• Journal of Information Processing Systems
• /
• v.16 no.3
• /
• pp.699-717
• /
• 2020

Propagation time on permissionless blockchain plays a significant role in terms of stability and performance in the decentralized systems. A large number of activities are disseminated to the whole nodes in the decentralized peer-to-peer network, thus causing propagation delay. The stability of the system is our concern in the first place. The propagation delay opens up opportunities for attackers to apply their protocol. Either by accelerating or decelerating the propagation time directly without proper calculation, it brings numerous negative impacts to the entire blockchain system. In this paper, we thoroughly review and elaborate on several parameters related to the propagation time in such a system. We describe our findings in terms of data communication, transaction propagation, and the possibility of an interference attack that caused an extra propagation time. Furthermore, we present the influence of block size, consensus, and blockchain scalability, including the relation of parameters. In the last session, we remark several points associated with the propagation time and use cases to avoid dilemmas in the light of the experiments and literary works.

• Journal of Internet Computing and Services
• /
• v.5 no.2
• /
• pp.57-67
• /
• 2004

In this paper we present the architecture of intrusion detection system that enhances the performance of system and the correctness of intrusion detection. A network intrusion is usually composed of several steps of action taken by the attackers. Each action in the steps can be characterized by its signature. But normal and non-intrusive action can also include the same signature, It can result in incorrect detection. The presented system uses the correlation of series of signatures that consist of an intrusion. So Its decision on an intrusion is highly reliable. And variations of known intrusions can easily be detected without any knowledge of the variations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.5
• /
• pp.2348-2365
• /
• 2018

QR codes as public patent are widely used to acquire the information in various fields. However, it faces security problem when delivering the privacy message by QR code. To overcome this weakness, we propose a secret hiding scheme by improving exploiting modification direction to protect the private message in QR code. The secret messages will be converted into octal digit stream and concealed to the cover QR code by overwriting the cover QR code public message bits. And the private messages can be faithfully decoded using the extraction function. In our secret hiding scheme, the QR code public message still can be fully decoded publicly from the marked QR codes via any standard QR Code reader, which helps to reduce attackers' curiosity. Experiments show that the proposed scheme is feasible, with high secret payload, high security protection level, and resistant to common image post-processing attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.11
• /
• pp.5238-5244
• /
• 2011

Recently, wireless sensor networks have become increasingly interesting areas over extensive application fields such as military, ecological, and health-related areas. Almost sensor networks have mission-critical tasks that requires very high security. Therefore, extensive work has been done for securing sensor networks from outside attackers, efficient cryptographic systems, secure key management and authorization, but little work has yet been done to protect these networks from inside threats. This paper proposed an method to select which nodes should activate their idle nodes as detectors to be able to watch all packets in the sensor network. Suggested method is modeled as optimization equation, and heuristic Greedy algorithm based simulation results are presented to verify my approach.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.11
• /
• pp.5245-5251
• /
• 2011

Seo et al. criticizes that Hu-Niu-Yang's certification scheme is not enough to satisfy the security requirements of a smart card-based certification scheme because it has a weakness of password guessing attack as well as gives attackers opportunities to be disguised as legitimate users. However, Seo et al. also has a weakness not satisfying the security requirements. This paper suggests a new scheme that contains the characteristics of certification scheme provided by Seo et al. but compensates weak points. The findings show that the new scheme is more safety and efficient than Seo et al.'s

• Journal of Advanced Navigation Technology
• /
• v.14 no.6
• /
• pp.970-974
• /
• 2010

According to IT technology has evolved, smart phone rapidly propagates for mobility. A smart phone user acquires useful information, but attackers generate various damage. For example, an attacker must distribute to expose the privacy of others. To solve this problem, various information security products are being developed. In addition, information security has been strengthened. In this paper, we propose a scheme for secure use of smart phone. For development of secure smart phone, the development processes should be secure. In addition, we propose an information security production certification system for secure smart phone security.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.760-773
• /
• 2020

When a crime occurs, the information necessary for solving the case, and various pieces of the evidence needed to prove the crime are collected from the crime scene. The tangible residues collected through scientific methods at the crime scene become evidence at trial and a clue to prove the facts directly against the offense of the suspect. Therefore, the scientific investigation and forensic handling for securing objective forensic in crime investigation is increasingly important. Today, digital systems, such as smartphones, CCTVs, black boxes, etc. are increasingly used as criminal information investigation clues, and digital forensic is becoming a decisive factor in investigation and trial. However, the systems have the risk that digital forensic may be damaged or manipulated by malicious insiders in the existing centralized management systems based on client/server structure. In this paper, we design and implement a blockchain based digital forensic management model using Hyperledger Fabric and Docker to guarantee the reliability and integrity of digital forensic. The proposed digital evidence management model allows only authorized participants in a distributed environment without a central management agency access the network to share and manage potential crime data. Therefore, it could be relatively safe from malicious internal attackers compared to the existing client/server model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.431-433
• /
• 2010

VoIP is a communication technique can be used anywhere you can find wifi signal and it costs much lower than conventional mobile service. However, security of VoIP is not as robust as former, the converse could be easily intercepted and attacked especially in MANETs which the attackers access easier than in wired networks. Sercurity of VoIP system in MANETs is an important issue nowadays. In this paper, a typical attack method of VoIP systems in MANETs is described and we implement how to prevent it.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.6
• /
• pp.1022-1025
• /
• 2008

Session Initiation Protocol (SIP) has become the call control protocol of choice for Voice over IP (VoIP) networks because of its open and extensible nature. However, the integrity of call signaling between sites is of utmost importance, and SIP is vulnerable to attackers when left unprotected. Currently a herby-hop security model is prevalent, wherein intermediaries forward a request towards the destination user agent sewer (UAS) without a user agent client (UAC) knowing whether or not the intermediary behaved in a trusted manner. This paper presents an integrated security model for SIP-based VoIP network by combining hop-by-hop security and end-to-end security.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.1
• /
• pp.68-73
• /
• 2002

One widely-used technique by which network attackers attain anonymity and complicate their apprehension is by employing stepping stones: they launch attacks not from their own computer but from intermediary hosts that they previously compromised. We develop an efficient algorithm for detecting stepping stones by monitoring a site's Internet access link. The algorithm is based on the distinctive characteristics(packet size, timing) of interactive traffic, and not on connection contents, and hence can be used to find stepping stones even when the traffic is encrypted. We evaluate the algorithm on large Internet access traces and find that it Performs quite well. However, the success of the algorithm is tempered by the discovery that large sites have many users who routinely traverse stepping stones for a variety of legitimate reasons.