• Current Optics and Photonics
• /
• v.8 no.3
• /
• pp.270-281
• /
• 2024

Information-hiding technology is introduced into an optical ghost imaging encryption scheme, which can greatly improve the security of the encryption scheme. However, in the current mainstream research on camouflage ghost imaging encryption, information hiding techniques such as digital watermarking can only hide 1/4 resolution information of a cover image, and most secret images are simple binary images. In this paper, we propose an equal-resolution image-hiding encryption scheme based on deep learning and computational ghost imaging. With the equal-resolution image steganography network based on deep learning (ERIS-Net), we can realize the hiding and extraction of equal-resolution natural images and increase the amount of encrypted information from 25% to 100% when transmitting the same size of secret data. To the best of our knowledge, this paper combines image steganography based on deep learning with optical ghost imaging encryption method for the first time. With deep learning experiments and simulation, the feasibility, security, robustness, and high encryption capacity of this scheme are verified, and a new idea for optical ghost imaging encryption is proposed.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.13-26
• /
• 2023

Recently, the development of wireless network technologies has been advancing in several directions: increasing data transmission speed, enhancing user mobility, expanding the range of services offered, improving the utilization of the radio frequency spectrum, and enhancing the intelligence of network and subscriber equipment. In this research, a series of contradictions has emerged in the field of wireless network technologies, with the most acute being the contradiction between the growing demand for wireless communication services (on operational frequencies) and natural limitations of frequency resources, in addition to the contradiction between the expansions of the spectrum of services offered by wireless networks, increased quality requirements, and the use of traditional (outdated) management technologies. One effective method for resolving these contradictions is the application of artificial intelligence elements in wireless telecommunication systems. Thus, the development of technologies for building intelligent (cognitive) radio and cognitive wireless networks is a technological imperative of our time. The functions of artificial intelligence in prospective wireless systems and networks can be implemented in various ways. One of the modern approaches to implementing artificial intelligence functions in cognitive wireless network systems is the application of fuzzy logic and fuzzy processors. In this regard, the work focused on exploring the application of fuzzy logic in prospective cognitive wireless systems is considered relevant.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.103-110
• /
• 2024

In the quickly developing world, the idea of the conventional advancement needs to advance[1]. When applied to the advanced work environment, the conventional strategies give as much damage as they do great. Tragically, an absence of versatility in the customary techniques has prompted an inflexible work structure that is truly not viable with the present business. The Agile technique is, subsequently, a more adequate practice, in view of creating programming at a faster speed, while as yet looking after proficiency. The coordinated programming improvement strategies are concentrated in this paper. As per study results, Agile software development group needs solid client association; great light-footed task the executives' measures; item proprietor expands business esteem conveyed by group and need and draw in partners; great deft designing procedures or practices; and great advancements and advancement apparatuses[2]. This examination has suggestions for positive social change since associations that comprehend the basic components might have the option to improve project the executives' systems and money saving advantages prompting higher effectiveness, productivity, and efficiency hence profiting the board, representatives, and client. This survey paper incorporates various methodologies of Agile and their analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.1089-1100
• /
• 2024

Despite various measures being implemented by the government and related institutions to prevent voice phishing, incidents of such fraud continue to occur. This study analyzed 448 actual conversations between voice phishing scammers and potential victims using text mining techniques. The text analysis reveals that voice phishing scammers frequently use words emphasizing limited time frames such as now, soon, in progress, today, first. This indicates that scammers manipulate the victim's psychology through specific words, preventing them from making rational decisions. The results of this study can aid government and related institutions in formulating effective policies for preventing voice phishing and protecting consumers.

• International Journal of Computer Science & Network Security
• /
• v.24 no.10
• /
• pp.32-42
• /
• 2024

For many sensor network applications, minimizing the energy consumed as well as extending the network lifetime are the most important objectives to be achieved, these objectives have pushed the scientific community to propose new solutions to minimize the total energy consumed by the sensors without degrading the network performances, amongst the proposed solutions, the clustering techniques. In this work we focus on hierarchical routing protocols, more precisely clustering in wireless sensor networks. We propose an energy-efficient hierarchical routing protocol for WSNs called EEV-LEACH (Energy Efficient Vice Low Adaptive Clustering Hierarchy), which represents a new variant of the LEACH protocol. Our energy-efficient protocol aims to maximize the lifetime of the network, by minimizing the energy consumption of each sensors nodes and cluster-heads. Minimizing the wasted energy by each sensor node is achieved by minimizing the periodic selection of CHs in each round. Minimizing the periodic selection of CHs allows decreasing the association messages exchanged between the CH and the nodes, so the consumed energy and overhead are minimized. EEV-LEACH aims also to minimize the energy consumed by the cluster-heads (CHs) by using vice CHs , which will share the workload with the CHs in an alternative way. The performances of our protocol EEV-LEACH is compared to, LEACH, LEACH-S and TL-LEACH by using MATLAB simulator, the results show that EEV-LEACH protocol extend the network lifetime and it minimizes the overall overhead versus LEACH, LEACH-S and TL-LEACH protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.745-756
• /
• 2020

