• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.6
• /
• pp.605-610
• /
• 2020

Software Defined Networking (SDN) is setting the standard for the management of networks due to its scalability, flexibility and functionality to program the network. The Distributed Denial of Service (DDoS) attack is most widely used to attack the SDN controller to bring down the network. Different methodologies have been utilized to detect DDoS attack previously. In this paper, first the dataset is obtained by Kaggle with 84 features, and then according to the rank, the 20 highest rank features are selected using Permutation Importance Algorithm. Then, the datasets are trained and tested with Convolution Neural Network (CNN) classifier model by utilizing deep learning techniques. Our proposed solution has achieved the best results, which will allow the critical systems which need more security to adopt and take full advantage of the SDN paradigm without compromising their security.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.165-172
• /
• 2023

Nation-state social engineering attacks are steadily being carried out as they are highly effective attacks, primarily to gain an advantage over secret information, diplomatic negotiations or future policy changes. As The Ukraine-Russia war prolongs, the activities of global hacking organizations are steadily increasing, and large-scale cyberattack attempts against major infrastructure or global companies continue, so a countermeasure strategy is needed. To this end, we determined that the social engineering attack cycle excluding physical contact among various social engineering models is the most suitable model, and analyzed the preferred social engineering attack method by comparing it with geopolitical tactics through case analysis. AS a result China favors phishing attacks, which prefer quantity over quality, such as man-made tactics, Russia prefers covert and complex spear phishing reminiscent of espionage warfare, and North Korea uses geopolitical tactics such as spear phishing and watering holes for attacks on the US and South Korea Most of the other countries aimed to secure funds with ransomware. Accordingly, a Clean Pass policy for China, periodic compulsory education in Russia, and international sanctions against North Korea were presented as countermeasure strategies.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.237-240
• /
• 2011

Voice over Internet Protocol calls using administrative agency to build a national information and communication service, 'C' group, providers, the KT, SK Broadband, LG U+, Samsung SDS, as there are four operators. To prepare for an attack on Voice over Internet Protocol for administrative agency, security is a need for research to support the model. In this paper, the Internet telephone business of Administrative Agency to investigate and analyze the specific security measures to respond. Should set priorities around confidentiality about five security threats from NIS to Study of Voice over Internet Protocol Security Response Model for Administrative Agency. (1) Illegal wiretapping, (2) call interception, (3) service misuse, (4) denial of service attacks, (5) spam attacks, write about and analyze attack scenarios. In this paper, an analysis of protection by security threats and security breaches through a step-by-step system to address the research study is a step-by-step development of the corresponding model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.961-970
• /
• 2017

The differential power analysis calculates the intermediate value related to sensitive information and substitute into the power model to obtain (hypothesized) power consumption. After analyzing the calculated power consumption and measuring power consumption, the secret information value can be obtained. Hamming weight and hamming distance models are most commonly used power consumption model, and the power consumption model is obtained through the modeling technique. If the power consumption model assumed by the actual equipment differs from the power consumption of the actual equipment, the side channel analysis performance is declined. In this paper, we propose a method that records measured power consumption and exploits as power consumption model. The proposed method uses the power consumption at the time when the information (plain text, cipher text, etc.) available in the encryption process. The proposed method does not need template in advance and uses the power consumption measured by the actual equipment, so it accurately reflects the power consumption model of the equipment.. Simulation and experiments show that by using our proposed method, side channel analysis is improved on the existing power modeling method.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.25-32
• /
• 2022

Recently, the image processing industry has been activated as deep learning-based technology is introduced in the image recognition and detection field. With the development of deep learning technology, learning model vulnerabilities for adversarial attacks continue to be reported. However, studies on countermeasures against poisoning attacks that inject malicious data during learning are insufficient. The conventional countermeasure against poisoning attacks has a limitation in that it is necessary to perform a separate detection and removal operation by examining the training data each time. Therefore, in this paper, we propose a technique for reducing the attack success rate by applying modifications to the training data and inference data without a separate detection and removal process for the poison data. The One-shot kill poison attack, a clean label poison attack proposed in previous studies, was used as an attack model. The attack performance was confirmed by dividing it into a general attacker and an intelligent attacker according to the attacker's attack strategy. According to the experimental results, when the proposed defense mechanism is applied, the attack success rate can be reduced by up to 65% compared to the conventional method.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.82-84
• /
• 2005

