• 한국전산유체공학회:학술대회논문집
• /
• 2011.05a
• /
• pp.218-224
• /
• 2011

A supersonic inlet at angle of attack has anti-symmetric pressure distribution, and it can make flow instability and structural problem. In this study, numerical analysis of three-dimensional inviscid flow was conducted under various throttle ratio and angle of attack conditions. Throttle ratio was defined as the ratio of the exit area to the smallest cross section area at inlet, and the ratio is controlled from 0 to 2.42. At various angle of attack, the characteristics of steady and unsteady flow around supersonic inlet is observed under different throttling ratios. From these results, pressure recovery curves and pressure history curves were plotted by post processing. Using pressure history data, FFT analysis is also carried out. Through these processes, it shows the tendency of pressure distribution anti-symmetricity and changing dominant frequency as increasing angle of attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.109-115
• /
• 2010

Differential Power Analysis (DPA) is well known as one of efficient physical side-channel attack methods using leakage power consumption traces. However, since the power traces usually include the components irrelevant to the encryption, the efficiency of the DPA attack may be degraded. To enhance the performance of DPA, we introduce a pre-processing technique which extracts the encryption-related parts from the measured power consumption signals. Experimental results show that the DPA attack with the use of the proposed pre-processing method detects correct cipher keys with much smaller number of signals compared to that of the conventional DPA attack.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.4
• /
• pp.117-130
• /
• 2010

Paper is on defense for so-called internet crisis, the attack of DDoS (Distributed Denial of Service) which was targeted to the central government ministries, financial sector, and portal sites of chief counties including Korea on June 7th, 2009 as its start. By conducting attack with various DDoS attacking methods in the lab environment and dividing networks targeted by the attack by layers, this paper records and analyzes the chief information for attack, destination information of packets, defense policy setting, and the flow of packet attack with the subjects of the networks separated. This study suggests CFC system using multiple firewalls applying defense policy corresponding to the target layer for ultimate attack and tests it according to the result of analyzing the attack packet information and its amount, log analysis, access recording port, and MAC and IT information, etc. by layers. This article is meaningful in that it analyzes the attack by layers, establishes firewall policy for protecting each layer, and secures accurate mechanism for detect and defense.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.67 no.12
• /
• pp.1685-1689
• /
• 2018

In this research, 51% attack or majority attack is becoming an important security issue for proof of work based blockchains. Due to decentralized nature of blockchains, any attacks that shutdowns the network or which take control over the network is hard to prevent and assess. In this paper, different types of majority attack are summarized and the motivations behind the attacks are explained. To show the feasibility of the majority attack, we build an example mining machines that can take control over two of the public blockchains, Vertcoin and Monero.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.135-140
• /
• 2004

The ID-based cryptosystem and Power Analysis Attack are attracting many researchers and have been developed aggressively to date. Especially, DPA (Differential Power Analysis) attack has been considered to be the most powerful attack against low power devices, such as smart cards. However, these two leading topics are researched independently and have little hewn relations with each other. In this paper, we investigate the effect of power analysis attack against ID based cryptosystem. As a result, we insist that ID-based cryptosystem is secure against DPA and we only need to defend against SPA (Simple Power Analysis).

• ETRI Journal
• /
• v.32 no.3
• /
• pp.362-369
• /
• 2010

While the elliptic curve cryptosystem (ECC) is getting more popular in securing numerous systems, implementations without consideration for side-channel attacks are susceptible to critical information leakage. This paper proposes new power attack countermeasures for ECC over Koblitz curves. Based on some special properties of Koblitz curves, the proposed methods randomize the involved elliptic curve points in a highly regular manner so the resulting scalar multiplication algorithms can defeat the simple power analysis attack and the differential power analysis attack simultaneously. Compared with the previous countermeasures, the new methods are also noticeable in terms of computational cost.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.9
• /
• pp.113-120
• /
• 2022

In this paper, we analyze the feasibility of the IP spoofing attack exploiting null security algorithms in 5G networks based on 3GPP standard specifications. According to 3GPP standard specifications, the initial Registration Request message is not protected by encryption and integrity. The IP spoofing attack exploits the vulnerability that allows a malicious gNB (next generation Node B) to modify the contents of the initial Registration Request message of a victim UE (User Equipment) before forwarding it to AMF (Access and Mobility Management Function). If the attack succeeds, the victim UE is disconnected from the 5G network and a malicious UE gets Internet services, while the 5G operator will charge the victim UE. In this paper, we analyze the feasibility of the IP spoofing attack by analyzing whether each signaling message composing the attack conforms to the 3GPP Rel-17 standard specifications. As a result of the analysis, it is determined that the IP spoofing attack is not feasible in the 5G system implemented according to the 3GPP Rel-17 standard specifications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1027-1036
• /
• 2014

In 2012, Sonwanshi et al. suggested an efficient smar card based remote user authentication scheme using hash function. In this paper, we point out that their scheme is vulnerable to offline password guessing attack, sever impersonation attack, insider attack, and replay attack and it has weakness for session key vulnerability and privacy problem. Furthermore, we propose an improved scheme which resolves security flaws and show that the scheme is more secure and efficient than others.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.264-271
• /
• 2021

From an information security perspective, protecting sensitive data requires utilizing algorithms which resist theoretical attacks. However, treating an algorithm in a purely mathematical fashion or in other words abstracting away from its physical (hardware or software) implementation opens the door to various real-world security threats. In the modern age of electronics, cryptanalysis attempts to reveal secret information based on cryptosystem physical properties, rather than exploiting the theoretical weaknesses in the implemented cryptographic algorithm. The correlation power attack (CPA) is a Side-Channel Analysis attack used to reveal sensitive information based on the power leakages of a device. In this paper, we present a power Hacking technique to demonstrate how a power analysis can be exploited to reveal the secret information in AES crypto-core. In the proposed case study, we explain the main techniques that can break the security of the considered crypto-core by using CPA attack. Using two cryptographic devices, FPGA and 8051 microcontrollers, the experimental attack procedure shows that the AES hardware implementation has better resistance against power attack compared to the software one. On the other hand, we remark that the efficiency of CPA attack depends statistically on the implementation and the power model used for the power prediction.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.1
• /
• pp.67-78
• /
• 2020

Typical security solutions such as intrusion detection system are not suitable for detecting advanced persistent attack(APT), because they cannot draw the big picture from trivial events of security solutions. Researches on techniques for detecting multiple stage attacks by analyzing the correlations between security events or alerts are being actively conducted in academic field. However, these studies still use events from existing security system, and there is insufficient research on the structure of the entire security system suitable for advanced persistent attacks. In this paper, we propose an attack path and intention recognition system suitable for multiple stage attacks like advanced persistent attack detection. The proposed system defines the trace format and overall structure of the system that detects APT attacks based on the correlation and behavior analysis, and is designed with a structure of detection system using deep learning and big data technology, etc.