• Journal of Information Processing Systems
• /
• 제5권3호
• /
• pp.131-134
• /
• 2009

Man-in-the-middle attack is used wildly as a method of attacking the network. To discover how this type of attack works, this paper describes a method of man-in-the-middle attack based on ARP spoofing, and proposes a method of preventing such attacks.

• 대한한의학회지
• /
• 제23권3호
• /
• pp.119-133
• /
• 2002

Objectives : This study was designed to investigate significant differences between the first attack and reattack groups to form fundamental data for decreasing recurrence and secondary prevention of stroke. Methods : I studied 204 patients admitted within 7 days of onset, after the diagnosis of stroke, in the Oriental Medical Hospital of Dongeui University from February to July in 2001.compared the reattack group with the first attack group for risk factors, clinical symptoms and progress, average mark and degree of improvement in Activity Index. Results : 1. Meaningful risk factors associated with the reattack group were male sex, a past history of hypertension and transient ischemic attack, and a family history of stroke. 2. The reattack group had conscious or cognitive disorder in early stage of onset, dysphagia, constipation, urinary incontinence, visual field defect in acute stage, high blood pressure and tachycardia in abnormalvital sign in acute stage, neuropsychosis, shoulder pain and rigidity, and pneumonia in complications more than the first attack group. 3. In Activity Index, the average mark of reattack group was lower than that of the first stroke group and improvement of the reattack group was delayed compared with the first attack group. Conclusions : The reattack group had more severe symptoms and clinical progress than the first attack group.

• 콘크리트학회논문집
• /
• 제16권4호
• /
• pp.557-564
• /
• 2004

This paper introduces a study carried out to investigate sodium sulfate attack caused by various reactive products. Experiments were performed on mortar and paste specimens made with ordinary Portland cement (OPC) conforming to KS L 5201 Type I. The water-cement ratios were varied from 0.35 to 0.55. It was found from the laboratory study that the water-cement ratio may be a key to control the deterioration of OPC matrix during sodium sulfate attack. Furthermore, X-ray diffraction (XRD) confirmed that ettringite, gypsum and thaumasite were the main products formed by sodium sulfate attack. These findings were well supported by thermal analysis through differential scanning calorimetry (DSC), and confirmed the long-term understanding that deterioration mechanism by sodium sulfate attack is a complicated process. Most importantly, deterioration due to sodium sulfate attack is characterized as the drastic reduction in compressive strength as well as the expansion (especially in cement matrix with a higher water-cement ratio).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권2호
• /
• pp.727-746
• /
• 2018

The hash function RIPEMD-160 is a worldwide ISO/IEC standard and the hash function HAS-160 is the Korean hash standard and is widely used in Korea. On the basis of differential meet-in-the-middle attack and biclique technique, a preimage attack on 34-step RIPEMD-160 with message padding and a pseudo-preimage attack on 71-step HAS-160 without message padding are proposed. The former is the first preimage attack from the first step, the latter increases the best pseudo-preimage attack from the first step by 5 steps. Furthermore, we locate the linear spaces in another message words and exchange the bicliques construction process and the mask vector search process. A preimage attack on 35-step RIPEMD-160 and a preimage attack on 71-step HAS-160 are presented. Both of the attacks are from the intermediate step and satisfy the message padding. They improve the best preimage attacks from the intermediate step on step-reduced RIPEMD-160 and HAS-160 by 4 and 3 steps respectively. As far as we know, they are the best preimage and pseudo-preimage attacks on step-reduced RIPEMD-160 and HAS-160 respectively in terms of number of steps.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제14권1호
• /
• pp.344-365
• /
• 2020

Providing security has been always on priority in all areas of computing and communication, and for the systems that are low on computing power, implementing appropriate and efficient security mechanism has been a continuous challenge for the researchers. Radio Frequency Identification (RFID) system is such an environment, which requires the design and implementation of efficient security mechanism. Earlier, the security protocols for RFID based on hash functions and symmetric key cryptography have been proposed. But, due to high strength and requirement of less key size in elliptic curve cryptography, the focus of researchers has been on designing efficient security protocol for RFID based on elliptic curves. In this paper, an efficient elliptic curve signcryption based security protocol for RFID has been proposed, which provides mutual authentication, confidentiality, non-repudiation, integrity, availability, forward security, anonymity, and scalability. Moreover, the proposed protocol successfully provides resistance from replay attack, impersonation attack, location tracking attack, de-synchronization attack, denial of service attack, man-in-the-middle attack, cloning attack, and key-compromise attack. Results have revealed that the proposed protocol is efficient than the other related protocols as it takes less computational time and storage cost, especially for the tag, making it ideal to be used for RFID systems.

