• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.4
• /
• pp.43-52
• /
• 2021

IoT applications are quickly spread in many fields. Blockchain methods(BC), defined as a distributed sharing mechanism, offer excellent support for IoT evolution. The BC provides a secure way for communication between IoT devices. However, the IoT environments are threatened by hacker attacks and malicious intrusions. The IoT applications security are faced with three challenges: intrusions and attacks detection, secure communication, and compressed storage information. This paper proposed a system based on double-blockchain to improve the communication transactions' safety and enhance the information compression method for the stored data. Information security is enhanced by using an Ellipse Curve Cryptography(ECC) considered in a double-blockchain case. The data compression is ensured by the Compressed Sensing(CS) method. The conducted experimentation reveals that the proposed method is more accurate in security and storage performance than previous related works.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.9
• /
• pp.4684-4705
• /
• 2019

Collaborative filtering recommender systems are vulnerable to shilling attacks in which malicious users may inject biased profiles to promote or demote a particular item being recommended. To tackle this problem, many robust collaborative recommendation methods have been presented. Unfortunately, the robustness of most methods is improved at the expense of prediction accuracy. In this paper, we construct a robust Bayesian probabilistic matrix factorization model for collaborative filtering recommender systems by incorporating the detection of user anomaly rating behaviors. We first detect the anomaly rating behaviors of users by the modified K-means algorithm and target item identification method to generate an indicator matrix of attack users. Then we incorporate the indicator matrix of attack users to construct a robust Bayesian probabilistic matrix factorization model and based on which a robust collaborative recommendation algorithm is devised. The experimental results on the MovieLens and Netflix datasets show that our model can significantly improve the robustness and recommendation accuracy compared with three baseline methods.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.119-126
• /
• 2021

The Internet of Things (IoT) applications are quickly spread in many fields. Blockchain methods (BC), defined as a distributed sharing mechanism, offer excellent support for IoT evolution. The BC provides a secure way for communication between IoT devices. However, the IoT environments are threatened by hacker attacks and malicious intrusions. The IoT applications security are faced with three challenges: intrusions and attacks detection, secure communication, and compressed storage information. This paper proposed a system based on double-blockchain to improve the communication transactions' safety and enhance the information compression method for the stored data. Information security is enhanced by using an Ellipse Curve Cryptography (ECC) considered in a double-blockchain case. The data compression is ensured by the Compressed Sensing (CS) method. The conducted experimentation reveals that the proposed method is more accurate in security and storage performance than previous related works.

• Information and Communications Magazine
• /
• v.24 no.11
• /
• pp.25-36
• /
• 2007

Deep packet inspection is widely recognized as a powerful way which is used for intrusion detection systems for inspecting, deterring and deflecting malicious attacks over the network. Fundamentally, almost intrusion detection systems have the ability to search through packets and identify contents that match with known attach. In this paper we survey the deep packet inspection implementations techniques, research challenges and algorithm. Finally, we provide a comparison between the different applied system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1471-1492
• /
• 2015

The rapid development of smartphone technologies have resulted in the evolution of mobile botnets. The implications of botnets have inspired attention from the academia and the industry alike, which includes vendors, investors, hackers, and researcher community. Above all, the capability of botnets is uncovered through a wide range of malicious activities, such as distributed denial of service (DDoS), theft of business information, remote access, online or click fraud, phishing, malware distribution, spam emails, and building mobile devices for the illegitimate exchange of information and materials. In this study, we investigate mobile botnet attacks by exploring attack vectors and subsequently present a well-defined thematic taxonomy. By identifying the significant parameters from the taxonomy, we compared the effects of existing mobile botnets on commercial platforms as well as open source mobile operating system platforms. The parameters for review include mobile botnet architecture, platform, target audience, vulnerabilities or loopholes, operational impact, and detection approaches. In relation to our findings, research challenges are then presented in this domain.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.17-22
• /
• 2014

Wireless Ad hoc Network is threatened from many types of attacks because of its open structure, dynamic topology and the absence of infrastructure. Attacks by malicious nodes inside the network destroy communication path and discard packet. The damage is quite large and detecting attacks are difficult. In this paper, we proposed attack detection technique using secure authentication infrastructure for efficient detection and prevention of internal attack nodes. Cluster structure is used in the proposed method so that each nodes act as a certificate authority and the public key is issued in cluster head through trust evaluation of nodes. Symmetric Key is shared for integrity of data between the nodes and the structure which adds authentication message to the RREQ packet is used. ns-2 simulator is used to evaluate performance of proposed method and excellent performance can be performed through the experiment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2591-2611
• /
• 2020

Botnets have become one of the most significant threats to Internet-connected smartphones. A botnet is a combination of infected devices communicating through a command server under the control of botmaster for malicious purposes. Nowadays, the number and variety of botnets attacks have increased drastically, especially on the Android platform. Severe network disruptions through massive coordinated attacks result in large financial and ethical losses. The increase in the number of botnet attacks brings the challenges for detection of harmful software. This study proposes a smart framework for mobile botnet detection using static analysis. This technique combines permissions, activities, broadcast receivers, background services, API and uses the machine-learning algorithm to detect mobile botnets applications. The prototype was implemented and used to validate the performance, accuracy, and scalability of the proposed framework by evaluating 3000 android applications. The obtained results show the proposed framework obtained 98.20% accuracy with a low 0.1140 false-positive rate.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.8
• /
• pp.1720-1726
• /
• 2011

The DDoS attacks which are increasing recently must have many zombie PCs before attacking targeted systems by attacker. A zombie PC is infected by attacker's malignant code and may be operated by the his/her special malicious purposes. But most users generally don't know that their PCs are infected and used as zombies by illegal activities covertly. In this paper, we propose a new scheme that decreases vulnerable PCs and isolates them from Internet before being zombie PCs. The proposed scheme point the reputations of connected PCs and decide whether their Internet connections are keeping continuously or not. Also We show the figures how to infect susceptable PCs to zombie PCs, and analyze the decrease effects of DDoS attacks adapted by the proposed scheme with various experiments.

• Journal of Convergence Society for SMB
• /
• v.6 no.1
• /
• pp.17-23
• /
• 2016

Recently, Internet services via various devices including smartphone have become available. Because of the development of ICT, numerous hacking incidents have occurred and most of those attacks turned out to be APT attacks. APT attack means an attack method by which a hacker continues to collect information to achieve his goal, and analyzes the weakness of the target and infects it with malicious code, and being hidden, leaks the data in time. In this paper, we examine the information collection method the APT attackers use to invade the target system in a short time using big data, and we suggest and evaluate the countermeasure to protect against the attack method using big data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.3
• /
• pp.190-198
• /
• 2013

Since the facilities for the remote users tend to be deployed in distributed manner, authentication schemes for multi-server communication settings, which provide various web services, are required for real-world applications. A typical way to authenticate a remote user relies on password authentication mostly. However, this method is vulnerable to attacks and inconvenient as the system requires users to maintain different identities and corresponding passwords. On the other hand, the user can make use of a single password for all servers, but she may be exposed to variants of malicious attacks. In this paper, we propose an efficient and secure authentication scheme based on a brokered authentication along with smart-cards in multi-server environment. Further we show that our scheme is secure against possible attacks and analyze its performance with respect to communication and computational cost.