사물인터넷 환경에서 안전성과 신뢰성 향상을 위한 Dual-IDS 기법에 관한 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2017 디지털산업정보학회논문지 Vol.13 No.1

IoT can be connected through a single network not only objects which can be connected to existing internet but also objects which has communication capability. This IoT environment will be a huge change to the existing communication paradigm. However, the big security problem must be solved in order to develop further IoT. Security mechanisms reflecting these characteristics should be applied because devices participating in the IoT have low processing ability and low power. In addition, devices which perform abnormal behaviors between objects should be also detected. Therefore, in this paper, we proposed D-IDS technique for efficient detection of malicious attack nodes between devices participating in the IoT. The proposed technique performs the central detection and distribution detection to improve the performance of attack detection. The central detection monitors the entire network traffic at the boundary router using SVM technique and detects abnormal behavior. And the distribution detection combines RSSI value and reliability of node and detects Sybil attack node. The performance of attack detection against malicious nodes is improved through the attack detection process. The superiority of the proposed technique can be verified by experiments.

Mobile Ad-hoc Network에서 영역기반 보안 멀티캐스트 기법 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2016 디지털산업정보학회논문지 Vol.12 No.3

MANET is a network composed only mobile network having limited resources and has dynamic topology characteristics. Therefore, every mobile node acts as a route and delivers data by using multi-hop method. In particular, group communication such as multicast is desperately needed because of characteristics such as battery life of limited wireless bandwidth and mobile nodes. However, the multicast technique can have different efficient of data transmission according to configuring method of a virtual topology by the movement of the nodes and the performance of a multicast can be significantly degraded. In this paper, the region based security multicast technique is proposed in order to increase the efficiency of data transmission by maintaining an optimal path and enhance the security features in data transmission. The group management node that manages the state information of the member nodes after the whole network is separated to area for efficient management of multicast member nodes is used. Member node encrypts using member key for secure data transmission and the security features are strengthened by sending the data after encrypted using group key in group management node. The superiority of the proposed technique in this paper was confirmed through experiments.

협력기반 인증 기법을 통한 라우팅 성능 개선에 관한 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2016 디지털산업정보학회논문지 Vol.12 No.1

The main security threats in MANET are integrity and non-repudiation. In the meantime, a lot of secure routing protocols have been designed in order to block these security threats. In this paper, partnership-based authentication technique is proposed in order to provide participation exclusion of network and non-repudiation for the nodes. The proposed technique is a technique that participates in data communication for only the nodes receiving the authentication through the authentication process for the nodes. For this, the proposed technique is largely consists of two steps. The first step is the process that issued the certificate after the reliability for the nodes participating in the network is evaluated. And in the second step, the key exchange agreement with the neighbor nodes is performed and data communication is made after setting security path with responding nodes. The level of security in data transmission is improved because the process of path setting is performed through cooperation with a neighboring nodes having high reliability during the course of these two steps. The superiority of proposed technique in this paper was confirmed through the comparative experiment.

MANET의 멀티캐스트 환경에서 신뢰성 향상을 위한 계층기반 암호 프로토콜 기법 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2017 디지털산업정보학회논문지 Vol.13 No.3

MANET consists of only wireless nodes having limited processing capability. It processes routing and data transmission through cooperation among each other. And it is exposed to many attack threats due to the dynamic topology by movement of nodes and multi-hop communication. Therefore, the reliability of transmitted data between nodes must be improved and security of integrity must be high. In this paper, we propose a method to increase the reliability of transmitted data by providing a secure cryptography protocol. The proposed method used a hierarchical structure to provide smooth cryptographic services. The cluster authentication node issues the cluster authentication key pair and unique key to the nodes. The nodes performs the encryption through two steps of encryption using cluster public key and block encryption using unique key. Because of this, the robustness against data forgery attacks was heightened. The superior performance of the proposed method can be confirmed through comparative experiment with the existing security routing method.

MANET에서 P2P 성능 향상을 위한 위치기반 라우팅 기법에 관한 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2015 디지털산업정보학회논문지 Vol.11 No.2

The technology development of MANET and dissemination of P2P services has been made very widely. In particular, the development of many application services for the integration of P2P services in MANET has been made actively. P2P networks are commonly used because of the advantages of efficient use of network bandwidth and rapid information exchange. In P2P network, the infrastructure managing each node in the middle does not exist and each node is a structure playing a role as the sender and receiver. Such a structure is very similar to the structure of the MANET. However, it is difficult to provide reliable P2P service due to the high mobility of mobile nodes. In this paper, we propose location-based routing technique in order to provide efficient file sharing and management between nodes. GMN managing the group is elected after network is configured to the area of a certain size. Each node is assigned an identifier of 12 bit dynamically to provide routing which uses location information to the identifier. ZGT is managed in the GMN in order to provide management of group nodes and distributed cache information. The distributed cache technique is applied to provide a rapid retrieval of the sharing files in the each node. The excellent performance of the proposed technique was confirmed through experiments.

