• Journal of information and communication convergence engineering
• /
• 제9권6호
• /
• pp.683-688
• /
• 2011

The wireless sensor network (WSN) is well known for an enabling technology for the ubiquitous environment such as real-time surveillance system, habitat monitoring, home automation and healthcare applications. However, the WSN featuring wireless communication through air, a resource constraints device and irregular network topology, is threatened by malicious nodes such as eavesdropping, forgery, illegal modification or denial of services. For this reason, security in the WSN is key factor for utilizing the sensor network into the commercial way. There is a series of symmetric cryptography proposed by laboratory or industry for a long time. Among of them, recently proposed HUMMINGBIRD algorithm, motivated by the design of the well-known Enigma machine, is much more suitable to resource constrained devices, including smart card, sensor node and RFID tags in terms of computational complexity and block size. It also provides resistance to the most common attacks such as linear and differential cryptanalysis. In this paper, we implements ultra-lightweight cryptography, HUMMINGBIRD algorithm into the resource constrained device, sensor node as a perfectly customized design of sensor node.

• Journal of information and communication convergence engineering
• /
• 제9권6호
• /
• pp.701-705
• /
• 2011

RFID is a widely adopted in the field of identification technology these days. Radio Frequency IDentification (RFID) has wide applications in many areas including manufacturing, healthcare, and transportation. Because limited resource RFID tags are used, various risks could threaten their abilities to provide essential services to users. A number of RFID protocols have done by researcher in order to protect against some malicious attacks and threat. Existing RFID protocols are able to resolve a number of security and privacy issues, but still unable to overcome other security & privacy related issues. In this paper, we analyses security schemes and vulnerability in RFID application. Considering this RFID security issues, we survey the security threats and open problems related to issues by means of information security and privacy. Neither a symmetric nor an asymmetric cryptographic deployment is necessarily used with light weighted algorithm in the future.

• ETRI Journal
• /
• 제31권5호
• /
• pp.554-564
• /
• 2009

In information security and network management, attacks based on vulnerabilities have grown in importance. Malicious attackers break into hosts using a variety of techniques. The most common method is to exploit known vulnerabilities. Although patches have long been available for vulnerabilities, system administrators have generally been reluctant to patch their hosts immediately because they perceive the patches to be annoying and complex. To solve these problems, we propose a security vulnerability evaluation and patch framework called PKG-VUL, which evaluates the software installed on hosts to decide whether the hosts are vulnerable and then applies patches to vulnerable hosts. All these operations are accomplished by the widely used simple network management protocol (SNMP). Therefore, system administrators can easily manage their vulnerable hosts through PKG-VUL included in the SNMP-based network management systems as a module. The evaluation results demonstrate the applicability of PKG-VUL and its performance in terms of devised criteria.

• Journal of Positioning, Navigation, and Timing
• /
• 제5권4호
• /
• pp.165-172
• /
• 2016

A Global Navigation Satellite System (GNSS), which is typically exemplified by the Global Positioning System (GPS), employs a open signal structure so it is vulnerable to spoofing electronic attack using a similar malicious signal with that used in the GPS. It is necessary to require a spoofing test evaluation environment to check the risk of spoofing attack and evaluate the performance of a newly developed anti-spoofing technique against spoofing attacks. The present paper proposed a simulation method of spoofing environment based on simulator that can be implementable in a test room and analyzed the spoofing simulation performance using commercial GPS receivers. The implemented spoofing simulation system ran synchronized two GPS simulator modules in a single scenario to generate both of spoofing and GPS signals simultaneously. Because the signals are generated in radio frequency, a commercial GPS receiver can be tested using this system. Experimental test shows the availability of this system, and anti-spoofing performance of a commercial GPS receiver has been analyzed.

• International journal of advanced smart convergence
• /
• 제8권4호
• /
• pp.47-57
• /
• 2019

We examine the weaknesses of the existing OOXML-based MS-Word file structure, and analyze how data concealment and forgery are performed in MS-Word digital documents. In case of forgery by including hidden information in MS-Word digital document, there is no difference in opening the file with the MS-Word Processor. However, the computer system may be malfunctioned by malware or shell code hidden in the digital document. If a malicious image file or ZIP file is hidden in the document by using the structural vulnerability of the MS-Word document, it may be infected by ransomware that encrypts the entire file on the disk even if the MS-Word file is normally executed. Therefore, it is necessary to analyze forgery and alteration of digital document through internal structure analysis of MS-Word file. In this paper, we designed and implemented a mechanism to detect this efficiently and automatic detection software, and presented a method to proactively respond to attacks such as ransomware exploiting MS-Word security vulnerabilities.

