• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.87-95
• /
• 2015

Recently, The cloud computing technology is emerging as an important issue in the world, and In technology and services, has attracted much attention. Cloud services have evolved from simple forms to complex forms(using multiple mobile devices and communication services(Kakao talk, Facebook, etc.). In particular, as the cloud is especially facilitated the collection of user information, it can now be analyzed with the user's taste and preference. And many of the benefits of the cloud became increasingly closely with our lives. However, the positive aspects of cloud computing unlike the includes several vulnerabilities. For this reason, the Hacking techniques according to the evolution of a variety of attacks and damages is expected. Therefore, this paper will be analyzed through case studies of attack and vulnerability to the privacy threats factors of the cloud computing services. and In the future, this is expected to be utilized as a basis for the Privacy security and Response.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.769-780
• /
• 2014

In general, internet users need to remember several IDs and passwords when they use diverse web sites. From an effective management perspective, SSO system was suggested to reduce user inconvenience. Kerberos authentication, which uses centralized system management, is a typical example of a broker-based SSO authentication model. However, further research is required, because the existing Kerberos authentication system has security vulnerability problems of password and replay attacks. In SSO authentication systems, a major security vulnerability is the replay attack. When user credentials are seized by attackers, an authorized session can be obtained through a replay attack. In this paper, an improved SSO authentication model based on the broker-based model and a secure lightweight SSO mechanism against credential replay attack is proposed.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.155-164
• /
• 2006

VoIP technology is Eight New Services among Ubiquitous-IT839 strategies. This paper tested wiretapping or VoIP service in connected a soft phone and LAN and WAN sections, Internet telephones and a device. IP PBX, a banner operator network to have been connected to VoIP Internet network. As a result of having experimented on wiretapping of VoIP networks, Vulnerability was found. and a wiretapping by attacks of a hacker was succeeded in a terminal and proxy and attachment points of a VoIP network like a hub to follow a CVE list. Currently applied a security plan of an each wiretapping section in viewpoints of 6 security function of Access Control. Confidentiality, Authentication. Availability, Integrity. Non-repudiation in VoIP networks named to 070. Prevented wiretapping of contents by the results, the AES encryption that executed wiretapping experiment about a packet after application of a security plan. Prevented wiretapping, and kept security and audit log. and were able to accomplish VoIP information protection to network monitoring and audit log by an access interception and qualification and message hash functions and use of an incoming refusal.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.234-237
• /
• 2014

The increasing of Cloud Computing technology among several companies has been a key strategy for IT services to provide desirable IT solutions to consumers of cloud services. More attention is concentrated to these core technologies that enable cloud services and more particularly to the virtualization aspect. The accessibility to a larger number of users is possible because of the usage of the data-intensive, data management and data integrity. Unfortunately, those useful services are vulnerable to kind of attacks by hackers, thus the security of personal information is in critical situation. To solve this to leakage vulnerability, and with the proliferation of cloud services, the cloud service providers adopt a security system with firewall, antivirus software and a large number of virtualized servers and Host. In this paper, a variety of virtualization technologies, threats and vulnerabilities are described with a complement of different security solutions as countermeasures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1169-1178
• /
• 2012

Recently, since the most software intensive systems are using internet environment for data exchange, the software security is being treated as a big issue. And, to minimize vulnerability of software system, security ensuring steps which are applying secure coding rules, are introduced in the software development process. But, since actual attacks are using a variety of software vulnerabilities, it is hard to analyze software weakness by monotonic analysis. In this paper, it is tried to against the complex attack on the variety of software vulnerability using the coupling which is one of the important characteristic of software. Furthermore, pre-analysis of the complex attack patterns using a combination of various attack methods, is carried out to predict possible attack patterns in the relationship between software modules. And the complex attack pattern analysis method is proposed based on this result.

