• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1093-1095
• /
• 2007

As the networking and data communication technology is making progress, there has been an augmented concern about the security. Intrusion Detection and Prevention Systems have long being providing a reliable layer in the field of Network Security. Intrusion Detection System works on analyzing the traffic and finding a known intrusion or attack pattern in that traffic. But as the new technology provides betterment for the world of the Internet; it also provides new and efficient ways for hacker to intrude in the system. Hence, these patterns on which IDS & IPS work need to be updated. For detecting the power and knowledge of attackers we sometimes make use of Honey-pots. In this paper, we propose a Honey-pot architecture that automatically updates the Intrusion's Signature Knowledge Base of the IDS in a Network.

• Journal of Digital Convergence
• /
• v.14 no.5
• /
• pp.333-339
• /
• 2016

Technology to optimize and utilize the use and supply of the electric power between consumer and supplier has been on the rise among the smart grid power market network in electric power demand management based on the Internet. Open Automated Demand Response system protocol, which can deliver Demand Response needed in electric power demand management to electricity supplier, system supplier and even the user is openADR 2.0b. This paper used the most credible, cosmopolitanly proliferated EPRI open source and analysed the variety of security vulnerability that developed VEN and VTN system may have. Using the simulator for attacking openADR protocol, the VEN/VTN system that has been implemented as EPRI open source was conducted to attack in a variety of ways. As a result of the analysis, we were able to get the results that the VEN/VTN system has security vulnerabilities to the parameter tampering attacks and service flow falsification attack. In conclusion, if you want to implement the openADR2.0b protocol system in the open or two-way communication environment smart grid network, considering a variety of security vulnerability should be sure to seek security technology and services.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.799-808
• /
• 2003

Existing security solutions such as Firewell and IDS (Intrusion Detection System) have a trouble in getting accurate detection rate about new attack and can not block interior attack. That is, existing securuty solutions have various shortcomings. Shortcomings of these security solutions can be supplemented with mechanism which guarantees an availability of systems. The mechanism which guarantees the survivability of node is various, we approachintrusion telerance using real time response mechanism. The monitoring code monitors related resources of system for survivability of vulnerable systm continuously. When realted resources exceed threshold, monitoring and response code is deployed to run. These mechanism guarantees the availability of system. We propose control mathod about resource monitoring. The monitoring code operates with this method. The response code may be resident in active node for availability or execute a job when a request is occurred. We suggest the node survivability mechanism that integrates the intrusion tolerance mechanism that complements the problems of existing security solutions. The mechanism takes asvantage of the automated service distribution supported by Active Network infrastructure instead of passive solutions. The mechanism takes advantage of the automated service distribution supported by Active Network infrastructure instead of passive system reconfiguration and patch.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1449-1461
• /
• 2018

As the number of software vulnerabilities grows year by year, attacks on software are also taking place a lot. As a result, the security administrator must identify and patch vulnerabilities in the software. However, it is important to prioritize the patches because patches for all vulnerabilities are realistically hard. In this paper, we propose a scoring system that expands the scale of risk assessment metric by taking into consideration attack patterns or weaknesses cause vulnerabilities with the vulnerability information provided by the NIST(National Institute of Standards and Technology). The proposed scoring system is expanded based on the CWSS and uses only public vulnerability information to utilize easily for any company. In this paper, we applied the automated scoring system to software vulnerabilities, and showed the expanded metrics with consideration for influence of attack pattern and weakness are meaningful.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.245-261
• /
• 2024

The COVID-19 pandemic has led to the widespread adoption of contactless transactions, resulting in a noticeable increase in the trend towards fully unmanned stores. In such stores, all operational processes are automated, primarily using artificial intelligence (AI) technology. However, this AI technology has several security vulnerabilities, which can be critical in the environment of fully unmanned stores. This paper analyzes the security vulnerabilities that AI-based fully unmanned stores may face, focusing particularly on the object detection model YOLO, demonstrating that Hiding Attacks and Altering Attacks using adversarial patches are possible. It is confirmed that objects with adversarial patches attached may not be recognized by the detection model or may be incorrectly recognized as other objects. Furthermore, the paper analyzes how Data Augmentation techniques can mitigate security threats by providing a defensive effect against adversarial patch attacks. Based on these results, we emphasize the need for proactive research into defensive measures to address the inherent security threats in AI technology used in fully unmanned stores.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2236-2257
• /
• 2020

