Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
Journal of the Korea Institute of Information Security and Cryptology
Journal Basic Information
Journal DOI :
Korea Institutes of Information Security and Cryptology
Editor in Chief :
Volume & Issues
Volume 25, Issue 6 - Dec 2015
Volume 25, Issue 5 - Oct 2015
Volume 25, Issue 4 - Aug 2015
Volume 25, Issue 3 - Jun 2015
Volume 25, Issue 2 - Apr 2015
Volume 25, Issue 1 - Feb 2015
Selecting the target year
Optimization of Lightweight Encryption Algorithm (LEA) using Threads and Shared Memory of GPU
Park, Moo Kyu ; Yoon, Ji Won ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 719~726
DOI : 10.13089/JKIISC.2015.25.4.719
As big-data and cloud security technologies become popular, many researchers have recently been conducted on faster and lighter encryption. As a result, National Security Research Institute developed LEA which is lightweight and fast block cipher. To date, there have been various studies on lightweight encryption algorithm (LEA) for speeding up using GPU rather than conventional CPU. However, it is rather difficult to explore any guideline how to manipulate the GPU for the efficient usage of the LEA. Therefore, we introduce a guideline which explains how to implement and design the optimal LEA using GPU.
Power Analysis Attacks on Blinding Countermeasure against Horizontal CPA
Lee, Sangyub ; Kim, Taewon ; Kim, HeeSeok ; Hong, Seokhie ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 727~738
DOI : 10.13089/JKIISC.2015.25.4.727
Until recently, power analysis is one of the most popular research issues among various side channel analyses. Since Differential Power Analysis had been first proposed by Kocher et al., various practical power analyses correspond with software/hardware cryptographic devices have been proposed. In this paper, we analyze vulnerability of countermeasure against power analysis exploiting single power trace of public cryptographic algorithm. In ICICS 2010, Clavier et al. proposed Horizontal Correlation Analysis which can recover secret information from a single exponentiation trace and corresponding countermeasures. "Blind operands in LIM", one of their countermeasures, exploits additive blinding in order to prevent leakage of intermediate value related to secret information. However, this countermeasure has vulnerability of having power leakage that is dependant with the message known by an adversary. In this paper, we analyzed vulnerabilities by three attack scenarios and proved them by practical correlation power analysis experiments.
Analysis on Vulnerability of Masked SEED Algorithm
Kim, TaeWon ; Chang, Nam Su ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 739~747
DOI : 10.13089/JKIISC.2015.25.4.739
Masking technique that is most widely known as countermeasure against power analysis attack prevents leakage for sensitive information during the implementations of cryptography algorithm. it have been studied extensively until now applied on block cipher algorithms. Masking countermeasure have been applied to international standard SEED algorithm. Masked SEED algorithm proposed by Cho et al, not only protects against first order power analysis attacks but also efficient by reducing the execution of Arithmetic to Boolean converting function. In this paper, we analyze the vulnerability of Cho's algorithm against first order power analysis attacks. We targeted additional pre-computation to improve the efficiency in order to recover the random mask value being exploited in first order power analysis attacks. We describe weakness by considering both theoretical and practical aspects and are expecting to apply on every device equipped with cho's algorithm using the proposed attack method.
Implementation of SHA-3 Algorithm Based On ARM-11 Processors
Kang, Myeong-mo ; Lee, Hee-woong ; Hong, Dowon ; Seo, Changho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 749~757
DOI : 10.13089/JKIISC.2015.25.4.749
As the smart era, the use of smart devices is increasing. Smart devices are widely used to provide a human convenience, but there is a risk that information is exposed. The smart devices to prevent this problem includes the encryption algorithm. Among them, The hash function is an encryption algorithm that is used essentially to carry out the algorithm, such as data integrity, authentication, signature. As the issue raised in the collision resistance of SHA-1 has recently been causing a safety problem, and SHA-1 hash function based on the current standard of SHA-2 would also be a problem in the near future safety. Accordingly, NIST selected KECCAK algorithm as SHA-3, it has become necessary to implement this in various environments for this algorithm. In this paper, implementation of KECCAK algorithm. And SHA-2 On The ARM-11 processor, and compare performance.
