• International Journal of Computer Science & Network Security
• /
• 제22권7호
• /
• pp.427-442
• /
• 2022

MP3 is one of the most widely used file formats for encoding and representing audio data. One of the reasons for this popularity is their significant ability to reduce audio file sizes in comparison to other encoding techniques. Additionally, other reasons also include ease of implementation, its availability and good technical support. Steganography is the art of shielding the communication between two parties from the eyes of attackers. In steganography, a secret message in the form of a copyright mark, concealed communication, or serial number can be embedded in an innocuous file (e.g., computer code, video film, or audio recording), making it impossible for the wrong party to access the hidden message during the exchange of data. This paper describes a new steganography algorithm for encoding secret messages in MP3 audio files using an improved least significant bit (LSB) technique with high embedding capacity. Test results obtained shows that the efficiency of this technique is higher compared to other LSB techniques.

• 한국멀티미디어학회논문지
• /
• 제25권10호
• /
• pp.1416-1432
• /
• 2022

The access control system is a system that allows users to selectively enter the building by granting an access key to the user for security. Access keys with weak security are easily exposed to attackers and cannot properly perform the role that authenticates users. Access code keys should be protected from forgery or spoofing. For this reason, access key verification service models is important in security. However, most models manage all access keys on one central server. This method not only interrupts all services due to server errors, but also risks forgery and spoofing in the process of transmitting access keys. Therefore, blockchain algorithms are used to reduce this risk. This paper proposes a blockchain-based access key verification service model that used distributed stored blockchain gateways on storing access keys and authenticates the user's identity based on them. To evaluate the performance of this model, an experiment was conducted to confirm the performance of the access key forgery recovery rate and the blockchain network performance. As a result, the proposed method is 100% forgery recovery rate, and the registration and verification process is evaluated at 387.58 TPS and 136.66 TPS.

• International Journal of Computer Science & Network Security
• /
• 제21권12spc호
• /
• pp.399-408
• /
• 2021

Information security reports four types of basic attacks on information. One of the attacks is named as fabrication. Even though mobile devices and applications are showing its maturity in terms of performance, security and ubiquity, location-based applications still faces challenges of quality of service, privacy, integrity, authentication among mobile devices and hence mobile users associated with the devices. There is always a continued fear as how location information of users or IoT appliances is used by third party LB Service providers. Even adversary or malicious attackers get hold of location information in transit or fraudulently hold this information. In this paper, location information fabrication scenarios are presented after knowing basic model of information attacks. Peer-to-Peer broadcast model of location privacy is proposed. This document contains introduction to fabrication, solutions to such threats, management of fabrication mitigation in collaborative or peer to peer location privacy and its cost analysis. There are various infrastructure components in Location Based Services such as Governance Server, Point of interest POI repository, POI service, End users, Intruders etc. Various algorithms are presented and analyzed for fabrication management, integrity, and authentication. Moreover, anti-fabrication mechanism is devised in the presence of trust. Over cost analysis is done for anti-fabrication management due to nature of various cryptographic combinations.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.194-202
• /
• 2022

The use of public Wi-Fi has increased in recent years with many people like to spend their time outside in malls or café shops which provide public Wi-Fi for their customers. However, since the public Wi-Fi can be accessed from any device the security of public Wi-Fi plays a big role to prevent the stealing of information by an attacker with methods and techniques such as WPA, WPA2 and WPA3. However, it is well known to the attackers that these methods are not difficult to get hacked by the attacker device to take the client precious information. Some researches were done in increasing the security of public Wi-Fi each with their own different technique or algorithm to provide more secure connection to the public Wi-Fi and prevent any unauthorized user to connect to avoid stealing the data of another legal user. Theses research paper are evaluated to learn which method excel in protecting the public Wi-Fi security by giving an analysis to the methods provided by the research paper with comparing the pros and cons of each algorithm. Moreover, the research displays that there are methods to actually provide security to the public Wi-Fi with each being very different in implementation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권2호
• /
• pp.295-311
• /
• 2023

Cloud computing has evolved significantly, intending to provide users with fast, dependable, and low-cost services. With its development, malicious users have become increasingly capable of attacking both its internal and external security. To ensure the security of cloud services, encryption, authorization, firewalls, and intrusion detection systems have been employed. However, these single monitoring agents, are complex, time-consuming, and they do not detect ransomware and zero-day vulnerabilities on their own. An innovative Record and Replay-based hybrid Honeynet (R2NET) system has been developed to address this issue. Combining honeynet with Record and Replay (RR) technology, the system allows fine-grained analysis by delaying time-consuming analysis to the replay step. In addition, a machine learning algorithm is utilized to cluster the logs of attackers and store them in a database. So, the accessing time for analyzing the attack may be reduced which in turn increases the efficiency of the proposed framework. The R2NET framework is compared with existing methods such as EEHH net, HoneyDoc, Honeynet system, and AHDS. The proposed system achieves 7.60%, 9.78%%, 18.47%, and 31.52% more accuracy than EEHH net, HoneyDoc, Honeynet system, and AHDS methods.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2022년도 춘계학술대회
• /
• pp.259-261
• /
• 2022

