• Journal of Computing Science and Engineering
• /
• v.5 no.4
• /
• pp.331-337
• /
• 2011

Recently, Virtual Desktop Infrastructure (VDI) has been widely adopted to ensure secure protection of enterprise data and provide users with a centrally managed execution environment. However, user experiences may be restricted due to the limited functionalities of thin clients in VDI. If thick client devices like laptops are used, then data leakage may be possible due to malicious software installed in thick client mobile devices. In this paper, we present Data Firewall, a security framework to manage and protect security-sensitive data in thick client mobile devices. Data Firewall consists of three components: Virtual Machine (VM) image management, client VM integrity attestation, and key management for Protected Storage. There are two types of execution VMs managed by Data Firewall: Normal VM and Secure VM. In Normal VM, a user can execute any applications installed in the laptop in the same manner as before. A user can access security-sensitive data only in the Secure VM, for which the integrity should be checked prior to access being granted. All the security-sensitive data are stored in the space called Protected Storage for which the access keys are managed by Data Firewall. Key management and exchange between client and server are handled via Trusted Platform Module (TPM) in the framework. We have analyzed the security characteristics and built a prototype to show the performance overhead of the proposed framework.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.5 no.7
• /
• pp.1361-1373
• /
• 2001

In the firewall systems of 3-tier client/server systems, in general, data transmission speed is declined rapidly according to the duplicated proxy services in application server and fire wall server. In this paper, an application server configuration containing the proxy functions of firewall system is proposed so that the high speed data transmission can be achieved. The proposed application server can form the dual-homed gateway by means of the additional network interface card. The screened router of application server forms the screened subnet gateway that can separate the internal network. The proposed server configuration is more effective in traffic control than the traditional firewall systems and provides high speed data transmission with the functions of firewall. It can be also cost-effective alternative to the firewall system.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.199-208
• /
• 2021

This is an era of technology and with the rapid growth of the Internet, networks are continuously growing. Companies are shifting from simple to more complex networks. Since networks are responsible to transmit huge data which is often sensitive and a point of concern for hackers. Despite the sizes of the networks, all networks are subject to several threats. Companies deploy several security measures to protect their networks from unauthorized access. These security measures are implemented from the device level to the network level. Every security layer adds more to the security of the company's network. Firewalls are the piece of software that provides internal and external security of the network. Firewalls aim to enhance the device level as well as network-level security. This paper aims to investigate the different types of firewalls, their architecture, and vulnerabilities of the firewall. This paper improves the understanding of firewall and its various types of architecture.

• Proceedings of the Korea Database Society Conference
• /
• 2000.11a
• /
• pp.227-238
• /
• 2000

Firewall은 다양한 부정Access의 방지책으로서 확실히 유효한 수단이지만 이 Firewall은 사용자로부터 지시된 설정을 충실히 실행하는 것으로 설정 오류, 소프트웨어의 정지, 허가된 룰을 악용한 침입 등 반드시 사용자가 바라는 작용을 무조건적 상태에서 보증해 주는 것은 아니다. 따라서 사용자는 도입 후 에도 운용시에 Access log를 감시하고 본래의 Security Policy에 반하는 행위를 매일 매일 체크하지 않으면 안될 상황에 처해 있다. 본 연구는 이러한 부정Access에 대한 이와 같은 Firewall의 현상에 대한 과제 중에서 "부정Access를 어떻게 하면 일찍, 정확히 체크할 수 있는가\ulcorner"라는 주제를 선택하여 Firewall의 한계와 그 대응책을 실제로 부정Access를 시험해 보는 것으로 검증하기로 하였다. 실험결과에서 (1)Port Scan이나 전자메일 폭탄(서비스정지공격)등은 Firewall로 방지하는 것은 불가능하거나 혹은 Checking이 곤란하다. (2)공격마다 로그 수집을 했음에도 관계없이 Firewall의 로그는 번잡하므로 단시간에 사태의 발견이 대단히 곤란하다고 하는 Firewall의 한계를 인식하였다. 그리고 그 대책으로서 우리는 체크 툴의 유효성에 착안하여 조사한 결과, 결국 무엇이 부정Access인가에 대해서는 어디까지나 이용하는 측이 판단하여 Firewall 상에 설정하지 않으면 안되지만 체크 툴은 이 부정Access 정보를 데이터베이스로서 갖고 있음으로써 '무엇이 부정Access인가'를 이용자 대신에 판단하고 툴에 따라서는 설정을 자동적으로 변경하여 부정 Access의 저지율을 향상시킨다. 이처럼 체크 툴은 Firewall의 수비능력을 보강하는 위치에 있다고 생각할 수 있다.다. 4 장에서는 3장에서 제기한 각각의 문제점에 대해 RAD 의 관점에 비추어 e-business 시스템의 단기개발을 실현하기 위한 고려사항이나 조건 해결책을 제안한다. 본 논문이 지금부터 e-business 를 시작하려고 하는 분, e-business 시스템의 개발을 시작하려고 하는 분께 단기간의 e-business 실현을 위한 하나의 지침이 된다면 다행이겠다.formable template is used to optimize the matching. Then, clustering the similar shapes by the distance between each centroid, papaya can be completely detected from the background.uage ("Association of research for algorithm of calculating machine (1992)"). As a result, conventional NN and CNN were available for interpolation of sampling data. Moreover, when nonlinear intensity is not so large under the field condition of small slope, interpolation performance of CNN was a little not so better than NN. However, when nonlinear intensity is large under the field condition of large slope, interpolation performance of CNN was relatively better than NN.콩과 자연 콩이 성분 분석에서 차이를