A Study of Location-based Key Management Using a Grid for Wireless Sensor Networks
Choi, Jaewoo ; Kim, Yonghyun ; Kim, JuYoub ; Kwon, Taekyoung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 759~766
DOI : 10.13089/JKIISC.2015.25.4.759
This paper proposes a location-based key management scheme in wireless sensor networks, and among the existing location-based key management techniques, we focused on the LDK (Location Dependent Key management). In order to improve the problems occurred by communication interference, we introduced the key revision process and the method of key establishment using grid information. According to the simulation of this scheme, it increased connectivity while decreased compromise ratio than those of the previous LDK, futhermore, we confirmed that a hexagon distribution of AN reduces the network cost.
Technique for Indentifying Cyber Crime Using Clue
Kim, Ju Hee ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 767~780
DOI : 10.13089/JKIISC.2015.25.4.767
In recent years, as smart phone penetration rate is growing explosively, new forms of cyber crime data is poured out beyond the limits of management system for cyber crime investigation. These new forms of data are collected and stored in police station but, some of data are not systematically managed. As a result, investigators sometimes miss the hidden data which can be critical for a case. Crime data is usually generated by computer which produces complex and huge data and records many logs automatically, so it is necessary to simplify a collected data and cluster by crime pattern. In this paper, we categorize all kinds of cyber crime and simplify crime database and extract critical clues relative to other cases. Through data mining and network-visualization, we found there is correlation between clues of a case. From this result, we conclude cyber crime data mining helps crime prevention, early blocking and increasing the efficiency of the investigation.
Design and Implementation of Virtual and Invisible Private Disk (VIPDISK) having Secure Storage Device
Quan, Shan Guo ; Kwon, Yong-Gu ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 781~792
DOI : 10.13089/JKIISC.2015.25.4.781
This paper proposes a virtual and invisible private disk (VIPDISK) technology equipped with the secure storage devices. As a software based security technology, it can create hidden partitions on any data storage device which can not be identified by the windows OS, so the program running on it, does not have any evidence of the existence of the hidden storage space. Under inactive state, it maintains an unexposed secure partition which can only be activated with a matching combination of a unique digital key and a user password to open the decryption tool. In addition, VIPDISK can store data to secure storage device with real-time encryption, it is worry-free even in the case of lost or theft. Simulation results show that VIPDISK provides a much higher level of security compared to other existing schemes.
A Study on Supply Chain Risk Management of Automotive
Kim, Dong-won ; Han, Keun-hee ; Jeon, In-seok ; Choi, Jin-yung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 793~805
DOI : 10.13089/JKIISC.2015.25.4.793
Due to the rise of automotive security problems following automotive safety and the progress of the internet technology leading to a hyper-connected society, guaranteeing the safety of automotive requires security plans in the supply chain assurance and automotive software, and risk management plans for identifying, evaluating, and controlling the risks that may occur from the supply chain since the modern automotive is a Safety Critical system. In this paper, we propose a study on Automotive Supply Chain Risk Management (A-SCRM) procedures by person interested within the automotive Life-Cycle.
Scalable P2P Botnet Detection with Threshold Setting in Hadoop Framework
Huseynov, Khalid ; Yoo, Paul D. ; Kim, Kwangjo ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 807~816
DOI : 10.13089/JKIISC.2015.25.4.807
During the last decade most of coordinated security breaches are performed by the means of botnets, which is a large overlay network of compromised computers being controlled by remote botmaster. Due to high volumes of traffic to be analyzed, the challenge is posed by managing tradeoff between system scalability and accuracy. We propose a novel Hadoop-based P2P botnet detection method solving the problem of scalability and having high accuracy. Moreover, our approach is characterized not to require labeled data and applicable to encrypted traffic as well.
