• Title/Summary/Keyword: potential security vulnerability

Search Result 60, Processing Time 0.02 seconds

A study on vulnerability analysis and incident response methodology based on the penetration test of the power plant's main control systems (발전소 주제어시스템 모의해킹을 통한 취약점 분석 및 침해사고 대응기법 연구)

  • Ko, Ho-Jun;Kim, Huy-Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.2
    • /
    • pp.295-310
    • /
    • 2014
  • DCS (Distributed Control System), the main control system of power plants, is an automated system for enhancing operational efficiency by monitoring, tuning and real-time operation. DCS is becoming more intelligent and open systems as Information technology are evolving. In addition, there are a large amount of investment to enable proactive facility management, maintenance and risk management through the predictive diagnostics. However, new upcoming weaponized malware, such as Stuxnet designed for disrupting industrial control system(ICS), become new threat to the main control system of the power plant. Even though these systems are not connected with any other outside network. The main control systems used in the power plant usually have been used for more than 10 years. Also, this system requires the extremely high availability (rapid recovery and low failure frequency). Therefore, installing updates including security patches is not easy. Even more, in some cases, installing security updates can break the warranty by the vendor's policy. If DCS is exposed a potential vulnerability, serious concerns are to be expected. In this paper, we conduct the penetration test by using NESSUS, a general-purpose vulnerability scanner under the simulated environment configured with the Ovation version 1.5. From this result, we suggest a log analysis method to detect the security infringement and react the incident effectively.

A Study on Vulnerability Analysis and Memory Forensics of ESP32

  • Jiyeon Baek;Jiwon Jang;Seongmin Kim
    • Journal of Internet Computing and Services
    • /
    • v.25 no.3
    • /
    • pp.1-8
    • /
    • 2024
  • As the Internet of Things (IoT) has gained significant prominence in our daily lives, most IoT devices rely on over-the-air technology to automatically update firmware or software remotely via the network connection to relieve the burden of manual updates by users. And preserving security for OTA interface is one of the main requirements to defend against potential threats. This paper presents a simulation of an attack scenario on the commoditized System-on-a-chip, ESP32 chip, utilized for drones during their OTA update process. We demonstrate three types of attacks, WiFi cracking, ARP spoofing, and TCP SYN flooding techniques and postpone the OTA update procedure on an ESP32 Drone. As in this scenario, unpatched IoT devices can be vulnerable to a variety of potential threats. Additionally, we review the chip to obtain traces of attacks from a forensics perspective and acquire memory forensic artifacts to indicate the SYN flooding attack.

Custody Transfer of Bundle layer in Security Mechanism for Under water Inter net of Things (UIoT)

  • Urunov, Khamdamboy;Namgung, Jung-Il;Park, Soo-Hyun
    • Journal of Korea Multimedia Society
    • /
    • v.18 no.4
    • /
    • pp.506-523
    • /
    • 2015
  • The intent is to determine whether or not the custody transfer is helpful for data transmission in challenging underwater communications when running Bundle protocol or underwater protocols. From the point of view defending side, Underwater Acoustic Network (UAN) will be a serious threat for its strong functionality long rang and high precision of surveillance and detection. Therefore, countermeasures must be taken to weaken its effect. Our purpose is analyzed that how to benefit from the UIoT to learn from, exploit and preserve the natural underwater resources. Delay/Disruption Tolerant Network (DTN) is essential part of the network heterogeneity communication network. The vulnerability and potential security factors of UIoT are studied thereafter. Security mechanisms for an underwater environment are difficult to apply owing to the limited bandwidth. Therefore, for underwater security, appropriate security mechanisms and security requirements must be defined simultaneously. The paper consists of mathematical and security model. Most important point of view in the security challenges of effective Buffer and Storage management in DTN.

Development of Framework for Trusted Financial Service in N-Screen Environment (N-스크린 환경 내 신뢰할 수 있는 금융프레임워크 개발)

  • Kim, Kyong-Jin;Seo, Dong-Su;Hong, Seng-Phil
    • Journal of Internet Computing and Services
    • /
    • v.13 no.3
    • /
    • pp.127-137
    • /
    • 2012
  • With the spread of the new technologies like a smart phone, a smart pad, N-Screen service for financial transaction quickly became commonplace through the Internet. Although it has been developed related technologies and policies since the N-Screen has been provided in Korea, infrastructure for financial services is still lacking. It also has many potential problems including phishing or malware attacks, privacy information exposure & breaches, etc. This work suggests the financial security framework in the side of information protection through threat vulnerability analysis. Further, we examine the possibility of effective application methods based on political technical design.

Influence on Information Security Behavior of Members of Organizations: Based on Integration of Theory of Planned Behavior (TPB) and Theory of Protection Motivation (TPM) (조직구성원들의 정보보안행동에 미치는 영향: 보호동기이론(PMT)과 계획된 행동이론(TPB) 통합을 중심으로)

  • Jeong, hye in;Kim, seong jun
    • Korean Security Journal
    • /
    • no.56
    • /
    • pp.145-163
    • /
    • 2018
  • Recently, security behavior of members of organizations has been recognized as a critical part of information security at the corporate level. Leakage of customers' information brings more attention to information security behavior of organizations and the importance of a task force. Research on information breach and information security is actively conducted of personal behavior toward security threats or members of organizations who use security technology. This study aims to identify factors of influence on information security behavior of members of organizations and to empirically find out how these factors affect information security behavior through behavior toward attitude, subjective norm and perceived behavior control. On the basis of the research, this study will present effective and efficient ways to foster information security activities of members of organizations. To this end, the study presented a research model that applied significant variables based on integration of Theory of Planned Behavior (TPB) and Theory of Protection Motivation (TPM). To empirically verify this research model, the study conducted a survey of members of organizations who had security-related work experience at companies. So, it is critical for members of organizations to encourage positive word of mouth (WOM) about information security behavior. Results show that based on the integration of TPM and TPB, perceived vulnerability, perceived severity, perceived efficiency and perceived barriers of information security behavior of members of organizations had significant influences on mediating variables such as behavior toward attitude, subjective norm, perceived behavior control and intention. They also had significant influences on organization information security behavior which is a dependent variable. This study indicates companies should introduce various security solutions so that members of the organizations can prevent and respond to potential internal and external security risks. In addition, they will have to take actions to inspect vulnerability of information system and to meet security requirements such as security patches.

