• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.233-239
• /
• 2004

In this paper, we describe a defense mechanism to cope with stepping stones attacks in high-speed networks. (Stepping stones Attacker launches attacks not from their own computer but from intermediary hosts that they previously compromised.) We aim at tracing origin hacker system, which attack target system via stepping stones. There are two kind of traceback technology ; IP packet traceback, or connection traceback. We are concerned with connection traceback in this paper. We propose a new host-based traceback. The purpose of this paper is that distinguish between origin hacker system and stepping stones by using process structure of OS(Operating System).

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.447-454
• /
• 2003

Optical burst switching (OBS) has been proposed to reduce the use of fiber delay lines (FDLs) and to realize the optical switching paradigm of the next-generation ail optical networks. The OBS can provide improvements over wavelength routing in terms of bandwidth efficiency and core network scalability via statistical multiplexing of bursts. Recently, another challenging issue is how to upport quality of service (QoS) in the optical burst switching networks. In this paper, we propose a deflection routing scheme to guarantee the QoS for the OBS networks to detour lower priority burst forward to the deflection routing path when congested. A big advantage of the proposed scheme is the simplicity of QoS provision, that comes from the simple QoS provisioning algorithm. Also, the QoS provisioning scheme be able to make efficient networks by fairly traffic distributing with the reduce of the use of FDLs at core routers. The QoS provisioning scheme has been verified to reliably guarantee the QoS of priority 0, 1, 2 burst and to efficiently utilize network resources by computer simulations using OPNET As results, the end-to-end delay of high priority burst is improved, and the network efficiency is also improved.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.1 s.33
• /
• pp.27-34
• /
• 2005

Current security reinforcement systems are Passive defense system that only blocks filter to all traffic from the attacker. So, Those are weak re-attack and Stepping Stones attack because active response about attacker is lacking. Also, present techniques of traceback need much time and manpower by log information collection and trace through the personal inspection and active response is lacking. In this paper, We propose technique for TCP connection traceback that can apply in present internet and trace to inserted marking on IP header to correspond re-attack and Stepping Stones attack. Therefore, Proposed technique is unnecessary correction of existing network component and can reduce size of marked information and overhead of resources.

• Review of KIISC
• /
• v.25 no.4
• /
• pp.57-62
• /
• 2015

최근의 정보보호 관련 사고를 살펴보면 기업 내부자로 인한 개인정보의 유출과 같이 특별한 기술 없이 이루어지는 인간 중심의 정보보호가 이슈화되고 있다. 그만큼 점점 사회공학적인 위협이 증가하고 있는 추세이며, 그 위험성이 사회 전반적으로 인식되어가고 있다. 본 지를 통해 사회공학의 의미에 대해 되짚어보고, 사회공학 라이프 사이클과 최근의 사회공학 공격 기법에 대해 분석한다. 또한 일반적 사회공학 의미인 인간 상호 작용의 깊은 신뢰를 바탕으로 사람들을 속여서 보안 절차를 우회하는 등의 기존 개념에 더하여 유사한 사례를 바탕으로 인간의 대표적 감정 상태(두려움, 슬픔, 기쁨)를 이용한 사회공학 기법에 대해 논한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.104-107
• /
• 2007

현대 사회의 정보전달 매체는 대부분 웹을 통해 이뤄진다. 특히 기업의 경우에는 자신들의 홈페이지를 통해 회사소개, 제품소개 등의 정보를 전달하고 있다. 홈페이지는 단순 정보전달의 기능분만 아니라 기업의 이미지를 대표하는 심볼로 사용되어진다. 이러한 웹 페이지는 보안솔루션을 이용하여 외부로부터 위 변조를 예방하고 있으나 한계를 가진다. 이 논문에서는 보안솔루션을 우회 또는 내부사용자로부터 위 변조된 웹 페이지를 모니터링 하여 피해를 최소화하는 방안을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1023-1030
• /
• 2020

