• Title/Summary/Keyword: relay attack

Search Result 26, Processing Time 0.023 seconds

An OpenFlow User-Switch Remapping Approach for DDoS Defense

  • Wei, Qiang;Wu, Zehui;Ren, Kalei;Wang, Qingxian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.9
    • /
    • pp.4529-4548
    • /
    • 2016
  • DDoS attacks have had a devastating effect on the Internet, which can cause millions of dollars of damage within hours or even minutes. In this paper we propose a practical dynamic defense approach that overcomes the shortage of static defense mechanisms. Our approach employs a group of SDN-based proxy switches to relay data flow between users and servers. By substituting backup proxy switches for attacked ones and reassigning suspect users onto the new proxy switches, innocent users are isolated and saved from malicious attackers through a sequence of remapping process. In order to improve the speed of attacker segregation, we have designed and implemented an efficient greedy algorithm which has been demonstrated to have little influence on legitimate traffic. Simulations, which were then performed with the open source controller Ryu, show that our approach is effective in alleviating DDoS attacks and quarantining the attackers by numerable remapping process. The simulations also demonstrate that our dynamic defense imposes little effect on legitimate users, and the overhead introduced by remapping procedure is acceptable.

Secure Multi-Party Computation Based on Homomorphic Encryption for Privacy Preserving in IoT Networks (IoT 네트워크에서 프라이버시 보호를 위한 동형암호화에 기반의 안전한 다자간 계산)

  • CHEN, Hao-Tian;Kim, Tae Woo;Park, Ji Su;Park, Jong Hyuk
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2021.11a
    • /
    • pp.189-192
    • /
    • 2021
  • 5G와 사물인터넷(IoT) 시대에 데이터의 크로스컴퓨팅은 연구, 의료, 금융, 민생 분야 등에 더 많은 지원을 할 수 있고 프라이버시 안전성이 중요해지고 있다. SMPC (Secure Multi-party Computation)은 서로 믿지 않는 참여자 간의 프라이버시 보호 시너지 컴퓨팅 문제를 해결하고, 데이터 수요자에게 원본 데이터를 누설하지 않는 범위 하에서의 다자간 컴퓨팅 능력을 제공한다. IoT 장치는 전력 소모와 지연에 제한을 받기 때문에 대부분의 장치가 여전히 경량화 보안 메커니즘에 속하고 IoT에서 트래픽의 데이터 통합관리가 어렵기 때문에 통신 중 신원인식과 데이터를 주고받는 단계에서 프라이버시 유출의 문제가 발생할 수 있고 심지어 DDOS공격, RelayAttack공격 등 사이버의 목적이 될 수도 있다. 본 논문에서 IoT 네트워크 데이터 통신 특징을 분석하고 동형 암호에 기반의 SMPC 연산 아키텍처를 제안한다. 제안하는 이키텍처에서 동형 암호를 사용함으로써 장치 데이터의 안전을 보장하는 동시에 전체 네트워크 안전성도 확보한다. SMPC 및 동형암호 기술의 지속적 발전에 따라 제안하는 아키텍처가 계속 개선할 잠재력이 있다.

Routing for Enhancing Source-Location Privacy in Wireless Sensor Networks of Multiple Assets

  • Tscha, Yeong-Hwan
    • Journal of Communications and Networks
    • /
    • v.11 no.6
    • /
    • pp.589-598
    • /
    • 2009
  • In wireless sensor networks, a node that reports information gathered from adjacent assets should relay packets appropriately so that its location context is kept private, and thereby helping ensure the security of the assets that are being monitored. Unfortunately, existing routing methods that counter the local eavesdropping-based tracing deal with a single asset, and most of them suffer from the packet-delivery latency as they prefer to take a separate path of many hops for each packet being sent. In this paper, we propose a routing method, greedy perimeter stateless routing-based source-location privacy with crew size w (GSLP-w), that enhances location privacy of the packet-originating node (i.e., active source) in the presence of multiple assets. GSLP-w is a hybrid method, in which the next-hop node is chosen in one of four modes, namely greedy, random, perimeter, and retreat modes. Random forwarding brings the path diversity, while greedy forwarding refrains from taking an excessively long path and leads to convergence to the destination. Perimeter routing makes detours that avoid the nodes near assets so that they cannot be located by an adversary tracing up the route path. We study the performance of GSLP-w with respect to crew size w (the number of packets being sent per path) and the number of sources. GSLP-w is compared with phantom routing-single path (PR-SP), which is a notable routing method for source-location privacy and our simulation results show that improvements from the point of the ratio of safety period and delivery latency become significant as the number of source nodes increases.

