• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.821-830
• /
• 2017

The internet is an important infra resource that it controls the economy and society of our country. Also, it is providing convenience and efficiency of the everyday life. But, a case of various are occurred through an using vulnerability of an internet infra resource. Recently various attacks of unknown to the user are an increasing trend. Also, currently system of security control is focussing on patterns for detecting attacks. However, internet threats are consistently increasing by intelligent and advanced various attacks. In recent, the darknet is received attention to research for detecting unknown attacks. Since the darknet means a set of unused IP addresses, no real systems connected to the darknet. In this paper, we proposed an algorithm for finding black IPs through collected the darknet traffic based on a statistics data of port information. The proposed method prepared 8,192 darknet space and collected the darknet traffic during 3 months. It collected total 827,254,121 during 3 months of 2016. Applied results of the proposed algorithm, black IPs are June 19, July 21, and August 17. In this paper, results by analysis identify to detect frequency of black IPs and find new black IPs of caused potential cyber threats.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.21-26
• /
• 2015

Recently, NFC technology of short-range wireless communication using a smart phone to perform personal authentication with the electronic payment has been in the spotlight in various fields. However, the security associated with the personal information and the location information is vulnerable because it is easily fused with the existing mobile services and devices. In this paper, we propose a model for NFC payments help protect personal information and location information of NFC payment systems and services in various fields. Proposed model uses tag-based services in order to protect personal information and position information. The proposed model using the tag-based services is the place to check the various features available information in a simple Tag that can be easily accessed.

• KNOM Review
• /
• v.22 no.2
• /
• pp.39-47
• /
• 2019

There are several big data-driven advanced research activities such as meteorological climate information, high energy physics, astronomy research, satellite information data, and genomic research data on KREONET. Since the performance degradation occurs in the environment with the existing network security equipment, methods for preventing the performance degradation on the high-performance research-only network and for high-speed research collaboration are being studied. In addition, the recent issue of quantum computers has been a threat to security using the existing encryption system. In this paper, we construct quantum cryptography-based communication network through environment construction and high-performance transmission test that build physical security through quantum cryptography-based communication network in end-to-end high-speed research network. The purpose of this study is to analyze the effect on network performance when performing physical encryption and to use it as basic data for constructing high-performance research collaboration network.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.13-24
• /
• 1999

Electronic cash is a digital signature issued by bank. If the concept of the distributed secret sharing and magic ink signature is introduced in the existing electronic cash system we can increase the security level and the availability of electronic cash system and trace the electronic cash itself and the owner of electronic cash which was issued anonymously to a user in case of illegal usage of electronic cash by users. If the trust is concentrated on one bank system. the problem of misuse of bank can be occurred. To solve this problem, the distributed secrete sharing scheme need to be introduced in electronic cash system. In this paper We propose a DSS(Digital Signature Standard) distributed magic ink signature scheme and a KCDSA(Korea Certificate-based Digital Signature Algorithm) distributed magic ink signature scheme using a verifiable secret sharing method. and we compare two methods with respect to the required computation amount for the generation of magic-ink signature.

• Journal of the Korea Convergence Society
• /
• v.7 no.5
• /
• pp.29-34
• /
• 2016

Recently, with the development of high-tech industry, the use of the drones in various aspects of daily life is rapidly advancing. With technical and functional advancements, drones have an advantage of being easy to be utilized in the areas of use according to various lifestyles. In addition, through the diversification of the drone service converged with image processing medium such as camera and CCTV, an automated security system that can replace humans is expected to be introduced. By designing these unmanned security technology, a new convergence security drone service techniques that can strengthen the previous drone application technology will be proposed. In the proposed techniques, a biometric authentication technology will be designed as additional authentication methods that can determine the safety incorporated with security by selecting the search and areas of an object focusing on the objects in the initial windows and search windows through OpenCV technology and CAM-Shift algorithm which are an object tracking algorithm. Through such, a highly efficient security drone convergence service model will be proposed for performing unmanned security by using the drones that can continuously increase the analysis of technology on the mobility and real-time image processing.

• Journal of Digital Convergence
• /
• v.13 no.5
• /
• pp.213-218
• /
• 2015

In parallel with evolving information communication technology, M2M(Machine-to-Machine) industry has implemented multi-functional and high-performance systems, and made great strides with IoT(Internet of Things) and IoE(Internet of Everything). Authentication, confidentiality, anonymity, non-repudiation, data reliability, connectionless and traceability are prerequisites for communication security. Yet, the wireless transmission section in M2M communication is exposed to intruders' attacks. Any security issues attributable to M2M wireless communication protocols may lead to serious concerns including system faults, information leakage and privacy challenges. Therefore, mutual authentication and security are key components of protocol design. Recently, secure communication protocols have been regarded as highly important and explored as such. The present paper draws on hash function, random numbers, secret keys and session keys to design a secure communication protocol. Also, this paper tests the proposed protocol with a formal verification tool, Casper/FDR, to demonstrate its security against a range of intruders' attacks. In brief, the proposed protocol meets the security requirements, addressing the challenges without any problems.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.71-80
• /
• 2020

As societies become hyperconnected, we need more cyber security experts. To this end, in this paper, based on the analysis results of the real world cyber attacks and the MITRE ATT&CK framework, we developed CyTEA that can model cyber threats and generate simulated cyber threats in a cyber security training system. In order to confirm whether the simulated cyber threat has the effectiveness of the actual cyber threat level, the simulation level was examined based on procedural, environmental, and consequential similarities. in addition, it was confirmed that the actual defense training using cyber simulation threats is the same as the expected defense training when using real cyber threats in the cyber security training system.

• Convergence Security Journal
• /
• v.15 no.2
• /
• pp.25-31
• /
• 2015

While information and communication develop, the Electronic commerce payment system is progressing. Recently, a government established the electronic commerce activation policy which simplified a payment Through this policy, the information which the financial company monopolizes can be fused with the other industry and create the popularization use of the electronic payment service and value added services. But on the other hand, the concern for the security is very high, Accordingly, the finnancial institute take a restriction of the requirements for the participation company according to the financial scale, this policy is led by the private institue, rather making a participation of fin tech venture difficulty. This paper tries to deal with the technical and legal problems for the activation of electronic payment system and fin tech. So I will examine the security matter that follows in grifting the innovation technology onto the existing payment service and propose a desirable way to improve the current legislation.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.173-186
• /
• 2013

New information technologies make it easy to access and acquire information in various ways. However, It also enable powerful and various threat to system security. To challenge these threats, various extended access control methods are being studied. We suggest a new extended access control method that make it possible to conform to security policies enforcement even with discrepancy between policy based constraints rules and query based constraints rules via their semantic relationship. New our approach derives semantic implications using tree hierarchy structure and coordinates the exceed privileges using semantic gap factor calculating the degree of the discrepancy. In addition, we illustrate prototype system architecture and make performance comparison with existing access control methods.