• Journal of Information Processing Systems
• /
• v.5 no.1
• /
• pp.33-40
• /
• 2009

Ever since the network-based malicious code commonly known as a 'worm' surfaced in the early part of the 1980's, its prevalence has grown more and more. The RCS (Random Constant Spreading) worm has become a dominant, malicious virus in recent computer networking circles. The worm retards the availability of an overall network by exhausting resources such as CPU capacity, network peripherals and transfer bandwidth, causing damage to an uninfected system as well as an infected system. The generation and spreading cycle of these worms progress rapidly. The existing studies to counter malicious code have studied the Microscopic Model for detecting worm generation based on some specific pattern or sign of attack, thus preventing its spread by countering the worm directly on detection. However, due to zero-day threat actualization, rapid spreading of the RCS worm and reduction of survival time, securing a security model to ensure the survivability of the network became an urgent problem that the existing solution-oriented security measures did not address. This paper analyzes the recently studied efficient dynamic network. Essentially, this paper suggests a model that dynamically controls the RCS worm using the characteristics of Power-Law and depth distribution of the delivery node, which is commonly seen in preferential growth networks. Moreover, we suggest a model that dynamically controls the spread of the worm using information about the depth distribution of delivery. We also verified via simulation that the load for each node was minimized at an optimal depth to effectively restrain the spread of the worm.

• Journal of the Korea Society for Simulation
• /
• v.22 no.1
• /
• pp.1-8
• /
• 2013

A higher penetration of renewable energy sources and adoption of renewable portfolio standard(RPS), the penetration of distributed generators(DGs) into power distribution network is becoming a threat for the safe operation of distribution network. The ground fault current of DGs can cause parasitic trip and mal-trip of protective device in the power distribution network. KEPRI has developed a simulation program for current setting of protective devices in DGs connected distribution network. In this study, we analyzed fault currents of a sample network in two cases, i.e. case 1 is for no DG connection, case 2 for a DG connection. We performed protection coordination for relays installed in the network and analyzed the contribution of a DG.

• Journal of Internet Computing and Services
• /
• v.23 no.5
• /
• pp.103-110
• /
• 2022

Botnets have been exploited for a variety of purposes, ranging from monetary demands to national threats, and are one of the most threatening types of attacks in the field of cybersecurity. Botnets emerged as a centralized structure in the early days and then evolved to a P2P structure. Bitcoin is the first online cryptocurrency based on blockchain technology announced by Satoshi Nakamoto in 2008 and is the most widely used cryptocurrency in the world. As the number of Bitcoin users increases, the size of Bitcoin network is also expanding. As a result, a botnet using the Bitcoin network as a C&C channel has emerged, and related research has been recently reported. In this study, we propose an encrypted botnet C&C communication mechanism and technique in the Bitcoin network and validate the proposed method by conducting performance evaluation through various experiments after building it on the Bitcoin testnet. By this research, we want to inform the possibility of botnet threats in the Bitcoin network to researchers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.549-559
• /
• 2023

As mobile edge computing (MEC) is gaining attention as a core technology of 5G networks, edge AI technology of 5G network environment based on mobile user data is recently being used in various fields. However, as in traditional AI security, there is a possibility of adversarial interference of standard 5G network functions within the core network responsible for edge AI core functions. In addition, research on data poisoning attacks that can occur in the MEC environment of standalone mode defined in 5G standards by 3GPP is currently insufficient compared to existing LTE networks. In this study, we explore the threat model for the MEC environment using NWDAF, a network function that is responsible for the core function of edge AI in 5G, and propose a feature selection method to improve the performance of detecting data poisoning attacks for Leaf NWDAF as some proof of concept. Through the proposed methodology, we achieved a maximum detection rate of 94.9% for Slowloris attack-based data poisoning attacks in NWDAF.

