• Journal of Internet Computing and Services
• /
• v.6 no.1
• /
• pp.13-25
• /
• 2005

Distributed Denial-of-Service(DDoS) attack prevent users from accessing services on the target network by spoofing its origin source address with a large volume of traffic. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Existing IP Traceback methods can be categorized as proactive or reactive tracing. Existing PPM based tracing scheme(such as router node appending, sampling and edge sampling) insert traceback information in IP packet header for IP Traceback. But, these schemes did not provide enhanced performance in DDoS attack. In this paper, we propose a 'TTL based advanced Packet Marking' mechanism for IP Traceback. Proposed mechanism can detect and control DDoS traffic on router and can generate marked packet for reconstructing origin DDoS attack source, by which we can diminish network overload and enhance traceback performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.7
• /
• pp.1617-1625
• /
• 2010

Recently, the standardization of SVC technology which can provide adaptive video quality in diverse service environments has been completed. This paper proposes a layered encryption technique which takes into account the prioritized layer characteristics of SVC and control constant encryption complexity satisfying the target computational complexity. In particular, it analyzes the importance of NAL unit in the SVC video layer and suggests a method to apply appropriate encryption complexity proper for it. The effectiveness of the proposed method is proved through the comparison of time required for encryption and the reconstructed video quality using imperfect decryption key.

• The KIPS Transactions:PartC
• /
• v.14C no.4
• /
• pp.313-320
• /
• 2007

In this paper, we propose a method to analyze security vulnerabilities of MS word-processor by checking the validation of its input files. That is, this study is to detect some vulnerabilities in the input file of the word processor by analyzing the header information of its input file. This validation test can not be conducted by the existing software fault injection tools including Holodeck and CANVAS. The proposed method can be also applied to identify the input file vulnerabilities of Hangul and Microsoft Excel which handle a data file with a header as an input. Moreover, our method can provide a means for assessing the fault tolerance and trustworthiness of the target software.

• The Journal of the Korea Contents Association
• /
• v.13 no.12
• /
• pp.455-462
• /
• 2013

As the protection of personal information has been appeared as a main issue in educational institutions, the Ministry of Education, Science and Technology (currently the Ministry of Education) opened InfoSec Training Center to train personnels of educational institutions in 2012. To achieve the purpose of the establishment of the centers, each center needs to identify training target, make training roadmap and design specialized training curriculum. The paper aims to develop criteria to evaluate training and operating levels of InfoSec Training Centers using AHP.

• Journal of Korea Multimedia Society
• /
• v.13 no.2
• /
• pp.161-170
• /
• 2010

ELF, an abbreviation for Executable and Linkable Format, is the basic file format for shared libraries and executable files used in the Linux system, whereas 'Linker' copies the symbol information of static shared libraries into the symbol table in the target file generated by way of static linking. At this time, the symbol table keeps various pieces of debugging-related information including function names provided by the shared libraries, and it can be deleted to avoid debugging for security reasons by utilizing the fact that it does not directly affect the program execution. This paper proposes a method for restoring the symbol information of static shared libraries from the ELF object file in which the symbol table is deleted, and confirms that the symbol information is restored by conducting practical experiments.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.12
• /
• pp.2649-2656
• /
• 2012

Today, many enterprises have invested heavily for the part of information security in order to protect the internal critical information assets and the business agility. However, there is a big problem that big budget and too many manpower are needed to set the internal corporate network up to the same high level of defense for all of part. On the distributed enterprise networks in this paper, a defense model for effective and rapid response on the IP spoofing attack was designed to protect the enterprise network through the exchange of information between the trust hosts when an attacker attacked any target system using other trusted host.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.233-239
• /
• 2004

In this paper, we describe a defense mechanism to cope with stepping stones attacks in high-speed networks. (Stepping stones Attacker launches attacks not from their own computer but from intermediary hosts that they previously compromised.) We aim at tracing origin hacker system, which attack target system via stepping stones. There are two kind of traceback technology ; IP packet traceback, or connection traceback. We are concerned with connection traceback in this paper. We propose a new host-based traceback. The purpose of this paper is that distinguish between origin hacker system and stepping stones by using process structure of OS(Operating System).

• The Korean Journal of Air & Space Law and Policy
• /
• v.22 no.1
• /
• pp.55-74
• /
• 2007

When the People's Republic of China destroyed one of its own defunct meteorological satellites, the Fengyun-1C, at an altitude of some 865 km above the earth's surface, the PRC was accused of initiating, or at the very least risking an(other) arms race in outer space also. The test also gave rise to a few legal questions as to the permissibility of this test, and the broader permissibility of using space for military and other weapon-touting activities, Whilst the test cannot be considered to constitute a direct threat to international peace and security so as to invoke relevant legal principles and consequences in terms of the UN Charter for example, it highlights the importance of such clauses in international space law as requiring international cooperation and consultation, due regard for the interests of all other countries both on earth and in outer space, and the further development of general regimes of registration and space debris-prevention. From that perspective, the PRC violated international outer space law not so much by the test itself but by the accompanying lack of information, consultation and due regard for other states', and indeed mankind's, interests.

• Journal of information and communication convergence engineering
• /
• v.15 no.2
• /
• pp.91-96
• /
• 2017

PIN-entry interfaces have high risks to leak secret values if the malicious attackers perform shoulder-surfing attacks with advanced monitoring and observation devices. To make the PIN-entry secure, many studies have considered invisible radio channels as a secure medium to deliver private information. However, the methods are also vulnerable if the malicious adversaries find a hint of secret values from user's $na{\ddot{i}}ve$ gestures. In this paper, we revisit the state-of-art radio channel based bimodal PIN-entry method and analyze the information leakage from the previous method by exploiting the sight tracking attacks. The proposed sight tracking attack technique significantly reduces the original password complexities by 93.8% after post-processing. To keep the security level strong, we introduce the advanced bimodal PIN-entry technique. The new technique delivers the secret indicator information through a secure radio channel and the smartphone screen only displays the multiple indicator options without corresponding numbers. Afterwards, the users select the target value by following the circular layout. The method completely hides the password and is secure against the advanced shoulder-surfing attacks.

• Journal of the Korean housing association
• /
• v.20 no.5
• /
• pp.41-50
• /
• 2009

This case study is an effort to provide new knowledge on the U.S. elderly public housing focusing on the residents' perceptions of the environmental conditions. For this study, we conducted a survey using written questionnaires and interviews with 20 residents who rent in Columbia, MO. The recorded interview data was used for final analysis; primary findings are as follows: The residents reported relatively high satisfaction on their overall environmental conditions in the two target public housing, built in 1950s. As the most significant problem, residents perceive the lack of storage space for individual units, Partially attributed to space limitations. In addition, bathroom needs varied dramatically among residents based on their health and whether wheelchairs are used. Therefore, it was found that instead of standardized bathrooms, a customizable configuration for the resident's unique physical condition and accessibility must be considered. The residents also addressed their concerns about security for entrance and foyer areas. Due to the small living areas, they wanted to have available outdoor public space for various social activities. Furthermore, they reported the need for small social gathering areas while friends and family members are visiting them, in addition to their small living units, which average 49.8 sq. ft. each.