• Title/Summary/Keyword: cyber attack

Search Result 490, Processing Time 0.022 seconds

The intruder traceback mechanism based on active networks (액티브 네트워크 기반 침입자 역추적 메커니즘)

  • Lee Young-seok
    • Journal of Internet Computing and Services
    • /
    • v.6 no.1
    • /
    • pp.1-12
    • /
    • 2005
  • Recently, the patterns of cyber attack through internet have been various and have become more complicated and thus it is difficult to detect a network intruder effectively and to response the intrusion quickly. Therefore, It is almost not possible to chase the real location of a network intruder and to isolate the Intruder from network in UDP based DoS or DDoS attacks spoofing source IP address and in TCP based detour connection attacks. In this paper, we propose active security architecture on active network to correspond to various cyber attacks promptly. Security management framework is designed using active technology, and security control mechanism to chase and isolate a network intruder is implemented. We also test the operation of the active security mechanism implemented on test_bed according to several attack scenarios and analyze the experiment results.

  • PDF

Security Analysis of AMI Using ACT (ACT를 이용한 AMI 보안 분석)

  • Wi, Miseon;Kim, Dong Seong;Park, Jong Sou
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.4
    • /
    • pp.639-653
    • /
    • 2013
  • Smart grid is a network of computers and power infrastructure that monitor and manage energy usage efficiently. Recently, the smart grid demonstration projects around the world, including the United States, Europe, Japan, and the technology being developed. The protection of the many components of the grid against cyber-threats has always been critical, but the recent Smart grid has been threatened by a variety of cyber and physical attacks. We model and analyze advanced metering infrastructure(AMI) in smart grid. Using attack countermeasure tree(ACT) we show qualitative and probabilistic security analysis of AMI. We implement using SHARPE(Symbolic Hierarchical Automated Reliability and Performance Evaluator) tool and calculate probability, ROA, ROI, Structure Importance, Birnbaum Importance.

Design and Implementation of Network Defense Simulator (네트워크 방어 시뮬레이터 설계 및 구현)

  • 이철원;윤주범;임을규
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.4C
    • /
    • pp.441-447
    • /
    • 2004
  • Information security simulator is required for the study on the cyber intrusion and defense as information security has been increasingly popular Until now, the main purposes of information security simulation are security estimation of small network as well as performance analysis of information protection systems. However, network simulators that can simulate attacks in a huge network are in needs since large scale internet attacks are very common in these days. In this paper we proposed a simulator design and its implementation details. Our simulator is implemented by expanding the SSFNet program to the client-sewer architecture. A cyber attack scenario used in our simulator is composed by the advanced attack tree model. We analyzed the simulation results to show the correctness of our network defense simulator.

An Analysis of the Importance among the Items in the Secure Coding used by the AHP Method (AHP기법을 이용한 시큐어 코딩의 항목 간 중요도 분석)

  • Kim, Chi-Su
    • Journal of Digital Convergence
    • /
    • v.13 no.1
    • /
    • pp.257-262
    • /
    • 2015
  • The ministry of security and public administration provide the secure coding guide that can remove the vulnerability of applications and defend cyber attack from the coding step because cyber attack like the hacking about 75% abusing the vulnerability of applications. In this paper we find the oder of priority and did the criticality analysis used by AHP about 7 items in the secure coding which the ministry of security and public administration provide. The result is decided that 'exception handling' is the most important item. There is no secure coding items in software supervision currently, therefore the result of the research will make good use audit standards in the process of the software development.

Development of field programmable gate array-based encryption module to mitigate man-in-the-middle attack for nuclear power plant data communication network

  • Elakrat, Mohamed Abdallah;Jung, Jae Cheon
    • Nuclear Engineering and Technology
    • /
    • v.50 no.5
    • /
    • pp.780-787
    • /
    • 2018
  • This article presents a security module based on a field programmable gate array (FPGA) to mitigate man-in-the-middle cyber attacks. Nowadays, the FPGA is considered to be the state of the art in nuclear power plants I&C systems due to its flexibility, reconfigurability, and maintainability of the FPGA technology; it also provides acceptable solutions for embedded computing applications that require cybersecurity. The proposed FPGA-based security module is developed to mitigate information-gathering attacks, which can be made by gaining physical access to the network, e.g., a man-in-the-middle attack, using a cryptographic process to ensure data confidentiality and integrity and prevent injecting malware or malicious data into the critical digital assets of a nuclear power plant data communication system. A model-based system engineering approach is applied. System requirements analysis and enhanced function flow block diagrams are created and simulated using CORE9 to compare the performance of the current and developed systems. Hardware description language code for encryption and serial communication is developed using Vivado Design Suite 2017.2 as a programming tool to run the system synthesis and implementation for performance simulation and design verification. Simple windows are developed using Java for physical testing and communication between a personal computer and the FPGA.

