• 제어로봇시스템학회:학술대회논문집
• /
• 2001.10a
• /
• pp.115.1-115
• /
• 2001

According as many people use a computer newly, damage of computer virus and hacking is rapidly increasing by the crucial users. A computer virus is one of program on computer and has abilities of self reproduction and destruction like a virus of biology. And hacking is to rob a person´s data in a intruded computer and to delete data in a person´s computer from the outside. To block hacking that is intrusion of a person´s computer and the computer virus that destroys data, a study for intrusion-detection of system and virus detection using a biological immune system is in progress. In this paper, we make a mood of positive selection and negative selection of self-recognition process that is ability of ...

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.11 no.9
• /
• pp.801-806
• /
• 2001

According as many people use a computer newly, damage of computer virus and hacking is rapidly increasing by the crucial users A computer virus is one of program in computer and has abilities of self reproduction ad destruction like a virus of biology. And hacking is to rob a person's data in a intruded computer and to delete data in a person s computer from the outside. To block hacking that is intrusion of a person s computer and the computer virus that destroys data, a study for intrusion-detection of system and virus detection using a biological immune system is in progress. In this paper, we make a model of positive selection and negative selection of self-recognition process that is ability of T-cytotoxic cell that plays an important part in biological immune system. So we embody a self-nonself distinction algorithm in computer, which is an important part when we detect an infected data by computer virus and a modified data by intrusion from the outside. The composed self-recognition process distinguishes self-file from the changed files. To prove the efficacy of self-recognition algorithm, we use simulation by a cell change and a string change of self file.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2001.12a
• /
• pp.185-188
• /
• 2001

According as many people use a computer newly, damage of computer virus and hacking is rapidly increasing by the crucial users. To block hacking that is intrusion of a person's computer and the computer virus that destroys data, a study for intrusion-detection of system and virus detection using a biological immune system is in progress. In this paper, we make a model of positive selection and negative selection of self-recognition process that is ability of T-cytotoxic cell that plays an important part in biological immune system. So we embody a self-nonself distinction algorithm in computer. To prove the efficacy of self-recognition algorithm, we use simulations by a cell change and a string change of self file.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.3
• /
• pp.1722-1741
• /
• 2017

Intrusion detection techniques based on virtual machine introspection (VMI) provide high temper-resistance in comparison with traditional in-host anti-virus tools. However, the presence of semantic gap also leads to the performance and compatibility problems. In order to map raw bits of hardware to meaningful information of virtual machine, detailed knowledge of different guest OS is required. In this work, we present VDSM, a lightweight and general approach based on driver separation mechanism: divide semantic view reconstruction into online driver of view generation and offline driver of semantics extraction. We have developed a prototype of VDSM and used it to do intrusion detection on 13 operation systems. The evaluation results show VDSM is effective and practical with a small performance overhead.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.12 no.1
• /
• pp.52-60
• /
• 2002

According as many people use a computer newly, damage of computer virus and hacking is rapidly increasing by the crucial users. A computer virus is one of program in computer and has abilities of self reproduction and destruction like a virus of biology. And hacking is to rob a person's data in a intruded computer and to delete data in a Person s computer from the outside. To block hacking that is intrusion of a person's computer and the computer virus that destroys data, a study for intrusion detection of system and virus detection using a biological immune system is in progress. In this paper, we make a model of positive and negative selection for self recognition which have a similar function like T-cytotoxic cell that plays an important role in biological immune system. We embody a self-nonself distinction algorithm in computer, which is an important part when we detect an infected data by computer virus and a modified data by intrusion from the outside. And we showed the validity and effectiveness of the proposed self recognition algorithm by computer simulation about various infected data obtained from the cell change and string change in the self file.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2174-2177
• /
• 2003

