한국시뮬레이션학회논문지 (Journal of the Korea Society for Simulation)

한국시뮬레이션학회 (The Korea Society for Simulation)
권호 표지

네트워크 보안을 위한 침입차단 시스템과 운영체제 보안 기능 모델링 및 시뮬레이션

Modeling and Simulation of Firewall System and Security Functions of Operating System for Network Security

  • 김태헌 (성균관대학교 정보통신공학부) ;
  • 이원영 (성균관대학교 정보통신공학부) ;
  • 김형종 (한국정보보호진흥원 기술단) ;
  • 김홍근 (한국정보보호진흥원 기술단) ;
  • 조대호 (성균관대학교 정보통신공학부)
  • 발행 : 2002.06.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

The need for network security is being increasing due to the development of information communication and internet technology. In this paper, firewall models, operating system models and other network component models are constructed. Each model is defined by basic or compound model, referencing DEVS formalism. These models and the simulation environment are implemented with MODSIM III, a general purpose, modular, block-structured high-level programming language which provides direct support for object-oriented programming and discrete-event simulation. In this simulation environment with representative attacks, the following three attacks are generated, SYN flooding and Smurf attack as an attack type of denial of service, Mail bomb attack as an attack type of e-mail. The simulation is performed with the models that exploited various security policies against these attacks. The results of this study show that the modeling method of packet filtering system, proxy system, unix and windows NT operating system. In addition, the results of the simulation show that the analysis of security performance according to various security policies, and the analysis of correlation between availability and confidentiality according to security empowerment.

키워드

참고문헌

  1. HCKING EXPOSED (2nd ed);Network Security Secrets & Solutions Joel Scambry
  2. Computer & Security v.18 Simulating Cyber Attacks, Defences, and Consequences F. Cohen
  3. Object-Oriented Simulation with Hierarchical, Modular Models B.P. Zeigler
  4. Proceeding of TENCON 2000 On Firewalls Evaluation Criteria A Noureldien;I.M. Osman
  5. Proceedings of CSAC 24th Annual International Firewall Security: Policies, Testing and Performance Evaluaiton M.R. Lyu;K.Y.Lau
  6. MODSIM Ⅲ Manual CACI Company
  7. Theory of Modeling and Simulation(2nd ed) B.P. Zeigler;H. Praehofer;T.G. Kim
  8. 정보보호 교육자료 한국정보보호진흥원
  9. 정보처리학회지 v.7 no.2 분산서비스거부공격 등 최근 해킹기법과 대응방안
  10. Building Internet Firewalls(2nd ed) E.D. Zwicky
  11. Application Gateways and Stateful Inspection;A Brief Note Comparing and Contrasting Avolio and Blask
  13. UNIX System security tools Seth Ross
  14. Information Security Technical Report v.3 no.3 Window NT Security Architecture John Hayday, March
  15. Information Security Technical Report v.2 no.3 Window NT Security Jan White
  16. 보안시스템 전문가들이 공개하는 해킹과 방어 완전 실무 조기준;김훈희
  17. Stateful Inspection TM Firewall Technology-TECH NOTE
  18. Practical UNIX and Internet security(2nd ed) S. Garfinkel;G. Spafford
  19. Simulation Modeling & Analysis(2nd ed) M.L. Law;W.D. Kelton