• 한국정보전자통신기술학회논문지
• /
• 제13권1호
• /
• pp.17-26
• /
• 2020

As more users use mobile devices, shoulder surfing attacks have emerged as an important issue in security. According to research report, in fact, the result showed that about 30% of smartphone users are hit by shoulder surfing attacks. To this end, in this paper, we consider a shoulder surfing attack and propose a partially hidden password system to resistant to its attack. In order to help readers understand, we describe the proposed password system in more detail using one simple example. The core idea behind the proposed system is to place the user's password randomly in the specified grid instead of entering a password directly. As a result, even if an attacker makes a shoulder surfing attack to observe the password, the user can hide the preset password and defend against the attack. We also show how the security of the password system proposed in this paper is improved. In addition, even if there are consecutive shoulder surfing attacks, the security of the proposed password system is robust.

• 한국정보통신학회논문지
• /
• 제17권12호
• /
• pp.2883-2890
• /
• 2013

전력분석공격은 알려진 값과 마스터키로부터 생성된 숨겨진 값을 입력 받아 연산하는 시점에서 이루어진다. 연산 결과값과 연산 중에 측정된 전력신호의 상관도를 분석하여 숨겨진 값을 찾아내고, 이 찾아낸 값으로 부터 마스터키를 추정할 수 있다. 그러나 전력분석을 가능하게 하는 조건을 바꾸어, 알려진 값과 연산자를 숨기거나, 숨겨진 값으로부터 마스터키의 추정이 불가능하게 하거나, 연산 결과 값과 전력신호간의 상관도를 매우 낮게 하면 전력분석공격이 매우 어렵게 된다. 이와 같은 전력분석공격을 어렵게 하는 조건을 적용한 비밀 중간키를 이용한 소프트웨어적 방어 대책을 제안한다.

• 한국컴퓨터정보학회논문지
• /
• 제24권5호
• /
• pp.27-33
• /
• 2019

One of serious security threats is a botnet-based attack. A botnet in general consists of numerous bots, which are computing devices with networking function, such as personal computers, smartphones, or tiny IoT sensor devices compromised by malicious codes or attackers. Such botnets can launch various serious cyber-attacks like DDoS attacks, propagating mal-wares, and spreading spam e-mails over the network. To establish a botnet, attackers usually inject malicious URLs into web source codes stealthily by using data hiding methods like Javascript obfuscation techniques to avoid being discovered by traditional security systems such as Firewall, IPS(Intrusion Prevention System) or IDS(Intrusion Detection System). Meanwhile, it is non-trivial work in practice for software developers to manually find such malicious URLs which are hidden in numerous web source codes stored in web servers. In this paper, we propose a security defense system to discover such suspicious, malicious URLs hidden in web source codes, and present experiment results that show its discovery performance. In particular, based on our experiment results, our proposed system discovered 100% of URLs hidden by Javascript encoding obfuscation within sample web source files.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권7호
• /
• pp.3339-3352
• /
• 2016

In ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user's secret key is associated with a set of attributes, and the ciphertext is associated with an access policy. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the access policy specified in the ciphertext. In the present schemes, access policy is sent to the decryptor along with the ciphertext, which means that the privacy of the encryptor is revealed. In order to solve such problem, we propose a CP-ABE scheme with hidden access policy, which is able to preserve the privacy of the encryptor and decryptor. And what's more in the present schemes, the users need to do excessive calculation for decryption to check whether their attributes match the access policy specified in the ciphertext or not, which makes the users do useless computation if the attributes don't match the hidden access policy. In order to solve efficiency issue, our scheme adds a testing phase to avoid the unnecessary operation above before decryption. The computation cost for the testing phase is much less than the decryption computation so that the efficiency in our scheme is improved. Meanwhile, our new scheme is proved to be selectively secure against chosen-plaintext attack under DDH assumption.

• International journal of advanced smart convergence
• /
• 제12권1호
• /
• pp.149-156
• /
• 2023

OOXML-based MS-Office digital files are extensively utilized by businesses and organizations worldwide. However, OOXML-based MS-Office digital files are vulnerable to forgery and corruption attack by including hidden suspicious information, which can lead to activating malware or shell code being hidden in the file. Such malicious code can cause a computer system to malfunction or become infected with ransomware. To prevent such attacks, it is necessary to analyze and detect the corruption of OOXML-based MS-Office files. In this paper, we examine the weaknesses of the existing OOXML-based MS-Office file structure and analyzes how concealment and forgery are performed on MS-Office digital files. As a result, we propose a system to detect hidden data effectively and proactively respond to ransomware attacks exploiting MS-Office security vulnerabilities. Proposed system is designed to provide reliable and efficient detection of hidden data in OOXML-based MS-Office files, which can help organizations protect against potential security threats.