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.143-148
• /
• 2007

In the context of mass traffic, firewall system cannot record normal log files against DDoS attack. The loss of log record causes that a firewall system does not know whether a packet is normally filtered or not, and firewall log, which is an essential data for the counter measure of violation accident, cannot be verified as trusted. As a network speed increases, these problems happen more frequently and largely. Accordingly, the method to use simply additional hardware devices is not recommended for the popularization of firewall. This paper is devoted to verify the loss of iptable log that is the mother's womb of most domestic firewall systems and show that the log handling methods for conventional firewall systems are needed to improve.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.667-677
• /
• 2013

As the firewall is a typical network security equipment, it is usually installed at most of internal/external networks and makes many packet data in/out. So analyzing the its logs stored in it can provide important and fundamental data on the network security research. However, along with development of communications technology, the speed of internet network is improved and then the amount of log data is becoming 'Massive Data' or 'BigData'. In this trend, there are limits to analyze log data using the traditional database model RDBMS. In this paper, through our Method of Analyzing Firewall log data using MapReduce based on NoSQL, we have discovered that the introducing NoSQL data base model can more effectively analyze the massive log data than the traditional one. We have demonstrated execellent performance of the NoSQL by comparing the performance of data processing with existing RDBMS. Also the proposed method is evaluated by experiments that detect the three attack patterns and shown that it is highly effective.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.157-167
• /
• 2020

The big data and artificial intelligence technology, which has provided the foundation for the recent 4th industrial revolution, has become a major driving force in business innovation across industries. In the field of information security, we are trying to develop and improve an intelligent security system by applying these techniques to large-scale log data, which has been difficult to find effective utilization methods before. The quality of security log big data, which is the basis of information security AI learning, is an important input factor that determines the performance of intelligent security system. However, the difference and complexity of log data by various product has a problem that requires excessive time and effort in preprocessing big data with poor data quality. In this study, we research and analyze the cases related to log data collection of various firewall. By proposing firewall log data collection format standard, we hope to contribute to the development of intelligent security systems based on security log big data.

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.1
• /
• pp.37-43
• /
• 2003

The growing Internet business has required the acceleration of the development of security components. There are many different kinds of security components that have been developed in accordance with the appearance of various logs. Therefore, it is important that after the logs are collected they become integrated and need to Once the data from the logs have been collected form the IDS/Firewall/Router logs. It needs to be analyzed and formatted for standardization. This paper suggests designs that the log analyzation system could use in analyzing, detecting, and preventing intrusion in the various systems. Once the data has been analyzed it would be possible to Prevent further intrusion as well as trace the intrusion back to the source.

• Journal of Advanced Marine Engineering and Technology
• /
• v.27 no.1
• /
• pp.65-75
• /
• 2003

The internet telephony service is one of the successful internet application services. VoIP is the key technology for the service to come true. VoIP uses H.323 or SIP as the standard protocol for the distributed multimedia services over the internet environment, in which QoS is not guaranteed. VoIP carries the packetized voice by using the RTP/UDP/IP protocol stack. The UDP-based internet services cause the data transmission problem to the users behind the internet firewall. So does the internet telephony service. The users are not able to listen the voices of the counter-parts on the public internet or PSTN. It makes the problem more difficult that the internet telephony service addressed in this paper uses only one UDP port number to send the voice data of all sessions from gateway to terminal node. In this paper, two schemes including the usage of dummy UDP datagrams, and the protocol conversion are suggested. The implementation of one of the schemes, the protocol conversion, and the performance evaluation are described in detail.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.5
• /
• pp.1280-1290
• /
• 1999

Applying the change impact analysis to the distributed environment is not straightforward since it is based on the centralized system environment. In this paper, we investigate the change impact analysis of object-oriented shoftwares in the distributed environment. We first, categories the types of changes common in object-oriented software into three sets: data, method, and class level changes. We, then, analyze the impact of each set of changes and represent it in the form of a DPDG. A DPDG is a graph showing relationship of object oriented softwares - with data elements. classes, design documents, servers - in the distributed environment. DPDG searches element of software to retest when the software is changed. Thus, DPDG saves effort of software to retest. In this paper, We propose the table of firewall for retest elements that be discovered by DPDG and implement the table of firewall. The table of firewall is used VIST that we design a software testing tool. The VIST utilizes the minimized firewall, then saves efforts and costs of retesting for distributed object-oriented software.