• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.277-280
• /
• 2010

Network based on the OSI 7 Layer communication protocol is implemented, and the Internet TCP / IP Layer Based on the vulnerability is discovered and attacked. In this paper, using the programs on the network Layer Scanning conducted by the Layer-by each subsequent vulnerability analysis. Layer by Scanning each vulnerability analysis program to analyze the differences will be studied. Scanning for the studies in the program reflects the characteristics of the Scanning Features of way, and security countermeasures by each Layer is presented. The results of this study was to analyze its vulnerability to hackers and security for defense policy as the data is utilized to enhance the security of the network will contribute.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.447-452
• /
• 2013

Berkley Media Access Control (B-MAC) protocol is one of the well-known MAC protocols, which uses adaptive preamble sampling scheme and is designed for wireless sensor networks (WSN). In this paper, we are reviewed about security vulnerability in B-MAC, and analyzed the power which is consumed at each stage of B-MAC protocol according to vulnerability of denial of sleep(DoS) and replay problem. From our analytical results, it can be considered the need of power efficient authentication scheme which provides the reliability, efficiency, and security for a general B-MAC communication. This is the case study of possible DoS vulnerability and its power consumption in B-MAC.

• Review of KIISC
• /
• v.27 no.4
• /
• pp.22-26
• /
• 2017

온라인 게임은 가장 성공적인 인터넷 서비스 중 하나로서 빠른 속도로 성장해 왔다. 그러나 게임을 대상으로 하는 다양한 공격들이 있었고 그로 인해 많은 정상 사용자들 및 게임서비스 회사에 피해가 발생함에 따라, 온라인 게임 서비스를 보호하기 위한 다양한 기법들이 연구되어 왔다. 실제로 대규모 이용자들이 접속하는 PC 게임들의 경우, 게임 클라이언트단, 네트워크 단, 서버 단 각 구간별로 다양한 보안 기법들이 개발되어 적용되어 왔다. 이 중, 게임 클라이언트는 사용자 및 해커 쪽에서 손쉽게 접근이 가능하기 때문에 공격에 쉽게 노출되어 있어 신뢰하기 어려운 구간이었다. 더불어, 게임 클라이언트 단에 강력한 보안을 적용할 경우 성능저하가 발생하기 때문에 상용 게임보안 솔루션에 의해 프로세스 및 메모리 보호를 받는 등 역공학 방지 기법 및 난독화 기법 정도만을 최소한으로 적용하고, 그 외에는 대부분의 탐지 및 차단 기법들을 네트워크 단 및 서버 단에 적용하는 것이 일반화 되어 있다. 하지만, 최근 하드웨어의 지원을 받아 클라이언트 단의 성능저하를 최소화 하면서도, 게임 클라이언트를 TEE (Trusted Execution Environment)에서 안전하게 실행할 수 있는 기술들이 등장하면서, 게임 클라이언트 단의 보안기술이 다시 주목받고 있다. 본 논문에서는 메모리 변조 공격 및 게임프로세스에 인젝션 공격을 하는 게임해킹 기법들에 대응하기 위하여 Intel에서 발표한 새로운 하드웨어 보안 기술인 Intel SGX(Software Guard Extensions)를 적용하는 방안에 대해 소개한다. Intel SGX를 적용하여 게임프로그램의 프로세스를 보호할 경우 코드와 데이터의 무결성 및 기밀성을 보장하며 실행시킬 수 있기 때문에, 온라인게임보안 발전에 상당히 기여할 수 있을 것으로 기대된다.

• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.438-449
• /
• 2004

With the growing deployment of network and internet, the importance of security is also increased. But, recent intrusion detection systems which have an important position in security countermeasure can't provide proper analysis and effective defence mechanism. Instead, they have overwhelmed human operator by large volume of intrusion detection alerts. In this paper, we propose an efficient alert analysis system that can produce high level information by analyzing and processing the large volume of alerts and can detect large-scale attacks such as DDoS in early stage. And we have measured processing rate of each elementary module and carried out a scenario-based test in order to analyzing efficiency of our proposed system.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.355-358
• /
• 2009

