• ETRI Journal
• /
• v.37 no.3
• /
• pp.502-511
• /
• 2015

Intrusion detection plays a key role in detecting attacks over networks, and due to the increasing usage of Internet services, several security threats arise. Though an intrusion detection system (IDS) detects attacks efficiently, it also generates a large number of false alerts, which makes it difficult for a system administrator to identify attacks. This paper proposes automatic fuzzy rule generation combined with a Wiener filter to identify attacks. Further, to optimize the results, simplified swarm optimization is used. After training a large dataset, various fuzzy rules are generated automatically for testing, and a Wiener filter is used to filter out attacks that act as noisy data, which improves the accuracy of the detection. By combining automatic fuzzy rule generation with a Wiener filter, an IDS can handle intrusion detection more efficiently. Experimental results, which are based on collected live network data, are discussed and show that the proposed method provides a competitively high detection rate and a reduced false alarm rate in comparison with other existing machine learning techniques.

• Journal of information and communication convergence engineering
• /
• v.16 no.2
• /
• pp.93-98
• /
• 2018

The Internet of Things (IoT) is a form of the emerging 4th industry in the 5G era. IoT is expected to develop naturally in our daily life in the 5G era in which high-speed communication will be completed. Along with the rise of IoT, concerns about security and malicious attacks are also increasing. This paper examines DoS attacks, which are one of the representative security threats of IoT and proposes a local detection and blocking system that are suitable for response to such attacks. First, systems of the LoRaWAN type, which are most actively researched in the IoT system field and DoS attacks that can occur in such systems were examined. Then, the inverse order tree algorithm using regional characteristics was designed as a cluster analysis form. Finally, a system capable of defending denial-of-service attacks in the 5G IoT system using local detection and blocking with the Euclidean distance was designed.

• ETRI Journal
• /
• v.43 no.4
• /
• pp.694-701
• /
• 2021

Catastrophic events cause casualties, damage property, and lead to huge social impacts. To build common standards and facilitate international communications regarding disasters, the relevant authorities in social management rank them in subjectively imposed terms such as direct economic losses and loss of life. Terrorist attacks involving uncertain human factors, which are roughly graded based on the rule of property damage, are even more difficult to interpret and assess. In this paper, we collected 114 183 open-source records of terrorist attacks and used a machine learning method to grade them synthetically in an automatic and objective way. No subjective claims or personal preferences were involved in the grading, and each derived common factor contains the comprehensive and rich information of many variables. Our work presents a new automatic ranking approach and is suitable for a broad range of gradation problems. Furthermore, we can use this model to grade all such attacks globally and visualize them to provide new insights.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.515-524
• /
• 2012

Fault attacks are a powerful side channel analysis extracting secret information by analyzing the result after injecting faults physically during the implementation of a cryptographic algorithm. First, this paper analyses vulnerable points of existing Digital Signature Algorithm (DSA) schemes secure against fault attacks. Then we propose a new signature algorithm immune to all fault attacks. The proposed DSA scheme is designed to signature by using two nonce and an error diffusion method.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.294-303
• /
• 2021

VANET is an upcoming technology with an encouraging prospect as well as great challenges, specifically in its security. This paper intends to survey such probable attacks and the correlating detection mechanisms that are introduced in the literature. Accordingly, administering security and protecting the owner's privacy has become a primary argument in VANETs. To furnish stronger security and preserve privacy, one should recognize the various probable attacks on the network and the essence of their behavior. This paper presents a comprehensive survey on diversified attacks and the recommended unfolding by the various researchers which concentrate on security services and the corresponding countermeasures to make VANET communications more secure.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.174-183
• /
• 2021

The advent of social media has revolutionized the speed of communication between millions of people around the world in various cultures and disciplines. Social media is the best platform for exchanging opinions and ideas, interacting with other users of similar interests and sharing different types of media and files. With the phenomenal increase in the use of social media platforms, the need to pay attention to protection and security from attacks and misuse has also increased. The present study conducts a comprehensive survey of the latest and most important research studies published from 2018-20 on security and privacy on social media and types of threats and attacks that affect the users. We have also reviewed the recent challenges that affect security features in social media. Furthermore, this research pursuit also presents effective and feasible solutions that address these threats and attacks and cites recommendations to increase security and privacy for the users of social media.

