• 정보처리학회논문지C
• /
• 제13C권4호
• /
• pp.405-414
• /
• 2006

공격 발생시에 네트워크에 나타나는 징후정보를 수집하여 공격을 분류하는 징후기반공격분류법을 제안한다. 이 공격분류법은 공격 발생시 징후를 이용하므로 필요한 정보의 수집이 빠르고 알려지지 않은 공격에 대한 분류가 가능한 장점이 있다. 제안하는 공격법은 두 단계로 공격을 분류한다. 단일 공격자로부터 단일 공격대상에게 나타나는 단일 공격들을 먼저 분류하고 단일 공격들이 서로 연관성 없는 다른 공격들인지 아니면 동일한 하나의 공격을 구성하는 연관된 공격인지 판단하게 된다. 따라서, 이미 제안된 공격분류법보다 정확하게 분산서비스거부공격이나 웜, Bot과 같은 공격을 분류할 수 있게 되었다. 제안하는 분류법을 이용하여 원과 분산서비스거부공격의 특정 및 근거리통신망에서 발생하는 공격의 특정을 도출하였고 이러한 특정들은 새로운 웜이나 분산서비스거부공격 또는 근거리통신망에서 발생하는 공격들도 공통적으로 가지는 특정임을 보였다.

• 정보보호학회논문지
• /
• 제14권5호
• /
• pp.3-10
• /
• 2004

무선 랜은 액세스 포인트를 경유하여 인터넷을 사용할 수 있기 때문에 접근 제어의 중요성을 가지고 있다. 또한 무선 랜을 이용하기 위해서는 EAP의 인증과정을 거치게 된다. 이러한 액세스 포인트 접근과 인증 과정에 대한 치명적인 공격 중의 하나가 DoS(Denial of Service) 공격이다. 즉 악의적인 공격자가 액세스 포인트의 접근을 막거나 또는 인증 과정에서 서버의 메모리 및 중앙처리장치의 계산 능력 등을 강제적으로 소비시킴으로써 합법적인 사용자가 서비스를 받지 못하게 한다. 본 논문에서는 무선 랜에 대한 DoS 공격을 접근 제어, 자원의 할당, 인증프로토콜 상에서의 공격으로 나누어 각 공격에 대한 방어법을 제시하였다. 액세스 포인트 접근에 대한 문제는 사전 검증 단계 및 보안 수준 변수에 의해, 자원의 할당에 대한 공격은 부분적인 stateless 프로토콜에 의해, 프로토콜상의 약점은 타임스템프와 접근 제한 변수에 의해 개선하였다.

• 정보보호학회논문지
• /
• 제32권4호
• /
• pp.673-689
• /
• 2022

본 연구에서는 APT 공격을 탐지하고 대응하기 위한 과정의 하나로 APT 공격을 스코어링하는 방안을 제안한다. 먼저, 사이버 공격을 스코어링하는 과정에서 비일관적인 전문가의 주관적인 판단 요소를 고려한 기존의 연구와는 달리, MITRE ATT&CK^Ⓡ의 공격기술을 구성하는 여러 구성요소 중 정량화할 수 있는 요소들을 식별하고 이를 정량화하는 방안을 제시한다. 또한, 정량화된 요소들을 이용하여 단위 공격기술의 스코어를 도출하고, 나아가 여러 공격 기술로 구성된 전체 APT 공격의 스코어를 산출하는 방안을 제안한다. 제안한 스코어링 방법을 APT 공격 사례 보고서에 적용하여 APT 공격을 포함한 다양한 사이버 공격의 위협 수준 및 시급성을 판단하기 위한 정량화 가능성을 제시한다. 본 연구를 이용하여 APT 공격을 탐지하는 과정에서 실제 공격 여부를 판단하고, 공격의 우선순위를 산정함으로써 더욱 시급하고 중요한 사이버 공격에 대응할 수 있을 것이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권11호
• /
• pp.4203-4225
• /
• 2014

Fuzzy identity-based cryptography introduces the threshold structure into identity-based cryptography, changes the receiver of a ciphertext from exact one to dynamic many, makes a cryptographic scheme more efficient and flexible. In this paper, we propose the first fuzzy identity-based signcryption scheme in lattice-based cryptography. Firstly, we give a fuzzy identity-based signcryption scheme that is indistinguishable against chosen plaintext attack under selective identity model. Then we apply Fujisaki-Okamoto method to obtain a fuzzy identity-based signcryption scheme that is indistinguishable against adaptive chosen ciphertext attack under selective identity model. Thirdly, we prove our scheme is existentially unforgeable against chosen message attack under selective identity model. As far as we know, our scheme is the first fuzzy identity-based signcryption scheme that is secure even in the quantum environment.

