• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.639-653
• /
• 2013

Smart grid is a network of computers and power infrastructure that monitor and manage energy usage efficiently. Recently, the smart grid demonstration projects around the world, including the United States, Europe, Japan, and the technology being developed. The protection of the many components of the grid against cyber-threats has always been critical, but the recent Smart grid has been threatened by a variety of cyber and physical attacks. We model and analyze advanced metering infrastructure(AMI) in smart grid. Using attack countermeasure tree(ACT) we show qualitative and probabilistic security analysis of AMI. We implement using SHARPE(Symbolic Hierarchical Automated Reliability and Performance Evaluator) tool and calculate probability, ROA, ROI, Structure Importance, Birnbaum Importance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.485-500
• /
• 2018

As the size of the system and network environment grows and the network structure and the system configuration change frequently, network administrators have difficulty managing the status manually and identifying real-time changes. In this paper, we suggest a system that scans dynamic network information in real time, scores vulnerability of network devices, generates all potential attack paths, and visualizes them using attack graph. We implemented the proposed algorithm based attack graph; and we demonstrated that it can be applicable in MTD concept based defense system by simulating on dynamic virtual network environment with SDN.

• Journal of Broadcast Engineering
• /
• v.6 no.2
• /
• pp.195-202
• /
• 2001

As a solution for copyright protection of digital multimedia contents, digital watermark technology is now drawing the attention. In this paper, we presented two novel audio watermarking algorithms as a solution for protecting unauthorized copy of digital audio. Proposed watermarking schemes include the psychoacoustic model of MPEG audio coding to achieve the perceptual transparency after watermark embedding and preprocessing procedure before correlation in watermark detection to extract copyright information without access to the original audio signal. Experimental results show that our watermarking scheme is robust to common signal Processing attacks and it Introduces no audible distortion after watermark insertion.

• KSCI Review
• /
• v.15 no.1
• /
• pp.65-75
• /
• 2007

Analyzed about a matter and requirements to intimidate security of ubiquitous and home network threatening various security for personal information protection in ubiquitous home networks at these papers, and studied. Got authentication procedures and verification procedures acid user approach to be reasonable through designs to the home security gateway which strengthened a security function in the outsides, and strengthened protection of a home network. Also, execute a DoS, DDoS, IP Spoofing attack protective at home network security gateways proved, and security regarding an external denial of service attack was performed, and confirmed. Strengthen appliances and security regarding a user, and confirm a defense regarding an external attack like DoS, DDoS, IP Spoofing, and present a home network security model of this paper to the plans that can strengthen personal information protection in ubiquitous home networks in ubiquitous home networks through experiment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.1009-1019
• /
• 2018

Bitcoin is the first application utilizing the blockchain, but it has limitations in terms of scalability. The concept of Lightning Network was recently introduced to address the scalability problem of Bitcoin. In this paper, we found that the real-world Bitcoin Lightning Network shows the scale-free property. Therefore, the Bitcoin Lightning Network can be vulnerable to the intentional attacks targeting some specific nodes in the network while it is still robust to the random node failures. We experimentally analyze the robustness of the Bitcoin's Lightning Network via the simulation of network attack model. Our simulation results demonstrate that the real-world Lightning Network is vulnerable to target attacks that destroy a few nodes with high degree.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.129-139
• /
• 2002

As internet expands, the possibility of attack through the network is increasing. So we need the technology which can detect the attack to the system or the network spontaneously. The purpose of this paper proposes the system to detect intrusion automatically using the Adaptive Resonance Theory2(ART2) which is one of artificial neural network The parameters of the system was tunned by ART2 algorithm using a lot of normal packets and various attack packets which were intentionally generated by attack tools. The results were compared and analyzed with conventional methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.3-10
• /
• 2007

In this paper, we show that the status certificate-based encryption(SCBE) scheme proposed at ICISC 2004 and the certificateless signature(CLS) scheme proposed at EUC workshops 2006 are insecure. Both schemes are claimed that an adversary has no advantage if it controls only one of two participants making a cryptographic key such as a decryption key in SCBE or a signing key in CLS. But we will show that an adversary considered in the security model of each scheme can generate a valid cryptographic key by replacing the public key of a user.

