• Journal of Internet Computing and Services
• /
• v.21 no.2
• /
• pp.91-97
• /
• 2020

Recently, phishing attacks targeting those involved in defense, security and unification have been on the rise. In particular, hacking attack organization Kimsuky has been engaged in activities to collect important information from public organizations through phishing attacks since 2013. In this paper, profiling analysis of phishing mail attack organization was performed. Through this process, we estimated the purpose of the attack group and suggested countermeasures.

• Journal of Satellite, Information and Communications
• /
• v.11 no.3
• /
• pp.32-36
• /
• 2016

In wireless communication systems, jamming attack is a critical threat. Especially, reactive jamming can jam when the sender and receiver are communicating, which can maximize the attack efficiency of jamming. In this paper, we use the property of multi-input multi-output (MIMO) technology to achieve jamming resilient orthogonal frequency-division multiplexing (OFDM) communications. In particular, we use MIMO interference cancellation to remove the jamming signals strategically. We first investigate the reactive jamming attack model and their impacts on the MIMO-OFDM systems. We then present an iterative channel estimation algorithm that exploits MIMO interference cancellation. Our simulations show various anti-jamming methods and demonstrate the efficiency of our proposed algorithm under the reactive jamming attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.12
• /
• pp.2883-2890
• /
• 2013

Correlation power analysis attack takes place at the point of operating a known value and a hidden value from a master key as an input. The hidden value can be found by analyzing a correlation between the result value and the measured power signal during the operation, witch makes it possible to estimate the master key from the hidden value. However, the correlation power analysis attack can be very difficult by changing the conditions that make the power analysis possible, when the known value and the operation is hidden, when it is impossible to estimate the master key from the hidden value, or when the correlation between the result value and the power signal is considerably lowered. Therefore this study proposes a software countermeasure using a secrete intermediate key to witch these conditions are applied.

• Journal of the Korea Society of Computer and Information
• /
• v.5 no.4
• /
• pp.69-75
• /
• 2000

This paper proposes a network intrusion detection model which can detect the insertion and evasion attacks. These attacks can be prevented when some kind of information are available in the network intrusion detection system. We classified these information with three categories and used each category at setup phase and executing Phase. Within the proposed model, all necessary information which are related with networks and operating systems are maintained in the database and created as a table. This table is used during intrusion detection. The overheads of database and table may be simple in this model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.848-851
• /
• 2005

The BcN is applying from public networks to local networks and each terminal step by step until 2007. By IPv6 network introduction, IP address lack problem can be solved. However, the threats that network attacks of another method can be caused with new problem of network security in IPv6 networks. In this paper, we suggest the traffic analysis tool which analyze IPv6 traffic efficiently to detect/response network attack in IPv6 environment. The implemented IPv6 traffic analysis tool uses IPv6 header to analyze traffic and detect network attacks. Also, we also propose detection algorithm to detect network attacks in IPv6 networks.

• Journal of IKEEE
• /
• v.26 no.3
• /
• pp.389-395
• /
• 2022

With the evolution of technology, cyber physical systems (CPSs) are being upgraded, and new types of cyber attacks are being discovered accordingly. There are many forms of cyber attack, and all cyber attacks are made to manipulate the target systems. A representative system among cyber physical systems is a cyber physical power system (CPPS), that is, a smart grid. Smart grid is a new type of power system that provides reliable, safe, and efficient energy transmission and distribution. In this paper, specific types of cyber attacks well known as false data injection attacks targeting state estimation and energy distribution of smart grid, and protection strategies for defense of these attacks and dynamic monitoring for detection are described.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.05a
• /
• pp.501-504
• /
• 2022

안전한 암호 시스템은 평문을 복원하거나 키를 유추해낼 수 없도록 설계된다. 암호 분석은 이러한 암호 시스템에서 평문과 키를 추정하는 것이며, 알려진 평문 공격, 선택 평문 공격, 차분분석 등 다양한 방법이 존재한다. 또한, 최근에는 데이터의 특징을 추출하고 학습해내는 인공신경망 기술을 기반으로 하는 암호 분석 기법들이 제안되고 있다. 현재는 라운드 축소된 S-DES, SPECK, SIMON, PRESENT 등의 경량암호 및 고전암호에 대한 공격이 대부분이며, 이외에도 암호 분석을 위한 active S-box의 수를 예측하는 등과 같이 다양한 측면에서 인공신경망이 적용되고 있다. 향후에는 신경망의 효율적 구현, full-round에 대한 공격과 그에 대한 암호학적 해석이 가능한 연구들이 진행되어야 할 것으로 생각된다.

• The Journal of Society for e-Business Studies
• /
• v.19 no.4
• /
• pp.31-43
• /
• 2014

These days a lot of cyber attacks are exploiting the vulnerabilities of S/W. According to the trend of vulnerabilities is announced periodically, security directions are suggested and security controls are updated with this trend. Nevertheless, cyber attacks like hacking during the year 2011 are increased by 81% compared to 2010. About 75% of these cyber attacks are exploiting the vulnerabilities of S/W itself. In this paper, we have suggested a VIR model, which is a spread model of malware infection for measuring economic loss by S/W vulnerability, by applying the SIR model which is a epidemic model. It is applied to estimate economic loss by HWP(Hangul word) S/W vulnerabilities.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.10a
• /
• pp.357-358
• /
• 2018

The track radar use the range track loop to track the target range. The bandwidth of the radar range tracker can be determined by tradeoff according to signal to noise ratio and the target range. On the other hand, electronic warfare is carried out to prevent the radar from tracking targets by electronic attack. The deception or noise jamming in electronic warfare can be performed to interfere with the range track loop of the radar. In order to efficiently perform electronic warfare, the bandwidth in radar tracking loop is estimated and can be used for electronic attack. To do this, we have studied the method of estimating the bandwidth of radar tracking loop using the variables that can be gathered in electronic warfare.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.835-846
• /
• 2020

BEC (Business Email Compromise) attacks are frequently occurring by impersonating accounts or management through e-mail and stealing money or sensitive information. This type of attack accounts for the largest portion of the recent trade fraud, and the FBI estimates that the estimated amount of damage in 2019 is about $17 billion. However, if you look at the response status of the companies compared to this, it relies on the traditional SPAM blocking system, so it is virtually defenseless against the BEC attacks that social engineering predominates. To this end, we will analyze the types and methods of BEC accidents and propose ways to effectively counter BEC attacks by companies through AI(Artificial Intelligence).