• International Journal of Computer Science & Network Security
• /
• 제24권7호
• /
• pp.123-127
• /
• 2024

Cloud computing services has gained increasing popularity in recent years for supporting various on demand and scalable services for IT consumers where there is a need of less investment towards infrastructure. While storage architecture of cloud enjoys a more robust and fault-tolerant cloud computing network, such architecture also poses a number of security challenges especially when applied in applications related to social networks, Financial transactions, etc. First, as data are stored and maintained by individual virtual machines so Cloud resources are prone to hijacked. Such attacks allow attackers to create, modify and delete machine images, and change administrative passwords and settings successfully. hence, it is significantly harder to ensure data security. Second, Due to dynamic and shared nature of the Cloud, data may be compromised in many ways. Last but not least, Service hijacking may lead to redirect client to an illegitimate website. User accounts and service instances could in turn make a new base for attackers. To address the above challenges, we propose in this paper a distributed data access control scheme that is able to fulfil fine-grained access control over cloud data and is resilient against strong attacks such as compromise and user colluding. The proposed framework exploits a novel cryptographic primitive called attribute-based encryption (ABE), tailors, and adapts it for cloud computing with respect to security requirements

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제2권5호
• /
• pp.265-277
• /
• 2008

In spite of previous common assumptions about the incompatibility of public key cryptography (PKC) schemes with wireless sensor networks (WSNs), recent works have shown that they can be utilized for such networks in some manner. The major challenge of employing a PKC-based scheme in a wireless sensor network is posed by the resource limitations of the tiny sensors. Considering this sensor feature, in this paper we propose an efficient PKC-based security architecture with relatively lower resource requirements than those of previously proposed PKC schemes for WSN. In addition, our scheme aims to provide robust security in the network. Our security architecture comprises two basic components; a key handshaking scheme based on simple, linear operations and the derivation of a decryption key by a receiver node. Our architecture enables node-to-base-station and node-to-node secure communications. Analysis and simulation results show that our proposed architecture ensures a good level of security for network communications, and can be effectively implemented with the limited computational, memory, and energy budgets of current-generation sensor nodes.

• 정보보호학회논문지
• /
• 제28권4호
• /
• pp.1009-1019
• /
• 2018

Bitcoin은 블록체인을 활용한 최초의 어플리케이션으로 새로운 지불 수단으로 각광받고 있지만, 확장성에 있어서 한계점을 갖는다. Lightning Network의 개념은 최근 Bitcoin의 확장성 문제를 다루기 위해 소개되었다. 본 논문에서는 실제 Bitcoin Lightning Network가 scale-free 특성을 갖는다는 것을 밝혔다. 따라서 임의 노드 실패에 강건한 반면, 네트워크의 특정 노드를 목표로 하는 공격에 대해 취약할 수 있다. 네트워크 공격 모델의 시뮬레이션을 통해 Bitcoin Lightning Network의 강건성을 실험적으로 분석했으며, 시뮬레이션 결과는 실제로 Lightning Network가 높은 차수를 갖는 소수의 노드를 파괴하는 공격에 취약하다는 것을 보여 준다.

• 인터넷정보학회논문지
• /
• 제23권4호
• /
• pp.95-107
• /
• 2022

사물인터넷 센서 장치와 빅데이터 처리 기법의 개발 및 보급으로 사물인터넷 센서를 활용한 정보 시스템이 여러 산업 분야에 적용되어 활용되고 있다. 정보 시스템이 적용된 산업 분야에 따라 정보 시스템이 도출하는 정보의 정확성이 산업의 효율, 안전에 영향을 미칠 수 있다. 따라서 외부 공격으로부터 센싱 데이터를 보호하고 정보 시스템이 정확한 정보를 도출할 수 있도록 하는 보안 기법이 필수적이다. 본 논문에서는 사물인터넷 센서 기반 정보 시스템의 각 처리 단계를 대상으로 하는 보안 위협을 살펴보고, 각 보안 위협에 대한 대응 기법을 제안한다. 나아가 제안하는 대응 기법을 통합하여 보안 공격에 강인한 사물인터넷 센서 기반 정보 시스템 구조를 제시한다. 제안 시스템에서는 경량 암호 알고리즘, 난독화 기반 데이터 유효성 검사 등 경량 보안 기법을 적용함으로써 저전력, 저성능의 사물인터넷 센서 장치에서도 최소한의 처리 지연만으로 보안성을 확보할 수 있도록 한다. 보편적으로 각 보안 기법을 실제로 구현하고 실험을 통해 성능을 보임으로써 제안 시스템의 실현 가능성을 보인다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권12호
• /
• pp.6121-6144
• /
• 2019

