• Korean Security Journal
• /
• no.62
• /
• pp.347-367
• /
• 2020

Rapid advancement of technology in today's society has allowed for easy access and use of data, promoting the process of informationization. Along with the merits of such development, unintended consequences of security risks involving wiretapping have been increasing as well. The security threats posed by wiretapping technology must be addressed by every organization and individual, as it could be used to leak confidential information about the nation's security, military and diplomatic strategies, industrial technologies, and personal information. Despite increasing threats stemming from the surrounding nations using advanced wiretapping technology, there is a lack of awareness at the government level, and the existing security measures for detecting and counteracting the wiretapping equipment are ineffective. In this research, the authors offered technical suggestions for improving the security strategies against the threats of wiretapping and information leakage by conducting a content analysis. The authors suggested the units of an agency be assigned a security grade based on its importance, and that adequate security equipment should be operated according to the grade. For instance, around-the-clock surveillance is recommended for grade-1 facilities, and portable wiretapping equipment detectors should be used to protect conference rooms and other key sites.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.829-838
• /
• 2015

As the number of smartphone users have increased, many kinds of malwares have emerged. Unlike existing malwares, spyware can be installed normally after user authentication and agreement according to security policy. For this reason, it is not easy to catch spywares involving harmful functionalities to users by using existing malware detection system. Therefore, our paper focuses on study about detecting mainly wiretapping spywares among them by developing a new wiretapping detection model and application. Specifically, this study conducts to find out power consumption on each application and modular and network consumption to detect voice wiretapping so Open Source Project Power Tutor is used to do this. The risk assessment of wiretapping is measured by gathered all power consumption data from Open Source Project Power Tutor. In addition, developed application in our study can detect at-risk wiretapping spyware through collecting and analyzing data. After we install the application to the smartphone, we collect needed data and measure it.

• The Proceeding of the Korean Institute of Electromagnetic Engineering and Science
• /
• v.11 no.4
• /
• pp.83-88
• /
• 2000

전자전이란 적의 지휘.통제.통신 및 전자 무기 체계의 기능을 마비시키고 적의 전자전 활동으로부터 아군의 무기 체계를 보호하는 제반 활동으로 설명할 수 있다. 통신 신호에 대한 전자전은 주로 VHF~UHF 주파수 대역의 전술 무선 통신에 대해 수행하며, 첩보의 이득을 가지기 위해 적의 통신 내용을 도청하는 통신 감청, 적의 통신을 마비시키는 전자 공격, 적 통신소 및 적 통신원의 위치를 탐지하는 방향 탐지 등 여러 분야가 있다. 그 중 한 분야인 방향 탐지에서 얻어지는 정보는 적 통신소의 방향에 대한 정보를 제공하여 전자 공격에 도움을 주며, 적 통신원 발생 위치를 파악 및 추적할 수 있다. 본 논문에서는 전파 신호원의 위치를 측정하는 시스템의 개발 방안을 살펴보고 전파 신호원의 위치 측정에 중요한 요소인 전파의 도래 방향 및 전파의 발생 위치 측정 방안을 설명하였다.

• Review of KIISC
• /
• v.32 no.4
• /
• pp.7-17
• /
• 2022

운전자 보조 시스템을 통한 차량의 전자적인 제어를 위하여, 최근 차량에 탑재된 전자 제어 장치 (ECU; Electronic Control Unit)의 개수가 급증하고 있다. ECU는 효율적인 통신을 위해서 차량용 내부 네트워크인 CAN(Controller Area Network)을 이용한다. 하지만 CAN은 기밀성, 무결성, 접근 제어, 인증과 같은 보안 메커니즘이 고려되지 않은 상태로 설계되었기 때문에, 공격자가 네트워크에 쉽게 접근하여 메시지를 도청하거나 주입할 수 있다. 악의적인 메시지 주입은 차량 운전자 및 동승자의 안전에 심각한 피해를 안길 수 있기에, 최근에는 주입된 메시지를 식별하기 위한 침입 탐지 시스템(IDS; Intrusion Detection System)에 대한 연구가 발전해왔다. 특히 최근에는 AI(Artificial Intelligence) 기술을 이용한 IDS가 다수 제안되었다. 그러나 제안되는 기법들은 특정 공격 데이터셋에 한하여 평가되며, 각 기법에 대한 탐지 성능이 공정하게 평가되었는지를 확인하기 위한 평가 프레임워크가 부족한 상황이다. 따라서 본 논문에서는 machine learning/deep learning에 기반하여 제안된 차랑용 IDS 5가지를 선정하고, 기존에 공개된 데이터셋을 이용하여 제안된 기법들에 대한 비교 및 평가를 진행한다. 공격 데이터셋에는 CAN의 대표적인 4가지 공격 유형이 포함되어 있으며, 추가적으로 본 논문에서는 메시지 주기 유형을 활용한 공격 유형을 제안하고 해당 공격에 대한 탐지 성능을 평가한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.681-691
• /
• 2024

