• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.243-252
• /
• 2023

As an efficient key recovery attack on SIDH/SIKE was proposed, CSIDH is drawing attention again. CSIDH is an isogeny-based key exchange algorithm that is safe against known attacks to date, and provide efficient NIKE by modernizing CRS scheme. In this paper, we firstly present the optimized implementation of CSIDH-512 on ARM Cortex-M7. We use three-level hybrid Montgomery reduction and present the results of our implementation, limitations, and future research directions. This is a CSIDH implementation in 32-bit embedded devices that has not been previously presented, and it is expected that the results of this paper will be available to implement CSIDH and derived cryptographic algorithms in various embedded environments in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.403-416
• /
• 2024

Malware is being commercialized and sold on the black market, primarily driven by financial incentives. With the increasing demand driven by these sales, the scope of attacks via malware has expanded. In response, there has been a surge in research efforts leveraging artificial intelligence for detection and classification. However, adversaries are integrating various anti-analysis techniques into their malware to thwart analytical efforts. In this study, we introduce the "Malware Analysis with Dynamic Extraction (MADE)" framework, a hybrid binary analysis tool devised to procure datasets from advanced malware incorporating Anti-Analysis techniques. The MADE framework has the proficiency to autonomously execute dynamic analysis on binaries, encompassing those laden with Anti-VM and Anti-Debugging defenses. Experimental results substantiate that the MADE framework can effectively circumvent over 90% of diverse malware implementations using Anti-Analysis techniques and can adeptly extract relevant datasets.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1249-1272
• /
• 2016

In this paper, we propose a symmetric key establishment scheme for wireless sensor networks which tries to minimize the resource usage while satisfying the security requirements. This is accomplished by taking advantage of the communication pattern of wireless sensor networks and adopting heterogeneous wireless sensor networks. By considering the unique communication pattern of wireless sensor networks due to the nature of information gathering from the physical world, the number of keys to be established is minimized and, consequently, the overhead spent for establishing keys decreases. With heterogeneous wireless sensor networks, we can build a hybrid scheme where a small number of powerful nodes do more works than a large number of resource-constrained nodes to provide enhanced security service such as broadcast authentication and reduce the burden of resource-limited nodes. In addition, an on-demand key establishment scheme is introduced to support extra communications and optimize the resource usage. Our performance analysis shows that the proposed scheme is very efficient and highly scalable in terms of storage, communication and computation overhead. Furthermore, our proposed scheme not only satisfies the security requirements but also provides resilience to several attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.295-311
• /
• 2023

Cloud computing has evolved significantly, intending to provide users with fast, dependable, and low-cost services. With its development, malicious users have become increasingly capable of attacking both its internal and external security. To ensure the security of cloud services, encryption, authorization, firewalls, and intrusion detection systems have been employed. However, these single monitoring agents, are complex, time-consuming, and they do not detect ransomware and zero-day vulnerabilities on their own. An innovative Record and Replay-based hybrid Honeynet (R2NET) system has been developed to address this issue. Combining honeynet with Record and Replay (RR) technology, the system allows fine-grained analysis by delaying time-consuming analysis to the replay step. In addition, a machine learning algorithm is utilized to cluster the logs of attackers and store them in a database. So, the accessing time for analyzing the attack may be reduced which in turn increases the efficiency of the proposed framework. The R2NET framework is compared with existing methods such as EEHH net, HoneyDoc, Honeynet system, and AHDS. The proposed system achieves 7.60%, 9.78%%, 18.47%, and 31.52% more accuracy than EEHH net, HoneyDoc, Honeynet system, and AHDS methods.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.7
• /
• pp.1916-1934
• /
• 2023

The phishing attack is a malicious emerging threat on the internet where the hackers try to access the user credentials such as login information or Internet banking details through pirated websites. Using that information, they get into the original website and try to modify or steal the information. The problem with traditional defense systems like firewalls is that they can only stop certain types of attacks because they rely on a fixed set of principles to do so. As a result, the model needs a client-side defense mechanism that can learn potential attack vectors to detect and prevent not only the known but also unknown types of assault. Feature selection plays a key role in machine learning by selecting only the required features by eliminating the irrelevant ones from the real-time dataset. The proposed model uses Hyperparameter Optimized Artificial Neural Networks (H-ANN) combined with a Hybrid Firefly and Grey Wolf Optimization algorithm (H-FFGWO) to detect and block phishing websites in Internet of Things(IoT) Applications. In this paper, the H-FFGWO is used for the feature selection from phishing datasets ISCX-URL, Open Phish, UCI machine-learning repository, Mendeley website dataset and Phish tank. The results showed that the proposed model had an accuracy of 98.07%, a recall of 98.04%, a precision of 98.43%, and an F1-Score of 98.24%.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.93-100
• /
• 2024

