Visible to the public Biblio

Filters: Author is Yim, Kangbin  [Clear All Filters]
2019-03-22
Lee, Kyungroul, Son, Byeong-Geun, Lee, Sun-Young, Yim, Kangbin.  2018.  Vulnerability Analysis of Secure USB: Based on the Fingerprint Authentication of Product B. Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems. :167-169.
In order to improve the security of data stored in the USB memory, a secure USB has appeared on the consumer market. The secure USB protects data stored into the device by user authentication, data encryption, and access control. However, in several products, there is a problem in that the data can be stolen due to authentication bypass or key exposure. To solve this problem, a method for enhancing user authentication has been studied, and product B, which typically provides user authentication with biometric authentication, has emerged. In this paper, we analyze the vulnerability of product B that provides a biometric authentication, and we verified the possibility of bypassing the authentication and the incident of potential stealing of the data. Consequently, we consider that it will be possible to develop a more secure USB product based on counteracting analyzed vulnerability as described in this paper.
2017-04-20
Lee, Kyungroul, Yeuk, Hyeungjun, Yim, Kangbin, Kim, Suhyun.  2016.  Analysis on Manipulation of the MAC Address and Consequent Security Threats. Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats. :113–117.

In this paper, we analyze manipulation methods of the MAC address and consequent security threats. The Ethernet MAC address is known to be unchanged, and so is highly considered as platform-unique information. For this reason, various services are researched using the MAC address. These kinds of services are organized with MAC address as plat- form identifier or a password, and such a diverse range of security threats are caused when the MAC address is manipulated. Therefore, here we research on manipulation methods for MAC address at different levels on a computing platform and highlight the security threats resulted from modification of the MAC address. In this paper, we introduce manipulation methods on the original MAC address stored in the EEPROM on NIC (Network Interface Card) as hardware- based MAC spoofing attack, which are unknown to be general approaches. This means that the related services should struggle to detect the falsification and the results of this paper have deep significance in most MAC address-based services.