Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 23, Issue 6 - Dec 2013
Volume 23, Issue 5 - Oct 2013
Volume 23, Issue 4 - Aug 2013
Volume 23, Issue 3 - Jun 2013
Volume 23, Issue 2 - Apr 2013
Volume 23, Issue 1 - Feb 2013
Selecting the target year
On the Security of Pointcheval-Zimmer Multi-Factor Authenticated Key Exchange Protocol
Byun, Jin Wook ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 351~358
DOI : 10.13089/JKIISC.2013.23.3.351
In 2008, Pointcheval and Zimmer have presented multi-factor authenticated key exchange protocol with client's secret key, password, biometrics. However, it has been found to be flawed by Hao and Clarke if an attacker has single authentication factor (password), then the attacker can deduce other authentication factors. Interestingly, its countermeasure has not been presented due to the difficulty of design and structural problem. In this paper, an efficient countermeasure is briefly presented and its security is discussed as well.
An Improved Reversible Secret Image Sharing Scheme based on GF(2
Kim, Dong-Hyun ; Kim, Jung-Joon ; Yoo, Kee-Young ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 359~370
DOI : 10.13089/JKIISC.2013.23.3.359
Lin and Chan proposed a reversible secret image sharing scheme in 2010. The advantages of their scheme are as follows: the low distortion ratio, high embedding capacity of shadow images and usage of the reversible. However, their scheme has some problems. First, the number of participants is limited because of modulus prime number m. Second, the overflow can be occurred by additional operations (quantized value and the result value of polynomial) in the secret sharing procedure. Finally, if the coefficient of (t-1)th degree polynomial become zero, (t-1) participants can access secret data. In this paper, an improved reversible secret image sharing scheme which solves the problems of Lin and Chan's scheme while provides the low distortion ratio and high embedding capacity is proposed. The proposed scheme solves the problems that are a limit of a total number of participants, and occurrence of overflow by new polynomial operation over GF(
). Also, it solve problem that the coefficient of (t-1)th degree polynomial become zero by fixed MSB 4-bit constant. In the experimental results, PSNR of their scheme is decreased with the increase of embedding capacity. However, even if the embedding capacity increase, PSNR value of about 45dB or more is maintained uniformly in the proposed scheme.
A Countermeasure Against Fault Injection Attack on Block Cipher ARIA
Kim, Hyung-Dong ; Ha, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 371~381
DOI : 10.13089/JKIISC.2013.23.3.371
An encryption algorithm is executed to supply data confidentiality using a secret key which is embedded in a crypto device. However, the fault injection attack has been developed to extract the secret key by injecting errors during the encryption processes. Especially, an attacker can find the secret key of block cipher ARIA using about 33 faulty outputs. In this paper, we proposed a countermeasure resistant to the these fault injection attacks by checking the difference value between input and output informations. Using computer simulation, we also verified that the proposed countermeasure has excellent fault detection rate and negligible computational overhead.
Dummy Data Insert Scheme for Privacy Preserving Frequent Itemset Mining in Data Stream
Jung, Jay Yeol ; Kim, Kee Sung ; Jeong, Ik Rae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 383~393
DOI : 10.13089/JKIISC.2013.23.3.383
Data stream mining is a technique to obtain the useful information by analyzing the data generated in real time. In data stream mining technology, frequent itemset mining is a method to find the frequent itemset while data is transmitting, and these itemsets are used for the purpose of pattern analyze and marketing in various fields. Existing techniques of finding frequent itemset mining are having problems when a malicious attacker sniffing the data, it reveals data provider's real-time information. These problems can be solved by using a method of inserting dummy data. By using this method, a attacker cannot distinguish the original data from the transmitting data. In this paper, we propose a method for privacy preserving frequent itemset mining by using the technique of inserting dummy data. In addition, the proposed method is effective in terms of calculation because it does not require encryption technology or other mathematical operations.
