• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.35-45
• /
• 2005

There has recently been an increase of phishing attacks, attacks which lure users into revealing their personal information to an attacker who in turn exploits this information for economic gain. The conventional methods of fooling the user with similarly modified mail or address are constantly evolving and have diversified to include the forgery of mail or domain addresses. Recently the injury incurred by these attacks has greatly increased as attackers exploit the weaknesses found on a few web browsers and used these to conduct phishing attacks based on URL spoofing. Furthermore we are now witnessing the entrance of highly advanced phishing techniques that no longer simply rely on vulnerabilities, but employ ordinary script, HTML, DNS sniffing, and the list goes on. In this paper we first discuss means of investigating and preventing the advanced URL spoofing techniques used in phishing attacks, and then propose a scheme for fundamentally restricting them altogether.

• Journal of IKEEE
• /
• v.26 no.4
• /
• pp.614-621
• /
• 2022

This paper proposes RIDS (Random Forest-Based Intrusion Detection), which is an intrusion detection system to detect hacking attack based on random forest. RIDS detects three typical attacks i.e. DoS (Denial of service) attack, fuzzing attack, and spoofing attack. It detects hacking attack based on four parameters, i.e. time interval between data frames, its deviation, Hamming distance between payloads, and its diviation. RIDS was designed in memory-centric architecture and node information is stored in memories. It was designed in scalable architecture where DoS attack, fuzzing attack, and spoofing attack can be all detected by adjusting number and depth of trees. Simulation results show that RIDS has 0.9835 accuracy and 0.9545 F1 score and it can detect three attack types effectively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.12
• /
• pp.2649-2656
• /
• 2012

Today, many enterprises have invested heavily for the part of information security in order to protect the internal critical information assets and the business agility. However, there is a big problem that big budget and too many manpower are needed to set the internal corporate network up to the same high level of defense for all of part. On the distributed enterprise networks in this paper, a defense model for effective and rapid response on the IP spoofing attack was designed to protect the enterprise network through the exchange of information between the trust hosts when an attacker attacked any target system using other trusted host.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.325-334
• /
• 2009

This paper demonstrates that an attacker can impersonate a random RFID tag and then perform the spoofing attack in the previous RFID authentication protocol. To resolve such a security problem, we also propose a new secure and efficient RFID mutual authentication protocol. The proposed RFID mutual authentication protocol is not only to resolve many security problems with the existing RFID authentication mechanism and the vulnerability against spoofing attack, but also to guarantee reliable authentication time as reducing computational overhead performing by tag. As a result, the proposed RFID mutual authentication protocol provides stronger security including the forward secrecy and more efficiency.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.649-651
• /
• 2005

네트워크 제품을 개발 하거나 제품의 성능을 시험할 경우 다양한 패킷 생성기나 장비를 이용하여 패킷을 생성한다. 그러나 이러한 패킷 생성기들은 TCP 세션연결 없이 패킷을 생성 전송하여 수신측에서 잘못된 패킷으로 인식하는 문제나 TCP 덤프 데이터를 구하기 힘든 문제, 그리고 하드웨어 장비의 경우 가격이 상당히 고가인 문제가 있다. 이러한 문제점을 해결하고자 본 논문에서는 Ip Spoofing기술과 Sniffing기술을 이용하여 TCP와 UDP 프로토콜 패킷을 생성할 수 있는 패킷 생성기를 제안한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.3
• /
• pp.49-57
• /
• 2013

Power-saving PC software enables the inexpensive power control, but the installation of the power-saving software in all computers in the organization is not an easy task. Computer users in the organization are usually not cooperative as they do not think the power-saving cost is directly related to themselves. The PC power-saving system provides advantage to driving active participation in which users installs the power saving software by restricting IP address through the power management server. However, the problem with this approach is the security vulnerability to IP spoofing attacks, therefore we need to solve the problem that disrupt the entire network system rather than saving electric power. This paper proposes the security authentication system that can implement the efficiency saving power by providing high security for the members' computer system of the public institutions based on the PC power-saving system. Also, by analyzing it in comparison with other method, it is possible to check that the prospects of safety and efficiency are strengthened.

• Journal of KIISE:Information Networking
• /
• v.35 no.3
• /
• pp.243-250
• /
• 2008

Recently, researched RFID authentication protocols still have vulnerability of attack, such as location tracking attack, replay attack. spoofing attack etc. This paper designed method of making one time random number in DB server side unlike previously researched protocols, and it protects RFID communication from location tracking, replay attack and spoofing attack.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.2B
• /
• pp.183-190
• /
• 2010

Recently, there is still vulnerability of attack, such as location tracking attack, replay attack, spoofing attack etc for all that is much research for Mobile RFID authentication. This paper designed method of making one time random number in DB server side unlike previously researched protocols, and it protects RFID communication from location tracking, replay attack and spoofing attack.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.193-200
• /
• 2007

There is an advantage that RFID system is better than previous bar code system in storage ability and noncontact property. But, everyone can easily receive the transmitting information by using RF signal. So, there is a problem that system security and personal privacy are threatened. In this paper, I propose RFID system that is secure against attacks like eavesdropping, replay, spoofing and location tracking and can efficiently provide mutual authentication services between reader and tag. The proposed RFID system can be used in various sections of ubiquitous computing environment.

• Journal of Industrial Technology
• /
• v.22 no.B
• /
• pp.147-153
• /
• 2002

It is very important to detect and remove original sources of DOS (Denial of Service) attacks or connection oriented/connectionless attacks. In this paper, we implement a traceback system that does not require the reaction of routers and administrators and does not need log data. We bring in a traceback server and traceback agents in each network and use sniffing and spoofing schemes. Finally, the traceback server detects attacking hosts using information transmitted from traceback agents.