• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.1
• /
• pp.23-34
• /
• 2022

With the development of network technology, the application area has also been diversified, and protocols for various purposes have been developed and the amount of traffic has exploded. Therefore, it is difficult for the network administrator to meet the stability and security standards of the network with the existing traditional switching and routing methods. Software Defined Networking (SDN) is a new networking paradigm proposed to solve this problem. SDN enables efficient network management by programming network operations. This has the advantage that network administrators can flexibly respond to various types of attacks. In this paper, we design a threat level management module, an attack detection module, a packet statistics module, and a flow rule generator that collects attack information through the controller and switch, which are components of SDN, and detects attacks based on these attributes of SDN. It proposes a method to block denial of service attacks (DoS) of advanced attackers by programming and applying honeypot. In the proposed system, the attack packet can be quickly delivered to the honeypot according to the modifiable flow rule, and the honeypot that received the attack packets analyzed the intelligent attack pattern based on this. According to the analysis results, the attack detection module and the threat level management module are adjusted to respond to intelligent attacks. The performance and feasibility of the proposed system was shown by actually implementing the proposed system, performing intelligent attacks with various attack patterns and attack levels, and checking the attack detection rate compared to the existing system.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.4 s.304
• /
• pp.17-24
• /
• 2005

The existing passive networks have the only data-storing and transmission functions. On the other hand, the active network which can do operation jobs on the transmitting packets was introduced at 1990's. However, the advantages of activating processing are obviously more complex than traditional networks and raise considerable security issues. In this paper, we propose the safer structure in Active Networks that is based on the discrete approach which resolves the weak point of the Active Network. The proposed system provides the node management and user management in the Active Networks, and improves the security of Packet transmission with packet cryptography and the session.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06a
• /
• pp.63-65
• /
• 2012

프린터 비즈니스 사업자가 고객의 프린팅 디바이스를 대행 관리하는 형태의 비즈니스인 MPS (Managed Printing Service)는 최근 프린팅 산업의 대표적인 B2B향 비즈니스이다. MPS 서비스 사업자는 대규모 고객 환경의 프린팅 디바이스에 대한 통합 관리(장애 관리, 소모품 관리, 사용량 관리 등)를 제공하며, 이를 통하여 고객사는 프린터 장비에 대한 구매 및 관리의 부담을 없애고 사용량에 기반한 과금액을 MPS 사업자에게 지불하는 형태의 비즈니스가 이루어진다. MPS 서비스에서의 정확한 사용량 취합은 가장 핵심 기능에 해당되며, 또한 이와 함께 사용자 별 허용된 사용(출력) 제한량 쿼터를 설정함으로써 전체 프린팅 코스트를 절감하기 위한 기능 및 사용자 별 사용량을 취합하여 과금하는 기능의 정확도 향상은 MPS 비즈니스의 매우 중요한 고객 요구사항이다. 이에 본 프로젝트는 P2P 기반의 네트워크 구성을 통하여 기존에 구현되어 있는 프린터 사용자 쿼터 제한 기능을 개선할 수 있는 방법을 제안하고자 한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.253-256
• /
• 2003

현재 IETF RFC 3414에서 제안한 SNMP 메시지 인증 및 기밀성 서비스용 키 분배방식은 관리자의 패스워드를 기반으로 국지 키를 생성하는 알고리즘을 사용한다. 이는 관리자의 패스워드 노출 방지를 위해 관리자가 지리적으로 분산된 SNMP 관리객체 (Managed Agent)를 순회하면서 설치해야 한다는 문제점과 또한 관리객체에 SNMP 메시지를 전송되는 시점에서 국지 키가 계산되어 SNMP 메시지의 전송지연 문제점을 내포하고 있다. 본 논문에서는 누구나 관리객체 설치가 가능하고 SNMP 메시지 전송지연을 제거할 수 있도록 SNMPv3 USM에 Diffie-Hellman 키 분배 방식을 적용하는 방안을 제안하였다. 제안된 방식은 RFC 3414와 동일한 수준에서 SNMP 메시지 인증 및 기밀성 서비스를 제공한다.