Design of Memory-Efficient Deterministic Finite Automata by Merging States With The Same Input Character
Choi, Yoon-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 395~404
DOI : 10.13089/JKIISC.2013.23.3.395
A pattern matching algorithm plays an important role in traffic identification and classification based on predefined patterns for intrusion detection and prevention. As attacks become prevalent and complex, current patterns are written using regular expressions, called regexes, which are expressed into the deterministic finite automata(DFA) due to the guaranteed worst-case performance in pattern matching process. Currently, because of the increased complexity of regex patterns and their large number, memory-efficient DFA from states reduction have become the mainstay of pattern matching process. However, most of the previous works have focused on reducing only the number of states on a single automaton, and thus there still exists a state blowup problem under the large number of patterns. To solve the above problem, we propose a new state compression algorithm that merges states on multiple automata. We show that by merging states with the same input character on multiple automata, the proposed algorithm can lead to a significant reduction of the number of states in the original DFA by as much as 40.0% on average.
Secure Membership Protocol for ZigBee Network
Kim, Bong-Hwan ; Park, Chang-Seop ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 405~416
DOI : 10.13089/JKIISC.2013.23.3.405
ZigBee is a wireless sensor network protocol recognized as a next-generation standard infrastructure for WBAN and Smart Grid. Security plays an important role in several ZigBee applications. Especially, strict membership control should be enforced when the membership is changed during the join and leave operations in ZigBee. In this paper, we investigate the security weakness of the current leave operation in ZigBee and propose a new security scheme to address it as well as its security and performance analysis.
File Carving for Ext4 File System on Android OS
Kim, Dohyun ; Park, Jungheum ; Lee, Sangjin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 417~429
DOI : 10.13089/JKIISC.2013.23.3.417
A lot of OS(Operating Systems) such as Linux and Android selected Ext4 as the official file system. Therefore, a recovery of deleted file from Ext4 is becoming a pending issue. In this paper, we suggest how to recover the deleted file by analyzing the entire structure of Ext4 file system, the study of metadata area, the distinct feature when file is assigned and deleted. Particularly, we focus on studying the features of file which is assigned in Ext4 file system in Android OS and also suggest the method to recover the deleted file that is fragmented from the un-allocated area.
Relaying Rogue AP detection scheme using SVM
Kang, Sung-Bae ; Nyang, Dae-Hun ; Choi, Jin-Chun ; Lee, Sok-Joon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 431~444
DOI : 10.13089/JKIISC.2013.23.3.431
Widespread use of smartphones and wireless LAN accompany a threat called rogue AP. When a user connects to a rogue AP, the rogue AP can mount the man-in-the-middle attack against the user, so it can easily acquire user's private information. Many researches have been conducted on how to detect a various kinds of rogue APs, and in this paper, we are going to propose an algorithm to identify and detect a rogue AP that impersonates a regular AP by showing a regular AP's SSID and connecting to a regular AP. User is deceived easily because the rogue AP's SSID looks the same as that of a regular AP. To detect this type of rogue APs, we use a machine learning algorithm called SVM(Support Vector Machine). Our algorithm detects rogue APs with more than 90% accuracy, and also adjusts automatically detection criteria. We show the performance of our algorithm by experiments.
Quantitative Methodology to Assess Cyber Security Risks of SCADA system in Electric Power Industry
Kang, Dong-Joo ; Lee, Jong-Joo ; Lee, Young ; Lee, Im-Sop ; Kim, Huy-Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 445~457
DOI : 10.13089/JKIISC.2013.23.3.445
This paper is about the study to build a quantitative methodology to assess cyber threats and vulnerabilities on control systems. The SCADA system in power industry is one of the most representative and biggest control systems. The SCADA system was originally a local system but it has been extended to wide area as both ICT and power system technologies evolve. Smart Grid is a concept to integrate energy and IT systems, and therefore the existing cyber threats might be infectious to the power system in the integration process. Power system is operated on a real time basis and this could make the power system more vulnerable to the cyber threats. It is a unique characteristic of power systems different from ICT systems. For example, availability is the most critical factor while confidentiality is the one from the CIA triad of IT security. In this context, it is needed to reflect the different characteristics to assess cyber security risks in power systems. Generally, the risk(R) is defined as the multiplication of threat(T), vulnerability(V), and asset(A). This formula is also used for the quantification of the risk, and a conceptual methodology is proposed for the objective in this study.