Probabilistic K-nearest neighbor classifier for detection of malware in android mobile
Kang, Seungjun ; Yoon, Ji Won ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 817~827
DOI : 10.13089/JKIISC.2015.25.4.817
In this modern society, people are having a close relationship with smartphone. This makes easier for hackers to gain the user's information by installing the malware in the user's smartphone without the user's authority. This kind of action are threats to the user's privacy. The malware characteristics are different to the general applications. It requires the user's authority. In this paper, we proposed a new classification method of user requirements method by each application using the Principle Component Analysis(PCA) and Probabilistic K-Nearest Neighbor(PKNN) methods. The combination of those method outputs the improved result to classify between malware and general applications. By using the K-fold Cross Validation, the measurement precision of PKNN is improved compare to the previous K-Nearest Neighbor(KNN). The classification which difficult to solve by KNN also can be solve by PKNN with optimizing the discovering the parameter k and
. Also the sample that has being use in this experiment is based on the Contagio.
Spyware detection system related to wiretapping based on android power consumption and network traffics
Park, Bum-joon ; Lee, Ook ; Cho, Sung-phil ; Choi, Jung-woon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 829~838
DOI : 10.13089/JKIISC.2015.25.4.829
As the number of smartphone users have increased, many kinds of malwares have emerged. Unlike existing malwares, spyware can be installed normally after user authentication and agreement according to security policy. For this reason, it is not easy to catch spywares involving harmful functionalities to users by using existing malware detection system. Therefore, our paper focuses on study about detecting mainly wiretapping spywares among them by developing a new wiretapping detection model and application. Specifically, this study conducts to find out power consumption on each application and modular and network consumption to detect voice wiretapping so Open Source Project Power Tutor is used to do this. The risk assessment of wiretapping is measured by gathered all power consumption data from Open Source Project Power Tutor. In addition, developed application in our study can detect at-risk wiretapping spyware through collecting and analyzing data. After we install the application to the smartphone, we collect needed data and measure it.
A Efficient Contents Verification Scheme for Distributed Networking/Data Store
Kim, DaeYoub ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 839~847
DOI : 10.13089/JKIISC.2015.25.4.839
To seamlessly provide content through the Internet, it is generally considered to use distributed processing for content requests converged on original content providers like P2P, CDN, and ICN. That is, after other nodes temporally save content, they handle content requests instead of original content providers. However, in this case, it may be possible that a content sender is different from the original provider of the content. In this case, users may be exposed to various risks. To solve such a problem, it is highly recommended to verify received contents before using them, but it can cause network traffic increases as well as a serious service delay. This paper proposes an efficient content verification scheme for distributed networking/data store environments and analyzes its performance.
A study of RMT buyer detection for the collapse of GFG in MMORPG
Kang, Sung Wook ; Lee, Jin ; Lee, Jaehyuk ; Kim, Huy Kang ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 849~861
DOI : 10.13089/JKIISC.2015.25.4.849
As the rise in popularity of online games, the users start exchanging rare items for real money. As RMT (Real Money Trade) is prevalent, GFG (Gold Farming Group) who abuse RMT shows up. GFG causes social problems such as identity theft, privacy leaks. Because they needs many bot characters to gather game items. In addition, GFG induce RMT that makes in-game problems such as a destroying game economy, account hacking. Therefore, It is very important work to collapse GFG at the perspective of social and in-game. In this paper, we proposed a fundamental method for detecting RMT buyers for the collapse of GFG at the perspective of buyer by Law of Demand and Supply. We found two type of RMT by analyzing actual game data and detected RMT buyers with high recall ratio of 98% by ruled-based detection.
An Efficient Kernel Introspection System using a Secure Timer on TrustZone
Kim, Jinmok ; Kim, Donguk ; Park, Jinbum ; Kim, Jihoon ; Kim, Hyoungshick ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 863~872
DOI : 10.13089/JKIISC.2015.25.4.863
Kernel rootkit is recognized as one of the most severe and widespread threats to corrupt the integrity of an operating system. Without an external monitor as a root of trust, it is not easy to detect kernel rootkits which can intercept and modify communications at the interfaces between operating system components. To provide such a monitor isolated from an operating system that can be compromised, most existing solutions are based on external hardware. Unlike those solutions, we develop a kernel introspection system based on the ARM TrustZone technology without incurring extra hardware cost, which can provide a secure memory space in isolation from the rest of the system. We particularly use a secure timer to implement an autonomous switch between secure and non-secure modes. To ensure integrity of reference, this system measured reference from vmlinux which is a kernel original image. In addition, the flexibility of monitoring block size can be configured for efficient kernel introspection system. The experimental results show that a secure kernel introspection system is provided without incurring any significant performance penalty (maximum 6% decrease in execution time compared with the normal operating system).
