• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.6
• /
• pp.2111-2131
• /
• 2015

Tiered wireless sensor network is a network model of flexibility and robustness, which consists of the traditional resource-limited sensor nodes and the resource-abundant storage nodes. In such architecture, collected data from the sensor nodes are periodically submitted to the nearby storage nodes for archive purpose. When a query is requested, storage nodes also process the query and return qualified data as the result to the base station. The role of the storage nodes leads to an attack prone situation and leaves them more vulnerable in a hostile environment. If any of them is compromised, fake data may be injected into and/or qualified data may be discarded. And the base station would receive incorrect answers incurring malfunction to applications. In this paper, an efficient verifiable top-k query processing scheme called EVTQ is proposed, which is capable of verifying the authentication and completeness of the results. Collected data items with the embedded information of ordering and adjacent relationship through a hashed message authentication coding function, which serves as a validation code, are submitted from the sensor nodes to the storage nodes. Any injected or incomplete data in the returned result from a corresponded storage node is detected by the validation code at the base station. For saving communication cost, two optimized solutions that fuse and compress validation codes are presented. Experiments on communication cost show the proposed method is more efficiency than previous works.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.25 no.7
• /
• pp.757-766
• /
• 2014

In this paper, economic loss due to high power electromagnetic pulse is estimated and the methodology used for calculating its impacts is suggested using a macro approach. In order to investigate the most critical infrastructure for the high power electromagnetic pulse assault, the vulnerability assessment that provides information on the threats of concern is conducted. As a result, this study concentrates on the electric power networks. The presented assessment model is considered with gross domestic product (GDP) and energy consumption when the electric power networks are damaged due to high power electromagnetic pulse. In addition, economic losses are calculated by the extent of damages considering different types of the high power electromagnetic pulse assault generated by nuclear and man-made weapon. Through the estimation of these damages, the resulted economic loss will be compared with the protection cost. Consequently, protection of the vulnerable infrastructures can be prepared against electromagnetic pulse attack.

• Journal of Environmental Science International
• /
• v.19 no.3
• /
• pp.353-363
• /
• 2010

The most efficient measures to reduce damage from natural disasters include activities which prevent disasters in advance, decrease possibility of disasters and minimize the scale of damage. Therefore, developing of the risk assessment model is very important to reduce the natural disaster damage. This study estimated a typhoon damage which is the biggest damage scale among increased natural disasters in Korea along with climate change. The results of 3-second gust at the height of 10m level from the typhoon 'Maemi' which did considerable damage to Korean in 2003, using the wind data at the height of 700 hPa. September 12th 09 LST~13th 12 LST period by the time a typhoon Maemi approached to the Korean peninsula. This study estimate damage amount using 'Fragility curve' which is the damage probability curve about a certain wind speed of the each building component factors based on wind load estimation results by using 3-second gust. But the fragility curve is not to Korea. Therefore, we use the fragility curves to FPHLM(FDFS, 2005). The result of houses damage amount is about 11 trillion 5 million won. This values are limit the 1-story detached dwelling, $62.51\sim95.56\;m^2$ of total area. Therefore, this process is possible application to other type houses.

• Journal of Advanced Navigation Technology
• /
• v.16 no.2
• /
• pp.307-317
• /
• 2012

Rapid development of the IT technology and mobile communications has increasingly improved many kinds of digital devices arise, as well as the mobile technology. However, the attacks (virus, hacking and Ip spoofing etc) have also increasingly grown dogged on any region including the society security. As the visual data is prone to copy, delete and move etc, it is necessary that attesting to the integrity of forensics evidence is crucial, as well as data transmission security. This paper presents a framework model using digital forensics method and the results of its performance evaluation for mobile security. The results show that the integrity of the visual data can be obtain with high security and make a proposal refer to prevention of Mobile IP Spoofing attack using our hashing data.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.301-308
• /
• 2004

Misuse IDS is known to have an acceptable accuracy but suffers from high rates of false alarms. We show a behavior based alarm reduction with a memory-based machine learning technique. Our extended form of IBL, (XIBL) examines SNORT alarm signals if that signal is worthy sending signals to security manager. An experiment shows that there exists an apparent difference between true alarms and false alarms with respect to XIBL behavior This gives clear evidence that although an attack in the network consists of a sequence of packets, decisions over Individual packet can be used in conjunction with misuse IDS for better performance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1597-1605
• /
• 2015

Password authenticated key exchange (PAKE) is a protocol that a client stores its password to a server, authenticates itself using its password and shares a session key with the server. In multi-server PAKE, a client splits its password and stores them to several servers separately. Unless all the servers are compromised, client's password will not be disclosed in the multi-server setting. In attribute-based encryption (ABE), a sender encrypts a message M using a set of attributes and then a receiver decrypts it using the same set of attributes. In this paper, we introduce multi-server PAKE protocol that utilizes a set of attributes of ABE as a client's password. In the protocol, the client and servers do not need to create additional public/private key pairs because the password is used as a set of public keys. Also, the client and the servers exchange only one round-trip message per server. The protocol is secure against dictionary attacks. We prove our system is secure in a proposed threat model. Finally we show feasibility through evaluating the execution time of the protocol.