• 전자통신동향분석
• /
• 제33권1호
• /
• pp.68-77
• /
• 2018

Data deduplication is a common used technology in backup systems and cloud storage to reduce storage costs and network traffic. To preserve data privacy from servers or malicious attackers, there has been a growing demand in recent years for individuals and companies to encrypt data and store encrypted data on a server. In this study, we introduce two cryptographic primitives, Convergent Encryption and Message-Locked Encryption, which enable deduplication of encrypted data between clients and a storage server. We analyze the security of these schemes in terms of dictionary and poison attacks. In addition, we introduce deduplication systems that can be implemented in real cloud storage, which is a practical application environment, and describes the proof of ownership on client-side deduplication.

• 방송공학회논문지
• /
• 제5권2호
• /
• pp.220-226
• /
• 2000

본 논문에서는 방송용 음성에 워터마크를 삽입하는 방법을 제시했다. 디지털 방송에서는 오디오와 음성을 일부러 구별하지는 않는다. 그러나 교육방송에서는 음성의 중요성이 비디오나 오디오에 비해 훨씬 크고 컨텐츠에서 차지하는 비중도 높다. 디지털 방송에서 중요한 이슈 가운데 하나가 바로 불법복제에 대한 대비책이다. 이 논문에서는 음성용으로 변형한 오디오 워터마크의 성능과 한계에 대해 설명하고, 공격에 대한 내성 결과를 제시했다. 그리고 음성 워터마크 연구에서 해결해야 할 과제들을 제시했다.

• Journal of information and communication convergence engineering
• /
• 제12권3호
• /
• pp.145-153
• /
• 2014

The improvements of embedded processors make future technologies including wireless sensor network and internet of things feasible. These applications firstly gather information from target field through wireless network. However, this networking process is highly vulnerable to malicious attacks including eavesdropping and forgery. In order to ensure secure and robust networking, information should be kept in secret with cryptography. Well known approach is public key cryptography and this algorithm consists of finite field arithmetic. There are many works considering high speed finite field arithmetic. One of the famous approach is Montgomery multiplication. In this study, we investigated Montgomery multiplication for public key cryptography on embedded microprocessors. This paper includes helpful information on Montgomery multiplication implementation methods and techniques for various target devices including 8-bit and 16-bit microprocessors. Further, we expect that the results reported in this paper will become part of a reference book for advanced Montgomery multiplication methods for future researchers.

• 한국정보통신학회논문지
• /
• 제19권6호
• /
• pp.1374-1379
• /
• 2015

DDoS와 같은 악성 네트워크 공격은 뚜렷한 대비책이 없으며, 그 피해 또한 막대하다. 특히, 스마트폰이 감염되어 좀비화 될 경우 통신요금 과금 및 개인정보 유출 등 네트워크 장애와 더불어 다양한 사용자 피해가 예상된다. 본 연구에서는 스마트폰이 악성코드에 감염되어 좀비 서비스가 실행되는 동안 나타나는 현상 및 징들을 추출하고 좀비 스마트폰을 예방하는 대응기술을 소개한다.

• 한국통신학회논문지
• /
• 제29권5B호
• /
• pp.491-497
• /
• 2004

본 논문에서는, 인터넷 백본 네트워크상에서 악성의 네트워크 공격 트래픽을 고립시킴으로서 네트워크 인프라를 보호하기 위한 트래픽 제어 방법을 제안한다. 제안된 방법은 개별 플로우 또는 개별 패킷들에 기반을 둔 기존의 방법들과 달리 제안된 공격 탐지 및 제어 방법은 집합된 트래픽 수준에서 운영되므로 계산의 복잡성을 현저히 줄일 수 있으므로 네트워크 공격에 대한 전역 인프라 구축에 활용 가능하다. 실험 결과는 제안된 방법에 의한 트래픽 제어가 네트워크 공격이 이루어질 시 정상 트래픽과 네트워크 자원들을 적절히 보호할 수 있음을 보여준다.