• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2174-2177
• /
• 2003

Internet is exposed to network attacks as Internet has a security weakness. Network attacks which are virus, system intrusion, and deny of service, put Internet in the risk of hacking, so the damage of public organization and banking facilities are more increased. So, it is necessary that the security technologies about intrusion detection and controlling attacks minimize the damage of hacking. Router is the network device of managing traffic between Internets or Intranets. The damage of router attack causes the problem of the entire network. The security technology about router is necessary to defend Internet against network attacks. Router has the need of access control and security skills that prevent from illegal attacks. We developed integrated security management framework for secure networking and kernel-level security engine that filters the network packets, detects the network intrusion, and reports the network intrusion. The security engine on the router protects router or gateway from the network attacks and provides secure networking environments. It manages the network with security policy and handles the network attacks dynamically.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.7
• /
• pp.1831-1853
• /
• 2012

By sending periodically short bursts of traffic to reduce legit transmission control protocol (TCP) traffic, the low-rate denial of service (LDoS) attacks are hard to be detected and may endanger covertly a network for a long period. Traditionally, LDoS detecting methods mainly concentrate on the attack stream with feature matching, and only a limited number of attack patterns can be detected off-line with high cost. Recent researches divert focus from the attack stream to the traffic anomalies induced by LDoS attacks, which can detect more kinds of attacks with higher efficiency. However, the limited number of abnormal characteristics and the inadequacy of judgment rules may cause wrong decision in some particular situations. In this paper, we address the problem of detecting LDoS attacks and present a scheme based on the fluctuant features of legit TCP and acknowledgment (ACK) traffic. In the scheme, we define judgment criteria which used to identify LDoS attacks in real time at an optimal detection cost. We evaluate the performance of our strategy in real-world network topologies. Simulations results clearly demonstrate the superiority of the method proposed in detecting LDoS attacks.

• Journal of Information Technology Services
• /
• v.15 no.1
• /
• pp.67-79
• /
• 2016

This study aims to present the necessary elements that should be part of South Korea's National Defense Strategy against the recent North Korean cyber-attacks. The elements proposed in this study also reflect the recent trend of cyber-attack incidents that are happening in the Unites States and other countries and have been classified into the three levels of cyber incidents: cyberwarfare, cyberterrorism and cybercrime. As such, the elements proposed are presented in accordance with this classification system. In order to properly take into account the recent trend of cyber-attacks perpetrated by North Korea, this paper analyzed the characteristics of recent North Korean cyber-attacks as well as the countermeasures and responses of South Korea. Moreover, by making use of case studies of cyber-attack incidents by foreign nations that threaten national security, the response measures at a national level can be deduced and applied as in this study. Thus, the authors of this study hope that the newly proposed elements here within will help to strengthen the level of Korea's cyber security against foreign attacks, specifically that of North Korea such as the KHNP hacking incidents and so on. It is hoped that further damage such as leakage of confidential information, invasion of privacy and physical intimidation can be mitigated.

• Journal of Electrical Engineering and Technology
• /
• v.13 no.1
• /
• pp.476-484
• /
• 2018

The high capacity audio watermarking algorithms are facing a main challenge in satisfying the robustness against attacks especially on de-synchronization attacks. In this paper, a robust and a high capacity algorithm is proposed using segment selection, Stationary Wavelet Transform (SWT) and the Quantization Index Modulation (QIM) techniques along with new synchronization mechanism. The proposed algorithm provides enhanced trade-off between robustness, imperceptibility, and capacity. The achieved watermarking improves the reliability of the available watermarking methods and shows high robustness towards signal processing (manipulating) attacks especially the de-synchronization attacks such as cropping, jittering, and zero inserting attacks. For imperceptibility evaluation, high signal to noise ratio values of above 22 dB has been achieved. Also subjective test with volunteer listeners shows that the proposed method has high imperceptibility with Subjective Difference Grade (SDG) of 4.76. Meanwhile, high rational capacity up to 176.4 bps is also achieved.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.2
• /
• pp.357-364
• /
• 2015