• Transactions of the Korean Society of Pressure Vessels and Piping
• /
• v.11 no.1
• /
• pp.20-24
• /
• 2015

Steam generator(S/G) tubes in pressurized water reactor (PWR's) are subject to several types of degradation. This degradation includes denting, pitting, intergranular attack(IGA), intergranular stress corrosion cracking(IGSCC), fatigue, fretting and wear. Degradation can be derived from either the primary side(inside) or the secondary side(outside) of the tube. Recent issue for tube degradation in domestic steam generator is the tube end cracking on seal weld region. The seal weld region at the tube end and tube itself is regarded as a pressure boundary between the primary side and the secondary side. One of the Westinghouse Model-F S/G has experienced tube end cracking and its number of plugging approximately becomes to the operating limit up to 5% due to tube end cracking which was reported as SAI/MAI(single/multiple axial indication) or SCI/MCI(Single/multiple circumferential indication) from the results of eddy current testing. Eddy current mock-up test was carried out to determine the origin of cracking whether it is from weld zone area or parent tube. This result was helpful to analyze crack location on ECT data. Correct action on this problem was the installation of tube-end sleeve. Last year, after removing 340 installed plugs from tubes, selected 269 tubes took tube-end sleeve installation. Tube-end sleeve brought pressure boundary from parent tube to installed sleeve tube. Tube-end sleeve has the benefit of reducing outage period and increasing more revenue than replacing S/G. This paper is provided to assist interest parties in effectively understanding this issue.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.30 no.5
• /
• pp.109-117
• /
• 2002

An off-surface flow visualization experiments have been performed to investigate the flow field over a delta wing with the leading edge extension(LEX). The model is a flat wing with $65^{\circ}$ sweepback angle. The free stream velocity is 6.2 m/s, which corresponds to Reynolds number of $4.4\times10^5$ based on the wing root chord. The angle of attack and sideslip angle range from $16^{\circ}\sim28^{\circ}$ and $0^{\circ}\sim-15^{\circ}$, respectively. The visualization technique of using the micro water-droplet and the laser beam sheet enabled to observe the vortical flow structures, which can not be obtained by 5-hole probe measurements. With sideslip angle, the interaction and breakdown of the LEX and wing vortices was promoted in the windward side, whereas, it was suppressed in the leeward side.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.4C
• /
• pp.451-457
• /
• 2006

A peer-to-peer(P2P) network is inherently vulnerable to malicious attacks from participating peers because of its open, flat, and autonomous nature. This paper addresses the problem of effectively defending from active attacks of malicious peers at bootstrapping phase and at online phase, respectively. We propose a secure membership handling protocol to protect the assignment of ID related things to a newly joining peer with the aid of a trusted entity in the network. The trusted entities are only consulted when new peers are joining and are otherwise uninvolved in the actions of the P2P networks. For the attacks in online phase, we present a novel message structure applied to each message transmitted on the P2P overlay. It facilitates the detection of message alteration, replay attack and a message with wrong information. Taken together, the proposed techniques deter malicious peers from cheating and encourage good peers to obey the protocol of the network. The techniques assume a basic P2P overlay network model, which is generic enough to encompass a large class of well-known P2P networks, either unstructured or not.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.536-551
• /
• 2017

With the advancement and deployment of leading-edge telecommunication technologies for sensing and collecting, computing related information, Cloud of Things (CoTs) has emerged as a typical application platform that is envisioned to revolutionize the daily activities of human society, such as intelligent transportation, modern logistics, food safety, environmental monitoring, etc. To avoid any possible malicious attack and resource abuse, employing hash functions is widely recognized as one of the most effective approaches for CoTs to achieve message integrity and data authentication. The Whirlpool hash function has served as part of the joint ISO/IEC 10118-3 International Standard by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). In this paper, we propose an effective differential fault analysis on Whirlpool in the byte-oriented random fault model. The mathematical analysis and experimental results show that 8 random faults on average are required to obtain the current 512-bit message input of whirlpool and the secret key of HMAC-Whirlpool. Our work demonstrates that Whirlpool and HMAC-Whirlpool are both vulnerable to the single byte differential fault analysis. It provides a new reference for the security analysis of the same structure of the hash functions in the CoTs.