• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.441-444
• /
• 2016

Peace on the Korean Peninsula is threatened by physical aggressions and cyber terrors such as nuclear tests, missile launchings, senior government officials' smart phone hackings and DDos attacks to banking systems. Cyber attacks such as vulnerability for the hackings, malware distributions are generally defended by passive defense through the detecting signs of first invasion and attack, data analysis, adding library and updating vaccine programs. In this paper the concept of security program based on Google TensorFlow machine learning ability to perform adding libraries and solving security vulnerabilities by itself is researched and proposed.

• Convergence Security Journal
• /
• v.13 no.1
• /
• pp.19-24
• /
• 2013

MANET has a highly dynamic topology because it consists of only mobile nodes. Various attacks using these characteristics exist. Among them, damage of the attacks based flooding such as DoS or DDos is large and traceback of the attack node is not easy. It is because route information by moving of intermediate nodes which pass the data changes frequently. In this paper, we propose table-based traceback technique to perform efficient traceback although route information by moving of nodes changes frequently. Cluster head manages route management table in order to form cluster status table and network topology snapshot for storing the location information of mobile nodes when cluster member nodes change. Also, bloom filter is used to reduce the amount of storing route information. The performance of the proposed technique is confirmed through experiment.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.80-85
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.313-319
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.65-75
• /
• 2009

The development of IT technology, Internet popularity is increasing geometrically. However, as its side effect, the intrusion behaviors such as information leakage for key system and infringement of computation network etc are also increasing fast. The attack traffic detection method which is suggested in this study utilizes the Snort, traditional NIDS, filters the packet with false positive among the detected attack traffics using Nmap information. Then, it performs the secondary filtering using nessus vulnerability information and finally performs correlation analysis considering appropriateness of management system, severity of signature and security hole so that it could reduce false positive alarm message as well as minimize the errors from false positive and as a result, it raised the overall attack detection results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.547-560
• /
• 2014

Smart Grid, which maximize the efficiency of energic utilization by applying Information and Communication Technology to Power Grid, requires high availability. Attacks, such as DDoS, which cause suspension of service and lead to social disruptions have recently been increasing so that systematic management over availability becomes more important. In this paper, we presents a new evaluation criteria of Korean Smart Grid by comparing availability assessment items of international standards specified in management system and then overcome the limitations of availability evaluation of existing information security management system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.189-192
• /
• 2021

5G와 사물인터넷(IoT) 시대에 데이터의 크로스컴퓨팅은 연구, 의료, 금융, 민생 분야 등에 더 많은 지원을 할 수 있고 프라이버시 안전성이 중요해지고 있다. SMPC (Secure Multi-party Computation)은 서로 믿지 않는 참여자 간의 프라이버시 보호 시너지 컴퓨팅 문제를 해결하고, 데이터 수요자에게 원본 데이터를 누설하지 않는 범위 하에서의 다자간 컴퓨팅 능력을 제공한다. IoT 장치는 전력 소모와 지연에 제한을 받기 때문에 대부분의 장치가 여전히 경량화 보안 메커니즘에 속하고 IoT에서 트래픽의 데이터 통합관리가 어렵기 때문에 통신 중 신원인식과 데이터를 주고받는 단계에서 프라이버시 유출의 문제가 발생할 수 있고 심지어 DDOS공격, RelayAttack공격 등 사이버의 목적이 될 수도 있다. 본 논문에서 IoT 네트워크 데이터 통신 특징을 분석하고 동형 암호에 기반의 SMPC 연산 아키텍처를 제안한다. 제안하는 이키텍처에서 동형 암호를 사용함으로써 장치 데이터의 안전을 보장하는 동시에 전체 네트워크 안전성도 확보한다. SMPC 및 동형암호 기술의 지속적 발전에 따라 제안하는 아키텍처가 계속 개선할 잠재력이 있다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.61-68
• /
• 2015

Recently, with increasing use of smartphones, the security threats also have increased rapidly. Especially, the compromised smartphone is very dangerous because it could be exploited in a DDOS attacks such as cyberterrorism as well as in the leakage of personal information. However, most bot detection mechanisms are still unsuitable for smartphone with its lower computing capability and limited battery capacity because they incur additional computational overheads or require pre-defined signatures. In this paper, we present an efficient bot detection mechanism in smartphones. Our mechanism detects effectively bots in outgoing traffic by using a correlation between user events and network traffic. We have implemented its prototype in Android smartphone and measured its performance. The evaluation results show that our mechanism provides low overhead to detect bots in smartphones.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37A no.9
• /
• pp.772-779
• /
• 2012

In the current MANET, DOS or DDOS attacks are increasing, but as MANET has limited bandwidth, computational resources and battery power, the existing traceback mechanisms can not be applied to it. Therefore, in case of traceback techniques being applied to MANET, the resource of each node must be used efficiently. However, in the traceback techniques applied to an existing ad hoc network, as a cluster head which represents all nodes in the cluster area manages the traceback, the overhead of the cluster head shortens each node's life. In addition, in case of multi-hop clustering, as one Cluster head manages more node than one, its problem is getting even worse. This paper proposes TNA(Traceback against Network Attacks) based on multihop clustering using the depth of tree structure in order to reduce the overhead of distributed information management.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.672-675
• /
• 2014

최근 DDOS 공격이 활발해짐에 따라 많은 사이트에서 검색 페이지에 노출되지 않도록 웹봇을 차단한 경우가 생기게 되었다. 하지만 이는 사이트 사용자나 사이트 측 모두에게 악영향을 미치므로 웹 사이트의 웹봇 접근성을 평가하는 프로그램을 제작하게 되었다. 본 프로그램은 Robots.txt를 분석하거나 Robots 메타 태크 등을 분석하여 웹 사이트의 웹봇 접근성을 평가하는 프로그램이다. 이 프로그램으로 평가한 결과를 피드백의 근거로 삼아 더 나은 검색 결과를 기대할 수 있다.