• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.49-60
• /
• 2015

Smart Grid devices are the major components of the Smart Grid. They collect and process a variety informations relating power services and support intelligent power services by exchanging informations with other SG devices or systems. However, If a SG device is attacked, the device can provide attack route to attacker and attacker can attack other SG devices or systems using the route. It may cause problem in power services. So, when cyber incident is happened, we need to acquire and examine digital evidence of SG device quickly to secure availability of SG. In this paper, we designed remote evidence acquisition system to acquire digital evidences from SG devices to response quickly to incidents of SG devices. To achieve this, we analyzed operating environment of SG devices and thought remote digital evidence acquisition system of SG devices will be more effective than remote digital evidence acquisition system targeted general IT devices. So, we introduce design method for SG devices remote evidence acquisition system considered operating environment of SG devices.

• Journal of the Korea Society for Simulation
• /
• v.17 no.3
• /
• pp.27-34
• /
• 2008

Wireless sensor networks are comprised of sensor nodes with resource-constrained hardware. Nodes in the sensor network without adequate protection may be compromised by adversaries. Such compromised nodes are vulnerable to the attacks like false reports injection attacks and false data injection attacks on legitimate reports. In false report injection attacks, an adversary injects false report into the network with the goal of deceiving the sink or the depletion of the finite amount of energy in a battery powered network. In false data injection attacks on legitimate reports, the attacker may inject a false data for every legitimate report. To address such attacks, the probabilistic voting-based filtering scheme (PVFS) has been proposed by Li and Wu. However, each cluster head in PVFS needs additional transmission device. Therefore, this paper proposes a fuzzy logic-based false report detection method (FRD) to mitigate the threat of these attacks. FRD employs the statistical en-route filtering scheme as a basis and improves upon it. We demonstrate that FRD is efficient with respect to the security it provides, and allows a tradeoff between security and energy consumption, as shown in the simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.15-25
• /
• 2007

According to augmentation about interesting and demanding of privacy over the rest few years, researches that provide anonymity have been conducted in a number of applications. The ad hoc routing with providing anonymity protects privacy of nodes and also restricts collecting network information to malicious one. Until recently, quite a number of anonymous routing protocols have been proposed, many of them, however, do not make allowance for authentication. Thus, they should be able to have vulnerabilities which are not only modifying packet data illegally but also DoS(denial of service) attack. In this paper, we propose routing protocol with providing both anonymity and authentication in the mobile ad hoc network such as MANET, VANET, and more. This scheme supports all of the anonymity properties which should be provided in Ad Hoc network. In addition, based on the group signature, authentication is also provided for nodes and packets during route discovery phase. Finally, route discovery includes key-agreement between source and destination in order to transfer data securely.

• Convergence Security Journal
• /
• v.14 no.4
• /
• pp.61-71
• /
• 2014

In recent years, malwares in Android smartphones are becoming increased explosively. Since a great deal of appsare deployed day after day, detecting the malwares requires commercial anti-virus companies to spend much time and resources. Such a situation causes malwares to be detected after they have become already spread. We propose a scheme called TAU that dynamically tracks application behaviors to specify apps with potential security risks. TAU keeps track of how a user's interactions to smartphones incurs the app installation, the route of app spread, and the behavior of app execution. This tracking specifies apps that have the possibility of attacking the smartphones using the drive-by download and update attack schemes. Moreover, the tracked behaviors are used to decide whether apps are repackaged or not. Therefore, TAU allows anti-virus companies to detect malwares efficiently and rapidly by guiding to preferentially analyze apps with potential security risks.

• Journal of Advanced Navigation Technology
• /
• v.15 no.4
• /
• pp.655-663
• /
• 2011

Recently, with improvement of internet service technology, web service has been affecting the environment for computing user. Not only current events, economics, game, entertainment, but also personal financial system is processed by web pages through internet. When data transmission is implemented on the internet, webpage acquire text form code and transform them to DOM information, and then shows processed display to user by web browser. However, those information are not only easily accessed by diversified route, but also easily deformed by intentional purpose. Furthermore, it is also possible to acquire logon information of users and certification information by detouring security mechanism. Therefore, this dissertation propose the method to verify integrity of web contents by using BHO which is one of the Add-On program based on MS Internet Explorer platform which is one of major web browser program designed by MicroSoft to detect any action of webpage deformation.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.181-190
• /
• 2009

