• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.207-215
• /
• 2014

Password based authentication systems are most widely used for user convenience in web services. However such authentication systems are known to be vulnerable to various attacks such as password guessing attack, dictionary attack and key logging attack. Besides, many of the web systems just provide user authentication in a one-way fashion such that web clients cannot verify the authenticity of the web server to which they set access and give passwords. Therefore, it is too difficult to protect against DNS spoofing, phishing and pharming attacks. To cope with the security threats, web system adopts several enhanced schemes utilizing one time password (OTP) or long and strong passwords including special characters. However there are still practical issues. Users are required to buy OTP devices and strong passwords are less convenient to use. Above all, one-way authentication schemes generate several vulnerabilities. To solve the problems, we propose a multi-channel, multi-factor authentication scheme by utilizing QR-Code. The proposed scheme supports both user and server authentications mutually, thereby protecting against attacks such as phishing and pharming attacks. Also, the proposed scheme makes use of a portable smart device as a OTP generator so that the system is convenient and secure against traditional password attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11B
• /
• pp.979-986
• /
• 2006

DSTM is one of the 1Pv6/IPv4 transition mechanisms using IPv4-in-IPv6 tunneling for communication between IPv6 node with dual stack and Ipv4-only node. In DSTM, the DSTM server using the DHCPv6 is vulnerable to DoS attacks which can exhaust the IPv4 address pool. In this paper, an authentication model using a HRAA (Human Recognition Address Allocation) scheme was proposed to protect DHCP server against DoS attacks. The proposed authentication model in DSTM that uses an image file for verification is effective because only human can respond to the challenge for authenticated address allocation. The proposed model can be used anytime and anywhere in a DSTM domain, and is secure against DoS attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.25-38
• /
• 2017

Many security threats are occurring around the world due to the characteristics of industrial control systems that can cause serious damage in the event of a security incident including major national infrastructure. Therefore, the industrial control system network traffic should be analyzed so that it can identify the attack in advance or perform incident response after the accident. In this paper, we research the visualization technique as network forensics to enable reasonable suspicion of all possible attacks on DNP3 control system protocol, and define normal action based rules and derive visualization requirements. As a result, we developed a visualization tool that can detect sudden network traffic changes such as DDoS and attacks that contain anormal behavior from captured packet files on industrial control system network. The suspicious behavior in the industrial control system network can be found using visualization tool with Digital Bond packet.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.4
• /
• pp.203-210
• /
• 2017

Address resolution protocol (ARP) is used for binding a logical address to a physical address in many network technologies. However, since ARP is an stateless protocol, it always abused for performing ARP-based attacks. Researchers presented many technologies to improve ARP protocol, but most of them require a high implementation cost or scarify the network performance for improving security of ARP protocol. In this paper, we present an address auto-resoultion (AAR) network system to neutralize the ARP-based attacks. The AAR turns off the communication function of ARP messages(e.g. request and reply), but does not disable the ARP table. In our system, the MAC address of destination was designed to be derived from destination IP address so that the ARP table can be managed statically without prior knowledge (e.g., IP and MAC address pairs). In general, the AAR is safe from the ARP-based attacks since it disables the ARP messages and saves network traffics due to so.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.3
• /
• pp.251-260
• /
• 2011

In this paper, we proposed a scheme that it safely exchanges encrypted keys without Trust Third Party (TTP) and Pre-distributing keys in multi-hop clustering sensor networks. Existing research assume that it exists a TTP or already it was pre-distributed a encrypted key between nodes. However, existing methods are not sufficient for USN environment without infrastructure. Some existing studies using a random number Diffie-Hellman algorithm to solve the problem. but the method was vulnerable to Replay and Man-in-the-middle attack from the malicious nodes. Therefore, authentication problem between nodes is solved by adding a ��TESLA. In this paper, we propose a modified Diffie-Hellman algorithm that it is safe, lightweight, and robust pair-wise agreement algorithm by adding One Time Password (OTP) with timestamp. Lastly, authentication, confidentiality, integrity, non-impersonation, backward secrecy, and forward secrecy to verify that it is safe.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.8C
• /
• pp.633-641
• /
• 2008