Tags and Readers is receiving and sending the data using the wireless communication in the RFID environment. Therefore, it could allow an attacker to participate in the network without the physical constraints, which can be easily exposed to a variety of attacks, such as taps and data forgery. Also, it is not easy to apply the security techniques to defend external attacks because the resource constraints of RFID tags is high. In this paper, new tag-reader mutual authentication protocol is proposed to protect the external cyber attacks such as spoofing attacks, replay attacks, traffic analysis attacks, location tracking attacks. The performance evaluation of the proposed mutual authentication protocol is performed and the simulation results are presented.

• Journal of IKEEE
• /
• v.23 no.2
• /
• pp.413-418
• /
• 2019

Attacks on existing sensor networks include sniffing, flooding, and spoofing attacks. The basic countermeasures include encryption and authentication methods and switching methods. Wormhole attack, HELLO flood attack, Sybil attack, sinkhole attack, and selective delivery attack are the attacks on the network layer in wireless sensor network (WSN). These attacks may not be defended by the basic countmeasures mentioned above. In this paper, new countermeasures against these attacks include periodic key changes and regular network monitoring. Moreover, we present various threats (attacks) in the network layer of wireless sensor networks and new countermeasures accordingly.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6098-6122
• /
• 2018

Cache-based side-channel attacks have achieved more attention along with the development of cloud computing technologies. However, current host-based mitigation methods either provide bad compatibility with current cloud infrastructure, or turn out too application-specific. Besides, they are defending blindly without any knowledge of on-going attacks. In this work, we present CacheSCDefender, a framework that provides a (Virtual Machine Monitor) VMM-based comprehensive defense framework against all levels of cache attacks. In designing CacheSCDefender, we make three key contributions: (1) an attack-aware framework combining our novel dynamic remapping and traditional cache cleansing, which provides a comprehensive defense against all three cases of cache attacks that we identify in this paper; (2) a new defense method called dynamic remapping which is a developed version of random permutation and is able to deal with two cases of cache attacks; (3) formalization and quantification of security improvement and performance overhead of our defense, which can be applicable to other defense methods. We show that CacheSCDefender is practical for deployment in normal virtualized environment, while providing favorable security guarantee for virtual machines.

• Proceedings of the IEEK Conference
• /
• 2002.06c
• /
• pp.181-184
• /
• 2002

This paper describes remote control RS232 communication using internet service, safety of exchange data and internet traffic by Denial of Service Attacks. In case of Denial of service Attacks, it makes connection of internet service failed. So in this Paper, this solution was examined and implemented for receiving data in safety against Denial of Service Attacks by LabVIEW program of National Instruments.

• Journal of the Korean Mathematical Society
• /
• v.59 no.1
• /
• pp.35-51
• /
• 2022

We give secure parameter suggestions to use sparse secret vectors in LWE based encryption schemes. This should replace existing security parameters, because homomorphic encryption (HE) schemes use quite different variables from the existing parameters. In particular, HE schemes using sparse secrets should be supported by experimental analysis, here we summarize existing attacks to be considered and security levels for each attacks. Based on the analysis and experiments, we compute optimal scaling factors for CKKS.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.1
• /
• pp.125-132
• /
• 2011

A hierarchical Web Security System, which is a solution to various web-based attacks, seemingly is not able to keep up with the improvement of detoured or compound attacks. In this paper, we suggest an efficient detecting scheme for web-based attacks like Malware, XSS, Creating Webshell, URL Spoofing, and Exposing Private Information through monitoring HTTP outbound traffics in real time. Our proposed scheme detects web-based attacks by comparing the outbound traffics with the signatures of HTML tag or Javascript created by the attacks. Through the verification analysis under the real-attacked environment, we show that our scheme installed in a hierarchical web security system has superior detection capability for detoured web-based attacks.