• The KIPS Transactions:PartC
• /
• v.18C no.5
• /
• pp.303-316
• /
• 2011

Data aggregation is important in wireless sensor networks. However, it also introduces many security problems, one of which is that a compromised node may inject false data or drop a message during data aggregation. Most existing solutions rely on encryption, which however requires high computation and communication cost. But they can only detect the occurrence of an attack without finding the attacking node. This makes sensor nodes waste their energy in sending false data if attacks occur repeatedly. Even an existing work can identify the location of a false data injection attack but it has a limitation that at most 50% of total sensor nodes can participate in data transmission. Therefore, a novel approach is required such that it can identify an attacker and also increase the number of nodes which participate in data transmission. In this paper, we propose a monitoring-based secure data aggregation protocol to prevent against a compromised aggregator which injects false data or drops a message. The proposed protocol consists of aggregation tree construction and secure data aggregation. In secure data aggregation, we use integration of abnormal data detection with monitoring and a minimal cryptographic technique. The simulation results show the proposed protocol increases the number of participating nodes in data transmission to 95% of the total nodes. The proposed protocol also can identify the location of a compromised node which injects false data or drops a message. A communication overhead for tracing back a location of a compromised node is O(n) where n is the total number of nodes and the cost is the same or better than other existing solutions.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.731-738
• /
• 2004

With the increase of digital content usages, the protection for digital content and intellectual property becomes more important. The DRM(digital rights management) technologies are applicable to protect not only any kind of digital contents but also intellectual property. Besides such techniques are required for recorded digital broadcasting contents due to introduction of digital broadcasting techniques and storage devices such as personal video recorder. The conventional protection scheme for broadcasting content is the CAS(conditional access system) by which the access of viewer is controlled on the specific channels or programs. The CAS prohibits the viewer from delivering the digital broadcasting content to other person, so it results in restriction of superdistribution on the digital broadcasting content. In this paper, for broadcast targeting unspecfic many people, we will design the service model of the protection and distribution of digital broadcasting content using encryption and license by employing the concept of DRM. The results of implementation are also shown to verify some functions of each component. An implemented system of this paper has some advantages that the recording of broadcast content is allowed on set-top-box and superdistribution is available by consumer. Hence it provides content providers and consumers with trustworthy environment for content protection and distribution.

• Journal of the Korea Convergence Society
• /
• v.11 no.1
• /
• pp.1-7
• /
• 2020

Recently 5G technology is one of the technologies that has been receiving much positive responses from users as it is integrated with virtual technology. However, 5G's security issues have not been fully resolved and more security is soon required. In this paper, an approach technique is proposed as a probability-based hierarchy to provide personal privacy for 5G-based IoT users more safely. The proposed technique is aimed at not exposing the privacy of IoT users to third parties by using two random keys created personally by IoT users. In order to satisfy both safety and efficiency, the proposed technology divides the privacy of IoT users into two layers. In the first stage, IoT users will control access to intermediate media using anonymous keys generated by IoT users, and in the second stage, information of IoT users registered with servers will be darkened and replicated. The proposed technique has improved the accuracy of the privacy protection of IoT users as they assign weights to layered information after layering users' privacy information on a probabilistic basis.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.46 no.11
• /
• pp.8-15
• /
• 2009

Side-channel attacks including the differential power analysis attack are often more powerful than classical cryptanalysis and have to be seriously considered by cryptographic algorithm's implementers. Various countermeasures have been proposed against such attacks. In this paper, we deal with the masking method, which is known to be a very effective countermeasure against the differential power analysis attack and propose new gate-level conversion methods between Boolean and arithmetic masks. The new methods require only 6n-5 XOR and 2n-2 AND gates with 3n-2 gate delay for converting n-bit masks. The basic idea of the proposed methods is that the carry and the sum bits in the ripple adder are manipulated in a way that the adversary cannot detect the relation between these bits and the original raw data. Since the proposed methods use only bitwise operations, they are especially useful for DPA-securely implementing cryptographic algorithms in hardware which use both Boolean and arithmetic operations. For example, we applied them to securely implement the block encryption algorithm SEED in hardware and present its detailed implementation result.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.49 no.12
• /
• pp.156-163
• /
• 2012

Recently, Information Hiding Technology are becoming increasingly demanding in the field of international security, military and medical image This paper proposes data hiding technique utilizing parity checker for gray level image. many researches have been adopted LSB substitution and XOR operation in the field of steganography for the low complexity, high embedding capacity and high image quality. But, LSB substitution methods are not secure through it's naive mechanism even though it achieves high embedding capacity. Proposed method replaces LSB of each pixel with XOR(between the parity check bit of other 7 MSBs and 1 Secret bit) within one pixel. As a result, stego-image(that is, steganogram) doesn't result in high image degradation. Eavesdropper couldn't easily detect the message embedding. This approach is applying the concept of symmetric-key encryption protocol onto steganography. Furthermore, 1bit of symmetric-key is generated by the self-reference of each pixel. Proposed method provide more 25% embedding rate against existing XOR operation-based methods and show the effect of the reversal rate of LSB about 2% improvement.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.21-31
• /
• 2018

