• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.587-593
• /
• 2021

In this thesis, we will break away from the classic DDoS response system for large-scale denial-of-service attacks that develop day by day, and effectively endure intelligent denial-of-service attacks by utilizing artificial intelligence-based technology, one of the core technologies of the 4th revolution. A possible service model development plan was proposed. That is, a method to detect denial of service attacks and minimize damage through machine learning artificial intelligence learning targeting a large amount of data collected from multiple security devices and web servers was proposed. In particular, the development of a model for using artificial intelligence technology is to detect a Western service attack by focusing on the fact that when a service denial attack occurs while repeating a certain traffic change and transmitting data in a stable flow, a different pattern of data flow is shown. Artificial intelligence technology was used. When a denial of service attack occurs, a deviation between the probability-based actual traffic and the predicted value occurs, so it is possible to respond by judging as aggressiveness data. In this paper, a service denial attack detection model was explained by analyzing data based on logs generated from security equipment or servers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.67-74
• /
• 2011

In this paper, we presented a dynamic cyber attack tree which can describe an attack scenario flexibly for an active cyber attack model could be detected complex and transformed attack method. An attack tree provides a formal and methodical route of describing the security safeguard on varying attacks against network system. The existent attack tree can describe attack scenario as using vertex, edge and composition. But an attack tree has the limitations to express complex and new attack due to the restriction of attack tree's attributes. We solved the limitations of the existent attack tree as adding an threat occurrence probability and 2 components of composition in the attributes. Firstly, we improved the flexibility to describe complex and transformed attack method, and reduced the ambiguity of attack sequence, as reinforcing composition. And we can identify the risk level of attack at each attack phase from child node to parent node as adding an threat occurrence probability.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2C
• /
• pp.208-218
• /
• 2006

In this paper, we introduce the creation methods of attack detection model using data mining technologies that can classify the latest attack types, and can detect the modification of existing attacks as well as the novel attacks. Also, we evaluate comparatively these attack detection models in the view of detection accuracy and detection time. As the important factors for creating detection models, there are data, attribute, and detection algorithm. Thus, we used NetFlow data gathered at the real network, and KDD Cup 1999 data for the experiment in large quantities. And for attribute selection, we used a heuristic method and a theoretical method using decision tree algorithm. We evaluate comparatively detection models using a single supervised/unsupervised data mining approach and a combined supervised data mining approach. As a result, although a combined supervised data mining approach required more modeling time, it had better detection rate. All models using data mining techniques could detect the attacks within 1 second, thus these approaches could prove the real-time detection. Also, our experimental results for anomaly detection showed that our approaches provided the detection possibility for novel attack, and especially SOM model provided the additional information about existing attack that is similar to novel attack.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11
• /
• pp.3011-3019
• /
• 1999

Denial of service is about knocking off services, without permission for example through crashing the whole system. This kind of attacks are easy to launch and it is hard to protect a system against them. The basic problem is that Unix assumes that users on the system or on other systems will be well behaved. This paper analyses system-based inside denial of services attack(DoS) and system metric for performance of each machine provided. And formalize the conclusions results in ways that clearly expose the performance impact of those observations. So, we present new approach. It is detecting DoS attack using performance signature for system and program behavior. We present new approach. It is detecting DoS attack using performance signature for system and program behavior. We believe that metric will be to guide to automated development of a program to detect the attack. As a results, we propose the AIDPS(Architecture for Intrusion Detection using Performance Signature) model to detect DoS attack using performance signature.

• Proceeding of EDISON Challenge
• /
• 2016.11a
• /
• pp.19-22
• /
• 2016

Leading edge thrust is generally caused by passing air flow from lower to upper surface and it is required to have sufficient angle of attack for notable leading edge thrust. To produce leading edge thrust at low angle of attack, utilizing expansion wave accompanying low pressure is able to be a solution. Fore structure changes the direction of flow, and this flow passes the projected edge. As a result, from a perspective of the edge, it is able to have high angle of attack, and artificial expansion wave is generated. This concept shows 9.48% increase of L/D in inviscid flow, at Mach number 1.3 and angle of attack $1^{\circ}$ in maximum, and this model shows the 3.98% of increasement at angle of attack $2^{\circ}$. Although advantage of the artificial expansion wave decreased as angle of attack increase, it shows the possibility of aerodynamical improvement with artificial expansion wave.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1045-1053
• /
• 2014

