Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 23, Issue 6 - Dec 2013
Volume 23, Issue 5 - Oct 2013
Volume 23, Issue 4 - Aug 2013
Volume 23, Issue 3 - Jun 2013
Volume 23, Issue 2 - Apr 2013
Volume 23, Issue 1 - Feb 2013
Selecting the target year
A Method of Enhancing Security of Internet Banking Service using Contents-Based CAPTCHA
Lee, Sang-Ho ; Kim, Sung-Ho ; Kang, Jeon-Il ; Byun, Je-Sung ; Nyang, Dea-Hun ; Lee, Kyung-Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 571~583
DOI : 10.13089/JKIISC.2013.23.4.571
Internet banking service has a advantage that is unrestricted by time. If automated programs are able to attack Internet banking services, a number of accounts can be attacked at the same time and as a result, damage will be considerably increased. To cope with such attacks, two methods, VPS and MS watermark, were introduced by Arcot and MS respectively. The methods use text-based CAPTCHAs in the process of transfer approval to distinguish automated programs from legal human users. In this paper, we point out the security threats of the methods when those are applied to Internet banking services. Especially, we consider the attack that are performed by extract specific string from text-based CAPTCHAs and it`s countermeasure. Also we suggest a method of enhancing security of internet banking services. Our method is based on contents-based CAPTCHAs that are consist of known transfer information between user and server.
A Physical Combined Attack and its Countermeasure on BNP Exponentiation Algorithm
Kim, Hyung-Dong ; Ha, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 585~591
DOI : 10.13089/JKIISC.2013.23.4.585
Recently, the combined attack which is a combination of side channel analysis and fault attack has been developed to extract the secret key during the cryptographic processes using a security device. Unfortunately, an attacker can find the private key of RSA cryptosystem through one time fault injection and power signal analysis. In this paper, we diagnosed SPA/FA resistant BNP(Boscher, Naciri, and Prouff) exponentiation algorithm as having threats to a similar combined attack. And we proposed a simple countermeasure to resist against this combined attack by randomizing the private key using error infective method.
An Implementation Method of HB-Family Light-weight Authentication for Device Authentication between ECU
Kim, Tae Su ; Kim, Hyoseung ; Woo, Samuel ; Lee, Dong Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 593~607
DOI : 10.13089/JKIISC.2013.23.4.593
The In-Vehicle-Networking(IVN) of modern cars is constituted by an small electronic control device called ECU. In the past, there was no way to be able to access the IVN of a driving car. so IVN has been recognized as a closed environment so there is no need to exist authentication protocol between devices which are to configure the internal network and to communicate with other devices. However, constant improvements made it possible to access the IVN in many different ways as the communication technology evolves. This possibility created a need for device authentication in IVN. HB-Family are representative authentication schemes in RFID environment which has similar restrictions to IVN. In this paper, we propose an implementation method of HB-Family for device authentication between ECU considering ECU has low computing power and the message field of CAN protocol has restricted size of 8 bytes. In order to evaluate the efficiency and availability of the authentication schemes adopted our method, we have evaluated the performance based on DSP-28335 device. Further, it was possible to improve the efficiency rate of at lest 10%, up to 36%, and we then analyze this result in various aspects of the IVN.
The Implementation of Smartphone Application servicing HD(High Definition)-Voice
Choi, Seung-Han ; Kim, Do-Young ; Seo, Chang-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 609~615
DOI : 10.13089/JKIISC.2013.23.4.609
This paper represents the development of the HD-Voice application with G.711.1 coder-the latest wideband codec standard from ITU-T-for smartphone based on android platform. The work also includes the structure of the HD-voice application and the result of speech quality of HD-Voice application with G.711.1 coder. The paper shows that the speech quality of HD-Voice application with G.711.1 coder is excellent.
