• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.115-124
• /
• 2008

In vehicular networks, vehicles should be able to authenticate each other to securely communicate with network-based infrastructure, and their locations and identifiers should not be exposed from the communication messages. however, when an accident occurs, the investigating authorities have to trace down its origin. As vehicles communicate not only with RSUs(Road Side Units) but also with other vehicles, it is important to minimize the number of communication flows among the vehicles while the communication satisfies the several security properties such as anonymity, authenticity, and traceability. In our paper, when the mutual authentication protocol is working between vehicles and RSUs, the protocol offers the traceability with privacy protection using pseudonym and MAC (Message Authentication Code) chain. And also by using MAC-chain as one-time pseudonyms, our protocol does not need a separate way to manage pseudonyms.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.1
• /
• pp.49-57
• /
• 2016

Recently, marine accidents such as the sinking accident Mongol freighter ship and the sinking accident of Sewol ferry in Jindo continuously happen. In order to decrease the number of these marine accidents, Korean ships are obliged to follow the AIS(Automatic Identification System) system. The AIS protocol includes all information for sailing ships. However, the standard AIS protocol does not provide any security function, In addition, it is possible to hijack the standard AIS protocol in case of using a satellite communication device called FUNcuve Dongle Pro+. Therefore, this paper analyzes weak points of the security in the standard AIS protocol. Furthermore, this paper ensures reliability by marking the MAC Address of sender and receiver for secure communication and suggests the protocol that can securely send data, using the VPN Tunnelling method. Therefore, the suggested AIS protocol provides the secure communication to the AIS protocol and protect the messages in the AIS protocol, which can serve safe voyages by decreasing the marine accidents.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.05a
• /
• pp.1077-1079
• /
• 2008

본 논문에서는 침해사고 발생시 신속하고 정확한 대응을 위하여 컴퓨터 포렌식을 이해하고 이 기법을 활용하여 침해사고 발생시 침해정보와 흔적을 수집, 분석할 수 있는 클라이언트/서버 환경에서의 실시간 침해사고 대응 시스템 구조의 설계 제안하였다. 제안된 시스템의 하드웨어 적용 범위는 특별한 제약을 주지 않고, 구내망이 구축된 시설, 즉 기업이나 기관에 모두 적용될 수 있도록 하였다. 또한 소프트웨어 환경은 윈도우를 기반으로 하고, 통신 환경으로는 인터넷 환경을 지원하기 위하여 TCP/IP Winsock 프로토콜을 채택하였다. 이상과 같은 조건을 만족하고, LAN 상의 서버에 이 시스템을 설치 하여 네트워크 내에 있는 모든 컴퓨터를 감시, 제어하고 효율적으로 관리할 수 있도록 하여 기업내 침해사고에 빠르게 대처할 수 있게 하였다.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.05a
• /
• pp.98-99
• /
• 2023

In the maritime digital forensic part, it is very important and difficult process that analysis of data and information with vessel navigation system's binary log data for situation awareness of maritime accident. In recent years, analysis of vessel's navigation system's trajectory information is an essential element of maritime accident investigation. So, we made an experiment about corruption with various memory device in navigation system. The analysis of corruption test in seawater give us important information about the valid pulling time of sunken ship for acquirement useful trajectory information.

• Information and Communications Magazine
• /
• v.34 no.5
• /
• pp.36-43
• /
• 2017

국가 및 사회 기반 시설의 제어를 하는 컴퓨터 시스템을 SCADA(Supervisory Control And Data Acquisition)이라 한다. 대부분의 SCADA 시스템은 과거 폐쇄망과 비공개 통신프로토콜을 사용하기 때문에 비교적 안전하다고 고려되어 시스템보안 및 침해사고 대응 강화는 등한시 되었던 것이 사실이다. 하지만 최근 발생되고 있는SCADA 시스템의 침해사고들은 SCADA 시스템들이 보안위협에 노출되어있음을 의미하며 통신기술이 발전함에 따라 무선통신을 사용하는 SCADA 시스템의 통신망을 통한 불법적인 접근경로는 더욱더 확대될 수 있다. SCADA 시스템은 국가 및 사회 기반 시설의 제어를 담당하는 시스템이기 때문에 침해사고 발생시 심각한 문제가 초래될 수 있기 때문에 관련 보안기술 및 정책 연구가 필요하다. 본 고에서는 이를 위해 SCADA 시스템의 구조 및 발전 단계를 소개하여 전반적인 시스템 이해를 돕는다. 또한 무선통신 기반 SCADA 시스템의 공격 기법을 소개하고 최근 몇 년간 발생한 보안위협 사례와 관련 연구 동향을 분석한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.119-131
• /
• 2009

The world's widely used key exchange protocols are open cryptographic communication protocols, such as TLS/SSL, whereas in the financial field in Korea, key exchange protocols developed by industrial classification group have been used that are based on PKI(Public Key Infrastructure) which is suitable for the financial environments of Korea. However, the key exchange protocols are not only vulnerable to client impersonation attacks and known-key attacks, but also do not provide forward secrecy. Especially, an attacker with the private keys of the financial security server can easily get an old session-key that can decrypt the encrypted messages between the clients and the server. The exposure of the server's private keys by internal management problems, etc, results in a huge problem, such as exposure of a lot of private information and financial information of clients. In this paper, we analyze the weaknesses of the cryptographic communication protocols in use in Korea. We then propose two key exchange protocols which reduce the replacement cost of protocols and are also secure against client impersonation attacks and session-key and private key reveal attacks. The forward secrecy of the second protocol is reduced to the HDH(Hash Diffie-Hellman) problem.

