• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.607-610
• /
• 2008

Phishing is a form of online identity theft that aims to steal sensitive information such as online banking passwords and credit card information from users. Phishing scams have been receiving extensive press coverage because such attacks have been escalating in number and sophistication. According to a study by Gartner, Many Internet users have identified the receipt of e-mail linked to phishing scams and about 2 million of them are estimated to have been tricked into giving away sensitive information. This paper presents a novel browser extension, AntiPhish, that aims to protect users against spoofed web site-based phishing attack.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.07a
• /
• pp.87-88
• /
• 2015

최근 IT기술의 발전과 더불어 보안의 중요성이 부각되면서 Pin Number, Password, Pattern Recognition 등 인증 방식에 대한 연구가 진행되고 있지만 위와 같은 One-factor 인증 시스템에는 "Shoulder Attack"과 같은 사용자 레벨에서의 보안공격에 취약하다. 위와 같은 문제점을 해결하기 위하여 'Google E-mail' 등 일부 강화된 보안이 필요한 시스템에서는 추가 모듈을 이용한 Two-factor 인증 시스템을 적용하여 보안을 제공하고 있지만 사용상의 번거로움과 복잡성으로 인해 고도의 보안 기술의 적용을 받지 못하는 등 많은 제약사항이 남아있다. 본 논문에서는 위 와 같은 One-factor 시스템의 취약점을 파악하여 그에 따라 보안 인증 절차를 향상시키기 위해 암호화와 인증 방법으로 지문인식을 사용하여 Multi-level 인증 시스템을 제안한다. 본 시스템은 Send 디비이스를 구현한 아두이노를 통해 M2M 서비스를 수행하며, 암호와 지문 정보를 아두이노 디바이스에 저장하여 두 가지의 신뢰적인 정보를 바탕으로 인증하는 시스템이다. 아두이노를 이용하여 디바이스 분리를 통한 사용자 레벨에서의 보안을 강하고 지문인식을 통해 불편함과 복잡성을 간소화하였다.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.359-366
• /
• 2002

Nowadays, the hacking techniques are developed increasingly with wide use of internet. The recent type of scanning attack is appeared in against with multiple target systems on the large scaled domain rather than single network of an organization. The development of scan detection management system which can detect and analyze scan activities is necessary to prevent effectively those attacking at the central system. The scan detection management system is useful for effective utilization of various detection information that received from scan detection agents. Real time scan detection management system that can do the integrated analysis of high lever more that having suitable construction in environment of large scale network is developed.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.675-682
• /
• 2003

Attackers collect vulnerabilities of a target computer system to intrude into it. And using several attack methods, they acquire root privilege. They steal and alter information in the computer system, or destroy the computer sysem. So far many intrusion detection systems and firewallshave been developed, but recently attackers go round these systems and intrude into a computer system . In this paper, we propose security kernel module to prevent attackers having acquired root privilege from doing illegal behaviors. It enhances administrator authentication with additional password, so prevents attackers from doing illegal behaviors such as modification of important files and installation of rootkits. It sends warning mail about sttacker's illegal behaviors to administrators by real time. So using information in the mail, they can estabilish new security policies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.35-45
• /
• 2005

There has recently been an increase of phishing attacks, attacks which lure users into revealing their personal information to an attacker who in turn exploits this information for economic gain. The conventional methods of fooling the user with similarly modified mail or address are constantly evolving and have diversified to include the forgery of mail or domain addresses. Recently the injury incurred by these attacks has greatly increased as attackers exploit the weaknesses found on a few web browsers and used these to conduct phishing attacks based on URL spoofing. Furthermore we are now witnessing the entrance of highly advanced phishing techniques that no longer simply rely on vulnerabilities, but employ ordinary script, HTML, DNS sniffing, and the list goes on. In this paper we first discuss means of investigating and preventing the advanced URL spoofing techniques used in phishing attacks, and then propose a scheme for fundamentally restricting them altogether.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.951-958
• /
• 2004

Nowadays NGN is developed for supporting the e-Commerce, Internet trading, e-Government, e-mail, virtual-life and multimedia. Internet gives us the benefit of remote access to the information but causes the attacks that can break server and modify information. Since 2000 Nimda, Code Red Virus and DSoS attacks are spreaded in Internet. This attack programs make tremendous traffic packets on the Internet. In this paper, we designed and developed the Bandwidth Controller in the gateway systems against the bandwidth saturation attacks. This Bandwidth con-troller is implemented in hardware chipset(FPGA) Virtex II Pro which is produced by Xilinx and acts as a policing function. We reference the TBF(Token Bucket Filter) in Linux Kernel 2.4 and implemented this function in HDL(Hardware Description Language) Verilog. This HDL code is synthesized in hardware chipset and performs the gigabit traffic in real time. This policing function can throttle the traffic at the rate of band width controlling policy in bps speed.

• The Journal of the Convergence on Culture Technology
• /
• v.2 no.4
• /
• pp.65-70
• /
• 2016

As network communication increases by using public WiFi to check e-mail and handling Internet banking, the danger of hacking public routers continues to rise. While the national policy is to further propagate public routers, users are not eager to keep their information secure and there is a growing risk of personal information leakage. Because wireless routers implement high accessibility but are vulnerable to hacking, it is thus important to analyze hacking to tackle the attacks. In this study, an analysis is made of the encryption method used in WiFi and cases of hacking WiFi by security attacks on wireless routers, and a method for tackling the attacks is suggested.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.1
• /
• pp.16-20
• /
• 2004

This paper developed a secure web-based digital notary system. The system conforms to international standards, and gives users very good accessibility to it. The technologies and the application systems for timestamp-related services are not yet popularized, but they are potentially meaningful to many kinds of areas such as ecommerces, digital right managements, and internet mail systems. The digital notary system uses the timestamp requests and responses which conforms to rfc 3161. The system supports secure communication between web-based notary server and its clients by using SSL(Secure Socket Layer), and use nonces for prevention of replay attacks.

• Journal of Convergence Society for SMB
• /
• v.5 no.1
• /
• pp.13-18
• /
• 2015

The malware, as hackers generic name of executable code that is created for malicious purposes, depending on the presence or absence of a self-replicating ability infected subjects, and are classified as viruses, worms, such as the Trojan horse. Mainly Web page search and P2P use, such as when you use a shareware, has become penetration is more likely to occur in such a situation. If you receive a malware attack, whether the e-mail is sent it is automatically, or will suffer damage such as reduced system performance, personal information leaks. While introducing the current malware, let us examine the measures and describes the contents related to the malicious code.