• Journal of information and communication convergence engineering
• /
• v.12 no.3
• /
• pp.154-160
• /
• 2014

The address resolution protocol (ARP) provides dynamic mapping between two different forms of addresses: the 32-bit Internet protocol (IP) address of the network layer and the 48-bit medium access control (MAC) address of the data link layer. A host computer finds the MAC address of the default gateway or the other hosts on the same subnet by using ARP and can then send IP packets. However, ARP can be used for network attacks, which are one of the most prevalent types of network attacks today. In this study, a new ARP algorithm that can prevent IP spoofing attacks is proposed. The proposed ARP algorithm is a broadcast ARP reply and an ARP notification. The broadcast ARP reply was used for checking whether the ARP information was forged. The broadcast ARP notification was used for preventing a normal host's ARP table from being poisoned. The proposed algorithm is backward compatible with the current ARP protocol and dynamically prevents any ARP spoofing attacks. In this study, the proposed ARP algorithm was implemented on the Linux operating system; here, we present the test results with respect to the prevention of ARP spoofing attacks.

• Journal of Advanced Navigation Technology
• /
• v.20 no.5
• /
• pp.394-400
• /
• 2016

It is well known that the encrypted ranging signal, such as GPS P(Y) code, is immune to spoofing attack. However, in order for users to use the signal, there needs permission from the operator. And also there are many restrictions for use because of security issues. In this paper, a ground reference station equipped with high-gain directional antenna and a user receiver were simulated. In the reference station, the encrypted code can be demodulated from the high-gain signal. And then the code can be used to detect spoofing attack in the user receiver. This paper proposes the spoofing detection method using the encrypted signal and deals with simulation results.

• Journal of KIISE
• /
• v.42 no.4
• /
• pp.483-486
• /
• 2015

Security systems that use face recognition are vulnerable to spoofing attacks where unauthorized individuals use a photo or video of authorized users. In this work, we propose a method to detect a face spoofing attack with a video of an authorized person. The proposed method uses three sequential frames in the video to extract features by using Fourier Transform and Dense-SIFT filter. Then, classification is completed with a Support Vector Machine (SVM). Experimental results with a database of 200 valid and 200 spoof video clips showed 99% detection accuracy. The proposed method uses simplified features that require fewer memory and computational overhead while showing a high spoofing detection accuracy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.892-911
• /
• 2019

Biometric recognition systems have been widely used for information security. Among the most popular biometric traits, there are fingerprint and face due to their high recognition accuracies. However, the security system that uses face recognition as the login method are vulnerable to face-spoofing attacks, from using printed photo or video of the valid user. In this study, we propose a fast and robust method to detect face-spoofing attacks based on the analysis of spatial frequency differences between the real and fake videos. We found that the effect of a spoofing attack stands out more prominently in certain regions of the 2D Fourier spectra and, therefore, it is adequate to use the information about those regions to classify the input video or image as real or fake. We adopt a divide-conquer-aggregate approach, where we first divide the frequency domain image into local blocks, classify each local block independently, and then aggregate all the classification results by the weighted-sum approach. The effectiveness of the methodology is demonstrated using two different publicly available databases, namely: 1) Replay Attack Database and 2) CASIA-Face Anti-Spoofing Database. Experimental results show that the proposed method provides state-of-the-art performance by processing fewer frames of each video.

• Journal of Advanced Navigation Technology
• /
• v.15 no.1
• /
• pp.32-38
• /
• 2011

In this paper, code and carrier tracking error which resulted from spoofing signal was analyzed by simulation. For a start, the types of spoofing signals and methods were classified. For the simulation, search spoofing method is assumed because a perfect position and velocity are not generally informed to spoofing device. In most cases, the tracking error is increased but a complete deception does not happen because of the inherent anti-spoofing characteristics of the GPS signal.

• 한국정보통신설비학회:학술대회논문집
• /
• 2005.08a
• /
• pp.313-317
• /
• 2005

The network ingress filtering is a simple and efficient method for preventing IP source spoofing of fixed nodes. Since mobile hosts cannot communicate with its correspondent nodes if the network ingress filtering is configured in mobile IPv4 network, reverse tunneling was considered as a method for avoiding network ingress filtering. But, unfortunately this method does not solve IP source spoofing of mobile nodes. In this paper, we propose a simple and efficient method for preventing IP source spoofing of mobile nodes assuming that only the mobile hosts connected to foreign agents and the network that foreign agent manages is small.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.9
• /
• pp.113-120
• /
• 2022

In this paper, we analyze the feasibility of the IP spoofing attack exploiting null security algorithms in 5G networks based on 3GPP standard specifications. According to 3GPP standard specifications, the initial Registration Request message is not protected by encryption and integrity. The IP spoofing attack exploits the vulnerability that allows a malicious gNB (next generation Node B) to modify the contents of the initial Registration Request message of a victim UE (User Equipment) before forwarding it to AMF (Access and Mobility Management Function). If the attack succeeds, the victim UE is disconnected from the 5G network and a malicious UE gets Internet services, while the 5G operator will charge the victim UE. In this paper, we analyze the feasibility of the IP spoofing attack by analyzing whether each signaling message composing the attack conforms to the 3GPP Rel-17 standard specifications. As a result of the analysis, it is determined that the IP spoofing attack is not feasible in the 5G system implemented according to the 3GPP Rel-17 standard specifications.

• Journal of Positioning, Navigation, and Timing
• /
• v.5 no.3
• /
• pp.131-136
• /
• 2016

The present paper shows that beamforming algorithm such as Minimum Variance Distortionless Response (MVDR) based on array antenna signal processing can have not only anti-jamming but also anti-spoofing characteristics. A beam pattern due to the beamforming algorithm strengthens received signal power as it is formed in the incident direction of desired signal. During the process, the effect of unnecessary signals such as spoofing signals can be reduced because the beam pattern reduces received signal power in the incident directions excluding the beam pattern-directed direction. In order to analyze the anti-spoofing effect due to the beamforming algorithm, a software-based simulation environment was configured. An arbitrary error was applied between incident direction of Global Positioning System (GPS) satellite signal and steering vector direction of the beamforming algorithm to analyze the received signal power and required conditions were provided to see the anti-spoofing effect due to the beamforming algorithm. The used antenna was 7-element planar circular array and beam patterns were formed through the MVDR algorithm.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.18 no.1
• /
• pp.37-45
• /
• 2015

These days many systems use the gps signal to get their own position. Because it's cheap and accurate and convenient. But, the strength of gps signal is very weak and can be easily interrupted by GPS jamming and GPS spoofing. Normally, fighter can use DME, TACAN, etc to correct their position error when GPS is not working. But, many aircraft which does not have those kinds of hardware need to pay additional cost to get it. In this paper, we propose how to overcome GPS jamming and GPS spoofing by only using data link system. The main purpose of this paper is to make the data link protocol to get an exact position information of own unit at gps error environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.97-102
• /
• 2019

The GNSS(Global Navigation Satellite System) provides important information such as Position and Navigation, Timing(PNT) to various weapon systems in the military. as a result, applications that employ satellite navigation systems are increasing. therefore, a number of studies have been conducted to deceive the weapon systems that employ GNSS. GNSS spoofing denotes the transmission of counterfeit GNSS-like signals with the intention to produce a false position and time within the victim receiver. In order to deceive the victim receiver, spoofing signal should be synchronized with GNSS signal in doppler frequency and code phase, etc. In this paper, Civilian GPS L1 C/A spoofing signals have been evaluated and analyzed by SDR receiver.