarding nodes though a fuzzy rule-base system for the Dynamic en-route filtering scheme for Filtering False Data Injection in sensor networks. Verification probability determination of forwarding nodes use false traffic rate and distance form source to base station.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.26
• /
• pp.225-253
• /
• 2005

Nowadays we does not hesitate to definite answer that the arbitration is the most developed dispute settlement out of court in the international commercial transaction. Online arbitration is desirable for the reasons of speed and cost effectiveness to settle the dispute about the international commercial transaction. Online arbitration is fast because it uses the communication technologies that allow information to be sent fast and efficiently. But in online arbitration too much speed and efficiency may lead to a violation of due process rights and consequently the online arbitration awards run a risk to be set aside or refused its enforcement under the international commercial arbitration mechanism. Speed and efficiency may conflict with the procedural guarantee characterizing each adversary dispute resolution process. As arbitration is exclusive of recourse to courts, a state must guarantee that arbitral proceeding should be satisfied with the claim rights requirement. The main question regarding the sources of regulation is particularly for the due process whether or not this is provided by the availability of grounds to set arbitral award aside. In other words, does it respect due process in the arbitration proceeding including information communication and technology under the online arbitration. In this paper it is discussed about how the main issue in arbitration should be implemented in online arbitration proceedings to cope with the due process requirements in national and international.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.405-408
• /
• 2002

사전 대응적 안전성은 이동성 공격자에 대해 오랜 기간 안전하게 유지 및 사용되어야 할 암호학적 키들의 안전성을 증가시킨다. 최근에 Shoup은 매우 실제적인 문턱 RSA 서명방식을 제안하였는데, 그의 논문에서는 사전 대응적 안전성에 대해서 고려하지 않았다. 본 논문에서는 Shoup이 제안한 서명방식과 사전 대응적 안전성을 고려하여 이동성 공격자에 강인한 문턱 RSA 서명방식을 제안한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.10a
• /
• pp.725-728
• /
• 2007

Software security is about making software behave correctly in the presence of a malicious attack, even though software failures usually happen spontaneously in the real world. Standard software testing literature is concerned only with what happens when software fails, regardless of intent. The difference between software safety and software security is therefor the presence of an intelligent adversary bent on breaking the system. Software security for attacking the system is presented in this paper

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.10d
• /
• pp.132-134
• /
• 2006

In this paper, we propose an efficient bilateral remote user authentication scheme with smart cards. Our scheme ensures both-way authentication, so that any attempt of the adversary to affect the secure communications between the authentication server and the user could not be successful. We also present a brief analysis of our proposed scheme and show that it is well-resistant against the known attacks in remote user authentication process.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.214-216
• /
• 2005

We consider Wireless Sensor Network Security (WSN) and focus our attention to tolerate damage caused by an adversary who has compromised deployed sensor node to modify, block, or inject packets. We adopt a probabilistic secret sharing protocol where secrets shared between two sensor nodes are not exposed to any other nodes. Adapting to WSN characteristics, we incorporate these secrets to establish new pairwise key for node to node authentication and design multipath routing to multiple base stations to defend against HELLO flood attacks. We then analytically show that our defense mechanisms against HELLO flood attack can tolerate damage caused by an intruder.

• Proceedings of the KIEE Conference
• /
• 2006.04a
• /
• pp.171-173
• /
• 2006

Because sensor networks use wireless communication, they are vulnerable to attacks which are more difficult launch in the wired domain. Many wired networks benefit from their inherent physical security properties. It is unlikely that an adversary will dig up the Internet backbone and splice into the line. However, wireless communications are difficult to protect; they are by nature a broadcast medium. In a broadcast medium, adversaries can easily eavesdrop on, intercept, inject, and alter transmitted data. In addition, adversaries are not restricted to using sensor network hardware. We have analyzed the IEEE 802.15.4, ZigBee specification which includes a number of security provisions and options. In this paper, we highlight places where USN security considerations and home network attack scenarios.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.973-976
• /
• 2005

In IEEE 802.15.4 (Low-Rate Wireless Personal Area Network) specification, a successful reception and validation of a data or MAC command frame can be confirmed with an acknowledgment. However, the specification does not support security for acknowledgment frame; the lack of a MAC covering acknowledgments allows an adversary to forge an acknowledgment for any frame. This paper proposes an identity authentication mechanism at the link layer for acknowledgment frame in IEEE 802.15.4 network. With the proposed mechanism there is only three bits for authentication, which can greatly reduce overhead. The encrypted bit stream for identity authentication will be transmitted to device by coordinator within association process. Statistical method indicates that our mechanism is successful in handling MAC layer attack.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.141-145
• /
• 2008

Wireless sensor network (WSN) is expected to be used in many applications. However, sensor nodes still have some secure problems to use them in the real applications. They are typically deployed on open, wide, and unattended environments. An adversary using these features can easily compromise the deployed sensor nodes and use compromised sensor nodes to inject fabricated data to the sensor network (false data injection attack). The injected fabricated data drains much energy of them and causes a false alarm. To detect and drop the injected fabricated data, a filtering-based security method and adaptive methods are proposed. The number of different partitions is important to make event report since they can make a correctness event report if the representative node does not receive message authentication codes made by the different partition keys. The proposed methods cannot guarantee the detection power since they do not consider the filtering scheme. We proposed clustering method for filtering-based secure methods. Our proposed method uses fuzzy system to enhance the detection power of a cluster.