• Journal of Computing Science and Engineering
• /
• 제12권1호
• /
• pp.12-23
• /
• 2018

The Internet of Things (IoT) ecosystem potentially includes heterogeneous devices with different processing mechanisms as well as very complicated network and communication models. Thus, analysis of data associated with adverse conditions is much more complicated. Moreover, mobile things in the IoT lead to dynamic alteration of environments and developments of a dynamic and ultra-large-scale (ULS) environment. Also, IoT and the services provided by that are mostly based on devices with limited resources or things that may not be capable of hosting conventional controls. Finally, the dynamic and heterogeneous and ULS environment of the IoT will lead to the emergence of new security requirements. The conventional preventive and diagnostic security controls cannot sufficiently protect it against increasing complication of threats. The counteractions provided by these methods are mostly dependent on insufficient static data that cannot sufficiently protect systems against sophisticated and dynamically evolved attacks. Accordingly, this paper investigates the current security approaches employed in the IoT architectures. Moreover, we define the dynamic security based on dynamic event analysis, dynamic engineering of new security requirements, context awareness and adaptability, clarify the need for employment of new security mechanism, and delineate further works that need to be conducted to achieve a secure IoT.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제9권12호
• /
• pp.5116-5134
• /
• 2015

In this paper, due to the network security defense is mainly static defense, a dynamic classification network security defense strategy model is proposed by analyzing the security situation of complex computer network. According to the network security impact parameters, eight security elements and classification standard are obtained. At the same time, the dynamic classification algorithm based on fuzzy theory is also presented. The experimental analysis results show that the proposed model and algorithm are feasible and effective. The model is a good way to solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change.

• 정보보호학회논문지
• /
• 제22권4호
• /
• pp.733-744
• /
• 2012

동적 임계 공개키 암호 시스템(dynamic threshold public-key encryption)이란 시스템을 구축하는 과정에서 전체 사용자들의 집합과 인증된 수신자 집합의 크기, 임계치를 고정값으로 설정하지 않고 유연하게 변경될 수 있는 기능을 제공하는 임계 암호 시스템을 말한다. 이와 관련하여 신원정보를 공개키로 사용하는 ID기반 암호 시스템(identity-based encryption)과 동적 임계 공개키 시스템을 결합하여 ID기반 동적 임계 암호 시스템(identity-based dynamic threshold encryption)을 설계하려는 연구가 이뤄지고 있으며, 최근 2011년 Xing과 Xu은 동적 기능을 제공하는 ID기반 임계 암호기법을 제안하였다. 본 논문에서는 Xing과 Xu가 제안한 ID기반 동적 임계 암호 시스템을 분석하고 구조적으로 문제점이 있음을 보인다. 또한 겹선형 함수를 이용한 ID기반 암호 시스템을 ID기반 동적 임계 암호 시스템으로 변환하는 방법(conversion method)를 제안한다. 마지막으로, 변환하여 설계한 기법이 완전한 풀 모델(full model)로 선택된 평문 공격(chosen plaintext attack)환경에서 안전함을 증명한다.

• 대한전기학회논문지:전력기술부문A
• /
• 제55권5호
• /
• pp.185-190
• /
• 2006

The security analysis relates to the ability of the electric systems to survive sudden disturbances such as electric short circuits or unanticipated loss of system elements. It is composed of both steady state and dynamic security analyses, which are not two separate issues but should be considered together. In steady state security analysis including voltage security analysis, the analysis checks that the system is operated within security limits by OPF (optimal power flow) after the transition of a new operating point. On the other hand, dynamic security analysis deals that the transition will lead to an acceptable operating condition. Transient stability, which is the ability of power systems to maintain synchronism when subjected to a large disturbance, is a principal component in dynamic security analysis. Usually any loss of synchronism will cause additional outages. They make the present steady state analysis of the post-contingency condition inadequate for unstable cases. This is the reason of the need for dynamics of systems. Probabilistic criterion can be used to recognize the probabilistic nature of system components and shows the possibility of system security. A comprehensive conceptual framework for probabilistic static and dynamic assessment is presented in this paper. The simulation results of the Western System Coordinating Council (WSCC) system compare an analytical method with Monte-Carlo simulation (MCS). Also, a case study of the extended IEEE Reliability Test System (RTS) shows the efficiency of this approach.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2005년도 추계학술대회 논문집 전력기술부문
• /
• pp.46-48
• /
• 2005