최근 악성코드는 한 가지의 기법이 아닌 여러 기법들이 조합되고 합쳐지고 중요한 부분만 추출되어 새로운 악성코드들이 제작되고 변형되면서 점차적으로 공격 패턴이 다양해지고 공격 대상 또한 다양해지고 있다. 특히, 기업들의 보안에서의 악성 행위로 인한 피해 사례는 시간이 지날수록 늘어나고 있다. 하지만 공격자들이 여러 악성코드를 조합하더라도 각 악성코드의 종류별로 API들은 반복적으로 사용되고 API들의 패턴들과 이름이 유사할 가능성이 높다. 그로 인해 본 논문은 악성코드에서 자주 사용되는 API의 패턴을 찾고 API의 의미와 유사도를 계산하여 어느 정도의 위험도가 있는지 판단하는 분류 기술을 제안한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권5호
• /
• pp.1484-1502
• /
• 2023

The medical sector actively changes and implements innovative features in response to technical development and revolutions. Many of the most crucial elements in IoT-connected health services are safeguarding critical patient records from prospective attackers. As a result, BlockChain (BC) is gaining traction in the business sector owing to its large implementations. As a result, BC can efficiently handle everyday life activities as a distributed and decentralized technology. Compared to other industries, the medical sector is one of the most prominent areas where the BC network might be valuable. It generates a wide range of possibilities and probabilities in existing medical institutions. So, throughout this study, we address BC technology's widespread application and influence in modern medical systems, focusing on the critical requirements for such systems, such as trustworthiness, security, and safety. Furthermore, we built the shared ledger for blockchain-based healthcare providers for patient information, contractual between several other parties. The study's findings demonstrate the usefulness of BC technology in IoHT for keeping patient health data. The BDSA-IoHT eliminates 2.01 seconds of service delay and 1.9 seconds of processing time, enhancing efficiency by nearly 30%.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권10호
• /
• pp.2822-2843
• /
• 2023

All aspects of human life have become increasingly dependent on data in the last few decades. The development of several applications causes an enormous issue on data volume in current years. This information must be safeguarded and kept in safe locations. Massive volumes of data have been safely stored with cloud computing. This technology is developing rapidly because of its immense potentials. As a result, protecting data and the procedures to be handled from attackers has become a top priority in order to maintain its integrity, confidentiality, protection, and privacy. Therefore, it is important to implement the appropriate security measures in order to prevent security breaches and vulnerabilities. An improved version of Modular Encryption Standard (IMES) based on layered modelling of safety mechanisms is the major focus of this paper's research work. Key generation in IMES is done using a logistic map, which estimates the values of the input data. The performance analysis demonstrates that proposed work performs better than commonly used algorithms against cloud security in terms of higher performance and additional qualitative security features. The results prove that the proposed IMES has 0.015s of processing time, where existing models have 0.017s to 0.022s of processing time for a file size of 256KB.

• 한국컴퓨터정보학회논문지
• /
• 제28권11호
• /
• pp.89-101
• /
• 2023

사이버 공격으로 인한 국가, 기업 등의 피해를 막기 위해 공격자의 접근을 사전에 감지하는 이상 탐지 기술이 꾸준히 연구되어왔다. 외부 혹은 내부에서 침입하는 공격들을 즉각적으로 막기 위해 실행시간의 감축과 오탐지 감소는 필수불가결하다. 본 연구에서는 공격 이벤트의 유형과 빈도가 이상 탐지 정탐률 향상 및 오탐률 감소에 영향을 미칠 것으로 가설을 세우고, 검증을 위해 Los Alamos National Laboratory의 2015년 로그인 로그 데이터셋을 사용하였다. 전처리 된 데이터를 대표적인 이상행위 탐지 알고리즘에 적용한 결과, 공격 이벤트 유형과 빈도를 동시에 적용한 특성을 사용하는 것이 이상행위 탐지의 오탐률과 수행시간을 절감하는데 매우 효과적임을 확인하였다.

• International Journal of Computer Science & Network Security
• /
• 제23권10호
• /
• pp.129-134
• /
• 2023

The greatest challenge of this century is the protection of stored and transmitted data over the network. This paper provides a new hybrid algorithm designed based on combination algorithms, in the proposed algorithm combined with Hill and the Advanced Encryption Standard Algorithms, to increase the efficiency of color image encryption and increase the sensitivity of the key to protect the RGB image from Keyes attackers. The proposed algorithm has proven its efficiency in encryption of color images with high security and countering attacks. The strength and efficiency of combination the Hill Chipper and Advanced Encryption Standard Algorithms tested by statical analysis for RGB images histogram and correlation of RGB images before and after encryption using hill cipher and proposed algorithm and also analysis of the secret key and key space to protect the RGB image from Brute force attack. The result of combining Hill and Advanced Encryption Standard Algorithm achieved the ability to cope statistically