• The Journal of the Korea Contents Association
• /
• v.7 no.2
• /
• pp.170-179
• /
• 2007

The present study purposed to establish a network for building an efficient disaster response system and for this purpose, we compared cases of disaster response in Japan and Korea. In Japan, disasters are responded jointly through the network of the central government, local self governing bodies and non governmental organizations. In Korea, however, the cooperative network among different areas is weak and this is aggravating damages caused by disasters. That is, in Korea, disaster response services have been mainly carried out by the public sector. The public sector can operate a powerful disaster management system using its extensive management resources, compelling power, and legal authorities. However, it was found that, due to the characteristics of contemporary society, efforts by the public sector including the central government and the local self government bodies have limitations in managing disasters effectively. Thus, for efficient disaster response in Korea, it is urgently required to establish a national disaster response network as well as a private sector cooperation system and to induce NGOs to participate in the disaster response system through institutional devices.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.71-80
• /
• 2006

Sensor network is made from very small and restrictive-power nodes, and they collect some information of environment like as thermal and tremor, etc. And they transfer the information to each other. Generally, supporting the Security service of sensor network is a difficult work, because the nodes have very small cpu-power and low electronic-power. So, More effective management scheme will needed for the maintenance of stability. In this paper, we propose the location based management scheme with circular coordinates. We were make the with the relative location information from one node to other. The new scheme show more simple and effective result then the other method for key management.

• The KIPS Transactions:PartC
• /
• v.19C no.2
• /
• pp.127-134
• /
• 2012

In this paper, we propose a mobility management scheme which has a simple IP emulation method based on virtual interface. This scheme supports prevention of service abortion resulting from RAT (Radio Access Technology) interface switching during vertical handover and provides mobility management convenience according to maintenance of consistency in simple IP mobility management scheme of 3rd generation mobile network. Through the empirical experiments of proposed method, we check out the improvement of handover performance of the proposed scheme based on vertical handover latency comparing with a non-virtual interface system.

• Journal of the Korean Society for information Management
• /
• v.21 no.2
• /
• pp.107-126
• /
• 2004

With the development of information technology and digitalization in these days, information network of library has been accomplished rapidly. The use and concern on Multimedia contents are increasing in the digital library based on information network. In this study I examined the definition of Multimedia contents and analysed the contents services and contents management for the use of Multimedia contents in digital library. As a result. the effect of information technology is important for changing of information environment. Moreover, the multimedia which are resources whose information demand of the user is various contents with it is changing the possibility of knowing it was with application.

• Annual Conference of KIPS
• /
• 2010.04a
• /
• pp.702-705
• /
• 2010

요즘 현대인들의 최우선 관심사라고도 할 수 있는 '웰빙(Well-Being)'과 다가올 '고령사회'를 대비하여 유무선 네트워킹 기술을 활용하여 "언제 어디서나" 이용 가능한 건강관리 및 의료서비스가 필요하다. u-Healthcare 시스템을 이용하여 개인의 건강상태를 실시간으로 모니터링하고 치료나 관리가 필요한 적절한 시점에 자동으로 조치를 취하기 때문에 개인은 최상의 건강상태를 유지할 수 있고 편리한 한방 의료서비스를 제공받을 수 있다. 본 논문에서는 심전도(ECG), 혈압, 맥박 등의 생체신호 측정센서를 이용한 센서네트워크 기반 u-Healthcare 시스템을 설계하고 구현하였다. 센서노드에서 게이트웨이를 경유한 생체신호는 healthcare센터로 전송되며, 질환별 건강관리 표준 프로그램을 통하여 생체신호를 분석하고 예측된 병증에 관련된 운동요법, 식이요법, 한방요법 등의 정보를 환자에게 피드백하여 건강관리를 할 수 있게 하였다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.6 no.4
• /
• pp.430-440
• /
• 2000

To support Integrated Services in the Internet, the Internet Engineering Task Force(IETF) has developed new mechanisms. These new mechanisms include Resource Reservation Protocol(RSVP) and Integrated Services model. RSVP and Integrated Services are independent of the underlying link layer technologies and it is necessary to define the mapping of RSVP and Integrated Services specifications onto specific link layer technologies. IETF proposed a Subnet Bandwidth Manager(SBM) providing a method for mapping RSVP onto IEEE802 style networks. However, the SBM has several constraints and problems. For solving these constraints and problems, we design and implement a new Ethernet Bandwidth Manager(EBM). This paper discusses (1) new bandwidth management mechanism independent of RSVP, (2) simulation of Ethernet bandwidth to analyze the characteristics of Ethernet and accomplish Ethernet bandwidth management, (3) design and implemetation of EBM that allows Controlled-Load Service, and (4) results of our experiments on EBM.