• Journal of Internet Computing and Services
• /
• v.11 no.4
• /
• pp.23-32
• /
• 2010

In this paper, we first propose the security enhancing of authentication protocol for Hash based RFID tag, and then a digital Codec for RFID tag is designed based on the proposed authentication protocol. The protocol is based on a three-way challenge response authentication protocol between the tags and a back-end server. In order to realize a secure cryptographic authentication mechanism, we modify three types of the protocol packets which defined in the ISO/IEC 18000-3 standard. Thus active attacks such as the Man-in-the-middle and Replay attacks can be easily protected. In order to verify effectiveness of the proposed protocol, a digital Codec for RFID tag is designed using Verilog HDL, and also synthesized using Synopsys Design Compiler with Hynix $0.25\;{\mu}m$ standard-cell library. Through security analysis and comparison result, we will show that the proposed scheme has better performance in user data confidentiality, tag anonymity, Man-in-the-middle attack prevention, replay attack, forgery resistance and location tracking.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.839-850
• /
• 2014

As the social and financial damages caused by APT attack such as 3.20 cyber terror are increased, the technical solution against APT attack is required. It is, however, difficult to protect APT attack with existing security equipments because the attack use a zero-day malware persistingly. In this paper, we propose a host based anomaly detection method to overcome the limitation of the conventional signature-based intrusion detection system. First, we defined 39 features to identify between normal and abnormal behavior, and then collected 8.7 million feature data set that are occurred during running both malware and normal executable file. Further, each process is represented as 83-dimensional vector that profiles the frequency of appearance of features. the vector also includes the frequency of features generated in the child processes of each process. Therefore, it is possible to represent the whole behavior information of the process while the process is running. In the experimental results which is applying C4.5 decision tree algorithm, we have confirmed 2.0% and 5.8% for the false positive and the false negative, respectively.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.6
• /
• pp.605-610
• /
• 2020

Software Defined Networking (SDN) is setting the standard for the management of networks due to its scalability, flexibility and functionality to program the network. The Distributed Denial of Service (DDoS) attack is most widely used to attack the SDN controller to bring down the network. Different methodologies have been utilized to detect DDoS attack previously. In this paper, first the dataset is obtained by Kaggle with 84 features, and then according to the rank, the 20 highest rank features are selected using Permutation Importance Algorithm. Then, the datasets are trained and tested with Convolution Neural Network (CNN) classifier model by utilizing deep learning techniques. Our proposed solution has achieved the best results, which will allow the critical systems which need more security to adopt and take full advantage of the SDN paradigm without compromising their security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.11-21
• /
• 2009

The NTRU cryptosystem proposed by Hoffstein et al. in 1990s is a public key cryptosystem based on hard lattice problems. NTRU has many advantages compared to other public key cryptosystems such as RSA and elliptic curve cryptosystems. For example, it guarantees high speed encryption and decryption with the same level of security, and there is no known quantum computing algorithm for speeding up attacks against NTRD. In this paper, we analyze the security of NTRU against the simple power analysis (SPA) attack and the statistical power analysis (STPA) attack such as the correlation power analysis (CPA) attack First, we implement NTRU operations using NesC on a Telos mote, and we show how to apply CPA to recover a private key from collected power traces. We also suggest countermeasures against these attacks. In order to prevent SPA, we propose to use a nonzero value to initialize the array which will store the result of a convolution operation. On the other hand, in order to prevent STPA, we propose two techniques to randomize power traces related to the same input. The first one is random ordering of the computation sequences in a convolution operation and the other is data randomization in convolution operation.

• Korean Journal of Psychosomatic Medicine
• /
• v.6 no.2
• /
• pp.104-119
• /
• 1998

This study was conducted to determine the important factors in the illness behavior of panic disorder patients. And then, find the best ways to lead the patients who have recurrent panic attacks to the adequate therapeutic situations. We studied 53 patients diagnosed as panic disorder according to DSM-IV among the outpatients who had been followed up at Bong Seng Memorial Hospital for 6 Ms, from May 1997 to October 1997. To evaluate the illness behaviors, we designed a checklist including socio-demographic data, degree of subjective distress from medical and psychiatric treatment, panic symptoms, life events, places of help-seeking, Anxiety Sensitivity Index. Using the checklist, we had semistructured interviews with the panic disorder patients to elucidate their help-seeking behaviors from first panic attack to diagnosing as panic disorder. The results were as follows ; 1) After first panic attack, the patients initially sought help at 1) Emergency room 40%, 2) Rest &/or Personal emergency care 35%, 3) Pharmacy 10%, 4) Outpatient care at hospital 10%, 5) Oriental medicine 5%. 2) Considering the panic symptoms, derealization, paresthesia and the severity of panic symptoms were the most important factors affecting the patient's help-seeking behaviors who had experienced the first panic attack. 3) Most of all the patients (80%) were apt to visit the hospitals within 15 days after experiencing about 3 panic attacks. 4) Before diagnosed as panic disorder, the patients had visited 3-5 health care centers during about 1 year. 5) Primary care physicaians(for example, emergency care physicians, family doctors and internists) had the most important roles in treating or guiding the patients to the adequate therapeutic situations. From the above results, the authors propose that non-psychiatric physicians have to know the panic disorder or attacks exactly. When patients complaint sudden onset physical symptoms e.g. palpitation, dyspnea, dizziness or the cognitive symptoms like the fear of death or insanity, physicians should consider the possibility of panic attack and encourage the patients to be evaluated for psychiatric illness.

