• Journal of the Korean Institute of Intelligent Systems
• /
• v.23 no.6
• /
• pp.558-564
• /
• 2013

Wireless sensor networks (WSNs) contain limited energy resources and are left in open environments. Since these sensor nodes are self-operated, attacks such as sinkhole attacks are possible as they can be compromised by an adversary. The sinkhole attack may cause to change initially constructed routing paths, and capture of significant information at the compromised node. A localized encryption and authentication protocol (LEAP) has been proposed to authenticate packets and node states by using four types of keys against the sinkhole attack. Even though this novel approach can securely transmits the packets to a base station, the packets are forwarded along the constructed paths without checking the next hop node states. In this paper, we propose the next hop node selection method to cater this problem. Our proposed method evaluates the next hop node considering three factors (i.e., remaining energy level, number of shared keys, and number of filtered false packets). When the suitability criterion for next hop node selection is satisfied against a fix threshold value, the packet is forwarded to the next hop node. We aim to enhance energy efficiency and a detour of attacked areas to be effectively selected Experimental results demonstrate validity of the proposed method with up to 6% energy saving against the sinkhole attack as compared to the LEAP.

• Journal of Intelligence and Information Systems
• /
• v.28 no.1
• /
• pp.29-43
• /
• 2022

With the advent of the Internet and the development of mobile digital devices such as smartphones and tablet PCs, the communication service paradigm began to shift from existing voice services to data services. Recently, as social network services (SNS) are activated and 4th industrial revolution technologies centered on ICT (Information and Communication Technologies) such as Big Data, Blockchain, Cloud, and 5G/6G are rapidly developed, the amount of shared data type and the amount of data are increasing rapidly. As the transition to a digital society begins actively, the importance of using data information, as well as the economic and social values of personal information are becoming increasingly important. As a result, they are actively discussing policies to revitalize the data information industry around the world and ways to efficiently obtain, analyze, and utilize increasingly diverse and vast data, as well as to protect/guarantee the rights of information subjects (providers) in various fields such as society, culture, economy, and politics.. In this paper, in order to improve the self-determination right of personal information on data produced by information subjects, and further expand the use of safe data and the data economy, a differentiated data trusts system was considered and suggested. In addition, the components and data trusts procedures necessary to efficiently operate the data trusts system in Korea were considered, and the non-profit data trusts system and the for-profit data trusts system were considered as a way to flexibly operate the data trusts system. Furthermore, the legal items necessary for the implementation of the data trusts system were investigated and considered. In this paper, in order to propose a domestic data trusts system, cases related to existing data trusts systems such as the United States, Japan, and Korea were reviewed and analyzed. In addition, in order to prepare legislation necessary for the data trusts system, data-related laws in major countries and domestic legal and policy trends were reviewed to study the rights that conflict or overlap with existing laws, and differences were investigated and considered. The Data trusts system proposed in this paper is a reasonable system that is expected to recognize the asset value of data in the capitalist market economy system, to provide legitimate compensation for data produced by data subjects, and further to contribute greatly to the use of safe data and creation of a new service market.

• Journal of Internet Computing and Services
• /
• v.25 no.1
• /
• pp.147-155
• /
• 2024

Currently, the 4th Industrial Revolution, like other revolutions, is bringing great change and new life to humanity, and in particular, the demand for and use of drones, which can be applied by combining various technologies such as big data, artificial intelligence, and information and communications technology, is increasing. Recently, it has been widely used to carry out dangerous military operations and missions, such as the Russia-Ukraine war and North Korea's reconnaissance against South Korea, and as the demand for and use of drones increases, concerns about the safety and security of drones are growing. Currently, a variety of research is being conducted, such as detection of wireless communication abnormalities and sensor data abnormalities related to drones, but research on real-time detection of threats using radio frequency characteristic data is insufficient. Therefore, in this paper, we conduct a study to determine whether the characteristic data is normal or abnormal signal data by collecting radio frequency signal characteristic data generated while the drone communicates with the ground control system while performing a mission in a HITL(Hardware In The Loop) simulation environment similar to the real environment. proceeded. In addition, we propose an unsupervised learning-based threat detection system and optimal threshold that can detect threat signals in real time while a drone is performing a mission.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.64-72
• /
• 2009