Study of Operating μTESLA in Multi-hop Unattended WSN
Choi, JinChun ; Kang, Jeonil ; Nyang, DaeHun ; Lee, KyungHee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 459~470
DOI : 10.13089/JKIISC.2013.23.3.459
is well known as the most representative energy-efficient broadcast authentication method. Until now, there are many researches that figure out the problems or limitation of
and mitigate or solve them, but most researches have been verified in the environment far from the real world. We consider the necessity of verifying what the real efficiency of
is. In this paper, we assume that sensors that continuously repeat hibernation and activity perform communication under the UWSN(Unattended WSN), which BS does not stay in the network. In this environment, we newly inspect the performance of
by performing various simulations.
development plan of nuclear cyber security system
Han, Kyung-Soo ; Lee, Gang-Soo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 471~478
DOI : 10.13089/JKIISC.2013.23.3.471
Industrial control system was designed mainly in the form of analog in early days. However, necessity of digital system engineering is increasing recently because systems become complicated. Consequently, stability of digital systems is improved so most industrial control systems are designed with digital. Because Using digital design of Industrial control system is expanded, various threatening possibilities such as penetration or destruction of systems are increasing enormously. Domestic and overseas researchers accordingly make a multilateral effort into risk analysis and preparing countermeasures. In this paper, this report chooses common security requirement in industrial control system and nuclear control system through relevant guidelines analysis. In addition, this report suggests the development plan of nuclear cyber security system which will be an essential ingredient of planning approvals.
Android based Mobile Device Rooting Attack Detection and Response Mechanism using Events Extracted from Daemon Processes
Lee, Hyung-Woo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 479~490
DOI : 10.13089/JKIISC.2013.23.3.479
Recently, the number of attacks by malicious application has significantly increased, targeting Android-platform mobile terminal such as Samsung Galaxy Note and Galaxy Tab 10.1. The malicious application can be distributed to currently used mobile devices through open market masquerading as an normal application. An attacker inserts malicious code into an application, which might threaten privacy by rooting attack. Once the rooting attack is successful, malicious code can collect and steal private data stored in mobile terminal, for example, SMS messages, contacts list, and public key certificate for banking. To protect the private information from the malicious attack, malicious code detection, rooting attack detection and countermeasure method are required. To meet this end, this paper investigates rooting attack mechanism for Android-platform mobile terminal. Based on that, this paper proposes countermeasure system that enables to extract and collect events related to attacks occurring from mobile terminal, which contributes to active protection from malicious attacks.
User behavior analysis in No Disk System Configuration
Kim, Deunghwa ; Namgung, Jaeung ; Park, Jungheum ; Lee, Sangjin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 491~500
DOI : 10.13089/JKIISC.2013.23.3.491
With the advent of big data and increased costs of SSD(HDD), domestic and foreign Internet cafes and organizations have adopted NDS(No Disk System) solution recently. NDS is a storage virtualization solution based on a kind of cloud computing. It manages Operating System and applications in the central server, which were originally managed by individual computers. This research will illustrate the way to analyze user's behaviors under NDS circumstance.
The weight analysis research in developing a similarity classification problem of malicious code based on attributes
Chung, Yong-Wook ; Noh, Bong-Nam ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 501~514
DOI : 10.13089/JKIISC.2013.23.3.501
A grouping process through the similarity comparison is required to effectively classify and respond a malicious code. When we have a use of the past similarity criteria to be used in the comparison method or properties it happens a increased problem of false negatives and false positives. Therefore, in this paper we apply to choose variety of properties to complement the problem of behavior analysis on the heuristic-based of 2nd step in malicious code auto analysis system, and we suggest a similarity comparison method applying AHP (analytic hierarchy process) for properties weights that reflect the decision-making technique. Through the similarity comparison of malicious code, configured threshold is set to the optimum point between detection rates and false positives rates. As a grouping experiment about unknown malicious it distinguishes each group made by malicious code generator. We expect to apply it as the malicious group information which includes a tracing of hacking types and the origin of malicious codes in the future.