• 정보보호학회논문지
• /
• 제23권4호
• /
• pp.585-591
• /
• 2013

최근 정보보호 장치를 이용하여 암호 알고리듬을 수행할 경우 부채널 공격과 오류 주입 공격을 결합한 물리적 조합 공격에 의해 비밀 키가 노출될 수 있음이 밝혀졌다. 특히, RSA 암호 시스템에서 수행하는 멱승 연산에 대해 한 번의 오류 주입과 전력 분석을 통해 조합 공격이 가능하다. 본 논문에서는 SPA(Simple Power Analysis)와 FA(Fault Attack)을 방어하기 위해 제안되었던 BNP(Boscher, Naciri, and Prouff) 멱승 알고리듬이 조합 공격에 취약함을 보이고자 한다. 또한, 오류 확산 기법에 기반하여 개인 키를 랜덤화시키는 대응 방안을 제안한다.

• 방송공학회논문지
• /
• 제6권1호
• /
• pp.58-65
• /
• 2001

본 논문에서는 영상 워터마킹에 대한 새로운 공격 방법인 스크린 마크(Screen Mark) 공격 방법을 소개한다. 스크린 마크 공격 방법은 오버마크(overmark) 공격 방법을 응용한 공격 방법으로써, 워터마크가 삽입된 영상에 공격자의 워터마크를 삽입하여 워터마크 검출기가 정상적으로 작동하지 못하게 하는 공격 방법이다. 공개(public) 워터마킹 시스템에 오버마크 공격을 적용할 수 없는 것과는 달리, 제안한 공격 방법은 공개 워터마킹 시스템에도 적용할 수 있다. 제안한 공격 방법을 통하여 상용 워터마킹 시스템을 이용하여 워터마크를 삽입한 영상을 효과적으로 공격할 수 있었으며, 다른 워터마킹 공격 방법들을 이용하여 공격한 영상보다 보다 좋은 화질을 보인다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제8권7호
• /
• pp.2512-2531
• /
• 2014

We propose a new Distributed Denial of Service (DDoS) defense mechanism that protects http web servers from application-level DDoS attacks based on the two methodologies: whitelist-based admission control and busy period-based attack flow detection. The attack flow detection mechanism detects attach flows based on the symptom or stress at the server, since it is getting more difficult to identify bad flows only based on the incoming traffic patterns. The stress is measured by the time interval during which a given client makes the server busy, referred to as a client-induced server busy period (CSBP). We also need to protect the servers from a sudden surge of attack flows even before the malicious flows are identified by the attack flow detection mechanism. Thus, we use whitelist-based admission control mechanism additionally to control the load on the servers. We evaluate the performance of the proposed scheme via simulation and experiment. The simulation results show that our defense system can mitigate DDoS attacks effectively even under a large number of attack flows, on the order of thousands, and the experiment results show that our defense system deployed on a linux machine is sufficiently lightweight to handle packets arriving at a rate close to the link rate.

• 한국화재소방학회논문지
• /
• 제26권2호
• /
• pp.97-104
• /
• 2012

본 연구에서는 산불이 발생하면 대형화 위험성이 증대하여 항공기 특히, 헬기의 산불진화 활용성이 점차 증가되고 있는 관점에서, 산불진화 과정 중 헬기에 의한 공중진화기술과 안전성 향상은 효율적인 산불진화의 성공요인으로서 매우 중요하다. 따라서 우리나라 산불전문기관인 산림청 산림항공본부의 조종사들에 대하여 산불현장에서 실제 경험한 내용을 토대로 설문조사를 실시하여 효율적인 공중진화기술 및 안전성 향상 방안을 제시하였다.

• 한국항행학회논문지
• /
• 제13권6호
• /
• pp.876-883
• /
• 2009

2008년에 Kim-Jun은 도청, 스푸핑, 재전송 공격 등에 강한 일회성 난수를 이용한 RFID 상호인증 프로토콜을 제안하였지만 2009년 Yoon-Yoo는 재전송 공격에 취약한 것을 증명하고 재전송 공격을 막을 수 있는 프로토콜을 제안하였다. 그러나 Yoon-Yoo의 프로토콜은 통신상의 효율성과 전사적 공격(brute-force attack)에 취약한 문제가 있다. 본 논문에서는 Yoon-Yoo의 프로토콜의 취약점을 보이고, 안정성과 성능을 개선한 RFID 상호인증 프로토콜을 제안한다.