• Structural Engineering and Mechanics
• /
• v.81 no.6
• /
• pp.665-675
• /
• 2022

The safety problems of giant hydraulic structures such as dams caused by terrorist attacks, earthquakes, and wars often have an important impact on a country's economy and people's livelihood. For the national defense department, timely and effective assessment of damage to or impending damage to dams and other structures is an important issue related to the safety of people's lives and property. In the field of damage assessment and vulnerability analysis, it is usually necessary to give the damage assessment results within a few minutes to determine the physical damage (crack length, crater size, etc.) and functional damage (decreased power generation capacity, dam stability descent, etc.), so that other defense and security departments can take corresponding measures to control potential other hazards. Although traditional numerical calculation methods can accurately calculate the crack length and crater size under certain combat conditions, it usually takes a long time and is not suitable for rapid damage assessment. In order to solve similar problems, this article combines simulation calculation methods with machine learning technology interdisciplinary. First, the common concrete gravity dam shape was selected as the simulation calculation object, and XFEM (Extended Finite Element Method) was used to simulate and calculate 19 cracks with different initial positions. Then, an LSTM (Long-Short Term Memory) machine learning model was established. 15 crack paths were selected as the training set and others were set for test. At last, the LSTM model was trained by the training set, and the prediction results on the crack path were compared with the test set. The results show that this method can be used to predict the crack propagation path rapidly and accurately. In general, this article explores the application of machine learning related technologies in the field of mechanics. It has broad application prospects in the fields of damage assessment and vulnerability analysis.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.3
• /
• pp.26-33
• /
• 2017

Recently container technologies have been receiving attention for efficient use of the cloud platform. Container virtualization technology has the advantage of a highly portable, high density when compared with the existing hypervisor. Container virtualization technology, however, uses a virtualization technology at the operating system level, which is shared by a single kernel to run multiple instances. For this reason, the feature of container is that the attacker can obtain the root privilege of the host operating system internal the container. Due to the characteristics of the container, the attacker can attack the root privilege of the host operating system in the container utilizing the vulnerability of the kernel. In this paper, we propose a framework for efficiently detecting and responding to root privilege attacks of a host operating system in a container. This framework uses a memory trap technique to detect changes in a specific memory area of a container and to suspend the operation of the container when it is detected.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.43-50
• /
• 2022

It is no exaggeration to say that mobile devices have already become an essential tool in our daily life. Among these mobile devices, a representative smart phone is overheating the market by introducing new functions and services whenever a new product is released. However, most users do not know that there are various vulnerabilities depending on the manufacturer, service, or function, and damage is occurring due to attacks that exploit the vulnerabilities.Research on this has already been conducted, but it is very difficult to predict because there are various differences depending on new devices, operating systems, services, and functions. For this reason, it is necessary to continuously monitor and study new vulnerable factors. Therefore, through this study, research so far, vulnerabilities, attack technology, and response technology were considered. In addition, it is expected that it can be used as basic data for the development of systems and response technologies in the future by proposing countermeasures.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.43-52
• /
• 2023

Many businesses and organizations use smartcard-based user authentication for remote access. In the meantime, through various studies, dynamic ID-based remote user authentication protocols for distributed multi-server environments have been proposed to protect the connection between users and servers. Among them, Qiu et al. proposed an efficient smart card-based remote user authentication system that provides mutual authentication and key agreement, user anonymity, and resistance to various types of attacks. Later, Andola et al. found various vulnerabilities in the authentication scheme proposed by Qiu et al., and overcame the flaws in their authentication scheme, and whenever the user wants to log in to the server, the user ID is dynamically changed before logging in. An improved authentication protocol is proposed. In this paper, by analyzing the operation process and vulnerabilities of the protocol proposed by Andola et al., it was revealed that the protocol proposed by Andola et al. was vulnerable to offline smart card attack, dos attack, lack of perfect forward secrecy, and session key attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.949-959
• /
• 2024

Recently, as enterprises utilize the cloud and artificial intelligence, it is becoming increasingly difficult to protect exposed interfaces with existing perimeter security methods. Accordingly, zero trust-based comprehensive risk management is becoming necessary. Most enterprises use vulnerability inspection and bug bounty (security vulnerability reporting system) as basic risk management methods, but it is difficult to effectively respond to unpredictable problems such as zero-day attacks or open source vulnerabilities with these methods alone. Therefore, in this paper, we propose a risk response technique for the entire enterprise that links external OSINT (open source information) and CTI of national government agencies to detect threats through CTI (cyber threat intelligence) and collects the enterprise's own CTI. As a result of comparing the method of threat detection and blocking that collects the enterprise's own CTI by configuring a honeypot for effective threat detection and links it to the CTI of an external government agency, the proposed technique showed a 65.8% higher performance improvement in detection accuracy and verified the effect of reducing the number of attackers in the organization through this method