A Discovery System of Malicious Javascript URLs hidden in Web Source Code Files

  • Park, Hweerang;Cho, Sang-Il;Park, Jungkyu;Cho, Youngho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.24 no.5
    • /
    • pp.27-33
    • /
    • 2019
  • One of serious security threats is a botnet-based attack. A botnet in general consists of numerous bots, which are computing devices with networking function, such as personal computers, smartphones, or tiny IoT sensor devices compromised by malicious codes or attackers. Such botnets can launch various serious cyber-attacks like DDoS attacks, propagating mal-wares, and spreading spam e-mails over the network. To establish a botnet, attackers usually inject malicious URLs into web source codes stealthily by using data hiding methods like Javascript obfuscation techniques to avoid being discovered by traditional security systems such as Firewall, IPS(Intrusion Prevention System) or IDS(Intrusion Detection System). Meanwhile, it is non-trivial work in practice for software developers to manually find such malicious URLs which are hidden in numerous web source codes stored in web servers. In this paper, we propose a security defense system to discover such suspicious, malicious URLs hidden in web source codes, and present experiment results that show its discovery performance. In particular, based on our experiment results, our proposed system discovered 100% of URLs hidden by Javascript encoding obfuscation within sample web source files.

An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography

  • Qiu, Shuming;Xu, Guosheng;Ahmad, Haseeb;Xu, Guoai;Qiu, Xinping;Xu, Hong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.2
    • /
    • pp.978-1002
    • /
    • 2019
  • With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

Security-Reverse-Attack Engineering Life-cycle Model for Attack System and Attack Specification Models (공격시스템을 위한 보안-역-공격공학 생명주기 모델과 공격명세모델)

  • Kim, Nam-Jeong;Kong, Mun-Soo;Lee, Gang-Soo
    • Journal of the Korea Convergence Society
    • /
    • v.8 no.6
    • /
    • pp.17-27
    • /
    • 2017
  • Recently, as cyber attacks have been activated, many such attacks have come into contact with various media. Research on security engineering and reverse engineering is active, but there is a lack of research that integrates them and applies attack systems through cost effective attack engineering. In this paper, security - enhanced information systems are developed by security engineering and reverse engineering is used to identify vulnerabilities. Using this vulnerability, we compare and analyze lifecycle models that construct or remodel attack system through attack engineering, and specify structure and behavior of each system, and propose more effective modeling. In addition, we extend the existing models and tools to propose graphical attack specification models that specify attack methods and scenarios in terms of models such as functional, static, and dynamic.

An Efficient Anonymous Authentication Scheme with Secure Communication in Intelligent Vehicular Ad-hoc Networks

  • Zhang, Xiaojun;Mu, Liming;Zhao, Jie;Xu, Chunxiang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.6
    • /
    • pp.3280-3298
    • /
    • 2019
  • Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs.

A Study of Administration of Cyber Range (사이버 레인지 운용 방안 연구)

  • Kim, Daesik;Kim, Yonghyun
    • Journal of Internet Computing and Services
    • /
    • v.18 no.5
    • /
    • pp.9-15
    • /
    • 2017
  • In the whole world the Attack Technologies of cyber warfare in modern society are growing faster and complicated. The frequency of the new attacks is shorter than before day by day. The defense technologies and experts against these attacks are very few. One of answers to solve these problems is the cyber range as a test-bed to prepare the cyber warfare considered by many countries. This paper examines the foreign cases and similar systems, collects and analyzes various attributes for cyber range. Finally it refines them through system engineering processes. In these processes missions and concepts for administration are set with architecture framework. The logical architecture is designed. Based on designed architecture two goals, defense technologies and procurement of experts, are established. And it shows effective and persistent administration of cyber range.