• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.161-168
• /
• 2003

We discuss the security of two famous password authenticated key exchange protocols, EKE2 and PAK. We introduce ′insider assisted attack′ Based on this assumption we point out weakness of the security of EKE2 and PAK protocols. More precisely, when the legitimate user wants to find other user′s password, called "insider-assisted attacker", the attacker can find out many ephemeral secrets of the server and then after monitoring on line other legitimate user and snatching some messages, he can guess a valid password of the user using the previous information. Of course for this kind of attack there are some constraints. Here we present a full description of the attack and point out that on the formal model, one should be very careful in describing the adversary′s behavior.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.3
• /
• pp.135-142
• /
• 2017

DDoS (Distributed Denial of Service) exhausts the target server's resources using the large number of zombie pc, As a result normal users don't access to server. DDoS Attacks steadly increase by many attacker, and almost target of the attack is critical system such as IT Service Provider, Government Agency, Financial Institution. In this paper, We will introduce the CNN (Convolutional Neural Network) of deep learning based real-time detection system for DNS amplification Attack (DNS DDoS Attack). We use the dataset which is mixed with collected data in the real environment in order to overcome existing research limits that use only the data collected in the experiment environment. Also, we build a deep learning model based on Convolutional Neural Network (CNN) that is used in pattern recognition.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.48 no.2
• /
• pp.89-95
• /
• 1999

This study investigates the population model of the spread of HIV/AIDS which the infection is generated by an infectious individual in a population of susceptible. A mathematical model is presented for the transmission dynamics of HIV infection within the communities of homosexual males. The pattern on the epidemic character of HIV, the causative agent of AIDS, was analysed by the mathematical model of AIDS system which is derived according to the ecological relationship between five epidemilogic states of individuals. The computer simulation was performed using real data and the following conclusions are drawn on the basis of the simulations. 1. The model structure and the algorithm described n the thesis is good. 2. In proportion to increase Ro, the population of AIDS patient increases and the time of its widespread reaches earlier. 3. The AIDS patients will be maximum between 7 and 21 years after an attack of AIDS and widespread between 10 and 20 years. 4. Considering the properties of the incubation periods, the maximum number of infected person is increased, and the attack rate is decreased.

• International Journal of Aeronautical and Space Sciences
• /
• v.16 no.1
• /
• pp.8-18
• /
• 2015

A numerical simulation for a nonslender BWB UCAV configuration with a rounded leading edge and span of 1.0 m was performed to analyze its aerodynamic characteristics. Numerical results were compared with experimental data obtained at a free stream velocity of 50 m/s and at angles of attack from -4 to $26^{\circ}$. The Reynolds number, based on the mean chord length, is $1.25{\times}106$. 3D multi-block hexahedral grids are used to guarantee good grid quality and to efficiently resolve the boundary layer. Menter's shear stress transport model and two transition models (${\gamma}-Re_{\theta}$ model and ${\gamma}$ model) were used to assess the effect of the laminar/turbulent transition on the flow characteristics. Aerodynamic coefficients, such as drag, lift, and the pitching moment, were compared with experimental data. Drag and lift coefficients of the UCAV were predicted well while the pitching moment coefficient was underpredicted at high angles of attack and influenced strongly by the selected turbulent models. After assessing the pressure distribution, skin friction lines and velocity field around UCAV configuration, it was found that the transition effect should be considered in the prediction of aerodynamic characteristics of vortical flow fields.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4508-4530
• /
• 2021

Today distributed data storage service are being widely used. However lack of proper means of security makes the user data vulnerable. In this work, we propose a Randomized Block Size (RBS) model for secure data storage in distributed environments. The model work with multifold block sizes encrypted with the Chinese Remainder Theorem-based RSA (C-RSA) technique for end-to-end security of multimedia data. The proposed RBS model has a key generation phase (KGP) for constructing asymmetric keys, and a rand generation phase (RGP) for applying optimal asymmetric encryption padding (OAEP) to the original message. The experimental results obtained with text and image files show that the post encryption file size is not much affected, and data is efficiently encrypted while storing at the distributed storage server (DSS). The parameters such as ciphertext size, encryption time, and throughput have been considered for performance evaluation, whereas statistical analysis like similarity measurement, correlation coefficient, histogram, and entropy analysis uses to check image pixels deviation. The number of pixels change rate (NPCR) and unified averaged changed intensity (UACI) were used to check the strength of the proposed encryption technique. The proposed model is robust with high resilience against eavesdropping, insider attack, and chosen-plaintext attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1503-1514
• /
• 2015

