• Title/Summary/Keyword: Security Countermeasure

Search Result 380, Processing Time 0.022 seconds

Research on digital evidence-based countermeasure depending on the type of small and medium-sized enterprises technology leakage accident (중소기업 기술유출사고 유형에 따른 디지털증거기반 대응방안 연구)

  • Jaeyun Wang;Hangbae Chang
    • Journal of Platform Technology
    • /
    • v.12 no.1
    • /
    • pp.67-76
    • /
    • 2024
  • Small and medium-sized enterprises play a fundamental role in the foundation of our country's industry and economy, and most technological innovations occur in small and medium-sized enterprises rather than large corporations. Technology development and innovation are the only way for small and medium-sized enterprises to survive in a fiercely competitive environment, so they focus on it, but interest and investment in technology protection tend to be stingy. As a result, industrial technology leakage accidents occur frequently, and it is difficult to meet improvement measures. When a leak occurs, digital evidence is required to prove criminal activity, but problems such as digital evidence being damaged or deleted due to management loopholes often occur. Therefore, through this study, we aim to design a digital evidence-based countermeasure depending on the type of technology leak accident. We will classify the types of technology leak incidents that actually occurred and study ways to secure digital evidence in the security environment of small and medium-sized businesses that operate internal information leak prevention solutions.

  • PDF

A Simple Power Analysis Attack on ARIA Key Expansion Based on Hamming Weight Leakage (해밍 웨이트 누출 기반 ARIA 키 확장 SPA)

  • Park, Aesun;Han, Dong-Guk;Choi, Jun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1319-1326
    • /
    • 2015
  • The symmetric key encryption algorithms, such as the AES or the ARIA, generate round keys by the key expansion mechanism. While the algorithm is executed, key expansion mechanism emits information about the secret key by the power consumption. The vulnerability exists that can reduce significantly the candidate of the secret key by the simple power analysis attack using a small number of the power traces. Therefore, we'll have to study about the attack and the countermeasure to prevent information leakage. While a simple power analysis attack on the AES key expansion has been studied since 2002, ARIA is insufficient. This paper presents a simple power analysis attack on 8-bit implementations of the ARIA-128 key expansion. The presented attack efficiently utilizes this information leakage to substantially reduce the key space that needs to be considered in a brute-force search for the secret key. We show that ARIA is vulnerable to a SPA attack based on hamming weight leakage.

Countermeasure strategy for the international crime and terrorism by use of SNA and Big data analysis (소셜네트워크분석(SNA)과 빅데이터 분석을 통한 국제범죄와 테러리즘 대응전략)

  • Chung, Tae Jin
    • Convergence Security Journal
    • /
    • v.16 no.2
    • /
    • pp.25-34
    • /
    • 2016
  • This study aims to prevent the serious threat from dangerous person or group by responding or blocking or separating illegal activities by use of SNA: Social Network Analysis. SNA enables to identify the complex social relation of suspect and individuals in order to enhance the effectiveness and efficiency of investigation. SNS has rapidly developed and expanded without restriction of physical distance and geo-location for making new relation among people and sharing large amount of information. As rise of SNS(facebook and twitter) related crimes, terrorist group 'ISIS' has used their website for promotion of their activity and recruitment. The use of SNS costs relatively lower than other methods to achieve their goals so it has been widely used by terrorist groups. Since it has a significant ripple effect, it is imperative to stop their activity. Therefore, this study precisely describes criminal and terrorist activities on SNS and demonstrates how effectively detect, block and respond against their activities. Further study is also suggested.

Analysis and Countermeasure on RSA Algorithm Having High Attack Complexity in Collision-Based Power Analysis Attack (충돌 전력 분석 공격에 높은 공격 복잡도를 갖는 RSA 알고리즘에 대한 취약점 분석 및 대응기법)

  • Kim, Suhri;Kim, Taewon;Jo, Sungmin;Kim, HeeSeok;Hong, Seokhie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.2
    • /
    • pp.335-344
    • /
    • 2016
  • It is known that power analysis is one of the most powerful attack in side channel analysis. Among power analysis single trace attack is widely studied recently since it uses one power consumption trace to recover secret key of public cryptosystem. Recently Sim et al. proposed new exponentiation algorithm for RSA cryptosystem with higher attack complexity to prevent single trace attack. In this paper we analyze the vulnerability of exponentiation algorithm described by Sim et al. Sim et al. applied message blinding and random exponentiation splitting method on $2^t-ary$ for higher attack complexity. However we can reveal private key using information exposed during pre-computation generation. Also we describe modified algorithm that provides higher attack complexity on collision attack. Proposed algorithm minimized the reuse of value that are used during exponentiation to provide security under single collision attack.

An Integrated Authentication System for Mobile Codes (이동코드를 위한 통합 인증 시스템)

  • Bae, Seong-Hun;Lee, Su-Hyeon
    • The KIPS Transactions:PartC
    • /
    • v.8C no.5
    • /
    • pp.535-542
    • /
    • 2001
  • Mobile codes such as Java, Java-Script, ActiveX, and Script code are loaded into a client system first and then run without any notice to the client user. Executing code by this mechanism may cause various security problems such as flowing out system information, deleting or modifying files, and exhausting system resources. In this paper we propose an integrated authentication system to establish the uniform security countermeasure on various mobile codes. The system helps to solve to problems mentioned above. An integrated authentication system allows to load into an interpreter using ACL (Access Control List) which sets up an access authority to the executable contents and communicates with an interpreter using client/server model.

