• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.1
• /
• pp.81-87
• /
• 2020

Recently, the network configuration is being rapidly changed to enable easy and free network service configuration based on SDN/NFV. Despite the many advantages and applications of SDN, many security issues such as Distributed Denial of Service (DDoS) attacks are being constantly raised as research issues. In particular, the effectiveness of DDoS attacks is much faster, SDN is causing more and more fatal damage. In this paper, we propose an entropy-based technique to detect and mitigate DDoS attacks in SDN, and prove it through experiments. The proposed scheme is designed to mitigate these attacks by detecting DDoS attacks on single and multiple victim systems and using time - specific techniques. We confirmed the effectiveness of the proposed scheme to reduce packet loss rate by 20(19.86)% while generating 3.21% network congestion.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.285-288
• /
• 2010

Chinese hackers hack the e-commerce site by bypass South Korea IP to connect to the third country, finance damaging a violation incident that fake account. 7.7.DDoS attack was the case of a hacker attack that paralyzed the country's main site. In this paper, the analysis is about vulnerabilities that breaches by hackers and DDoS attacks. Hacker's attacks and attacks on the sign of correlation analysis is share the risk rating for in real time, Red, Orange, Yellow, Green. Create a blacklist of hackers and real-time attack will be studied security and air conditioning systems that attacks and defend. By studying generate forensic data and confirmed in court as evidence of accountability through IP traceback and detection about packet after Incident, contribute to the national incident response and development of forensic techniques.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.3
• /
• pp.1409-1415
• /
• 2013

With the development of Internet communication and the use of a variety of online services has been greatly expanded. Therefore, the importance of authentication techniques for users of online services has increased. The most commonly used methods for user authentication is a technique that utilizes a prearranged password. However, the existing password scheme for authentication must use the same password every time. Therefore, the password being leaked by attackers, it can be used maliciously. In this paper, we proposed the Variable Password Generation Method in Internet Authentication System that generates a new password using information such as the access date, time, and IP address when user logs in. The method proposed in this paper prevents disclosure of personal information due to password exposure and improves the reliability and competitiveness in the field of security systems.

• The KIPS Transactions:PartC
• /
• v.15C no.1
• /
• pp.9-18
• /
• 2008

Prevention of attacks being made through program modification in sensor nodes is one of the important security issues. The software-based attestation technology that verifies the running code by checking whether it is modified or not in sensor nodes is being used to solve the attack problem. However, the current software-based attestation techniques are not appropriate in sensor networks because not only they are targeting static networks that member nodes does not move, but also they lacks consideration on the environment that the trusted verifier may not exist. This paper proposes a mutual attestation protocol that is suitable for sensor networks by using SWATT(Software-based ATTestation) technique. In the proposed protocol, sensor nodes periodically notify its membership to neighbor nodes and carry out mutual attestation procedure with neighbor nodes by using SWATT technique. With the proposed protocol, verification device detects the sensor nodes compromised by malicious attacks in the sensor network environments without trusted verifier and the sensor networks can be composed of only the verified nodes.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.5
• /
• pp.933-939
• /
• 2007

There is a tremendous increase in the growth of Internet making people's life easy. The rapid growth in technology has caused misuse of the Internet like cyber Crime. There are several vulnerabilities in current firewall and Intrusion Detection Systems (IDS) of the Network Computing resources. Automatic real time station chase techniques can track the internet invader and reduce the probability of hacking Due to the recent trends the station chase technique has become inevitable. In this paper, we design and implement Active Security system using ICMP Traceback message. In this design no need to modify the router structure and we can deploy this technique in larger network. Our Implementation shows that ICMP Traceback system is safe to deploy and protect data in Internet from hackers and others.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.5
• /
• pp.951-958
• /
• 2021

With the growing cyber threat to information assets, it has become important to share threat information quickly. This paper examines the sharing of cyber threat information and presents a method to determine the importance of threat indicators in the information sharing market by calculating weights. The analysis was conducted using AHP techniques, with a pairwise comparison of the four factors(attacker & infected system indicators, role indicators, malicious file indicators, technique & spread indicators) and the details of each factor. Analysis shows that malicious file indicators are the most important among the higher evaluation factors and infected system IP, C&C and Smishing are the most important factors in comparison between detailed items. These findings could be used to measure the preference of consumers and the contribution of information provider for facilitating information sharing.