• Annual Conference of KIPS
• /
• 2020.11a
• /
• pp.349-352
• /
• 2020

클라우드는 가상화 기술을 사용한 리소스의 유연성과 뛰아난 접근성을 장점으로 빅데이터, 딥러닝 등 여러 분야에서 클라우드를 사용하고 있다. 최근 클라우드와 결합된 IoT 시스템을 통해 시스템 관리, 데이터 처리 및 저장, 데이터를 이용한 빅데이터 활용 등 여러 방법으로 사용 할 수 있어 많은 관심을 받고 있다. 그러나 IoT 클라우드의 많은 활용에 따라 대규모 시스템화, 여러 사용자의 개인정보 저장 등의 이유로 많은 공격자의 표적이 되고있다. 여러 공격자의 공격을 방아하기 위해 IoT 클라우드 시스템은 블록체인, 보안 IoT 디바이스, 변형된 클라우드 모델등 여러 연구가 진행되고 있다. 본 논문에서는 최근 연구되고 있는 블록체인, 클라우드, IoT 시스템의 동향에 대해 조사하고, 기존에 연구되었던 기술을 바탕으로 효과적인 블록체인 기반의 IoT 클라우드 시스템을 제안한다. 제안하는 IoT 클라우드 시스템은 블록체인 기술을 사용하여 보안정책을 관리할 수 있어 신뢰성이 높으며, 클라우드 시스템이 작동하지 않을 경우 페일오버 기능을 수행할 수 있어 가용성이 뛰어나다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1033-1042
• /
• 2023

This paper proposes a network intrusion detection system that identifies abnormal flows within the network. The majority of datasets commonly used in research lack time-series information, making it challenging to improve detection rates for attacks with fewer instances due to a scarcity of sample data. However, there is insufficient research regarding detection approaches. In this study, we build upon previous research by using the Artificial neural network(ANN) model and a stack ensemble technique in our approach. To address the aforementioned issues, we incorporate temporal information by leveraging adjacent flows and enhance the learning of samples from sparse attacks, thereby improving both the overall detection rate and the detection rate for sparse attacks.

• Annual Conference of KIPS
• /
• 2024.05a
• /
• pp.749-752
• /
• 2024

연합학습은 클라이언트가 중앙 서버에 원본 데이터를 주지 않고도 학습할 수 있도록 설계된 분산된 머신러닝 방법이다. 그러나 클라이언트와 중앙 서버 사이에 모델 업데이트 정보를 공유한다는 점에서 여전히 추론 공격(Inference Attack)과 오염 공격(Poisoning Attack)의 위험에 노출되어 있다. 이러한 공격을 방어하기 위해 연합학습에 차분프라이버시(Differential Privacy)를 적용하는 방안이 연구되고 있다. 차분 프라이버시는 데이터에 노이즈를 추가하여 민감한 정보를 보호하면서도 유의미한 통계적 정보 쿼리는 공유할 수 있도록 하는 기법으로, 노이즈를 추가하는 위치에 따라 전역적 차분프라이버시(Global Differential Privacy)와 국소적 차분 프라이버시(Local Differential Privacy)로 나뉜다. 이에 본 논문에서는 차분 프라이버시를 적용한 연합학습의 최신 연구 동향을 전역적 차분 프라이버시를 적용한 방향과 국소적 차분 프라이버시를 적용한 방향으로 나누어 검토한다. 또한 이를 세분화하여 차분 프라이버시를 발전시킨 방식인 적응형 차분 프라이버시(Adaptive Differential Privacy)와 개인화된 차분 프라이버시(Personalized Differential Privacy)를 응용하여 연합학습에 적용한 방식들에 대하여 특징과 장점 및 한계점을 분석하고 향후 연구방향을 제안한다.