Internet is exposed to network attacks as Internet has a security weakness. Network attacks which are virus, system intrusion, and deny of service, put Internet in the risk of hacking, so the damage of public organization and banking facilities are more increased. So, it is necessary that the security technologies about intrusion detection and controlling attacks minimize the damage of hacking. Router is the network device of managing traffic between Internets or Intranets. The damage of router attack causes the problem of the entire network. The security technology about router is necessary to defend Internet against network attacks. Router has the need of access control and security skills that prevent from illegal attacks. We developed integrated security management framework for secure networking and kernel-level security engine that filters the network packets, detects the network intrusion, and reports the network intrusion. The security engine on the router protects router or gateway from the network attacks and provides secure networking environments. It manages the network with security policy and handles the network attacks dynamically.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.11
• /
• pp.1383-1394
• /
• 2001

Through the extension of damages caused by hacking and computer virus, although security control has been emphasized, hackers' capability exceeded the security controllability. The basic security setup of server system will be free from the damages by primary and intermediate level which are the major group. It should be noted that security condition of most middle-sized and personal systems is widely open for hacker's intrusion. There is no perfect information system either software-wise or hardware-wise. It has to be recognized that our systems will be attacked easily by the hackers and computer virus. Computer users are demanded to be prepared for these types of surprise attacks. In this paper, I will propose a formation of Bastion server. This will protect risks from inside & outside intrusion which have been known till today.

• Journal of Korea Water Resources Association
• /
• v.57 no.4
• /
• pp.277-287
• /
• 2024

Water distribution system (WDS) is exposed to various water quality incidents during its operation. This study utilized Quantitative Microbial Risk Assessment (QMRA) to analyze the risk associated with potential virus intrusion in WDSs. Additionally, the study determined the location and operation of rechlorination facilities to minimize potential risk. In addition, water quality resilience was calculated to confirm that the chlorine concentration maintains within the target range (0.1-1.0 mg/L) during normal operation. Hydraulic analysis was performed using EPANET, while EPANET-MSX was linked to simulate the reactions between viruses and chlorine. The proposed methodology was applied to the Bellingham network in the United States, where rechlorination facilities capable of injecting chlorine concentrations ranging from 0.5 mg/L to 1.0 mg/L were considered. Results indicated that without rechlorination facilities, the Average risk was 0.0154. However, installing rechlorination facilities and injecting chlorine at a concentration of 1.0 mg/L could reduce the Average risk to 39.1%. It was observed that excessive chlorine injection through rechlorination facilities reduced water quality resilience. Consequently, a rechlorination facility with a concentration of 0.5 mg/L was selected, resulting in a reduction of approximately 20% in average risk. This study provides insights for designing rechlorination facilities to enhance preparedness against potential virus ingress in the future.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2113-2116
• /
• 2003

이 논문에서는 리눅스 기반VDPM(Virus Detection Protection Management)시스템을 제안하고 개발한 응용SW로 감지, 차단 및 관리 방법을 제시한다. 제안된 LVPM시스템은 첫째특정탐색 및 전체탐색 알고리듬에 의하여 개발된 VDPM시스템은 신종 바이러스까지 탐지하는 모든 종류의 바이러스 탐지(VDPM_hawkeye) 모듈, Virus첵크하는 감시 및 Virus첵크후 친정, 제거하는 방지(VDPM_medic)모듈, DB를 update하는 기능을 가지는 관리(VDPM_manager)모듈과 원격 DB관리 및 Virus결과 보고 기능 (VDPM_reporter) 모듈로 되어 있으며 지능적인 Virus방지 시스템, 둘째 네트워크 패킷을 분석하여 네트워크를 통한 침 바이러스 탐지 및 대응 시스템과 셋째 네트워크 패킷을 분석하여 네트워치를 통한 네트워크형 악성 소프트웨어 대응 시스템을 포함한 바이러스 보호 통합 시스템을 구현하였다. 더불어 호스트와 네트웍기반의 통합적인 IDS가 방화벽(Firewall)시스템과 연동하여 IDS 단독 차단이 불가능한 공격을 차단하는 소프트웨어 시스템을 개발하는 것이며 관리자가 사용하기 쉬운 GUI환경으로 구현하였고 대규모 분산 네트워크 환경에서 효율적인 리눅스기반 침입탐지방지관리 솔루션을 제시한다.