• The KIPS Transactions:PartD
• /
• v.9D no.6
• /
• pp.1063-1070
• /
• 2002

With a remarkable growth and expansion of Internet, the security issues emerged from intrusions and attacks such as computer viruses, denial of services and hackings to destroy information have been considered as serious threats for Internet and the private networks. To protect networks from intrusions and attacks, many vendors have developed various security systems such as firewalls and intrusion detection systems. However, managing these systems individually demands too much work and high cost. Thus, integrated and autonomous security management for various security products has become more important. In this paper, we present the architecture of the WISMSF (Web-based Integrated Security Management System for Firewalls) and the merits of centralized approach for managing heterogeneous firewalls and implement the prototype of the central policy database that is a component of the WISMSF engine. The WISMSF engine supports an integrated view for policies, the integrity of polities and the easy recovery and addition of policies. And also, we define the policy conflicts of WISMSF and present the policy recovery process to support to the policies consistence.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1597-1605
• /
• 2015

Password authenticated key exchange (PAKE) is a protocol that a client stores its password to a server, authenticates itself using its password and shares a session key with the server. In multi-server PAKE, a client splits its password and stores them to several servers separately. Unless all the servers are compromised, client's password will not be disclosed in the multi-server setting. In attribute-based encryption (ABE), a sender encrypts a message M using a set of attributes and then a receiver decrypts it using the same set of attributes. In this paper, we introduce multi-server PAKE protocol that utilizes a set of attributes of ABE as a client's password. In the protocol, the client and servers do not need to create additional public/private key pairs because the password is used as a set of public keys. Also, the client and the servers exchange only one round-trip message per server. The protocol is secure against dictionary attacks. We prove our system is secure in a proposed threat model. Finally we show feasibility through evaluating the execution time of the protocol.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.3
• /
• pp.35-45
• /
• 2013

MANET has a weak point because it allows access from not only legal nodes but also illegal nodes. Most of the MANET researches had been focused on attack on routing path or packet forwarding. Nevertheless, there are insuffcient studies on a comprehensive approach to detect various attacks on malicious nodes at packet forwarding processes. In this paper, we propose a technique, named DTecBC (detection technique of malicious node behaviors based on collaboration), which can handle more effciently various types of malicious node attacks on MANET environment. The DTecBC is designed to detect malicious nodes by communication between neighboring nodes, and manage malicious nodes using a maintain table. OPNET tool was used to compare with Watchdog, CONFIDANT, SRRPPnT for verifying effectiveness of our approach. As a result, DTecBC detects various behaviors of malicious nodes more effectively than other techniques.

• Journal of KIISE
• /
• v.43 no.4
• /
• pp.497-508
• /
• 2016

With a cloud storage service, data owners can easily access their outsourced data in cloud storage on different devices and at different locations, and can share their data with others. However, as the users no longer physically have possession of their outsourced data and the cloud still facing the existence of internal/external threats, the task of checking the data integrity is formidable. Over recent years, numerous schemes have been proposed to ensure data integrity in an untrusted cloud. However, the existing public auditing schemes use a third-party auditor(TPA) to execute high computation to check data integrity and may still face many security threats. In this paper, we first demonstrate that the scheme proposed by Zhang et al. is not secure against our two threat models, and then we propose a self-certified public auditing scheme to eliminate the security threats and guarantee a constant communication cost. Moreover, we prove the securities of our public auditing scheme under three security models.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.3
• /
• pp.35-41
• /
• 2015

In order to solve the problems that fingerprinting technologies and image identification technologies for digital music and videos identification scanned have not yet been enough to identify scanned cartoon books, the copyright project granted from the Korea Copyright Commission(Project title: Identification and Copy Protection Technology of Scanned Text/Comic Books) secured basic solutions for scanned cartoon books. The first result of the research project in 2013 was focused on the identification technology applied to abnormally scanned cartoon books. As subsequent research for the project, studies in the year of 2014 has been to provide solutions to identify cartoon books which abnormally scanned and occurred with transformations and distortions and solutions to protect the system from trials to devitalize functions of the identification system through various attacks. This paper is to propose a model for a system for identifying abnormally scanned cartoon books as a way of enhancing the identification rates for identifying abnormal bookscans and transformation attacks.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.5
• /
• pp.477-486
• /
• 2010

This Study suggests security directions to reconstruct separate network of Smart Grid and information communication network as one communications system and implement Smart Grid integrated information communication network. In addition, it suggests prevention directions to prevent future cyber attacks by reorganizing network as the key three-stage network and separating TCP/IP four layers that consist of existing information communication network from Smart Grid. Moreover, it suggests the foundation for the study and the test by providing current problems of Smart Grid, weak points, and three security models. This study is meaningful to suggest development directions and situations as a technology of future-oriented electric industries, integrate attacks and preventions of TCP/IP Layers with Smart Grid, and seek for a new technology of Smart Grid and future tasks for Smart Grid information security.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.71-79
• /
• 2019

The demand of smart cars is increasing rapidly. International stand organize such as 3GPP and 5GAA are proposing standard communication protocvols for connected-car, and automotive network infrastructure. But Smart car network have many security threats and more dangerous against the existed wire communication network. Typically, peripheral devices of a smart car may disguise their identity and steal location information and personal information about the vehicle. In addition, the infrastructure elements around smart cars can conspire and put driving cars in danger, threatening lives. This is a very serious security threat. Therefore, in order to solve these problems, we proposed a system that is secure from collusion and tampering attacks using attribute-based authorize delegation method and threshold encryption algorithms. We have demonstrated using a semantic safety model that the proposed system can be safe from collusion attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.3
• /
• pp.563-577
• /
• 2017

Due to the Internet and computing capability, new and variant malware are discovered around 1 Million per day. Companies use dynamic analysis such as behavior analysis on virtual machines for unknown malware detection because attackers use unknown malware which is not detected by signature based AV effectively. But growing number of malware types are not only PE(Portable Executable) but also non-PE such as MS word or PDF therefore dynamic analysis must need more resources and computing powers to improve detection effectiveness. This study elicits the pre-filtering system evaluation factor to improve effective dynamic malware analysis system and presents and verifies the decision making model and the formula for solution selection using AHP(Analytics Hierarchy Process)

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.347-356
• /
• 2009

In an RFID search protocol, a reader uses designated query to determine whether a specific tag is in the vicinity of the reader. This fundamental difference makes search protocol more vulnerable to replay attacks than authentication protocols. Due to this, techniques used in existing RFID authentication protocols may not be suitable for RFID search protocols. In this paper, we propose two RFID search protocols, one based on static ID and the other based on dynamic ID, which use counter to prevent replay attacks. Moreover, we propose a security model for RFID search protocols that includes forward/backward traceability, de-synchronization and forgery attack. Based on this model, we analyze security of our protocols and related works.

• Journal of Broadcast Engineering
• /
• v.13 no.2
• /
• pp.251-260
• /
• 2008

In this paper, we present two verifier-based multi-party PAKE (password-authenticated key exchange) protocols. The shared key can be used for secure content transmission. The suggested protocols are secure against server compromise attacks. Our first protocol is designed to provide forward secrecy and security against known-key attacks. The second protocol is designed to additionally provide key secrecy against the server which means that even the server can not know the session keys of the users of a group. The suggested protocols have a constant number of rounds are provably secure in the standard model. To the best of our knowledge, the proposed protocols are the first secure multi-party PAKE protocols against server compromise attacks in the literature.