• Journal of Service Research and Studies
• /
• v.6 no.3
• /
• pp.79-90
• /
• 2016

Wireless internet service is an important factor to support all industries. In order to connect and use the smart phones or the laptop via a wireless Internet connection, it has been increasing the hacking risks associated with it. As information spills through the DNS address modulation of the Internet router, hacking threats through a wireless router is present. In this paper, we are dealing with the hacking technique utilizing the overall vulnerability of a wireless LAN. We analyzed the need for the wireless LAN security through WEP encryption algorithm and the improved encryption algorithm. In addition, we presented a countermeasure against these hacking technologies which is WEP Crack using wireless vulnerability hacking technology, DDoS attacks, DNS Spoofing.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1496-1499
• /
• 2008

DoS/DDoS로 대표되는 트래픽 폭주 공격은 대상 시스템뿐만 아니라 네트워크 대역폭 및 시스템 자원 등을 고갈시킴으로써 네트워크에 심각한 장애를 유발하기 때문에, 신속한 공격 탐지와 공격유형별 분류는 안정적인 서비스 제공 및 시스템 운영에 필수요건이다. 본 논문에서는 1) 데이터마이닝의 대표적인 분류 모델인 C4.5 알고리즘을 기반으로 SNMP MIB 정보를 사용하여 트래픽 폭주공격을 탐지하고 각 공격유형별 분류를 수행하는 시스템을 설계 및 구현하였다; 2) C4.5에서 추가적으로 제공하는 동작원리에 관한 규칙들을 상세히 분석함으로써 공격탐지 및 공격유형별 분류에 관한 시스템의 의미론적 해석을 시도하였다; 3) C4.5는 주어진 SNMP MIB의 속성들의 정보이익 값을 이용하여 예측모형을 구축하는 알고리즘으로, 특징선택 및 축소의 효과를 추가적으로 얻었다. 따라서 시스템의 운용 시, 제안된 모델은 전체 13개의 MIB 정보 중 5개의 MIB 정보만을 사용하여 보다 신속하고, 정확하며, 또한 가벼운 공격탐지 및 공격유형별 분류를 수행함으로써 네트워크 시스템의 자원관리와 효율적인 시스템 운영에 기여하였다.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.117-128
• /
• 2018

The purpose of this paper is to analyze the behavior of North Korea's cyber attack against South Korea since 2009 based on major international security theories and suggest South Korea's policy option. For this purpose, this paper applied the behavioral domain and characteristics of 'cyber power' and 'coercion dynamics' model, which are attracting attention in international security studies. The types of cyber attacks from North Korea are classified into the following categories: power-based incarceration, leadership attacks and intrusions, military operations interference, and social anxiety and confusion. In terms of types and means of cyber power, North Korean GPS disturbance, the Ministry of Defense server hacking and EMP are hard power with high retaliation and threat and cyber money cashing and ransomware are analyzed by force in the act of persuasion and incentive in the point of robbing or asking for a large amount of money with software pawns. North Korea 's cyber attack has the character of escape from realistic sanctions based on the second nuclear test. It is important for South Korea to clearly recognize that the aggressive cyberpower of North Korea is changing in its methods and capabilities, and to ensure that North Korea's actions result in far greater losses than can be achieved. To do this, it is necessary to strengthen the cyber security and competence to simultaneously attack and defend through institutional supplement and new establishment such as cyber psychological warfare, EMP attack preparation, and enhancement of security expertise against hacking.

• Journal of KIISE:Information Networking
• /
• v.33 no.3
• /
• pp.201-217
• /
• 2006

In this paper, we collected the physical traces from high speed Internet backbone traffic and analyze the various characteristics of the underlying packet traces. Particularly, our work is focused on analyzing the characteristics of an anomalous traffic. It is found that in our data, the anomalous traffic is caused by UDP session traffic and we determined that it was one of the Denial of Service attacks. In this work, we adopted the unsupervised machine learning algorithm to classify the network flows. We apply the k-means clustering algorithm to train the learner. Via the Cramer-Yon-Misses test, we confirmed that the proposed classification method which is able to detect anomalous traffic within 1 second can accurately predict the class of a flow and can be effectively used in determining the anomalous flows.

• Journal of Internet Computing and Services
• /
• v.9 no.5
• /
• pp.23-34
• /
• 2008

The number of web service user is increasing steadily as web-based service is offered in various form. But, web service has a vulnerability such as SQL Injection, Parameter Injection and DoS attack. Therefore, it is required for us to develop Web IDS system and additionally to offer Rule-base intrusion detection/response mechanism against those attacks. However, existing Web IDS system didn't correspond properly on recent web attack mechanism because they didn't including suitable pre-processing procedure on huge web log data. Therfore, we propose an efficient web log pre-processing mechanism for enhancing rule based detection and improving the performance of web IDS base attack response system. Proposed algorithm provides both a field unit parsing and a duplicated string elimination procedure on web log data. And it is also possible for us to construct improved web IDS system.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.2
• /
• pp.148-153
• /
• 2003

