• International Journal of Computer Science & Network Security
• /
• 제24권3호
• /
• pp.38-42
• /
• 2024

In this paper, we analyze the security of a self-recovery fragile watermarking scheme proposed by C. Wang et al. An attack against C. Wang et al.'s scheme is demonstrated. The theoretical and experimental results show that the proposed scheme is not secure against attacks.

• International Journal of Computer Science & Network Security
• /
• 제22권6호
• /
• pp.256-274
• /
• 2022

The continuous information technology and telecommunication (ICT) developments inspire several Saudi Arabia citizens to transact and interact online. However, when using online platforms, several people are likely to lose their personal information to cybercriminals. In the survey, 553 Saudi Arabia citizens and 103 information technology (IT) specialists confirm the expansion of digital economy and the need for smart cities with various services, including e-commerce and solid cyber security. 96.6% of the participants believe Saudi Arabia is digitalizing its economy; yet, 33.3% of the participants believe that residents are uninformed about living and operating in smart cities. Several people (47.29%) with medium internet speed are more aware about smart cities than those with fastest internet speed (34%). Besides, online transactions via credit cards subjected 55.5% of the participants to privacy and security issues. These findings validate the essence of cyber security awareness programs among Saudi Arabia citizens and IT professionals to boost public trust and acceptance of cybersecurity frameworks.

• International Journal of Computer Science & Network Security
• /
• 제23권12호
• /
• pp.1-12
• /
• 2023

Ensuring the security of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) is paramount to safeguarding the reliability and safety of critical infrastructure. This paper addresses the significant threat posed by reconnaissance attacks on SCADA/ICS networks and presents an innovative methodology for enhancing their protection. The proposed approach strategically employs imbalance dataset handling techniques, ensemble methods, and feature engineering to enhance the resilience of SCADA/ICS systems. Experimentation and analysis demonstrate the compelling efficacy of our strategy, as evidenced by excellent model performance characterized by good precision, recall, and a commendably low false negative (FN). The practical utility of our approach is underscored through the evaluation of real-world SCADA/ICS datasets, showcasing superior performance compared to existing methods in a comparative analysis. Moreover, the integration of feature augmentation is revealed to significantly enhance detection capabilities. This research contributes to advancing the security posture of SCADA/ICS environments, addressing a critical imperative in the face of evolving cyber threats.

• 한국컴퓨터정보학회논문지
• /
• 제22권5호
• /
• pp.29-39
• /
• 2017

In this paper, we analyse security threats and security requirements about the designated PC solution which restricts usable PCs that are only an user own PCs or a registered PC for online banking or very important services. Accordingly, causable threats of the designated PC solution are classified a process, a network layer, a software module, and an environment of platform, and we draw security requirements based on analysed security threats. Results of this research are considered utilization of criteria for improving security of the designated PC solution and standards for giving hint of imposition of the designated PC solution.

• 한국컴퓨터정보학회논문지
• /
• 제20권10호
• /
• pp.141-148
• /
• 2015

This study aims to inspect national security consciousness of marriage migrant women, and to figure out factors which affect on awareness of national security. Based on this, this study also suggests a way to build up national security of marriage migrant women. As the result of the factors on security situation, there were several things which are necessity of education, trust in the army and government, positivity toward North Korea and so on, while necessity of education, trust in the army and government, national pride and positivity toward North Korea were on the awareness of national security. There are three ways of building up national security consciousness of marriage migrant women. First, security education is needed to be in the social adjustment program of marriage migrant women. Secondly, concern on security is required to them. Third, a necessity of production on security education material is demanded for marriage migrant women.

• International Journal of Computer Science & Network Security
• /
• 제23권10호
• /
• pp.107-114
• /
• 2023

The study provides the identification of vulnerabilities in the security issues by Wireless Network. To achieve it the research focus on packet flow analysis, end to end data communication, and the security challenges (Cybercrime, insider threat, attackers, hactivist, malware and Ransomware). To solve this I have used the systematic literature review mechanisms and demonstrative tool namely Wireshark network analyzer. The practical demonstration identifies the packet flow, packet length time, data flow statistics, end- to- end packet flow, reached and lost packets in the network and input/output packet statics graphs. Then, I have developed the proposed model that used to secure the Wireless network solution and prevention vulnerabilities of the network security challenges. And applying the model that used to investigate the security challenges and vulnerabilities of cloud computing services is used to fulfill the network security goals in Wireless network. Finally the research provides the model that investigate the security challenges and vulnerabilities of cloud computing services in wireless networks

