• Annual Conference of KIPS
• /
• 2002.11b
• /
• pp.1123-1126
• /
• 2002

연구와 군사 목적으로 발전한 인터넷은 현재 많은 기업들과 일반인들이 사용하는 현대 사회의 중요한 기반 시설로 자리잡게 되었으며, 아울러 인터넷이 사회에 끼치는 영향이 커짐에 따라 여러 가지 목적으로 자신의 접속 위치를 우회하여 숨기고 인터넷 보안 모델의 취약점을 공격하는 침입자가 증가하고 있다. 따라서, 침입에 사용되는 기술과 그에 대한 대응 기법 또한 보다 복잡하고 정교해 지고 있으나 근본적으로 악의적 침입을 근절하는 능동적인 대응은 미약한 현실이다. 본 논문에서는 인터넷 환경에서 여러 가지 우회 경로를 통해 접근한 침입자의 실제 접속 위치를 효율적으로 추적하기 위해 기존 역추적 연구의 유형과 문제점을 살펴보고 차세대 인터넷 환경에서 활용 가능한 역추적 기법의 모델을 제시한다. 따라서, 기존 역추적 기법의 현실적으로 적용이 어려운 구성과 침입자의 보안 설정에 따른 추적 제한 등의 문제점을 살펴보고 그 해결 방안이 되는 새로운 역추적 시스템의 모델을 제시한다. 그리고, 본 연구에서 제시하는 모델은 기존의 연결 경로를 거슬러 추적하는 기법과 달리 프록시 등 우회 경로를 통해 접근한 침입자에 대해 직접 연결되는 프로토콜을 자동 실행 되도록 구성하여 접근한 침입자의 위치를 파악하는 모델이나. 이 모델을 적용할 경우 실제 적용 가능한 구성과 효율적인 추적 특성을 가지게 되며 구성 비용의 손실 또한 줄일 수 있게 되는 장점을 가지게 된다.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.4
• /
• pp.575-580
• /
• 2024

Detecting the status of websites, normal or phishing, is necessary to defend against intelligent phishing attacks. We propose a machine learning-based classification to predict the status of websites. First, we collect information about 'URL', convert it into numerical data, and remove outliers. Second, we apply VIF(Variance Inflation Factors) to understand the correlation and independence between variables. Finally, we develop a phishing website detection model with machine learning-based classifications, which predicts website status. In the test datasets, Random Forest showed the best performance, with precision of 93.74%, recall of 92.26%, and accuracy of 93.14%. In the future, we expect to apply our model to detect various phishing crimes.

• The Journal of Society for e-Business Studies
• /
• v.17 no.3
• /
• pp.117-128
• /
• 2012

There was a large scale of DDoS(Distributed Denial of Service) attacks mostly targeted at Korean government web sites and cooperations's on March 4, 2010(3.4 DDoS attack) after 7.7 DDoS on July 7, 2009. In these days, anyone can create zombie PCs to attack someone's website with malware development toolkits and farther more improve their knowledge of hacking skills as well as toolkits because it has become easier to obtain these toolkits on line, For that trend, it has been difficult for computer security specialists to counteract DDoS attacks. In this paper, we will introduce an essential control list to prevent malware infection with live forensics techniques after analysis of monitoring network systems and PCs. Hopefully our suggestion of how to coordinate a security monitoring system in this paper will give a good guideline for cooperations who try to build their new systems or to secure their existing systems.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.9
• /
• pp.91-101
• /
• 2012

Key exchange protocols are essential for building a secure communication channel over an insecure open network. In particular, password-based key exchange protocols are designed to work when user authentication is done via the use of passwords. But, passwords are easy for human beings to remember, but are low entropy and thus are subject to dictionary attacks. Recently, Zhao and Gu proposed a new server-aided protocol for password-based key exchange. Zhao and Gu's protocol was claimed to be provably secure in a formal adversarial model which captures the notion of leakage of ephemeral secret keys. In this paper, we mount a replay attack on Zhao and Gu's protocol and thereby show that unlike the claim of provable security, the protocol is not secure against leakage of ephemeral secret keys. Our result implies that Zhao and Gu's proof of security for the protocol is invalid.

