Abstract: Disclosed herein are an apparatus and method for calculating a multiplicative inverse. The apparatus for calculating a multiplicative inverse includes a data input unit for receiving input data, a multiplicative inverse calculation unit for dividing an input degree-8 finite field corresponding to the input data into two first degree-4 finite fields so as to perform Advanced Encryption Standard (AES) encryption on the input data, and for performing a multiplicative inverse calculation on the first degree-4 finite fields in consideration of a circuit depth value (T-Depth) and qubit consumption of quantum gates in a quantum circuit, and a data output unit for outputting result data obtained by performing the multiplicative inverse calculation.

Abstract: A method for detecting anomalies in a controller area network of a vehicle and an apparatus for the same. The method for detecting anomalies in a Controller Area Network (CAN) of a vehicle includes monitoring the controller area network of the vehicle and generating sequence trees for respective multiple sub-networks included in the controller area network at a time at which monitoring is performed, comparing at least one normal sequence tree, generated in accordance with the controller area network when a status of the vehicle is normal, with the generated sequence trees, and calculating differences between traffic proportions for respective nodes based on a result of the comparison between the sequence trees, and detecting an anomaly in the vehicle in consideration of the differences.

Abstract: Disclosed herein are an intrusion response apparatus and method for a vehicle network. The intrusion response method for a vehicle network is performed by an intrusion response apparatus for the vehicle network, and includes receiving attack detection information about an intrusive attack on the vehicle network from an intrusion detection system, selecting at least one target electronic control unit that is to be instructed to respond to the intrusive attack from among multiple electronic control units, and sending a response instruction message to the at least one target electronic control unit so that the target electronic control unit responds to the intrusive attack.

Abstract: Disclosed herein is an onboard cybersecurity diagnostic system for a vehicle, which may include at least one In-Vehicle Network (IVN) security diagnostic sensor configured to detect and diagnose an Electronic Control Unit (ECU) attack command on a communication bus; at least one ECU configured to control an actuator based on sensor data collected from a sensor, autonomously diagnose the integrity of ECU electronic control software, and diagnose the integrity of ECU electronic control data by combining the sensor data with a security diagnostic packet received from the at least one IVN security diagnostic sensor; and a cyber dashboard configured to display a security problem in the event of the security problem in the integrity of the ECU electronic control software or the ECU electronic control data.

Abstract: Disclosed is a vehicle network access control method and infotainment apparatus thereof. According to one aspect of the present disclosure, a vehicle network access control method comprises: checking an access subject on the basis of at least one among an ID of the terminal device, an application ID, and a user ID of the infotainment apparatus; determining an access right on the basis of at least one among the access subject, state information of the terminal device, and vehicle state information; and controlling vehicle network access of the infotainment apparatus according to the determined access right, wherein the access right comprises at least one among access permission, access denial, and access permission within a preset time.

Abstract: A vessel location validation method and apparatus are provided. The vessel location validation method includes receiving a wireless signal from a vessel, acquiring location information of the vessel from the received wireless signal, and determining whether the acquired location information is valid based on the acquired location information and a signal strength of the received wireless signal.

Abstract: Disclosed herein are a health device, a gateway device, and a method for securing a protocol using the health device and the gateway device. The method includes performing, by the health device and the gateway device, authentication and key exchange based on security session information; sending, by any one of the health device and the gateway device, an application message protected based on the security session information; and receiving, by a remaining one of the health device and the gateway device, the protected application message.

Abstract: A vessel location validation method and apparatus are provided. The vessel location validation method includes receiving a wireless signal from a vessel, acquiring location information of the vessel from the received wireless signal, and determining whether the acquired location information is valid based on the acquired location information and a signal strength of the received wireless signal.

Abstract: An apparatus and method for collecting the radio frequency (RF) feature of a wireless device in a wireless communication apparatus are disclosed herein. The RF feature extraction unit adds a tag having a unique value to a received radio signal, and extracts RF feature information from the radio signal. The MAC information extraction unit extracts the source MAC address and tag information of a MAC protocol frame from the received radio signal, and then removes the added tag. The tag comparison unit selects an source MAC address and RF feature information, when the tags have the same value, from the RF feature information and tag information from the RF feature extraction unit and the source MAC address and tag information from the MAC information extraction unit. The RF feature storage unit stores the selected source MAC address and RF feature information.

Abstract: An apparatus and a method for identifying a rogue device having a media access control (MAC) address counterfeited/forged when a wireless intrusion prevention system controls an access to an access point (AP) and a wireless terminal which are not applied are disclosed. The apparatus includes: a sensor unit configured to collect MAC addresses, RSSI values, and RF feature values based on RF signals of wireless terminals; an RF feature database configured to store the collected MAC addresses, RSSI values, and RF feature values; and a terminal identification unit configured to identify whether a MAC of any one of the wireless terminals is forged by comparing information of the RF feature database with the RSSI value and the RF feature value of any one of the wireless terminals according to a MAC verification request of any one of the wireless terminals from the sensor unit.

