• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.8
• /
• pp.3888-3910
• /
• 2018

As an increasing number of defense methods against control-data attacks are deployed in practice, control-data attacks have become challenging, and non-control-data attacks are on the rise. However, defense methods against non-control-data attacks are still deficient even though these attacks can produce damage as significant as that of control-data attacks. We present a method to defend against non-control-data attacks using influence domain monitoring (IDM). A definition of the data influence domain is first proposed to describe the characteristics of a variable during its life cycle. IDM extracts security-critical non-control data from the target program and then instruments the target for monitoring these variables' influence domains to ensure that corrupted variables will not be used as the attackers intend. Therefore, attackers may be able to modify the value of one security-critical variable by exploiting certain memory corruption vulnerabilities, but they will be prevented from using the variable for nefarious purposes. We evaluate a prototype implementation of IDM and use the experimental results to show that this method can defend against most known non-control-data attacks while imposing a moderate amount of performance overhead.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.11
• /
• pp.3163-3181
• /
• 2023

Eavesdropping attacks have seriously threatened network security. Attackers could eavesdrop on target nodes and link to steal confidential data. In the traditional network architecture, the static routing path and the important nodes determined by the nature of network topology provide a great convenience for eavesdropping attacks. To resist monitoring attacks, this paper proposes a random routing mutation defense method based on dynamic path weight (DPW-RRM). It utilizes network centrality indicators to determine important nodes in the network topology and reduces the probability of important nodes in path selection, thereby distributing traffic to multiple communication paths, achieving the purpose of increasing the difficulty and cost of eavesdropping attacks. In addition, it dynamically adjusts the weight of the routing path through network state constraints to avoid link congestion and improve the availability of routing mutation. Experimental data shows that DPW-RRM could not only guarantee the normal algorithmic overhead, communication delay, and CPU load of the network, but also effectively resist eavesdropping attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.5
• /
• pp.701-708
• /
• 2021

In this paper, I investigate the performances of the discovery and the message transmission of the DDS (Data Distribution Service) included the security function. The DDS serves the communication protocol, a publication- subscription method, for the real-time communication in the distributed system. The publication-subscription method is used in the various area in terms of defence, traffic and medical due to the strength such as a performance, scailability and availability. Nowadays, many communication standard has included and re-defined the security function to prepare from dramatically increased a threat of the security, the DDS also publishes the standard included the security function. But it had been not researched that the effect of increased a overhead for legacy systems due to the using of the security DDS function. The experimental results show that the comparative performance of legacy DDS and security DDS in terms of the discovery and the message transmission.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.11
• /
• pp.4184-4202
• /
• 2021

Text steganography combined with natural language generation has become increasingly popular. The existing methods usually embed secret information in the generated word by controlling the sampling in the process of text generation. A candidate pool will be constructed by greedy strategy, and only the words with high probability will be encoded, which damages the statistical law of the texts and seriously affects the security of steganography. In order to reduce the influence of the candidate pool on the statistical imperceptibility of steganography, we propose a steganography method based on a new sampling strategy. Instead of just consisting of words with high probability, we select words with relatively small difference from the actual sample of the language model to build a candidate pool, thus keeping consistency with the probability distribution of the language model. What's more, we encode the candidate words according to their probability similarity with the target word, which can further maintain the probability distribution. Experimental results show that the proposed method can outperform the state-of-the-art steganographic methods in terms of security performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2518-2533
• /
• 2020

In wireless sensor networks, adversaries may physically capture sensor nodes on the fields, and use them to launch false positive attacks (FPAs). FPAs could be conducted by injecting forged or old sensing reports, which would represent non-existent events on the fields, with the goal of disorientating the base stations and/or reducing the limited energy resources of sensor nodes on the fields. Researchers have proposed various mitigation methods against FPAs, including the statistical en-route filtering scheme (SEF). Most of these methods are based on key pre-distribution schemes and can efficiently filter injected false reports out at relay nodes through the verification of in-transit reports using the pre-distributed keys. However, their filtering power may decrease as time goes by since adversaries would attempt to capture additional nodes as many as possible. In this paper, we propose an adaptive key distribution method that could maintain the security power of SEF in WSNs under such circumstances. The proposed method makes, if necessary, BS update or re-distribute keys, which are used to endorse and verify reports, with the consideration of the filtering power and energy efficiency. Our experimental results show that the proposed method is more effective, compared to SEF, against FPAs in terms of security level and energy saving.