Numerous privacy-preserving authentication schemes have been proposed but vehicular ad hoc networks (VANETs) still suffer from security and privacy issues as well as computation and communication overheads. In this paper, we proposed a robust conditional privacy-preserving authentication scheme based on pseudonym root with cuckoo filter to meet security and privacy requirements and reduce computation and communication overheads. In our proposed scheme, we used a new idea to generate pseudonyms for vehicles where each on-board unit (OBU) saves one pseudonym, named as "pseudonym root," and generates all pseudonyms from the same pseudonym. Therefore, OBU does not need to enlarge its storage. In addition, the scheme does not use bilinear pairing operation that causes computation overhead and has no certification revocation list that leads to computation and communication overheads. The proposed scheme has lightweight mutual authentication among all parties and just for once. Moreover, it provides strong anonymity to preserve privacy and resists ordinary attacks. We analyzed our proposed scheme and showed that it meets security and privacy requirements of VANETs and is more efficient than traditional schemes. The communication and computation overheads were also discussed to show the cost-effectiveness of the proposed scheme.

• International Journal of Advanced Culture Technology
• /
• 제12권2호
• /
• pp.249-257
• /
• 2024

This study analyzes the current status and prospects of Iran's air defense network, focusing on the Russian-made S-300 system, and derives implications for the development of South Korea's air defense network. Iran's air defense network exhibits strengths such as long-range detection and interception capabilities, multi-target processing, high-altitude interception, and electronic warfare response. However, it also reveals weaknesses, including lack of mobility, difficulty in detecting low-altitude targets, obsolescence, training level of operating personnel, and vulnerability to electronic warfare. Real-world cases confirm these weaknesses, making the system susceptible to enemy evasion tactics, swarm drone attacks, and electronic warfare. Drawing from Iran's case, South Korea should establish a multi-layered defense system, strengthen low-altitude air defense and electronic warfare capabilities, foster the domestic defense industry for technological self-reliance, and enhance international cooperation. By addressing these aspects, South Korea can establish a robust air defense network and firmly protect its national security. Future research should aim to secure and analyze materials from the Iranian perspective for a more objective evaluation of Iran's air defense network and continuously track Iran's efforts to improve its air defense network and the trend of strengthening drone forces to predict changes in the Middle East security situation.

• International Journal of Computer Science & Network Security
• /
• 제22권7호
• /
• pp.301-307
• /
• 2022

Energy consumption has grown alongside dramatic population increases. Statistics show that buildings in particular utilize a significant amount of energy, worldwide. Because of this, building energy prediction is crucial to best optimize utilities' energy plans and also create a predictive model for consumers. To improve energy prediction performance, this paper proposes a ResNet-LSTM model that combines residual networks (ResNets) and long short-term memory (LSTM) for energy consumption prediction. ResNets are utilized to extract complex and rich features, while LSTM has the ability to learn temporal correlation; the dense layer is used as a regression to forecast energy consumption. To make our model more robust, we employed Huber loss during the optimization process. Huber loss obtains high efficiency by handling minor errors quadratically. It also takes the absolute error for large errors to increase robustness. This makes our model less sensitive to outlier data. Our proposed system was trained on historical data to forecast energy consumption for different time series. To evaluate our proposed model, we compared our model's performance with several popular machine learning and deep learning methods such as linear regression, neural networks, decision tree, and convolutional neural networks, etc. The results show that our proposed model predicted energy consumption most accurately.

