• Journal of Information Processing Systems
• /
• v.5 no.1
• /
• pp.25-32
• /
• 2009

It is absolutely essential to implement advanced IP network technologies such as QoS, Multicast, High Availability, and Security in order to provide real-time services like IPTV via IP backbone network. In reality, the existing commercial networks of internet service providers are subject to certain technical difficulties and limitations in embodying those technologies. On-going research efforts involve the experimental engineering works and implementation experience to trigger IPTV service on the premium-level IP backbone which has recently been developed. This paper introduces the core network technologies that will enable the deployment of a high-quality IPTV service, and then proposes a suitable methodology for application and deployment policies on each technology to lead the establishment and globalization of the IPTV service.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.2 no.2
• /
• pp.87-95
• /
• 2009

This research attempted to build up a system of security and identification for storage devices in a communication network. This identification Network System will configure security of information encoded and any computer data-medium by control of the access right of the user.

• Annual Conference of KIPS
• /
• 2014.04a
• /
• pp.453-456
• /
• 2014

최근 무선 인터넷의 발달 및 스마트 디바이스의 등장 등의 이유로 다양한 분야의 네트워크 기반 서비스가 등장하고 있다. 폭발적으로 증가하는 네트워크 서비스를 신뢰적이며 효율적으로 운영하기 위한 기술로 미래 네트워크 기술의 하나인 SDN이 주목받고 있다. 하지만 SDN은 기존 네트워크의 보안 취약성인 IP주소를 타깃으로 하는 공격에 대한 취약점을 보완하지 못하고 있다. 이에 본 논문은 SDN망에서 기존 Control Layer외에 Security Layer를 추가함으로서 네트워크 위협사항에 능동적으로 대처가 가능하고 해당 구조의 기반 위에 검색가능 암호화 기법을 사용하여 IP주소를 은닉화하는 기법을 제안하고자 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.165-174
• /
• 2006

This paper attacked the unknown DoS which mixed a DoS attack, Worm and the Trojan horse which used IP Source Address Spoofing and Smurf through the SYN Flooding way that UDP, ICMP, Echo, TCP Syn packet operated, the applications that used TCP/UDP in VoIP service networks. Define necessity of a Dynamic Update Engine for a prevention, and measure Miss traffic at RT statistics of inbound and outbound parts in case of designs of an engine at IPS regarding an Self-learning module and a statistical attack spread, and design a logic engine module. Three engines judge attack grades (Attack, Suspicious, Normal), and keep the most suitable filtering engine state through AND or OR algorithms at Footprint Lookup modules. A Real-Time Dynamic Engine and Filter updated protected VoIP service from DoS attacks, and strengthened Ubiquitous Security anger, and were turned out to be.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.109-120
• /
• 2007

VoIP service provides various functions that PSTN phone service hasn't been able to provide. Since it also has superiority in service charge, the number of user is increasing these days. When we think of the other side in cost aspect, the spam caller can also send his/her commercial message over phone line using more economic way. This paper presents the characteristics that should be considered to detect the spam call using greylisting method. We have explored static and dynamic characteristics in VoIP calls, and analyzed the relation among them. Especially, we have surveyed the authentication and charging method of Korean VoIP service provider. We have analyzed each charging method using our spam call simulation result, and derived the charging method that can be favored by spam caller. The contribution of the work is in analysis result of static aspect for SPIT Level calculation in greylisting method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.821-830
• /
• 2017

The internet is an important infra resource that it controls the economy and society of our country. Also, it is providing convenience and efficiency of the everyday life. But, a case of various are occurred through an using vulnerability of an internet infra resource. Recently various attacks of unknown to the user are an increasing trend. Also, currently system of security control is focussing on patterns for detecting attacks. However, internet threats are consistently increasing by intelligent and advanced various attacks. In recent, the darknet is received attention to research for detecting unknown attacks. Since the darknet means a set of unused IP addresses, no real systems connected to the darknet. In this paper, we proposed an algorithm for finding black IPs through collected the darknet traffic based on a statistics data of port information. The proposed method prepared 8,192 darknet space and collected the darknet traffic during 3 months. It collected total 827,254,121 during 3 months of 2016. Applied results of the proposed algorithm, black IPs are June 19, July 21, and August 17. In this paper, results by analysis identify to detect frequency of black IPs and find new black IPs of caused potential cyber threats.

• Convergence Security Journal
• /
• v.9 no.4
• /
• pp.35-41
• /
• 2009

Internet routing protocols currently in use in the typical protocol of the existing BGP protocol to strengthen the security of the BGP protocol by comparison with research on emerging issues of the AS-Path, IP Fake, DRDoS BGP protocol must be used when such the information you need, but due to malicious attack, or an incorrect setting can prevent the global Internet network operating in an security to threat information are analyzed.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.5
• /
• pp.145-154
• /
• 2007

Analyzed about a matter and requirements to intimidate security of ubiquitous and home network threatening various security for personal information protection in ubiquitous home networks at this paper, and studied. Got authentication procedures and verification procedures acid user approach to be reasonable through designs to the home security gateway which strengthened a security function in the outsides, and strengthened protection of a home network. Also, execute a DoS. DDoS, IP Spoofing attack protective at home network security gateways proved, and security regarding against the Hacker's attack was performed, and confirmed. Strengthen appliances and security regarding a user, and confirm a defense regarding an external attack and present a home network security model of this paper to the plans that can strengthen personal information protection in ubiquitous home networks in ubiquitous home networks through experiment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.465-479
• /
• 2020

Regardless of the domestic and foreign governments/companies, SOC (Security Operation Center) has operated 24 hours a day for the entire year to ensure the security for their IT infrastructures. However, almost all SOCs have a critical limitation by nature, caused from heavily depending on the manual analysis of human agents with the text-based monitoring architecture. Even though, in order to overcome the drawback, technologies for a comprehensive visualization against complex cyber threats have been studying, most of them are inappropriate for the security monitoring in large-scale networks. In this paper, to solve the problem, we propose a novel visual approach for intuitive threats monitoring b detecting suspicious IP address, which is an ultimate challenge in cyber security monitoring. The approach particularly makes it possible to detect, trace and analysis of suspicious IPs statistically in real-time manner. As a result, the system implemented by the proposed method is suitably applied and utilized to the real-would environment. Moreover, the usability of the approach is verified by successful detecting and analyzing various attack IPs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.725-734
• /
• 2016

SCADA(Supervisory Control and Data Acquisition) system is widely used for remote monitoring and control throughout the domestic industry. Due to a recent breach of security on SCADA systems, such as Stuxnet, the need of correctly established secure certification of a control system is growing. Currently, EDSA-CRT (Embedded Device Security Assurance-Communication Robustness Test), which tests the ability to provide core services properly in a normal/abnormal network protocol, is only focused on the testing of IP-based protocols such as IP, ARP, TCP, etc. Thus, in this paper, we propose test requirements for DNP3 protocol based on EDSA-CRT. Our analysis show that the specific test cases provide plentiful evidences that DNP3 should follow based on its functional requirements. As a result, we propose 33 specific test case for DNP3 protocol.