• ETRI Journal
• /
• v.39 no.3
• /
• pp.417-427
• /
• 2017

This paper investigates the security of constant weight countermeasures, which aim to produce indistinguishable leakage from sensitive variables and intermediate variables, assuming a constant Hamming distance and/or Hamming weight leakages. To investigate the security of recent countermeasures, contrary to many related studies, we assume that the coefficients of the simulated leakage models follow a normal distribution so that we may construct a model with approximately realistic leakages. First, using our simulated leakage model, we demonstrate security holes in these previous countermeasures. Subsequently, in contrast to the hypotheses presented in previous studies, we confirm the resistance of these countermeasures to a standard correlation power analysis (CPA). However, these countermeasures can allow a bitwise CPA to leak a sensitive variable with only a few thousand traces.

• Journal of Information Technology Services
• /
• v.18 no.5
• /
• pp.155-164
• /
• 2019

With the emergence of new ICT technologies, information security threats are becoming more advanced, intelligent, and diverse. Even though the awareness of the importance of information security increases, the information security budget is not enough because of the lack of effectiveness measurement of the information security investment. Therefore, it is necessary to optimize the information security investment in each business environment to minimize the cost of operating the information security countermeasures and mitigate the damages occurred from the information security breaches. In this paper, using genetic algorithms we propose an investment optimization model for information security countermeasures with the limited budget. The optimal information security countermeasures were derived based on the actual information security investment status of SMEs. The optimal solution supports the decision on the appropriate investment level for each information security countermeasures.

• Journal of Intelligence and Information Systems
• /
• v.26 no.3
• /
• pp.37-50
• /
• 2020

Information security has become an important issue in the world. Various information and communication technologies, such as the Internet of Things, big data, cloud, and artificial intelligence, are developing, and the need for information security is increasing. Although the necessity of information security is expanding according to the development of information and communication technology, interest in information security investment is insufficient. In general, measuring the effect of information security investment is difficult, so appropriate investment is not being practice, and organizations are decreasing their information security investment. In addition, since the types and specification of information security measures are diverse, it is difficult to compare and evaluate the information security countermeasures objectively, and there is a lack of decision-making methods about information security investment. To develop the organization, policies and decisions related to information security are essential, and measuring the effect of information security investment is necessary. Therefore, this study proposes a method of constructing an investment portfolio for information security measures using game theory and derives an optimal defence probability. Using the two-person game model, the information security manager and the attacker are assumed to be the game players, and the information security countermeasures and information security threats are assumed as the strategy of the players, respectively. A zero-sum game that the sum of the players' payoffs is zero is assumed, and we derive a solution of a mixed strategy game in which a strategy is selected according to probability distribution among strategies. In the real world, there are various types of information security threats exist, so multiple information security measures should be considered to maintain the appropriate information security level of information systems. We assume that the defence ratio of the information security countermeasures is known, and we derive the optimal solution of the mixed strategy game using linear programming. The contributions of this study are as follows. First, we conduct analysis using real performance data of information security measures. Information security managers of organizations can use the methodology suggested in this study to make practical decisions when establishing investment portfolio for information security countermeasures. Second, the investment weight of information security countermeasures is derived. Since we derive the weight of each information security measure, not just whether or not information security measures have been invested, it is easy to construct an information security investment portfolio in a situation where investment decisions need to be made in consideration of a number of information security countermeasures. Finally, it is possible to find the optimal defence probability after constructing an investment portfolio of information security countermeasures. The information security managers of organizations can measure the specific investment effect by drawing out information security countermeasures that fit the organization's information security investment budget. Also, numerical examples are presented and computational results are analyzed. Based on the performance of various information security countermeasures: Firewall, IPS, and Antivirus, data related to information security measures are collected to construct a portfolio of information security countermeasures. The defence ratio of the information security countermeasures is created using a uniform distribution, and a coverage of performance is derived based on the report of each information security countermeasure. According to numerical examples that considered Firewall, IPS, and Antivirus as information security countermeasures, the investment weights of Firewall, IPS, and Antivirus are optimized to 60.74%, 39.26%, and 0%, respectively. The result shows that the defence probability of the organization is maximized to 83.87%. When the methodology and examples of this study are used in practice, information security managers can consider various types of information security measures, and the appropriate investment level of each measure can be reflected in the organization's budget.

• ETRI Journal
• /
• v.29 no.5
• /
• pp.619-632
• /
• 2007

Side channel attacks are a very serious menace to embedded devices with cryptographic applications. To counteract such attacks many randomization techniques have been proposed. One efficient technique in elliptic curve cryptosystems randomizes addition chains with binary signed digit (BSD) representations of the secret key. However, when such countermeasures have been used alone, most of them have been broken by various simple power analysis attacks. In this paper, we consider combinations which can enhance the security of countermeasures using BSD representations by adding additional countermeasures. First, we propose several ways the improved countermeasures based on BSD representations can be attacked. In an actual statistical power analysis attack, the number of samples plays an important role. Therefore, we estimate the number of samples needed in the proposed attack.

