• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.465-472
• /
• 2005

IEEE 802.11 wireless LAN technology is essential for wireless internet, next generation converged network and home network. But, it is certain that user's privacy must be provided to expand the applicable area in IEEE 802.11 WLAN. Recently, WEP and 802.11i security scheme can be used in MAC Layer. But with VPN technology which is applied to WLAN user, it means that suity mechanism is used redundantly. One bit authentication mechanism was already proposed to solve this redundancy. In this paper, we analyze problems of 1-bit Authentication mechanism which are failure of synchronization and waste of packet. And we propose new algorithm which synchronizes sender with receiver, at once, using duplicated-packet-count information. We show that our algorithm improves success probability of packet authentication up to $98\%$ and efficiency of authentication bit stream up to $97\%$.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.581-583
• /
• 2011

최근에 급격히 증가한 스마트폰의 사용자들이 이동중에도 안정적인 무선 네트워크를 이용하기 위해서는 핸드오프는 반드시 필요하다. 핸드오프를 위하여 기존에 연결되어 있는 AP(Access Point)와의 연결을 끊고 주변의 AP 를 스캐닝한 후 새로운 AP 로 재연결을 하는 과정을 거치게 된다. 이러한 과정 중에 본 논문에서는 스캐닝 단계에서 발생하는 문제점을 분석하고 이에 대한 개선방안으로 AP 의 신호세기와 스마트폰의 센서를 이용하여 사용자의 이동성을 고려하는 스캐닝 방식을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1010-1013
• /
• 2007

와이브로 서비스는 고속 이동 인터넷 환경 속에서 고속으로 무선 인터넷 서비스를 제공하는 기술이다. 기존의 무선인터넷 서비스와 달리 이동성을 제공한다는 점에서 차별화를 제공한다. 이렇게 이동하는 단말에게 양질의 데이터를 안전하게 전송하기 위해서는 보안기술이 중요한 요소로 작용한다. 서비스를 제공하기 전에 단말(Mobile Station)과 RAS(Radio Access Stations)간의 인증을 바탕으로 상호 키(TEK:Traffic Encryption Key)를 분배하고 TEK를 바탕으로 데이터를 암호화해서 전송하게 된다. 기존의 인증 프로토콜에서는 RAS에서 단독으로 키를 생성하는 방식이지만, 본 논문에서는 기존의 프로토콜의 문제점으로 지적된 Replay Attack에 대해 DH(Diffie-Hellman) 키 분배(Key Distribution) 방식을 적용하는 프로토콜을 제안함으로써 취약점에 대비 하였다. 이를 통해 RAS에 집중되는 키 생성에 대한 오버헤드를 단말에 분산 시킬 수 있다. 이로써 제안된 프로토콜을 사용해서 기존의 프로토콜을 사용했을 때보다 보안강도를 높일 수 있다.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.528-533
• /
• 2015

In the construction of USN environment, the implementation of a safe sensor network using wireless communications can be said to be the most important factor in the entire system. Although USN communication uses wireless communications to enhance accessability and non-contact capability, this results in the security vulnerability, thus endangering the system. In this regard, we propose a security protocol that can be effectively applied to USN, a multi-sensor network. The proposed protocol is a method using an individual chaotic system, and it is a security protocol to synchronize the main chaotic system mounted on each sensor and prepared key values into the initial values, and to communicate with the use of the synchronized values as symmetric keys. The communication protocol proposed in this paper is expected to yield good results as a new method to resolve security problems of USN and program capacity limitations of sensor nodes if subsequent studies continue to be carried out.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.501-505
• /
• 2006

다양하게 제공되고 있는 무선 네트워크 서비스를 통합하기 위한 보안 연동 기술 개발이 활발히 이루어지고 있다. 통합 보안 연동 기술을 위해 IETF에서 EAP-AKA(Extensible Authentication Protocol-Authentication and Key Agreement)[8]가 표준으로 제안되었지만 HN(Home Network)이 MS(Mobile Station)를 직접 인증하지 못하고 사용자의 permanent identity가 노출되는 등 여러 보안상의 문제점이 제기되고 있다. 또한 SN(Serving Network)이 필요로 하는 저장 공간이 너무 많고 SN과 HN 사이의 대역폭 낭비, 동기화 문제 등 효율성에 있어서도 문제점이 제기되고 있다. 이 논문에서는 개선한 AKA(Authentication and Key Agreement)[12] 프로토콜을 PEAP(Protected EAP)에 적용하여 기존 EAP-AKA보다 안전하고 효율적인 티켓기반의 프로토콜을 제안한다. 제안하는 프로토콜은 HN과 MS 간의 상호 인증을 보장하고 사용자의 permanent identity를 보호하여 안전하고, 계산량과 저장 공간에 있어 기존의 EAP-AKA보다 효율적이다.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.57-63
• /
• 2005