In recent decades, research and development in the field of industrial robotics, such as an unmanned ground vehicle (UGV) and an unmanned aerial vehicle (UAV), has been significant progress. In these advancements, it is important to use middleware, which facilitates communication and data management between different applications, and various industrial communication middleware protocols have been released. The robot operating system (ROS) is the most widely adopted as the main platform for robot system development among the communication middleware protocols. However, the ROS is known to be vulnerable to various cyber attacks, such as eavesdropping on communications and injecting malicious messages, because it was initially designed without security considerations. In response, numerous studies have proposed countermeasures to ROS vulnerabilities. In particular, some work has been proposed on generating ROS datasets for intrusion detection systems (IDS), but there is a lack of research in this area. In this paper, in order to contribute to improving the performance of ROS IDSs, we propose a new type of attack scenario that can occur in the ROS and build ROS attack datasets collected from a real robot system and make it available as an open dataset.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.41-48
• /
• 2018

Until now, various studies on anti-phishing have been conducted. The most typical anti-phishing method is a method of collecting URL information of a phishing site in advance and then detecting phishing by comparing the URL of the visited site with the previously stored information. However, this blacklist-based anti-phishing method can not detect new phishing sites. For this reason, various anti-phishing authentication protocols have been proposed. but these protocols require a public key and a private key. In this paper, we propose a password-based mutual authentication protocol that is safe for phishing attacks. In the proposed protocol, the mutual authentication between the client and the server is performed through the authentication message including the password information. The proposed protocol is safe to eavesdropping attack because the authentication message uses the hash value of the password, not the original password, And it is safe to replay attack because different messages are used every time of authentication. In addition, since mutual authentication is performed, it is safe for man-in-the-middle attack. Finally, the proposed protocol does not require a key issuance process for authentication.

• Journal of Internet of Things and Convergence
• /
• v.7 no.1
• /
• pp.9-19
• /
• 2021

The data mining design incorporated with big data based cloud computing system is investigated for the nuclear terrorism prevention where the conventional physical protection system (PPS) is modified. The networking of terror related bodies is modeled by simulation study for nuclear forensic incidents. It is needed for the government to detect the terrorism and any attempts to attack to innocent people without illegal tapping. Although the mathematical algorithm of the study can't give the exact result of the terror incident, the potential possibility could be obtained by the simulations. The result shows the shape oscillation by time. In addition, the integration of the frequency of each value can show the degree of the transitions of the results. The value increases to -2.61741 in 63.125th hour. So, the terror possibility is highest in later time.

• Journal of Digital Convergence
• /
• v.10 no.10
• /
• pp.325-332
• /
• 2012

Due to its communication vulnerability resulting in a range of problems, e.g. eavesdropping, information exposure, traffic analysis and spoofing, RFID system becomes the target of attackers. Accordingly, many investigators have proposed various protocols to the extent of theorem proving or verification as the implementation is challenging. This paper thus proposes a safe RFID security protocol using public keys, session keys, hashes, XORs, and random numbers. Timestamps and hashes are applied to the most vulnerable section between readers and tags to detect attacks in attack signals with time difference. Also, to prevent tag information from being exposed in the last session, hash operation is adopted before communication. Finally, in this paper, we designed a RFID security protocol using public and session keys applicable to real systems and verified the security of the proposed protocol with a differentiated formal verification technique.