• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.4
• /
• pp.425-434
• /
• 2010

This study shows a limit to attacks that the prevention system, which is used as the mutual third aggressive packet path between open heterogeneous networks and applies prevention techniques according to the trace like IP tracking and attack methods, can prevent. Therefore, the study aims to learn information of constant attack routing protocol and of the path in network, the target of attack and build a database by encapsulating networks information routing protocol operates in order to prevent source attack paths. In addition, the study is conducted to divide network routing protocols developed from the process of dividing the various attack characters and prevent various attacks. This study is meaningful in that it analyzes attack path network and attacks of each routing protocol and secure exact mechanism for prevention by means of 3D-Puzzle, Path, and Cube of the integrated security system which is an implementation method of integrated information protection for access network defense.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.11-18
• /
• 2017

Now the ways in which information is exchanged by computers are changing, a variety of this information exchange method also requires corresponding change of responding to an illegal attack. Among these illegal attacks, the IP spoofing attack refers to the attack whose process are accompanied by DDoS attack and resource exhaustion attack. The way to detect an IP spoofing attack is by using traceback information. The basic traceback information analysis method is implemented by comparing and analyzing the normal router information from client with routing information existing in routing path on the server. There fore, Such an attack detection method use all routing IP information on the path in a sequential comparison. It's difficulty to responding with rapidly changing attacks in time. In this paper, all IP addresses on the path to compute in a coordinate manner. Based on this, it was possible to analyze the traceback information to improve the number of traceback required for attack detection.

• The Journal of the Korea Contents Association
• /
• v.8 no.7
• /
• pp.43-52
• /
• 2008

The AODV routing algorithm in a mobile ad-hoc networks broadcasts RREQ packet to find a route from a source to a destination. An attacker node may intercept a RREQ packet and attack by falsifying a field in that packet. In this paper, we propose a simply modified method which can protect a routing table from an attack to falsify the hop count field in the RREQ packet. When establishing a connection between a source and a destination, we update routing table of each node on the connection based on minimum delay instead of minimum hop count. By doing this, we can protect routing table from an attack to falsify a hop count Our simulation is implemented in Network Simulator(NS-2). We analyze how an attacker affects the mobile ad-hoc networks. The result of the simulation shows that the proposed mechanism transfers a data securely.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.19-24
• /
• 2019

It is impossible to apply the routing protocol in the wired environment because MANET consists of only mobile nodes. Therefore, routing protocols considered these characteristics are required. In particular, if malicious nodes are not excluded in the routing phase, network performance will be greatly reduced. In this paper, we propose intrusion detection technique based on region to improve routing performance. In the proposed technique, the whole network is divided into certain areas, and then attack detection within the area using area management node is performed. It is a proposed method that can detect attack nodes in the path through cooperation with each other by using completion message received from member nodes. It also applied a method that all nodes participating in the network can share the attack node information by storing the detected attack node and sharing. The performance evaluation of the proposed technique was compared with the existing security routing techniques through the experiments and the superior performance of the proposed technique was confirmed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.783-786
• /
• 2015

Hole attack, which is disturbed transmission function through change of routing information, can cause critical results for MANET as non-infrastructure network. Backhole attack, as a typical hole attack, is one malicious attack which is disabled network transmission function by assumption of transmission data through modification of routing information. It is very important to evaluate transmission performance caused by blackhole attack, because transmission performance of MANET is affective with blackhole attack. In this paper, transmission performance is analyzed with MANET under multiple blackhole attacks caused multiple blackhole nodes. Computer simulation based on NS-2 is used as analysis tool and voice traffic is considered ad application service on MANET.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.10
• /
• pp.67-78
• /
• 2003

As optical network technology advances and high bandwidth Internet is demanded for the exponential growth of internet traffic volumes, the Dense-Wavelength Division Multiplexing (DWDM) networks have been widely accepted as a promising approach to the Next Generation Optical Internet (NGOI) backbone networks for nation wide or global coverage. Important issues in the NGOI based on DWDM networks are the Routing and Wavelength Assignment(RWA) problem and survivability. Especially, fault/attack detection, localization and recovery schemes in All Optical Transport Network(AOTN) is one of the most important issues because a short service disruption in DWDM networks carrying extremely high data rates causes loss of vast traffic volumes. In this paper, we suggest a fault/attack management model for NGOI through analyzing fault/attack vulnerability of various optical backbone network devices and propose fault/attack recovery procedure considering Extended-LMP(Link Management Protocol) and RSVP-TE+(Resource Reservation Protocol-Traffic Engineering) as control protocols in IP/GMPLS over DWDM.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.41-46
• /
• 2013

Routing protocol using in the existing wire network cannot be used as it is for efficient data transmission in MANET. Because it consists of only mobile nodes, network topology is changing dynamically. Therefore, each mobile node must perform router functions. Variety of routing attack like DoS in MANET is present owing to these characteristic. In this paper, we proposed cooperative-based detection method to improve detection performance of flooding attack which paralyzes network by consuming resource. Accurate attack detection is done as per calculated adaptively threshold value considered the amount of all network traffic and the number of nodes. All the mobile nodes used a table called NHT to perform collaborative detection and apply cluster structure to the center surveillance of traffic.

• Journal of Information Processing Systems
• /
• v.15 no.1
• /
• pp.203-216
• /
• 2019

The nature of wireless transmission has made wireless sensor networks defenseless against various attacks. This paper presents warning message counter method (WMC) to detect blackhole attack, grayhole attack and sinkhole attack in wireless sensor networks. The objective of these attackers are, to draw the nearby network traffic by false routing information and disrupt the network operation through dropping all the received packets (blackhole attack), selectively dropping the received packets (grayhole and sinkhole attack) and modifying the content of the packet (sinkhole attack). We have also attempted light weighted symmetric key cryptography to find data modification by the sinkhole node. Simulation results shows that, WMC detects sinkhole attack, blackhole attack and grayhole attack with less false positive 8% and less false negative 6%.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.115-120
• /
• 2013

There are lots of vulnerability and chance to be attacked in wireless sensor networks, which has many applications. Among those attacks, sybil attack is to generate a lot of false node and to inject false information into networks. When a user uses such false information without recognizing the attack, there might be a disaster. Although authentication method can be used to protect such attack, the method is not a good choice in wireless sensor networks, where sensor nodes have a limited battery and low power. In this paper, we propose a novel method to detect sybil attack with a little extra overhead. The proposed method use the characteristics that there is a weak connection between a group of normal nodes and a group of false nodes. In addition, the method uses energy aware routing based on random routing and adds a little information into the routing. Experimental results show that the proposed method detects false node by more than 90% probability with a little energy overhead.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.11a
• /
• pp.101-106
• /
• 2010

As a part of preparing the sniffing attack, this routing method presented in this thesis decreases the risk rates of the leaking of information through separating valid data and transmitting by a multi-path. then data is transmitted from start node to destination node on distributed sensor network. The level of reduction in leaking of information by the sniffing attack is proved by experimental result thich compare the case described above with the case of transmitting whole data with the single path by simulation, and the algorithm for choosing the routing path is showed by proof of the theorem.