Wearable devices, such as a smart watch and a wrist band, store owner's private information in the devices so that security in a high level is required. Applications developed by third parties in Tizen request for an access to designated services through the desktop bus (D-Bus). The D-Bus verifies application's privileges to grant the request for an access. We developed a fuzzing tool, so-called DAN (the D-bus ANalyzer), to detect errors in implementations for privilege verifications and access controls within Tizen's system services. The DAN has found a number of vulnerable services which granted accesses to unauthorized applications. We built a proof-of-concept application based on those findings to demonstrate a bypass in the privilege examination.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.28 no.5D
• /
• pp.597-607
• /
• 2008

ATIS(Advanced Traffic Information System) provide valuable information as the travel time and traffic congestion, detour, traffic accident information to drivers, so it is being in the spotlight. But so far, the study on the consumer satisfaction with providing traffic information is incomplete. So, this study run a Canonical discriminant analysis and a Canonical correlation analysis by a QuantificationIItheory based on a Traffic Information Satisfaction image data through questionnaires, and found out the factors with influence on the consumer satisfaction. And this study definitely found out the correlation between consumer's recognition and traffic information satisfaction through understanding the change on the recognition about traffic information satisfaction by a QuantificationItheory. Finally, this study found out the change on the sensibility recognition of drivers by running the principal component anlysis, developed the traffic information satisfaction evaluation model considering the change on the recognition by using the structural equation model.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3A
• /
• pp.287-295
• /
• 2010

In wireless sensor networks(WSNs), the studies that support sink mobility without global position information exploit a Backbone-based Virtual Infrastructure (BVI) which considers one-hop clusters and a backbone-based tree. Since the clusters of a sink and a source node are connected via flooding into the infrastructure, it causes high routing cost. Although the network could reduce the number of clusters via multi-level clusters, if the source nodes exist at nearest clusters from the cluster attached by the sink and they are in different branches of the tree, the data should be delivered via detour paths on the tree. Therefore, to reduce the number of clusters, we propose a novel multi-hop cluster based communication protocol supporting sink mobility without global position information. We exploit a rendezvous cluster head for sink location service and data dissemination but the proposed protocol effectively reduces data detour via comparing cluster hops from the source. Simulation shows that the proposed protocol is superior to the existing protocols in terms of the data delivery hop counts.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.827-838
• /
• 2018

Since 2014, ease of regulations on financial institutions expanded the mobile payment market based on simple authentication, and this resulted in the emergence of various simple payment services. Although several security solutions have been used to mitigate possible security threats to payment applications, there are vulnerabilities which can still be found due to the structure in which the security solution is applied to the payment service. In this paper, we analyze the payment application and security solution from the process perspective, and prove through experimentation that verification functions of security solutions can be bypassed without detailed analysis of each security function, but by simply manipulating the verification result value. Finally, we propose methods to mitigate the bypass method presented in this paper from three different perspectives, and thereby contribute to the improvement of security level of the payment service.

• Proceedings of the Korean Association of Geographic Inforamtion Studies Conference
• /
• 2010.09a
• /
• pp.326-329
• /
• 2010

현재 시행 중인 승용차 RFID 요일제는 제한적인 설치장소와 RFID 설치시 많은 비용이 소비된다. 따라서 본 연구에서는 기존의 RFID 승용차 요일제 방식과 달리 효율성을 높이고 비용을 절감할수 있는 BMS(BUS Management System)를 활용한 버스 RFID system에 관한 방안을 제안한다. 제안하는 방안은 버스 RFID system은 대구시의 시내 버스 뒤편에 양쪽 상단에 RFID 안테나를 설치하여 대구시의 주요 도로를 운행 하며 승용차 요일제를 미준수 여부를 파악하는 것이다. 기존의 고정형 RFID는 설치 위치를 우회 할수 있지만 버스 RFID는 항상 이동하며 감지 하기때문에 차량의 우회에 따른 미확인 경우를 줄일 수 있다. 또한, BMS 활용으로 설치비용을 절감하여 비용대비 효율성을 제고할 수 있을 것으로 예상된다. 구체적인 방안 마련을 위하여 주요도로 버스노선도 파악, 중첩지점 그리고 기존의 승용차 요일제 시스템과 비교 분석을 하여 성능 평가들 실시하는 것에 주안점을 두고 연구를 수행하였다.