• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.111-121
• /
• 2006

As Internet lastly grows, network attack techniques are transformed and new attack types are appearing. The existing network-based intrusion detection systems detect well known attack, but the false-positive or false-negative against unknown attack is appearing high. In addition, The existing network-based intrusion detection systems is difficult to real time detection against a large network pack data in the network and to response and recognition against new attack type. Therefore, it requires method to heighten the detection rate about a various large dataset and to reduce the false-positive. In this paper, we propose method to reduce the false-positive using multi-level detection algorithm, that is combine the multidimensional Apriori algorithm and the modified Negative Selection algorithm. And we apply this algorithm in intrusion detection and, to be sure, it has a good performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.83-92
• /
• 2009

Ari Juels proposed Yoking-Proof protocol for authenticating multiple tags simultaneously using RFID system. Because common Yoking-Proof methods authenticate by using MAC (Message Authentication Code), it is difficult to apply them to inexpensive tags. It is also difficult to implement common hash functions such as MD5 in inexpensive tags. So, Ari Juels also proposed a lightweighted Yoking-Proof method with only 1 authentication. However, Minimalist MAC, which is a lightweighted MAC used in the proposed method is for single-use, and the proposed structure is vulnerable to replay attacks. Therefore, in this study, the minimalist MAC using Lamport's digital signature scheme was adopted, and a new type of Yoking-Proof protocol was proposed where it uses tags that are safe from replay attacks while being able to save multiple key values.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.27-37
• /
• 2011

The IDS/IPS(Intrusion Detection/Prevention System) has been widely deployed to protect the internal network against internet attacks. Reducing the packet inspection time is one of the most important challenges of improving the performance of the IDS/IPS. Since the IDS/IPS needs to match multiple patterns for the incoming traffic, we may have to apply the multiple pattern matching schemes, some of which use finite automata, while the others use the shift table. In this paper, we first show that the performance of those schemes would degrade with various kinds of pattern sets and payload, and then propose a hybrid multiple pattern matching scheme which combines those two schemes. The proposed scheme is organized to guarantee an appropriate level of performance in any cases. The experimental results using real traffic show that the time required to do multiple pattern matching could be reduced effectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.135-144
• /
• 2010

Privacy protection can only be achieved by enforcing privacy policies within an enterprise's on and offline data processing systems. There are P-RBAC model and purpose based model and obligations model among privacy policy models. But only these models each can not dynamically deal with the rapidly changing business environment. Even though users are in the same role, on occasion, secure system has to opt for a figure among them who is smart, capable and supremely confident and to give him/her a special mission during a given period and to strengthen privacy protection by permitting to present fluently access control conditions. For this, we propose Integrated Privacy Protection Model based on RBAC. Our model includes purpose model and P-RBAC and obligation model. And lastly, we define high level policy language model based XML to be independent of platforms and applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.387-400
• /
• 2021

The increase in number of streaming platforms and contents thereof, owing to an advancement of cloud environment, has triggered the rapid proliferation of illegally replicated contents as well as legal contents. This necessitates the development of technology capable of discriminating the copyright infringement of various contents. The Korea Copyright Protection Agency operates a video content demonstration system using AI, but it has limitations on distortions such as resolution changes. In this paper, we propose the powerful mechanism using skeleton, which is resistant against distorted video contents and capable of discriminating copyright infringement of platforms streaming illegal video contents. The proposed mechanism exploits the calculation of Hamming distance to the original video by converting collected data into binary ones for the efficient calculation. As a result of the experiment, the proposed mechanism have demonstrated the discrimination of illegally replicated video contents with an accuracy of 94.79% and average magnitude of 215KB.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.411-422
• /
• 2021

