• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2174-2177
• /
• 2003

Internet is exposed to network attacks as Internet has a security weakness. Network attacks which are virus, system intrusion, and deny of service, put Internet in the risk of hacking, so the damage of public organization and banking facilities are more increased. So, it is necessary that the security technologies about intrusion detection and controlling attacks minimize the damage of hacking. Router is the network device of managing traffic between Internets or Intranets. The damage of router attack causes the problem of the entire network. The security technology about router is necessary to defend Internet against network attacks. Router has the need of access control and security skills that prevent from illegal attacks. We developed integrated security management framework for secure networking and kernel-level security engine that filters the network packets, detects the network intrusion, and reports the network intrusion. The security engine on the router protects router or gateway from the network attacks and provides secure networking environments. It manages the network with security policy and handles the network attacks dynamically.

• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.69-79
• /
• 2024

AI technology is a central focus of the 4th Industrial Revolution. However, compared to some existing non-artificial intelligence technologies, new AI adversarial attacks have become possible in learning data management, input data management, and other areas. These attacks, which exploit weaknesses in AI encryption technology, are not only emerging as social issues but are also expected to have a significant negative impact on existing IT and convergence industries. This paper examines various cases of AI adversarial attacks developed recently, categorizes them into five groups, and provides a foundational document for developing security guidelines to verify their safety. The findings of this study confirm AI adversarial attacks that can be applied to various types of cryptographic modules (such as hardware cryptographic modules, software cryptographic modules, firmware cryptographic modules, hybrid software cryptographic modules, hybrid firmware cryptographic modules, etc.) incorporating AI technology. The aim is to offer a foundational document for the development of standardized protocols, believed to play a crucial role in rejuvenating the information security industry in the future.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.174-183
• /
• 2021

The advent of social media has revolutionized the speed of communication between millions of people around the world in various cultures and disciplines. Social media is the best platform for exchanging opinions and ideas, interacting with other users of similar interests and sharing different types of media and files. With the phenomenal increase in the use of social media platforms, the need to pay attention to protection and security from attacks and misuse has also increased. The present study conducts a comprehensive survey of the latest and most important research studies published from 2018-20 on security and privacy on social media and types of threats and attacks that affect the users. We have also reviewed the recent challenges that affect security features in social media. Furthermore, this research pursuit also presents effective and feasible solutions that address these threats and attacks and cites recommendations to increase security and privacy for the users of social media.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.294-303
• /
• 2021

VANET is an upcoming technology with an encouraging prospect as well as great challenges, specifically in its security. This paper intends to survey such probable attacks and the correlating detection mechanisms that are introduced in the literature. Accordingly, administering security and protecting the owner's privacy has become a primary argument in VANETs. To furnish stronger security and preserve privacy, one should recognize the various probable attacks on the network and the essence of their behavior. This paper presents a comprehensive survey on diversified attacks and the recommended unfolding by the various researchers which concentrate on security services and the corresponding countermeasures to make VANET communications more secure.

• Journal of Convergence Society for SMB
• /
• v.4 no.4
• /
• pp.31-36
• /
• 2014

Recent advancement in Wireless Sensor Networks (WSNs) has paved the way for WSNs to enable in various environments in monitoring temperature, motion, sound, and vibration. These applications often include the detection of sensitive information from enemy movements in hostile areas or in locations of personnel in buildings. Due to characteristics of WSNs and dealing with sensitive information, wireless sensor nodes tend to be exposed to the enemy or in a hazard area, and security is a major concern in WSNs. Because WSNs pose unique challenges, traditional security techniques used in conventional networks cannot be applied directly, many researchers have developed various security protocols to fit into WSNs. To develop countermeasures of various attacks in WSNs, descriptions and analysis of current security attacks in the network layers must be developed by using a standard notation. However, there is no research paper describing and analyzing security models in WSNs by using a standard notation such as The Unified Modeling Language (UML). Using the UML helps security developers to understand security attacks and design secure WSNs. In this research, we provide standard models for security attacks by UML Sequence Diagrams to describe and analyze possible attacks in the three network layers.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.179-192
• /
• 2023

The widespread use of Cloud Computing, Internet of Things (IoT), and social media in the Information Communication Technology (ICT) field has resulted in continuous and unavoidable cyber-attacks on users and critical infrastructures worldwide. Traditional security measures such as firewalls and encryption systems are not effective in countering these sophisticated cyber-attacks. Therefore, Intrusion Detection and Prevention Systems (IDPS) are necessary to reduce the risk to an absolute minimum. Although IDPSs can detect various types of cyber-attacks with high accuracy, their performance is limited by a high false alarm rate. This study proposes a new technique called Fuzzy Logic - Objective Risk Analysis (FLORA) that can significantly reduce false positive alarm rates and maintain a high level of security against serious cyber-attacks. The FLORA model has a high fuzzy accuracy rate of 90.11% and can predict vulnerabilities with a high level of certainty. It also has a mechanism for monitoring and recording digital forensic evidence which can be used in legal prosecution proceedings in different jurisdictions.

• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.107-118
• /
• 2021

The term Internet of Things (IoTs) refers to the future where things are known daily through the Internet, whether in one way or another, as it is done by the method of collecting various information from various sensors to form a huge network through which people, things and machines are helped to make a link between them at all time and anywhere. The IoTs is everywhere around us such as connected appliances, smart homes security systems and wearable health monitors. However, the question is what if there is a malfunction or outside interference that affects the work of these IoTs based devises? This is the reason of the spread of security causes great concern with the widespread availability of the Internet and Internet devices that are subject to many attacks. Since there aren't many studies that combines requirements, mechanisms, and the attacks of the IoTs, this paper which explores recent published studies between 2017 and 2020 considering different security approaches of protection related to the authentication, integrity, availability and confidentiality Additionally, the paper addresses the different types of attacks in IoTs. We have also addressed the different approaches aim to prevention mechanisms according to several researchers' conclusions and recommendations.

• Journal of the Korean Mathematical Society
• /
• v.59 no.1
• /
• pp.35-51
• /
• 2022

We give secure parameter suggestions to use sparse secret vectors in LWE based encryption schemes. This should replace existing security parameters, because homomorphic encryption (HE) schemes use quite different variables from the existing parameters. In particular, HE schemes using sparse secrets should be supported by experimental analysis, here we summarize existing attacks to be considered and security levels for each attacks. Based on the analysis and experiments, we compute optimal scaling factors for CKKS.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2186-2203
• /
• 2020

Security administrators of companies and organizations need to come up with proper countermeasures against cyber-attacks considering infrastructures and security policies in their possession. In order to develop and verify such countermeasures, the administrators should be able to reenact both cyber-attacks and defenses. Simulations can be useful for the reenactment by overcoming its limitations including high risk and cost. If the administrators are able to design various scenarios of cyber-attacks and to develop simulation models from their viewpoints, they can simulate desired situations and observe the results more easily. It is challenging to simulate cyber-security issues, because there is lack of theoretical basis for modeling a wide range of the security field as well as pre-defined basic components used to model cyber-attacks. In this paper, we propose a modeling method for cyber-security simulations by developing a basic component and a composite model, called Abstracted Cyber-Security Unit Model (ACSUM) and Abstracted Cyber-security SIMulation model (ACSIM), respectively. The proposed models are based on DEVS(Discrete Event systems Specification) formalism, a modeling theory for discrete event simulations. We develop attack scenarios by sequencing attack behaviors using ACSUMs and then model ACSIMs by combining and abstracting the ACSUMs from a security perspective. The concepts of ACSUM and ACSIM enable the security administrators to simulate numerous cyber-security issues from their viewpoints. As a case study, we model a worm scenario using ACSUM and simulate three types of simulation models based on ACSIM from a different security perspective.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.4
• /
• pp.1-10
• /
• 2021

The purpose of the study is to contribute to the positive development of blockchain technology by providing data to examine security vulnerabilities and threats to blockchain-based services and review countermeasures. The findings of this study are as follows. Threats to the security of blockchain-based services can be classified into application security threats, smart contract security threats, and network (P2P) security threats. First, application security threats include wallet theft (e-wallet stealing), double spending (double payment attack), and cryptojacking (mining malware infection). Second, smart contract security threats are divided into reentrancy attacks, replay attacks, and balance increasing attacks. Third, network (P2P) security threats are divided into the 51% control attack, Sybil attack, balance attack, eclipse attack (spread false information attack), selfish mining (selfish mining monopoly), block withholding attack, DDoS attack (distributed service denial attack) and DNS/BGP hijacks. Through this study, it is possible to discuss the future plans of the blockchain technology-based ecosystem through understanding the functional characteristics of transparency or some privacy that can be obtained within the blockchain. It also supports effective coping with various security threats.