• Title/Summary/Keyword: intrustion

Search Result 9, Processing Time 0.019 seconds

A Study on Real-Time Web-Server Intrustion Detection using Web-Server Agent (웹 서버 전용 에이전트를 이용한 실시간 웹 서버 침입탐지에 관한 연구)

  • 진홍태;김동성;박종서
    • Proceedings of the Korea Information Assurance Society Conference
    • /
    • 2004.05a
    • /
    • pp.15-19
    • /
    • 2004
  • 인터넷 사용이 보편화됨에 따라 기존의 방화벽만으로는 탐지가 불가능한 웹 서버의 취약점을 이용한 공격이 나날이 증가하고 있고, 그 중에서도 특히 웹 어플리케이션의 프로그래밍 오류를 이용한 침입이 공격 수단의 대부분을 차지하고 있다. 본 논문에서는 웹 어플리케이션의 취약점을 분석한 후 취약점 발생 부분에 대해 웹 서버 전용으로 로그 분석을 해 주는 실시간 에이전트를 도입하였다. 실시간 에이전트는 공격 패턴을 비교ㆍ분석한 후 프로세스 분석기를 통한 결정(decision) 과정을 통해 침입으로 판단되면 해당 접속 프로세스(pid)를 제거한 후 공격 아이피를 차단함으로서 침입을 탐지하는 모델을 제시한다.

  • PDF

A Study on the Intrustion Tolerance System Applied To the Security System

  • Shin Seung-jung;Kim Jung-tae;Ryu Dae-hyun;Na Jong-Whoa
    • Journal of information and communication convergence engineering
    • /
    • v.3 no.1
    • /
    • pp.38-42
    • /
    • 2005
  • The cyber attacks on the computer system in nowadays are focused on works that do not operate specific application. The main key point that we protect information security system has an access control to keep an application. Most of system has a main function to protect an infrastructure such as hardware, network and operating system. In this paper, we have presented an intrusion tolerance system that can service an application in spite of cyber attacks. The proposed system is based on the middle ware integrating security mechanism and separate function of application and intrusion tolerance. The main factor we use security system in nowadays is service to keep a persistency. The proposed intrusion tolerance system is applicable to such as medical, national defense and banking system.

A Study on Tools for Worm Virus & DDoS Detection (대규모 백본망의 웜 바이러스와 분산서비스거부공격 탐지시스템 연구)

  • Lee Myung-Sun;Lee Jae-Kwang
    • The KIPS Transactions:PartC
    • /
    • v.11C no.7 s.96
    • /
    • pp.993-998
    • /
    • 2004
  • As Worm Virus & DDoS attack appeares, the targets and damage of infringement accidents are extending from specific system or services to paralysis of the network itself. These attacks are expending very frequently and strongly, and ISP who will be used as the path of these attacks will face serious damages. But compare to Worm Virus & DDoS attack that generally occures in many Systems at one time with it's fast propagation velocity, network dimensional opposition is slow and disable to deal with the whole appearance for it is operated manually by the network manager. Therefore, this treatise present devices how to detect Worm Virus & DDoS attack's outbreak and the attacker(attacker IP adderss) automatically.

Design of Intrustion Prevention System(IPS) in Linux Environment (리눅스 환경에서의 침입방지시스템(IPS) 설계)

  • 이상훈;김우년;이도훈;박응기
    • Convergence Security Journal
    • /
    • v.4 no.2
    • /
    • pp.1-7
    • /
    • 2004
  • The growth of incidents on the Internet has reflected growth of the internet itself and growth of the computing Power. while in Previous years, external attacks tended to originate from those interested trend in exploring the Internet for its own sake and testing their skills, there is an increasing trend towards intrusions motivated by financial, Political, and military objectives. so, attacks on the nation's computer infrastructures are becoming an increasingly serious problem. Even though the problem is ubiquitious, government agencies are particularly appealing targets and they tend to be more willing to reveal such events than commercial organizations. The threat of damage made necessity of security's recognition, as a result, many researches have been carried out into security of system actively. Intrusion Detection technology is detection of intrusion using audit data differently from using traditional simple filtering and informs manager of it. It has security manager of system deal with the intrusion more quickly. but, cause current environment of Internet manager can't doing response Intrusion alert immediately That's why IPS needed. IPS can response automatically the intrusion alert. so, manager is more comfortable and can response quickly.

  • PDF

Active Enterprise Security Management System for Intrusion Prevension (침입 방지를 위한 능동형 통합 보안 관리 시스템)

  • Park, Jae-Sung;Park, Jae-Pyo;Kim, Won;Jeon, Moon-Seok
    • Journal of the Korea Computer Industry Society
    • /
    • v.5 no.4
    • /
    • pp.427-434
    • /
    • 2004
  • Attacks such as hacking, a virus intimidating a system and a network are increasing recently. However, the existing system security or network management system(NMS) cannot be safe on various threats. Therefore, Firewall, IDS, VPN, LAS(Log Analysis System) establishes security system and has defended a system and a network against a threat. But mutual linkage between security systems was short and cannot prepare an effective correspondence system, and inefficiency was indicated with duplication of security. Therefore, an active security and an Enterprise Security Management came to need. An effective security network was established recently by Enterprise Security Management, Intrusion Tracking, Intrustion Induction. But an internetworking is hard for an enterprise security systems, and a correspondence method cannot be systematic, and it is responded later. Therefore, we proposes the active enterprise security management module that can manage a network safely in this paper.

