Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 22, Issue 6 - Dec 2012
Volume 22, Issue 5 - Oct 2012
Volume 22, Issue 4 - Aug 2012
Volume 22, Issue 3 - Jun 2012
Volume 22, Issue 2 - Apr 2012
Volume 22, Issue 1 - Feb 2012
Selecting the target year
A Study on Generic Unpacking using Entropy Variation Analysis
Lee, Young-Hoon ; Chung, Man-Hyun ; Jeong, Hyun-Cheol ; Shon, Tae-Shik ; Moon, Jong-Su ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 179~188
Packing techniques, one of malicious code detection and analysis avoidance techniques, change code to reduce size and make analysts confused. Therefore, malwares have more time to spread out and it takes longer time to analyze them. Thus, these kind of unpacking techniques have been studied to deal with packed malicious code lately. Packed programs are unpacked during execution. When it is unpacked, the data inside of the packed program are changed. Because of these changes, the entropy value of packed program is changed. After unpacking, there will be no data changes; thus, the entropy value is not changed anymore. Therefore, packed programs could be unpacked finding the unpacking point using this characteristic regardless of packing algorithms. This paper suggests the generic unpacking mechanism using the method estimating the unpacking point through the variation of entropy values.
A Study on the Korean-Stroke based Graphical Password Approach
Ko, Tae-Hyoung ; Shon, Tae-Shik ; Hong, Man-Pyo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 189~200
With increasing the number of smart device such as Tablet PC, smart phone and netbook, information security which based on smart device in mobile environment have become the issue. It is important to enter a password safety. In various types of mobile devices, because of hardware limitation of device, it is difficult that to equip secondary input device such as keyboard and mouse. Also, a loss of accuracy becomes a problem because input information was entered by touch screen. Because of problem mentioned above it can be predicted to change password scheme text based password scheme to graphical password scheme, graphical password scheme is easy to use and is resistant to shoulder surfing attack. So this paper proposes new graphical password scheme based 5 strokes which are made by decomposed the Korean to defend against shoulder surfing attack.
High-Speed FPGA Implementation of SATA HDD Encryption Device based on Pipelined Architecture
Koo, Bon-Seok ; Lim, Jeong-Seok ; Kim, Choon-Soo ; Yoon, E-Joong ; Lee, Sang-Jin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 201~211
This paper addresses a Full Disk Encryption hardware processor for SATA HDD in a single FPGA design, and shows its experimental result using an FPGA board. The proposed processor mainly consists of two blocks: the first block processes XTS-AES block cipher which is the IEEE P1619 standard of storage media encryption and the second block executes the interface between SATA Host (PC) and Device (HDD). To minimize the performance degradation, we designed the XTS-AES block with the 4-stage pipelined structure which can process a 128-bit block per 4 clock cycles and has 4.8Gbps (max) performance. Also, we implemented the proposed design with Xilinx ML507 FPGA board and our experiment showed 140MB/sec read/write speed in Windows XP 32-bit and a SATA II HDD. This performance is almost equivalent with the speed of the direct SATA connection without FDE devices, hence our proposed processor is very suitable for SATA HDD Full Disk Encryption environments.
Evaluation of Authentication Signaling Load in 3GPP LTE/SAE Networks
Kang, Seong-Yong ; Han, Chan-Kyu ; Choi, Hyoung-Kee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 213~224
The integrated core network architecture and various mobile subscriber behavior can result in a significant increase of signaling load inside the evolved packet core network proposed by 3GPP in Release 8. Consequently, an authentication signaling analysis can provide insights into reducing the authentication signaling loads and latency, satisfying the quality-of-experience. In this paper, we evaluate the signaling loads in the EPS architecture via analytical modeling based on the renewal process theory. The renewal process theory works well, irrespective of a specific random process (i.e. Poisson). This paper considers various subscribers patterns in terms of call arrival rate, mobility, subscriber's preference and operational policy. Numerical results are illustrated to show the interactions between the parameters and the performance metrics. The sensitivity of vertical handover performance and the effects of heavy-tail process are also discussed.
