• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2151-2154
• /
• 2003

Internet is deeply rooted in everyday life and many things are performed using internet in real-world, therefore internet users increased because of convenience. Also internet accident is on the increase rapidly. The security vendor developed security system to protect network and system from intruder. Many hackings can be prevented and detected by using these security solutions. However, the new hacking methods and tools that can detour or defeat these solutions have been emerging and even script kids using these methods and tools can easily hack the systems. In consequence, system has gone through various difficulties. So, Necessity of intruder trace-back technology is increased gradually. Trace-back technology is tracing back a malicious hacker to his real location. trace-back technology is largely divided into TCP connection trace-back and IP packet trace-back to trace spoofed IP of form denial-of-service attacks. TCP connection trace-back technology that autonomously traces back the real location of hacker who attacks system using stepping stone at real time. In this paper, We will describe watermark trace-back system using TCP hijacking technique to supplement difficult problem of connection maintenance happened at watermark insertion. Through proposed result, we may search attacker's real location which attempt attack through multiple connection by real time.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.233-239
• /
• 2004

In this paper, we describe a defense mechanism to cope with stepping stones attacks in high-speed networks. (Stepping stones Attacker launches attacks not from their own computer but from intermediary hosts that they previously compromised.) We aim at tracing origin hacker system, which attack target system via stepping stones. There are two kind of traceback technology ; IP packet traceback, or connection traceback. We are concerned with connection traceback in this paper. We propose a new host-based traceback. The purpose of this paper is that distinguish between origin hacker system and stepping stones by using process structure of OS(Operating System).

• Journal of Industrial Convergence
• /
• v.16 no.4
• /
• pp.47-52
• /
• 2018

WebShell is a web script file created by a hacker to remotely commands to a web server. The hacker can bypass the security system using the web shell, access the system, control the system such as file modification, copying and deletion, install malicious code in the web source code, attack the user's PC, And so on. There are many types of WebShell attack, but we study about attacks on PHP and JSP based web server which are used as representative ones. And we propose the method of web page management, method of development, and several other methods. By using these countermeasures, it is possible to effectively prevent damage caused by WebShell attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.117-130
• /
• 2007

A honeypot is a security resource whose value lies in being attack. It collects data regarding the attack strategies and tools of hackers. However, the honeypot is normally located at a single point, and the possibility is small that a hacker will attack it. Unused ports-based decoy systems which gather data about hackers activities have been developed to complement honeypots. However, the systems have some problems to be deployed in actual environment. In this paper, we propose an agent-based system which enhances shortcomings of the unused ports-based decoy systems. It makes honeypot gather more information regarding hacker activities and protects clients from attacks. Moreover, the proposed system can increase the chance of tracking hackers activities without wasting additional IP addresses and computer hardwares.

• Information Systems Review
• /
• v.18 no.1
• /
• pp.57-78
• /
• 2016

Hacking has raised many critical issues in the modern world, particularly because the size and cost of the damages caused by this disruptive activity have steadily increased. Accordingly, many significant studies have been conducted by behavioral scientists to understand hackers and their practices. Nonetheless, only qualitative methods, such as interviews, meta-studies, and media studies, have been employed in such studies because of hacker sampling limitations. Existing studies have determined that intrinsic motivation was the dominant factor influencing hackers, and that their techniques were mainly acquired from online hacking communities. However, such results have yet to be causally proven. This study attempted to identify the causal factors influencing the motivational and environmental factors encouraging hackers to learn hacking skills. To this end, hacker community members using the theory of planned behavior were observed to identify the causal factors of their learning of hacking skills. We selected a group of students who were developing their hacking skills. The survey was conducted over a two-week period in May 2015 with a total of 227 students as respondents. After list-wise deletion, 215 of the responses were deemed usable (94.7 percent). In summary, the hackers were aware that hacking skills are considered socially unethical, and their attitudes toward the learning of hacking skills were affected by both intrinsic and extrinsic motivations. In addition, the characteristics of the online hacking community affected their perceived behavioral control. This study introduced new concepts in the process of conducting a causal relationship analysis on a hacker sample. Moreover, this research expanded the discussion on the causal direction of subjective norms in unethical research, and empirically confirmed that both intrinsic and extrinsic motivations affect the learning of hacking skills. This study also made a practical contribution by raising the educational and policy response issues for ethical hackers and demonstrating the necessity to intensify the punishment for hacking.