• 한국군사과학기술학회지
• /
• 제2권2호
• /
• pp.40-51
• /
• 1999

This paper reviews the combat survivability and supermaneuverbility which are principal factors in current and future high performance combat aircraft design. First of all, the fighter agility evaluation factors were presented. And then, emphasis was put on technologies associated with supermaneuverbility, such as vortex lift, high angle of attack aerodynamics, thrust vectoring and control system technologies that integrate each technology. The advanced nations' supermaneuverbility R/D programs were introduced as well.

• 대한임베디드공학회논문지
• /
• 제18권6호
• /
• pp.311-317
• /
• 2023

This paper presents a sliding mode observer (SMO) for reconstructing cyber attacks affecting a system. The system is first re-expressed such that its design freedom is easier to manipulate. The SMO is then used to reconstruct the cyber attack affecting the system. A simulation example is used to verify the performance of the SMO under two types of cyber attacks, and its results demonstrate the effectiveness of our proposed scheme.

• 대한한의학회지
• /
• 제28권1호통권69호
• /
• pp.25-34
• /
• 2007

Objectives : The present study was carried out to provide basic information necessary for the prevention and efficient treatment of stroke through a comparison between thr patients of the first attack and those of recurrence. Methods : The observation f3r the current study was made on 210 cases of stroke that were confirmed through brain CT-scan. The patients were hospitalized at one of two oriental medical hospitals in Seoul during 2006. Result : The main results were as follows. First, the male-to-female ratio of stroke patients were 1:1.26, with more primary stroke far females and more recurrent stroke for males. Second, in the age distribution, seventies was the top, and sixties, fifties, and forties were next in the order of frequency. A large city was the most frequent residential site and unemployment was the most frequent occupation to have stroke. The incidence of stroke became higher as patients had a taste for spicy and salty food. Third, the most common preceding disease was hypertension. In the relationship of diastolic blood pressure with recurrence, there was significance in the test of independence. Fourth, the most important precipitating conditions at the onset of stroke were rest and steeping. The most common precedent symptoms were verbal disturbance, numbness, and dizziness. In the stroke patients with hemiparesis, male and female patients usually showed It. hemiparesis. Fifth, as a result of brain CT-scan, cerebral hemorrhage was inclined to reduce but cerebral infarction was inclined to increase due to senility and change of lifestyle. Finally, total cholesterol findings disclosed that 22.4% were hypercholesteremia, 18.6 % were hyperlipemia in triglyceride findings, and 19.0% were glycosemia in glucose findings. Conclusions : The above results suggested avoidance of meat and salty fDod and positive control of hypertension and diabetes mellitus in order to prevent stroke.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권5호
• /
• pp.1272-1290
• /
• 2013

Privacy-preserving collaborative filtering schemes are becoming increasingly popular because they handle the information overload problem without jeopardizing privacy. However, they may be susceptible to shilling or profile injection attacks, similar to traditional recommender systems without privacy measures. Although researchers have proposed various privacy-preserving recommendation frameworks, it has not been shown that such schemes are resistant to profile injection attacks. In this study, we investigate two memory-based privacy-preserving collaborative filtering algorithms and analyze their robustness against several shilling attack strategies. We first design and apply formerly proposed shilling attack techniques to privately collected databases. We analyze their effectiveness in manipulating predicted recommendations by experimenting on real data-based benchmark data sets. We show that it is still possible to manipulate the predictions significantly on databases consisting of masked preferences even though a few of the attack strategies are not effective in a privacy-preserving environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권5호
• /
• pp.1094-1107
• /
• 2013

NTRU cryptosystem has been suggested for protecting wireless body area networks, which is secure in the sense of traditional cryptanalysis. In this paper, we fulfill the first power analysis attack on the ultra-low-power environment of wireless body area networks. Specifically, two practical differential power analyses on NTRU algorithm are proposed, which can attack the existing countermeasures of NTRU. Accordingly, we suggest three countermeasures against our attacks. Meanwhile, practical experiments show that although the attacks in this paper are efficient, our countermeasures can resist them effectively.

• 한국국방경영분석학회지
• /
• 제17권1호
• /
• pp.159-176
• /
• 1991

The probability of target survival is the most important factor in the target assignment, Most of the studies about it have assumed the case of one target and ane weapon type. Therefore, they can not be applied to the real situation. In this paper. the quantity and type of enemy assets of the friendly force are considered simultaneously. Considered defense type is the coordinated defense with no impact point prediction. The objective function is to minimize the expected total survival value of targets which are scattered in the defense area. The rules of aircraft assignment are as follows : first, classify targets into several groups, each of those has the same desired damage level secondly. select the critical group which has the least survival value in accordance with the additional aircraft assignment, and finally. assign the same number of attack assets against each target in the critical group. In this paper, the attack assets, the escort assets, and the defense assets are considered. The model is useful to not only the simple aircraft assignment problem but also the complicated wargame models.