User Behavior Analysis for Online Game Bot Detection
Kang, Ah-Reum ; Woo, Ji-young ; Park, Ju-yong ; Kim, Huy-Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 225~238
Among the various security threats in online games, the use of game bots is the most serious problem. In this paper, we propose a framework for user behavior analysis for bot detection in online games. Specifically, we focus on party play that reflects the social activities of gamers: In a Massively Multi-user Online Role Playing Game (MMORPG), party play log includes a distinguished information that can classify game users under normal-user and abnormal-user. That is because the bot users' main activities target on the acquisition of cyber assets. Through a statistical analysis of user behaviors in game activity logs, we establish the threshold levels of the activities that allow us to identify game bots. Also, we build a knowledge base of detection rules based on this statistical analysis. We apply these rule reasoner to the sixth most popular online game in the world. As a result, we can detect game bot users with a high accuracy rate of 95.92%.
A Study on Message authentication scheme based on efficient Group signature in VANET
Kim, Su-Hyun ; Lee, Im-Yeong ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 239~248
VANET (Vehicular Ad-hoc Network) is a type of MANET (Mobile Ad-hoc Network) which is the next-generation networking technology to provide communication between vehicles or between vehicle and RSU (Road Side Unit) using wireless communication. In VANET system, a vehicle accident is likely to cause awful disaster. Therefore, in VANET environment, authentication techniques for the privacy protection and message are needed. In order to provide them privacy, authentication, and conditional, non-repudiation features of the group signature scheme using a variety of security technologies are being studied. In this paper, and withdrawal of group members to avoid frequent VANET environment is suitable for vehicles produced by the group administrator for a private signing key to solve the key escrow problem of a group signature scheme is proposed. We proposed a message batch verification scheme using Bloom Filter that can verify multiple messages efficiently even for multiple communications with many vehicles.
Services analysis and improvement of MKE(Ministry of Knowledge Economy) Cyber Security Center
Lee, Seung-Won ; Roh, Young-Sup ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 249~258
Cyber attacks expose sensitive information and cause fatal damage in both the public and the private sectors. Therefore, MKE (Ministry of Knowledge Economy) Cyber Security Center was founded on July 25, 2008, to perform three major roles. First, it detects and analyzes cyber attacks for the both sectors. Second, its ISAC (Information Sharing & Analysis Center) service analyzes and evaluates the vulnerability of the communication and network infrastructure to security threats, including control systems. Third, it provides CERT/CC (Computer Emergency Response Team Coordination Center) service to prevent and to respond to computer security incidents. This study focuses on the MKE Cyber Security Center's service analysis, which is playing an increasingly larger role in the both sectors. Based on this analysis, after grasping the response services activity and pointing out the problems, this study suggests improvements to the MKE Cyber Security Center.
A Method for Detecting Unauthorized Access Point over 3G Network
Kim, I-luk ; Cho, Jae-Ik ; Shon, Tae-Shik ; Moon, Jong-Sub ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 259~266
Malicious rogue AP has been used for variety attacks such as packet sniffing and Man-In-The-Middle Attack. It is used for the purpose of data leakage via 3G network within companies, and the unauthorized AP could be a reason of security incidents even though it is not intended. In this paper, we propose the method for detecting unauthorized access point over 3G networks throughout the RTT (Round Trip Time) value for classification. Through the experiments, we show that the method can classify the AP which is installed by normal way and the AP over 3G networks successfully.
Intrusion Detection Methodology for SCADA system environment based on traffic self-similarity property
Koh, Pauline ; Choi, Hwa-Jae ; Kim, Se-Ryoung ; Kwon, Hyuk-Min ; Kim, Huy-Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 267~281
SCADA system is a computer system that monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. The SCADA system has been operated in a closed network, but it changes to open network as information and communication technology is developed rapidly. As the way of connecting with outside user extends, the possibility of exploitation of vulnerability of SCADA system gets high. The methodology to protect the possible huge damage caused by malicious user should be developed. In this paper, we proposed anomaly detection based intrusion detection methodology by estimating self-similarity of SCADA system.