Ransomware is malicious software that encrypts the user-related files and data and holds them to ransom. Such attacks have become one of the serious threats to cyberspace. The avoidance techniques that ransomware employs such as obfuscation and/or packing makes it difficult to analyze such programs statically. Although many ransomware detection studies have been conducted, they are limited to a small portion of the attack's characteristics. To this end, this paper proposed a framework for the behavioral-based dynamic analysis of high survivable ransomware (HSR) with integrated valuable feature sets. Term Frequency-Inverse document frequency (TF-IDF) was employed to select the most useful features from the analyzed samples. Support Vector Machine (SVM) and Artificial Neural Network (ANN) were utilized to develop and implement a machine learning-based detection model able to recognize certain behavioral traits of high survivable ransomware attacks. Experimental evaluation indicates that the proposed framework achieved an area under the ROC curve of 0.987 and a few false positive rates 0.007. The experimental results indicate that the proposed framework can detect high survivable ransomware in the early stage accurately.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.1
• /
• pp.523-549
• /
• 2018

The increasing number of subscribers and demand of multiplicity of services has turned Multi-Server Authentication (MSA) into an integral part of remote authentication paradigm. MSA not only offers an efficient mode to register the users by engaging a trusted third party (Registration Centre), but also a cost-effective architecture for service procurement, onwards. Recently, Lu et al.'s scheme demonstrated that Mishra et al.'s scheme is unguarded to perfect forward secrecy compromise, server masquerading, and forgery attacks, and presented a better scheme. However, we discovered that Lu et al.'s scheme is still susceptible to malicious insider attack and non-compliant to perfect forward secrecy. This study presents a critical review on Lu et al.'s scheme and then proposes a secure multi-server authentication scheme. The security properties of contributed work are validated with automated Proverif tool and proved under formal security analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.909-917
• /
• 2013

CAPTCHA is an automated test to tell apart computers from human mainly for web services, and it has been evolved since the most naive form in which users are requested to input simple strings has been introduced. Though many types of CAPTCHAs have been proposed, text-based CAPTCHAs have been widely prevailed for user convenience. In this paper, we introduce new segmentation schemes and show an attack method to break the CAPTCHA of Naver that occupies more than 70% of the market share in search engine. The experimental results show that 938 trials out of 1000 have successfully analyzed, which implies that we cannot use the CAPTCHA anymore.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.257-260
• /
• 2014

Digital Forensics in the event of an accident, the system restore files and the only way to find evidence KT Website hacking happening now, credit card companies, and leakage of personal information by three recent spills occurred, such as Skin Food Home Up Customer Information hackers to find these crimes only means as well. This study attempted to bypass the KT website hacking attacks utilizing automated programs hacking programs, and if you try to experiment on whether any information has been disclosed and if so what home attacked forensics evidence for hackers to locate the can make a report is described.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.33-40
• /
• 2021

Automatic Speech Recognition(ASR) is a technology that analyzes human speech sound into speech signals and then automatically converts them into character strings that can be understandable by human. Speech recognition technology has evolved from the basic level of recognizing a single word to the advanced level of recognizing sentences consisting of multiple words. In real-time voice conversation, the high recognition rate improves the convenience of natural information delivery and expands the scope of voice-based applications. On the other hand, with the active application of speech recognition technology, concerns about related cyber attacks and threats are also increasing. According to the existing studies, researches on the technology development itself, such as the design of the Automatic Speaker Verification(ASV) technique and improvement of accuracy, are being actively conducted. However, there are not many analysis studies of attacks and threats in depth and variety. In this study, we propose a cyber attack model that bypasses voice authentication by simply manipulating voice frequency and voice speed for AI voice recognition service equipped with automated identification technology and analyze cyber threats by conducting extensive experiments on the automated identification system of commercial smartphones. Through this, we intend to inform the seriousness of the related cyber threats and raise interests in research on effective countermeasures.