• Journal of information and communication convergence engineering
• /
• v.12 no.4
• /
• pp.237-245
• /
• 2014

In this study, software-based countermeasures against a side-channel cryptanalysis of the Rabbit stream cipher were developed using Moteiv's Tmote Sky, a popular wireless sensor mote based on the Berkeley TelosB, as the target platform. The countermeasures build upon previous work by improving mask generation, masking and hiding other components of the algorithm, and introducing a key refreshment scheme. Our contribution brings improvements to previous countermeasures making the implementation resistant to higher-order attacks. Four functional metrics, namely resiliency, robustness, resistance, and scalability, were used for the assessment. Finally, performance costs were measured using memory usage and execution time. In this work, it was demonstrated that although attacks can be feasibly carried out on unprotected systems, the proposed countermeasures can also be feasibly developed and deployed on resource-constrained devices, such as wireless sensors.

• Information Systems Review
• /
• v.18 no.3
• /
• pp.137-153
• /
• 2016

Organizations depend on smart working environments, such as mobile networks. This development motivates companies to focus on information security. Information leakage negatively affects companies. To address this issue, management and information security researchers focus on compliance of employees with information security policies. Countermeasures in information security are known antecedents of intention to comply information security policies. Despite the importance of this topic, research on the antecedents of information security countermeasures is scarce. The present study proposes information security intelligence as an antecedent of information security countermeasures. Information security intelligence adapted the concept of safety intelligence provided by Kirwan (2008). Information security intelligence consists of problem solving skills, social skills, and information security knowledge related to information security. Results show that problem solving skills and information security knowledge have positive effects on the awareness of employees of information security countermeasures.

• Journal of Information Technology Applications and Management
• /
• v.30 no.6
• /
• pp.17-29
• /
• 2023

In this paper, we aim to propose cyber security considerations and countermeasures for infrastructure and services in the UAM(Urban Air Mobility) Air Traffic Management field, which is one of the key elements of the UAM market that has not yet bloomed. Air traffic management is an important factor for safe navigation and social acceptance of UAM. In order to realize air traffic management, infrastructure and services based on solid network connectivity must be established. And for industries where connectivity is the core component, it can become an infiltration route for cyber threats. Therefore, cyber security is essential for the infrastructure and services. In detail, we will look into the definition of the existing air traffic management field and the cyber threats. In addition, we intend to identify cyber security threat scenarios that may occur in the newly designed UAM air traffic management infrastructure. Moreover, in order to study the cyber security countermeasures of the UAM air traffic management infrastructure, there will be analysis of the UAM operation concept. As a result, countermeasures applicable to the infrastructure and service fields will be suggested by referring to the cyber security frameworks.

• International Journal of Advanced Culture Technology
• /
• v.9 no.2
• /
• pp.106-117
• /
• 2021

The aim is to find cyber measures in consideration of physical CPTED in order to prepare countermeasures for cybercrime prevention. For this, the six applied principles of CPTED were used as the standard. A new control item was created in connection with the control items of ISO27001. A survey was conducted on former and current investigators and security experts. As a result of the reliability analysis, the Kronbar alpha coefficient value was 0.947, indicating the reliability of the statistical value. As a result of factor analysis, it was reduced to six factors. The following are six factors and countermeasures. Nature monitoring blocks opportunities and strengthens business continuity. Access control is based on management system compliance, personnel security. Reinforcement of territoriality is reinforcement of each wife and ethics. Establishment of security policy to enhance readability, security system maintenance. Increasing usability is seeking ways to utilize, periodic incentives. For maintenance, security education is strength and security-related collective cooperation is conducted. The differentiation of this study was to find countermeasures against cybercrime in the psychological part of the past. However, they approached to find in cyber measures. The limitation of the study is to bring the concept of physical CPTED to the cyber concept.

• Journal of Digital Convergence
• /
• v.13 no.8
• /
• pp.133-144
• /
• 2015

In digital convergence environment, information security management plays crucial role in maintaining firms' competitiveness. Organizational citizenship behavior(OCB) enables informations security countermeasures to be more effectively worked by helping employees to have much knowledge of information security policy, by facilitating employees to participate in information security education/training. Thus, the purpose of this study is to investigate the mediating effect of OCB on the relationships between information security countermeasures and compliance intention. Questionary was designed based on prior information security research, and survey was conducted among companies' employees across the industry. Results showed that information security policy and information security education/training were found to be key predictors of compliance intention. In addition, OCB was proven to mediate the relationships between information security countermeasures and compliance intention.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.11 no.4
• /
• pp.229-237
• /
• 2011

As smart phones have become widely adopted, they have brought about changes in individual lifestyles, as well as significant changes in the industry. As the mobile technology of smart phones has become associated with all areas of industry, it is not only accelerating innovation in other industries such as shopping, healthcare service, education, and finance, but is also creating new markets and business opportunities. The preparation of thorough security measures for smart phones is increasing in demand. While offering excellent mobility and convenience, smart phones can be exposed to a range of violation threats. In particular, it is necessary to make efforts to develop a security system that can preemptively cope with potential security threats in the banking service area, which requires a high level of reliability. This paper suggests a security reference model that is considered for the smart phone-based joint mobile banking development project being undertaken by the Bank of Korea in 2010. The purpose of this study is to make a security reference model for a reliable smart phone-based mobile financial service, by recognizing the specific security threats directed toward smart phones, and providing countermeasures to these security threats. The proposed mobile banking security reference model is useful in improving system security by systematically analyzing information security threats to the mobile financial service, and by presenting the guideline for the preparation of countermeasures.