• Journal of Korean Society of Disaster and Security
• /
• v.14 no.2
• /
• pp.35-42
• /
• 2021

In order to produce electric vehicle demand forecasting information, which is an important element of the plan to expand charging facilities for electric vehicles, a model for predicting electric vehicle demand was proposed using Exponential Smoothing. In order to establish input data for the model, the monthly power demand of cities and counties was applied as independent variables, monthly electric vehicle charging stations, monthly electric vehicle charging stations, and monthly electric vehicle registration data. To verify the accuracy of the electric vehicle power demand prediction model, we compare the results of the statistical methods Exponential Smoothing (ETS) and ARIMA models with error rates of 12% and 21%, confirming that the ETS presented in this paper is 9% more accurate as electric vehicle power demand prediction models. It is expected that it will be used in terms of operation and management from planning to install charging stations for electric vehicles using this model in the future.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.353-359
• /
• 2021

Information technology and the need for timely and effective communication during the Covid-19 have made most governments adopt technological approaches to provide their services. E-government services have been adopted by most governments especially in developed countries to quickly and effectively share information. This study discusses the reasons why governments in the Gulf region should develop a new model for information technology knowledge management practices. To achieve this, the author identified possible benefits of adopting information technology knowledge management practices and why most governments in the Gulf find it hard to adopt them. Knowledge management allows for learning, transfer as well as sharing of information between government organizations and citizens and with the development of technology, the effectiveness of electronic services can easily be achieved. Also, effective adoption of information technology can improve knowledge management with the help of techniques that enhance capture, storage, retrieval as well as sharing of information. The author used systematic literature review to select 28 journals and articles published post 2019. IEEE, Google Scholar and Science Direct were used to select potential studies from which 722 journals and articles were selected. Through screening and eligibility assessment, 21 articles were retained while the back and forward search had 7 more articles which were also included in the study. Using information gathered from these articles and journals a new conceptual model was developed to help improve information technology knowledge management for governments in the Gulf region to effectively deliver e-services during Covid-19. This model was developed based on the process of KM, Theory of Planned Behavior and Unified Theory of Acceptance and Use of Technology. Based on the developed model. From UTAUT model, performance expectancy, effort expectancy as well as social influence had a great impact.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.605-616
• /
• 2021

While malwares must be accurately identifiable from arbitrary programs, existing studies using classification techniques have limitations that they can only be applied to limited samples. In this work, we propose a method to utilize API call frequency to detect and classify malware families from arbitrary programs. Our proposed method defines a rule that checks whether the call frequency of a particular API exceeds the threshold, and identifies a specific family by utilizing the rate information on the corresponding rules. In this paper, decision tree algorithm is applied to define the optimal threshold that can accurately identify a particular family from the training set. The performance measurements using 4,443 samples showed 85.1% precision and 91.3% recall rate for family detection, 97.7% precision and 98.1% reproduction rate for classification, which confirms that our method works to distinguish malware families effectively.

• Journal of Digital Convergence
• /
• v.17 no.3
• /
• pp.215-220
• /
• 2019

The block chain technology is a technique that prevents manipulation of data and ensures integrity and reliability. Ethereum is building a smart contract environment as a type of encryptionenabled system based on block chains. Smart contracts can be implemented when conditions are met, thus increasing confidence in digital data. However, smart contracts that are being tried in various ways are not covered by information security and personal information protection. The structure in which the network participant can view the open transaction ledger is exposed to data or personal information listed in the block chain. In this study, it is possible to manage the data of personal information recorded in the block chain directly. This study is protected personal information by preventing the exposure of personal information and by executing time code, it is possible to erase recorded information after a certain period of time has elapsed. Based on the proposed system in the future, it is necessary to study the additional management techniques of unknown code defects or personal information protection.