• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.25-31
• /
• 2012

LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. Also, an adversary could prevent the UE from creating the secure link with eNodeB, which is delaying the handover procedure. In this paper, we present a counrermeasure to prevent above attacks, and analyze the performance issues of the proposed protocol.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.573-586
• /
• 2008

The improved performance and miniaturization of computer and the improvement of wireless communication technology have enabled the emergence of many high quality services. Among them multicast services are receiving much attention and their usage is increasing due to the increase of Internet multimedia services such as video conference, multimedia stream, internet TV, etc. Security plays an important role in mobile multicast services. In this paper, we proposed a secure multicast protocol for a hierarchical micro-mobility environment. The proposed secure multicast protocol provides security services such as authentication, access control, confidentiality and integrity using mechanisms including symmetric/asymmetric key crypto-algorithms and capabilities. To provide forward/backward secrecy and scalability, we used sub-group keys based on the hierarchical micro-mobility environment. With this security services, it is possible to guard against all kinds of security attacks performed by illegal mobile nodes. Attacks executed by internal nodes can be thwarted except those attacks which delete packet or cause network resources to be wasted. We used simulator to measure the performance of proposed protocol. As a result, the simulation showed that effect of these security mechanisms on the multicast protocol was not too high.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.1
• /
• pp.264-284
• /
• 2021

As the next-generation network architecture, software-defined networking (SDN) has great potential. But how to forward data packets safely is a big challenge today. In SDN, packets are transferred according to flow rules which are made and delivered by the controller. Once flow rules are modified, the packets might be redirected or dropped. According to related research, we believe that the key to forward data flows safely is keeping the consistency of flow rules. However, existing solutions place little emphasis on the safety of flow rules. After summarizing the shortcomings of the existing solutions, we propose FRChain to ensure the security of SDN data forwarding. FRChain is a novel scheme that uses blockchain to secure flow rules in SDN and to detect compromised nodes in the network when the proportion of malicious nodes is less than one-third. The scheme places the flow strategies into blockchain in form of transactions. Once an unmatched flow rule is detected, the system will issue the problem by initiating a vote and possible attacks will be deduced based on the results. To simulate the scheme, we utilize BigchainDB, which has good performance in data processing, to handle transactions. The experimental results show that the scheme is feasible, and the additional overhead for network performance and system performance is less than similar solutions. Overall, FRChain can detect suspicious behaviors and deduce malicious nodes to keep the consistency of flow rules in SDN.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.1
• /
• pp.46-63
• /
• 2024

One of the biggest dangers in the globe is water contamination. Water is a necessity for human survival. In most cities, the digging of borewells is restricted. In some cities, the borewell is allowed for only drinking water. Hence, the scarcity of drinking water is a vital issue for industries and villas. Most of the water sources in and around the cities are also polluted, and it will cause significant health issues. Real-time quality observation is necessary to guarantee a secure supply of drinking water. We offer a model of a low-cost system of monitoring real-time water quality using IoT to address this issue. The potential for supporting the real world has expanded with the introduction of IoT and other sensors. Multiple sensors make up the suggested system, which is utilized to identify the physical and chemical features of the water. Various sensors can measure the parameters such as temperature, pH, and turbidity. The core controller can process the values measured by sensors. An Arduino model is implemented in the core controller. The sensor data is forwarded to the cloud database using a WI-FI setup. The observed data will be transferred and stored in a cloud-based database for further processing. It wasn't easy to analyze the water quality every time. Hence, an Optimized Neural Network-based automation system identifies water quality from remote locations. The performance of the feed-forward neural network classifier is further enhanced with a hybrid GA- PSO algorithm. The optimized neural network outperforms water quality prediction applications and yields 91% accuracy. The accuracy of the developed model is increased by 20% because of optimizing network parameters compared to the traditional feed-forward neural network. Significant improvement in precision and recall is also evidenced in the proposed work.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.597-604
• /
• 2002

Changing group key is necessary for the remaining members when a new member joins or a member leaves the group in multicast communications. It is required to guarantee perfect forward and backward confidentiality. Unfortunately, in large groups with frequent membership changes, key changes become the primary bottleneck for scalable group. In this paper, we propose a novel approach for providing efficient group key distribution in large and dynamic groups. Unlike existing secure multicast protocols, our protocol is scalable to large groups because both the frequency and computational overhead of re-keying is determined by the size of a subgroup instead of the size of the whole group, and offers mechanism to prevent the subgroup managers with group access control from having any access to the multicast data that are transfered by sender. It also provides security service for preserving privacy in wireless computing environments.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.10
• /
• pp.71-80
• /
• 2013

In this paper, we analyze the security vulnerability through the several attack scenarios for the MCR-MAP(Multi-Context RFID Mutual Authentication Protocol) proposed by Ahn et al. And we propose the secure mutual authentication protocol that improved a prior MCR-MAP. The suggested protocol uses the ID of the legal tag and the timestamp generated by the server, when the tag tries to authenticate. And when the tag creates the credential, we create the new secret key computing the XOR operation between the secret key shared with the server and the tag timestamp generated by the server. As a result, the proposed protocol provides the secure mutual authentication and then is safe to spoofing attack. Also it provides forward-secrecy and then is safe to offline brute-burst attack. In this paper, we compare and verify the security vulnerability of the prior and the proposed protocol through the security analysis.