• ETRI Journal
• /
• v.44 no.6
• /
• pp.977-990
• /
• 2022

This study proposes a novel method for identifying the primary conspirators involved in terrorist activities. To map the information related to terrorist activities, we gathered information from different sources of real cases involving terrorist attacks. We extracted useful information from available sources and then mapped them in the form of terrorist networks, and this mapping provided us with insights in these networks. Furthermore, we came up with a novel centrality measure for identifying the primary conspirators of a terrorist attack. Because the leaders of terrorist attacks usually direct conspirators to conduct terrorist activities, we designed a novel algorithm that can identify such leaders. This algorithm can identify terrorist attack leaders even if they have less connectivity in networks. We tested the effectiveness of the proposed algorithms on four real-world datasets and conducted an experimental evaluation, and the proposed algorithms could correctly identify the primary conspirators and leaders of the attacks in the four cases. To summarize, this work may provide information support for security agencies and can be helpful during the trials of the cases related to terrorist attacks.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.179-192
• /
• 2023

The widespread use of Cloud Computing, Internet of Things (IoT), and social media in the Information Communication Technology (ICT) field has resulted in continuous and unavoidable cyber-attacks on users and critical infrastructures worldwide. Traditional security measures such as firewalls and encryption systems are not effective in countering these sophisticated cyber-attacks. Therefore, Intrusion Detection and Prevention Systems (IDPS) are necessary to reduce the risk to an absolute minimum. Although IDPSs can detect various types of cyber-attacks with high accuracy, their performance is limited by a high false alarm rate. This study proposes a new technique called Fuzzy Logic - Objective Risk Analysis (FLORA) that can significantly reduce false positive alarm rates and maintain a high level of security against serious cyber-attacks. The FLORA model has a high fuzzy accuracy rate of 90.11% and can predict vulnerabilities with a high level of certainty. It also has a mechanism for monitoring and recording digital forensic evidence which can be used in legal prosecution proceedings in different jurisdictions.

• Asia pacific journal of information systems
• /
• v.31 no.3
• /
• pp.335-357
• /
• 2021

As reproduction of images can be done with ease, copy detection has increasingly become important. In the duplication process, image modifications are likely to occur and some alterations are deliberate and can be viewed as attacks. A wide range of copy detection techniques has been proposed. In our study, content-based copy detection, which basically applies DCT-based features for images, namely, pixel values, edges, texture information and frequency-domain component distribution, is employed. Experiments are carried out to evaluate robustness and sensitivity of DCT-based features from attacks. As different types of DCT-based features hold different pieces of information, how features and attacks are related can be shown in their robustness and sensitivity. Rather than searching for proper features, use of robustness and sensitivity is proposed here to realize how the attacked features have changed when an image attack occurs. The experiments show that, out of ten attacks, the neural networks are able to detect seven attacks namely, Gaussian noise, S&P noise, Gamma correction (high), blurring, resizing (big), compression and rotation with mostly related to their sensitive features.

• Journal of KIISE:Information Networking
• /
• v.31 no.4
• /
• pp.405-413
• /
• 2004

Design an efficient and secure electronic payment system is important for M-Commerce. In this paper, we propose an efficient Micro-Payment Protocol that allows multiple transactions using ID-based public key cryptosystem. Current PayWord system requires to generate certificate of the vendor for each transaction. In this paper, we use a session key instead of certificate key generated by Weil Pairing which use an Elliptic Curve Cryptosystem over finite field $F_q$ for transactions Therefore, it is more secure in Known key attacks as well as Man-in-the-middle attacks.