• Journal of the Korea Society for Simulation
• /
• v.18 no.3
• /
• pp.133-138
• /
• 2009

When sensor networks are deployed in open environments, an adversary may compromise some sensor nodes and use them to inject false sensing reports. False report attack can lead to not only false alarms but also the depletion of limited energy resources in battery powered networks. The Interleaved hop-by-hop authentication (IHA) scheme detects such false reports through interleaved authentication. In IHA, when a report is forwarded to the base station, all nodes on the path must spend energies on receiving, authenticating, and transmitting it. An dversary can spend energies in nodes by using the methods as a relaying attack which uses macro. The Adversary aim to drain the finite amount of energies in sensor nodes without sending false reports to BS, the result paralyzing sensor network. In this paper, we propose a countermeasure using fuzzy logic from the Denial of Service(DoS) attack and show an efficiency of energy through the simulataion result.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.8B
• /
• pp.735-744
• /
• 2008

This paper proposes a 'secure node' to be robust against network-based DoS attacks. The secure node selectively accepts new sessions based on the Zipf's law while a link is in the overload state. Our scheme calculates a threshold value for overload state, and provides a dynamic service mechanism for enhancing availability of a web server. The simulation results show performance improvement of the proposed scheme in terms of completion/connection ratios.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.999-1002
• /
• 2005

IEEE 802.11b의 사용자 인증 취약성을 보완한 프레임워크인 IEEE 802.1x는 EAP를 통해 다양한 사용자 인증 메커니즘을 지원한다. 그러나 IEEE 802.1x 역시 인증 프로토콜의 구조적 원인에 의한 서비스 거부 공격과 AP에 대한 인증 및 암호 메커니즘의 부재로 세션 하이재킹 및 중간자 공격 등에 취약하다. 본 논문에서는 IEEE 802.1x 프레임워크의 서비스 거부, 세션 하이재킹 및 중간자 공격에 대한 취약성을 보완하여 강화된 사용자 인증 및 안전한 암호통신 서비스를 제공할 수 있는 무선랜 보안시스템을 제안한다.

• Journal of Convergence Society for SMB
• /
• v.5 no.1
• /
• pp.19-23
• /
• 2015

Distributed Denial of Service attack is a form of denial of service attacks, the attacker to attack a place in a number of points of attack by a wide variety of forms over the network to perform a service on a point attack . Do not use a specific server or client attempts to make a connection to many services available that prevents this attack and so normally used . Corresponding methods of DDoS attacks has a corresponding managerial aspects and technical aspects of the proposed two.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2002.12a
• /
• pp.258-261
• /
• 2002

최근 네트워크 취약점 검색 방법을 이용한 침입 공격이 증가하는 추세이며 이런 공격에 대하여 적절하게 실시간 탐지 및 대응 처리하는 침입방지시스템(IPS: Intrusion Prevention System)에 대한 연구가 지속적으로 이루어지고 있다. 본 논문에서는 시스템에 허락을 얻지 않은 서비스거부 공격(Denial of Service Attack) 기술 중 TCP의 신뢰성 및 연결 지향적 전송서비스로 종단간에 이루어지는 3-Way Handshake를 이용한 Syn Flooding Attack에 대하여 침입시도패킷 정보를 수집, 분석하고 퍼지인식도(FCM : Fuzzy Cognitive Maps)를 이용한 침입시도여부결정 및 대응 처리하는 네트워크 기반의 실시간 탐지 및 방지 모델(Network based Real Time Scan Detection & Prevention Model)을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1221-1224
• /
• 2004

최근 사회적으로 큰 문제로 대두되는 네트워크기반 공격들은 공격 대상 시스템으로 하여금 정상 서비스가 불가능하도록 하는 서비스거부 (분산서비스거부 포함) 공격이 주를 이루며, 이러한 공격에는 기본적으로 패킷의 출발지 IP 주소를 위장하는 IP spoofing 기술이 사용된다. 본 논문에서는 현재까지 상용라우터에 적용되어 있는 IP spoofing 방지 기술과 리눅스시스템에서 제공하는 IP spoofing 방지 기술 그리고 연구논문으로 제시된 IP spoofing 방지 기술을 분석하고, 이를 토대로 IP spoofing 기술을 사용한 공격자의 패킷을 초기에 차단하는 IP spoofing 방지 라우터 프레임웍을 제안한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.7B
• /
• pp.858-867
• /
• 2011

The RFID(Radio-Frequency IDentification) systems have many security problem such as eavesdropping, a replay attack, location tracking and DoS(Denial of Service) attacks. Because RFID systems use radio-frequency. So research are being made to solve the problem of RFID systems, one of which is AES algorithm. This paper presents an authentication protocol using AES and one-time random number to secure other attacks like eavesdropping, a replay attack, location tracking, In addtion, RSMAP uses OTP(One-Time Pad) in order to safely transmit.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.7
• /
• pp.1858-1866
• /
• 1999

Recently, increasing attacks using network packets cause serious problems in networked environments ; from disturbing normal network operations to damaging computing resources. Among them denial of services are considered as critical attacks that directly exploit network packets to degrade availability. In this paper, we classify the types of denial of services in the network layer and develop detection methods that can keep the network from the classified denial of service attacks. The methods are then merged into an integrated denial of service detection algorithm that is scalable to detect new denial of service attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.4
• /
• pp.19-25
• /
• 2010

In this paper, the performance of the DoS information security algorithm is evaluated to provide the multimedia traffic between the nodes using the multicasting services. The essence technology for information security to distribute the multimedia contents is presented. Under the multicasting services, a node participating new group needs a new address and the node compares the collision with the existing nodes, then DoS attack can be occurred between the nodes by a malicious node. Using the NS2 simulator, the number of DoS attacks, the average number of trials to generate new address, and the average time to create address are analyzed. From simulation results, the efficient algorithm with relevant random number design according to the DRM network is needed to provide secure multimedia contents distribution.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.279-290
• /
• 2005

Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not effectively defend against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. In this paper, we propose a detection architecture against DDoS attack using data mining technology that can classify the latest types of DDoS attack, and can detect the modification of existing attacks as well as the novel attacks. This architecture consists of a Misuse Detection Module modeling to classify the existing attacks, and an Anomaly Detection Module modeling to detect the novel attacks. And it utilizes the off-line generated models in order to detect the DDoS attack using the real-time traffic. We gathered the NetFlow data generated at an access router of our network in order to model the real network traffic and test it. The NetFlow provides the useful flow-based statistical information without tremendous preprocessing. Also, we mounted the well-known DDoS attack tools to gather the attack traffic. And then, our experimental results show that our approach can provide the outstanding performance against existing attacks, and provide the possibility of detection against the novel attack.