• International Journal of Computer Science & Network Security
• /
• v.23 no.10
• /
• pp.107-114
• /
• 2023

The study provides the identification of vulnerabilities in the security issues by Wireless Network. To achieve it the research focus on packet flow analysis, end to end data communication, and the security challenges (Cybercrime, insider threat, attackers, hactivist, malware and Ransomware). To solve this I have used the systematic literature review mechanisms and demonstrative tool namely Wireshark network analyzer. The practical demonstration identifies the packet flow, packet length time, data flow statistics, end- to- end packet flow, reached and lost packets in the network and input/output packet statics graphs. Then, I have developed the proposed model that used to secure the Wireless network solution and prevention vulnerabilities of the network security challenges. And applying the model that used to investigate the security challenges and vulnerabilities of cloud computing services is used to fulfill the network security goals in Wireless network. Finally the research provides the model that investigate the security challenges and vulnerabilities of cloud computing services in wireless networks

• Journal of Korea Society of Industrial Information Systems
• /
• v.10 no.2
• /
• pp.67-75
• /
• 2005

In this paper, we design and implement real time IP security packet analyzer on IPv4 and IPv6 network. This packet analyzer sniffs and analyzes the packets generated by the protocols that are used by IPsec, IKE, IPv4 and IPv6 such as AH, ESP, ISAKMP, IP, ICMP and so on. The purpose of this analyzer is to check current security status of the network automatically. In this paper we provide implementation details and the examples of security evaluation by using our security packet analyzer system.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.1-6
• /
• 2003

The IPv6 was suggested as an ultimate solution of problems that IPv4 protocol maintains limitations to apply to new technology of data service and the lack of IPv4 address space. So it is expected to transfer IPv4 to IPv6 gradually. In the Ipv6 environment, it is easier to apply security policies and transmits a secure packet applied the security policies, with the content in the Header itself. By this reason, this paper describes about the implementation of DHCPv6 server to perform a connection of IPv6 network and IPv4 network, and the application of secure packet with the security policies for clients. Further, it performs the process of the massages inside the DHCPv6 server to be used in the IPv6 environment in the future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.331-337
• /
• 2014

Paradigm shift to cloud computing has increased the importance of security. Even though public cloud computing providers such as Amazon, already provides security related service like firewall and identity management services, it is not suitable to protect data in cloud environments. Because in public cloud computing environments do not allow to use client's own security solution nor equipments. In this environments, user are supposed to do something to enhance security by their hands, so the needs of visualized security management arises. To implement visualized security management, developing near realtime data handling & packet classification mechanisms are crucial. The key technical challenges in packet classification is how to classify packet in the manner of unsupervised way without human interactions. To achieve the goal, this paper presents automated packet classification mechanism based on naive-bayesian and packet Chunking techniques, which can identify signature and does machine learning by itself without human intervention.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.4 s.32
• /
• pp.173-178
• /
• 2004

A network of Asynchronous Transfer Mode (ATM) will be required to carry the traffics(CVR, VBR, UBR. ABR) generated by a wide range of services ATM services the Quality-of-Service (QoS) management of traffice sources and bandwidth. Besides efficiency and throughput, the security services are achieved in the traffic sent in ATM network. In this paper, the scheduler evaluate and the packets sent in ATM security group. The scheduler transmits the safty packet, drop the unsafty packet and evaluate mark packet as the requirement of the delay. In this paper, we propose the scheduling algorithm of mark packet which evaluates the packet. The suggested model performance of the firewall switch is estimate simulation in terms of the delay by computer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.957-962
• /
• 2013

This paper proposes the new enhanced 2-D(2-Dimension) FEC scheme. It analyzes the probability of entire packet loss rate of the existing 2-D FEC by mathematical modeling, finds the problem of the existing 2-D FEC, and deduces the new enhanced 2-D FEC scheme that reduces the entire packet loss probability.

• Journal of Communications and Networks
• /
• v.18 no.1
• /
• pp.105-111
• /
• 2016

Trust models in the literature of MANETs commonly assume that packets have different security requirements. Before a node forwards a packet, if the recipient's trust level does not meet the packet's requirement level, then the recipient must perform certain security association procedures, such as re-authentication. We present in this paper an analysis of the epidemic broadcast delay in such context. The network, mobility and trust models presented in this paper are quite generic and allow us to obtain the delay component induced only by the security associations along a path. Numerical results obtained by simulations also confirm the accuracy of the analysis. In particular, we can observe from both simulation's and analysis results that, for large and sparsely connected networks, the delay caused by security associations is very small compared to the total delay of a packet. This also means that parameters like network density and nodes' velocity, rather than any trust model parameter, have more impact on the overall delay.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.10
• /
• pp.101-110
• /
• 2009

The 6LoWPAN(IPv6 Low-power Wireless Personal Area Network) performs IPv6 header compression, TCP/UDP/IGMP header compression, packet fragmentation and re-assemble to transmit IPv6 packet over IEEE 802,15.4 MAC/PHY. However, from the point of view of security. It has the existing security threats issued by IP packet fragmenting and reassembling, and new security threats issued by 6LoWPAN packet fragmenting and reassembling would be introduced additionally. If fragmented packets are retransmitted by replay attacks frequently, sensor nodes will be confronted with the communication disruption. This paper analysis security threats introduced by 6LoWPAN fragmenting and reassembling, and proposes a re-transmission mechanism that could minimize re-transmission to be issued by replay attacks. Re-transmission procedure and fragmented packet structure based on the 6LoWPAN standard(RFC4944) are designed. We estimate also re-transmission delay of the proposed mechanism. The mechanism utilizes timestamp, nonce, and checksum to protect replay attacks. It could minimize reassemble buffer overflow, waste of computing resource, node rebooting etc., by removing packet fragmentation and reassemble unnecessary.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.85-92
• /
• 2012

Today, the typical web hacking attacks are cross-site scripting(XSS) attacks, injection vulnerabilities, malicious file execution and insecure direct object reference included. Web hacking security systems, access control solutions, access only to the web service and flow inside but do not control the packet. So you have been illegally modified to pass the packet even if the packet is considered as a unnormal packet. The defense system is to fail to appropriate controls. Therefore, in order to ensure a successful web services diagnostic system development is necessary. Web application diagnostic system is real and urgent need and alternative. The diagnostic system development process mu st be carried out step of established diagnostic systems, diagnostic scoping web system vulnerabilities, web application, analysis, security vulnerability assessment and selecting items. And diagnostic system as required by the web system environment using tools, programming languages, interfaces, parameters must be set.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.83-92
• /
• 2007

In connectionless packet network, if a sender encrypts packets by block chaining mode and send it to receiver, the receiver should decrypt packets in encrypted order that is not received order. Therefore, the performance and efficiency are lowered for crypto communication system. To solve this problem, we propose packet encryption scheme for connectionless packet network that can decrypt the packets independently, even if the received order of packets are changed or packets are missed. The scheme makes new IV(Initial Vector) using IV that created by key exchange process and salt that made by random number. We propose extended Cryptoki API that added packet encryption/decryption functions and mechanism for improving convenience and performance. We implement the scheme and get result that the performance increased about $1.5{\sim}l5.6$ times compare with in case of implementing using Cryptoki API in the test environment.