• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.9
• /
• pp.1187-1192
• /
• 2020

The dronebot combat system is a representative model of the future battlefield in the 4th industrial revolution. In dronebot, unmanned reconnaissance tankrobot can minimize human damage and reduce cost with higher combat power than humans. However, since the battlefield environment is very complex such as obstacles and enemy situations, it is also necessary for the pilot to control the tankrobot. Tankrobot are robots with new ICT technology, capable of hacking attacks, and if there is an abnormality in control, it can pose a threat to manipulation and control. A Bluetooth sniffing attack was performed on the communication section of the tankrobot and the controller to introduce a vulnerability to Bluetooth, and a countermeasure using MAC address exposure prevention and communication section encryption was proposed as a security measure. This paper first presented the vulnerability of tankrobot to be operated in future military operations, and will be the basic data that can be used for defense dronebot units.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1171-1181
• /
• 2022

Front Collision-Avoidance Assist (FCA) or Smart Cruise Control (SCC) is installed in a modern vehicle, and the amount of data exchange between ECUs increases rapidly. Therefore, Automotive Ethernet, especially SOME/IP, which supports wide bandwidth and two-way communication, is widely adopted to overcome the bandwidth limitation of traditional CAN communication. SOME/IP is a standard protocol compatible with various automobile operating systems, and improves connectivity between components in the vehicle. However, no encryption or authentication process is defined in the SOME/IP protocol itself. Therefore, there is a need for a security study on the SOME/IP protocol. This paper proposes a deep learning-based intrusion detection system in SOME/IP and performs six attacks to confirm the performance of the intrusion detection system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.751-763
• /
• 2022

With the recent increase in spending growth in the IoT sector worldwide, the importance of lightweight block ciphers to encrypt them is also increasing. The lightweight block cipher PIPO algorithm proposed in ICISC 2020 is an SPN-structured cipher using an unbalanced bridge structure. The white box attack model refers to a state in which an attacker may know the intermediate value of the encryption operation. As a technique to cope with this, Chow et al. proposed a white box implementation technique and applied it to DES and AES in 2002. In this paper, we propose a white box PIPO applying a white box implementation to a lightweight block cipher PIPO algorithm. In the white box PIPO, the size of the table decreased by about 5.8 times and the calculation time decreased by about 17 times compared to the white box AES proposed by Chow and others. In addition, white box PIPO was used for mobile security products, and experimental results for each test case according to the scope of application are presented.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.19-25
• /
• 2023

The current network environment provides a real-time interactive service from an initial one-way information prov ision service. Depending on the form of web-based information sharing, it is possible to provide various knowledge a nd services between users. However, in this web-based real-time information sharing environment, cases of damage by illegal attackers who exploit network vulnerabilities are increasing rapidly. In particular, for attackers who attempt a phishing attack, a link to the corresponding web page is induced after actively generating a forged web page to a user who needs a specific web page service. In this paper, we analyze whether users directly and actively forge a sp ecific site rather than a passive server-based detection method. For this purpose, it is possible to prevent leakage of important personal information of general users by detecting a disguised webpage of an attacker who induces illegal webpage access using traceback information

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.16 no.2
• /
• pp.97-103
• /
• 2023

Since most of the information is transmitted through the network, eavesdropping and interception by a third party may occur. Appropriate measures are required for effective, secure and confidential communication in the network. Steganography is a technology that prevents third parties from detecting that confidential information is hidden in other media. Due to structural vulnerabilities, information protected by encryption and steganography techniques can be easily exposed to illegitimate groups. In order to improve the limitations of LSB where the simplicity and predictability of the hiding method exist, I propose a technique to improve the security of the message to be hidden based on PRNG and recursive function. To enhance security and confusion, XOR operation was performed on the result of selecting a random bit from the upper bits of the selected channel and the information transformed by the RS-box. PSNR and SSIM were used to confirm the performance of the proposed method. Compared to the reference values, the SSIM and PSNR of the proposed method were 0.9999 and 51.366, respectively, confirming that they were appropriate for hiding information.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.2
• /
• pp.333-342
• /
• 2022

Cellular Automata (CA) is a discrete and abstract computational model that is being applied in various fields. Applicable as an excellent pseudo-random sequence generator, CA has recently developed into a basic element of cryptographic systems. Several studies on CA-based stream ciphers have been conducted and it has been observed that the encryption strength increases when the radius of a CA's neighbor is increased when appropriate CA rules are used. In this paper, among CAs that can be applied as a one-dimensional pseudo-random number sequence generator (PRNG), one-dimensional 5-neighbor CAs are classified according to the connection state of their neighbors, and the ignition relationship of the characteristic polynomial is obtained. Also this paper propose a synthesis algorithm for an asymmetric 1-D linear 5-neighbor MLCA in which the radius of the neighbor is increased by 2 using the one-dimensional 3-neighbor 90/150 CA state transition matrix.

