• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.292-294
• /
• 2004

본 논문에서는 룰 기반의 침입탐지 시스템을 위한 새로운 룰 보호기법을 제안한다. 오랫동안, 룰 기반의 침입탐지 시스템에서는 침입탐지 시스템의 룰 자체에 대한 보호기법은 고려하지 않았다. 최근에 손등 ［1］은 Snort를 기반으로 하는 룰 보호기법을 제시하였다. 이 기법에서는 룰의 헤더정보에 대한 보호기법은 제시하지만 패킷의 내용(Contents) 부분에 대한 보호기법은 제시하지 못했다. 이러한 문제를 해결하기 위해서 본 논문에서는 Snort 뿐만 아니라 모든 룰 기반의 침입탐지 시스템에서 룰을 보호할 수 있는 새로운 룰 보호기법을 제시한다.

• Journal of Korea Society of Industrial Information Systems
• /
• v.8 no.4
• /
• pp.8-16
• /
• 2003

This paper moses a method to solve the weakness in Snort, the network based intrusion detection system. Snort which is the rule-based intrusion detection system dose not supports a protection method for their own rules which are signatures to detect intrusions. Therefore the purpose of this paper is to provide a scheme for protecting rules. The system with the proposed scheme could support integrity and confidentiality to the rules.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.895-897
• /
• 2003

본 논문에서는 기존의 네트워크 기반의 침입탐지 시스템에 존재하는 취약성을 해결하기 위한 방법을 제안한다. 현재 대부분의 룰 기반의 침입탐지 시스템에서는 룰 자체를 보호하기 위한 방법을 제공하지 못한다. 이러한 문제를 해결하기 위해서 본 논문에서는 해쉬함수를 이용하여 룰 자체에 대한 보호를 제공할 수 있는 기법을 Snort를 기반으로 제안한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.898-900
• /
• 2003

본 논문에서는 기존의 네트워크 기반의 침입탐지 시스템에 존재하는 취약성을 해결하기 위한 방법을 제안한다. 현재 대부분의 룰 기반의 침입탐지 시스템에서는 룰 자체를 보호하기 위한 방법을 제공하지 못한다. 이러한 문제를 해결하기 위해서 본 논문에서는 해쉬함수를 이용하여 룰 자체에 대한 보호를 제공할 수 있는 기법을 Snort를 기반으로 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.3-13
• /
• 2004

Kvarnstrom et al. ${in}^{[10]}$ proposed a rule protection scheme by using one-way hash function to protect rules in security systems over ubiquitous environment. Son et at. ${in}^{[5-6]}$ also prooposed a rule protection scheme for Snort, which is one of the most common IDS. These schemes provide security only for the header information but not for its contents. To solve this problem, this paper presents a scheme based on the symmetric cryptosystem over Snort not only for the header information but also contents. This paper uses the key management based on PCMCIA security module proposed ${by}^{[12]}$ for the symmetric cryptosystem. Our scheme could be adjusted to other security systems, which use the rule based detection.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.283-285
• /
• 2001

DRM(Digital Right Management)은 다양한 채널을 통해 유통되는 디지털 콘텐츠를 불법 사용으로부터 보호하고, 컨텐츠 소유자가 정한 사용 규칙이 지속적(persistent)으로 관리 되도록 하는 기술이다. DRM 서비스의 각 기능을 컴포넌트화 시켜서 재사용성을 강화시키고, 기존 DRM 시스템의 서비스의 문제점을 해결하기 위해서 선(Sun)의 엔터프라이즈자바빈(Enterprise JavaBeans, EJB) 어플리케이션 프레인 워크 상에서 DRM을 구현하였다. DRM 시스템의 가동에 있어서 비즈니스 룰의 충돌은 DRM시스템 작동 여부를 결정할 만큼 중요한 문제이다. 룰 자체가 자연어로 기술되고 언젠가는 모순을 유발할 가능성이 높기 때문에 먼저 명확한 논리식으로 표현하고 LEGO라는 정형 기법 도구를 통해 검증하도록 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.101-110
• /
• 2011

Recently, an attack to an application incapacitates the intrusion detection rule, the defense policy for a network and database and induces intrusion incidents. Thus, it is necessary to study integration security to ensure the security of an internal network and database from that attack. This article is about building an integration security system to prevent an attack to an application set with intrusion detection rules. It responds to network-based attack through detection, disperses attack with the internal integration security system through virtual clustering and load balancing, and sets up defense policy for attacking destination packets, analyzes and records attack packets, and updates rules through monitoring and analysis. Moreover, this study establishes defense policy according to attacking types to settle access traffic through virtual machine partition policy and suggests an integration security system applied to prevent attack and tests its defense. The result of this study is expected to provide practical data for integration security defense for hacking attack from outside.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.8C
• /
• pp.689-696
• /
• 2010

The goal of this paper is to present a novel method for protecting digital image using 2-D cellular automata transform (CAT). A copyright and transform coefficients are used to generate a new content-based copyright and an original digital image is distributed without any hidden copyright. The parameter, which is called gateway value, for 2-D CAT is consisted of rule number, initial configuration, lattice length, number of neighbors, and etc. Since 2-D CAT has various gateway values, it is more secure than conventional methods. The proposed algorithm is verified using attacked images such as filtering, cropping, JPEG compression, and rotation for robustness.

• The Journal of the Korea Contents Association
• /
• v.11 no.4
• /
• pp.92-100
• /
• 2011

In this paper, we propose a novel blind digital watermarking method based on a cellular automata transform (CAT). CAT is based on dynamic systems known as cellular automata(CA) and uses transform bases which are differently defined by a rule number, the number of neighbors, the number of cells, and an initial state, etc. The proposed CAT based method is compared with a blind watermarking method based on DWT which is commonly used for a domain transform in signal processing. We analyse properties on changes of DWT coefficients and CAT coefficients under various attacks and determine optimal parameters for a watermarking method robust to attacks. The simulations show that the watermarked images with high PSNR and MSSIM look visually identical to originals and are robust against most of typical image processing attacks. Moreover, the proposed CAT based watermarking method is superior to the DWT based one in robustness to most of typical image processing attacks including JPEG compression, median and average filtering, scaling, cropping, and histogram equalization.