• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.99-109
• /
• 2018

Tampering involves illegally removing technologies from a protected system through reverse engineering or developing a system without proper authorization. As tampering of a weapon system is a threat to national security, anti-tampering measures are required. Precedent studies on anti-tampering have discussed the necessity, related trends, application cases, and recent cybersecurity-based or other protection methods. In a domestic situation, the Defense Technology Protection Act focuses on how to prevent technology leakage occurring in related organizations through personnel, facilities and information systems. Anti-tampering design needs to determine which technologies are protected while considering the effects of development cost and schedule. The objective of our study is to develop methods of how to select target technologies and determine counter-measures to protect these technologies. Specifically, an evaluation matrix was derived based on the risk analysis concept to select the protection of target technologies. Also, based on the concept of risk mitigation, the classification of anti-tampering techniques was performed according to its applicability and determination of application levels. Results of the case study revealed that the methods proposed can be systematically applied for anti-tampering in weapon system development.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.279-290
• /
• 2005

Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not effectively defend against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. In this paper, we propose a detection architecture against DDoS attack using data mining technology that can classify the latest types of DDoS attack, and can detect the modification of existing attacks as well as the novel attacks. This architecture consists of a Misuse Detection Module modeling to classify the existing attacks, and an Anomaly Detection Module modeling to detect the novel attacks. And it utilizes the off-line generated models in order to detect the DDoS attack using the real-time traffic. We gathered the NetFlow data generated at an access router of our network in order to model the real network traffic and test it. The NetFlow provides the useful flow-based statistical information without tremendous preprocessing. Also, we mounted the well-known DDoS attack tools to gather the attack traffic. And then, our experimental results show that our approach can provide the outstanding performance against existing attacks, and provide the possibility of detection against the novel attack.