• 한국컴퓨터정보학회논문지
• /
• 제17권5호
• /
• pp.33-40
• /
• 2012

본 논문은 HTTP Outbound Traffic의 감시를 통해 다양한 웹 공격의 침입 경로에 대응하고, 학습 효율성을 높여 변종 또는 새로운 기법을 이용한 비정상 행위에 대한 오탐을 낮춘 기법을 제안한다. 제안 기법은 HMM(Hidden Markov Model)을 적용하여 HTML 문서속의 태그와 자바스크립트의 학습을 통한 정상 행위 모델을 생성한 후, HTTP Outbound Traffic속의 정보를 정상 행위 모델과 비교하여 웹 공격을 탐지한다. 실제 침입된 환경에서의 검증 분석을 통해, 제안기법이 웹 공격에 대해 0.0001%의 오탐율과 96%의 우수한 탐지능력을 보임을 제시한다.

• 충청수학회지
• /
• 제20권4호
• /
• pp.355-366
• /
• 2007

In this paper, we propose a new blind group identification protocol and a hidden group signature protocol as its application. These protocols involve many provers and one verifier such that (1) the statement of all the provers are proved simultaneously, (2) and also all the provers using computationally limited devices (e.g. smart cards) have no need of computing the bilinear pairings, (3) but only the verifier uses the bilinear pairings. A. Saxena et al. proposed a two-round blind (group) identification protocol in 2005 using the bilinear pairings. But it reveals weakness in the active-intruder attack, and all the provers as well as the verifier must have devices computing bilinear pairings. Comparing their results, our protocol is secure from the active-intruder attack and has more fit for smart cards. In particular, it is secure under only the assumption of the hardness of the Discrete-Logarithm Problem in bilinear groups.

• 융합보안논문지
• /
• 제20권5호
• /
• pp.11-17
• /
• 2020

IoT의 핵심 요소 기술 중 하나인 Bluetooth를 전기차 무선 충전 시스템에 사용하는 경우가 늘어나면서 이에 대한 보안 문제가 큰 이슈로 부각되고 있다. 무선 통신 기술인 Bluetooth에 보안을 강화하기 위한 다양한 기술적 노력이 있어 왔지만 여전히 다양한 공격 방법이 존재한다. 본 논문은 Bluetooth 시스템을 대상으로 대표적인 2가지 공격 방법을 지능적으로 탐지하기 위해 잘 알려진 Hidden Markov Model을 이용한 지능형 Bluetooth 침입 탐지 시스템을 제안한다. 제안 방법은 탐지의 정확성 이외에 실시간 탐지가 가능하도록 Bluetooth 전송 계층 프로토코인 H4의 패킷 타입과 전송 방향을 조합하고 이들의 시간상의 전개를 특징으로 사용한다. 데이터 수집 환경을 구성하고 실험을 통해 얻은 데이터를 대상으로 개발한 시스템의 성능을 분석한다.

• 한국컴퓨터정보학회논문지
• /
• 제24권10호
• /
• pp.25-32
• /
• 2019

본 논문에서는 보호대상 서버 네트워크에 디코이 트랩을 통한 공격 표면 확장의 적용 방법을 제안한다. 보호대상 서버 네트워크는 많은 수의 디코이들과 보호대상 서버로 구성되며, 각 보호대상 서버는 Hidden Tunner Networking이라는 네트워크 기반 이동 표적 방어 기법에 따라 IP 주소와 포트 번호를 변이한다. 이동 표적 방어는 공격을 막기 위하여 지속적으로 시스템의 공격 표면을 변경하는 사이버 보안에서의 새로운 접근방법이다. 공격 표면 확장은 공격을 막기 위해 디코이와 디코이 그룹을 활용하는 접근방법이다. 제안하는 방법에서는 공격자가 디코이 트랩에서 공격자의 모든 시간과 노력을 허비하도록 커스텀 체인과 RETURN 타켓을 사용하여 보호대상 서버의 NAT 테이블을 수정한다. 본 논문에서는 제안하는 방법이 적용되기 전과 후에 보호대상 서버 네트워크에서의 공격자 성공률을 수식으로 계산한다. 제안하는 방법은 보호대상 서버가 공격자에 의해 식별되고 공격당할 확률을 현저히 줄일 것으로 기대된다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권5호
• /
• pp.2768-2780
• /
• 2019

Ciphertext-policy attribute-based encryption (CP-ABE) is one of the practical technologies to share data over cloud since it can protect data confidentiality and support fine-grained access control on the encrypted data. However, most of the previous schemes only focus on data confidentiality without considering data receiver privacy preserving. Recently, Li et al.(in TIIS, 10(7), 2016.7) proposed a CP-ABE with hidden access policy and testing, where they declare their scheme achieves privacy preserving for the encryptor and decryptor, and also has high decryption efficiency. Unfortunately, in this paper, we show that their scheme fails to achieve hidden access policy at first. It means that any adversary can obtain access policy information by a simple decisional Diffie-Hellman test (DDH-test) attack. Then we give a method to overcome this shortcoming. Security and performance analyses show that the proposed scheme not only achieves the privacy protection for users, but also has higher efficiency than the original one.