Detecting a Relay Attack with a Background Noise
Kim, Jonguk ; Kang, Sukin ; Hong, Manpyo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 617~627
DOI : 10.13089/JKIISC.2013.23.4.617
Wireless communication technology such as NFC and RFID makes the data transfer between devices much easier. Instead of the irksome typing of passwords, users are able to simply authenticate themselves with their smart cards or smartphones. Relay attack, however, threatens the security of token-based, something-you-have authentication recently. It efficiently attacks the authentication system even if the system has secure channels, and moreover it is easy to deploy. Distance bounding or localization of two devices has been proposed to detect relay attacks. We describe the disadvantages and weakness of existing methods and propose a new way to detect relay attacks by recording a background noise.
A Study on the Self-destructing Data for Information Privacy
Kim, Jonguk ; Kang, Sukin ; Hong, Manpyo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 629~638
DOI : 10.13089/JKIISC.2013.23.4.629
Recently the interest in the information privacy has been growing. Digital data can be easily transferred via Internet. Service providers ask users for private data to give customized services. Users believe that their shared data are protected as they deliver their private data securely. However, their private data may be leaked if service providers do not delete or initialize them when they expire. The possibility of information leak may lower if the service providers deal with users` private data properly. In this paper, we study the self-destruction of private data for information privacy and propose the glass-box model.
Security Analysis of AMI Using ACT
Wi, Miseon ; Kim, Dong Seong ; Park, Jong Sou ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 639~653
DOI : 10.13089/JKIISC.2013.23.4.639
Smart grid is a network of computers and power infrastructure that monitor and manage energy usage efficiently. Recently, the smart grid demonstration projects around the world, including the United States, Europe, Japan, and the technology being developed. The protection of the many components of the grid against cyber-threats has always been critical, but the recent Smart grid has been threatened by a variety of cyber and physical attacks. We model and analyze advanced metering infrastructure(AMI) in smart grid. Using attack countermeasure tree(ACT) we show qualitative and probabilistic security analysis of AMI. We implement using SHARPE(Symbolic Hierarchical Automated Reliability and Performance Evaluator) tool and calculate probability, ROA, ROI, Structure Importance, Birnbaum Importance.
A research for partition recovery method in a forensic perspective
Namgung, Jaeung ; Hong, Ilyoung ; Park, Jungheum ; Lee, Sangjin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 655~666
DOI : 10.13089/JKIISC.2013.23.4.655
As the capacity of storage devices becomes larger, most users divide them into several logical partitions for convenience of storing and controlling data. Therefore, recovering partitions stably which are artificially hidden or damaged is the most important issue in the perspective of digital forensic. This research suggests partition recovery algorithm that makes stable and effective analysis using characteristics of each file system. This algorithm is available when partition is not distinguishable due to concealment of partition or damage in partition area.
The Method of Analyzing Firewall Log Data using MapReduce based on NoSQL
Choi, Bomin ; Kong, Jong-Hwan ; Hong, Sung-Sam ; Han, Myung-Mook ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 667~677
DOI : 10.13089/JKIISC.2013.23.4.667
As the firewall is a typical network security equipment, it is usually installed at most of internal/external networks and makes many packet data in/out. So analyzing the its logs stored in it can provide important and fundamental data on the network security research. However, along with development of communications technology, the speed of internet network is improved and then the amount of log data is becoming `Massive Data` or `BigData`. In this trend, there are limits to analyze log data using the traditional database model RDBMS. In this paper, through our Method of Analyzing Firewall log data using MapReduce based on NoSQL, we have discovered that the introducing NoSQL data base model can more effectively analyze the massive log data than the traditional one. We have demonstrated execellent performance of the NoSQL by comparing the performance of data processing with existing RDBMS. Also the proposed method is evaluated by experiments that detect the three attack patterns and shown that it is highly effective.
Generating Malware DNA to Classify the Similar Malwares
Han, Byoung-Jin ; Choi, Young-Han ; Bae, Byung-Chul ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 679~694
DOI : 10.13089/JKIISC.2013.23.4.679
According to the national information security white paper 2013, the number of hacking attempt in 2012 is 17,570 which is increased by 67.4% than in 2011, and it has been increasing year after year. The cause of this increase is considered as pursuit of monetary profit and diversification techniques of infection. However, because the development of malicious code faster than the increase in the number of experts to analyze and respond the malware, it is difficult to respond to security threats due to malicious code. So, the interest on automatic analysis tools is increasing. In this paper, we proposed the method of malware classification by similarity using malware DNA. It helps the experts to reduce the analysis time, to increase the correctness. The proposed method generates `Malware DNA` from extracted features, and then calculates similarity to classify the malwares.
