• Journal of National Security and Military Science
• /
• s.2
• /
• pp.285-314
• /
• 2004

The forms of current war are diversified over the pan-national industry. Among these, one kind of threats which has permeated the cyber space based on the advanced information technology causes a new type of war. C4ISR, the military IT revolution, as a integrated technology innovation of Command, Control, Communications, Computer, Intelligence, Surveillance and Reconnaissance suggests that the aspect of the future war hereafter is changing much. In this paper, we design the virtual decoy system and intrusion trace marking mechanism which can capture various attempts and evidence of intrusion by hackers in cyber space, trace the penetration path and protect a system. By the suggested technique, we can identify and traceback the traces of intrusion in cyber space, or take a legal action with the seized evidence.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.5
• /
• pp.223-230
• /
• 2013

With the rapid development of IT technologies, many people talk to each other in real time on-line using messenger or use the messenger to share files for work. However, using this convenience, phishing crimes occur: e.g. demanding money, and if a criminal uses a bypassing technique like proxy in order to hide the IP address the criminal has used to log on, it is in fact, difficult to find the criminal's real IP address. This paper will propose a plan to measure against messenger phishing that may occur in advance by collecting the IP address with which a user has used in a dual channel mode and the real IP address obtained by ARIT Agent using ARIT technique, going through a separate identification process and deciding whether the user has accessed in a normal method.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.21 no.8
• /
• pp.2077-2089
• /
• 1996

In this paper, a memory organization and its control method are proposed for the implementation of parallel Virterbi decoders. The design is mainly focused on lowering the hardware complexity of a parallel Viterbi decoder which is to reduce the decoding speed. The memories requeired in a Viterbi decoder are the SMM(State Metric Memory) and the TBM(Traceback Memory);the SMM for storing the path metrics of states and the TBM for storing the survial path information. A general parallel Viterbi decoder for high datarate usually consists of multiple ACS (Add-Compare-Select) units and their corresponding memeory modules.for parallel ACS units, SMMs and TBMs are partitioned into smaller independent pairs of memory modules which are separately interleaved to provide the maximum processing speed. In this design SMMs are controlled with addrss generators which can simultaneously compute addresses of the new path metrics. A bit shuffle technique is employed to provide a parallel access to the TBMs to store the survivor path informations from multiple ACS modules.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10a
• /
• pp.460-462
• /
• 2004

IP 역추적 기술이란 침입을 시도하는 공격자의 위치를 실시간으로 추적하는 기술을 말한다. 이러한 역추적 기술은 현재까지의 어떠한 보안강화 방법이나 도구들 보다 능동적인 성격을 갖고 있으며. 오늘날에도 않은 연구가 활발히 진행되고 있는 분야이다. 하지만 지금의 역추적 기술들을 인터넷이리는 환경에 바로 적용하기에 많은 문제점들을 가지고 있다. 역추적 기술이 완벽히 수행되지 못하는 이유는 현재 인터넷 환경이 가지고 있는 수많은 가변적 요인들 때문이다 그러므로 역추적 방법을 실현하기 위해서는 지금현재 사용중인 인터넷 환경에서 곧바로 적용할 수 있는 방법들에 대한 연구가 필요하다 본 논문에서는 최근 2-3 년 사이에 발표되었던 역추적 기술에 대한 소개와, 해당하는 기술들의 문제점을 지적함으로서 앞으로의 역추적 기술에 대한 실질적인 정보를 제공하고자 한다. 또한 역추적 기술의 적용에 각종 큰 문제점으로 작용하는 인터넷 환경의 문제점들을 파악하고자 한다

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.10B
• /
• pp.1732-1743
• /
• 2000

In this paper a fixed-delay trellis search with decision feedback (FDTrS/DF) for high-density DVD systems (4.7-15GB) is proposed and implemented with FPGA. The proposed FDTrS/DF is derived by transforming the binary tree search structure into trellis search structure implying that FDTrS/DF performs better than the singnal detection techniques based on tree search structure such as FDTS/DF and SSD/DF. Advantages of FDTrS/DF are significant reductions in hardware complexity due to the unique structure of FDTrS composed of only one trellis stage requiring no traceback procedure usually implemented in the Viterbi detector. Also in this paper the PDFS/DF and SSD/DF orginally proposed for high-density magnetic recording systems are modified for the DVD system and compared with the proposed FDTrS/DF. In order to increase speed in the FPGA implementation the pipelining technique and absolute branch metric (instead of square branch metric) are applied. The proposed FDTrS/DF is shown to provide the best performance among various signal detection techniques such as PRML, DFE, FDTS/DF and SSD/DF even with a small hardware complexity.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.281-284
• /
• 2010

The characteristics of International Hacking is that because even if with tracing techniques, nobody can find Real IP address of the attacker so it is true that Great difficulty in the investigation. so that an attacker goes through the Proxy Server Many times and they use techniques of IP Spoofing to hide their IP address. In this paper, study How attackers use IP Spoofing Technique and the application of Proxy Server. In addition, to Propose IP Spoofing attacks through the Proxy Server attack and defend methods also IP traceback methods so this study materials will contribute to the development of International Hacking and Security Protection Technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.19-26
• /
• 2003

Recently, the number of internet service companies is increasing and so is the number of malicious attackers. Damage such as distrust about credit and instability of the service by these attacks may influence us fatally as it makes companies image failing down. One of the frequent and fatal attacks is DoS(Denial-of-Service). Because the attacker performs IP spoofing for hiding his location in DoS attack it is hard to get an exact location of the attacker from source IP address only. and even if the system recovers from the attack successfully, if attack origin has not been identified, we have to consider the possibility that there may be another attack again in near future by the same attacker. This study suggests to find the attack origin through MAC address marking of the attack origin. It is based on an IP trace algorithm, called Marking Algorithm. It modifies the Martins Algorithm so that we can convey the MAC address of the intervening routers, and as a result it can trace the exact IP address of the original attacker. To improve the detection time, our algorithm also contains a technique to improve the packet arrival rate. By adjusting marking probability according to the distance from the packet origin we were able to decrease the number of needed packets to traceback the IP address.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.79-86
• /
• 2004

In general, operating system is offering the security function of OS level to support several web services. However, it is true that security side of OS level is weak from many parts. Specially, it is needed to audit/trace function in security kernel level to satisfy security more than B2 level that define in TCSEC(Trusted Computer System Evaluation Criteria). So we need to create audit data at system call invocation for this, and do to create audit data of equal format about almost event and supply information to do traceback late. This Paper Proposes audit/trace system module that use LKM(Loadable Kernel Module) technique. It is applicable without alteration about existing linux kernel to ensure safe evidence. It offers interface that can utilize external audit data such as intrusion detection system, and also offers safe role based system that is divided system administrator and security administrator These data will going to utilize to computer forensics' data that legal confrontation is Possible.