• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.438-449
• /
• 2004

With the growing deployment of network and internet, the importance of security is also increased. But, recent intrusion detection systems which have an important position in security countermeasure can't provide proper analysis and effective defence mechanism. Instead, they have overwhelmed human operator by large volume of intrusion detection alerts. In this paper, we propose an efficient alert analysis system that can produce high level information by analyzing and processing the large volume of alerts and can detect large-scale attacks such as DDoS in early stage. And we have measured processing rate of each elementary module and carried out a scenario-based test in order to analyzing efficiency of our proposed system.

• Journal of Convergence Society for SMB
• /
• v.6 no.2
• /
• pp.31-36
• /
• 2016

Sniffing attack is a passive attack which is reassembling packets to collect personal information, bank accounting number, and other important information. Sniffing attack happens in LAN and uses promiscuous mode which is opening filtering by pass all packets in LAN, attackers could catch any packets in LAN, so they can manipulate packets. They are Switch Jamming, Port mirroring, ARP Redirect, and ICMP Redirect attack. To defend these attacks, I proposed to use SSL packet encryption, reconfiguration of switching environment, DNS, and decoy method for defending all kinds of Sniffing attacks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.5
• /
• pp.51-60
• /
• 2015

As electronic commerce service became more popular, information equivalent to currency prevails in network. Accordingly, hacking into network often occurs and thus OTP (One-Time-Password) has emerged as an alternative secondary security system. However, weakness has been found in even existing One-Time Password that used to be considered 'perfect'. Therefore, it becomes very urgent to have an additional security countermeasure. As security recommendation is not considered as solution anymore, more specific plan becomes necessary. The present study proposes PKI coordinates technique-based OTP (One-Time-Pad) for a safe key transmission in E-commerce.

• Convergence Security Journal
• /
• v.14 no.5
• /
• pp.65-74
• /
• 2014

Phishing scans through wired telephones have been evolving into smissing and pharming. While we use wire or wireless telephones, text messages, e-mails, and online-banking conveniently, the ways of hacking and phishing attacks are getting developed and various. This paper investigates the various aspects of attacks depending on the kinds of phishing and suggests general prevention measures. In addition, the user-oriented practical preventive measures and government-driven long term measures are proposed in this paper. Technological developments, short or long term preventive measures proposed by the government, and continuous public relations could be solutions since in a short time, it could be difficult to eradicate phishing scams evolving continuously. Besides, the internet media as well as SNS are great helps in promoting the preventives against phishing and smissing. Finally this paper asserts that the newly developed service technology should be made carefully without security problems.

• ETRI Journal
• /
• v.33 no.2
• /
• pp.267-274
• /
• 2011

This paper proposes an efficient masking method for the block cipher SEED that is standardized in Korea. The nonlinear parts of SEED consist of two S-boxes and modular additions. However, the masked version of these nonlinear parts requires excessive RAM usage and a large number of operations. Protecting SEED by the general masking method requires 512 bytes of RAM corresponding to masked S-boxes and a large number of operations corresponding to the masked addition. This paper proposes a new-style masked S-box which can reduce the amount of operations of the masking addition process as well as the RAM usage. The proposed masked SEED, equipped with the new-style masked S-box, reduces the RAM requirements to 288 bytes, and it also reduces the processing time by 38% compared with the masked SEED using the general masked S-box. The proposed method also applies to other block ciphers with the same nonlinear operations.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.51-60
• /
• 2007

It is important to assess vulnerability of network and information system to countermeasure against a variety of attack in effective and efficient way. But vulnerability and risk assessment methodology for network and information systems could not be directly applied to sensor networks because sensor networks have different properties compared to traditional network and information system. This paper proposes a vulnerability assessment framework for cluster based sensor networks. The vulnerability assessment for sensor networks is presented. Finally, the case study in cluster based sensor networks is described to show possibility of the framework.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.709-718
• /
• 2019

A lightweight block cipher CHAM designed for suitability in resource-constrained environment has reasonable security level and high computational performance. Since this cipher may contain intrinsic weakness on side channel attack, it should adopt a countermeasure such as masking method. In this paper, we implement the masked CHAM cipher on 32-bit microprosessor Cortex-M3 platform to resist against side channel attack and analyze their computational performance. Based on the shortcoming of having many round functions, we apply reduced masking method to the implementation of CHAM cipher. As a result, we show that the CHAM-128/128 algorithm applied reduced masking technique requires additional operations about four times.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.33-40
• /
• 2016

Credit card is means of payment used like cash in terms of function and its users have increased consistently. With development of Internet and electronic commerce a role as payment method of credit card has been growing. But as the risk which results from centralized information and online increases, credit card fraud is also growing. Card theft and loss are decreasing due to countermeasure of card companies and financial supervisory authorities, while card forge and identity theft are increasing. Recently because of frequent personal information leakage and deregulation of financial security following easy-to-use payment enforcement, customer's anxiety about card fraud is growing. And the increase of card fraud lowers trust on credit system as well as causes social costs. In this paper, the security problems of card operating system are addressed in depth and the measures such as immediate switch to IC card terminals, introduction of new security technology, supervision reinforcement of the authorities are proposed.

• Journal of Korea Multimedia Society
• /
• v.7 no.1
• /
• pp.91-97
• /
• 2004

As the electronic commercial transaction is being transacted by contents which can get an illegal intrusion from the outside, we sincerely require security for them. We must consider a protection countermeasure about intrusion from protection of the passive form to protection intrusion of the active one. So the security is required against hackers illegality intrusion into the contents. As soon as the intrusion happens about the contents, the tools providing the monitor of contents are required to minimize the damage to the systems. Modified web contents detection system in this paper prevents the loss of resources and manpower required through individually monitoring on the web. Also, this paper offers rapid support of security that it analyzes the weakness of contents security of the web environment and the cause of the problem with the leakage of information. So this system has the pur pose of protecting the weakness of contents security and the leakage of information.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.61-69
• /
• 2020

Since spear-phishing mail attacks focus on a particular target persistently to collect and take advantage of information, it can incur severe damage to the target as a part of the intelligent and new attacks such as APT attacks and social engineering attacks. The usual spam filtering services can have limits in countering spear-phishing mail attacks because of different targets, goals, and methods. In this paper, we analyze mail security services of several enterprises hosted by midium and small-sized enterprises with relatively security vulnerabilities in order to see whether their services can effectively respond spear-phishing mail attacks. According to the analysis result, we can say that most of mail security hosting services lack in responding spear-phishing mail attacks by providing functions for mainly managing mails including spam mail. The analysis result can be used as basic data to extract the effective and systematic countermeasure.