• The Journal of the Korea Contents Association
• /
• v.7 no.3
• /
• pp.93-100
• /
• 2007

Internet had spread in all fields with the fast speed during the last 10 years. Lately, wireless network is also spreading rapidly. Also, number of times that succeed attack attempt and invasion for wireless network is increasing rapidly TMS system was developed to overcome these threat on wireless network. Existing TMS system supplies active confrontation mechanism on these threats. However, existent TMS has limitation that new form of attack do not filtered efficiently. Therefor this paper proposes a new method that it automatically compute the threat from the imput packets with vector space model and detect anomaly detection of wireless network. Proposed mechanism in this research analyzes similarity degree between packets, and detect something wrong symptom of wireless network and then classify these threats automatically.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1057-1068
• /
• 2012

According to advance on vehicle technology, many kinds of ECU(Electronic Control Unit) are equipped inside the vehicle. In-vehicle communication among ECUs is performed through CAN(Controller Area Networks). CAN have high reliability. However, it has many vulnerabilities because there is not any security mechanism for CAN. Recently, many papers proposed attacks of in-vehicle communication by using these vulnerabilities. In this paper, we propose an wireless attack model using a mobile radio communication network. We propose a secure authentication mechanism for in-vehicle network communication that assure confidentiality and integrity of data packets and also protect in-vehicle communication from the replay attack.

• The Journal of the Korea Contents Association
• /
• v.21 no.4
• /
• pp.262-277
• /
• 2021

In order to explore the power process, a hypothetical model which explains the interrelationships among 3 marital power(traditional, egalitarian, personal), 3 influence strategies(reward, coercion, emotional), and 2 negative conflict resolution styles(attack vs. avoidance) was developed. In order to examine the gender differences, male model and female model were developed separately and compared. Using the data collected from 182 males and 196 females, the hypothetical model was tested. For data analysis, SEM was used. As a result, 3 common paths were found: Greater use of emotional influence strategy increased attack as well as avoidance. Greater egalitarian power increased reward. Egalitalian power affected the use of coercion, but the direction was opposed: male's egalitarian power decreased coercion, while female's egalitarian power increased it. Except these, the analyses revealed the substantial differences between male and female. Based on the findings, the ways to reduce attack and avoidance, and theoretical implications were discussed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1171-1181
• /
• 2022

Front Collision-Avoidance Assist (FCA) or Smart Cruise Control (SCC) is installed in a modern vehicle, and the amount of data exchange between ECUs increases rapidly. Therefore, Automotive Ethernet, especially SOME/IP, which supports wide bandwidth and two-way communication, is widely adopted to overcome the bandwidth limitation of traditional CAN communication. SOME/IP is a standard protocol compatible with various automobile operating systems, and improves connectivity between components in the vehicle. However, no encryption or authentication process is defined in the SOME/IP protocol itself. Therefore, there is a need for a security study on the SOME/IP protocol. This paper proposes a deep learning-based intrusion detection system in SOME/IP and performs six attacks to confirm the performance of the intrusion detection system.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.19-25
• /
• 2023

The current network environment provides a real-time interactive service from an initial one-way information prov ision service. Depending on the form of web-based information sharing, it is possible to provide various knowledge a nd services between users. However, in this web-based real-time information sharing environment, cases of damage by illegal attackers who exploit network vulnerabilities are increasing rapidly. In particular, for attackers who attempt a phishing attack, a link to the corresponding web page is induced after actively generating a forged web page to a user who needs a specific web page service. In this paper, we analyze whether users directly and actively forge a sp ecific site rather than a passive server-based detection method. For this purpose, it is possible to prevent leakage of important personal information of general users by detecting a disguised webpage of an attacker who induces illegal webpage access using traceback information

• Smart Media Journal
• /
• v.13 no.5
• /
• pp.19-25
• /
• 2024

The biggest type of behavior that prevents people with developmental disabilities from entering society is aggressive behavior. Aggressive behavior can pose a threat not only to the personal safety of the person with a developmental disability, but also to the physical safety of others. In this study, we propose a wearable system using a low-power processor. The proposed system uses an IMU (Inertial Measurement Unit) to analyze user behavior, and when attack behavior is not detected for a certain period of time through an LED array attached to the developed system, an interesting LED is displayed. By expressing patterns, we provide behavioral intervention through compensation to people with developmental disabilities. In order to implement a system that must be worn for a long time in a power-limited environment, we present a method to optimize performance and energy consumption across all stages, from data preprocessing to AI model application.