• The Transactions of The Korean Institute of Electrical Engineers
• /
• 제65권1호
• /
• pp.128-134
• /
• 2016

IoT devices including smart devices are connected with internet, thus they have security threats everytime. Particularly, IoT devices are composed of low performance MCU and small-capacity memory because they are miniaturized, so they are likely to be exposed to various security threats like DoS attacks. In addition, in case of IoT devices installed for a remote place, it's not easy for users to control continuously them and to install immediately security patch for them. For most of IoT devices connected directly with internet under user's intention, devices exposed to outside by setting IoT gateway, and devices exposed to outside by the DMZ function or Port Forwarding function of router, specific protocol for IoT services was used and the devices show a response when services about related protocol are required from outside. From internet search engine for IoT devices, IP addresses are inspected on the basis of protocol mainly used for IoT devices and then IP addresses showing a response are maintained as database, so that users can utilize related information. Specially, IoT devices using HTTP and HTTPS protocol, which are used at usual web server, are easily searched at usual search engines like Google as well as search engine for the sole IoT devices. Ill-intentioned attackers get the IP addresses of vulnerable devices from search engine and try to attack the devices. The purpose of this study is to find the problems arisen when HTTP, HTTPS, CoAP, SOAP, and RestFUL protocols used for IoT devices are detected by search engine and are maintained as database, and to seek the solution for the problems. In particular, when the user ID and password of IoT devices set by manufacturing factory are still same or the already known vulnerabilities of IoT devices are not patched, the dangerousness of the IoT devices and its related solution were found in this study.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• 제13권2호
• /
• pp.199-207
• /
• 2013

Recently, hacking is seen as a criminal activity beyond an activity associated with curiosity in the beginning. The malignant bot which is used as an attack technique is one of the examples. Malignant Bot is one of IRC Bots and it leaks user's information with attacker's command by attacking specified IP range. This paper will discuss an access method and a movement process by analyzing shadowbot which is a kind of a malignant Bot and will suggest possible countermeasure. This study has two distinct features. First, we analyze malignant Bot by analyzing tools such as VM ware. Second, we formulate a hypothesis and will suggest possible countermeasure through analyzing malignant Bot's access method and movement. Performance evaluation will be conducted by applying possible countermeasure to see if it can prevent attacks from malignant bot.

• The Journal of the Korea Contents Association
• /
• 제10권3호
• /
• pp.101-112
• /
• 2010

The recent trend of the hacking deals with all the IT infrastructure related to the profit of the companies. Presently, they attack the service itself, the source of the profit, while they tried to access to the service infrastructure through the non-service port in the past. Although they affect the service directly, it is difficult to block them with the old security solution or the old system and they threaten more and more companies with the demand of money menacing the protection of customers and the sustainable management. This paper aims to design and implement multi-platform network packet scanner targeting the exception handling network intrusion detection system which determines normal, abnormal by traffic. Linux and unix have the various network intrusion detection and packet management tools like ngrep, snort, TCPdump, but most of them are based on CUI (Character based User Interface) giving users discomfort who are not used to it. The proposed system is implemented based on GUI(Graphical User Interface) to support the intuitive and easy-to-use interface to users, and using Qt(c++) language that supports multi-platform to run on any operating system.

• Journal of Advanced Navigation Technology
• /
• 제16권2호
• /
• pp.307-317
• /
• 2012

Rapid development of the IT technology and mobile communications has increasingly improved many kinds of digital devices arise, as well as the mobile technology. However, the attacks (virus, hacking and Ip spoofing etc) have also increasingly grown dogged on any region including the society security. As the visual data is prone to copy, delete and move etc, it is necessary that attesting to the integrity of forensics evidence is crucial, as well as data transmission security. This paper presents a framework model using digital forensics method and the results of its performance evaluation for mobile security. The results show that the integrity of the visual data can be obtain with high security and make a proposal refer to prevention of Mobile IP Spoofing attack using our hashing data.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 한국해양정보통신학회 2007년도 추계종합학술대회
• /
• pp.701-704
• /
• 2007