• International conference on construction engineering and project management
• /
• 2024.07a
• /
• pp.127-136
• /
• 2024

Flooding presents a significant threat to infrastructure, and climate change is exacerbating these risks. High-speed rail (HSR) infrastructure, designed based on historical data, may struggle to cope with future extreme flood events. Infrastructure stakeholders require forecasting capabilities to predict the intensity and frequency of future floods so they can develop adaptive strategies to mitigate flood risks and impacts. Floods can cause significant damage to HSR infrastructure networks, disrupting their operations. Traditional network theory-based frameworks are insufficient for analyzing the three-dimensional effects of floods on HSR networks. To address this issue, this study proposes a comprehensive approach to assess flood risk and vulnerability under future climate scenarios for HSR networks. The method consists of three components. (i) Generate flood inundation data by utilizing global climate models, Shared Socioeconomic Pathways(SSPs), and the CaMa-Flood model. (ii) Fit extreme flood depths to the Gumbel distribution to generate flood inundation scenarios. (iii) Overlay flood scenarios on the HSR network and quantitatively assess network vulnerability based on topology network. When applied to the HSR system in mainland China, the results indicate that flood severity does not necessarily increase under higher SSPs, but may worsen over time. The minimum flood return period that causes HSR disruptions is decreasing, with Hubei Province showing a significant increase in HSR segment failure probability. Discontinuous phase transitions in HSR network topology metrics suggest potential nationwide collapses under future infrequent floods. These findings can inform preventive measures for the HSR sector and flood-resistant standards for HSR infrastructure. The method used in this study can be extended to analyze the vulnerability of other transportation systems to natural disasters, serving as a quantitative tool for improving resilience in a changing climate.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.4
• /
• pp.427-434
• /
• 2004

Attacks such as hacking, a virus intimidating a system and a network are increasing recently. However, the existing system security or network management system(NMS) cannot be safe on various threats. Therefore, Firewall, IDS, VPN, LAS(Log Analysis System) establishes security system and has defended a system and a network against a threat. But mutual linkage between security systems was short and cannot prepare an effective correspondence system, and inefficiency was indicated with duplication of security. Therefore, an active security and an Enterprise Security Management came to need. An effective security network was established recently by Enterprise Security Management, Intrusion Tracking, Intrustion Induction. But an internetworking is hard for an enterprise security systems, and a correspondence method cannot be systematic, and it is responded later. Therefore, we proposes the active enterprise security management module that can manage a network safely in this paper.

• The Journal of Society for e-Business Studies
• /
• v.22 no.4
• /
• pp.129-139
• /
• 2017

With the advent of FinTech, many financial services have become available in the mobile Internet environment and recently, there is an internet bank that provides all bank services online. As the proportion of financial services over the Internet increases, it offers convenience to users, but at the same time, the threat of financial network is increasing. Financial institutions are investing heavily in security systems in case of an intrusion. However attacks by hackers are getting more sophisticated and difficult to cope with. However, applying an IP Trace-back method that can detect the actual location of an attacker to a financial network can prepare for an attacker's arrest and additional attacks. In this paper, we investigate IP Trace-back technology that can detect the actual location of attacker and analyze it to apply it to financial network. And we propose a new IP Trace-back method through Infra-structure construction through simulation experiments.

• Journal of Korea Water Resources Association
• /
• v.31 no.6
• /
• pp.685-694
• /
• 1998

Protection of groundwater resources from contamination has been of increasing concern throughout the past decades. In practice, however, groundwater monitoring is performed based on the experience and intuition of experts or on the convenience. In dealing with groundwater contamination, we need to know what contaminants have the potential to threat the water quality and the distribution and concentration of the plumes. Monitoring of the subsurface environment through remote geophysical techniques or direct sampling from wells can provide such information. Once known, the plume can be properly managed. Evaluation of existing methodologies for groundwater monitoring network design revealed that one should select an appropriate design method based on the purpose of the network and the availability of field information. Integer programming approach, one of the general purpose network design tools, and a cost to-go function evaluation approach for special purpose network design were tested for field applicability. For the sam contaminated aquifer, two approaches resulted in different well locations. The amount of information, however, was about the same.

• Convergence Security Journal
• /
• v.5 no.4
• /
• pp.67-72
• /
• 2005

The exponential increase of malicious and criminal activities in cyber space is posing serious threat which could destabilize the foundation of modern information society. In particular, unexpected network paralysis or break-down created by the spread of malicious traffic could cause confusion and disorder in a nationwide scale, and unless effective countermeasures against such unexpected attacks are formulated in time, this could develop into a catastrophic condition. In order to solve a same problem, this paper researched early detection techniques for only early warning of cyber threats with separate way the detection due to and existing security equipment from the large network. It researched the cyber example alert system which applies the module of based honeynet from the actual large network and this technique against the malignant traffic how many probably it will be able to dispose effectively from large network.

• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.313-319
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.