  • PDF

Malware Behavior Analysis based on Mobile Virtualization (모바일 가상화기반의 악성코드 행위분석)

  • Kim, Jang-Il;Lee, Hee-Seok;Jung, Yong-Gyu
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.2
    • /
    • pp.1-7
    • /
    • 2015
  • As recent smartphone is used around the world, all of the subscribers of the mobile communication is up to 47.7% about 24 million people. Smartphone has a vulnerability to security, and security-related incidents are increased in damage with the smartphone. However, precautions have been made, rather than analysis of the infection of most of the damage occurs after the damaged except for the case of the expert by way of conventional post-countermeasure. In this paper, we implement a mobile-based malware analysis systems apply a virtualization technology. It is designed to analyze the behavior through it. Virtualization is a technique that provides a logical resources to the guest by abstracting the physical characteristics of computing resources. The virtualization technology can improve the efficiency of resources by integrating with cloud computing services to servers, networks, storage, and computing resources to provide a flexible. In addition, we propose a system that can be prepared in advance to buy a security from a user perspective.

New Power Analysis Attack on The Masking Type Conversion Algorithm (마스킹 형태 변환 알고리즘에 대한 새로운 전력 분석 공격)

  • Cho, Young-In;Kim, Hee-Seok;Han, Dong-Guk;Hong, Seok-Hie;Kang, Ju-Sung
    • Journal of the Institute of Electronics Engineers of Korea SP
    • /
    • v.47 no.1
    • /
    • pp.159-168
    • /
    • 2010
  • In the recent years, power analysis attacks were widely investigated, and so various countermeasures have been proposed. In the case of block ciphers, masking methods that blind the intermediate results in the algorithm computations(encryption, decryption, and key-schedule) are well-known. The type conversion of masking is unavoidable since Boolean operation and Arithmetic operation are performed together in block cipher. Messerges proposed a masking type conversion algorithm resistant general power analysis attack and then it's vulnerability was reported. We present that some of exiting attacks have some practical problems and propose a new power analysis attack on Messerges's algorithm. After we propose the strengthen DPA and CPA attack on the masking type conversion algorithm, we show that our proposed attack is a practical threat as the simulation results.

Detection of Zombie PCs Based on Email Spam Analysis

  • Jeong, Hyun-Cheol;Kim, Huy-Kang;Lee, Sang-Jin;Kim, Eun-Jin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.5
    • /
    • pp.1445-1462
    • /
    • 2012
  • While botnets are used for various malicious activities, it is well known that they are widely used for email spam. Though the spam filtering systems currently in use block IPs that send email spam, simply blocking the IPs of zombie PCs participating in a botnet is not enough to prevent the spamming activities of the botnet because these IPs can easily be changed or manipulated. This IP blocking is also insufficient to prevent crimes other than spamming, as the botnet can be simultaneously used for multiple purposes. For this reason, we propose a system that detects botnets and zombie PCs based on email spam analysis. This study introduces the concept of "group pollution level" - the degree to which a certain spam group is suspected of being a botnet - and "IP pollution level" - the degree to which a certain IP in the spam group is suspected of being a zombie PC. Such concepts are applied in our system that detects botnets and zombie PCs by grouping spam mails based on the URL links or attachments contained, and by assessing the pollution level of each group and each IP address. For empirical testing, we used email spam data collected in an "email spam trap system" - Korea's national spam collection system. Our proposed system detected 203 botnets and 18,283 zombie PCs in a day and these zombie PCs sent about 70% of all the spam messages in our analysis. This shows the effectiveness of detecting zombie PCs by email spam analysis, and the possibility of a dramatic reduction in email spam by taking countermeasure against these botnets and zombie PCs.

A Study on Analysis and Countermeasure of Security threat in NFC (NFC 서비스 보안 위협 분석 및 대응방안 연구)

  • Kim, Hyung-Uk;Kim, Hyung-joo;Kang, Jung-ho;Jun, Moon-seog
    • Journal of Digital Convergence
    • /
    • v.14 no.12
    • /
    • pp.183-191
    • /
    • 2016
  • Most recent trend reveals broader state of provision of NFC service as NFC technology was applied on smartphones which has become core communication tools by providing integrated services such as payment, medical, and personal authentication. Moreover, with integration of original service and NFC technology, new service providers now can handle personal information of original service or can handle other personal information with transition of previous service provider to NFC service provider. Considering current state of security industry along with NFC technology and service, we would like to analyze current stage of security threats and plan the counter strategies to create NFC service structure.

A Study on Classification of Information Asset Considering Business Process Characteristics for Small IT Service Organization (소규모 IT 서비스 기업 비즈니스 특성을 고려한 정보자산 유형분류 설계연구)

  • Kang, Jong-Gu;Lim, Jae-Hwan;Lee, Hong-Joo;Chang, Hang-Bae
    • The Journal of Society for e-Business Studies
    • /
    • v.16 no.4
    • /
    • pp.97-108
    • /
    • 2011
  • Small IT service organizations operate their business with limited resources and workforce in comparison with large enterprises, and they could be categorized in various types based on the method of value creation. But the recent studies on information security have been conducted and they were focused on the construction of general information security countermeasure, without considering size of the business and characteristic. Hence we have undergone the process of classifying information assets. Then we extracted and categorized the information assets considering characteristics of small organization's size and business process. Specifically we have classified the information assets according to business scenario design through qualitative observation method. Then we have validated the classified information assets by utilizing statistical method. We may anticipate that this study results could be basic data for developing the differentiated information security countermeasures for small IT service organization.