• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1185-1195
• /
• 2014

Domestic and international CERTs are carrying out security monitoring and response services based on security devices for intrusion incident prevention and damage minimization of the organizations. However, the security monitoring and response service has a fatal limitation in that it is unable to detect unknown attacks that are not matched to the predefined signatures. In recent, many approaches have adopted the darknet technique in order to overcome the limitation. Since the darknet means a set of unused IP addresses, no real systems connected to the darknet. Thus, all the incoming traffic to the darknet can be regarded as attack activities. In this paper, we present a collection and analysis method of malicious URLs based on darkent traffic for advanced security monitoring and response service. The proposed method prepared 8,192 darknet space and extracted all of URLs from the darknet traffic, and carried out in-depth analysis for the extracted URLs. The analysis results can contribute to the emergence response of large-scale cyber threats and it is able to improve the performance of the security monitoring and response if we apply the malicious URLs into the security devices, DNS sinkhole service, etc.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.497-508
• /
• 2004

The existing wireless LAN standard IEEE802.11b has many vulnerabilities from security point of view. The authentication mechanisms in IEEE802.11b have many vulnerabilities. As a result to complement the weak of IEEE802.11b authentication, the IEEE802.1x had been developed in the sense of providing strong user authentication with appropriate mechanism. But this mechanism does not perform AP authentication and there are also some weak points. And in confidentiality and message Integrity case, WEP is weak from key stream reuse attack, IV reuse attack and so on. For that reason, in this paper we propose secure wireless LAN system. Our system provides strong user authentication, confidentiality, and message integrity based on existing IEEE802.1x framework and TLS.

• The KIPS Transactions:PartC
• /
• v.17C no.4
• /
• pp.361-370
• /
• 2010

OTP(One Time Password) is a user authentication using secure mechanism to authenticate each other in a way to generate a password, an attacker could intercept the password to masquerade as legitimate users is a way to prevent attacks. The OTP can be implemented as H/W or S/W. Token and card type OTP, implemented as H/W, is difficult to popularize because of having problem with deployment and usability. As a way to replace it implemented as S/W on Mobile or PC is introduced. However, S/W products can be target of malicious attacks if S/W products have vulnerability of implementation. In fact, FSA said the OTP implemented on a mobile have vulnerability of implementation. However, the OTP implemented on a PC have no case about analysis of vulnerability. So, in this paper derive security review and vulnerabilities analysis of implemented on a PC.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.981-992
• /
• 2004

The established NEIS has a lot of problems in the management of security. It does not realize access control in following authority because it only uses PKI certification in user certification and the use of central concentration DBMS and plain text are increased hacking possibility in NEIS. So, This paper suggests a new NEIS for the secure management of data and authority certification. First, we suggest the approached authority in AC pf PMI and user certification in following the role, RBAC. Second, we realize DB encryption plan by digital signature for the purpose of preventig DB hacking. Third, we suggest SQL counterfeit prevention by one-way hash function and safe data transmission per-formed DB encryption by digital signature.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.27-34
• /
• 2006

In the near future, people will wish to access many kinds of heterogeneous networks to use their services anytime and anywhere. Owing to the heterogeneity of networks, there must be many kinds of protocols to guarantee secure services. The mobile device can depend in a middleware for accessing services in the heterogeneous networks and the middleware helps the mobile device to communicate with services without blowing concrete protocols. If a secure channel is necessary, the middleware may access a private key in the mobile device to perform a security protocol. In this paper, we focus on the security of a private key in the mobile device against malicious middlewares. To do so, we introduce two models for a user to protect his/her private key against malicious middlewares by generating authentication data(e.g., digital signatures) without keeping the private key in the mobile device.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.109-115
• /
• 2008

As a new facet of international security realm in 21C, Information Warfare(IW) has rised new way of warfare and demostrated its efficiency in battelfield. With the rapid development of information technology, indeed, it is difficult to estimate the future of IW. While there are a lot of discussion on the clear concep of IW, it is clear that IW has the factor of psychological warfare, so-called cyber psychological warfare. Considering the security environment of Republic of Korea(ROK), the cyber psychological warfare has the significant importance for national security. While it has to deal with the cyber psychological warfare of North Korea, it also try to cope with the various threaten of international conflicts to protect Korean people and national interest.

• The Journal of the Korea Contents Association
• /
• v.6 no.11
• /
• pp.225-234
• /
• 2006

In this paper, we design a combined security processor, ECC, MD-5, and AES, as a SIP for cryptography of securing contents. Each SIP is modeled and designed in VHDL and implemented as a reusable macro through logic synthesis, simulation and FPGA verification. To communicate with an ARM9 core, we design a BFM(Bus Functional Model) according to AMBA AHB specification. The combined security SIP for a platform-based SoC is implemented by integrating ECC, AES and MD-5 using the design kit including the ARM9 RISC core, one million-gate FPGA. Finally, it is fabricated into a MPW chip using Magna chip $0.25{\mu}m(4.7mm{\times}4.7mm$) CMOS technology.

• Convergence Security Journal
• /
• v.18 no.5_2
• /
• pp.35-41
• /
• 2018

The Army has developed the concept of terrestrial warfare in conjunction with the Joint Concept and has introduced TICN as the base communication system to support it. TICN has been used to improve the transmission speed and to increase the coverage distance. Through this, TICN is making efforts to create network-centered operation environment so that information can be distributed in real time or near real time from the monitoring system to the hitting system. However, TICN is not enough to overcome the network limitations that may arise from various contingencies in battlefield situations. Therefore, in this paper, we investigated the limitations of communication according to the situations that can occur in the battlefield situation and studied the considerations to overcome them.

• Convergence Security Journal
• /
• v.22 no.2
• /
• pp.131-141
• /
• 2022

Future battlefield domains are expanding to ground, sea, air, space, and cyber, so future military operations are expected to be carried out simultaneously and complexly in various battlefield domains. In addition, the application of convergence technologies that create innovations in all fields of economy, society, and defense, such as artificial intelligence, IoT, and big data, is being promoted. However, since the current Korean military C4I system manages warfighting function DBs in one DB server, the efficiency of combat performance is reduced utilization and distribution speed of data and operation response time. To solve this problem, research is needed on how to apply the 4th industrial revolution technologies such as AI, IoT, 5G, big data, and cloud to the Korean military C4I system, but research on this is insufficient. Therefore, this paper analyzes the problems of the current Korean military C4I system and proposes to apply the 4th industrial revolution technology in terms of operational mission, network and data link, computing environment, cyber operation, interoperability and interlocking capabilities.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.10C
• /
• pp.1011-1022
• /
• 2006

WSN(Wireless Sensor Network) performs to detect and collect environmental information for one purpose. The WSN is composed of a sink node and several sensor nodes and has a constraint in an aspect of energy consumption caused by limited battery resource. So many required mechanisms in WSN should consider the remaining energy condition. To deploy WSN, tile collected information is required to protect from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. we propose asynchronized key management considering energy efficiency over WSN. The proposed key management is focused on independence and difference of the keys used to deliver the information over several routes over the network, so disclosure of any key does not results in exposure of total key information over the overall WSN. Also, we use hash function to update key information for energy efficiency Periodically. We define the insecurity for requested security Properties and Proof that the security properties are guaranteed. Also, we evaluate and analyze the energy efficiency for the proposed mechanism.