• Title/Summary/Keyword: network (P2P) security threats

Search Result 6, Processing Time 0.02 seconds

Research on Security Threats Emerging from Blockchain-based Services

  • Yoo, Soonduck
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.13 no.4
    • /
    • pp.1-10
    • /
    • 2021
  • The purpose of the study is to contribute to the positive development of blockchain technology by providing data to examine security vulnerabilities and threats to blockchain-based services and review countermeasures. The findings of this study are as follows. Threats to the security of blockchain-based services can be classified into application security threats, smart contract security threats, and network (P2P) security threats. First, application security threats include wallet theft (e-wallet stealing), double spending (double payment attack), and cryptojacking (mining malware infection). Second, smart contract security threats are divided into reentrancy attacks, replay attacks, and balance increasing attacks. Third, network (P2P) security threats are divided into the 51% control attack, Sybil attack, balance attack, eclipse attack (spread false information attack), selfish mining (selfish mining monopoly), block withholding attack, DDoS attack (distributed service denial attack) and DNS/BGP hijacks. Through this study, it is possible to discuss the future plans of the blockchain technology-based ecosystem through understanding the functional characteristics of transparency or some privacy that can be obtained within the blockchain. It also supports effective coping with various security threats.

Risk Analysis on Vulnerabilities and Threats for Domestic P2P Service Environments (국내 P2P 서비스 환경 하에서의 보안 취약점 및 위협 요소 분석)

  • Shin, Weon;Rhee, Kyung-Hyune
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.16 no.7
    • /
    • pp.1447-1454
    • /
    • 2012
  • Recently P2P is the most popular network service on Internet and is applied various areas such as streaming, file sharing and software distribution, but there are many security threats depending on vulnerabilities by P2P network environments. Conceptually P2P network is a overlay network based on Internet, and it has security concerns of itself as well as those of Internet environments. In this paper, we analyze the vulnerabilities and threats for domestic P2P services through various experiments and describe their risk analysis. We expect that this work contributes to new domestic P2P services in consideration of service qualities and security vulnerabilities.

A Verification of Replicated Operation In P2P Computing (P2P 컴퓨팅에서 중복 수행 결과의 정확성 검증 기법)

  • Park, Chan Yeol
    • The Journal of Korean Association of Computer Education
    • /
    • v.7 no.3
    • /
    • pp.35-43
    • /
    • 2004
  • Internet-based P2P computing with independent machines suffers from frequent disconnections and security threats caused by leaving, failure, network diversity, or anonymity of participated machines. Replication schemes of shared resources are used for solving these issues in many studies and implementations. We propose an operational replication scheme in P2P computing to share computing resources, and the scheme verifies the correctness of operation against faults and security threats. This verifications are carried out periodically on replicated and dependent working units without global message exchanges over the whole system. The verified working units are treated as checkpoints, and thus they could be put to practical use for fault-tolerance with rollback recovery.

  • PDF

Blockchain-Based Mobile Cryptocurrency Wallet

  • Yeom, Gwyduk
    • Journal of the Korea Society of Computer and Information
    • /
    • v.24 no.8
    • /
    • pp.59-66
    • /
    • 2019
  • As the monetary value of cryptocurrency increases, the security measures for cryptocurrency becomes more important. A limitation of the existing cryptocurrency exchanges is their vulnerability to threats of hacking due to their centralized manner of management. In order to overcome such limitation, blockchain technology is increasingly adopted. The blockchain technology enables decentralization and Peer-to-Peer(P2P) transactions, in which blocks of information are linked in chain topology, and each node participating in the blockchain shares a distributed ledger. In this paper, we propose and implement a mobile electronic wallet that can safely store, send and receive cryptocurrencies. The proposed mobile cryptocurrency wallet connects to the network only when the wallet actively is used. Wallet owner manages his or her private key offline, which is advantageous in terms of security. JavaScript based wallet apps were implemented to respectively run on Android and iOS mobile phones. I demonstrate the process of transferring Ethereum cryptocurrency from an account to another account through Ropsten, a test net for Ethereum. Hardware wallets, such as Ledger Nano S, provide a slightly higher level of security, yet have the disadvantages of added burden of carrying additional physical devices and high costs (about 80$).

The Framework of Research Network and Performance Evaluation on Personal Information Security: Social Network Analysis Perspective (개인정보보호 분야의 연구자 네트워크와 성과 평가 프레임워크: 소셜 네트워크 분석을 중심으로)

