Browse > Article
http://dx.doi.org/10.13089/JKIISC.2011.21.4.39

A Study on Building an Optimized Defense System According to the Application of Integrated Security Policy Algorithm  

Seo, Woo-Seok (Soongsil Graduate School)
Jun, Moon-Seog (Soongsil University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.21, no.4, 2011 , pp. 39-46 More about this Journal
Abstract
This study is conducted to examine the optimal integrated security policy based on network in case of attacks by implementing unique security policies of various network security equipments as an algorithm within one system. To this end, the policies conduct the experiment to implement the optimal security system through the process of mutually integrating the unique defense policy of Firewall, VPN(Virtual Private Network), IDS(Intrusion Detection System), and IPS(Intrusion Prevention System). In addition, this study is meaningful in that it designs integrated mechanism for rapid detection of system load caused by establishment of the security policy and rapid and efficient defense and secures basic network infrastructure implementation.
Keywords
Integrated Security Algorithm; Security Policy; Parallel process; Sequence process; Defense rate; Infringement rate; Obstruction rate;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Quttoum, A.N, Otrok, H, and Dziong, Z, "A collusion-resistant mechanism for autonomic resource management in Virtual Private Networks," Computer communications, vol.33, no.17, pp.2070- 2078, Nov. 2010.   DOI   ScienceOn
2 Hubballi N, Roopa S, and Ratti R, "An Active Intrusion Detection System for LAN Specific Attacks," Lecture notes in computer science, vol.6059, pp.129-142, June 2010.
3 천준호, 장근원, 전문석, 신동규, "DDoS 공격에 대한 방화벽 로그 기록 취약점 분석," 한국정보보호학회논문지, 17(6), pp.143-148, 2007년 12월.
4 김정덕, 김건우, 이용덕, "융합보안의 개념 정립과 접근방법," 정보보호학회지, 19(6), pp.68-74, 2009년 12월.
5 Erete I, "Browser-Based Intrusion Prevention System," Recent advances in intrusion detection: 12th international symposium, Lecture notes in computer science, vol.5758, pp.371-373, 2009.
6 박순태, 이완석, 노봉남, "주요정보통신기반시설 보호를 위한 취약점 분석.평가 관리 방안," 정보보호학회지, 19(6), pp.32-40, 2009년 12월.
7 Qiu X and Paterson R, "An Innovative Network Security Vulnerability Modeling Method and Tool," IEEE communications magazine, vol.48, no.1, pp.104-108, Jan. 2010.
8 Yuan H, "A Network Security Risk Assessment Method Based on Immunity Algorithm," Trans-Tech Publications, pp.948-953, May. 2010.
9 Zeeshan A, Imine A, and Rusinowitch M, "Safe and Efficient Strategies for Updating Firewall Policies," Lecture notes in computer science, vol.6264, pp.45-57, Aug. 2010.
10 Gouda, M.G and Liu, A.X, "Structured firewall design," Computer networks, vol.51, no.4, pp.1106-1120, Mar. 2007.   DOI   ScienceOn