Non-face-to-face real name verification policy that financial authorities announced, in order to secure a face-to-face or more of accuracy, are in principle of multi check. The business model and legal entities of Internet banks is different from existing Internet banking. Relpacing real name verification from face-to-facd to non-face-to-face while maintaining the structure of identification can not only cause inconvenience to a first time member, but also can be more vulnerable to verious security risks. In this study, to evaluate a service level of a bank of the Internet, and provide an improved identification of the structure such that the registration and use of differentiated services is performed in accordance with the evaluation. In addition, the security that may occur with respect to Bank of the Internet to establish a vulnerability and attack model, the results of the analysis of the safety of the step-by-step security attributes and services of the authentication medium of each attack model, existing the safer than Internet banking, confirmed the usefulness in user registration guide.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.237-240
• /
• 2011

Voice over Internet Protocol calls using administrative agency to build a national information and communication service, 'C' group, providers, the KT, SK Broadband, LG U+, Samsung SDS, as there are four operators. To prepare for an attack on Voice over Internet Protocol for administrative agency, security is a need for research to support the model. In this paper, the Internet telephone business of Administrative Agency to investigate and analyze the specific security measures to respond. Should set priorities around confidentiality about five security threats from NIS to Study of Voice over Internet Protocol Security Response Model for Administrative Agency. (1) Illegal wiretapping, (2) call interception, (3) service misuse, (4) denial of service attacks, (5) spam attacks, write about and analyze attack scenarios. In this paper, an analysis of protection by security threats and security breaches through a step-by-step system to address the research study is a step-by-step development of the corresponding model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.201-210
• /
• 2023

Deep learning-based face verificattion model show high performance and are used in many fields, but there is a possibility the user's face image may be leaked in the process of inputting the face image to the model. Althoughde-identification technology exists as a method for minimizing the exposure of face features, there is a problemin that verification performance decreases when the existing technology is applied. In this paper, after combining the face features of other person, a de-identified face image is created through StyleGAN. In addition, we propose a method of optimizingthe combining ratio of features according to the face verification model using HopSkipJumpAttack. We visualize the images generated by the proposed method to check the de-identification performance, and evaluate the ability to maintain the performance of the face verification model through experiments. That is, face verification can be performed using the de-identified image generated through the proposed method, and leakage of face personal information can be prevented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2881-2894
• /
• 2018

Cyber attacks are increasing continuously. On average about one million malicious codes appear every day, and attacks are expanding gradually to IT convergence services (e.g. vehicles and television) and social infrastructure (nuclear energy, power, water, etc.), as well as cyberspace. Analysis of large-scale cyber incidents has revealed that most attacks are started by PCs infected with malicious code. This paper proposes a method of detecting an attack IP automatically by analyzing the characteristics of the e-mail transfer path, which cannot be manipulated by the attacker. In particular, we developed a system based on the proposed model, and operated it for more than four months, and then detected 1,750,000 attack IPs by analyzing 22,570,000 spam e-mails in a commercial environment. A detected attack IP can be used to remove spam e-mails by linking it with the cyber removal system, or to block spam e-mails by linking it with the RBL(Real-time Blocking List) system. In addition, the developed system is expected to play a positive role in preventing cyber attacks, as it can detect a large number of attack IPs when linked with the portal site.

• Wind and Structures
• /
• v.30 no.6
• /
• pp.649-662
• /
• 2020

The existence of a dam has potential effects on the surrounding wind environment especially when it is located in mountainous areas. In this situation, the long-span bridge over the reservoir can easily be exposed to non-uniform incoming flows, affecting its wind-resistance performance. This paper presents a study on the aerostatic stability of such a bridge. Wind tunnel tests were first carried out to investigate the wind environment above a mountainous reservoir. The results show that the angle of attack and the wind speed along the bridge axis show obvious non-uniform characteristics, which is related to the inflow direction. When winds come from the south where the river is winding, the angle of attack varies along the span direction significantly. The finite element model for the bridge was established using ANSYS software, and effects of non-uniform wind loads on the aerostatic stability were computed. Non-uniform angle of attack and wind speed are unfavorable to the aerostatic stability of the bridge, especially the former. When the combined action of non-uniform angle of attack and wind speed is considered, the critical wind speed of aerostatic instability is further reduced. Moreover, the aerostatic stability of the bridge is closely related to the dam height.