• The Transactions of the Korea Information Processing Society
• /
• v.13 no.10
• /
• pp.481-491
• /
• 2024

Digital watermarking is a technique for embedding information into digital content. Digital watermarking has attracted attention as a technique to combat piracy and identify artificially generated content, but it is still not robust in various situations. In this paper, we propose a frequency conversion-based hierarchical watermarking technique capable of attack detection, error correction, and owner identification. By embedding attack detection and error correction signatures in hierarchical watermarking, the proposed scheme maintains invisibility and outperforms the existing methods in capacity and robustness. We also proposed a framework to evaluate the performance of the image quality and error correction according to the type of error correction signature and the number of signature embeddings. We compared the visual quality and error correction performance of the conventional model without error correction signature and the conventional model with hamming and BCH signatures. We compared the quality by the number of signature embeddings and found that the quality deteriorates as the number of embeddings increases but is robust to attacks. By analyzing the quality and error correction ability by error correction signature type, we found that hamming codes showed better error correction performance than BCH codes and 41.31% better signature restoration performance than conventional methods.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.64-77
• /
• 2009

A proxy re-encryption scheme allows Alice to temporarily delegate the decryption rights to Bob via a proxy. Alice gives the proxy a re-encryption key so that the proxy can convert a ciphertext for Alice into the ciphertext for Bob. Recently, ID-based proxy re-encryption schemes are receiving considerable attention for a variety of applications such as distributed storage, DRM, and email-forwarding system. And a non-interactive identity-based proxy re-encryption scheme was proposed for achieving CCA-security by Green and Ateniese. In the paper, we show that the identity-based proxy re-encryption scheme is unfortunately vulnerable to a collusion attack. The collusion of a proxy and a malicious user enables two parties to derive other honest users' private keys and thereby decrypt ciphertexts intended for only the honest user. To solve this problem, we propose two ID-based proxy re-encryption scheme schemes, which are proved secure under CPA and CCA in the random oracle model. For achieving CCA-security, we present self-authentication tag based on short signature. Important features of proposed scheme is that ciphertext structure is preserved after the ciphertext is re-encrypted. Therefore it does not lead to ciphertext expansion. And there is no limitation on the number of re-encryption.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.10 no.6
• /
• pp.580-586
• /
• 2017

The establishment of big data service environment requires both cloud-based network technology and clustering technology to improve the efficiency of information access. These cloud-based networks and clustering environments can provide variety of valuable information in real-time, which can be an intensive target of attackers attempting illegal access. In particular, attackers attempting IP spoofing can analyze information of mutual trust hosts constituting clustering, and attempt to attack directly to system existing in the cluster. Therefore, it is necessary to detect and respond to illegal attacks quickly, and it is demanded that the security policy is stronger than the security system that is constructed and operated in the existing single system. In this paper, we investigate routing pattern changes and use them as detection information to enable active correspondence and efficient information service in illegal attacks at this network environment. In addition, through the step-by -step encryption based on the routing information generated during the detection process, it is possible to manage the stable service information without frequent disconnection of the information service for resetting.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.113-120
• /
• 2018

Today, the development of information and communication technology is rapidly increasing the number of users of network-based service, and enables real-time information sharing among users on the Internet. There are various methods in the information sharing process, and information sharing based on portal service is generally used. However, the process of information sharing serves as a cause of illegal activities in order to amplify the social interest of the relevant stakeholders. Public opinion attack using macro function can distort normal public opinion, so security measures are urgent. Therefore, security measures are urgently needed. Macro attacks are generally defined as attacks in which illegal users acquire multiple IP or ID to manipulate public opinion on the content of a particular web page. In this paper, we analyze network path information based on traceback for macro attack of a specific user, and then detect multiple access of the user. This is a macro attack when the access path information for a specific web page and the user information are matched more than once. In addition, when multiple ID is accessed for a specific web page in the same region, it is not possible to distort the overall public opinion on a specific web page by analyzing the threshold count value.

• Journal of Internet Computing and Services
• /
• v.24 no.6
• /
• pp.107-117
• /
• 2023

It must be possible to assess how combat actions taking place in cyberspace affect the military's major mission systems and weapon systems. In order to analyze the mission impact caused by a cyber attack through cyber M&S, the target mission system and cyber warfare elements must be built as a model and a scenario for simulation must be authored. Many studies related to mission impact analysis due to cyber warfare have been conducted focusing on the United States, and existing studies have authored separate scenarios for physical battlefields and cyber battlefields. It is necessary to build a simulation environment that combines a physical battlefield model and a cyber battlefield model, and be able to integrate and author mission scenarios and cyber attack/defense scenarios. In addition, the physical battlefield and cyber battlefield are different work areas, so authoring two types of scenarios for simulation is very complicated and time-consuming. In this paper, we propose a method of using mission system information to prepare the data needed for scenario authoring in advance and using the pre-worked data to author an integrated scenario. The proposed method is being developed by reflecting it in the design of the scenario authoring tool, and an integrated scenario authoring in the field of counter-fire warfare is being performed to prove the proposed method. In the future, by using a scenario authoring tool that reflects the proposed method, it will be possible to easily author an integrated scenario for mission impact analysis in a short period of time.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.3
• /
• pp.1-7
• /
• 2020