• Journal of Korea Multimedia Society
• /
• v.17 no.12
• /
• pp.1402-1411
• /
• 2014

Buyer-seller watermarking protocol is defined as the practice of imperceptible altering a digital content to embed a message using watermarking in the encryption domain. This protocol is acknowledged as one kind of copyright protection techniques in electronic commerce. Buyer-seller watermarking protocol is fundamentally based on public-key cryptosystem that is operating using the algebraic property of an integer. However, in general usage, digital contents which are handled in watermarking scheme mostly exist as real numbers in frequency domain through DCT, DFT, DWT, etc. Therefore, in order to use the watermarking scheme in a cryptographic protocol, digital contents that exist as real number must be transformed into integer type through preprocessing beforehand. In this paper, we presented a new watermarking scheme in an encrypted domain in an image that is based on the block-DCT framework and homomorphic encryption method for buyer-seller watermarking protocol. We applied integral-processing in order to modify the decimal layer. And we designed a direction-adaptive watermarking scheme by analyzing distribution property of the frequency coefficients in a block using JND threshold. From the experimental results, the proposed scheme was confirmed to have a good robustness and invisibility.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.2B
• /
• pp.144-156
• /
• 2003

Internet/Intranet has been continuously enhanced by new emerging IP technologies such as differentiate service(DiffServ), IPSec(IP Security) and MPLS(Multi-protocol Label Switching) traffic engineering. According to the increased demands of various real-time multimedia services, ISP(Internet Service Provider) should provide enhanced end-to-end QoS(quality of service) and security features. Therefore, Internet and Intranet need the management functionality of sophisticated traffic engineering functions. In this paper, we design and implement the performance management functionality for the guaranteed end-to-end QoS provisioning on MPLS-based VPLS(Virtual Private LAN Service). We propose VPLS OAM(Operation, Administration and Maintenance) for efficient performance management. We focus on a scheme of QoS management and measurement of QoS parameters(such as delay, jitter, loss, etc.) using VPLS OAM functions. The proposed performance management system also supports performance tuning to enhance the provided QoS by re-adjusting the bandwidth of LSPs for VPLS. We present the experimental results of performance monitoring and analysis using a network simulator.

• Journal of Korea Multimedia Society
• /
• v.13 no.6
• /
• pp.865-874
• /
• 2010

Recently, Hao et al. proposed a privacy preservation protocol based on group signature scheme for secure vehicular communications to overcome a well-recognized problems of secure VANETs based on PKI. However, although efficient group signature schemes have been proposed in cryptographic literatures, group signature itself is still a rather much time consuming operation. In this paper, we propose a more efficient privacy preservation protocol than that of Hao et al. In order to design a more efficient anonymous authentication protocol, we consider a key-insulated signature scheme as our cryptographic building block. We demonstrate experimental results to confirm that the proposed protocol is more efficient than the previous scheme.

• Proceedings of the IEEK Conference
• /
• 2002.07b
• /
• pp.928-931
• /
• 2002

Network based intrusion detection system is a computer network security tool. In this paper, we present an intrusion detection system based on Self-Organizing Maps (SOM) and Resilient Propagation Neural Network (RPROP) for visualizing and classifying intrusion and normal patterns. We introduce a cluster matching equation for finding principal associated components in component planes. We apply data from The Third International Knowledge Discovery and Data Mining Tools Competition (KDD cup'99) for training and testing our prototype. From our experimental results with different network data, our scheme archives more than 90 percent detection rate, and less than 5 percent false alarm rate in one SYN flooding and two port scanning attack types.

• Journal of Information Processing Systems
• /
• v.5 no.1
• /
• pp.25-32
• /
• 2009

It is absolutely essential to implement advanced IP network technologies such as QoS, Multicast, High Availability, and Security in order to provide real-time services like IPTV via IP backbone network. In reality, the existing commercial networks of internet service providers are subject to certain technical difficulties and limitations in embodying those technologies. On-going research efforts involve the experimental engineering works and implementation experience to trigger IPTV service on the premium-level IP backbone which has recently been developed. This paper introduces the core network technologies that will enable the deployment of a high-quality IPTV service, and then proposes a suitable methodology for application and deployment policies on each technology to lead the establishment and globalization of the IPTV service.