Since WSNs encounter attacks, such as jamming or eavesdropping without physical access occurs, security is one of the important requirements for WSNs. The key pre-distribution scheme that was recently researched for advance of security in WSNs distributes the keys and probability with the use of q-composite random key pre-distribution method, but there is a high probability that no key shared between sensor nodes, and it takes a lot of time and energy to find out the shared key. Therefore, it is not suitable for WSNs. In order to enhance stability of a node that plays a role of gateway without depending on probabilistic key, this paper proposesa key pre-distribution scheme combined with random key pre-distribution scheme and double hash chain. Since the proposed scheme can maintain a small storage place and strong security strengths, it is more efficient than the existing schemes with the same security strengths. In addition, since it uses a small size of key generation key set, it can reduce a great deal of storage overhead.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1597-1605
• /
• 2015

Password authenticated key exchange (PAKE) is a protocol that a client stores its password to a server, authenticates itself using its password and shares a session key with the server. In multi-server PAKE, a client splits its password and stores them to several servers separately. Unless all the servers are compromised, client's password will not be disclosed in the multi-server setting. In attribute-based encryption (ABE), a sender encrypts a message M using a set of attributes and then a receiver decrypts it using the same set of attributes. In this paper, we introduce multi-server PAKE protocol that utilizes a set of attributes of ABE as a client's password. In the protocol, the client and servers do not need to create additional public/private key pairs because the password is used as a set of public keys. Also, the client and the servers exchange only one round-trip message per server. The protocol is secure against dictionary attacks. We prove our system is secure in a proposed threat model. Finally we show feasibility through evaluating the execution time of the protocol.

• Journal of KIISE:Information Networking
• /
• v.37 no.5
• /
• pp.351-362
• /
• 2010

In Korea, national information infrastructure has been grown well because of the rapid growth and supply of Internet, but threats of cyber terror and cyber war are also increasing. Cyber attacks on knowledge information society threaten industry, economy and security. Major countries realize that cyber attacks can cause national heavy loss. So, they are trying to adopt policy on their cyber safe. And natural environmental crisises are increasing around the world. Countries such as India and Philippine in which tsunami, typhoon and earthquake are often occurring have national systematic disaster management system that can prevent and recover. We need systematic management for prevention and recovery from cyber terror, and need to establish national cyber disaster management system. Therefore, in this paper, we analyze major countries's cyber security policy and suggest a method of establishing the national cyber disaster management system.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.4
• /
• pp.363-368
• /
• 2021

The purpose of this research is to analysis the effectiveness of education in which sexual violence offenders participated in correctional program. The subjects of this study were men living in D city had completed 40 hours of correctional program implemented by the Ministry of Justice. For data collection, a pre-test before training and a post-test completion of training were conducted for those who participated in the program. Those who had aggression, impulsivity, rape myth and anger had a positive effect after the correctional program, but that program didn't help those with feelings of loneliness. This study analyzed the effectiveness of the education through pre and post tests of the Ministry of Justice's sexual violence program targeting sexual violence offenders, and it is significant in seeking ways to change their behavior accordingly. Therefore, this study will be effective in preventing the recurrence of sexual violence, and it will contribute as a data that can be used for the development of the correctional program for sexual violence offenders.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.9
• /
• pp.92-99
• /
• 2013

As a recent cyber attack has a characteristic that is intellectual, advanced, and complicated attack against precise purpose and specified object, it becomes extremely hard to recognize or respond when accidents happen. Since a scale of damage is very large, a corresponding system about this situation is urgent in national aspect. Existing data center or integration security framework of computer lab is evaluated to be a behind system when it corresponds to cyber attack. Therefore, this study suggests a better sophisticated next generation convergence security framework in order to prevent from attacks based on advanced persistent threat. Suggested next generation convergence security framework is designed to have preemptive responses possibly against APT attack consisting of five hierarchical steps in domain security layer, domain connection layer, action visibility layer, action control layer and convergence correspondence layer. In domain connection layer suggests security instruction and direction in domain of administration, physical and technical security. Domain security layer have consistency of status information among security domain. A visibility layer of Intellectual attack action consists of data gathering, comparison, decision, lifespan cycle. Action visibility layer is a layer to control visibility action. Lastly, convergence correspond layer suggests a corresponding system of before and after APT attack. An introduction of suggested next generation convergence security framework will execute a better improved security control about continuous, intellectual security threat.