• Title/Summary/Keyword: 공격 모델

Search Result 857, Processing Time 0.021 seconds

A Secure Authentication Model Using Two Passwords in Client Server Systems (클라이언트 서버 시스템 환경하에서 2개의 패스워드를 사용하는 안전한 인증 모델)

  • Lee, Jae-Woo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.3
    • /
    • pp.1350-1355
    • /
    • 2011
  • It is very important issues to protect many system resources using authorized client authentication in distributed client server systems. So it is not enough to prevent unauthorized opponents from attacking our systems that client authentication is performed using only the client's identifier and password. In this paper, we propose a secure authentication database modeling with two authentication keys such as a client authentication key and a server authentication key. The proposed authentication model can be used making high quality of computer security using two authentication keys during transaction processing. The two authentication keys are created by client and server, and are used in every request transaction without user's extra input. Using the proposed authentication keys, we can detect intrusion during authorized client's transaction processing because we can know intrusion immediately through comparing stored authentication keys in client server systems when hackers attack our network or computer systems.

Ensemble Model using Multiple Profiles for Analytical Classification of Threat Intelligence (보안 인텔리전트 유형 분류를 위한 다중 프로파일링 앙상블 모델)

  • Kim, Young Soo
    • The Journal of the Korea Contents Association
    • /
    • v.17 no.3
    • /
    • pp.231-237
    • /
    • 2017
  • Threat intelligences collected from cyber incident sharing system and security events collected from Security Information & Event Management system are analyzed and coped with expanding malicious code rapidly with the advent of big data. Analytical classification of the threat intelligence in cyber incidents requires various features of cyber observable. Therefore it is necessary to improve classification accuracy of the similarity by using multi-profile which is classified as the same features of cyber observables. We propose a multi-profile ensemble model performed similarity analysis on cyber incident of threat intelligence based on both attack types and cyber observables that can enhance the accuracy of the classification. We see a potential improvement of the cyber incident analysis system, which enhance the accuracy of the classification. Implementation of our suggested technique in a computer network offers the ability to classify and detect similar cyber incident of those not detected by other mechanisms.

A Collusion-secure Fingerprinting Scheme for Three-dimensional Mesh Models (삼차원 메쉬 모델에 적용한 공모방지 핑거프린팅 기법)

  • Hur, Yung;Jeon, Jeong-Hee;Ho, Yo-Sung
    • Journal of the Institute of Electronics Engineers of Korea CI
    • /
    • v.41 no.4
    • /
    • pp.113-123
    • /
    • 2004
  • This paper presents a new collusion-secure fingerprinting scheme to embed fingerprints into three-dimensional(3-D) mesh models efficiently. In the proposed scheme, we make the same number of fingerprints as the number of customers based on the finite projective geometry, partition a 3-D mesh model related to the number of bits assigned to each fingerprint and then embed a watermark representing copyright information into each submesh to be marked. Considering imperceptibility and robustness of the watermarking algorithm we embed the watermark signal into mid-frequency DCT coefficients obtained by transforming vertex coordinates in the triangle strips which are generated from the submeshes to be marked. Experimental results show that our scheme is robust to additive random noises, MPEG-4 SNHC 3-D mesh coding, geometrical transformations, and fingerprint attacks by two traitors' collusion. In addition, we can reduce the number of bits assigned to each fingerprint significantly.

Robust 3D Hashing Algorithm Using Key-dependent Block Surface Coefficient (키 기반 블록 표면 계수를 이용한 강인한 3D 모델 해싱)

  • Lee, Suk-Hwan;Kwon, Ki-Ryong
    • Journal of the Institute of Electronics Engineers of Korea CI
    • /
    • v.47 no.1
    • /
    • pp.1-14
    • /
    • 2010
  • With the rapid growth of 3D content industry fields, 3D content-based hashing (or hash function) has been required to apply to authentication, trust and retrieval of 3D content. A content hash can be a random variable for compact representation of content. But 3D content-based hashing has been not researched yet, compared with 2D content-based hashing such as image and video. This paper develops a robust 3D content-based hashing based on key-dependent 3D surface feature. The proposed hashing uses the block surface coefficient using shape coordinate of 3D SSD and curvedness for 3D surface feature and generates a binary hash by a permutation key and a random key. Experimental results verified that the proposed hashing has the robustness against geometry and topology attacks and has the uniqueness of hash in each model and key.

Electronic Signature Model and Application of Security Server System using Identity Information (식별정보를 이용한 보안서버시스템의 전자서명 모델 및 응용)

  • Kim Young-Soo;Shin Seung-Jung
    • The KIPS Transactions:PartC
    • /
    • v.12C no.2 s.98
    • /
    • pp.169-174
    • /
    • 2005
  • Electronic signature system is required to be used in the promotion of the e-Commerce. Because the application system for electronic signature system has inconvenience and vulnerability of security, users are reluctant to use it. Therefore, the electronic signature system should give a guarantee of convenience and security. In this paper, we propose server-based application model, which uses identity information and makes users access transparently to solve electronic signature problems. We also design and verify electronic signature system that reduces threats to security, which cause server attack by distributing the part of signature key to both server and client. The application model with lightweight server system based on the electronic signature system is expected to be used in the promotion of the e-Commerce and help to make its business more efficient and competitive.