  • PDF

Intrusion Situation Classification Model for Intelligent Intrusion Awareness (지능적인 침입 인지를 위한 침입 상황 분류 모델)

  • Hwang, Yoon-Cheol;Mun, Hyung-Jin
    • Journal of Convergence for Information Technology
    • /
    • v.9 no.3
    • /
    • pp.134-139
    • /
    • 2019
  • As the development of modern society progresses rapidly, the technologies of society as a whole are progressing and becoming more advanced. Especially in the field of security, more sophisticated and intelligent attacks are being created. Meanwhile, damaging situations are becoming several times larger than before Therefore, it is necessary to re-classify and enhance the existing classification system. It is required to minimize the intrusion damage by actively responding to intelligent intrusions by applying this classification scheme to currently operating intrusion detection systems. In this paper, we analyze the intrusion type caused by intelligent attack We propose a new classification scheme for intrusion situations to guarantee the service safety, reliability, and availability of the target system, We use this classification model to lay the foundations for the design and implementation of a smart intrusion cognitive system capable of early detection of intrusion, the damages caused by intrusion, and more collections active response.

Freeze-Thaw Resistance of Alkali Activated Ternary Blended Cement Incorporated with Ferronickel Slag (알칼리 활성화제를 첨가한 페로니켈슬래그 혼입 삼성분계 콘크리트의 동결융해 저항성)

  • Cho, Won-Jung;Park, Kwang-Pil;Ann, Ki-Yong
    • Journal of the Korean Recycled Construction Resources Institute
    • /
    • v.10 no.2
    • /
    • pp.159-167
    • /
    • 2022
  • The present study assessed the micro structure and durability characteristics of ternary blended cement with different types of alkali activators. Ground granulated blast furnace slag(GGBS) and ferronickel slag(FNS) was replaced until 50 % of the weight of cement. In addition, potassuim hydroxide and sodium hydroxide were used for comparing the properties of different type of alkali activator. Ternary blended cement with alkali activators showed higher peak portlandite peak than that of OPC(Ordinary Portlande Cement) and non activated ternary blended cement. Also, there was no new hydration products in ternary blended cement or/and alkali activators. Based on the mercury intrustion porosimetry(MIP) test result, ternary blended cement increased macro pore while alkali activated ternary blended cement modified pore structure and increased microp pore as compared to OPC as control. Combination with alkali activators is desirable to enhance the compressive strength and freeze thaw resistance.

Geochemical and Isotopic Study of the Onjeongri Granite in the Northern Gyeongsang Basin, Korea : Comparison with Cretaceous to Tertiary Granitic Rocks in the Other Part of the Gyeongsang Basin and the Inner Zone of Southwest Japan (경상분지 북부에 분포하는 온정리 화강암에 대한 암석화학적, 동위원소 지구화학적 연구 : 경상분지 다른 지역과 서남 일본 내대에 분포하는 백악기-제 3기 화강암류와의 비교 고찰)

  • 정창식;권성택;김정민;장병욱
    • The Journal of the Petrological Society of Korea
    • /
    • v.7 no.2
    • /
    • pp.77-97
    • /
    • 1998
  • We analyzed geochemical and radiogenic isotope data to investigate the genesis and source characteristics of the Onjeongri granite in the northern part of the Gyeongsang Basin. Field observation and K-Ar ages confirm late Cretaceous intrusion (ca. 87 Ma) of the Onjeongri granite. The hornblende geobarometery gives less than 2 kbar for the emplacement pressure of the Onjeongri granite. Geochemical and isotopic compositions suggest that the Onjeongri granite was formed in a relatively immature arc system. $SiO_2$ contents show a negative linear relationship with initial $^{87}Sr/^{86}Sr$ ratios, and an apparent positive correlation with $^{207}Pb/^{204}Pb$ ratios, suggesting an incomplete mixing or assimilation. However, the isotopic data known for any exposed rocks of the study area do not fit as an endmember, implying that the contaminant might reside in the lower crust. A review of published isotopic ages, geochemical, and Sr and Nd isotopic data for the Cretaceous to Tertiary granites in the Gyeongsang Basin indicates the followings. 1) Granitic magmatism in the Gyeongsang Basin were episodic. 2) Granitic rocks in the basin were derived from young (< 0.9 Ga) lower crust, and their isotopic signatures reflect heterogeneous source region. Geochemical and isotopic signatures of granitic rocks in the basin are difficult to explain by upper crustal contamination. 3) Granites in the Gyeongsang Basin have closely related to those in the San in Belt of the Inner Zone of Southwest Japan in terms of age, petrography, and isotopic and geochemical composition. 4) Sr-Nd isotopic signatures of the Onjeongri granite are relatively primitive compared with granitic rocks in the other parts of the Gyeongsang Basin and in the Inner Zone of Southwest Japan.

  • PDF