A DoS(Denial of Service) attack appears in the form of the intrusion attempt and Syn Flooding attack is a typical example. The Syn Flooding attack takes advantage of the weak point of 3-way handshake between the end-points of TCP which is the connection-oriented transmission service and has the reliability This paper proposes a NIIP(Network based Intelligent Intrusion Prevention) model. This model captures and analyzes the packet informations for the detection of Syn Flooding attack. Using the result of analysis of decision module, the decision module, which utilizes FCM(Fuzzy Cognitive Maps), measures the degree of danger of the DoS and trains the response module to deal with attacks. This model is a network based intelligent intrusion prevention model that reduces or prevents the danger of Syn Flooding attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.81-92
• /
• 2009

Recently, there is a drastic increase in users interested in real-time multimedia services in the WLAN environment, as the demand of IEEE 802.11 WLAN-based services increases. However, the handoff delay based on 802.11i security policy is not acceptable for the seamless real-time multimedia services provided to MS frequently moving in the WLAN environment, and there is a possibility of DoS attacks against session key derivation process and handoff mechanism. In this paper, a secure and efficient handoff mechanism in the centralized WLAN environment is introduced to solve the security problems. The 4-way Handshake for both mutual authentication and session key derivation is replaced by the 2-way Reassociation process.

• Journal of Korean Academy of Nursing
• /
• v.30 no.6
• /
• pp.1400-1410
• /
• 2000

Purpose : To determine whether there is a discrepancy between the medical professions perception of what patients should know and that of the patients themselves, we studied patients need to be informed about different aspects of epilepsy and compared findings with medical personnels perceptions of the issue. Methods : Our study population consisted of 39 patients with epilepsy from the inpatient epilepsy unit, and 51patients from the outpatients clinic of the S. University Hospital between July and November 1997. However, the patients who declined to participate or who were not able to understand the directions and content of the questionnaire were excluded. The medical personnel participated in this study were 56 residents or nurses who were working in either Neurology or Neuro surgery Units. The questionnaire with 5 indicating the highest need. The data were analyzed with descriptive statistics, students t-tests, and chi-square. Results : Of the 90 patients and 56 medical personnel studied, the need for lifestyle information such as smoking, drinking, sleep, driving, employment, and marriage was significantly higher from medical personnel than that of the patients(p=0.00). Regarding medical knowledge about epilepsy, the patients group had higher scores in the need for information on the structure of the brain (p=0.00), whereas medical personnel had higher scores on the symptoms of epilepsy. There was no correlation between the length of epilepsy and the need for information on every item on the questionnaire. The patients had higher rank regarding diet, although it was not significantly different from the medical personnel. Regarding antiepileptic drugs and what to do when there is an attack, medical personnel scored higher. The items on which the patients group scored higher than 4.5 were the possibility of inheritance, the factors that might reduce the number of attacks, the period of usage of AED, and the food they have to avoid or the food they have to take to reduce seizure attacks. Conclusions : Our study indicates that the patients group requires higher educational need in the structure of the brain, diet, and surgical treatment, but less in lifestyles and what to do when there is an attack. The educational program for the patients with epilepsy should emphasize medical knowledge with regard to brain anatomy, what to eat and what to avoid, and details of surgical treatment.

• Journal of Aerospace System Engineering
• /
• v.15 no.3
• /
• pp.65-70
• /
• 2021

This study presents a method to efficiently advance the Republic of Korea's Unmanned Systems through the analysis of the development of the U.S. Unmanned System Policy. After the occurrence of the September 11 attacks, the U.S. developed Unmanned Systems as a part of RMA and became the leader in this area. The system went through numerous trials and errors during the development and acquisition. From these experiences, the U.S. had embodied Unmanned Systems acquisition methods by establishing Unmanned Systems Development Guidance and DoD Autonomy Community of Interest in 2012. In addition, as diverse unmanned programs started to proceed, it promoted Core Technology development sharing and simplification of functions of the Unmanned Systems to exclude budget-wasting elements such as duplication of programs. The Republic of Korea must politically build a collaborative system between industry/academia/research institute/military and apply evolutionary development strategies from the first step of the development of the Unmanned Systems the future Game Changer. In operations, concepts of the Manned/Unmanned Systems complex operation should be established and intelligent S/W, Open System, and Cyber Security technologies to materialize them developed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.1
• /
• pp.107-114
• /
• 2011

Today the company adopts to use information management method at the network base such as internet, intranet and so on for the speed of business. Therefore the security of information asset protection and continuity of business within company in relation to this is directly connected to the credibility of the company. This paper secures continuity to the certified users using queuing model for the business interruption issue caused by DDoS attack which is faced seriously today. To do this I have reflected overloaded traffic improvement process to the queuing model through the analysis of related traffic information and packet when there occurs DDoS attack with worm/virus. And through experiment I compared and analyzed traffic loading improvement for general network equipment.