• Information and Communications Magazine
• /
• v.19 no.8
• /
• pp.128-136
• /
• 2002

It is an active security that has the research field which has more powerful responding mechanism comparing to current network security technology, has an ability to introduce new security mechanism according to changing our environments, and can support effective security management. Our goal is to introduce a new category of internet security technologies on network survivability: active security technology. It is a new security technology that blocking network or computers. before malicious traffics are reached to them, including protecting hosts or small area network from hackers.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6057-6078
• /
• 2018

Smart home systems provide a safe, comfortable, and convenient living environment for users, whereby users enjoy featured home services supported by the data collected and generated by smart devices in smart home systems. However, existing smart devices lack sufficient protection in terms of data security and privacy, and challenging security and privacy issues inevitably emerge when using these data. This article aims to address these challenging issues by proposing a private blockchain-based access control (PBAC) scheme. PBAC involves employing a private blockchain to provide an unforgeable and auditable foundation for smart home systems, that can thwart illegal data access, and ensure the accuracy, integrity, and timeliness of access records. A detailed security analysis shows that PBAC could preserve data security against various attacks. In addition, we conduct a comprehensive performance evaluation to demonstrate that PBAC is feasible and efficient.

• International Journal of Computer Science & Network Security
• /
• v.23 no.7
• /
• pp.149-154
• /
• 2023

Internet of Things (IoT) is now spreading everywhere. It's the technology of every person's need so we can't step back from IoT but we can secure it as it is spreading quickly so it has greater chances of danger and being misused. There is an urgent need to make IoT devices secure from getting cracked or hacked. A lot of methods had tried and still trying to mitigate IoT security issues. In this paper Blockchain is going to be the solution of most of the IoT issues or problems. We have discussed or highlighted security issues with centralized IoT and then provided solution of such security challenges through the use of blockchain because is based on a decentralized technology that is hard to modify or update.

• ETRI Journal
• /
• v.36 no.1
• /
• pp.141-150
• /
• 2014

A fully integrated CMOS security-enhanced passive (SEP) tag that compensates the security weakness of ISO/IEC 18000-6C is presented in this paper. For this purpose, we propose a security-enhanced protocol that provides mutual authentication between tag and reader. We show that the proposed protocol meets the security demands of the ongoing international standard for RFID secure systems, ISO/IEC 29167-6. This paper fabricates the SEP tag with a 0.18-${\mu}m$ CMOS technology and suggests the optimal operating frequency of the CMOS SEP tag to comply with ISO/IEC 18000-6C. Furthermore, we measure the SEP tag under a wireless environment. The measured results show that communications between the SEP tag and reader are successfully executed in both conventional passive and SEP modes, which follow ISO/IEC 18000-6C and the proposed security enhanced protocol, respectively. In particular, this paper shows that the SEP tag satisfies the timing link requirement specified in ISO/IEC 18000-6C.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4609-4623
• /
• 2017

The commercialization of LTE/SAE technologies has begun a new era in which data can be transmitted at remarkably high rates. The security of the LTE/SAE network, however, remains problematic. The forward security in LTE/SAE X2 handover key management can be threatened by key compromise and de-synchronization attacks as base station in public spaces can be compromised. This study was conducted to address the lack of forward key security in X2 handover key management in scenarios in which an adversary controls a legal base station. We developed the proposed X2 handover key management by changing the parameter in the renewing step and adding a verification step. We compare the security and performance of our proposal with other similar schemes. Our enhancement scheme ensures forward separation security accompanied by favorable signal and computation load performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1201-1216
• /
• 2017

Recently, many countries around the world including Korea (Rep. of) have actively introduced online voting using distributed ledger technology (e.g. blockchain). However, online voting using distributed ledger technology based on the widely deployed telecommunication/ICT infrastructure. There is insufficient analysis of potential security threats. In this paper, we suggest a model for online voting system using distributed ledger technology and propose countermeasures by analyzing the security threats that may occur in online voting process in terms of information security.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1154-1157
• /
• 2007

최근 몇 년 동안 피싱, 파밍, 크라임웨어에 의한 피해 사례 발생이 증가되고 있다. 현재까지의 피싱 관련 솔루션이 대부분 블랙리스트 방식이고 아직까지 피싱 사이트 판단 기준이 없으며 사람들이 이에 대한 인식의 부족으로 인해 이러한 위협을 대처하는데 많은 한계를 가지고 있다. 이에 본 연구에서는 화이트 리스트 기반 웹사이트 보안수준 확인 시스템을 설계하고 이의 파일럿 시스템을 개발하였다. 각 사이트에 대해 피싱 관련 보안수준을 확인하여 신뢰할 수 있는 사이트들을 선별하고 보안수준 정보를 제공함으로써 안전한 인터넷 이용 기반을 제공할 수 있는 방안이 마련될 것으로 기대한다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.188-198
• /
• 2023

In this era of globalization without limitation, many security issues occur, especially in a public network. Internet users significantly increased every single day. However, only some users are aware of security issues when they use Internet services. For the campus network environment, both staffs and students are susceptible to security threats such as data theft, unauthorized access and more due to different levels of awareness towards security threats. This paper is to study the level of awareness among students on security issues based on KSA model. As a case study, the survey was distributed among students in the UTeM campus network. A quantitative study was conducted, and a structured questionnaire has been designed and distributed among students. The variables were focused on three (3) aspects, which are Knowledge, Skill and Ability (KSA). The finding shows the relationship between KSA with the level of awareness among students has been revealed. From the result, Knowledge is the most significant aspect that contributes to high awareness. For the future, a study about increasing students' knowledge about security issues should be addressed.

• International Journal of Computer Science & Network Security
• /
• v.23 no.7
• /
• pp.131-140
• /
• 2023

Network security situational awareness systems helps in better managing the security concerns of a network, by monitoring for any anomalies in the network connections and recommending remedial actions upon detecting an attack. An Intrusion Detection System helps in identifying the security concerns of a network, by monitoring for any anomalies in the network connections. We have proposed a CRF based IDS system using genetic search feature selection algorithm for network security situational awareness to detect any anomalies in the network. The conditional random fields being discriminative models are capable of directly modeling the conditional probabilities rather than joint probabilities there by achieving better classification accuracy. The genetic search feature selection algorithm is capable of identifying the optimal subset among the features based on the best population of features associated with the target class. The proposed system, when trained and tested on the bench mark NSL-KDD dataset exhibited higher accuracy in identifying an attack and also classifying the attack category.

• Journal of Korea Multimedia Society
• /
• v.18 no.2
• /
• pp.218-232
• /
• 2015

According to the development of information processing technology and mobile communication technology, the utilization of mobile banking systems is drastically increasing in banking system. In the foreseeable future, it is expected to increase rapidly the demands of mobile banking in bank systems with the prevalence of smart devices and technologies. However, the keeping 'security' is very important in banking systems that handles personal information and financial assets. But it is very difficult to improve the security of banking systems only with the vulnerabilities and faults analysis methods of information security. Hence, in this paper, we accomplish the analysis of security risk factor and security vulnerability that occur in mobile banking system. With analyzed results, we propose the information security control and management processes for assessing and improving security based on the mechanisms which composes mobile banking system.