Abstract: Disclosed are a method for providing a security service for a wireless device and an apparatus thereof. The method includes obtaining a wireless fingerprint of a wireless device, determining a wireless device type corresponding to the obtained wireless fingerprint by referring to a first database, determining a security policy corresponding to the determined wireless device type by referring to a second database, and applying the determined security policy to a service for the wireless device, so that the wireless device is provided with a tight security service.

Abstract: An apparatus and method for collecting the radio frequency (RF) feature of a wireless device in a wireless communication apparatus are disclosed herein. The RF feature extraction unit adds a tag having a unique value to a received radio signal, and extracts RF feature information from the radio signal. The MAC information extraction unit extracts the source MAC address and tag information of a MAC protocol frame from the received radio signal, and then removes the added tag. The tag comparison unit selects an source MAC address and RF feature information, when the tags have the same value, from the RF feature information and tag information from the RF feature extraction unit and the source MAC address and tag information from the MAC information extraction unit. The RF feature storage unit stores the selected source MAC address and RF feature information.

Abstract: Disclosed herein is an apparatus for analyzing the vulnerability of a wireless local area network (LAN). The apparatus includes a collection unit, an analysis unit, and an attack unit. The collection unit collects packets transmitted and received in a wireless LAN service. The analysis unit analyzes the state of a network using the collected packets. The attack unit makes a wireless attack against an attack target using the state of the network, and controls the mode switching of a device driver based on an operating mode.

Abstract: An apparatus and a method for identifying a rogue device having a media access control (MAC) address counterfeited/forged when a wireless intrusion prevention system controls an access to an access point (AP) and a wireless terminal which are not applied are disclosed. The apparatus includes: a sensor unit configured to collect MAC addresses, RSSI values, and RF feature values based on RF signals of wireless terminals; an RF feature database configured to store the collected MAC addresses, RSSI values, and RF feature values; and a terminal identification unit configured to identify whether a MAC of any one of the wireless terminals is forged by comparing information of the RF feature database with the RSSI value and the RF feature value of any one of the wireless terminals according to a MAC verification request of any one of the wireless terminals from the sensor unit.

Abstract: A WLAN terminal positioning apparatus includes a directional antenna module including a directional antenna, a first motor, and a second motor wherein the second motor is combined with a shaft of the first motor and the directional antenna is combined with a shaft of the second motor such that the directional antenna has a hemispherical search range, where an angle of the maximum signal strength of the signal received by the directional antenna from the WLAN terminal is measured while the first motor or the second motor is rotated, and an estimated physical position of the WLAN terminal is calculated using a directional direction of the directional antenna.

Abstract: Disclosed herein is an apparatus for analyzing the vulnerability of a wireless local area network (LAN). The apparatus includes a collection unit, an analysis unit, and an attack unit. The collection unit collects packets transmitted and received in a wireless LAN service. The analysis unit analyzes the state of a network using the collected packets. The attack unit makes a wireless attack against an attack target using the state of the network, and controls the mode switching of a device driver based on an operating mode.

Abstract: A method including: detecting an unauthorized soft rogue AP; collecting information about the detected soft rogue AP, information about one or more access terminals connected to the detected soft rogue AP, and information about one or more candidate attack terminals that are not connected to the detected soft rogue AP, and storing the collected information; receiving frames related to the information about the stored soft rogue AP, and analyzing similarities between communication patterns of the access terminals and communication patterns of the candidate attack terminals based on the received frames; and tracking out an attack terminal driving the unauthorized soft rogue AP based on the results of the analysis on the similarities between the communication patterns of the access terminals and the communication patterns of the candidate attack terminals. Accordingly, it is possible to effectively block the soft rogue AP.

Abstract: Disclosed is a dongle device for wireless intrusion prevention, which can provide a wireless intrusion prevention service to a wireless access point in a wireless local area communication network. A dongle device for wireless intrusion prevention including an interface unit connected to an access point and configured to receive a data frame from the access point, a control unit configured to determine a security threat on the basis of the received data frame and generate prevention information if there is the security threat according to the determination result, and a storage unit configured to store information for security threat determination can make an existing wireless access point a wireless access point that can provide wireless intrusion prevention.

Abstract: Disclosed herein is a method of verifying key validity and a server for performing the method. The method is configured such that a service provision server verifies key validity in an anonymous service for providing local linkability. The service provision server receives a revocation list. A local revocation list is generated using the received revocation list and a secret key. A virtual index of a service user required to verify key validity is calculated. Whether a key of the service user is valid is verified, based on whether the virtual index is included in the local revocation list.

Abstract: The present invention relates to a content protection apparatus and method using binding of additional information to an encryption key. The content protection apparatus includes an encryption unit for creating an encryption key required to encrypt data requested by a user terminal and then generating encrypted data in which the data is encrypted. An additional information management unit manages additional information including authority information about the encrypted data. A White-Box Cryptography (WBC) processing unit generates a WBC table required to bind the encryption key corresponding to the encrypted data to the additional information. A bound data generation unit generates bound data in which the encrypted key is bound to the additional information, using a cipher included in the WBC table.