• ETRI Journal
• /
• v.38 no.6
• /
• pp.1145-1152
• /
• 2016

Because the nodes in a wireless sensor network (WSN) are mobile and the network is highly dynamic, monitoring every node at all times is impractical. As a result, an intruder can attack the network easily, thus impairing the system. Hence, detecting anomalies in the network is very essential for handling efficient and safe communication. To overcome these issues, in this paper, we propose a rule-based anomaly detection technique using roaming honeypots. Initially, the honeypots are deployed in such a way that all nodes in the network are covered by at least one honeypot. Honeypots check every new connection by letting the centralized administrator collect the information regarding the new connection by slowing down the communication with the new node. Certain predefined rules are applied on the new node to make a decision regarding the anomality of the node. When the timer value of each honeypot expires, other sensor nodes are appointed as honeypots. Owing to this honeypot rotation, the intruder will not be able to track a honeypot to impair the network. Simulation results show that this technique can efficiently handle the anomaly detection in a WSN.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.1
• /
• pp.85-94
• /
• 2014

This paper studied the detection technique using file DNA-based behavior pattern analysis in order to minimize damage to user system by malicious programs before signature or security patch is released. The file DNA-based detection technique was applied to defend against zero day attack and to minimize false detection, by remedying weaknesses of the conventional network-based packet detection technique and process-based detection technique. For the file DNA-based detection technique, abnormal behaviors of malware were splitted into network-related behaviors and process-related behaviors. This technique was employed to check and block crucial behaviors of process and network behaviors operating in user system, according to the fixed conditions, to analyze the similarity of behavior patterns of malware, based on the file DNA which process behaviors and network behaviors are mixed, and to deal with it rapidly through hazard warning and cut-off.

• Journal of the Korea Concrete Institute
• /
• v.19 no.3
• /
• pp.359-366
• /
• 2007

Recently, analysis researches on durability are focused on chloride attack and carbonation due to increased social and engineering significance. Generally, chloride penetration and carbonation occur simultaneously except for in submerged condition and chloride behavior in carbonated concrete is evaluated to be different from that in normal concrete. Furthermore, if unavoidable crack occurs in concrete, it influences not only single attack but also coupled deterioration more severely. This is a study on analysis technique with system dynamics for chloride penetration in concrete structures exposed to coupled chloride attack and carbonation through chloride diffusion, permeation, and carbonation reaction. For the purpose, a modeling for chloride behavior considering diffusion and permeation is performed through previous models for early-aged concrete such as MCHHM (multi component hydration heat model) and MPSFM (micro pore structure formation). Then model for combined deterioration is developed considering changed characteristics such as pore distribution, saturation and dissociation of bound chloride content under carbonation. The developed model is verified through comparison with previous experimental data. Additionally, simulation for combined deterioration in cracked concrete is carried out through utilizing previously developed models for chloride penetration and carbonation in cracked concrete. From the simulated results, CCTZ (chloride-carbonation transition zone) for evaluating combined deterioration is proposed. It is numerically verified that concrete with slag has better resistance to combined deterioration than concrete with OPC in sound and cracked concrete.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4560-4575
• /
• 2018

Since smartphone contains various personal data, security is one of the important aspects in smartphone technologies. Up to now, various authentication techniques have been proposed to protect smartphones. The pattern lock on the Android system is one of the most widely used authentication methods for low-cost devices but it is known to be vulnerable to smudge attack or shoulder surfing attack. LG's smartphone uses its own technique, which is called "Knock Code." The knock code completes the authentication by touching the user defined area in turn on the screen. In this paper, we propose the new, enhanced version of knock code by adding the sliding operation and by using flexible area recognition. We conducted security analysis, which shows that under the same password size, the search space is overwhelmingly larger than the original algorithm. Also, by using the sliding operation, the proposed scheme shows resilience against smudge attacks. We implemented the prototype of our scheme. Experimental results show that compared with the original Knock Code and Android pattern lock, our scheme is more convenient while providing better security.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4C
• /
• pp.197-206
• /
• 2011