An ICS(industrial control system) is a complex system that safely and efficiently monitors and controls industrial processes such as electric power, water treatment, transportation, automation plants and chemical plants. Because successful cyber attacks targeting ICS can lead to casualties or serious economic losses, it becomes a prime target of hacker groups sponsored by national state. Cyber campaigns such as Stuxnet, Industroyer and TRITON are real examples of successful ICS attacks, and were developed based on the deep knowledge of the target ICS. Therefore, for incident investigation of ICSs, inspectors also need knowledge of control processes and accident investigation techniques specialized for ICSs. Because there is no applicable technology, it is especially necessary to develop techniques and tools for embedded controllers located at cyber and physical boundaries. As the first step in this research, we reviewed logging capability of 4 PLC(Programmable Logic Controller)s widely used in an ICS area, and checked whether selected PLCs generate logs that can be used for digital investigation in the proposed cyber attack scenario.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.3
• /
• pp.178-192
• /
• 2006

The buffer overflow attack is the single most dominant and lethal form of security exploits as evidenced by recent worm outbreaks such as Code Red and SQL Stammer. In this paper, we propose microarchitectural techniques that can detect and recover from such malicious code attacks. The idea is that the buffer overflow attacks usually exhibit abnormal behaviors in the system. This kind of unusual signs can be easily detected by checking the safety of memory references at runtime, avoiding the potential data or control corruptions made by such attacks. Both the hardware cost and the performance penalty of enforcing the safety guards are negligible. In addition, we propose a more aggressive technique called corruption recovery buffer (CRB), which can further increase the level of security. Combined with the safety guards, the CRB can be used to save suspicious writes made by an attack and can restore the original architecture state before the attack. By performing detailed execution-driven simulations on the programs selected from SPEC CPU2000 benchmark, we evaluate the effectiveness of the proposed microarchitectural techniques. Experimental data shows that enforcing a single safety guard can reduce the number of system failures substantially by protecting the stack against return address corruptions made by the attacks. Furthermore, a small 1KB CRB can nullify additional data corruptions made by stack smashing attacks with only less than 2% performance penalty.

• Journal of the Korea Convergence Society
• /
• v.11 no.5
• /
• pp.19-25
• /
• 2020

As the number of mobile device users increases, research on various user authentication methods has been actively conducted to protect sensitive personal information. Knowledge-based techniques have the disadvantage that security is deteriorated due to easy exposure of authentication means, and proprietary-based techniques have a problem of increasing construction cost and low user convenience to use the service. In order to solve this problem, a FIDO authentication system, which is a user authentication method using a smart device, has been proposed. Since the FIDO authentication system performs authentication based on the biometric information of the user, the risk of the authentication means being leaked is low, and since the authentication information is stored in the user's smart device, the user information due to server hacking is solved. Through this, it is possible to select and utilize user authentication technology suitable for the security level of the service. In this paper, we introduce the FIDO authentication system, explain the main parts required for FIDO UAF client-server development, and show examples of implementation using UAF open source provided by ebay.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1351-1364
• /
• 2019

When SCADA is exposed to cyber threats and attacks, serious disasters can occur throughout society. This is because various security threats have not been considered when building SCADA. The bigger problem is that it is difficult to patch vulnerabilities quickly because of its availability. Digital forensics procedures and techniques need to be used to analyze and investigate vulnerabilities in SCADA systems in order to respond quickly against cyber threats and to prevent incidents. This paper addresses SCADA forensics taxonomy and research trends for effective digital forensics investigation on SCADA system. As a result, we have not been able to find any research that goes far beyond traditional digital forensics on procedures and methodologies. But it is meaningful to develop an approach methodology using the characteristics of the SCADA system, or an exclusive tool for SCADA. Analysis techniques mainly focused on PLC and SCADA network protocol. It is because the cyber threats and attacks targeting SCADA are mostly related to PLC or network protocol. Such research seems to continue in the future. Unfortunately, there is lack of discussion about the 'Evidence Capability' such as the preservation or integrity of the evidence extracting from SCADA system in the past researches.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.550-558
• /
• 2019

As the scale of the Internet of Things (IoT) environment grows and develops day by day, the information collected and shared through IoT devices becomes increasingly diverse and more common. However, because IoT devices have limitations on computing power and a low power capacity due to their miniaturized size, it is difficult to apply security technologies like encryption and authentication that have been directly applied in the previous Internet environment, making the IoT vulnerable to security threats. Because of this weakness, important information that needs to be delivered safely and accurately is exposed to the threat of malicious exploitation, such as data forgery, data leakage, and infringement of personal information. In order to overcome this threat, various security studies are being actively conducted to compensate for the weaknesses in IoT environment devices. In particular, since various devices interact, and share and communicate information collected in the IoT environment, each device should be able to communicate with reliability. With regard to this, various studies have been carried out on techniques for device authentication. This study examines the limitations and problems of the authentication techniques that have been studied thus far, and proposes technologies that can certify IoT devices for safe communication between reliable devices in the Internet environment.