• KIISE Transactions on Computing Practices
• /
• v.22 no.7
• /
• pp.332-337
• /
• 2016

System administrator or security managers need to collect logs of computing device (desktop or server), which are used for the purpose of cause-analysis of security incident and discover if damage to system was either caused by hacking or computer virus. Furthermore, appropriate log maintenance helps preventing security breech incidents through identification of vulnerability. In addition, it can be utilized for prevention of data leakage through the insider. In the paper, we present log collection system developed using open source supported by commands and basic methods of Windows. Furthermore, we aim to collect log information to enable search and analysis from diverse perspectives and to propose a way to integrate with open source-based search engine system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1319-1326
• /
• 2015

The symmetric key encryption algorithms, such as the AES or the ARIA, generate round keys by the key expansion mechanism. While the algorithm is executed, key expansion mechanism emits information about the secret key by the power consumption. The vulnerability exists that can reduce significantly the candidate of the secret key by the simple power analysis attack using a small number of the power traces. Therefore, we'll have to study about the attack and the countermeasure to prevent information leakage. While a simple power analysis attack on the AES key expansion has been studied since 2002, ARIA is insufficient. This paper presents a simple power analysis attack on 8-bit implementations of the ARIA-128 key expansion. The presented attack efficiently utilizes this information leakage to substantially reduce the key space that needs to be considered in a brute-force search for the secret key. We show that ARIA is vulnerable to a SPA attack based on hamming weight leakage.

• Journal of the Korea Convergence Society
• /
• v.5 no.1
• /
• pp.29-34
• /
• 2014

It appeared with the development of IT skills to help the social network SNS(Social Network Service) on the online form. Many people around the world and in the business environment changes is the emergence of social networks are bringing. And the rapid development of the idea, but are insignificant for the security threats that are used by many people in many companies, and social network services. In addition, although it is true that this connection is increased from the number of mobile machines to the development of M2M, that is not recognized for that vulnerability. To evaluate and identify vulnerabilities against security threats and countermeasures for the SNS access the social network on the M2M After looking for privacy and in the present.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.335-344
• /
• 2016

It is known that power analysis is one of the most powerful attack in side channel analysis. Among power analysis single trace attack is widely studied recently since it uses one power consumption trace to recover secret key of public cryptosystem. Recently Sim et al. proposed new exponentiation algorithm for RSA cryptosystem with higher attack complexity to prevent single trace attack. In this paper we analyze the vulnerability of exponentiation algorithm described by Sim et al. Sim et al. applied message blinding and random exponentiation splitting method on $2^t-ary$ for higher attack complexity. However we can reveal private key using information exposed during pre-computation generation. Also we describe modified algorithm that provides higher attack complexity on collision attack. Proposed algorithm minimized the reuse of value that are used during exponentiation to provide security under single collision attack.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.481-492
• /
• 2008

With the advancement of the Internet and networks, the combination of wired/wireless technologies is spreading rapidly since it enables the creation of new services and provides new features to both users and service providers. In such wired/wireless integrated services, network integration is very important because such systems are integrated by a linkage between heterogeneous networks and they involve an integration of transmission technologies across networks. In this situation, existing security and communication technologies are unsuitable since the network are integrated with heterogeneous networks. The network may also have several security vulnerability. Also, form of service that users offer will be service for roaming user. In these service, we must provide fast authentication and security at roaming. Therefore in this paper we proposed roaming and AAA mechanism in heterogeneous network environment. Our system provides secure communication and efficiency.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.10
• /
• pp.1269-1284
• /
• 2001

The Secure Sockets Layer is a protocol for encryption TCP/IP traffic that provides confidentiality, authentication and data integrity. Also the SSL is intended to provide the widely applicable connection-oriented mechanism which is applicable for various application-layer, for Internet client/server communication security. SSL, designed by Netscape is supported by all clients' browsers and server supporting security services. Now the version of SSL is 3.0. The first official TLS vl.0 specification was released by IETF Transport Layer Security working group in January 1999. As the version of SSL has had upgraded, a lot of vulnerabilities were revealed. SSL and TLS generate the private key with parameters exchange method in handshake protocol, a lot of attacks may be caused on this exchange mechanism, also the same thing may be come about in record protocol. In this paper, we analyze SSL protocol, compare the difference between TLS and SSL protocol, and suggest what developers should pay attention to implementation.

• Journal of Advanced Navigation Technology
• /
• v.21 no.6
• /
• pp.633-637
• /
• 2017

Cyber attacks on aircraft and aeronautical networks are not much different from cyber attacks commonly found in the ground industry. Air traffic management infrastructure is being transformed into a digital infrastructure to secure air traffic. A wide variety of communication environments, information and communications, navigation, surveillance and inflight entertainment systems are increasingly threatening the threat posed by cyber terrorism threats. The emergence of unmanned aircraft systems also poses an uncontrollable risk with cyber terrorism. We have analyzed cyber security standards and response strategies in developed countries by recognizing the vulnerability of cyber threats to aircraft systems and aviation infrastructure in next generation data network systems. We discussed comprehensive measures for cybersecurity policies to consider in the domestic aviation environment, and discussed the concept of security environment and quick response strategies.

• Convergence Security Journal
• /
• v.14 no.2
• /
• pp.17-24
• /
• 2014

Form of backdoor penetration attacks "trapdoor" penetration points to bypass the security features and allow direct access to the data. Backdoor without modifying the source code is available, and even code generation can also be modified after compilation. This approach by rewriting the compiler when you compile the source code to insert a specific area in the back door can be due to the use of the method. Defense operations and the basic structure of the backdoor or off depending on the nature of the damage area can be a little different way. This study is based on the diagnosis of a back door operating mechanism acting backdoor analysis methods derived. Research purposes in advance of the attack patterns of malicious code can respond in a way that is intended to be developed. If we identify the structures of backdoor and the infections patterns through the analysis, in the future we can secure the useful information about malicious behaviors corresponding to hacking attacks.

• Convergence Security Journal
• /
• v.19 no.4
• /
• pp.43-53
• /
• 2019

Recently, a number of military intranet infiltrations suspected of North Korea have been discovered. There was a problem that a vulnerability could occur due to the modification of user authentication data that can access existing military information systems. In this paper, we applied mutual verification technique and API (Application Programming Interface) forgery / forgery blocking and obfuscation to solve the authentication weakness in web browsers that comply with FIDO (Fast IDentity Online) standard. In addition, user convenience is improved by implementing No-Plugin that does not require separate program installation. Performance tests show that most browsers perform about 0.1ms based on the RSA key generation rate. In addition, it proved that it can be used for commercialization by showing performance of less than 0.1 second even in the digital signature verification speed of the server. The service is expected to be useful for improving military information system security as an alternative to browser authentication by building a web secure storage.

• Journal of the Korea Convergence Society
• /
• v.1 no.1
• /
• pp.93-100
• /
• 2010

Diverse kind of attack using the vulnerability of user authentication on Internet service is announced recently. Especially, security accidents on the Internet banking service and Internet telephony service(SIP) are increased rapidly. Attack skills are also evolved into intelligent mechanism. Therefore, more enhanced authentication mechanism is required on existing Internet banking and telephone services for preventing those kinds of attacks using personal identity information such as biometric data. In this research, the proposed B-OTP mechanism can be used to enhance security on a user authentication procedure by combining biometric data with existing OTP mechanism. As a result, the security on internet banking and Internet telephone service will be more improved by using proposed B-OTP mechanism.