A Study on the Detection of Malware That Extracts Account IDs and Passwords on Game Sites and Possible Countermeasures Through Analysis
Lee, Seung-Won ; Roh, Young-Sup ; Kim, Woo-Suk ; Lee, Mi-Hwa ; Han, Kook-Il ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 283~293
A new type of malware that extracts personal and account data over an extended period of time and that apparently is resistant to detection by vaccines has been identified. Generally, a malware is installed on a computer through network-to-network connections by utilizing Web vulnerabilities that contain injection, XSS, broken authentication and session management, or insecure direct-object references, among others. After the malware executes registration of an arbitrary service and an arbitrary process on a computer, it then periodically communicates the collected confidential information to a hacker. This paper is a systematic approach to analyzing a new type of malware called "winweng," a kind of worm that frequently made appearances during the first half of 2011. The research describes how the malware came to be in circulation, how it infects computers, how its operations expose its existence and suggests improvements in responses and countermeasures. Keywords: Malware, Worm, Winweng, SNORT.
A Road To Retain Cybersecurity Professionals: An Examination of Career Decisions Among Cybersecurity Scholars
Chai, Sang-Mi ; Kim, Min-Kyun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 295~316
In the recent field, cybersecuriyt has become one of the critical areas in the information technology field, and demands for cyberseucirty professionals have been increasing tremendously. However, there is In the recent past, cybersecurity has become one of the critical areas in the Information Technology (IT) field, and demands for cybersecurity professionals have been increasing tremendously. However, there is a shortfall in the qualified cybersecurity workforce which is a factor that contributes to the vulnerability of society to various cyber threats. Our study articulates a model to explain career selection behavior in the cybersecurity field. The study explored factors that affect scholars' behavioral intention to pursue a cybersecurity career. Positive outcome expectations from a cybersecurity career as well as high self-efficacy about skills and knowledge about cybersecurity have a strong impact on the scholars' cybersecurity career decisions. Further, perceived usefulness of the cybersecurity curriculum has a positive effect on the scholars' career decisions. The results of this research have implications for retaining a qualified workforce in the computer and information security fields.
A Study on the Criminal Threat and Privacy Protection with a Proxy Service
Kang, Shin-Beom ; Lee, Sang-Jin ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 317~326
Internet service provider is able to collect personal information to prevent the violations of the rights of service providers and customers using internet. But there are still many debates going on between a personal privacy and a regulation. Proxy servers are used in various technical purposes include bypass access. Although the proxy server users are increasing but there are not any proper institutional mechanisms and regulations to protect users. In this study, we discuss the two sides of a proxy service includes its privacy protection function and the cyber-crime threat and propose supplementary measures to mediate between the interests of public and private.
Authentication of a smart phone user using audio frequency analysis
Kim, Jin-Bok ; Song, Jeong-Eun ; Lee, Mun-Kyu ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 327~336
In this paper, we propose user authentication methods using a microphone and a speaker in smart phones. The proposed methods guarantee that the user is located close to the target device by transmitting the challenge via an audio channel. We propose two authentication methods; user authentication for a PC or a website using a smart phone as a hardware token, and user authentication to log on to a smart phone using a PC as a token. Because our methods use typical peripheral devices such as a microphone and a speaker, they do not require any special-purpose hardware equipment. In addition, the elderly and the handicapped can easily use our methods because the methods are activated by simple operations.
A Study on the Privacy Security Management under the Cloud Computing Service Provider
Yu, Woo-Young ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 337~346
According to cloud computing service is increasing of using the Internet technology, it's increasing privacy security risks and out of control of security threats. However, the current cloud computing service providers does not provide to solutions of the privacy security management. This paper discusses the privacy security management issue of cloud computing service, and propose solutions to privacy information threats in cloud computing environment.
Privacy Preserving User Authentication Using Biometric Hardware Security Module
Shin, Yong-Nyuo ; Chun, Myung-Geun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 347~355
A biometric hardware security module is a physical device that comes in the form of smartcard or some other USB type security token is composed with biometric sensor and microcontroller unit (MCU). These modules are designed to process key generation and electronic signature generation inside of the device (so that the security token can safely save and store confidential information, like the electronic signature generation key and the biometric sensing information). However, the existing model is not consistent that can be caused by the disclosure of an ID and password, which is used by the existing personal authentication technique based on the security token, and provide a high level of security and personal authentication techniques that can prevent any intentional misuse of a digital certificate. So, this paper presents a model that can provide high level of security by utilizing the biometric security token and Public Key Infrastructure efficiently, presenting a model for privacy preserving personal authentication that links the biometric security token and the digital certificate.