RFID Distance Bounding Protocol Secure Against Mafia and Terrorist Fraud (테러리스트 공격과 마피아 공격에 안전한 RFID 거리 제한 프로토콜)

  • Kwon, Hye Jin;Kim, Soon Ja
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39A no.11
    • /
    • pp.660-674
    • /
    • 2014
  • RFID system has been used in a variety of services. So, a lot of attacks like a free ride on the service, leakage of property or personal information are known. Therefore, the solutions that address these attacks have been proposed. Among the attacks, mafia fraud, a kind of relay attack, can not be addressed by common authentication protocol. So, Hancke and Kuhn used distance bounding protocol for RFID authentication. After that, Munilla and Peinado modified HK protocol by adding void challenge. So the mafia fraud success probability of adversary is lower than probability of HK protocol. Ahn et al. proposed a protocol that reduces number of a hash computation and traffic than MP protocol. Here, we show that MP protocol can not defend the terrorist fraud and is vulnerable to noise. And we show that also AYBN protocol is vulnerable to mafia fraud and key leakage. Moreover, we propose a new protocol and our experimental results show that our protocol is secure to terrorist and mafia fraud.

A Efficient Key Distribution Scheme for Individual/Group Communication on TRS (TRS 상의 개별/그룹 통신을 위한 효율적인 키 분배 기법)

  • Lee, Deok-Gyu;Park, Yong-Suk;Ahn, Jong-Chul;Lee, Im-Yeong
    • The KIPS Transactions:PartC
    • /
    • v.13C no.7 s.110
    • /
    • pp.913-922
    • /
    • 2006
  • It used exclusively the radio communication where is the TRS(Trunked Radio Service) at frequency where the person whom it does is specific with hitherto radio communication method differently frequency of the decimal which is allocated to the relay station it talks the at the room which the multiple user uses with commonness. The TRS system the most big feature is the region multiple group and order communication method. The TRS the composition of system is composed of the multi mind group, the each group is composed of the terminal of the users who have the objective which is similar relates in business contents. With above it follows in same multi objective and the connection of the form which is various or group communication accomplishes and quality case, a possibility a or of having many problem point in key distribution for a large scale communication there is it could be exposed to attack of the form which is various. There is a place where it accomplishes the communication which is safe at the TRS from research which it sees it investigates group key distribution method which is an essential element. The method which it sees when it reduces a communication frequency, it stands but is the user, it proposes the efficient group key distribution method it will be able to accomplish.

Security Threats and Scenarios using Drones on the Battlefield (전장에서 드론을 활용한 보안 위협과 시나리오)

  • Park, Keun-Seog;Cheon, Sang-pil;Kim, Seong-Pyo;Eom, Jung-ho
    • Convergence Security Journal
    • /
    • v.18 no.4
    • /
    • pp.73-79
    • /
    • 2018
  • Since 1910s, the drones were mainly used for military purposes for reconnaissance and attack targets, but they are now being used in various fields such as disaster prevention, exploration, broadcasting, and surveillance of risk areas. As drones are widely used from military to civilian field, hacking into the drones such as radio disturbance, GPS spoofing, hijacking, etc. targeting drones has begun to occur. Recently, the use of drones in hacking into wireless network has been reported. If the artificial intelligence technology is applied to the drones in the military, hacking into unmanned combat system using drones will occur. In addition, a drone with a hacking program may be able to relay a hacking program to the hacking drone located far away, just as a drone serves as a wireless communication station. And the drones will be equipped with a portable GPS jamming device, which will enable signal disturbance to unmanned combat systems. In this paper, we propose security threats and the anticipated hacking scenarios using the drones on the battlespace to know the seriousness of the security threats by hacking drones and prepare for future cyberspace.

  • PDF