Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 24, Issue 6 - Dec 2014
Volume 24, Issue 5 - Oct 2014
Volume 24, Issue 4 - Aug 2014
Volume 24, Issue 3 - Jun 2014
Volume 24, Issue 2 - Apr 2014
Volume 24, Issue 1 - Feb 2014
Selecting the target year
Graph based Binary Code Execution Path Exploration Platform for Dynamic Symbolic Execution
Kang, Byeongho ; Im, Eul Gyu ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 437~444
DOI : 10.13089/JKIISC.2014.24.3.437
In this paper, we introduce a Graph based Binary Code Execution Path Exploration Platform. In the graph, a node is defined as a conditional branch instruction, and an edge is defined as the other instructions. We implemented prototype of the proposed method and works well on real binary code. Experimental results show proposed method correctly explores execution path of target binary code. We expect our method can help Software Assurance, Secure Programming, and Malware Analysis more correct and efficient.
Improved Related-key Attack against Recent Lightweight Block Cipher PRINCE
Ju, Wangho ; An, Hyunjung ; Yi, Okyeon ; Kang, Ju-Sung ; Kim, Jongsung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 445~451
DOI : 10.13089/JKIISC.2014.24.3.445
The related-key attack is regarded as one of the important cryptanalytic tools for the security evaluation of block ciphers. This is due to the fact that this attack can be effectively applied to schemes like block-cipher based hash functions whose block-cipher keys can be controlled as their messages. In this paper, we improve the related-key attack on lightweight block cipher PRINCE proposed in FSE 2013. Our improved related-key attack on PRINCE reduces data complexity from
 to 2.
An Improved Dual-mode Laser Probing System for Fault Injecton Attack
Lee, Young Sil ; Non, Thiranant ; Lee, HoonJae ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 453~460
DOI : 10.13089/JKIISC.2014.24.3.453
Fault injection attack is the process of attempting to acquire the information on-chip through inject artificially generated error code into the cryptographic algorithms operation (or perform) which is implemented in hardware or software. From the details above, the laser-assisted failure injection attacks have been proven particularly successful. In this paper, we propose an improved laser probing system for fault injection attack which is called the Dual-Laser FA tool set, a hybrid approach of the Flash-pumping laser and fiber laser. The main concept of the idea is to improve the laser probe through utilizing existing equipment. The proposed laser probe can be divided into two parts, which are Laser-I for laser cutting, and Laser-II for fault injection. We study the advantages of existing equipment, and consider the significant parameters such as energy, repetition rate, wavelength, etc. In this approach, it solves the high energy problem caused by flash-pumping laser in higher repetition frequency from the fiber laser.
A Strongly Unforgeable Homomorphic MAC over Integers
Joo, Chihong ; Yun, Aaram ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 461~475
DOI : 10.13089/JKIISC.2014.24.3.461
Homomorphic MAC is a cryptographic primitive which protects authenticity of data, while allowing homomorphic evaluation of such protected data. In this paper, we present a new homomorphic MAC, which is based on integers, relying only on the existence of secure PRFs, and having efficiency comparable to the practical Catalano-Fiore homomorphic MAC. Our scheme is unforgeable even when MAC verification queries are allowed to the adversary, and we achieve this by showing strong unforgeability of our scheme.
Side-Channel Attacks on Square Always Exponentiation Algorithm
Jung, Seung-Gyo ; Ha, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 477~489
DOI : 10.13089/JKIISC.2014.24.3.477
Based on some flaws occurred for implementing a public key cryptosystem in the embedded security device, many side-channel attacks to extract the secret private key have been tried. In spite of the fact that the cryptographic exponentiation is basically composed of a sequence of multiplications and squarings, a new Square Always exponentiation algorithm was recently presented as a countermeasure against side-channel attacks based on trading multiplications for squarings. In this paper, we propose Known Power Collision Analysis and modified Doubling attacks to break the Right-to-Left Square Always exponentiation algorithm which is known resistant to the existing side-channel attacks. And we also present a Collision-based Combined Attack which is a combinational method of fault attack and power collision analysis. Furthermore, we verify that the Square Always algorithm is vulnerable to the proposed side-channel attacks using computer simulation.
Design for Zombie PCs and APT Attack Detection based on traffic analysis
Son, Kyungho ; Lee, Taijin ; Won, Dongho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 491~498
DOI : 10.13089/JKIISC.2014.24.3.491
Recently, cyber terror has been occurred frequently based on advanced persistent threat(APT) and it is very difficult to detect these attacks because of new malwares which cannot be detected by anti-virus softwares. This paper proposes and verifies the algorithms to detect the advanced persistent threat previously through real-time network monitoring and combinatorial analysis of big data log. In the future, APT attacks can be detected more easily by enhancing these algorithms and adapting big data platform.
The blocking method for accessing toward malicious sites based on Android platform
Kim, Dae-Cheong ; Ryou, Jae-Cheol ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 499~505
DOI : 10.13089/JKIISC.2014.24.3.499
According to the increasing use of smart devices such as smart phones and tablets, the service that targets mobile office, finance and e-government for convenience of usage and productivity has emerged significantly. As a result, important information is treated with the smart devices and also, the malicious activity that targets smart devices is increasing steadily. In particular, the damage case by harmful sites, malware distribution sites and phishing sites that targets smart devices has occurred steadily and it has emerged as a social issue. In the case of smart devices, the Android platform is occupied the 90% in Korea, 2013 therefore the method of device block level is required to resolve the social issues of smart devices. In this paper, we propose a method that can be effectively blocked when you try to access an illegal site to Web browser on the Android platform and develop the application and also analyze the wrong site block function.
