• Journal of the Korea Society of Computer and Information
• /
• v.23 no.9
• /
• pp.57-64
• /
• 2018

In recent years, a new approach to cyber security, called the moving target defense, has emerged as a potential solution to the challenge of static systems. In this paper, we design a protected server network with a large number of decoys to anonymize the protected servers that dynamically mutate their IP address and port numbers according to Hidden Tunnel Networking, which is a network-based moving target defense scheme. In the network, a protected server is one-to-one mapped to a decoy-bed that generates a number of decoys, and the decoys share the same IP address pool with the protected server. First, the protected server network supports mutating the IP address and port numbers of the protected server very frequently regardless of the number of decoys. Second, it provides independence of the decoy-bed configuration. Third, it allows the protected servers to freely change their IP address pool. Lastly, it can reduce the possibility that an attacker will reuse the discovered attributes of a protected server in previous scanning. We believe that applying Hidden Tunnel Networking to protected servers in the proposed network can significantly reduce the probability of the protected servers being identified and compromised by attackers through deploying a large number of decoys.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.10
• /
• pp.25-32
• /
• 2019

In this paper, we propose a method to apply the attack surface expansion through decoy traps to a protected server network. The network consists of a large number of decoys and protected servers. In the network, each protected server dynamically mutates its IP address and port numbers based on Hidden Tunnel Networking that is a network-based moving target defense scheme. The moving target defense is a new approach to cyber security and continuously changes system's attack surface to prevent attacks. And, the attack surface expansion is an approach that uses decoys and decoy groups to protect attacks. The proposed method modifies the NAT table of the protected server with a custom chain and a RETURN target in order to make attackers waste all their time and effort in the decoy traps. We theoretically analyze the attacker success rate for the protected server network before and after applying the proposed method. The proposed method is expected to significantly reduce the probability that a protected server will be identified and compromised by attackers.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.4
• /
• pp.146-153
• /
• 2001

A new password authentication method Is proposed in this paper for the purpose of providing web page authors the convenience in deploying password-protected Web realms at a web server. According to this method. a web realm is mapped to a secret directory at the web server. in which access-controlled web pages are stored. A password is used to construct the name of the secret directory. A javaScript code is embedded in a sign-in web pageoutside the secret directory, which converts the user-entered password into the directory name and forms a complete URL pointing to an access-controlled web page inside the secret directory. Thus, only users knowing the password can compose a valid URL and retrieve the access-controlled web page. Using this method, web page authors can deploy password-protected web realms in a server-independent manner.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.431-439
• /
• 2010

The security systems using signatures cannot protect servers from new types of Internet worms. To protect servers from Internet worms, this paper proposes a system removing malicious processes and executable files without using signatures. The proposed system consists of control servers which offer the same services as those on protected servers, and agents which are installed on the protected servers. When a control server detects multicasting attacks of Internet worm, it sends information about the attacks to an agent. The agent kills malicious processes and removes executable files with this information. Because the proposed system do not use signatures, it can respond to new types of Internet worms effectively. When the proposed system is integrated with legacy security systems, the security of the protected server will be further enhanced.

• KIISE Transactions on Computing Practices
• /
• v.23 no.7
• /
• pp.434-439
• /
• 2017

More and more people are suffering from sleep disturbance, which can have many different causes. The healthcare industry, which can help people with this disability, is one technology that is currently in the spotlight. However, current services are vulnerable to data concentration, because they are simple telemedicine services that transmit all data to a remote server and process the data on the server. They have a disadvantage in that the data cannot be streamed in real time by synchronizing the biometric data of remotely protected persons. In order to solve this problem, we propose a service structure for streaming biometric data of protected persons to a hospital or guardian in real time, using a self-organizing distributed middleware platform without a central server. We prove that it is possible to provide an effective streaming service by evaluating the service start time and average delay time.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.6
• /
• pp.1003-1010
• /
• 2006

The usage increase of digital contents required solution for protection technology and interoperability of system. MPEG(Moving Picture Experts Group) proposed MPEG-21 Multimedia Frameworks. MPEG-21 IPMP is standard that provides the means to enable digital item and rights information to be persistently managed and protected across networks and devices. In this paper, MPEG-21 IPMP based system to protect digital contents designed by four structures of license server, production server, consumption server, tool server. License server create rights information document using the XML-based REL about multimedia contents of users. Production server makes a digital item by packaging multimedia resource and metadata, which is combined by REL information and IPMP information of multimedia resource. Consumption server takes care of the functions of players that use digital item, and tool server was implement to transmit for missing tool that might occur in all procedures.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.619-622
• /
• 2005

When Digital Contents goes through production${\cdot}$delivery${\cdot}$consumption, MPEG(Moving Picture Expers Group)-21 IPMP(Intellectual Property Management and Protection) defines standard which have defined by FCD(Final Committee Draft) level to keep the Digital Contents in safety. And development of system which applied to latest standard to protect and manage the broadcasting contents is required. Currently, the system to protect and manage the broadcast contents consists of fourth organizations which means production server, tool server, license server, consumption server. In this paper, we made production server to parse REL(Right Expression Language) document that has right information for content from license server, and create metadata based on MPEG-21 IPMP about the content that applied to watermark. then, after it do remuxing, transmit the protected data to consumption server.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.3
• /
• pp.641-653
• /
• 1999

The paper is design and implementation of the system to support security communication between a Web Browser and a CGI program by a Web Server using PKI(Public Key Infrastructure. This system uses GSS(Generic Security Service)-API to communicate with PKI, offers a Web user a Client Proxy, and offers a CGI developer there library functions related with security. TLS(Transport Layer Security) supports security communication between a Web Browser and a Web Server, but the system supports security communication between a Web Browser and a CGI program as the protected data received from a Client Proxy are sent to a CGI program, and the CGI program decrypts the data using the library functions supported by this system.

• Journal of Digital Convergence
• /
• v.16 no.12
• /
• pp.343-349
• /
• 2018

Electroencephalograph(EEG) information, which is an important data of brain science, reflects various levels of information from the molecular level to the behavior and cognitive stages, and the explosively amplified information is provided at each stage. Therefore, EEG information is an intrinsic privacy area of an individual, which is important information to be protected. In this paper, we apply spring security to web based system of spring MVC (Model, View, Control) framework to build independent and lightweight server system with powerful security system. Through the proposal of the platform type EEG analysis system which enhances the security function, the web service security of the EEG information is enhanced and the privacy of the EEG information can be protected.

• Journal of Computing Science and Engineering
• /
• v.5 no.4
• /
• pp.331-337
• /
• 2011

Recently, Virtual Desktop Infrastructure (VDI) has been widely adopted to ensure secure protection of enterprise data and provide users with a centrally managed execution environment. However, user experiences may be restricted due to the limited functionalities of thin clients in VDI. If thick client devices like laptops are used, then data leakage may be possible due to malicious software installed in thick client mobile devices. In this paper, we present Data Firewall, a security framework to manage and protect security-sensitive data in thick client mobile devices. Data Firewall consists of three components: Virtual Machine (VM) image management, client VM integrity attestation, and key management for Protected Storage. There are two types of execution VMs managed by Data Firewall: Normal VM and Secure VM. In Normal VM, a user can execute any applications installed in the laptop in the same manner as before. A user can access security-sensitive data only in the Secure VM, for which the integrity should be checked prior to access being granted. All the security-sensitive data are stored in the space called Protected Storage for which the access keys are managed by Data Firewall. Key management and exchange between client and server are handled via Trusted Platform Module (TPM) in the framework. We have analyzed the security characteristics and built a prototype to show the performance overhead of the proposed framework.