• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.43-51
• /
• 2017

MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.

• Journal of Korea Multimedia Society
• /
• v.21 no.8
• /
• pp.897-908
• /
• 2018

In this paper, we propose a security framework for a cluster drones network using the MAVLink (Micro Air Vehicle Link) application protocol based on FANET (Flying Ad-hoc Network), which is composed of ad-hoc networks with multiple drones for IoT services such as remote sensing or disaster monitoring. Here, the drones belonging to the cluster construct a FANET network acting as WTRP (Wireless Token Ring Protocol) MAC protocol. Under this network environment, we propose an efficient algorithm applying the Lightweight Encryption Algorithm (LEA) to the CTR (Counter) operation mode of WPA2 (WiFi Protected Access 2) to encrypt the transmitted data through the MAVLink application. And we study how to apply LEA based on CBC (Cipher Block Chaining) operation mode used in WPA2 for message security tag generation. In addition, a modified Diffie-Hellman key exchange method is approached to generate a new key used for encryption and security tag generation. The proposed method and similar methods are compared and analyzed in terms of efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.601-608
• /
• 2023

Homomorphic encryption is a promising technology that has been extensively researched in recent years. It allows computations to be performed on encrypted data, without the need to decrypt it. In this paper, we perform bibliometric analysis to objectively and quantitatively analyze the research trends of homomorphic encryption technology using 6,047 homomorphic encryption papers from the Scopus database. Specifically, we analyze the number of papers by year, keyword co-occurrence, topic clustering, changes in related keywords over time, and country of homomorphic encryption research institutions. Our analysis results provide strategic directions for research and application of homomorphic encryption and can be a great help for subsequent research and industrial applications.

• Proceedings of the Korea Contents Association Conference
• /
• 2003.11a
• /
• pp.113-119
• /
• 2003

Both the highly developed computing environment and the rapid increase of the internet users enable the present web based cluster system accounting service to help many users access to numerous data at high speed. However, the information security of users and data is also as important as the convenience of the systematic environment. Especially, the significance of damage to the individuals and organizations resulted from the data outflow, hacking and malicious coding has risen up to one of the most essential problems in the internet service business. In this study, I suggest a more safe web based cluster system accounting service solution applying SEED, the Korean Telecommunications Technology Association (TTA) standard encryption algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1165-1170
• /
• 2022

In WSNs, a clustering algorithm groups sensor nodes on a unit called cluster and periodically selects a cluster head (CH) that acts as a communication relay on behalf of nodes in each cluster for the purpose of energy conservation and relay efficiency. Meanwhile, attack techniques also have emerged to intervene in the CH election process through compromised nodes (inside attackers) and have a fatal impact on network operation. However, existing countermeasures such as encryption key-based methods against outside attackers have a limitation to defend against such inside attackers. Therefore, we propose a statistical detection method that detects abnormal CH election behaviors occurs in a WSN cluster. We design two attack methods (Selfish and Greedy attacks) and our proposed defense method in WSNs with two clustering algorithms and conduct experiments to validate our proposed defense method works well against those attacks.

• Journal of Information Processing Systems
• /
• v.16 no.1
• /
• pp.96-112
• /
• 2020

Solving the disclosure problem of sensitive information with the k-nearest neighbor query, location dummy technique, or interfering data in location-based services (LBSs) is a new research topic. Although they reduced security threats, previous studies will be ineffective in the case of sparse users or K-successive privacy, and additional calculations will deteriorate the performance of LBS application systems. Therefore, a model is proposed herein, which is based on geohash-encoding technology instead of latitude and longitude, memcached server cluster, encryption and decryption, and authentication. Simulation results based on PHP and MySQL show that the model offers approximately 10× speedup over the conventional approach. Two problems are solved using the model: sensitive information in LBS application is not disclosed, and the relationship between an individual and a track is not leaked.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.731-740
• /
• 2001

Multi-distributed web cluster model expanding conventional cluster system is the cluster system which processes large-scaled work demanded from users with parallel computing method by building a number of system nodes on open network into a single imaginary network. Multi-distributed web cluster model on the structured characteristics exposes internal system nodes by an illegal third party and has a potential that normal job performance is impossible by the intentional prevention and attack in cooperative work among system nodes. This paper presents the mutual authentication protocol of system nodes through key division method for the authentication of system nodes concerned in the registration, requirement and cooperation of service code block of system nodes and collecting the results and then designs SNKDC which controls and divides symmetrical keys of the whole system nodes safely and effectively. SNKDC divides symmetrical keys required for performing the work of system nodes and the system nodes transmit encoded packet based on the key provided. Encryption packet given and taken between system nodes is decoded by a third party or can prevent the outflow of information through false message.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.21-29
• /
• 2016

Our society is currently exposed to environment of various information that is exchanged real time through networks. Especially regarding medical policy, the government rushes to practice remote medical treatment to improve the quality of medical services for citizens. The remote medical practice requires establishment of medical information based on big data for customized treatment regardless of where patients are. This study suggests establishment of regional medical cluster along with defense and protection cooperation models that in case service availability is harmed, and attacks occur, the attacks can be detected, and proper measures can be taken. For this, the study suggested forming networks with nationwide local government hospitals as regional virtual medical cluster bases by the same medical information system. The study also designed a mutual cooperation security model that can real time cope with IP Spoofing attack that can occur in the medical cluster and DDoS attacks accordingly, so that the limit that sole system and sole security policy have can be overcome.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.9
• /
• pp.4442-4466
• /
• 2016

This paper proposes a privacy-preserving aggregation scheme based on the designed P-Gene (PAPG) for sensor networks. The P-Gene is constructed using the designed erasable data-hiding technique. In this P-Gene, each sensory data item may be hidden by the collecting sensor node, thereby protecting the privacy of this data item. Thereafter, the hidden data can be directly reported to the cluster head that aggregates the data. The aggregation result can then be recovered from the hidden data in the cluster head. The designed P-Genes can protect the privacy of each data item without additional data exchange or encryption. Given the flexible generation of the P-Genes, the proposed PAPG scheme adapts to dynamically changing reporting nodes. Apart from its favorable resistance to data loss, the extensive analyses and simulations demonstrate how the PAPG scheme efficiently preserves privacy while consuming less communication and computational overheads.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.112-113
• /
• 2024

컨테이너 기반 애플리케이션 개발의 증가와 마이크로서비스 아키텍처의 보급으로 컨테이너 클러스터 내 워크로드 간 안전한 통신이 중요해지고 있다. 또한, 최근에는 단일 클러스터 환경이 아닌 멀티 클라우드 등의 도입과 함께 다중 클러스터 환경이 점차 증가하면서 서로 다른 클러스터의 서비스 간 통신에 대한 보안 역시 강조되고 있다. 따라서, 본 논문에서는 이러한 요구사항을 충족시키기 위해 다중 클러스터 환경에서의 서비스 간 상호 인증 및 통신 암호화를 구현하고자 한다. 특히, 서비스 간 상호 인증이 가능한 mTLS (Mutual TLS)를 SPIFFE/ SPIRE 를 이용하여 구현하고, 이를 다시 확장하여 단일 클러스터 뿐만 아니라 다중 클러스터에서도 동일한 상호 인증 체계 및 통신 암호화를 사용할 수 있도록 하므로 컨테이너 환경 전반에 걸친 보안성과 신뢰성을 향상시키고자 한다.