• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.695-707
• /
• 2013

DHT(Distributed Hash Table) networks such as Kademlia are vulnerable to the ID mapping attack caused by the voluntary DHT mapping structure where the location of a node is solely determined by itself on the network topology. This causes security problems such as eclipse, DRDoS and botnet C&C on DHT networks. To prevent ID mapping attacks, we propose a non-voluntary DHT mapping scheme and perform analysis on NAT compatibility, attack resistance, and network dynamicity. Analysis results show that our approach may have an equivalent level of attack resistance comparing with other defense mechanisms and overcome their limitations including NAT compatibility and network dynamicity.

• The Korean Journal of Applied Statistics
• /
• v.26 no.2
• /
• pp.291-305
• /
• 2013

Collective traffic data (BPS, PPS etc.) for detection against the distributed denial of service attack on network is the time sequencing big data. The algorithm to detect the change point in the big data should be accurate and exceed in detection time and detection capability. In this work, the sliding window and discretization method is used to detect the change point in the big data, and propose five nonparametric test statistics using empirical distribution functions and ranks. With various distribution functions and their parameters, the detection time and capability including the detection delay time and the detection ratio for five test methods are explored and discussed via monte carlo simulation and illustrative examples.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.12
• /
• pp.561-568
• /
• 2013

Instrumentation and control system in nuclear power plant performs protecting, controling and monitoring safety operation of Nuclear Power Plant. As cyber attack to the control equipment of instrumentation and control system can cause reactor shutdown and radiation release, it is required to design the instrumentation and control system considering cyber security in accordance with regulatory guides and industrial standards. In this paper, we proposed a design method of uni-directional communication structure which is required in the design of defense-in-depth model according to regulatory guides and industrial standards and we implemented a communication board with the proposed method. This communication board was tested in various test environments and test items and we concluded it can provide uni-directional communication structure required to design of defense-in-depth model against cyber attack by analyzing the results. The proposed method and implemented communication board were applied in the design of SMART (system-integrated modular advanced reactor) I&C (instrumentation and control) systems.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.237-240
• /
• 2011

Voice over Internet Protocol calls using administrative agency to build a national information and communication service, 'C' group, providers, the KT, SK Broadband, LG U+, Samsung SDS, as there are four operators. To prepare for an attack on Voice over Internet Protocol for administrative agency, security is a need for research to support the model. In this paper, the Internet telephone business of Administrative Agency to investigate and analyze the specific security measures to respond. Should set priorities around confidentiality about five security threats from NIS to Study of Voice over Internet Protocol Security Response Model for Administrative Agency. (1) Illegal wiretapping, (2) call interception, (3) service misuse, (4) denial of service attacks, (5) spam attacks, write about and analyze attack scenarios. In this paper, an analysis of protection by security threats and security breaches through a step-by-step system to address the research study is a step-by-step development of the corresponding model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.885-888
• /
• 2015

A secure and effective on-chip bus for detecting and preventing malicious attacks by infected IPs is presented in this paper. Most system inter-connect (on-chip bus) are vulnerable to hardware Trojan (Malware) attack because all data and control signals are routed. A proposed secure bus with modifications in arbitration, address decoding, and wrapping for bus master and slaves is designed using the Advanced High-Performance and Advance Peripheral Bus (AHB and APB Bus). It is implemented with the concept that arbiter checks share of masters and manage infected masters and slaves in every transaction. The proposed hardware is designed with the Xilinx 14.7 ISE and verified using the HBE-SoC-IPD test board equipped with Virtex4 XC4VLX80 FPGA device. The design has a total gate count of 40K at an operating frequency of 250MHz using the $0.13{\mu}m$ TSMC process.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.27-38
• /
• 2003

Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modem communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated ky exchange between clients based only on their two different Passwords without my Pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange(C2C-PAKE). Security notions and types of possible attacks are newly defined according to the new framework We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-sorrel setting.

• Journal of Music and Human Behavior
• /
• v.2 no.2
• /
• pp.33-56
• /
• 2005

The purpose of this study is to measure the effect of musical activities on children's aggressiveness using percussion playing through case studies and to present the therapeutic programs. Musical activities using percussion playing were organized for three aggressive children. Twenty-one small group sessions were conducted over seven weeks with 30 minutes given each session. Fourth-grade children involved in using Aggressiveness Measuring Tool for Teachers-revised by Gwak Geum-Joo(1992) was selected for case studies. Children's impulsiveness was also tested through self-test measuring tool for impulsiveness-revision of 16 questions used by Cho Hae Yeon (2001) and Lee Joo Shik (2003). As quantitative method, comparative analysis was made between the pre and post test results using measuring tools for aggressiveness and impulsiveness of children as well as between aggressive behaviors occurring in the initial stage of the first three sessions and in the latter stage of the last three sessions. Qualitative method was used at the same time to examine the effect of percussion playing on children. After the musical activities, child A showed reduced Aggressive Measuring Tool scores from 19 to 18, with child B from 23 to 19 and child C from 21 to 18. The results show that occurrence of aggressive behaviors were lowered in the post test. Impulsiveness Measuring Tool scores in the post test were decreased as well in all three children. During the music therapy programs, it was also observed that the frequency of the target behaviors in all three children has reduced more in the latter stage than the initial stage of music therapy. The qualitative findings indicate that the children experienced releasing stress through self-expression after percussion playing. These findings indicate therapeutic effectiveness of music therapy using on percussion playing in reducing aggressiveness of children as well as the effectiveness of percussion as a therapeutic intervention for aggressive children. These results can be adapted and reapplied by teachers in primary schools to approach children with behavior problems, and can present a useful therapeutic approach to therapists practicing in clinical environments.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.525-532
• /
• 2003

This paper describes intrusion detection rule management using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed approach, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2 (Network Simulator) with respect to time.

• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.153-158
• /
• 2010

Mobile IPv6 is one of method can keep Mobile node's session. To solve legacy Mobile IPv4's triangular routing problem, in Mobile IPv6, Mobile Node could directly communicate with Correspond node by Binding Update. But, attacker could interfere Return Routability Procedure that is Correspond node check Home address and Care of address reachable. At this result, Attacker is able to hijack Session to correspond node from Mobile node. In This paper, We propose new Binding Update scheme for solving that problem. Our approach is that MN gives association both home token and care of token using onewayness of keyed hash fuction. From security and performance analysis, we can see that proposed binding Update Scheme can achieve stronger security than legacy scheme and at the same time requires minimal computational overhead.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.7C
• /
• pp.640-648
• /
• 2009

Summation generator with high period and high linear complexity can be easily implemented by a simple hardware or software and it is proper to apply in mobile security system for ubiquitous environments. However the generator has been some weaknesses from Dawson's divided-and-conquer attack, Golic's correlation attack and Meier's fast correlation attack. In this paper, we propose an improved version($2^{128}$security level) of $E_0$algorithm, CVC-NSG(Circular-Clock-Controlled - Nonlinear Summation Generator), which partially replaces LFSRs with nonlinear FSRs and controls the irregular clock to reinforce it's own weaknesses. Finally, we analyze our proposed design in terms of security and performance.