With the increase in cyber attacks, automated IDS using machine learning is being studied. According to recent research, the IDS using the recursive learning model shows high detection performance. However, the simple application of the recursive model may be difficult to reflect the associated session characteristics, as the overlapping session environment may degrade the performance. In this paper, we designed the session management module and applied it to LSTM (Long Short-Term Memory) recursive model. For the experiment, the CSE-CIC-IDS 2018 dataset is used and increased the normal session ratio to reduce the association of mal-session. The results show that the proposed model is able to maintain high detection performance even in the environment where session relevance is difficult to find.

• Journal of Korea Multimedia Society
• /
• v.7 no.1
• /
• pp.80-90
• /
• 2004

Watermarking algorithm for 3D mesh model using EGI distribution of each patch is proposed. The proposed algorithm divides a 3D mesh model into 6 patches to have the robustness against the partial geometric deformation. Plus, it uses EGI distributions as the consistent factor that has the robustness against the topological deformation. To satisfy both geometric and topological deformation, the same watermark bits for each subdivided patch are embedded by changing the mesh normal vectors. Moreover, the proposed algorithm does not need not only the original mesh model but also the resampling process to extract the watermark. Experimental results verify that the proposed algorithm is imperceptible and robust against geometrical and topological attacks.

• Annual Conference of KIPS
• /
• 2022.05a
• /
• pp.432-435
• /
• 2022

최근 IT 산업의 지속적인 발전으로 사용자들을 위협하는 악성코드, 피싱, 랜섬웨어와 같은 사이버 공격 또한 계속해서 발전하고 더 지능화되고 있으며 변종 악성코드도 기하급수적으로 늘어나고 있다. 지금까지의 시그니처 패턴 기반의 탐지법으로는 이러한 방대한 양의 알려지지 않은 악성코드를 탐지할 수 없다. 따라서 CNN(Convolutional Neural Network)을 활용하여 악성코드를 탐지하는 기법들이 제안되고 있다. 이에 본 논문에서는 CNN 모델 중 낮은 인식 오류율을 지닌 모델을 선정하여 정확도(Accuracy)와 F1-score 평가 지표를 통해 비교하고자 한다. 두 가지의 악성코드 이미지화 방법을 사용하였으며, 2015 년 이후 ILSVRC 에서 우승을 차지한 모델들과, 추가로 2019 년에 발표된 EfficientNet 을 사용하여 악성코드 이미지를 분류하였다. 그 결과 2 바이트를 한 쌍의 좌표로 변환하여 생성한 256 * 256 크기의 악성코드 이미지를 ResNet-152 모델을 이용해 분류하는 것이 우수한 성능을 보임을 실험적으로 확인하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.877-879
• /
• 2002

본 논문에서는 HVS을 이용한 웨이브렛 패킷 기반 이미지 워터마킹 기법을 제안한다. 이미지를 주파수/공간 도메인 상에서 세부적으로 분해하기 위해 웨이브렛 패킷 분해방법을 선택했고 워터마크 삽입 후 사람 눈에 안보일 수 있도록 MTF를 참고하여 워터마크를 삽입하였다. 모든 서브 밴드에 랜덤 가우시안 백터에 의해 생성된 1000개의 워터마크를 골고루 삽입함으로써 견고성측면을 강화하였다. 실험 결과는 이런 비가시성과 가우시안 노이즈나 JPEG, 잘라내기등 여러 공격모델에 대해 견고성을 잘 보여주고 있다.

• Review of KIISC
• /
• v.27 no.3
• /
• pp.27-32
• /
• 2017

머신러닝을 위주로 하는 인공지능 기술이 여러 분야에서 다양하게 적용되고 있다. 머신러닝 기술은 시험 데이터에 대해 높은 성능을 보였지만, 악의적으로 만들어진 데이터에 대해서는 오동작을 하는 경우가 보고되고 있다. 그 외에도 학습데이터 오염시키기, 학습된 모델 탈취 등 새로운 공격 유형이 보고되고 있다. 기계학습에 사용된 훈련데이터에 대한 보안과 프라이버시 또한 중요한 이슈이다. 인공지능 기술의 개발 및 적용에 있어 이러한 위험성에 대한 고려와 대비가 반드시 필요하다.