This paper discusses a probabilistic method for power system security assessment. The security analysis relates to the ability of the electric power systems to survive sudden disturbances such as electric short circuits or unanticipated loss of system elements. It consists of both steady state and dynamic security analyses, which are not two separate issues but should be considered together. In steady state security analysis including voltage security analysis, the analysis checks that the system is operated within security limits by OPF (optimal power flow) after the transition to a new operating point. Until now, many utilities have difficulty in including dynamic aspects due to computational capabilities. On the other hand. dynamic security analysis is required to ensure that the transition may lead to an acceptable operating condition. Transient stability, which is the ability of power systems to maintain synchronism when subjected to a large disturbance. is a principal component in dynamic security analysis. Usually any loss of synchronism may cause additional outages and make the present steady state analysis of the post-contingency condition inadequate for unstable cases. This is the reason for the need of dynamic studies in power systems. Probabilistic criterion can be used to recognize the probabilistic nature of system components while considering system security. In this approach. we do not have to assign any predetermined margin of safety. A comprehensive conceptual framework for probabilistic static and dynamic assessment is presented in this paper. The simulation results of the Western System Coordinating Council (WSCC) system compare an analytical method with Monte-Carlo simulation (MCS).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권12호
• /
• pp.3398-3415
• /
• 2023

Internet-of-Things (IoT) is an emerging technology that interconnects millions of small devices to enable communication between the devices. It is heavily deployed across small scale to large scale industries because of its wide range of applications. These devices are very capable of transferring data over the internet including critical data in few applications. Such data is exposed to various security threats and thereby raises privacy-related concerns. Even devices can be compromised by the attacker. Modern cryptographic algorithms running on traditional machines provide authentication, confidentiality, integrity, and non-repudiation in an easy manner. IoT devices have numerous constraints related to memory, storage, processors, operating systems and power. Researchers have proposed several hardware and software implementations for addressing security attacks in lightweight encryption mechanism. Several works have made on lightweight block ciphers for improving the confidentiality by means of providing security level against cryptanalysis techniques. With the advances in the cipher breaking techniques, it is important to increase the security level to much higher. This paper, focuses on securing the critical data that is being transmitted over the internet by PRESENT using key-based dynamic S-Box. Security analysis of the proposed algorithm against other lightweight block cipher shows a significant improvement against linear and differential attacks, biclique attack and avalanche effect. A novel key-based dynamic S-Box approach for PRESENT strongly withstands cryptanalytic attacks in the IoT Network.

• 대한전기학회논문지:전력기술부문A
• /
• 제49권6호
• /
• pp.253-258
• /
• 2000

This paper presents an application of Kohonen neural networks to assess the dynamic security of power systems. The dynamic security assessment(DSA) is an important factor in power system operation, but conventional techniques have not achieved the desired speed and accuracy. The critical clearing time(CCT) is an attribute which provides significant information about the quality of the post-fault system behaviour. The function of Kohonen networks is a mapping of the pre-fault system conditions into the neurons based on the CCTs. The power flow on each line is used as the input data, and an activated output neuron has information of the CCT of each contingency. The trajectory of the activated neurons during load changes can be used in on-line DSA efficiently. The applicability of the proposed method is demonstrated using a 9-bus example.

• 정보보호학회논문지
• /
• 제17권4호
• /
• pp.47-52
• /
• 2007

본 논문에서는 파이프 해쉬 함수를 가진 동적 파이프 해쉬 함수를 제안한다. 안전도를 높이기 위하여, 압축함수를 추가하여 파이프 기반 동적 해쉬 함수를 제안하였다. 제안한 동적 파이프 해쉬 함수는 다중충돌공격에 안전하고 압축 사이즈를 가변할 수 있기 때문에 많은 장점을 가지고 있다. 예를 들어, 디지털 서명 프로토콜에서 사용자가 보다 큰 키 사이즈를 선택하여 높은 안전도를 요구한다면, 동적 해쉬 함수를 사용하여 압축사이즈를 증가시켜 쉽게 실현할 수 있다.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 2004년도 학술대회지
• /
• pp.544-548
• /
• 2004

DHCP(Dynamic Host Configuration Protocol) is a protocol which dynamically allocates an IP address and/or host configuration parameters to a host. The DHCP client's address can be changed dynamically any time. For the possible communication with other system, the DHCP client has to inform its address to the DNS system with dynamic update facility. But the DNS dynamic update has a problem related to the security. So we proposed the efficient mechanism for the secure integration of DHCP and DNS by using DNS security extensions. The system also uses the DNS server as the certificate repository for the storing & retrieval of each other's certificate.

• 인터넷정보학회논문지
• /
• 제8권6호
• /
• pp.29-42
• /
• 2007

본 논문은 분산 보안 정책을 지정하기 위해 객체그룹을 사용하는 u-헬스케어 컴퓨팅 환경에서 응용 서비스를 위해 동적 보안 서비스를 지원하는데 설계된 보안 객체에 대해 기술한다. 특히 u-헬스케어를 위한 분산 프레임워크의 보안 정책과 규칙 그리고 접근 제어에 사용되는 오퍼레이션을 포함한 보안 객체에 중점을 두었다. 그리고 DPD-Tool을 이용하여 서버 프로그램으로 구현된 객체들의 접근권한 부여 절차 및 클라이언트 프로그램 개발 과정을 보였다. 또한 DPD-Tool을 이용하여 모바일 모니터링 응용 개발 절차를 통해 u-헬스케어 지원 분산 프레임워크에서 지원하는 동적 보안 서비스의 수행성을 검증하였다.