• 한국전자통신학회논문지
• /
• 제9권4호
• /
• pp.433-438
• /
• 2014

독립된 네트워크의 구성 및 컨버전스 디바이스간 상호연결에 대한 요구로 MANET의 연구는 유비쿼터스 컴퓨팅 활용에 많은 주목과 고도의 성장을 보이고 있다. MANET에 참여하는 이동노드들은 호스트와 라우터 기능을 동시에 수행하여 네트워크 환경설정이 쉽고 빠른 대응력으로 임베디드 컴퓨팅에 적합하지만, 이동성으로 인한 동적 네트워크 토폴로지, 네트워크 확장성 결여 그리고 수동적 공격, 능동적 공격에 대한 취약성을 지니고 있어 지속적인 보안 인증 서비스를 관리할 수 없다. 본 논문은 MANET의 무선 보안의 취약성과 현재 활용되고 있는 OTP S/Key와 DH-EKE를 분석하여, MANET 기반 강인한 인증을 위해 S-EKE 인증기법을 제안한다.

• International Journal of Computer Science & Network Security
• /
• 제22권7호
• /
• pp.91-102
• /
• 2022

With the evolution of wireless sensor network (WSN) technology, the routing policy has foremost importance in the Internet of Things (IoT). A systematic routing policy is one of the primary mechanics to make certain the precise and robust transmission of wireless sensor networks in an energy-efficient manner. In an IoT environment, WSN is utilized for controlling services concerning data like, data gathering, sensing and transmission. With the advantages of IoT potentialities, the traditional routing in a WSN are augmented with decision-making in an energy efficient manner to concur finer optimization. In this paper, we study how to combine IoT-based deep learning classifier with routing called, Kriging Regressive Deep Belief Neural Learning (KR-DBNL) to propose an efficient data packet routing to cope with scalability issues and therefore ensure robust data packet transmission. The KR-DBNL method includes four layers, namely input layer, two hidden layers and one output layer for performing data transmission between source and destination sensor node. Initially, the KR-DBNL method acquires the patient data from different location. Followed by which, the input layer transmits sensor nodes to first hidden layer where analysis of energy consumption, bandwidth consumption and light intensity are made using kriging regression function to perform classification. According to classified results, sensor nodes are classified into higher performance and lower performance sensor nodes. The higher performance sensor nodes are then transmitted to second hidden layer. Here high performance sensor nodes neighbouring sensor with higher signal strength and frequency are selected and sent to the output layer where the actual data packet transmission is performed. Experimental evaluation is carried out on factors such as energy consumption, packet delivery ratio, packet loss rate and end-to-end delay with respect to number of patient data packets and sensor nodes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권4호
• /
• pp.1866-1883
• /
• 2019

As the youngest branch of information hiding, network covert timing channels conceal the existence of secret messages by manipulating the timing information of the overt traffic. The popular model-based framework for constructing covert timing channels always utilizes cumulative distribution function (CDF) of the inter-packet delays (IPDs) to modulate secret messages, whereas discards high-order statistics of the IPDs completely. The consequence is the vulnerability to high-order statistical tests, e.g., entropy test. In this study, a rich security model of covert timing channels is established based on IPD chains, which can be used to measure the distortion of multi-order timing statistics of a covert timing channel. To achieve rich security, we propose two types of covert timing channels based on nested lattices. The CDF of the IPDs is used to construct dot-lattice and interval-lattice for quantization, which can ensure the cell density of the lattice consistent with the joint distribution of the IPDs. Furthermore, compensative quantization and guard band strategy are employed to eliminate the regularity and enhance the robustness, respectively. Experimental results on real traffic show that the proposed schemes are rich-secure, and robust to channel interference, whereas some state-of-the-art covert timing channels cannot evade detection under the rich security model.