한국통신학회논문지 (The Journal of Korean Institute of Communications and Information Sciences)

  • 제33권8B호
  • /
  • Pages.727-734
  • /
  • 2008
  • /
  • 1226-4717(pISSN)
  • /
  • 2287-3880(eISSN)
한국통신학회 (The Korean Institute of Commucations and Information Sciences)
권호 표지

인바운드 네트워크의 성능 및 보안성 향상에 관한 연구

Study of the Enhancement Performance and Security of Inbound Network

  • 전정훈 (동덕여자대학교 정보학부 컴퓨터)
  • 발행 : 2008.08.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

오늘날 네트워크 규모가 확대되고, 다양한 서비스가 개발됨과 동시에 공격기법들 또한 함께 진화하고 있다. 이러한 공격기술들에 대해 다양한 보안시스템들을 적용하고 있으며, 이들 보안시스템 중, 아웃바운드(Outbound) 네트워크 공격에 효과적으로 대응하기 위한 방화벽의 사용은 네트워크 보호에 필수적이다. 하지만 이러한 전형적인 방화벽(Conventional Firewall)은 오히려 인바운드(Inbound) 네트워크의 성능 및 보안성 저하에 직접적인 영향을 미치고 있으며, 내부 공격에 효과적이지 못하다. 따가서 본 논문에서는 인바운드 네트워크의 성능 및 보안성을 향상시키기 위해 보안대상에 따른 "기능성벽화벽(Functional Firewall)"을 제안하고자 한다.

Recently, Network technology evolve out of expansion a scale of Network and development various Service. also Hacking skill. We have applied to various Security Systems to make a counterattack on this hacking skill. and A Firewall among these security systems is very effective a defense against in the Outbound Network attack. so we need certainly a Firewall to protect a network. But this Conventional Firewall has an directly effect on reduction to the Performance and Security of Inbound Network. and have no effect on a Inner Network Attacking. In this paper, I propose to a "Functional Firewall" as a Secure Objects for the enhancement Performance and Security of Inbound Network.

키워드

참고문헌

  1. Chris Kostick, Matt Mancuso "Firewall Performance Analysis Report" 10 August 1995
  2. James Harris and Americo J. Melara, Hugh Smith and Phillip Nico, California Polytechnic State University "Performance analysis of the Linux firewall in a host" June 12, 2002
  3. Evaluating Application-aware Firewall Performance "Evaluating Application-aware Firewall Performance" 2004 www.agilent.com/comms
  4. Yuan-ni Guo 1, Ren-fa Li Computer and Communication Department Hunan University, Changsha, China,410082 "Design and Performance of firewall system Based on Embedded Computing"
  5. Seung-Hwa Chung Pohang, Korea Division of Electrical and Computer Engineering "Analysis of Bursty Packet Loss Characteristics on Underutilized Links" December 21, 2005
  6. Michael R. Lyu and Lorrien K. Y. Lau Department of Computer Science and Engineering The Chinese University of Hong Kong, Shatin, HK "Firewall Security: Policies, Testing and Performance Evaluation
  7. Kumrye Park, Sungyong Park, Ohyoung Kwon, and Hyoungwoo Park Dept. of Computer Science, Sogang University, Seoul, Korea "Private-IP-enabled MPI over Grid Environments
  8. HAYASHI yu-ichi University of Aizu, Graduation Thesis. "NAT Router Performance Evaluation" Mar, 2002
  9. Matthias Muller, Matthias Hess, Edgar Gabriel High Performance Computing Center Stuttgart (HLRS), Stuttgart, Germany, Innovative Computing Laboratory, Computer Science Department, University of Tennessee, Knoxville, TN, USA "Grid enabled MPI solutions for Clusters"
  10. Jiejun Kong, Shirshanka Das, Edward Tsai, Mario Gerla Computer Science Department University of California, Los Angeles, CA 90095 "A Decentralized and Localized Access Control System for Mobile Wireless Access to Secured Domains"
  11. Siyoul Choi1, Kumrye Park, Saeyoung Han, Sungyong Park, Ohyoung Kwon, Yoonhee Kim, and Hyoungwoo Park Dept. of Computer Science, Sogang University, Seoul, Korea "An NAT-Based Communication Relay Scheme for Private-IP-Enabled MPI over Grid Environments"
  12. 한국정보보호 진흥원 "2006년 국내 정보보호산업 통계조사" p.25, 32
  13. 이영석 "방화벽이 존재하는 캠퍼스 망에서의 P2P 트래픽 측정 및 분석", 한국통신학회논문지, Vol.30 pp.750-757, 2005
  14. 이현창, 이종언 "백도어형 사설망의 작업효율 개 선에 관한 연구", 한국통신학회논문지, Vol.31 pp.199-206 2005