DBMS access that used high speed internet web service through WAS is increasing. Need application of DB security technology for 3-Tier about DBMS by unspecified majority and access about roundabout way connection and competence control. If do roundabout way connection to DBMS through WAS, DBMS server stores WAS's information that is user who do not store roundabout way connection user's IP information, and connects to verge system. To DBMS in this investigation roundabout way connection through WAS do curie information that know chasing station security thanks recording and Forensic data study. Store session about user and query information that do login through web constructing MetaDB in communication route, and to DBMS server log storing done query information time stamp query because do comparison mapping actuality user discriminate. Apply making Rule after Pattern analysis receiving log by elevation method of security authoritativeness, and develop Module and keep in the data storing place through collection and compression of information. Kept information can minimize false positives of station chase through control of analysis and policy base administration module that utilize intelligence style DBMS security client.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.355-358
• /
• 2009

센서 네트워크에 대한 연구가 활발히 이루어지면서 센서 네트워크 보안에 대한 문제점이 많이 야기되고 있다. 무선 센서 네트워크에서는 개방된 환경에서 제한적인 자원을 가지는 노드들로 구성되어 있다. 개방된 환경에 배치된 노드들은 공격자에게 쉽게 노출되어질 수 있다. 공격자는 노드를 물리적으로 포획하여 데이터 인증에 사용하는 인증키와 같은 보안 정보들을 획득할 수 있다. 공격자는 포획된 노드를 통하여 허위 보고서로 무선 센서 네트워크에 쉽게 삽입시킬 수 있다. 이는 허위 보고서로 인한 혼란 및 위조 정보의 전달과정에서 발생하는 에너지 고갈 등의 문제점을 유발시키게 된다. 이러한 허위 보고서를 조기에 탐지 및 폐기하기 위하여 동적 여과 프로토콜(DEF: Dynamic En-route Filtering scheme)이 제안되었다. DEF에서 인증키를 재배포 하는 주기는 보안 강도와 비용을 트레이드-오프 하는 관계에 놓여있으므로 매우 중요하다. 본 논문에서는 센서네트워크에서 동적 여과 프로토콜의 인증키 재배포 주기를 결정하는 기법을 제안한다. 배포된 노드들의 위상변화, BS까지 도달한 허위보고서 비율, 공격자에게 포획된 노드의 수 등을 고려하여 재배포 여부를 결정하고 재배포가 결정되면 각 클러스터 헤드들에게 재배포를 명령하게 된다.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.293-300
• /
• 2004

Ad hoc networks are groups of mobile hosts without any fixed infrastructure. Frequent changes in network topology owing to node mobility make these networks very difficult to manage. Therefore, enhancing the reliability of routing paths in ad hoc networks gets more important. In this paper, we propose a ZRP(Zone Routing Protocol)-based route discovery scheme that can not only reduce the total hops of routing path, but Improve security through authentications between two nodes. And to solve the problem in maintenance of routing paths owing to frequent changes of the network topology, we adopt a query control mechanism. The effectiveness of our scheme is shown by simulation methods.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2008.10b
• /
• pp.449-454
• /
• 2008

Finding an energy efficient route is one of the very important issues in the wireless sensor networks. The route scheme should consider both of the energy level of sensor nodes and the number of hops at the same time. First of all, this paper proposes an optimum routes finding scheme (ORFS), which could be used in the sensor network routing protocols. The scheme uses an optimum value for the path with the considerations of both the minimum energy level of a path and the number of hops at the same time. After that, this paper proposes a routing protocol based on the ORFS for how it could be used for the multipath directed diffusion with data aggregation (MDD-A), to get the better energy efficiency. The analysis result shows that the proposed routing protocol could lengthen the network life cycle about 18.7% compared to the previous MDD-A related protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.21-35
• /
• 2007

In ad hoc networks, position-based routing schemes, that use geographical positions of nodes, have been proposed to efficiently route messages. In these routing schemes, the location service is one of the key elements that determines and effects security and efficiency of the protocol. In this paper, we define security threats of location service and propose a new quorum based location service protocol. In our proposed protocol, nodes register their public keys in other nodes during the initialization phase and these registered keys are used to verify locations of other nodes and the messages exchanged. In this paper, we prove that our protocol is robust against traditional attacks and new attacks that may occur due to the use of position-based routing. We also analyze the efficiency of our protocol using various simulations.