• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.9
• /
• pp.1187-1192
• /
• 2020

The dronebot combat system is a representative model of the future battlefield in the 4th industrial revolution. In dronebot, unmanned reconnaissance tankrobot can minimize human damage and reduce cost with higher combat power than humans. However, since the battlefield environment is very complex such as obstacles and enemy situations, it is also necessary for the pilot to control the tankrobot. Tankrobot are robots with new ICT technology, capable of hacking attacks, and if there is an abnormality in control, it can pose a threat to manipulation and control. A Bluetooth sniffing attack was performed on the communication section of the tankrobot and the controller to introduce a vulnerability to Bluetooth, and a countermeasure using MAC address exposure prevention and communication section encryption was proposed as a security measure. This paper first presented the vulnerability of tankrobot to be operated in future military operations, and will be the basic data that can be used for defense dronebot units.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.6
• /
• pp.881-889
• /
• 2022

As interest in environmental pollution caused by ship emissions is increasing worldwide, many studies are being conducted on the development of systems that increase energy efficiency to reduce ship emissions. In order to test the energy management system controller driven in real time on a large ship, it is necessary to perform the test through the simulator. In this study, addresses were set for each signal according to Modbus TCP/IP so that each control system and energy management system could be linked, and the algorithm was configured according to the signal flow. In addition, the signal generator was designed and manufactured so that each controller could artificially generate the signal collected from the vessel. As a result of the simulator production and interlocking, it was confirmed that each controller operated in real time performed its role appropriately, and that the algorithm of the ship energy management system was properly applied.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.5
• /
• pp.793-801
• /
• 2022

Most Bluetooth devices are commonly used in various ways these days, but they can be often lost due to small-size devices. However, most Bluetooth protocol do not provide authentication functions to legitimate owners, and thus someone who obtains the lost Bluetooth device can easily connect to their smart devices to use it. In this paper, we propose NBAS can authenticates legitimate owners using NFT on lossy Bluetooth devices.NBAS generates a digital wallet on the blockchain using the decentralized network Ethereum blockchain and facilitating the MAC address of the Bluetooth device in the digital wallet. The owner of the wallet uses a private key to certify the Bluetooth device using NFT. The initial pairing time of NBAS was 10.25 sec, but the reconnection time was 0.007 sec similar to the conventional method, and the pairing rejection time for unapproved users was 1.58 sec on average. Therefore, the proposed NBAS effectively shows the device authentication over the conventional Bluetooth.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.5
• /
• pp.725-730
• /
• 2022

Named Data Networking (NDN) is a representative technology of ICN that realizes the future Internet architecture. NDN searches for data by its content and not by its host IP address. The consumer generates an interest packet and sends it to the NDN network. The NDN network uses three tables such as CS, FIB, and PIT and forwards the received interest packet to the next hop. The producer transmits the data packet to the consumer through a name-based forwarding scheme. In this paper, we design and implement an ndnSIM-based NDN network and perform performance evaluation. We analyze the ndnSIM structure and develop a 6-node congested NDN network and a 9-node grid NDN network using ndnSIM. In the simulation, the performance of latency and throughput of the interest packet rate are measured. We analyze the effect of congestion on the latency and throughput of the NDN network. This approach will help researchers in the future.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.3
• /
• pp.111-116
• /
• 2023

The WiscKey database, which optimizes overhead by compaction of the LSM tree-based Key-Value database, stores the value in a separate file, and stores only the key and value addresses in the database. Each time an fsync system call function is used to ensure data integrity in the process of storing values. In previously conducted studies, workload performance was reduced by up to 5.8 times as a result of performing the workload without calling the fsync system call function. However, it is difficult to ensure the data integrity of the database without using the fsync system call function. In this paper, to reduce the overhead of the fsync system call function while performing workloads on the WiscKey database, we use NVDIMM caching techniques to ensure data integrity while improving the performance of the WiscKey database.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.4
• /
• pp.687-697
• /
• 2023

Botnets, whose attack patterns are becoming more sophisticated and diverse, are recognized as one of the most serious cybersecurity threats today. This paper revisits the experimental results of botnet detection using autoencoder, a semi-supervised deep learning model, for UGR and CTU-13 data sets. To prepare the input vectors of autoencoder, we create data points by grouping the NetFlow records into sliding windows based on source IP address and aggregating them to form features. In particular, we discover a simple power-law; that is the number of data points that have some flow-degree is proportional to the number of NetFlow records aggregated in them. Moreover, we show that our power-law fits the real data very well resulting in correlation coefficients of 97% or higher. We also show that this power-law has an impact on the learning of autoencoder and, as a result, influences the performance of botnet detection. Furthermore, we evaluate the performance of autoencoder using the area under the Receiver Operating Characteristic (ROC) curve.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.82-84
• /
• 2022

In recent years, research has been actively conducted to solve overhead problems caused by the increase in the number of IoT devices. MQTT, one of the IoT lightweight protocols for resolving performance degradation in IoT environments, is standardized to enable efficient operation in many-to-many communication environments, but there is a security vulnerability as it does not provide encryption by default. Although TLS communication technology can be applied to solve these problems, it is difficult to meet IoT's lightweight power-saving requirements. This paper introduces the latest MQTT communication encryption trends and analyzes IoT applicability by comparing TLS encryption and payload encryption methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.253-266
• /
• 2023

The Null Pointer Dereference vulnerability is a significant vulnerability that can cause severe attacks such as denial-of-service. Previous research has proposed methods for detecting vulnerabilities, but large and complex programs pose a challenge to their efficiency. In this paper, we present a lightweight tool for detecting specific functions in large binaryprograms through symbolizing variables and emulating program execution. The tool detects vulnerabilities through data dependency analysis and heuristics in each execution path. While our tool had an 8% higher false positive rate than the bap_toolkit, it detected all existing vulnerabilities in our dataset.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.469-471
• /
• 2021

As wireless communication technology advances to ensure high accuracy and safety at high speeds, research and development of Visible Light Communication (VLC) technology has been accelerated as an alternative to traditional radio frequency (RF) technology. As the radio spectrum of RF communication becomes more congested and demand for bandwidth continues to increase, VLCs that can use unlicensed frequency band are proposed as a solution. However, VLC channels have broadcasting characteristics that make them easily exposed to eavesdropping and jamming attacks, and are vulnerable to MITM (Man-In-The-Middle) due to their line of sight (LOS) propagation characteristics. These attacks on VLC channels compromise the confidentiality, integrity, and availability of communications links and data, resulting in higher data retransmission rates, reducing throughput and increasing power consumption, resulting in lower data transmission efficiency. In this work, we model vulnerable VLC channels to analyze the impact of attacks and communications vulnerabilities by malicious jammers.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.449-451
• /
• 2021

Cyber-attacks targeting endpoints have developed sophisticatedly into targeted and intelligent attacks, Advanced Persistent Threat (APT) targeting the Industrial Internet of Things (IIoT) has increased accordingly. Machine learning-based Endpoint Detection and Response (EDR) solutions combine and complement rule-based conventional security tools to effectively defend against APT attacks are gaining attention. However, universal EDR solutions have a high false positive rate, and needs high-level analysts to monitor and analyze a tremendous amount of alerts. Therefore, the process of optimizing machine learning-based EDR solutions that consider the characteristics and vulnerabilities of IIoT environment is essential. In this study, we analyze the flow and impact of IIoT targeted APT cases and compare the method of machine learning-based APT detection EDR solutions.