A New Investigation Methodology of Marine Casualties and Incidents using Digital Forensic Techniques
Baek, Myeong-Hun ; Lee, Sangjin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 515~530
DOI : 10.13089/JKIISC.2013.23.3.515
The results of investigations into marine incidents have become an important basis in determining not only possible causes, but also the extent of negligence between the perpetrator and victim. However, marine incidents occur under special circumstances i.e. the marine environment, and this leads to difficulties in identifying causes due to problems in scene preservation, reenactment and acquisition of witnesses. Given the aforementioned characteristic of marine incidents, the International Convention for the Safety of Life at Sea (SOLAS) has adopted mandatory regulations on the carriage of Voyage Data Recorders (VDRs) and Automatic Identification Systems (AIS) for ships of a certain gross tonnage and upwards, so as to reflect recent developments in radio communication and marine technology. Adopted to provide an international standard for investigations and to promote cooperation, the Code of the International Standards and Recommended Practices for a Safety Investigation into a Marine Casualty or Marine Incident (Casualty Investigation Code) recommends member states to build capacity for analysis of VDR data. Against this backdrop, this paper presents methods for efficient investigations into the causes behind marine incidents based on data analysis of VDR, which serves as the black box of ships, as well as digital forensic techniques.
A Study on the Improvement of Security Vulnerabilities in Intelligent Transport Systems
Jo, Pyoung Hyun ; Lim, Jong In ; Kim, Huy Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 531~543
DOI : 10.13089/JKIISC.2013.23.3.531
The destruction and prejudice of major infrastructure such as energy, broadcast, communication and transportation could result in a threat to individual rights and liberties, as well as social and economic losses. If a traffic signal control facilities have been violated, the lives of the citizens discomfort as well as causing social disruption such as traffic accident. Because the control system is operating as a closed network and you think it is safe, the information protection system has not been built or security patches and anti-virus updates do not work properly. So, cyber attacks by security vulnerabilities are exposed. Therefore, there is a need to identify the characteristics of the system, and develop appropriate countermeasures in order to prevent cyber attacks and prejudices incidents. This paper examines the vulnerabilities of Intelligent Transport Systems and proposes the improvement of security vulnerabilities.
A Study on Domestic Information Security Education System
Kim, Dong-Woo ; Chai, Seung-Woan ; Ryou, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 545~559
DOI : 10.13089/JKIISC.2013.23.3.545
There is a limitation on counteracting recent cyber-attacks with only technical security measures because they become more intelligent and large-scale to aim at employees instead of systems directly or to be conducted with unspecified multiple PCs. Thus, comprehensive measures revolved around related manpower are necessary to deal with them. However, domestic information security education system which is the base of professional manpower training lacks medium-and long-term plans for information security education, verification of education programs, and information sharing among educational institutions. This paper suggests information security education development plans for resolving problems on domestic education systems and improving cyber information security environment such as a national information security education master plan, certification system introduction of education programs, and professional manpower database management.
An efficient exponentiation method against side channel attacks in Torus-Based-Cryptosystem
Park, Young-Ho ; Chang, Nam Su ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 3, 2013, Pages 561~566
DOI : 10.13089/JKIISC.2013.23.3.561
We propose an efficient exponentiation method which is resistant against some side channel attacks in
, Torus-Based-Cryptosystem. It is more efficient than the general exponentiation method in
and is resistant against SPA by using that the difference of squaring and multiplication costs is negligible. Moreover, we can randomize a message in exponentiation step using the characteristic of quotient group which naturally protects against the first DPA.