ZCN과 N2N 인증 기법을 이용한 패킷 전송에 대한 신뢰성 향상에 관한 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2015 디지털산업정보학회논문지 Vol.11 No.4

MANET has various vulnerability in wireless network and is more vulnerable in security because central management is not performed. In particular, routing attack may decrease performance of the overall network because the mobile node acts as a router. In this paper, we proposed authentication technique for improving the reliability of the network by increasing the integrity of the routing control packet and blocking effectively attacks that occur frequently in the inside. The proposed technique is consisted of two authentication methods of ZCN and N2N. ZCN authentication method is to elect CA nodes and monitor the role of the CA nodes. N2N authentication method is for an integrity check on the routing packets between nodes. Index key is determined by combining the hop count value to shared key table issued from CA in order to increase the robustness of the internal attack. Also, the overhead of key distribution was reduced by distributing a shared key to nodes certificated from CA. The excellent performance of the proposed method was confirmed through the comparison experiments.

Mobile Ad Hoc Network에서 분산 모니터링을 이용한 향상된 침입탐지 기법 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2018 디지털산업정보학회논문지 Vol.14 No.1

MANET composed of only wireless nodes is increasingly utilized in various fields. However, it is exposed to many security vulnerabilities because it doesn't have any infrastructure and transmits data by using multi-hop method. Therefore, MANET should be applied the intrusion detection technique that can detect efficiently malicious nodes and decrease impacts of various attacks. In this paper, we propose a distributed intrusion detection technique that can detect the various attacks while improving the efficiency of attack detection and reducing the false positive rate. The proposed technique uses the cluster structure to manage the information in the center and monitor the traffic of their neighbor nodes directly in all nodes. We use three parameters for attack detection. We also applied an efficient authentication technique using only key exchange without the help of CA in order to provide integrity when exchanging information between cluster heads. This makes it possible to free the forgery of information about trust information of the nodes and attack nodes. The superiority of the proposed technique can be confirmed through comparative experiments with existing intrusion detection techniques.

신뢰도와 키를 이용한 보안 라우팅 기법에 관한 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2015 디지털산업정보학회논문지 Vol.11 No.3

MANET is composed of only the mobile nodes have a limited transmission range. The dynamic topology by the frequent movement of nodes makes routing difficult and is also cause exposed to security vulnerabilities. In this paper, we propose the security routing technique consisted of mechanism of two steps in order to respond effectively to attack by the modification of the routing information and transmit secure data. The hierarchical structure is used and the authentication node that issues the key of the nodes within each cluster is elected in this proposed method. The authentication node manages key issues and issued information for encrypting the routing information from the source node. The reliability value for each node is managed to routing trust table in order to secure data transmission. In the first step, the route discovery is performed using this after the routing information is encrypted using the key issued by the authentication node. In the second step, the average reliability value of the node in the found path is calculated. And the safety of the data transmission is improved after the average reliability value selects the highest path. The improved performance of the proposed method in this paper was confirmed through comparative experiments with CBSR and SEER. It was confirmed a better performance in the transmission delay, the amount of the control packet, and the packet transmission success ratio.

MANET에서 보안 경로와 안전한 데이터 전송을 위한 신뢰 기반 라우팅 기법에 관한 연구

양환석,Yang, Hwanseok 디지털산업정보학회 2017 디지털산업정보학회논문지 Vol.13 No.2

Recently, MANET has been used in many fields as the range of applications increases. However, the dynamic topology that MANET has makes it difficult to route and provides the cause of exposure to security vulnerabilities. Therefore, the security features that can be robust to many attacks must have been applied in the routing technique provided in the MANET. In this paper, we propose a secure routing method that secure route is established by reliability evaluation of nodes and secure data communication has applied through key exchange mechanism. The proposed technique used hierarchical structure for efficiency of reliability evaluation of nodes. The reliability of nodes is performed by trust management node and reliability of nodes managed periodically is broadcasted. And the key exchange for secure data transmission is dene without CA as the certificate issuing organization. This allows fast key exchange and the integrity of data transmission improved. The proposed technique improves the security of the data transmission because a secure route to the destination node is established by the reliability evaluation and the data transmission is performed after the key between the source node and the destination node is exchanged through the established route.

LNG선 열전달 해석 및 BOR 평가를 위한 수식화

박희찬(Park HeeChan),양환석(Yang HwanSeok) 대한기계학회 2009 대한기계학회 춘추학술대회 Vol.2009 No.11

LNG carrier is a special-purpose vessel to transport natural gas(NG) from the place of origin to each consuming country. To increase the capacity of carrying LNG carrier, the natural gas is conveyed as a state of liquid called LNG(Liquefied Natural Gas) during a voyage because the total volume of NG is surprisingly reduced when it is cooled down to -162℃. That is why the design of insulation is important to protect LNG from the external heat invasion, and it has been a great challenging subject for several decades in the shipbuilding industry. For this ultimate goal, the Boil-Off Rate (BOR) needs to be accurately estimated during voyage. Therefore, the goal of this study is to propose a numerical method for estimating the BOR of LNG for given insulation containment subject to external temperature conditions during voyage.