기존의 웜 탐지는 중요한 네트워크 소스의 폭주라 스위치 라우터 및 말단 시스템에서의 변동 효과를 가지고 공격을 판단했었다. 하지만 최근의 인터넷 웜은 발생 초기에 대응하지 못하면 그 피해의 규모가 기하급수적으로 늘어난다. 또한 방어하기가 어려운 서비스 거부 공격을 일으킬 수 있는 간접 공격의 주범이 될 수 있다는 정에서 웜의 탐지와 방어는 인터넷 보안에 있어서 매우 중요한 사안이 되었다. 본 논문에서는 이미 알려진 공격뿐 아니라 새로운 웜의 스캐닝 공격을 탐지하기 위하여, 패턴 분류 문제에 있어서 우수한 성능을 보이는 Support Vector Machine(SVM)[1]을 사용하여 인터넷 웜의 스캐닝 공격을 탐지하는 시스템 모델을 제안한다.

• Journal of Advanced Navigation Technology
• /
• v.16 no.2
• /
• pp.211-218
• /
• 2012

In this paper, we propose a fault injection attack on AES-CMAC, which is defined by IETF. The fault assumption used in this attack is based on that introduced at FDTC'05. This attack can recover the 128-bit secret key of AES-CMAC by using only small number of fault injections. This result is the first known key recovery attack result on AES-CMAC.

• Review of KIISC
• /
• v.30 no.4
• /
• pp.69-76
• /
• 2020

본 연구에서는 신재생에너지의 큰 비중을 차지하고 있는 풍력발전의 ICT 환경을 조사하고 최신해킹사례를 분석하여, 예상되는 보안위협을 도출하였다. 이 중 가장 영향도가 높은 보안위협요소로 CSRF(Cross-Site Request Forgery) 공격을 선정하고 공격을 방어할 수 있는 인증강화모델을 제안하였다. 우선, 풍력발전 관련한 국제표준화 동향 및 대형제작사 구현실태를 살펴보고 CSRF 공격 예방을 위한 선행연구를 조사하였다. 선행연구의 이점을 접목하고 약점을 강화하여 재인증, CAPTCHA, OTP(One Time Password)와 같은 인증방식을 주요명령수행 구간에 임의로 표출시켜 인증시점의 불확실성(Entropy)을 높여 공격자가 쉽게 예측하지 못하도록 하였다. 명령수행과정의 일관성(고정성)이 매회 변화되므로 고정화된 형태의 CSRF 공격을 예방할 수 있다.

• Annual Conference of KIPS
• /
• 2015.04a
• /
• pp.388-391
• /
• 2015

현재 개인정보보호법 및 정보보안에 대한 중요한 이슈가 되고 있다. 데이터 유출사고의 약 76%가 외부조직에서 발견되었고, 피해조직의 내부에서 발견된 비율 중 절반 이상이 최종 사용자에 의해 발견되었다. 관제대상과 범위가 주로 네트워크 영역으로 한정되어 있고 외부로부터 유입되는 공격에 대한 모니터링에 집중하는 보안관제 체계가 사고의 원인으로 파악되었다. 즉 내부 PC를 대상으로 하는 공격이나, 패턴기반의 탐지를 우회하는 알려지지 않은 취약점을 이용한 APT공격, 사회공학적 공격 등에는 한계를 보이는 경우이다. 향후 사물인터넷(IoT)의 증가로 인하여 더 많은 취약점 공격과 대량의 비정형 데이터가 증가할 경우 내외부적인 공격에 보안 체계가 더 체계적이고 계층적 방어 보안 모델로 대응해야 한다.

• Annual Conference of KIPS
• /
• 2023.05a
• /
• pp.215-216
• /
• 2023

오디오 적대적 공격 연구는 최근 몇 년 동안 빠르게 발전해 왔다. 이전에는 음성 신호를 직접 수정하거나 추가하여 공격을 수행하는 방법이 일반적이었지만 최근에는 딥러닝 모델을 이용한 적대적 공격 기술이 주목을 받고 있다. 이러한 적대적 공격은 현재 다양한 분야에 널리 쓰이는 ASR 시스템에 심각한 보안 위협이 될 수 있다. 이에 본 논문에서는 현재까지의 음성신호 적대적 공격 기술과 방어기술의 연구 흐름을 분석하여 더욱 강건한 ASR 시스템을 구축하는 데 기여하고자 한다.