• Journal of the Korea Society for Simulation
• /
• v.25 no.3
• /
• pp.53-63
• /
• 2016

We consider simulation study combining static and mobile decoys for survivability of a surface warship against torpedo attack. It is assumed that an enemy torpedo is a passive acoustic homing torpedo and detects a target within its maximum target detection range and search beam angle by computing signal excess via passive sonar equation, and a warship conducts an evasive maneuvering with deploying static and mobile decoys simultaneously to counteract a torpedo attack. Suggesting the four different decoy deployment plans to achieve the best plan, we analyze an effectiveness for a warship's survival probability through Monte Carlo simulation, given a certain experimental environment. Furthermore, changing the speed and the source level of decoys, the maximum torpedo detection range of warship, and the maximum target detection range of torpedo, we observe the corresponding survival probabilities, which can provide the operational capabilities of an underwater defense system.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.73-75
• /
• 2005

최근 Windows 관련 취약점으로 인한 피해는 매우 커지고 있다. 그러나 그에 대한 조치는 사후처리식의 수동적 형태였다. 따라서 본 논문에서는 Windows 관련 취약점에 능동적으로 대처하기 위하여 Windows 관련 취약점 공격 유형을 분석하고, 그 정보를 바탕으로 주요 취약점의 동작 원리를 분석하여 사전에 예상되는 취약점의 취약성유무를 검증하는 기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.929-932
• /
• 2005

본 논문에서는 ZIP 파일 형식을 이용하여 파일을 압축/암호화 할 때의 몇 가지 문제점에 대하여 알아보고 이를 해결하기 위한 방법을 논의한다. 이미 여러 논문에서 ZIP 파일 형식의 압축/암호화에 대한 문제점이 논의되어 왔지만, 그 중에서 본 논문은 압축/암호화된 ZIP 파일의 부분정보 노출과 로컬 파일의 변경 및 삭제를 이용한 수동적/능동적 공격 기법을 방지하기 위한 해결방법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.1047-1050
• /
• 2005

현재의 수동적인 대응형 침입탐지 시스템의 문제를 해결하기 위해서 연구되고 있는 침입탐지 시스템이 능동 대응형 침입탐지 시스템이다. 본 논문에서는 능동 대응형 침입탐지 시스템을 설계 구현하기 위한 선행 연구로서 능동 대응을 위한 침입탐지 시스템의 요구사항을 7가지 구성요소로 고려하였고, 자동화 대응 실행 방법을 위해 프로토콜 접근과 스크립트 접근을 비교하였다. 또한 공격에 대한 능동 대응 방안으로 상호 협력적 구조와 NIDS와 ADS를 통합한 모델을 제시하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.971-984
• /
• 2004

In the coming age of information warfare, information security patterns need to be changed such as to the active approach using offensive security mechanisms rather than traditional passive approach just protecting the intrusions. In an active security environment, it is essential that, when detecting an intrusion, the immediate confrontation such as analysing the intrusion situation in realtime, protecting information from the attacks, and even tracing the intruder. This paper presents an active intrusion-confronting system using a fake session and a honeypot. Through the fake session, the attacks like Dos(Denial of Service) and port scan can be intercepted. By monitoring honeypot system, in which the intruders are migrated from the protected system and an intrusion rule manager is being activated, new intrusion rules are created and activated for confronting the next intrusions.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.33-41
• /
• 2005

Information can be leaked, changed, damaged and illegally used regardless of the intension of the information owner. Intrusion Detection Systems and Firewalls are used to protect the illegal accesses in the network. But these are the passive protection method, not the active protection method. They only react based on the predefined protection rules or only report to the administrator. In this paper, we develop the intrusion detection and protection system using Netfilter framework. The system makes the administrator's management easy and simple. Furthermore, it offers active protection mechanism against the intrusions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.728-731
• /
• 2008

Recently demands in construction of the stand-alone networks and interconnection between convergence devices have led an increase in research on IETF MANET working group, Bluetooth, and HomeRF working group and much attention has been paid to the application of MANET as a Ubiquitous network which is growing fast. With performance both as hosts and routers, easy network configuration, and fast response, mobile nodes participating in MANET are suitable for Embedded computing, but have vulnerable points, such as lack of network scalability and dynamic network topology due to mobility, passive attacks, active attacks, which make continuous security service impossible. For perfect MANET setting, routing is required which can guarantee security and efficiency through secure routing. In routing in this study, hashed AODV is used to protect from counterfeiting messages by malicious nodes in the course of path 'finding and setting, and disguising misrouted messages as different mobile nodes and inputting them into the network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.485-500
• /
• 2018

As the size of the system and network environment grows and the network structure and the system configuration change frequently, network administrators have difficulty managing the status manually and identifying real-time changes. In this paper, we suggest a system that scans dynamic network information in real time, scores vulnerability of network devices, generates all potential attack paths, and visualizes them using attack graph. We implemented the proposed algorithm based attack graph; and we demonstrated that it can be applicable in MTD concept based defense system by simulating on dynamic virtual network environment with SDN.

• Journal of Convergence Society for SMB
• /
• v.6 no.3
• /
• pp.29-35
• /
• 2016

This paper presents the design of a user authentication system (DCIAS) using the device constant information. Defined design a new password using the access device constant information to be used for user authentication during system access on the network, and design a new concept the user authentication system so that it can cope with the threat required from passive replay attacks to re-use the password obtained in other applications offer. In addition, by storing a password defined by the design of the encrypted random locations in the server and designed to neutralize the illegal access to the system through the network. Therefore proposed using the present system, even if access to the system through any of the network can not know whether any where the password is stored, and if all right even stored information is not easy to crack's encrypted to neutralize any replay attacks on the network to that has strong security features.

• Journal of KIISE:Information Networking
• /
• v.28 no.4
• /
• pp.489-497
• /
• 2001

In the coming age of information warfare, information security patterns take on a more offensive than defensive stance. It is necessary to develop an active form of offensive approach to security protection in order to guard vital information infrastructures and thwart hackers. Information security products need to support an automatic response facility without human intervention in order to minimize damage to the attacked system and cope with the intrusion immediately. This paper presents an automatic intrusion response model which is developed on a Self-Extension Monitoring. It also proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested model. The Self-Extension Monitoring using self-protection and replication minimizes spatial limitations on collection of monitoring information and intruder tracing. It enhances the accuracy of intrusion detection and tracing.