• Journal of Internet Computing and Services
• /
• v.19 no.5
• /
• pp.67-75
• /
• 2018

According to Symantec's Internet Security Threat Report(2018), Internet security threats such as Cryptojackings, Ransomwares, and Mobile malwares are rapidly increasing and diversifying. It means that detection of malwares requires not only the detection accuracy but also versatility. In the past, malware detection technology focused on qualitative performance due to the problems such as encryption and obfuscation. However, nowadays, considering the diversity of malware, versatility is required in detecting various malwares. Additionally the optimization is required in terms of computing power for detecting malware. In this paper, we present Stream Order(SO)-CNN and Incremental Coordinate(IC)-CNN, which are malware detection schemes using CNN(Convolutional Neural Network) that effectively detect intelligent and diversified malwares. The proposed methods visualize each malware binary file onto a fixed sized image. The visualized malware binaries are learned through GoogLeNet to form a deep learning model. Our model detects and classifies malwares. The proposed method reveals better performance than the conventional method.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.1-13
• /
• 2006

In this paper, we introduce a novel key management scheme that is based on the key pre-distribution but provides the key re-distribution method, in order to manage keys for message encryption and authentication of lower-layer sensor nodes on hierarchical mobile sensor networks. The characteristics of our key management are as follows: First, the role of key management is distributed to aggregator nodes as well as a sink node, to overcome the weakness of centralized management. Second, a sink node generates keys using regression model, thus it stores only the information for calculating the keys using the key information received from nodes, but does not store the relationship between a node and a key, and the keys themselves. As the disadvantage of existing key pre-distributions, they do not support the key re-distribution after the deployment of nodes, and it is hard to extend the key information in the case that sensor nodes in the network enlarge. Thirdly, our mechanism provides the resilience to node capture(${\lambda}$-security), also provided by the existing key pre-distributions, and fourth offers the key freshness through key re-distribution, key distribution to mobile nodes, and scalability to make up for the weak points in the existing key pre-distributions. Fifth, our mechanism does not fix the relationship between a node and a key, thus supports the anonymity and untraceability of mobile nodes. Lastly, we compare ours with existing mechanisms, and verify our performance through the overhead analysis of communication, computation, and memory.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.8
• /
• pp.1581-1588
• /
• 2017

Recently, circulating ransomware is becoming intelligent and sophisticated through a spreading new viruses and variants, targeted spreading using social engineering attack, malvertising that circulate a large quantity of ransomware by hacking advertising server, or RaaS(Ransomware-as-a- Service), from the existing attack way that encrypt the files and demand money. In particular, it makes it difficult to track down attackers by bypassing security solutions, disabling parameter checking via file encryption, and attacking target-based ransomware with APT(Advanced Persistent Threat) attacks. For remove the threat of ransomware, various detection techniques are developed, but, it is very hard to respond to new and varietal ransomware. Accordingly, in this paper, find out a making Signature-based Detection Patterns and problems, and present a pattern automation model of ransomware detecting for responding to ransomware more actively. This study is expected to be applicable to various forms in enterprise or public security control center.

• Management & Information Systems Review
• /
• v.39 no.2
• /
• pp.39-60
• /
• 2020

Block chain technology is one of the core elements for realizing the 4^th industrial revolution, and many efforts have been made by government and companies to provide services based on block chain technology. In this study we analyzed the benefits of block chain technology for EVMS and designed EVMS block chain platform with increased data security and work efficiency for project management data, which are important assets in monitoring progress, foreseeing future events, and managing post-completion. We did the case studies on the benefits of block chain technology and then conducted the survey study on security, reliability, and efficiency of block chain technology, targeting 18 block chain experts and project developers. And then, we interviewed EVMS system operator on the compatibility between block chain technology and EVM Systems. The result of the case studies showed that block chain technology can be applied to financial, logistic, medical, and public services to simplify the insurance claim process and to improve reliability by distributing transaction data storage and applying security·encryption features. Also, our research on the characteristics and necessity of block chain technology in EVMS revealed the improvability of security, reliability, and efficiency of management and distribution of EVMS data. Finally, we designed a network model, a block structure, and a consensus algorithm model and combined them to construct a conceptual block chain model for EVM system. This study has the following contribution. First, we reviewed that the block chain technology is suitable for application in the defense sector and proposed a conceptual model. Second, the effect that can be obtained by applying block chain technology to EVMS was derived, and the possibility of improving the existing business process was derived.