A Study on a Differentially Private Model for Financial Data (금융 데이터 상에서의 차분 프라이버시 모델 정립 연구)

  • Kim, Hyun-il;Park, Cheolhee;Hong, Dowon;Choi, Daeseon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.6
    • /
    • pp.1519-1534
    • /
    • 2017
  • Data de-identification is the one of the technique that preserves individual data privacy and provides useful information of data to the analyst. However, original de-identification techniques like k-anonymity have vulnerabilities to background knowledge attacks. On the contrary, differential privacy has a lot of researches and studies within several years because it has both strong privacy preserving and useful utility. In this paper, we analyze various models based on differential privacy and formalize a differentially private model on financial data. As a result, we can formalize a differentially private model on financial data and show that it has both security guarantees and good usefulness.

An Adaptive Anomaly Detection Model Design based on Artificial Immune System in Central Network (중앙 집중형 망에서 인공면역체계 기반의 적응적 망 이상 상태 탐지 모델 설계)

  • Yoo, Kyoung-Min;Yang, Won-Hyuk;Lee, Sang-Yeol;Jeong, Hye-Ryun;So, Won-Ho;Kim, Young-Chon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.3B
    • /
    • pp.311-317
    • /
    • 2009
  • The traditional network anomaly detection systems execute the threshold-based detection without considering dynamic network environments, which causes false positive and limits an effective resource utilization. To overcome the drawbacks, we present the adaptive network anomaly detection model based on artificial immune system (AIS) in centralized network. AIS is inspired from human immune system that has learning, adaptation and memory. In our proposed model, the interaction between dendritic cell and T-cell of human immune system is adopted. We design the main components, such as central node and router node, and define functions of them. The central node analyzes the anomaly information received from the related router nodes, decides response policy and sends the policy to corresponding nodes. The router node consists of detector module and responder module. The detector module perceives the anomaly depending on learning data and the responder module settles the anomaly according to the policy received from central node. Finally we evaluate the possibility of the proposed detection model through simulation.

Real-time security Monitroing assessment model for cybersecurity vulnera bilities in network separation situations (망분리 네트워크 상황에서 사이버보안 취약점 실시간 보안관제 평가모델)

  • Lee, DongHwi;Kim, Hong-Ki
    • Convergence Security Journal
    • /
    • v.21 no.1
    • /
    • pp.45-53
    • /
    • 2021
  • When the security monitoring system is performed in a separation network, there is little normal anomaly detection in internal networks or high-risk sections. Therefore, after the establishment of the security network, a model is needed to evaluate state-of-the-art cyber threat anomalies for internal network in separation network to complete the optimized security structure. In this study, We evaluate it by generating datasets of cyber vulnerabilities and malicious code arising from general and separation networks, It prepare for the latest cyber vulnerabilities in internal network cyber attacks to analyze threats, and established a cyber security test evaluation system that fits the characteristics. The study designed an evaluation model that can be applied to actual separation network institutions, and constructed a test data set for each situation and applied a real-time security assessment model.

Behavior and Script Similarity-Based Cryptojacking Detection Framework Using Machine Learning (머신러닝을 활용한 행위 및 스크립트 유사도 기반 크립토재킹 탐지 프레임워크)

  • Lim, EunJi;Lee, EunYoung;Lee, IlGu
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.6
    • /
    • pp.1105-1114
    • /
    • 2021
  • Due to the recent surge in popularity of cryptocurrency, the threat of cryptojacking, a malicious code for mining cryptocurrencies, is increasing. In particular, web-based cryptojacking is easy to attack because the victim can mine cryptocurrencies using the victim's PC resources just by accessing the website and simply adding mining scripts. The cryptojacking attack causes poor performance and malfunction. It can also cause hardware failure due to overheating and aging caused by mining. Cryptojacking is difficult for victims to recognize the damage, so research is needed to efficiently detect and block cryptojacking. In this work, we take representative distinct symptoms of cryptojacking as an indicator and propose a new architecture. We utilized the K-Nearst Neighbors(KNN) model, which trained computer performance indicators as behavior-based dynamic analysis techniques. In addition, a K-means model, which trained the frequency of malicious script words for script similarity-based static analysis techniques, was utilized. The KNN model had 99.6% accuracy, and the K-means model had a silhouette coefficient of 0.61 for normal clusters.

A Study on Effective Interpretation of AI Model based on Reference (Reference 기반 AI 모델의 효과적인 해석에 관한 연구)

  • Hyun-woo Lee;Tae-hyun Han;Yeong-ji Park;Tae-jin Lee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.3
    • /
    • pp.411-425
    • /
    • 2023
  • Today, AI (Artificial Intelligence) technology is widely used in various fields, performing classification and regression tasks according to the purpose of use, and research is also actively progressing. Especially in the field of security, unexpected threats need to be detected, and unsupervised learning-based anomaly detection techniques that can detect threats without adding known threat information to the model training process are promising methods. However, most of the preceding studies that provide interpretability for AI judgments are designed for supervised learning, so it is difficult to apply them to unsupervised learning models with fundamentally different learning methods. In addition, previously researched vision-centered AI mechanism interpretation studies are not suitable for application to the security field that is not expressed in images. Therefore, In this paper, we use a technique that provides interpretability for detected anomalies by searching for and comparing optimization references, which are the source of intrusion attacks. In this paper, based on reference, we propose additional logic to search for data closest to real data. Based on real data, it aims to provide a more intuitive interpretation of anomalies and to promote effective use of an anomaly detection model in the security field.