In the RFID system, bulk tag information is stored into the back-end database as plaintext format not ciphertext. In this case, the tags's private informations can be easily compromised by an external hacker or an insider attacker. If the private informations of tags disclosed by the attackers, it can occur serious privacy invasion problem. Recently the database(DB) security is an important issue to prevent the above DB compromised attack. However, DB security for RFID systeme has not been considered yet. If we use the DB security technique into the RFID system, the above described privacy invasion' problem can be easily prevented. Based on this motivation, this paper proposes a secure and efficient back-end database security and authentication(S-DB) scheme with XOR-based encryption/decryption algorithm. In the proposed scheme, all tag's private information is encrypted and stored by using the DB secret key to protect the DB compromised attack. As a result, the proposed S-DB scheme 'can provide stronger security and more efficiency for the secure RFID system environment.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.34 no.5
• /
• pp.19-29
• /
• 2006

In this study, numerical simulation of airframes separating from a missile system has been preformed. For the time-accurate trajectory simulation, six D.O.F equations of motion of multiply connected bodies were derived and these equations have been coupled with the unstructured overset mesh technique for the treatment of independent mesh blocks moving with each body component. Applications were made for the simulation of the airframe separation at missile angles of attack of 0 and 5 degrees. It was demonstrated that the present method is efficient and robust for the prediction of unsteady time-accurate flow fields involving multiple bodies in relative motion.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.10
• /
• pp.1311-1319
• /
• 2019

Currently, the web environment is a commonly used area for sharing information and conducting business. It is becoming an attack point for external hacking targeting on personal information leakage or system failure. Conventional signature-based detection is used in cyber threat but signature-based detection has a limitation that it is difficult to detect the pattern when it is changed like polymorphism. In particular, injection attack is known to the most critical security risks based on web vulnerabilities and various variants are possible at any time. In this paper, we propose a novelty detection technique to detect abnormal state that deviates from the normal state on web-server log dataset(WSLD). The proposed method is a machine learning-based technique to detect a minor anomalous data that tends to be different from a large number of normal data after replacing strings in web-server log dataset with vectors using machine learning-based embedding algorithm.

• Journal of Korea Multimedia Society
• /
• v.9 no.12
• /
• pp.1596-1606
• /
• 2006

There has been more increased the development of 3D technique since many 3D contents of 3D graphic model, 3D mobile/computer game, and 3D CAD have been serviced in Web or industry fields. Therefore, the watermarking system is more required to protect the copyright for 3D contents. Currently there has been researched about the watermarking for 3D graphic model of mesh or NURBS. However, watermarking technique based on CAD design drawing leaves something to be desired yet. This paper proposed the watermarking technique for 3D CAD design drawing using Line and Arc components. After drawing out Line and Arc components from designed drawing, we embed the watermark into both the length of Line component and the radius of Arc component. Experimental results verified that the proposed algorithm satisfies the transparency about watermarked drawing and also has the robustness against several attacks by using public CAD tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.493-500
• /
• 2015

Personal information exposed in the Internet is increasing by the public data opening and sharing, vitalization of SNS(Social Network Service) and growth of information shared between users. Exposed personal information in the Internet can infringe upon targeted users using linkage attack or background attack. To prevent these attack De-identification models were appeared a few years ago. The 'k-anonymity' has been introduced in the first place, and the '${\ell}$-diversity' and 't-closeness' have been followed up as solutions, and diverse algorithms have been being suggested for performance improvement nowadays. However, industry or public sectors actually needs a whole solution as a system for the de-identification process rather than performance of the de-identification algorithm. This paper explains a way of de-identification techique for 'k-anonymity', '${\ell}$-diversity', and 't-closeness' algorithm using QI(Quasi-Identifier) grouping method in the relational database.

• Journal of Internet Computing and Services
• /
• v.16 no.5
• /
• pp.1-9
• /
• 2015

As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.