• Journal of Broadcast Engineering
• /
• v.28 no.1
• /
• pp.145-148
• /
• 2023

Open-loop Octonion space-time block code for 4 transmit antenna system is considered and random phases are applied to 4 transmit antennas for physical layer security. When an illegal hacker estimates the random phases of 1 through 4 transmit antennas with maximum likelihood (ML), this letter analyzes the bit error rate (BER) performances versus signal-to-noise ratio (SNR). And the Octonion code in the literature[1] does not have full orthogonality so, this letter employs the perfect orthogonal Octonion code. When the hacker knows that the random phases are 2-PSK constellations and he should estimate all the 4 random phases, the hacking is impossible until 100dB. When the hacker possibly know that some of the random phases, bit error rate goes down to 10^-3 so, the transmit message could be hacked.

• Proceedings of the Korea Air Pollution Research Association Conference
• /
• 2002.11a
• /
• pp.95-97
• /
• 2002

동북아지역의 최대 환경문제로 부각된 황사는 중국의 건조지대에서 발생되어 중위도 편서풍 기류를 따라 풍하측에 위치한 한반도와 일본, 심지어 북태평양을 가로질러 북미까지 장거리 수송되기도 하며 그 피해정도는 시·공간적으로 상당히 심각한 수준에 이르고 있다(Jaffe et al., 1999; Husar et al., 2001; Hacker et al., 2001). (중략)

• Journal of information and communication convergence engineering
• /
• v.2 no.2
• /
• pp.84-88
• /
• 2004

Firewall is not perfectly prevent hacker, Intrusion Detection System(IDS) is considered a next generation security solution for more trusted network i and system security. We propose a agent IDS model in the different platforms that can detect intrusions in the expanded distributed host environment, since that is a drawback of existing IDS. Then we implement a prototype and verify validity. We use a pattern extraction agent so that we extract audit files needed in intrusion detection automatically even in other platforms.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.97-110
• /
• 2016

Cryptanalysis is very important step for auditing and checking strength of any cryptosystem. Some of these cryptosystem ensures confidentiality and security of large information exchange from source to destination using symmetric key cryptography. The cryptanalyst investigates the strengths and identifies weakness key as well as enciphering algorithm. With increase in key size the time and effort required to guess the correct key increases so trend is increase key size from 8, 16, 24, 32, 56, 64, 128 and 256 bits to strengthen the cryptosystem and thus algorithm continues without compromise on the cost of time and computation. Automatic Variable Key (AVK) approach is an alternative to the approach of fixing up key size and adding security level with key variability adds new dimension in the development of secure cryptosystem. Likewise, whenever any new cryptographic method is invented to replace per-existing vulnerable cryptographic method, its deep analysis from all perspectives (Hacker / Cryptanalyst as well as User) is desirable and proper study and evaluation of its performance is must. This work investigates AVK based cryptic techniques, in future to exploit benefits of advances in computational methods like ANN, GA, SI etc. These techniques for cryptanalysis are changing drastically to reduce cryptographic complexity. In this paper a detailed survey and direction of development work has been conducted. The work compares these new methods with state of art approaches and presents future scope and direction from the cryptic mining perspectives.

• Journal of Internet Computing and Services
• /
• v.6 no.1
• /
• pp.27-38
• /
• 2005

Recently, the rapidly development of computing environments and the spread of Internet make possible to obtain and use of information easily. Immediately, by opposition function the Hacker's unlawful intrusion and threats rise for network environments as time goes on. Specially, the internet consists of Unix and TCP/IP had many vulnerability. the security techniques of authentication and access controls cannot adequate to solve security problem, thus IDS developed with 2nd defence line. In this paper, intrusion detection method using Bayesian Networks estimated probability values of behavior contexts based on Bayes theory. The contexts of behaviors or events represents Bayesian Networks of graphic types. We profiled concisely normal behaviors using behavior context. And this method be able to detect new intrusions or modificated intrusions. We had simulation using DARPA 2000 Intrusion Data.