• Journal of Information Processing Systems
• /
• v.10 no.1
• /
• pp.103-118
• /
• 2014

Over the last couple of years, traditional VANET (Vehicular Ad Hoc NETwork) evolved into VANET-based clouds. From the VANET standpoint, applications became richer by virtue of the boom in automotive telematics and infotainment technologies. Nevertheless, the research community and industries are concerned about the under-utilization of rich computation, communication, and storage resources in middle and high-end vehicles. This phenomenon became the driving force for the birth of VANET-based clouds. In this paper, we envision a novel application layer of VANET-based clouds based on the cooperation of the moving cars on the road, called CaaS (Cooperation as a Service). CaaS is divided into TIaaS (Traffic Information as a Service), WaaS (Warning as a Service), and IfaaS (Infotainment as a Service). Note, however, that this work focuses only on TIaaS and WaaS. TIaaS provides vehicular nodes, more precisely subscribers, with the fine-grained traffic information constructed by CDM (Cloud Decision Module) as a result of the cooperation of the vehicles on the roads in the form of mobility vectors. On the other hand, WaaS provides subscribers with potential warning messages in case of hazard situations on the road. Communication between the cloud infrastructure and the vehicles is done through GTs (Gateway Terminals), whereas GTs are physically realized through RSUs (Road-Side Units) and vehicles with 4G Internet access. These GTs forward the coarse-grained cooperation from vehicles to cloud and fine-grained traffic information and warnings from cloud to vehicles (subscribers) in a secure, privacy-aware fashion. In our proposed scheme, privacy is conditionally preserved wherein the location and the identity of the cooperators are preserved by leveraging the modified location-based encryption and, in case of any dispute, the node is subject to revocation. To the best of our knowledge, our proposed scheme is the first effort to offshore the extended traffic view construction function and warning messages dissemination function to the cloud.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.2
• /
• pp.119-126
• /
• 2012

Local monitoring is an effective technique in securing data of wireless sensor networks. Existing solutions require high communication cost for detecting false data and this results in a network lifetime being shortened. This paper proposes novel techniques of monitoring based secure data aggregation and filtering false data in wireless sensor networks. The aim is to reduce energy consumption in securing data aggregation. An aggregator and its monitoring node perform data aggregation in a 60o sextant cluster. By checking Message Authentication Codes (MAC), aggregation data will be dropped by a forward aggregator if data aggregated by the aggregator and data monitored by the monitoring node are inconsistent. The simulation shows that the proposed protocol can reduce the amount of average energy consumption about 64% when comparing with the Data Aggregation and Authentication protocol (DAA)[1]. Additionally, the network lifetime of the proposed protocol is 283% longer than that of DAA without any decline in data integrity.

• The Korean Journal of Archival Studies
• /
• no.40
• /
• pp.3-27
• /
• 2014

The purpose of the enactment of the 'Law on the National Archives of Korea' should be to secure the accountability and to shape up the improved governance system in the field of records and archival management, which will contribute to the strengthening of democracy in records management and eventually to the widening of the democratic progress in Korea. On the basis of the above recognition and by way of notion called 'horizontal accountability', this paper suggests the way to secure the National Archives of Korea's independency. And the way to reorganize the National Records Management Committee based on the pluralism and the 'multi-layered' governance system is also investigated. One of the main directions in the suggested law should be for the autonomy and transparency in the operation of the National Archives of Korea. This paper tries drawbacks and limitations of the 'Bill on the National Archives of Korea' introduced to the National Assembly last year, and suggests the alternatives as wel lto get further forward with related discussion.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.49-57
• /
• 2008

User authentication and key agreement are very important components to provide secure home network service. Although the TTA adopted the EEAP-PW protocol as a user authentication and key transmission standard, it has some problems including not to provide forward secrecy. This paper first provides an analysis of the problems in EEAP-PW and then proposes a new attribute-based authenticated key agreement protocol, denoted by EEAP-AK. to solve the problems. The proposed protocol supports the different level of security by diversifying network accessibility for the user attribute after the user attribute-based authentication and key agreement protocol steps. It efficiently solves the security problems in the EEAP-PW and we could support more secure home network service than the EEAP-AK.