A Key Management Scheme for Commodity Sensor Networks (소모형 센서 네트워크 환경에 적합한 키 관리 스킴)

  • Kim Young-Ho;Lee Hwa-Seong;Lee Dong-Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.2
    • /
    • pp.71-80
    • /
    • 2006
  • To guarantee secure communication in wireless sensor networks, secret keys should be securely established between sensor nodes. Recently, a simple key distribution scheme has been proposed for pair-wise key establishment in sensor networks by Anderson, Chan, and Perrig. They defined a practical attack model for non-critical commodity sensor networks. Unfortunately, the scheme is vulnerable under their attack model. In this paper, we describe the vulnerability in their scheme and propose a modified one. Our scheme is secure under their attack model and the security of our scheme is proved. Furthermore, our scheme does not require additional communication overhead nor additional infrastructure to load potential keys into sensor nodes.

Shoulder Surfing Attack Modeling and Security Analysis on Commercial Keypad Schemes (어깨너머공격 모델링 및 보안 키패드 취약점 분석)

  • Kim, Sung-Hwan;Park, Min-Su;Kim, Seung-Joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.6
    • /
    • pp.1159-1174
    • /
    • 2014
  • As the use of smartphones and tablet PCs has exploded in recent years, there are many occasions where such devices are used for treating sensitive data such as financial transactions. Naturally, many types of attacks have evolved that target these devices. An attacker can capture a password by direct observation without using any skills in cracking. This is referred to as shoulder surfing and is one of the most effective methods. There has been only a crude definition of shoulder surfing. For example, the Common Evaluation Methodology(CEM) attack potential of Common Criteria (CC), an international standard, does not quantitatively express the strength of an authentication method against shoulder surfing. In this paper, we introduce a shoulder surfing risk calculation method supplements CC. Risk is calculated first by checking vulnerability conditions one by one and the method of the CC attack potential is applied for quantitative expression. We present a case study for security-enhanced QWERTY keyboard and numeric keypad input methods, and the commercially used mobile banking applications are analyzed for shoulder surfing risks.

An Attack Graph Model for Dynamic Network Environment (동적 네트워크 환경에 적용 가능한 Attack Graph 모델 연구)

  • Moon, Joo Yeon;Kim, Taekyu;Kim, Insung;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.2
    • /
    • pp.485-500
    • /
    • 2018
  • As the size of the system and network environment grows and the network structure and the system configuration change frequently, network administrators have difficulty managing the status manually and identifying real-time changes. In this paper, we suggest a system that scans dynamic network information in real time, scores vulnerability of network devices, generates all potential attack paths, and visualizes them using attack graph. We implemented the proposed algorithm based attack graph; and we demonstrated that it can be applicable in MTD concept based defense system by simulating on dynamic virtual network environment with SDN.

A Security Vulnerability Analysis for Printer Kiosks (무인 복합 출력기 솔루션의 취약성 분석)

  • Ji, Woojoong;Kim, Hyoungshick
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.1
    • /
    • pp.165-174
    • /
    • 2019
  • They are frequently used today in public places such as street, subway, school or library. Since users can sometimes print documents that contain confidential data using Printer Kiosks, the devices should store and manage the documents securely. In this paper, we identify potential security threats in Printer Kiosks and suggest practical attack scenarios that can take place. To show the feasibility of suggested attack, we analyzed network traffic that were generated by the real Printer Kiosk device. As a result of our analysis, we have found that attackers can access other users' scanned files and access other users' documents from Printer Kiosk's home page. We confirmed that using our attack, we could retrieve other users' personal data.

Scenario-based Vulnerability Assessment of Hydroelectric Power Plant (시나리오 기반 수력플랜트 설비의 취약성 평가)

  • Nam, Myeong Jun;Lee, Jae Young;Jung, Woo Young
    • Journal of Korean Society of Disaster and Security
    • /
    • v.14 no.1
    • /
    • pp.9-21
    • /
    • 2021
  • Recently, the importance of eco-friendly power generation facility using renewable energy has newly appeared. Hydropower plant is a very important source of electricity generation and supply which is very important to secure safety because it is commonly connected with multi facility and operated on a large scale. In this study, a scenario-based analysis method was suggested to assess vulnerability of a penstock system caused by water hammer commonly occurred in the operation of hydropower plants. A hypothetical hydropower plant was used to demonstrate the applicability of a transient analysis model. In order to verify reliability of the model, the prediction of pressure behaviors were compared with the results of commercial model (SIMSEN) and measured data, then a real hydroelectric power plant was applied to develop all potential water hammer scenarios during the actual operation. The scenario-based simulation and vulnerability assessment for water hammer in the penstock system were performed with internal and external load conditions. The simulation results indicated that the vulnerability of a penstock system was varied with the operating conditions of hydropower facilities and significantly affected by load combination consisting of different load scenarios. The proposed numerical method could be an useful tool for the vulnerabilityty assessment of the hydropower plants due to water hammer.