• Review of KIISC
• /
• v.8 no.3
• /
• pp.83-104
• /
• 1998

인터넷의 급속한 확산과 전세계 통신서비스의 확장으로 인해 세계는 정보의 공유와 다양한 삶의 변화를 가져오고 있다. 교통수단의 발달로 전세계가 일일생활권에 접어들었다면 인터넷과 통신수단의 발전으로 인해 세계는 동일문화권을 형성하고 있다. 주체할 수 없이 수많은 정보와 서비스속에서 사고 있지만, 아직도 좀더 편리하고 안전한 정보의 공유와 윤택한 삶을 영유하기 위한 많은 문제점이 있으며, 이러한 발전 속에서 더 많은 문제점들이 나타나고 있는 것이 현실이다. 또한 이러한 문제점들을 해결하기 위한 다양한 해결책들이 쏟아져 나오고 있다. 본 고에서는다루게 될 내용은 전체적인 공개키 기반구조를 살펴보고 이를 디지털 위성방송 한정 수신 시스템에 적용한다. 공개키 기반구조에 대해서는 인터넷에서 사용자를 인증하기 위한 X.509 인증서에 대해 살펴보고, 인증서를 이용한 서비스에 대해 살펴본다. 또한 최근 각 나라별 공개키 기반구조 표준안의 진행 상황을 알아보고 IETF PKIX 표준안으로서 공개키 관리 프로토콜, CRL CRL 확장, 인증서, 그리고 인증서 확장에 대해 살펴본다. 곧 실현될 디지털 위성방송의 유료화 서비스는 가입자 인증과 서비스에 대한 접근 통제가 가능해야 한다. 따라서 가입자에 대한 관리부분에 공개키 기반구조를 적용함으로써 가입자에 대한 인증과 서비스 및 접근 통제를 가능하게 한다.

• The Journal of the Korea Contents Association
• /
• v.12 no.12
• /
• pp.126-134
• /
• 2012

The researchers of this study closely looked into the methods for cognitive-scientific approach to problems of marine design at a time when the overall values of marine cultures are acknowledged in full scale. To that end, the researchers analyzed the problems and problem-solving process for the initial approach to marine design. At the same time, the researchers made the matrix of the design-developmental directions by cognitive scientific approach. After selecting the subjects, the researchers collected verbal protocol and behavior protocol which were shown in the process of a designer's thinking. This was for the sake of protocol analysis which is the representative research technique of cognitive science. Based on the collected data, the researchers empirically analyzed the behavior patterns shown in the marine design process so as to develop the design behavior-graph pattern of designers in an objective and systematic way. The behavior graph was helpful for looking into the initial developmental directions of design and for predicting cognitive structure of designers. The researchers hope that this study will become a fundamental material for predicting cognitive directions of designer for planning and designing the marine design.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.103-114
• /
• 2024

In a situation where drone-related crimes continue to rise, research in drone forensics becomes crucial for preventing and responding to incidents involving drones. Conducting forensic analysis on flight record files stored internally is essential for investigating illegal activities. However, analyzing flight record files generated through the exclusive DUML protocol requires a deep understanding of the protocol's structure and characteristics. Additionally, a forensic analysis tool capable of handling cryptographic payloads and analyzing various drone models is imperative. Therefore, this study presents the methods and characteristics of flight record files generated by drones. It also explains the structure of the flight record file and the features of the DUML packet. Ultimately, we conduct forensic analysis based on the presented structure of the DUML packet and propose an extension forensic analysis system that operates more universally than existing tools, performing expanded syntactic analysis.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.9 s.351
• /
• pp.32-39
• /
• 2006

5.8GHz DSRC(Dedicated Short Range Communications) is a short to medium range communications service that supports both public safety and private operations in roadside to vehicle and vehicle communication. However the 5.8GHz frequency may cause the shadowing effect or communication blocking problem when there is an obstacle or another vehicle between RSE (Road Side Equipment) and OBE (On Board Equipment). In this paper, to solve this problem of the 5.8GHz DSRC, we propose a relay protocol based on the standard of DSRC radio communication between RSE and OBE in the 5.8GHz band made by TTA (Telecommunication Technology Association). By using the proposed relay protocol to DSRC system and intervehicle communication, we also consider a fixed relay protocol and mobile relay protocol. We expect to apply this relay protocol for the DSRC intervehicle communication and video communication between drivers and safe distance among vehicles in the near future.