The autonomous driving system mounted on the unmanned vehicle recognizes the external environment through several sensors and derives the optimum control value through it. Recently, studies on physical level attacks that maliciously manipulate sensor data by performing signal-injection attacks have been published. signal-injection attacks are performed at the physical level and are difficult to detect at the software level because the sensor measures erroneous data by applying physical manipulations to the surrounding environment. In order to detect a signal-injection attack, it is necessary to verify the dependability of the data measured by the sensor. As so far, various methods have been proposed to attempt physical level attacks against sensors mounted on autonomous driving systems. However, it is still insufficient that methods for defending and detecting the physical level attacks. In this paper, we demonstrate signal-injection attacks targeting MEMS sensors that are widely used in unmanned vehicles, and propose a method to detect the attack. We present a signal-injection detection model to analyze the accuracy of the proposed method, and verify its effectiveness in a laboratory environment.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.332-346
• /
• 2022

Digital transformation represents one of the main obstacles facing several government, private, and non-profit sectors that help stabilize digital transformation in the Arabic region. One of the helpful ways to improve the level of freedom, productivity, and flexibility among employees to accept the BYOD approach is using their own devices to perform their work both in and outside the workplace. This study focuses to present the differences between the main three economic sectors, which represent the most important pillars of the economy in Saudi Arabia within the Kingdom's Vision 2030. BYOD also has great importance to the stakeholders for raising their awareness by expressing the implications, if the concept of BYOD is widely and correctly adopted. The study uses the diffusion of innovation (DOI) framework and quantitative analysis data to determine the main dimensions and important factors that help increase the awareness of the target audience. The number of participants in this study was 830, and the participants are mixing between the government, private, and non-profit sectors. The main findings showed a significant impact of several factors such as the importance of knowledge, ease of use, employee satisfaction, risk awareness, and attention to increase the level of acceptance in three main sectors study for using the BYOD approach widespread and professional use.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1157-1169
• /
• 2021

The disaster recovery refers to policies and procedures to ensure continuity of services and minimize loss of resources and finances in case of emergency situations such as natural disasters. In particular, the disaster recovery method by the cloud service provider has advantages such as management flexibility, high availability, and cost effectiveness. However, this method has a dependency on a service provider and has a structural limitation in which a user cannot be involved in personal data. In this paper, we propose a protocol using proxy re-encryption for data confidentiality by removing dependency on service providers by backing up user data using blockchain and distributed storage. The proposed method is implemented in Ethereum and IPFS environments, and presents the performance and cost required for backup and recovery operations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.25-38
• /
• 2022

With the diversification of payment methods and games, related financial accidents are causing serious problems for users and game companies. Recently, game companies have introduced an Fraud Detection System (FDS) for game payment systems to prevent financial incident. However, FDS is ineffective and cannot provide major evidence based on judgment results, as it requires constant change of detection patterns. In this paper, we analyze abnormal transactions among payment log data of real game companies to generate related features. One of the unsupervised learning models, Autoencoder, was used to build a model to detect abnormal transactions, which resulted in over 85% accuracy. Using X-FDS (Explainable FDS) with XAI-SHAP, we could understand that the variables with the highest explanation for anomaly detection were the amount of transaction, transaction medium, and the age of users. Based on X-FDS, we derive an improved detection model with an accuracy of 94% was finally derived by fine-tuning the importance of features that adversely affect the proposed model.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.169-174
• /
• 2022

The purpose of the study is to research the legal nature and essence of corrupt behavior, as well as the international and national legal aspects of the fight against corruption. The article discloses the relation between the factual results of the operation of anti-corruption normative and legal acts and the goals and objectives for which they were adopted. The effectiveness of the regulatory effect and quality of anti-corruption legislation is determined by the example of the Russian Federation. The article provides an analysis of theoretical aspects of the theory and history of the formation and development of anti-corruption legislation (on the example of Russia and some other countries, as well as international legal norms) giving several practical examples from foreign legislation demonstrating the structure of the system of government bodies battling against corrupt behavior (including its latent forms). The authors suggest that there is a need for a unified conception of information and propaganda support of state anti-corruption activities. This will make it possible to inform the population that the state is actively working to prevent corruption threats and to bring perpetrators to justice, as well as contribute to citizens' trust in the state policy in this area. At the same time, it is necessary to regularly inform the citizens about the provisions of the anti-corruption legislation, explaining the importance of their observance.