• Journal of Convergence for Information Technology
• /
• v.7 no.2
• /
• pp.1-9
• /
• 2017

Recently, the DDoS attack using the amplifier method makes it difficult to distinguish the normal traffic from the normal server and it is difficult to detect even the attack detection. Since the SSDP protocol is a common protocol widely used in IoT devices, it is used as a DDoS amplification attack. In this paper, we analyze the reflector attack of SSDP which is one of the DDoS and suggest a technical proposal to detect and defend against the attack by managing the Mac address of each device. Also, we propose a control structure to protect the reflection attack of SSDP in Home IoT. The efficiency of the proposed system has been verified by performing an experimental attack on the virtual environment.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.3
• /
• pp.69-77
• /
• 2010

Authentication and key establishment are fundamental procedures to establish secure communications over public insecure network. A password-based scheme is common method to provide authentication. In 2008, Khan proposed an efficient password-based authentication scheme using smart cards to solve the problems inherent in Wu-Chieu's authentication scheme. As for security, Khan claimed that his scheme is secure and provides mutual authentication between legal users and a remote server. In this paper, we demonstrate Khan's scheme to be vulnerable to various attacks, i. e., password guessing attack, insider attack, reflection attack and forgery attack. Our study shows that Khan's scheme does not provide mutual authentication and is insecure for practical applications. This paper proposes an improved scheme to overcome these problems and to preserve user anonymity that is an issue in e-commerce applications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.3C
• /
• pp.348-354
• /
• 2007

RFID system is emerging new technology for ubiquitous computing environment. RFID system, however, provides privacy problems while the technology offers incredible rich opportunities for applications in the filed of logistics, distribution, and medical services, etc. Many researches have been conducted in order to solve this problem, but the current RFID authentication protocols are still insufficient for settling the privacy problem in the point of view of privacy intrusion and system efficiency. The purpose of this paper is to present a RFID mutual authentication protocol which improves safety level, compared with current authentication protocols. The proposed authentication protocol can provide mutual authentication services, and is secure against location tracing, spoofing, reflection attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.6
• /
• pp.1283-1288
• /
• 2015

In general, IC chip circuit which is operating a cryptographic computation tends to radiate stronger electromagnetic signal to the outside. By using a power detecter such as a loop antenna near cryptographic device, the encryption key can be identified by probing a electromagnetic signal. To implement a method against non-invasive type attack, multi dielectric slab structure on IC chip to suppress radiated electromagnetic signal was introduced. Multiple dielectric slab was implemented by suitably configured to have the Bragg reflection characteristics, and then the reflection response was computed and verified its effectiveness. As a result, the thickness of the dielectric coating was 2mm and the reflection response characteristics for the vertical incidence was achieved to be 91% level.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.143-145
• /
• 2022

With the spread of the Internet around the world, devices connected to the Internet are gradually increasing. In addition, the number of distributed reflection service attacks (DrDoS), an attack that maliciously requests large responses by deceiving IPs as if the attacker was a victim, using vulnerabilities in application protocols such as DNS, NTP, and CLDAP, is increasing rapidly. It is believed that the security threat of distributed reflection service attacks will not disappear unless ISPs establish appropriate countermeasures to IP Spoofing. Therefore, this paper describes the security threat and response status of distributed reflection service attacks based on IP Spoofing.

• Journal of the Korea Convergence Society
• /
• v.6 no.4
• /
• pp.243-248
• /
• 2015

U-Healthcare is a convergence service with medical care and IT which enables to examine, manage and maintain the patient's health any time and any place. For communication conducted in U-Healthcare service, the transmission methods are used that patient's medical checkup analysis results or emergency data are transmitted to hospital server using wireless communication method. At this moment when the attacker who executes the malicious access makes DRDoS(Distributed Reflection DoS) attack to U-Healthcare devices or BS(Base Station), various damages occur that contextual information of urgent patients are not transmitted to hospital server. In order to deal with this problem, this study suggests DRDoS attack scenario and countermeasures against DRDoS and converges with Big Data which could process large amount of packets. When the attacker attacks U-Healthcare devices or BS(Base Station), DB is interconnected and the attack is prevented if it is coincident. This study analyzes the attack method that could occur in U-Healthcare devices or BS which are remote medical service and suggests countermeasures against the security threat using Big Data.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.108-110
• /
• 2021

Since 2015, attacks using the IoT protocol have been continuously reported. Among various IoT protocols, attackers attempt DDoS attacks using SSDP(Simple Service Discovery Protocol), and as statistics of cyber shelters, Korea has about 1 million open SSDP servers. Vulnerable SSDP servers connected to the Internet can generate more than 50Gb of traffic and the risk of attack increases gradually. Until recently, distributed denial of service attacks and distributed reflective denial of service attacks have been a security issue. Accordingly, the purpose of this study is to analyze the request packet of the existing SSDP protocol to identify an amplification attack and to avoid a response when an amplification attack is suspected, thereby preventing network load due to the occurrence of a large number of response packets due to the role of traffic reflection amplification.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2013.10a
• /
• pp.149-150
• /
• 2013

Recently, various types of perforated breakwaters are being constructed for protecting offshore storm waves. In general, perforated breakwaters have wave chambers with perforated walls at seaside. Purposes of the wave chambers are to reduce wave reflections and maximum wave forces acting on the breakwater. Impact wave forces due to wave breaking can attack to the perforated wall directly, so the effects have to be considered in the design of the perforated wall carefully. Using resonance channels for wave energy dissipation, a new concept perforated breakwater is proposed, which is free from impact loads. Numerical simulation was made for wave reflection characteristics of the breakwater with respect to major design parameters. Numerical analysis was carried out using the Galerkin's FE model based on the linear potential theory considering energy dissipation on the perforated plate. Variations of wave reflection was investigated according to perforated ratios of perforated plate.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.12
• /
• pp.1670-1675
• /
• 2020

In this study, to provide the basis for establishing effective network based countermeasures against DRDoS(Distributed Reflection Denial of Service) attacks, we propose a new 'DRDoS attack multi-level detection method' that identifies the network based characteristics of DRDoS and applies probability and statistical techniques. The proposed method removes the limit to which normal traffic can be indiscriminately blocked by unlimited competition in network bandwidth by amplification of reflectors, which is characteristic of DRDoS. This means that by comparing 'Server to Server' and 'Outbound Session Incremental' for it, accurate DRDoS identification and detection is possible and only statistical and probabilistic thresholds are applied to traffic. Thus, network-based information security systems can take advantage of this to completely eliminate DRDoS attack frames. Therefore, it is expected that this study will contribute greatly to identifying and responding to DRDoS attacks.

• Journal of Mechanical Science and Technology
• /
• v.15 no.4
• /
• pp.492-499
• /
• 2001

The characteristics of Prand시-Meyer expansion of supersonic flow with condensation along a wavy wall in a channel are investigated by means of experiments and numerical analyses. Experiments are carried out for the case of moist air flow in an intermittent indraft supersonic wind tunnel. The flow fields are visualized by a Schlieren system and the distributions of static pressure along the upper wavy wall are measured by a scanning valve system with pressure transducers. In numerical analyses, the distributions of streamlines, Mach lines, iso-pressure lines, and iso-mass fractions of liquid are obtained by the two-dimensional direct marching method of characteristics. The effects of stagnation temperature, absolute humidity, and attack angle of the upper wavy wall on the generation and the locations of generation and reflection of an oblique shock wave are clarified. Futhermore, it is confirmed that the wavy wall plays an important role in the generation of an oblique shock wave and that the effect of condensation on the flow fields is apparent.