Preventing ID Mapping Attacks on DHT Networks through Non-Voluntary Node Locating
Lee, Cheolho ; Choi, Kyunghee ; Chung, Kihyun ; Kim, Jongmyung ; Yun, Youngtae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 695~707
DOI : 10.13089/JKIISC.2013.23.4.695
DHT(Distributed Hash Table) networks such as Kademlia are vulnerable to the ID mapping attack caused by the voluntary DHT mapping structure where the location of a node is solely determined by itself on the network topology. This causes security problems such as eclipse, DRDoS and botnet C&C on DHT networks. To prevent ID mapping attacks, we propose a non-voluntary DHT mapping scheme and perform analysis on NAT compatibility, attack resistance, and network dynamicity. Analysis results show that our approach may have an equivalent level of attack resistance comparing with other defense mechanisms and overcome their limitations including NAT compatibility and network dynamicity.
Analysis of Virtualization Obfuscated Executable Files and Implementation of Automatic Analysis Tool
Suk, Jae Hyuk ; Kim, Sunghoon ; Lee, Dong Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 709~720
DOI : 10.13089/JKIISC.2013.23.4.709
Virtualization obfuscation makes hard to analyze the code by applying virtualization to code section. Protected code by common used virtualization obfuscation technique has become known that it doesn`t have restored point and also it is hard to analyze. However, it is abused to protect malware recently. So, It is been hard to analyze and take action for malware. Therefore, this paper`s purpose is analyze and take action for protected malware by virtualization obfuscation technique through implement tool which can extract virtualization structure automatically and trace execution process. Hence, basic structure and operation process of virtualization obfuscation technique will be handled and analysis result of protected malware by virtualization obfuscation utilized Equation Reasoning System, one kind of program analysis. Also, we implement automatic analysis tool, extract virtualization structure from protected executable file by virtualization obfuscation technique and deduct program`s execution sequence.
On the Design of a Big Data based Real-Time Network Traffic Analysis Platform
Lee, Donghwan ; Park, Jeong Chan ; Yu, Changon ; Yun, Hosang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 721~728
DOI : 10.13089/JKIISC.2013.23.4.721
Big data is one of the most spotlighted technological trends in these days, enabling new methods to handle huge volume of complicated data for a broad range of applications. Real-time network traffic analysis essentially deals with big data, which is comprised of different types of log data from various sensors. To tackle this problem, in this paper, we devise a big data based platform, RENTAP, to detect and analyse malicious network traffic. Focused on military network environment such as closed network for C4I systems, leading big data based solutions are evaluated to verify which combination of the solutions is the best design for network traffic analysis platform. Based on the selected solutions, we provide detailed functional design of the suggested platform.
A Proposal Countermeasure to DDoS attacks targered DNS
Choi, Ji-Woo ; Chun, Myung-Jin ; Hong, Do-Won ; Seo, Chang-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 729~735
DOI : 10.13089/JKIISC.2013.23.4.729
The recent issue of distributed denial of service attack paralyze major government and financial institution in internet sites. They threatened to the cyber security. There hasn`t been easy defense of now using attack. There seems to be increases in damage. In this paper, The recent continue to evolve of distributed denial of service attack. DNS target of distributed denial of service attack give specific examples. but, DNS target of DDoS attacks about defense is insufficient. The DNS Cyber-shelter system was created based on the Cyber-shelter system for DDoS attack in Kisa.. We proposal DNS Cyber-shelter system.
Performance Analysis of Face Recognition by Distance according to Image Normalization and Face Recognition Algorithm
Moon, Hae-Min ; Pan, Sung Bum ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 737~742
DOI : 10.13089/JKIISC.2013.23.4.737
The surveillance system has been developed to be intelligent which can judge and cope by itself using human recognition technique. The existing face recognition is excellent at a short distance but recognition rate is reduced at a long distance. In this paper, we analyze the performance of face recognition according to interpolation and face recognition algorithm in face recognition using the multiple distance face images to training. we use the nearest neighbor, bilinear, bicubic, Lanczos3 interpolations to interpolate face image and PCA and LDA to face recognition. The experimental results show that LDA-based face recognition with bilinear interpolation provides performance in face recognition.