Scheduler-based Defense Method against Address Translation Redirection Attack (ATRA)
Jang, Daehee ; Jang, Jinsoo ; Kim, Donguk ; Choi, Changho ; Kang, Brent ByungHoon ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 873~880
DOI : 10.13089/JKIISC.2015.25.4.873
Since hardware-based kernel-integrity monitoring systems run in the environments that are isolated from the monitored OS, attackers in the monitored OS cannot undermine the security of monitoring systems. However, because the monitoring is performed by using physical addresses, the hardware-based monitoring systems are vulnerable to Address Translation Redirection Attack (ATRA) that manipulates virtual-to-physical memory translations. To ameliorate this problem, we propose a scheduler-based ATRA detection method. The method detects ATRA during the process scheduling by leveraging the fact that kernel scheduler engages every context switch of processes. We implemented a prototype on Android emulator and TizenTV, and verified that it successfully detected ATRA without incurring any significant performance loss.
A Study on Improving Security Controls in the Electronic Financial Transaction
Lee, Gangshin ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 881~888
DOI : 10.13089/JKIISC.2015.25.4.881
Financial Authorities have added security controls to the Electronic Financial Transaction Act and the Supervisory Regulation according to the recent frequent personal credit information leakages. Accordingly, the security level has been upgraded. But it is necessary to study more security controls to add. This paper deduces 19 security controls over the mean value to be added to the financial area receiving 15 security consultant's help.
Morale enhancing determination model of information security
Kim, Kyongwon ; Lim, Jong In ; Lee, Kyung-Ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 889~903
DOI : 10.13089/JKIISC.2015.25.4.889
As the number of recent information security incident occurrence increases, more and more workload and liability pressure are given to info-security professionals, which results in decrease of morale level of working groups in the field. In order to solve this problem, Korean government is providing various action plans to improve the morale level of info-security professionals, and also requiring financial companies to submit its own action plan of increasing morale of info-security professionals to Financial Service Agency. For this study, based on the previous studies and relevant professionals' interviews, we selected 16 critical morale increase variables, and performed survey for empirical analysis. As a result, 3 features; role, system, and relationship were presented as the main factor of morale increasement of info-security professionals. This study also suggests a decision making method of utilizing the developed morale measurement model for individual organizations.
A Study on Policy for cost estimate of Security Sustainable Service in Information Security Solutions
Jo, Yeon-ho ; Lee, Yong-pil ; Lim, Jong-in ; Lee, Kyoung-ho ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 905~914
DOI : 10.13089/JKIISC.2015.25.4.905
Once information security solution is implemented, it requires many services other than just general user management, such as malicious code analysis and security updated for consistent security against external threats or attacks, analysis of threat and attack, effectivity management of obtained security assurance, and advisory activities of security technical professionals. However, even if information security solutions provide those extra services, they are not properly treated in real market. Thus, for the security sustainable services, this study analyzes the service status of domestic information security, and suggest policy measure of price which could reflected the characteristics of information security solutions.
A study on effects of implementing information security governance by information security committee activities
Kim, Kunwoo ; Kim, Jungduk ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 915~920
DOI : 10.13089/JKIISC.2015.25.4.915
The commitment of top management is still insufficient for information security even the core of information security governance is dependent on the leadership of top management. In this situation, information security committee can be a good way to vitalize the commitment of top management and its activities are essential for implementing information security governance. The purpose of this study is to test that information security committee affects implementing information security governance and security effect. For a empirical analysis, questionnaire survey was conducted and the PLS(Partial Least Square) was used to analyze the measurement and structural model. The study result shows that a hypothesis related value delivery is not accepted and it is required to study various methods about how the information security provides positive value to business.