According to rapid development of computer and wired-wireless internet, information exchange of networking is growing. Also according as size of industry related e-commerce is bigger, it is Required the necessity of convenient user authentication system. So, the study of new authentication method to have a security and convenience is progressing systematically. Smart card of new authentication method overcome problem of established scheme. So it prospect that will be replaced One Card to have a high security and multi-function. In this papar, we suggest about the implementation of One Card System that the security of smart card and usable in all fields.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.12
• /
• pp.2293-2300
• /
• 2008

In ad-hoc sensor network, AODV routing information is disclosed to other nodes because AODV protocol doesn't have any security mechanisms. The problem of AODV is that an attacker can falsify the routing information in RREQ packet. If an attacker broadcasts the falsified packet, other nodes will update routing table based on the falsified one so that the path passing through the attacker itself can be considered as a shortest path. In this paper, we design the routing-information-spoofing attack such as falsifying source sequence number and hop count fields in RREQ packet. And we suggest an efficient scheme for detecting the attackers and isolating those nodes from the network without extra security modules. The proposed scheme doesn't employ cryptographic algorithm and authentication to reduce network overhead. We used NS-2 simulation to evaluate the network performance. And we analyzed the simulation results on three cases such as an existing normal AODV, AODV under the attack and proposed AODV. Simulation results using NS2 show that the AODV using proposed scheme can protect the routing-information-spoofing attack and the total n umber of received packets for destination node is almost same as the existing norm at AODV.

• The Journal of the Convergence on Culture Technology
• /
• v.8 no.2
• /
• pp.373-377
• /
• 2022

Wireless sensor networks are being used in various fields. Wireless sensor networks are applied in many areas, such as security, military detection, environmental management, industrial control, and home automation. There is a problem about the limit of energy that the sensor network basically has. In this paper, we propose the LEACH-CCBD (Low Energy Adaptive Clustering hierarchy - Centrailized with Cluster and Basestation Distance) algorithm that uses energy efficiently by improving network transmission based on LEACH-C among the representative routing protocols. The LEACH-CCBD algorithm is a method of assigning a cluster head to a cluster head by comparing the sum of the distance from the member node to the cluster distance and the distance from the cluster node to the base station with respect to the membership of the member nodes in the cluster when configuring the cluster. The proposed LEACH-CCBD used Matlab simulation to confirm the performance results for each protocol. As a result of the experiment, as the lifetime of the network increased, it was shown to be superior to the LEACH and LEACH-C algorithms.

• Journal of Internet Computing and Services
• /
• v.6 no.3
• /
• pp.107-119
• /
• 2005

The Mobile IP has evolved from providing mobility support for portable computers to support wireless handheld devices with high mobility patterns. The Mobile IP secures mobility, but does not guarantee security, In this paper, the Mobile IP has been adapted to allow AM protocol that supports authentication, authorization and accounting for authentication and collection of accounting information of network usage by mobile nodes, For this goal, we propose a new security handoff mechanism to intensify the Mobile IP security and to achieve fast handoff. In the proposed mechanism, we provide enough handoff achievement time to maintain the security of mobile nodes, According to the analysis of modeling result, the proposed mechanism composed the basic Mobile IP along with AM protocol is up to about $60\%$ better in terms of normalized surcharge for the handoff failure rate that considers handoff time.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.11
• /
• pp.1996-2001
• /
• 2006

Open System Authentication Method, Shared Key Method, Mac Based Authentication Method are very hard to use in wireless network that needs security. So now, many researches have been performed about 802.1x and user authentication method applying PKI. but certificate verification protocol has been used abolished list called CRL since it's first usage of PKI, there were still has a problem about distribution point. This paper applied CVS to use CA direct not to use CRL and OSCP server in order to improve this problems. Also It suggested the system that can make authentication steps more shorter using authentication server and Mutual authentication system by public certificate(small size/low speed wireless terminal can access to wireless network fast and safely)