In this paper, we assume that the information leakage through side-channel signal may occur from the card payment terminal and newly introduce a real application attack model. The attack model is a side channel attack based on vibration signals, which are detected by a small sensor attached on card terminal by attacker. This study is similar to some other studies regarding side channel attack. However, this paper is different in that it is based on the non-language model. Because the financial transaction information such as a card number, password, mobile phone number and etc cannot have a constant pattern. In addition, there was no study about card terminal. Therefore, this new study is meaningful. We collected vibration signals on card terminal with a small wireless sensor and analyzed signal data with statistical signal processing techniques using spectrum of frequency domain and principal component analysis and pattern recognition algorithms. Finally, we evaluated the performances by using real data from the sensor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.997-1006
• /
• 2019

To overcome the difficulties and inefficiencies of the existing power analysis attack, we try to extract the secret key embedded in a cryptographic device using attack model based on MLP(Multi-Layer Perceptron) method. The target of our proposed power analysis attack is the AES-128 encryption module implemented on an 8-bit processor XMEGA128. We use the divide-and-conquer method in bytes to recover the whole 16 bytes secret key. As a result, the MLP-based power analysis attack can extract the secret key with the accuracy of 89.51%. Additionally, this MLP model has the 94.51% accuracy when the pre-processing method on power traces is applied. Compared to the machine leaning-based model SVM(Support Vector Machine), we show that the MLP can be a outstanding method in power analysis attacks due to excellent ability for feature extraction.

• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.7-12
• /
• 2009

The advanced computer network and Internet technology enables connectivity of computers through an open network environment. Despite the growing numbers of security threats to networks, most intrusion detection identifies security attacks mainly by detecting misuse using a set of rules based on past hacking patterns. This pattern matching has a high rate of false positives and can not detect new hacking patterns, making it vulnerable to previously unidentified attack patterns and variations in attack and increasing false negatives. Intrusion detection and prevention technologies are thus required. We proposed a network based hybrid Probe Intrusion Detection model using Fuzzy cognitive maps (PIDuF) that detects intrusion by DoS (DDoS and PDoS) attack detection using packet analysis. A DoS attack typically appears as a probe and SYN flooding attack. SYN flooding using FCM model captures and analyzes packet information to detect SYN flooding attacks. Using the result of decision module analysis, which used FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. For the performance evaluation, the "IDS Evaluation Data Set" created by MIT was used. From the simulation we obtained the max-average true positive rate of 97.064% and the max-average false negative rate of 2.936%. The true positive error rate of the PIDuF is similar to that of Bernhard's true positive error rate.

• Computers and Concrete
• /
• v.19 no.2
• /
• pp.143-152
• /
• 2017

This paper has numerically investigated the changes of loading-induced stress in concrete with the corrosion time in the sulfate-containing environment. Firstly, based on Fick's law and reaction kinetics, a diffusion-reaction equation of sulfate ion in concrete is proposed, and it is numerically solved to obtain the spatial and temporal distribution of sulfate ion concentration in concrete by the finite difference method. Secondly, by fitting the existed experimental data of concrete in sodium sulfate solutions, the chemical damage of concrete associated with sulfate ion concentration and corrosion time is quantitatively presented. Thirdly, depending on the plastic-damage mechanics, while considering the influence of sulfate attack on concrete properties, a simplified chemo-mechanical damage model, with stress-based plasticity and strain-driven damage, for concrete under axial loading and sulfate attack is determined by introducing the chemical damage degree. Finally, an axially compressed concrete prism immersed into the sodium sulfate solution is regarded as an object to investigate the time-varying stress in concrete subjected to the couplings of axial loading and sulfate attack.

• Wind and Structures
• /
• v.32 no.3
• /
• pp.239-248
• /
• 2021

In this study, three airfoil families, NACA, FX and S, in each case three from each series with different shapes were investigated at different angles of attack using Computational Fluid Dynamics (CFD) method. To verify the CFD model, simulation results of the NACA 0012 airfoil was compared against the available experimental data and k-ω SST was used as the turbulence model. Lift coefficients, lift to drag ratios and pressure distributions around airfoils were obtained from the CFD simulations and compared each other. The simulations were performed at three Reynolds numbers, Re=2×105, 1×106and 2×106, and angle of attack was varied between -6 and 12 degrees. According to the results, similar lift coefficient values were obtained for symmetric airfoils reaching their maximum values at similar angles of attack. Maximum lift coefficients were obtained for FX 60-157 and S 4110 airfoils having lift coefficient values around 1.5 at Re=1×106 and 12 degrees of angle of attack. Flow separation occurred close to the leading edge of some airfoils at higher angles of attack, while some other airfoils were more successful in keeping the flow attached on the surface.