Seoul, South Korea
Seoul, South Korea
Time filter
Source Type

Lee S.,Kookmin University | Jeong M.S.,Kookmin University | Jeong H.,KISA | Lee H.J.,KISA | Choi E.Y.,KISA
International Conference on Information Networking | Year: 2012

Due to the sensitivity of the collected data in Ubiquitous Sensor Networks, security becomes the top priority issue for the USNs to be widely deployed. To enhance the security, various key management schemes have been proposed so that the messages among the sensor nodes can be encrypted. Especially, the Polynomial based key management scheme is famous because it guarantees to establish a secure session key between two sensor nodes if the number of nodes in the system is below a threshold. In this paper, we extend the polynomial based key management scheme so that the secure transmission can be achieved in a large network. Basically, we partition the sensor nodes into multiple groups in such a way that the number of nodes in a group is less than the threshold, which guarantees secure session key establishment inside each group. We also propose to exploit structural properties such as the topology and location of the sensor networks to secure the inter-group communications. Furthermore, we introduce a session key computation scheme called Enhanced Direct Key Establishment Option to enhance the robustness against node compromise attacks. Through extensive simulations, we show that the proposed scheme can reduce the number of the compromised links by 10-30% against the node compromise attacks. © 2012 IEEE.

SEONGNAM, South Korea--(BUSINESS WIRE)--Lotte Card, one of the biggest card companies in Korea, adopted a biometric-based authentication system service in its payment app jointly with Blocko Inc., a blockchain startup. Financial organizations in Korea, including banks, Korea Exchange and card companies, are actively adopting blockchain technology, but this is the first case in Korea that commercialized blockchain technology combined with biometric-based authentication system. As the provider of Coinstack, a blockchain-based development platform, Blocko is a blockchain startup that has the largest number of references in providing blockchain technology in Korea, including Korea Exchange, JB Bank, KISA and Paygate. Recognized for its excellent technology, Blocko raised a Series A round funding of $1.3 million from Samsung Venture Investment Corporation in July 2016. “Korea is one of countries that are most actively adopting blockchain technology. The blockchain technology is expected to be widely adopted by Internet of Things (IoT) industry, healthcare industry and electronic government segment as well as financial industry next year. Coinstack will make significant contribution to applying enterprise level blockchain technology to various industry segments,” said Won-Beom Kim, Chief Executive Officer of Blocko Inc. Coinstack technology is constantly being upgraded to help developers easily implement blockchain service. They recently developed Smart Contracts engine, which is compatible with Smart Contract of Ethereum, and it is provided in Lua and Java languages so that it can be easily adopted in the IoT industry. In addition, it acquired the ‘Good Software Certification’, an authoritative software certificate in Korea, the first of its kind in blockchain software industry. Good Software Certification is an official seal of approval for software quality in Korea, based on international standards such as ISO/IEC 9126, 25041, and 25051. It is an unprecedented development for blockchain software industry, paving a way into government and civil adoption of the technology. Coinstack is provided in two types, Cloud and On-premise, and it offers private blockchain as well as bitcoin blockchain. Coinstack SDKs and APIs of Blocko are available on its website ( for individual developers free of charge.

Kim K.,Inha University | Yie I.,Inha University | Lim S.,Ewha Womans University | Park H.,KISA
Informatica | Year: 2011

Batch cryptography has been developed into two main branches-batch verification and batch identification. Batch verification is a method to determine whether a set of signatures contains invalid signatures, and batch identification is a method to find bad signatures if a set of signatures contains invalid signatures. Recently, some significant developments appeared in such field, especially by Lee et al., Ferrara et al. and Law et al., respectively. In this paper, we address some weakness of Lee et al.'s earlier work, and propose an identification method in an RSA-type signature. Our method is more efficient than the well known divide and conquer method for the signature scheme. We conclude this paper by providing a method to choose optimal divide and conquer verifiers. © 2011 Vilnius University.

Ji J.D.,KISA | Jung S.W.,Mokpo National University | Lim J.,Korea University
IEICE Transactions on Information and Systems | Year: 2012

In this paper, we propose efficient sequential AES CCM architecture for the IEEE 802.16e. In the proposed architecture, only one AES encryption core is used and the operation of the CTR and the CBC-MAC is processed concurrently within one round. With this design approach, we can design sequential AES CCM architecture having 570 Mbps@102.4MHz throughput and 1,397 slices at a Spartan3 3s5000 device. Copyright © 2012 The Institute of Electronics, Information and Communication Engineers.

Kim H.-G.,KISA | Kim D.-J.,Dankook University | Cho S.-J.,Dankook University | Park M.,Incheon National University | Park M.,Konkuk University
Proceedings of the 2011 ACM Research in Applied Computation Symposium, RACS 2011 | Year: 2011

Drive-by-download attacks are client-side attacks that originate from web servers that are visited by web browsers. While many web browsers are vulnerable to the drive-by-download attacks, the cost of detecting malicious web pages that launch drive-by-download attacks is expensive. High-interaction client honeypots are security devices capable of detecting malicious web pages; however, their slow and expensive operations in web page visiting have been considered as a problem. The high-interaction client honeypots employ a visitation algorithm to pinpoint which page has made an unauthorized change of system state when any unauthorized change of the system state occurred after visiting suspicious web pages. To improve the performance of the high-interaction client honeypots, we propose a new visitation algorithm, logarithmic divide-and-conquer (LDAC), for identifying malicious web pages. The LDAC algorithm is an enhanced version of the existing binary divide-and-conquer (BDAC) algorithm. If any system state is abnormally changed after having visited k suspicious web pages concurrently, our LDAC algorithm divides the buffer of k pages into [log 2k] pieces and recursively visits the pieces until the malicious page or pages are identified, while the BDAC splits the buffer into k/2 portions. Experimental results show that the LDAC has improved performance of the system up to 15 percent compared to the BDAC algorithm. © 2011 ACM.

Lee T.,KISA | Cho H.,KISA | Park H.,KISA | Kwak J.,Ajou University
International Journal of Distributed Sensor Networks | Year: 2015

Cyber incidents are increasing continuously. More than 200,000 new malicious codes appear, with more than 30,000 malicious codes distributed each day on average. These cyber attacks are expanding gradually to the social infrastructure (nuclear energy, power, water, etc.) and smart sensor networks. This paper proposes a method of detecting malware propagation in sensor Node and botnet clustering automatically by analyzing e-mails. More than 80% of spam e-mails are generated by the Node infected with malicious code, using various methods to avoid filtering such as direct-to-MX, fake Received header, and open relay vulnerability. This paper proposes a scheme that detects those types accurately, including a clustering method that targets the URL included in the e-mail body, e-mail subject, attached file, and hosting server, to detect the botnet group infected with the same malicious code. The proposed method recorded about 85% zombie IP detection rate when spam e-mails distributed in a commercial environment were analyzed. When applied to the portal site that delivers 10 million e-mails, the proposed technology is expected to detect at least 150,000 zombie Nodes each day. If advanced measures are taken against the detected zombie Nodes, the spread of cyber attack damages can apparently be reduced. © 2015 Taejin Lee et al.

Loading KISA collaborators
Loading KISA collaborators