Cyber penetration attacks can not only damage cyber space but can attack entire infrastructure such as electricity, gas, water, and nuclear power, which can cause enormous damage to the lives of the people. Also, cyber space has already been defined as the fifth battlefield, and strategic responses are very important. Most of recent cyber attacks are caused by malicious code, and since the number is more than 1.6 million per day, automated analysis technology to cope with a large amount of malicious code is very important. However, it is difficult to deal with malicious code encryption, obfuscation and packing, and the dynamic analysis technique is not limited to the performance requirements of dynamic analysis but also to the virtual There is a limit in coping with environment avoiding technology. In this paper, we propose a machine learning based malicious code analysis technique which improve the weakness of the detection performance of existing analysis technology while maintaining the light and high-speed analysis performance applicable to commercial endpoints. The results of this study show that 99.13% accuracy, 99.26% precision and 99.09% recall analysis performance of 71,000 normal file and malicious code in commercial environment and analysis time in PC environment can be analyzed more than 5 per second, and it can be operated independently in the endpoint environment and it is considered that it works in complementary form in operation in conjunction with existing antivirus technology and static and dynamic analysis technology. It is also expected to be used as a core element of EDR technology and malware variant analysis.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.67-75
• /
• 2018

According to Symantec's Internet Security Threat Report(2018), Internet security threats such as Cryptojackings, Ransomwares, and Mobile malwares are rapidly increasing and diversifying. It means that detection of malwares requires not only the detection accuracy but also versatility. In the past, malware detection technology focused on qualitative performance due to the problems such as encryption and obfuscation. However, nowadays, considering the diversity of malware, versatility is required in detecting various malwares. Additionally the optimization is required in terms of computing power for detecting malware. In this paper, we present Stream Order(SO)-CNN and Incremental Coordinate(IC)-CNN, which are malware detection schemes using CNN(Convolutional Neural Network) that effectively detect intelligent and diversified malwares. The proposed methods visualize each malware binary file onto a fixed sized image. The visualized malware binaries are learned through GoogLeNet to form a deep learning model. Our model detects and classifies malwares. The proposed method reveals better performance than the conventional method.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.4
• /
• pp.59-67
• /
• 2016

With the enhancement of built-in communication capabilities in various meters and wearable devices, which implies Internet of things (IoT), the demand of small-area embedded processors has increased. In this paper, we introduce a small-area 32-bit pipelined processor, Juno, which is available in the field of IoT. Juno is an EISC (Extendable Instruction Set Computer) machine and has a 2/3-stage pipeline structure to reduce the data dependency of the pipeline. It has a simple pipeline controller which only controls the program counter (PC) and two pipeline registers. It offers $32{\times}32=64$ multiplication, 64/32=32 division, $32{\times}32+64=64$ MAC (multiply and accumulate) operations together with 32*32=64 Galois field multiplication operation for encryption processing in wireless communications. It provides selective inclusion of these algebraic logic blocks if necessary in order to reduce the area of the overall processor. In this case, the gate count of our integer core amounts to 12k~22k and has a performance of 0.57 DMIPS/MHz and 1.024 Coremark/MHz.

• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.1-14
• /
• 2010

IEEE 802.15.4[1] has been standardized for the physical layer and MAC layer of LR-PANs(Low Rate-Wireless Personal Area Networks) as a technology for operations with low power on sensor networks. The standardization is applied to the variety of applications in the shortrange wireless communication with limited output and performance, for example wireless sensor or virtual wire, but it includes vulnerabilities for various attacks because of the lack of security researches. In this paper, we analyze the vulnerabilities against the denial of sleep attacks on the MAC layer of IEEE 802.15.4, and propose a detection mechanism against it. In results, we analyzed the possibilities of denial of sleep attacks by the modification of superframe, the modification of CW(Contention Window), the process of channel scan or PAN association, and so on. Moreover, we comprehended that some of these attacks can mount even though the standardized security services such as encryption or authentication are performed. In addition to, we model for denial of sleep attacks by Beacon/Association Request messages, and propose a detection mechanism against them. This detection mechanism utilizes the management table consisting of the interval and node ID of request messages, and signal strength. In simulation results, we can show the effect of attacks, the detection possibility and performance superiorities of proposed mechanism.

• Journal of the Institute of Convergence Signal Processing
• /
• v.15 no.2
• /
• pp.48-54
• /
• 2014

For the element ${\alpha}{\in}GF(p^n)$, two kinds of bases are known. One is a conventional polynomial basis of the form $\{1,{\alpha},{\alpha}^2,{\cdots},{\alpha}^{n-1}\}$, and the other is a normal basis of the form $\{{\alpha},{\alpha}^p,{\alpha}^{p^2},{\cdots},{\alpha}^{p^{n-1}}\}$. In this paper we consider the method of generating normal bases which construct the finite field $GF(p^n)$, as an n-dimensional extension of the finite field GF(p). And we analyze the code sequence generating algorithm and derive the implementation functions of code sequence generator based on the normal bases. We find the normal polynomials of degrees, n=5 and n=7, which can generate normal bases respectively, design, and construct the code sequence generators based on these normal bases. Finally, we produce two code sequence groups(n=5, n=7) by using Simulink, and analyze the characteristics of the autocorrelation function, $R_{i,i}(\tau)$, and crosscorrelation function, $R_{i,j}(\tau)$, $i{\neq}j$ between two different code sequences. Based on these results, we confirm that the analysis of generating algorithms and the design and implementation of the code sequence generators based on normal bases are correct.