Analysis on Vulnerability and Establishing Countermeasure Methodologies for Privacy Protection in NFC Environments
Lee, Jae-Sik ; Kim, Hyung-Joo ; You, Han-Na ; Park, Tae-Sung ; Jun, Moon-Seog ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 357~365
NFC(Near Field Communication),the short-distance communication protocol, is a technology with a wide range of application applied to smart phones. In particular, many of the services in NFC environments utilize users' privacy information. Privacy information used in such services leads to new vulnerability due to the very features of NFC technology and of NFC devices represented by smart phones. Therefore, the purpose of this study is to suggest a methodology that analyzes privacy vulnerability resulting from a NFC environments in technological, managerial and institutional aspects and a methodology aimed to establish a countermeasure to augment them. Also, this study will suggest vulnerability and countermeasures accordingly in domestic NFC service drawn out through the above methodologies and a countermeasure to improve the vulnerability. It is expected that various safe countermeasures for privacy protection in NFC environments will be established through the suggested methodologies.
Estimating Compensation for Personal Information Infringement in Korea Using Contingent Valuation Methods
Kwon, Hong ; Lee, Eun-Ju ; Kim, Tae-Sung ; Jun, Hyo-Jung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 367~377
(Estimating Compensation for Personal Information Infringement) As the value of personal information increases, personal information infringements is more likely to happen. The compensation for personal information infringements needs to be calculated in the process of infringement remedy. However, as personal information is regarded as non-market goods with no exchange price and calculating the remedy for mental sufferings from infringements has no guideline, it is not easy to determine the compensation amount. In this study, we adopt Contingent Valuation Methods (CVM) to analyze Willingness to Accept (WTA) of each type of personal information. Also, this study attempts to examine a standard model for calculating compensation by applying JNSA JO Model of Japan, which is not prepared in Korea. This study does not simply present a plan of estimating compensation. By measuring the value of personal information, it could awaken companies and organizations to the importance of personal information security.
A Study of Priority for Policy Implement of Personal Information Security in Public Sector: Focused on Personal Information Security Index
Shin, Young-Jin ; Jeong, Hyeong-Chul ; Kang, Won-Young ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 379~390
This study is to consider political implication of indicators to measure personal information security in public sector studied by Ministry of Public Adminstration and Security from 2008 to 2011. The study analyzed the priority of personal information security policy dividing into personal information security infrastructure, personal information management with life cycle, correspondence of information infringement by scholars, experts, and chargers. As the results, to progress personal information security policy is important to management of personal identification information on web site; specially institutional infrastructure as responsible organization, exclusive manpower, and security budget; personal information security infrastructure. As like the results, it would be reflected in the progress of personal information security policy and tried to provide systematic management program with improving safe information distribution and usefulness.
Protecting Individuals from Secondary Privacy Loss using Breached Personal Data Information Center
Ko, Yu-Mi ; Choi, Jae-Won ; Kim, Beom-Soo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 22, issue 2, 2012, Pages 391~400
This study focused on the role of the center for private information, which can manage and share the personal data from data breach incidents. Especially, this study addresses on the importance of establishing information management systems for preventing secondary misappropriation of breached personal data and private information. The database of breached personal data can be used for reducing privacy worries of potential victims of secondary misuse of personal data. Individuals who use the same IDs and passwords on multiple websites may find this service more effective and necessary. The effectiveness of this breached data center on reducing secondary privacy infringement may differ depending on the extend of data being shared and the conditions of data submission. When businesses experienced data breach and submission of data to this center is required by the law, the accuracy and effectiveness of this service can be enhanced. In addition, centralized database with high quality data set can increase matching for private information and control the secondary misappropriation of personal data or private information better.