  • Kim, Minsu;Choi, Jaewon;Kim, Hyun Jin
    • Journal of Intelligence and Information Systems
    • /
    • v.20 no.1
    • /
    • pp.177-193
    • /
    • 2014
  • Over the past decade, there has been a rapid diffusion of electronic commerce and a rising number of interconnected networks, resulting in an escalation of security threats and privacy concerns. Electronic commerce has a built-in trade-off between the necessity of providing at least some personal information to consummate an online transaction, and the risk of negative consequences from providing such information. More recently, the frequent disclosure of private information has raised concerns about privacy and its impacts. This has motivated researchers in various fields to explore information privacy issues to address these concerns. Accordingly, the necessity for information privacy policies and technologies for collecting and storing data, and information privacy research in various fields such as medicine, computer science, business, and statistics has increased. The occurrence of various information security accidents have made finding experts in the information security field an important issue. Objective measures for finding such experts are required, as it is currently rather subjective. Based on social network analysis, this paper focused on a framework to evaluate the process of finding experts in the information security field. We collected data from the National Discovery for Science Leaders (NDSL) database, initially collecting about 2000 papers covering the period between 2005 and 2013. Outliers and the data of irrelevant papers were dropped, leaving 784 papers to test the suggested hypotheses. The co-authorship network data for co-author relationship, publisher, affiliation, and so on were analyzed using social network measures including centrality and structural hole. The results of our model estimation are as follows. With the exception of Hypothesis 3, which deals with the relationship between eigenvector centrality and performance, all of our hypotheses were supported. In line with our hypothesis, degree centrality (H1) was supported with its positive influence on the researchers' publishing performance (p<0.001). This finding indicates that as the degree of cooperation increased, the more the publishing performance of researchers increased. In addition, closeness centrality (H2) was also positively associated with researchers' publishing performance (p<0.001), suggesting that, as the efficiency of information acquisition increased, the more the researchers' publishing performance increased. This paper identified the difference in publishing performance among researchers. The analysis can be used to identify core experts and evaluate their performance in the information privacy research field. The co-authorship network for information privacy can aid in understanding the deep relationships among researchers. In addition, extracting characteristics of publishers and affiliations, this paper suggested an understanding of the social network measures and their potential for finding experts in the information privacy field. Social concerns about securing the objectivity of experts have increased, because experts in the information privacy field frequently participate in political consultation, and business education support and evaluation. In terms of practical implications, this research suggests an objective framework for experts in the information privacy field, and is useful for people who are in charge of managing research human resources. This study has some limitations, providing opportunities and suggestions for future research. Presenting the difference in information diffusion according to media and proximity presents difficulties for the generalization of the theory due to the small sample size. Therefore, further studies could consider an increased sample size and media diversity, the difference in information diffusion according to the media type, and information proximity could be explored in more detail. Moreover, previous network research has commonly observed a causal relationship between the independent and dependent variable (Kadushin, 2012). In this study, degree centrality as an independent variable might have causal relationship with performance as a dependent variable. However, in the case of network analysis research, network indices could be computed after the network relationship is created. An annual analysis could help mitigate this limitation.

The Construction Direction of the ROK NAVY for the Protection of Marine Sovereignty (국가의 해양주권 수호를 위한 한국해군의 전력건설 방향)

  • Shin, In-Kyun
    • Strategy21
    • /
    • s.30
    • /
    • pp.99-142
    • /
    • 2012
  • Withe increased North Korea's security threats, the South Korean navy has been faced with deteriorating security environment. While North Korea has increased asymmetric forces in the maritime and underwater with the development of nuclear weapons, and China and Japan have made a large investment in the buildup of naval forces, the power of the Pacific fleet of the US, a key ally is expected to be weakened. The biggest threat comes from China's intervention in case of full-scale war with North Korea, but low-density conflict issues are also serious problems. North Korea has violated the Armistice Agreement 2,660 times since the end of Korean War, among which the number of marine provocations reaches 1,430 times, and the tension over the NLL issue has been intensifying. With tension mounting between Korea and Japan over the Dokdo issue and conflict escalating with China over Ieo do Islet, the US Navy has confronted situation where it cannot fully concentrate on the security of the Korean peninsula, which leads to need for strengthening of South Korea's naval forces. Let's look at naval forces of neighboring countries. North Korea is threatening South Korean navy with its increased asymmetric forces, including submarines. China has achieved the remarkable development of naval forces since the promotion of 3-step plan to strengthen naval power from 1989, and it now retains highly modernized naval forces. Japan makes an investment in the construction of stat of the art warship every year. Since Japan's warship boasts of its advanced performance, Japan's Maritime Self Defense Force is evaluated the second most powerful behind the US Navy on the assumption that submarine power is not included in the naval forces. In this situation, naval power construction of South Korean navy should be done in phases, focusing on the followings; First, military strength to repel the energy warship quickly without any damage in case of battle with North Korea needs to be secured. Second, it is necessary to develop abilities to discourage the use of nuclear weapons of North Korea and attack its nuclear facilities in case of emergency. Third, construction of military power to suppress armed provocations from China and Japan is required. Based on the above naval power construction methods, the direction of power construction is suggested as follows. The sea fleet needs to build up its war potential to defeat the naval forces of North Korea quickly and participate in anti-submarine operations in response to North Korea's provocations. The task fleet should be composed of 3 task flotilla and retain the power to support the sea fleet and suppress the occurrence of maritime disputes with neighboring countries. In addition, it is necessary to expand submarine power, a high value power asset in preparation for establishment of submarine headquarters in 2015, develop anti-submarine helicopter and load SLAM-ER missile onto P-3C patrol aircraft. In case of maine corps, division class military force should be able to conduct landing operations. It takes more than 10 years to construct a new warship. Accordingly, it is necessary to establish plans for naval power construction carefully in consideration of reality and future. For the naval forces to safeguard maritime sovereignty and contribute to national security, the acquisition of a huge budget and buildup of military power is required. In this regard, enhancement of naval power can be achieved only through national, political and military understanding and agreement. It is necessary to let the nation know that modern naval forces with improved weapon system can serve as comprehensive armed forces to secure the command of the sea, perform defense of territory and territorial sky and attack the enemy's strategic facilities and budget inputted in the naval forces is the essential source for early end of the war and minimization of damage to the people. If the naval power construction is not realized, we can be faced with a national disgrace of usurpation of national sovereignty of 100 years ago. Accordingly, the strengthening of naval forces must be realized.

  • PDF