Quantitative Scoring System on the Importance of Software Vulnerabilities
Ahn, Joonseon ; Chang, Byeong-Mo ; Lee, Eunyoung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 921~932
DOI : 10.13089/JKIISC.2015.25.4.921
We proposed a new scoring system on software vulnerabilities, which calculates quantitatively the severity of software vulnerabilities. The proposed scoring system consists of metrics for vulnerability severity and scoring equations; the metrics are designed to measure the severity of a software vulnerability considering the prevalence of the vulnerability, the risk level of the vulnerability, the domestic market share of the software and the frequency of the software. We applied the proposed scoring system to domestically reported software vulnerabilities, and discussed the effectiveness of the scoring system, comparing it with CVSS and CWSS. We also suggested the prospective utilization areas of the proposed scoring system.
A Study on Improvement of Inspection Items for Activation of the Information Security Pre-inspection
Choi, Ju Young ; Kim, JinHyung ; Park, Jung-Sub ; Park, Choon Sik ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 933~940
DOI : 10.13089/JKIISC.2015.25.4.933
IT environments such as IoT, SNS, BigData, Cloud computing are changing rapidly. These technologies add new technologies to some of existing technologies and increase the complexity of Information System. Accordingly, they require enhancing the security function for new IT services. Information Security Pre-inspection aims to assure stability and reliability for user and supplier of new IT services by proposing development stage which considers security from design phase. Existing 'Information Security Pre-inspection' (22 domains, 74 control items, 129 detail items) consist of 6 stage (Requirements Definition, Design, Training, Implementation, Test, Sustain). Pilot tests were executed for one of IT development companies to verify its effectiveness. Consequently, for some inspection items, some improvement requirements and reconstitution needs appeared. This paper conducts a study on activation of 'Information Security Pre-inspection' which aims to construct prevention system for new information system. As a result, an improved 'Information Security Pre-inspection' is suggested. This has 16 domains, 54 inspection items, 76 detail items which include some improvement requirements and reconstitution needs.
Lee, Sung-hoon ; Kim, Seung-hyun ; Jeong, Eui-yeob ; Choi, Dae-seon ; Jin, Seung-hun ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 941~950
DOI : 10.13089/JKIISC.2015.25.4.941
Telemedicine Security Risk Evaluation Using Attack Tree
Kim, Dong-won ; Han, Keun-hee ; Jeon, In-seok ; Choi, Jin-yung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 951~960
DOI : 10.13089/JKIISC.2015.25.4.951
The smart screening in the medical field as diffusion of smart devices and development of communication technologies is emerging some medical security concerns. Among of them its necessary to taking risk management measures to identify, evaluate and control of the security risks that can occur in Telemedicine because of the Medical information interchanges as Doctor to Doctor (D2D), Doctor to Patient (D2P). This research paper studies and suggests the risk analysis and evaluation methods of risk security that can occur in Telemedicine based on the verified results of Telemedicine system and equipment from the direct site which operating in primary clinics, public health centers and it's branches, etc.
Using the SIEM Software vulnerability detection model proposed
Jeon, In-seok ; Han, Keun-hee ; Kim, Dong-won ; Choi, Jin-yung ;
Journal of the Korea Institute of Information Security and Cryptology, volume 25, issue 4, 2015, Pages 961~974
DOI : 10.13089/JKIISC.2015.25.4.961
With the advancement of SIEM from ESM, it allows deep correlated analysis using huge amount of data. By collecting software's vulnerabilities from assessment with certain classification measures (e.g., CWE), it can improve detection rate effectively, and respond to software's vulnerabilities by analyzing big data. In the phase of monitoring and vulnerability diagnosis Process, it not only detects predefined threats, but also vulnerabilities of software in each resources could promptly be applied by sharing CCE, CPE, CVE and CVSS information. This abstract proposes a model for effective detection and response of software vulnerabilities and describes effective outcomes of the model application.