센서 네트워크에 대한 연구가 활발히 이루어지면서 센서 네트워크 보안에 대한 문제점이 많이 야기되고 있다. 무선 센서 네트워크에서는 개방된 환경에서 제한적인 자원을 가지는 노드들로 구성되어 있다. 개방된 환경에 배치된 노드들은 공격자에게 쉽게 노출되어질 수 있다. 공격자는 노드를 물리적으로 포획하여 데이터 인증에 사용하는 인증키와 같은 보안 정보들을 획득할 수 있다. 공격자는 포획된 노드를 통하여 허위 보고서로 무선 센서 네트워크에 쉽게 삽입시킬 수 있다. 이는 허위 보고서로 인한 혼란 및 위조 정보의 전달과정에서 발생하는 에너지 고갈 등의 문제점을 유발시키게 된다. 이러한 허위 보고서를 조기에 탐지 및 폐기하기 위하여 동적 여과 프로토콜(DEF: Dynamic En-route Filtering scheme)이 제안되었다. DEF에서 인증키를 재배포 하는 주기는 보안 강도와 비용을 트레이드-오프 하는 관계에 놓여있으므로 매우 중요하다. 본 논문에서는 센서네트워크에서 동적 여과 프로토콜의 인증키 재배포 주기를 결정하는 기법을 제안한다. 배포된 노드들의 위상변화, BS까지 도달한 허위보고서 비율, 공격자에게 포획된 노드의 수 등을 고려하여 재배포 여부를 결정하고 재배포가 결정되면 각 클러스터 헤드들에게 재배포를 명령하게 된다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.11
• /
• pp.1074-1077
• /
• 2013

This paper analyzes the benefit of using directional antennas against eavesdropping attack in millimeter wave (mmWave)-based networks. All devices are equipped with a directional antenna or an omni-directional antenna in a single-hop communications. The probability of a device being detected by an eavesdropper is analyzed based on the exposure region of a device. The relative detection rate is introduced to represent the benefit of using directional antenna. Numerical results show that there exists an optimal number of devices that maximizes the detection probability and it varies according to the parameters such as antenna beamwidth. It shows that the use of directional antenna enables to protect the devices from the detection by an eavesdropper for almost the whole situation in mmWave band communication.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.3
• /
• pp.9-17
• /
• 2012

In this paper, we propose a SPN 256 bit block cipher so called XSB(eXtended SPN Block cipher) which has a symmetric structure in encryption and decryption. The proposed XSB is composed of the even numbers of N rounds where the first half of them, 1 to N/2-1 round, applies a pre-function and the last half of them, N/2+1 to N round, employs a post-function. Each round consists of a round key addition layer, a substiution layer, a byte exchange layer and a diffusion layer. And a symmetry layer is located in between the pre-function layer and the post-function layer. The symmetric layer is composed with a multiple simple bit slice involution S-Boxes. The bit slice involution S-Box symmetric layer increases difficult to attack cipher by Square attack, Boomerang attack, Impossible differentials cryptanalysis etc.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.41-46
• /
• 2013

Routing protocol using in the existing wire network cannot be used as it is for efficient data transmission in MANET. Because it consists of only mobile nodes, network topology is changing dynamically. Therefore, each mobile node must perform router functions. Variety of routing attack like DoS in MANET is present owing to these characteristic. In this paper, we proposed cooperative-based detection method to improve detection performance of flooding attack which paralyzes network by consuming resource. Accurate attack detection is done as per calculated adaptively threshold value considered the amount of all network traffic and the number of nodes. All the mobile nodes used a table called NHT to perform collaborative detection and apply cluster structure to the center surveillance of traffic.

• Journal of Internet Computing and Services
• /
• v.10 no.6
• /
• pp.81-98
• /
• 2009

Collaborative filtering, one of the most successful technologies among recommender systems, is a system assisting users in easily finding the useful information and supporting the decision making. However, despite of its success and popularity, one notable issue is incredibility of recommendations by unreliable users called shilling attacks. To deal with this problem, in this paper, we analyze the type of shilling attacks and propose a unique method of building a model for protecting the recommender system against manipulated ratings. In addition, we present a method of applying the model to collaborative filtering which is highly robust and stable to shilling attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.3-11
• /
• 2003

It is very important to detect and remove original sources of various attacks through networks. One of the effective method to detect the sources is traceback systems. In this paper, we design and implement an agent-based traceback system that does not require the reaction of routers and administrators and does not need numerous log data. In the design, we introduce a traceback server and traceback agents in each network Using sniffing and spoofing, the server transmits a packet with a specific message. The agents detect the packet and provide the information for the server to trace back the original source.