• 한국컴퓨터정보학회논문지
• /
• 제23권12호
• /
• pp.95-105
• /
• 2018

As the IT industry developed, the information held by the company soon became a corporate asset. As this information has value as an asset, the number and scale of various cyber attacks which targeting enterprises and institutions is increasing day by day. Therefore, research are being carried out to protect the assets from cyber attacks by using the attack graph to identify the possibility and risk of various attacks in advance and prepare countermeasures against the attacks. In the attack graph, security metric is used as a measure for determining the importance of each asset or the risk of an attack. This is a key element of the attack graph used as a criterion for determining which assets should be protected first or which attack path should be removed first. In this survey, we research trends of various security metrics used in attack graphs and classify the research according to application viewpoints, use of CVSS(Common Vulnerability Scoring System), and detail metrics. Furthermore, we discussed how to graft the latest security technologies, such as MTD(Moving Target Defense) or SDN(Software Defined Network), onto the attack graphs.

• ETRI Journal
• /
• 제29권5호
• /
• pp.619-632
• /
• 2007

Side channel attacks are a very serious menace to embedded devices with cryptographic applications. To counteract such attacks many randomization techniques have been proposed. One efficient technique in elliptic curve cryptosystems randomizes addition chains with binary signed digit (BSD) representations of the secret key. However, when such countermeasures have been used alone, most of them have been broken by various simple power analysis attacks. In this paper, we consider combinations which can enhance the security of countermeasures using BSD representations by adding additional countermeasures. First, we propose several ways the improved countermeasures based on BSD representations can be attacked. In an actual statistical power analysis attack, the number of samples plays an important role. Therefore, we estimate the number of samples needed in the proposed attack.

• International Journal of Computer Science & Network Security
• /
• 제22권4호
• /
• pp.374-386
• /
• 2022

Nowadays, research in deep learning leveraged automated computing and networking paradigm evidenced rapid contributions in terms of Software Defined Networking (SDN) and its diverse security applications while handling cybercrimes. SDN plays a vital role in sniffing information related to network usage in large-scale data centers that simultaneously support an improved algorithm design for automated detection of network intrusions. Despite its security protocols, SDN is considered contradictory towards DDoS attacks (Distributed Denial of Service). Several research studies developed machine learning-based network intrusion detection systems addressing detection and mitigation of DDoS attacks in SDN-based networks due to dynamic changes in various features and behavioral patterns. Addressing this problem, this research study focuses on effectively designing a multistage hybrid and intelligent deep learning classifier based on modified deep forest classification to detect DDoS attacks in SDN networks. Experimental results depict that the performance accuracy of the proposed classifier is improved when evaluated with standard parameters.

• International Journal of Computer Science & Network Security
• /
• 제21권4호
• /
• pp.272-276
• /
• 2021

Presently, Online / Offline Users are facing cyber attacks every day. These cyber attacks affect user's performance, resources and various daily activities. Due to this critical situation, attention must be given to prevent such users through cyber attacks. The objective of this research paper is to improve the IDS systems by using machine learning approach to develop a hybrid model which controls the cyber attacks. This Hybrid model uses the available KDD 1999 intrusion detection dataset. In first step, Hybrid Model performs feature optimization by reducing the unimportant features of the dataset through decision tree, support vector machine, genetic algorithm, particle swarm optimization and principal component analysis techniques. In second step, Hybrid Model will find out the minimum number of features to point out accurate detection of cyber attacks. This hybrid model was developed by using machine learning algorithms like PSO, GA and ELM, which trained the system with available data to perform the predictions. The Hybrid Model had an accuracy of 99.94%, which states that it may be highly useful to prevent the users from cyber attacks.

• Journal of Multimedia Information System
• /
• 제7권1호
• /
• pp.45-54
• /
• 2020

This paper presented a brief introduction along with various wireless standards which provide an interactive way of interaction among the vehicles and provides effective communication in VANET. Security issues such as confidentiality, authenticity, integrity, availability and non-repudiation, which aims to secure communication between vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I). A detailed discussion and analysis of various possible attacks based on security services are also presented that address security and privacy concern in VANETs. Finally a general analysis of possible challenges is mentioned. This paper can serve as a source and reference in building the new technique for VANETs.

• International Journal of Computer Science & Network Security
• /
• 제24권4호
• /
• pp.155-162
• /
• 2024

Anonymity online has been an ever so fundamental topic among journalists, experts, cybersecurity professionals, corporate whistleblowers. Highest degree of anonymity online can be obtained by mimicking a normal everyday user of the internet. Without raising any flags of suspicion and perfectly merging with the masses of public users. Online Security is a very diverse topic, with new exploits, malwares, ransomwares, zero-day attacks, breaches occurring every day, staying updated with the latest security measures against them is quite expensive and resource intensive. Network security through anonymity focuses on being unidentifiable by disguising or blending into the public to become invisible to the targeted attacks. By following strict digital discipline, we can avoid all the malicious attacks as a whole. In this paper we have demonstrated a proof of concept and feasibility of securing yourself on a network by being anonymous.