Recently, More and more consumer enjoy the finance service such as settling, account transferring, stocks investment, and so via mobile device. In the mobile environment, data transferring between the devices is formatted as XML. However, the common XML file is exposed to the attack such as hacking and malignity code, to satisfy security of mobile environment is very difficult. The problem is more seriously at the open platform such as WIPI that is developed by our country. So there is enough reason to propose one system to protect the import data. In this paper, we development the system to digital signature and signature the XML document in order to protect data, and the system is observing the recommendation of the XML Signature Syntax and Processing by W3C. When designing and composition the system, we use the digital signature algorithm RSA, DSA, KCDSA, and HMAC, etc. we test the system at the open WIPI platform.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• 제21권5호
• /
• pp.945-950
• /
• 2017

Due to the vulnerability of the software, there is a hacking attack on the country's cyber infrastructure and real financial assets. Software is an integral part of the operating system and execution system that controls and operates Internet information provision, cyber financial settlement and cyber infrastructures. Analyzing these software vulnerabilities and enhancing security will enhance the security of cyber infrastructures and enhance the security of actual life in the actual country and people. Software development security system analysis and software development Security diagnosis analysis and research for enhancing security of software vulnerability. In addition, we will develop a textbook for the training of software vulnerability diagnosis and maintenance education, develop pilot test problems, pilot test of diagnostic staff, The purpose of this study is to enhance the software security of the cyber infrastructures of national and national life by presenting curriculum and diagnosis guide to train the software vulnerability examiner.

• The KIPS Transactions:PartC
• /
• 제9C권4호
• /
• pp.473-480
• /
• 2002

Although many researches on IDS (Intrusion Detection System) have been performed, the most of them are limited to the algorithm of detection software. However, even an IDS with superior algorithm can not detect intrusion, if it loses packets which nay have a clue of intrusions. In this paper, we suggest an efficient wav to improve the performance of IDS by reducing packet losses occurred due to hardware limitation and abundant processing overhead introduced by massive detection software itself. The reduction in packet losses is achieved by dropping hacking-free packets. The result shows that this decrease of packet losses leads an IDS to improve the detection rate of real attack.

• The Journal of the Korea Contents Association
• /
• 제9권3호
• /
• pp.28-38
• /
• 2009

Login process uses both ID and password information to authenticate someone and to permit its access privilege on system. However, an attacker can get those ID and password information by using existing packet sniffing or key logger programs. It cause privacy problem as those information can be used as a hacking and network attack on web server and web e-mail system. Therefore, a more secure and advanced authentication mechanism should be required to enhance the authentication process on existing system. In this paper, we propose a multi-factor authentication process by using software form of secure card system combined with existing ID/Password based login system. Proposed mechanism uses a random number generated from the his/her own handset with biometric information. Therefore, we can provide a one-time password function on web login system to authenticate the user using multi-factor form. Proposed scheme provide enhanced authentication function and security because it is a 'multi-factor authentication mechanism' combined with handset and biometric information on web login system.

• Journal of Digital Convergence
• /
• 제16권10호
• /
• pp.223-233
• /
• 2018

The forces to protect people's life and property against the enemy attack is an organization which is regulated by the constitutional law. In terms of nature, its security is a significant factor to determine success or failure for the war. However, recently the 4th industrial revolution represents the rapid change in the advancement of civilization and technology. It can influence on the environment of military security which can make various changes. Unless taking proper action againsty these changes, it can inflict a vital harm for the organization of forces and its internal security. In this aspect, this study discuss new threats of the military security, above all, the most technical improvements and harms for the drones in terms of security. In addition, the advantages and disadvantages of drones which can influence on the ragions of military command and control, information operations, maneuvers, firepower, operation sustainment supports are analyzed. Moreover, this study set the purpose of developmental security measure for security threats in the aspects of military security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제26권3호
• /
• pp.667-678
• /
• 2016

Due to a development of the cable/wireless network infra, the traffic as big as unable to compare with the past is being served through the internet, the traffic is increasing every year following the change of the network paradigm such as the object internet, especially the traffic of about 1.6 zettabyte is expected to be distributed through the network in 2018. As the network traffic increases, the performance of the security infra is developing together to deal with the bulk terabyte traffic in the security equipment, and is generating hundreds of thousands of security events every day such as hacking attempt and the malignant code. Efficiently analyzing and responding to an event on the attack attempt detected by various kinds of security equipment of company is one of very important assignments for providing a stable internet service. This study attempts to overcome the limit of study such as the detection of Tor network traffic using the existing low-latency by classifying the anonymous network by means of the suggested algorithm about the event detected in the security infra.