• 한국정보과학회논문지:시스템및이론
• /
• 제26권12호
• /
• pp.1468-1475
• /
• 1999

컴퓨터망 보안을 위해서는 취약점의 빠른 발견과 그에 따르는 신속한 조치가 요구된다. 이를 위해 컴퓨터망 여러 곳에서 사용자가 원하는 보안 정보를 수집, 분석하고 수집된 보안 정보들을 효과적으로 보여주는 통합적인 보안 관리를 제공하는 모니터링 방식이 필요하다. 본 논문에서는 보안 관리를 위한 동적 모니터링 형식 모델을 제시한다. 동적 모니터링은 상태 전이에 의한 시스템 상태, 사용자와의 상호작용, 시각 및 모니터링 객체의 동적 활성화를 이용하여 컴퓨터망 통합 보안 관리를 제공한다. 계속적으로 변하는 보안 정보, 컴퓨터망 관리자의 관심점과 모니터링 레벨의 변화를 즉각적으로 반영함으로써 관리자에게 컴퓨터망 관리의 정확성, 효율성 그리고 편의성을 제공한다. 모니터링 시스템을 형식적으로 모델링하여 여러 모니터링 응용프로그램의 개발이 가능한 모니터링 플랫폼으로 발전시킬 수 있다. Abstract It is highly required to quickly detect the vulnerability of a computer network system and an appropriate action toward it should be followed as soon as possible for its security. It leads us to the need of a monitoring schema that can provide an integrated security management with carefully selected and analysed data through the computer network for its users. This paper presents a formal model of dynamic monitoring for security management. It provides the comprehensive security management using continuously changing security information, user interactions and dynamic activation of visual and monitoring objects. It enables system security officers to manage computer systems accurately, efficiently and conveniently by reflecting the state transition and the transformation of concerns and a monitoring level of system security officers immediately. This model can be used as the basis of a monitoring platform.

• International Journal of Computer Science & Network Security
• /
• 제22권11호
• /
• pp.241-247
• /
• 2022

Ad hoc network is self-organized network powered by battery. The reliability of virtual user identification and channel security are reduced when SNR is low due to limited user energy. In order to solve this problem, a joint virtual user identification and channel security en/decoding method is proposed in this paper. Transmitter-receiver-based virtual user identification code is generated by executing XOR operation between orthogonal address code of transmitter and pseudo random address code of receiver and encrypted by channel security code to acquire orthogonal random security sequence so as to improve channel security. In order to spread spectrum as well as improve transmission efficiency, data packet is divided into 6-bit symbols, each symbol is mapped with an orthogonal random security sequence. Subspace-based method is adopted by receiver to process received signal firstly, and then a judgment model is established to identify virtual users according to the previous processing results. Simulation results indicate that the proposed method obtains 1.6dB E_b/N₀ gains compared with reference methods when miss alarm rate reaches 10^-3.

• 인터넷정보학회논문지
• /
• 제23권4호
• /
• pp.95-107
• /
• 2022

사물인터넷 센서 장치와 빅데이터 처리 기법의 개발 및 보급으로 사물인터넷 센서를 활용한 정보 시스템이 여러 산업 분야에 적용되어 활용되고 있다. 정보 시스템이 적용된 산업 분야에 따라 정보 시스템이 도출하는 정보의 정확성이 산업의 효율, 안전에 영향을 미칠 수 있다. 따라서 외부 공격으로부터 센싱 데이터를 보호하고 정보 시스템이 정확한 정보를 도출할 수 있도록 하는 보안 기법이 필수적이다. 본 논문에서는 사물인터넷 센서 기반 정보 시스템의 각 처리 단계를 대상으로 하는 보안 위협을 살펴보고, 각 보안 위협에 대한 대응 기법을 제안한다. 나아가 제안하는 대응 기법을 통합하여 보안 공격에 강인한 사물인터넷 센서 기반 정보 시스템 구조를 제시한다. 제안 시스템에서는 경량 암호 알고리즘, 난독화 기반 데이터 유효성 검사 등 경량 보안 기법을 적용함으로써 저전력, 저성능의 사물인터넷 센서 장치에서도 최소한의 처리 지연만으로 보안성을 확보할 수 있도록 한다. 보편적으로 각 보안 기법을 실제로 구현하고 실험을 통해 성능을 보임으로써 제안 시스템의 실현 가능성을 보인다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권6호
• /
• pp.3280-3298
• /
• 2019

Vehicular ad-hoc networks (VANETs) have become increasingly significant in intelligent transportation systems, they play a great role in improving traffic safety and efficiency. In the deployment of intelligent VANETs, intelligent vehicles can efficiently exchange important or urgent traffic information and make driving decisions. Meanwhile, secure data communication and vehicle's identity privacy have been highlighted. To cope with these security issues, in this paper, we construct an efficient anonymous authentication scheme with secure communication in intelligent VANETs. Combing the ElGamal encryption technique with a modified Schnorr signature technique, the proposed scheme provides secure anonymous authentication process for encrypted message in the vehicle-to-infrastructure communication model, and achieves identity privacy, forward security, and reply attack resistance simultaneously. Moreover, except the trusted authority (TA), any outside entity cannot trace the real identity of an intelligent vehicle. The proposed scheme is designed on an identity-based system, which can remove the costs of establishing public key infrastructure (PKI) and certificates management. Compared with existing authentication schemes, the proposed scheme is much more practical in intelligent VANETs.