• Anxiety and mood
• /
• v.4 no.1
• /
• pp.49-54
• /
• 2008

Objective : This article is a part of the Korean Medication Algorithm Project for Panic Disorder, which aims to build consensus regarding the diagnosis, treatment response and achievement of clinical remission for patients with panic disorder in Korea. Methods : The questionnaire used in this article had parts : 1) diagnosis, 2) treatment response, and 3) remission for patients with panic disorder. The questionnaire was completed by each of 54 Korean psychiatrists who had much experience in treating patients with panic disorder. We classified the experts' opinions into 3 categories (first-line, second-line, and third-line) using the ${\chi}^2$-test. Results : Five factors were considered in this research : panic attack, anticipatory anxiety, phobic avoidance, severity of illness, and psychosocial disability. Most reviewers agreed that the presence of a panic attack was the most important factor in the diagnosis of patients with panic disorder. Phobic avoidance was included in the first-line category, whereas the severity of illness and psychosocial disability were included in the second-line category. Most reviewers also agreed that the presence of a panic attack was the most important factor in determining the appropriate treatment response, and it was included in the first-line category along with several other items. To determine remission status, the patients' scores on tests pertaining to the severity of panic attack, anticipatory anxiety, phobic avoidance, severity of illness and psychosocial disability should be less than 3.0-3.3 on a 9-point Likert scale. Conclusion : We suggest useful information for making a diagnosisof panic disorder, determining the appropriate treatment response and identifying remission in panic disorder patients on the basis of the results of a nationwide survey of experts in Korea.

• Korean Security Journal
• /
• no.6
• /
• pp.327-340
• /
• 2003

As a countermeasure under accidental occurrence situation, First, as application form of martial arts, A security guard foster ability that can protect a target person of guard and own body under accidental occurrence situation through incessant martial arts practice. To achieve this purpose, incessant training mental power and physical strength reinforcement should be kept on to prevent, therefore make a safety control function for such as weapon, small arms, explosive, vehicles terror etc. happened under accidental occurrence situation. Second, according to the contents of training based on the classification category of martial arts for security guard under accidental situation, a security guard must keep safety distance necessarily lest a target person of gurad should be attacked by attacker, therefore, intercept an attack opportunity if a safety distance between a target person of guard and attacker is not kept. Third, It is to practice confrontation techniques based on the type of attack. A security guard must develp situation disposal ability that can cope properly with the attack using empty hands, murderous weapon, small arms, explosive by case or individual or mass of threat that impose danger and injury in a target person's body of guard.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.453-458
• /
• 2013

In a wireless LAN environment, security is the most important. Security of 802.11 standard has many vulnerabilities of the network attack. IEEE has created mechanisms to security for this vulnerability. But the vulnerabilities is characteristic of broadcast in the air in wireless LAN, it is more disclosure then other network environments. In a wireless LAN environment, it can be accessed to the wireless LAN after authentication. Authentication process is one of most important because of the first security step. However, in the authentication process is not mentioned in the method of reducing the disclosure maximum fundamental. Therefore, in this research, the vulnerability of 802.11 are presented and how to do de-authentication in 802.11.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.65-71
• /
• 2017

This paper proposes a smart phone authentication method based on user's behavior and habit that is an authentication method against shoulder surfing attack and brute force attack. As smart phones evolve not only storage of personal data but also a key means of financial services, the importance of personal information security in smart phones is growing. When user authentication of smart phone, pattern authentication method is simple to use and memorize, but it is prone to leak and vulnerable to attack. Using the features of the smart phone pattern method of the user, the pressure applied when touching the touch pad with the finger, the size of the area touching the finger, and the time of completing the pattern are used as feature vectors and applied to user authentication security. First, a smart phone user models and stores three parameter values as prototypes for each section of the pattern. Then, when a new authentication request is made, the feature vector of the input pattern is obtained and compared with the stored model to decide whether to approve the access to the smart phone. The experimental results confirm that the proposed technique shows a robust authentication security using subjective data of smart phone user based on habits and behaviors.

• KDI Journal of Economic Policy
• /
• v.35 no.3
• /
• pp.91-124
• /
• 2013

This paper analyzes a situation where multiple targets are exposed to a potential terrorist attack. The probability of an attack is determined endogenously in a game where a terrorist chooses the target while the targets independently determine the level of deterrence. As each target tries to divert an attack to others, the symmetric equilibrium becomes suboptimal and exhibits dispersion in the level of deterrence. The analysis shows that the first best deterrence level may be achieved when the targets can write a binding risk-sharing contract. Such a contract has limited applicability however as it suffers from a potential verification problem.