In this paper, we propose a novel robust blind crypto-watermarking method for medical images security based on hiding of DICOM patient information (patient name, age...) in the medical imaging. The DICOM patient information is encrypted using the AES standard algorithm before its insertion in the medical image. The cover image is divided in blocks of 8x8, in each we insert 1-bit of the encrypted watermark in the hybrid transform domain by applying respectively the 2D-LWT (Lifting wavelet transforms), the 2D-DCT (discrete cosine transforms), and the SVD (singular value decomposition). The scheme is tested by applying various attacks such as noise, filtering and compression. Experimental results show that no visible difference between the watermarked images and the original images and the test against attack shows the good robustness of the proposed algorithm.

• The Journal of the Korea Contents Association
• /
• v.21 no.6
• /
• pp.1-11
• /
• 2021

The Neis System is a system integrating administrative information that was operated in elementary and secondary schools in Korea. Currently, this system is operated by a central server method and contains school administration information and important educational information of students. Among student information, the student life record contains important information for a student to advance to a higher level institution, but problems such as information leakage or manipulation may occur due to malicious attacks. In this paper, we propose a hybrid blockchain system that combines the server and blockchain technology managed by the existing Neis system. The proposed system records the query information of the database in a block when student information is accessed. When a request for correction of student information or issuance of a certificate is received, the query of the blockchain, the information in the database, and the student's key value are checked to determine whether the information has been leaked or manipulated, and only if the data is normal, the request for revision of the record is performed. This process is more secure than the existing central server because it checks the manipulation of data through the blockchain. The proposed system was implemented on the Ethereum platform, and the query information of the blockchain was experimentally verified using smart contracts. This study contributes to enhancing the reliability of the Nice system by strengthening the security against forgery and alteration of student data by combining the existing Nice system with a block chain.

• Journal of KIISE:Information Networking
• /
• v.34 no.5
• /
• pp.305-315
• /
• 2007

Broadband Convergence Network (BcN) is the network which unifies telephone network, the Internet and broadcasting networks. Threats to each network can bring serious problems in BcN environment since the whole network can be damaged by various types of attack. The purpose of this study is to suggest the prototype of intrusion-tolerant network design of BcN to guarantee the continuous operation of BcN services against malicious attacks. First, BcN service components, selected by analysis of service time and coverage importance, are classified into three groups by their type: server type, gateway type and hybrid type. Second, the necessity of applying intrusion tolerance on BcN services is deduced by possible attack scenarios on BcN. Finally, we suggest the intrusion-tolerant network design suitable to BcN, using hardware redundancy and secure policies. Also, we present that the suggested network design can increase the intrusion tolerance of BcN.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.2
• /
• pp.169-174
• /
• 2003

The trial and success of malicious cyber attacks has been increased rapidly with spreading of Internet and the activation of a internet shopping mall and the supply of an online, or an offline internet, so it is expected to make a problem more and more. The goal of intrusion detection is to identify unauthorized use, misuse, and abuse of computer systems by both system insiders and external penetrators in real time. In fact, the general security system based on Internet couldn't cope with the attack properly, if ever. other regular systems have depended on common vaccine softwares to cope with the attack. But in this paper, we will use the positive selection and negative selection mechanism of T-cell, which is the biologically distributed autonomous system, to develop the self/nonself recognition algorithm and AIS (Artificial Immune System) that is easy to be concrete on the artificial system. For making it come true, we will apply AIS to the network environment, which is a computer security system.

• Journal of the Korea institute for structural maintenance and inspection
• /
• v.16 no.3
• /
• pp.1-10
• /
• 2012

In spite of high resistant to corrosion and its strength, over the last two decades, concerns still remain about the durability of FRP materials under severe environmental and thermal exposures. In this paper, authors experimentally examine the combined degradation by thermal and chemical attacks in heterogeneous FRP rebar be made up with various fibers and resins. Five types of Carbon, Glass and Hybrid FRP rebars had manufactured by different process and surface patterns are adopted for the experiments such as weight change, interlaminar shear strength, SEM and FT-IR analysis. FRP specimens were immersed in alkaline or distilled solution up to 150 days and then thermal exposed on 60, 100, 150 and $300^{\circ}C$ for 30 minutes. From the test results, the degradation of FRP bars are influnced by the resin type and manufacturing process as well as the fiber, and ILSS of exposed FRP bar in solutions is slightly increased in initial stage and then decresed with the passing of immersed time. But, in this test, it is observed that the discrepancy of ILSS between degraded by alkaline solution and distilled water is negligible value.