A study on the vulnerability of integrity verification functions of android-based smartphone banking applications
Kim, Soonil ; Kim, Sunghoon ; Lee, Dong Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 743~755
DOI : 10.13089/JKIISC.2013.23.4.743
In recent years, the malicious apps with malicious code in normal apps are increasingly redistributed in Android market, which may incur various problems such as the leakage of authentication information and transaction information and fraudulent transactions when banking apps to process the financial transactions are exposed to such attacks. Thus the financial authorities established the laws and regulations as an countermeasures against those problems and domestic banks provide the integrity verification functions in their banking apps, yet its reliability has not been verified because the studies of the safety of the corresponding functions have seldom been conducted. Thus this study suggests the vulnerabilities of the integrity verification functions of banking apps by using Android reverse engineering analysis techniques. In case the suggested vulnerabilities are exploited, the integrity verification functions of banking apps are likely to be bypassed, which will facilitate malicious code inserting attacks through repackaging and its risk is very high as proved in a test of this study. Furthermore this study suggests the specific solutions to those vulnerabilities, which will contribute to improving the security level of smartphone financial transaction environment against the application forgery attacks.
Study to detect and block leakage of personal information : Android-platform environment
Choi, Youngseok ; Kim, Sunghoon ; Lee, Dong Hoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 757~766
DOI : 10.13089/JKIISC.2013.23.4.757
The Malicious code that targets Android is growing dramatically as the number of Android users are increasing. Most of the malicious code have an intention of leaking personal information. Recently in Korea, a malicious code `chest` has appeared and generated monetary damages by using malicious code to leak personal information and try to make small purchases. A variety of techniques to detect personal information leaks have been proposed on Android platform. However, the existing techniques are hard to apply to the user`s smart-phone due to the characteristics of Android security model. This paper proposed a technique that detects and blocks file approaches and internet connections that are not allowed access to personal information by using the system call hooking in the kernel and white-list based approach policy. In addition, this paper proved the possibility of a real application on smart-phone through the implementation.
Analysis of Personal Information Protection Circumstances based on Collecting and Storing Data in Privacy Policies
Lee, Jae-Geun ; Kang, Sang-Ug ; Youm, Heung-Youl ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 767~779
DOI : 10.13089/JKIISC.2013.23.4.767
A field of privacy protection lacks statistical information about the current status, compared to other fields. On top of that, since it has not been classified as a concrete separate field, the related survey is only conducted as a part of such concrete areas. Furthermore, this trend of being regarded as a part of fields such as informatization, information protection and law will continue in the near future. In this paper, a novel and practical way for collecting and storing a big amout of data from 110,000 privacy policies by data controller is proposed and the real analysis results is also shown. The proposed method can save time and cost compared with the traditional survey-based method while maintaining or even advancing the accuracy of results and speediness of process. The collected big personal data can be used to set up various kinds of statistical models and they will play an important role as a breakthrough of observing the present status of privacy information protection policy. The big data concept is incorporated into the privacy protection and we can observe the method and some results throughout the paper.
A Study on Consigned Party Management System Enhancement for Personal Information Protection
Kang, Tae-Hun ; Lim, Jong-In ;
Journal of the Korea Institute of Information Security and Cryptology, volume 23, issue 4, 2013, Pages 781~797
DOI : 10.13089/JKIISC.2013.23.4.781
Nowadays, it is increasing that corporates consign tasks related to the personal information processing to the consignees for efficiency and quality improvements and cost reductions. As the consignments are increased, there are increases on types and amounts of personal information. Therefore, the needs on the information managements and the security threats are increased. This report will analyze the laws that consignors and consignees should follow. Moreover, it identifies issues and analyzes the current levels on consignees in terms of the personal information protection so that the consignors can come up with the best and efficient way to monitor the consignees when they consign the personal information processing tasks.