An Auto-Verification Method of Security Events Based on Empirical Analysis for Advanced Security Monitoring and Response
Kim, Kyu-Il ; Park, Hark-Soo ; Choi, Ji-Yeon ; Ko, Sang-Jun ; Song, Jung-Suk ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 507~522
DOI : 10.13089/JKIISC.2014.24.3.507
Domestic CERTs are carrying out monitoring and response against cyber attacks using security devices(e.g., IDS, TMS, etc) based on signatures. Particularly, in case of public and research institutes, about 30 security monitoring and response centers are being operated under National Cyber Security Center(NCSC) of National Intelligence Service(NIS). They are mainly using Threat Management System(TMS) for providing security monitoring and response service. Since TMS raises a large amount of security events and most of them are not related to real cyber attacks, security analyst who carries out the security monitoring and response suffers from analyzing all the TMS events and finding out real cyber attacks from them. Also, since the security monitoring and response tasks depend on security analyst`s know-how, there is a fatal problem in that they tend to focus on analyzing specific security events, so that it is unable to analyze and respond unknown cyber attacks. Therefore, we propose automated verification method of security events based on their empirical analysis to improve performance of security monitoring and response.
Build a Digital Evidence Map considered Log-Chain
Park, Hojin ; Lee, Sangjin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 523~533
DOI : 10.13089/JKIISC.2014.24.3.523
It has been spent too much time to figure out the incident route when we are facing computer security incident. The incident often recurs moreover the damage is expanded because critical clues are lost while we are wasting time with hesitation. This paper suggests to build a Digital Evidence Map (DEM) in order to find out the incident cause speedy and accurately. The DEM is consist of the log chain which is a mesh relationship between machine data. And the DEM should be managed constantly because the log chain is vulnerable to various external facts. It could help handle the incident quickly and cost-effectively by acquainting it before incident. Thus we can prevent recurrence of incident by removing the root cause of it. Since the DEM has adopted artifacts in data as well as log, we could make effective response to APT attack and Anti-Forensic.
Event and Command based Fuzzing Method for Verification of Web Browser Vulnerabilities
Park, Seongbin ; Kim, Minsoo ; Noh, Bong-Nam ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 535~545
DOI : 10.13089/JKIISC.2014.24.3.535
As the software industry has developed, the attacks making use of software vulnerability has become a big issue in society. In particular, because the attacks using the vulnerability of web browsers bypass Windows protection mechanism, web browsers can readily be attacked. To protect web browsers against security threat, research on fuzzing has constantly been conducted. However, most existing web browser fuzzing tools use a simple fuzzing technique which randomly mutates DOM tree. Therefore, this paper analyzed existing web browser fuzzing tools and the patterns of their already-known vulnerability to propose an event and command based fuzzing tool which can detect the latest web browser vulnerability more effectively. Three kinds of existing fuzzing tools were compared with the proposed tool. As a result, it was found that the event and command based fuzzing tool proposed was more effective.
Information Security Management System Evaluation Criteria with availability for Korean Smart Grid
Heo, Ok ; Kim, Seungjoo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 547~560
DOI : 10.13089/JKIISC.2014.24.3.547
Smart Grid, which maximize the efficiency of energic utilization by applying Information and Communication Technology to Power Grid, requires high availability. Attacks, such as DDoS, which cause suspension of service and lead to social disruptions have recently been increasing so that systematic management over availability becomes more important. In this paper, we presents a new evaluation criteria of Korean Smart Grid by comparing availability assessment items of international standards specified in management system and then overcome the limitations of availability evaluation of existing information security management system.
A Study on Method to Establish Cyber Security Technical System in NPP Digital I&C
Chung, Manhyun ; Ahn, Woo-Geun ; Min, Byung-Gil ; Seo, Jungtaek ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 561~570
DOI : 10.13089/JKIISC.2014.24.3.561
Nuclear Power Plant Instrumentation and Control System(NPP I&C) which is used to operate safely is changing from analog technology to digital technology. Ever since NPP Centrifuge of Iran Bushehr was shut down by Stuxnet attack in 2010, the possibility of cyber attacks against the NPP has been increasing. However, the domestic and international regulatory guidelines that was published to strengthen the cyber security of the NPP I&C describes security requirements and method s to establish policies and procedures. These guidelines are not appropriate for the development of real applicable cyber security technology. Therefore, specialized cyber security technologies for the NPP I&C need to be developed to enhance the security of nuclear power plants. This paper proposes a cyber security technology development system which is exclusively for the development of nuclear technology. Furthermore, this method has been applied to the ESF-CCS developed by The KINCS R&D project.
Research on Development of Digital Forensics based Digital Records Migration Procedure and Tool
Lee, Seokcheol ; Yoo, Hyunguk ; Shon, Taeshik ;
Journal of the Korea Institute of Information Security and Cryptology, volume 24, issue 3, 2014, Pages 571~580
DOI : 10.13089/JKIISC.2014.24.3.571
Digital Records, which are created, stored, and managed in digital form, contains security vulnerability such as data modification, due to the characteristic of digital data. Therefore it is necessary to guarantee the reliability by verification of integrity and authenticity when managing digital records. This paper propose digital forensics based migration process for electronic records by analyzing legacy digital forensics process, and derives the requirements to develop digital forensics based electronic records migration tool through analyzing trends of abroad digital records migration technique and tool. Based on these develop digital forensic based digital records migration tool to guarantee integrity and authenticity of digital records.