AMR(Automatic Meter Reading), which means that it reads the meter of electricity, gas, or water, etc at a remote place automatically through wired or wireless communication, has been studied in terms of Power Line Communication method and Local Area Wireless Communication method, etc. In this paper, we designed and implemented JCA(Java Card for AMR) capable of AMR, which is based on java Card technology indispensable to the ubiquitous world. In this paper, JCA follows standard transactional procedures offered by power supply company and manages power usage log and billing data, and is designed in order to satisfy EMV multi-functional specifications. Because JCA is a multi-functional smart card capable of post-issuance applets as an open platform, it is installed into other applications of affiliated concerns as well as credit card and traffic card applications. Not only the proposed JCA is a low cost system, compared to other AMR systems, but is capable of paying rates in advance or later by applying authentication and security function of java Card. In addition the proposed JCA system can create value added services such as affiliated services with corporate alliance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.207-215
• /
• 2014

Password based authentication systems are most widely used for user convenience in web services. However such authentication systems are known to be vulnerable to various attacks such as password guessing attack, dictionary attack and key logging attack. Besides, many of the web systems just provide user authentication in a one-way fashion such that web clients cannot verify the authenticity of the web server to which they set access and give passwords. Therefore, it is too difficult to protect against DNS spoofing, phishing and pharming attacks. To cope with the security threats, web system adopts several enhanced schemes utilizing one time password (OTP) or long and strong passwords including special characters. However there are still practical issues. Users are required to buy OTP devices and strong passwords are less convenient to use. Above all, one-way authentication schemes generate several vulnerabilities. To solve the problems, we propose a multi-channel, multi-factor authentication scheme by utilizing QR-Code. The proposed scheme supports both user and server authentications mutually, thereby protecting against attacks such as phishing and pharming attacks. Also, the proposed scheme makes use of a portable smart device as a OTP generator so that the system is convenient and secure against traditional password attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.12
• /
• pp.831-841
• /
• 2014

The attacker can access the RFID systems illegally because authentication operation on the RFID systems are performed in wireless communication. Authentication methods based on the PUF were presented to defend attacks. Because of Hash and AES, the cost is expensive for the low-cost RFID tag. In this paper, the PUF-based encryption processor and the mutual authentication protocol are proposed for low-cost RFID authentication. The challenge-response pairs (PUF's input and output) are utilized as the authentication key and encrypted by the PUF's characteristics. The encryption method is changed each session and XOR operation with random number is utilized. Therefore, it is difficult for the attacker to analyze challenge-response pairs and attack the systems. In addition, the proposed method with PUF is strong against physical attacks. And the method protects the tag cloning attack by physical attacks because there is no authentication data in the tag. Proposed processor is implemented at low cost with small footprint and low power.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.9
• /
• pp.271-282
• /
• 2015

In the business environment BYOD(Bring Your Own Device) is used and being expanded continuously. According to a survey conducted by Cisco in 2012 on 600 companies, 95% of them are already permitting the use of BYOD in their work environments so that productivity of their employees has improved as a result. Gartner predicted that the use of BYOD will be caused new security threat. They also suggested to introduce NAC(Network Access Control) to resolve this threat, to separate network zone based on importance of their business, to establish the policy to consider user authority and device type, and to enforce the policy. The purpose of this paper is to design and implement the NAC for granular access control based on IEEE(Institute of Electrical and Electronics Engineers) 802.1X and DHCP(Dynamic Host Configuration Protocol) fingerprinting, and to analyze the performance on BYOD environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.6
• /
• pp.1069-1073
• /
• 2016

The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure. IoT is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine communications and covers a variety of protocols, domains, and applications. Key system-level features that IoT needs to support can be summarized as device heterogeneity, scalability, ubiquitous data exchange through proximity wireless technologies, energy optimized solutions, localization and tracking capabilities, self-organization capabilities, semantic interoperability and data management, embedded security and privacy-preserving mechanisms. Time information is a critical piece of infrastructure for any distributed system. Time information and time synchronization are also fundamental building blocks in the IoT. The IoT requires new paradigms for combining time and data. This paper reviews conventional time keeping mechanisms in the Internet and presents issues to be considered for combining time and data in the IoT.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.

• Journal of Advanced Navigation Technology
• /
• v.12 no.3
• /
• pp.245-254
• /
• 2008

If the broadcast message is sent, first of all, the privileged users will decode the session key by using his or her personal key, which the user got previously. The user willget the digital information through this session key. As shown above, the user will obtain messages or session keys using the keys transmitted from a broadcaster, which process requires effective ways for the broadcaster to generate and distribute keys. In addition, when a user wants to withdraw or sign up, an effective process to renew a key is required. It is also necessary to chase and check users' malicious activities or attacking others. This paper presents a method called Traitor Tracing to solve all these problems. Traitor tracing can check attackers and trace them. It also utilizes a proactive way for each user to have effective renewal cycle to generate keys.