• 정보보호학회논문지
• /
• 제26권4호
• /
• pp.903-910
• /
• 2016

터치스크린 기반 스마트 기기가 널리 보급 되면서 모바일 환경을 위한 주요 인증 메커니즘으로 그래픽 패스워드 기법 중 하나인 패턴 락 시스템이 등장했다. 사용자가 잠금 해제를 위하여 패턴 락을 사용한 후의 남아있는 패턴 모양의 흔적은 스머지 공격에 취약하다. 이러한 스머지 공격에 대응하기 위하여 TinyLock을 포함한 다양한 패턴 락이 제안되었다. 본 논문에서는 스머지 공격이 발생할 수 있는 환경에서 획득한 스머지 패턴 이미지를 이용하여 기계 학습을 통한 자동화된 스머지 공격의 유효성에 대하여 실험하고 안드로이드 패턴 락과 TinyLock의 안전성에 대하여 비교 분석하였다. 자동화된 스머지 공격에서 높은 공격 성공률을 보였으며 기존에 많이 사용되고 있는 안드로이드 패턴 락이 TinyLock보다 더 안전하지 않음을 검증하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권4호
• /
• pp.1493-1515
• /
• 2015

A smart meter is one of the core components in Advanced Metering Infrastructure (AMI) that is responsible for providing effective control and monitor of electrical energy consumptions. The multifunction tasks that a smart meter carries out such as facilitating two-way communication between utility providers and consumers, managing metering data, delivering anomalies reports, analyzing fault and power quality, simply show that there are huge amount of data exchange in smart metering networks (SMNs). These data are prone to security threats due to high dependability of SMNs on Internet-based communication, which is highly insecure. Therefore, there is a need to identify all possible security threats over this network and propose suitable countermeasures for securing the communication between smart meters and utility provider office. This paper studies the architecture of the smart grid communication networks, focuses on smart metering networks and discusses how such networks can be vulnerable to security attacks. This paper also presents current mechanisms that have been used to secure the smart metering networks from specific type of attacks in SMNs. Moreover, we highlight several open issues related to the security and privacy of SMNs which we anticipate could serve as baseline for future research directions.

• 디지털산업정보학회논문지
• /
• 제14권3호
• /
• pp.11-20
• /
• 2018

Smart devices refer to various devices and control equipment such as health care devices, imaging devices, motor devices and wearable devices that use wireless network communication (e.g., Wi-fi, Bluetooth, LTE). Commercial services using such devices are found in a wide range of fields, including home networks, health care and medical services, entertainment and toys. Studies on smart devices have also been actively undertaken by academia and industry alike, as the penetration rate of smartphones grew and the technological progress made with the fourth industrial revolution bring about great convenience for users. While services offered through smart devices come with convenience, there is also various security threats that can lead to financial loss or even a loss of life in the case of terrorist attacks. As attacks that are committed through smart devices tend to pick up where attacks based on wireless internet left off, more research is needed on related security topics. As such, this paper seeks to design an access control method for reinforced security for smart devices. After registering and authenticating the smart device from the user's smart phone and service provider, a safe communication protocol is designed. Then to secure the integrity and confidentiality of the communication data, a management process such as for device renewal or cancellation is designed. Safety and security of the existing systems against attacks are also evaluated. In doing so, an improved efficiency by approximately 44% compared to the encryption processing speed of the existing system was verified.

• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2016년도 춘계학술대회
• /
• pp.759-761
• /
• 2016

최근 정보보안 환경 변화에 따른 사이버 침해, 사업 기밀유출, 글로벌 보안위협 등의 정보자산에 대한 지속적인 공격으로 위협이 되고 있다. 이는 기존 정보보호시스템에서 대응이 어려운 APT 공격, 우회접근공격 및 암호화 패킷에 대한 공격 등에 대한 탐지와 조치가 가능한 접근에 대해 지속적인 모니터링의 수행이 요구되고 있다. 본 논문에서는 지능형지속위협 공격경로차단을 위한 예방통제(Prevention Control)로 중요한 자산 식별하고 위험을 미리 제거하기 위하여 취약성 분석, 위험분석을 통한 정보통제 정책을 수립하고 서버접근통제, 암호화통신 감시를 통해 탐지통제(Detection Control)를 수립하고 패킷 태깅, 보안플랫폼, 시스템백업과 복구를 통해 교정통제(Corrective Control)를 하여 지능화된 침해대응(Intelligent Violation of Response) 할 수 있도록 정보보호시스템 운영관리 방법을 제안한다.