• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.181-190
• /
• 2009

DBMS access that used high speed internet web service through WAS is increasing. Need application of DB security technology for 3-Tier about DBMS by unspecified majority and access about roundabout way connection and competence control. If do roundabout way connection to DBMS through WAS, DBMS server stores WAS's information that is user who do not store roundabout way connection user's IP information, and connects to verge system. To DBMS in this investigation roundabout way connection through WAS do curie information that know chasing station security thanks recording and Forensic data study. Store session about user and query information that do login through web constructing MetaDB in communication route, and to DBMS server log storing done query information time stamp query because do comparison mapping actuality user discriminate. Apply making Rule after Pattern analysis receiving log by elevation method of security authoritativeness, and develop Module and keep in the data storing place through collection and compression of information. Kept information can minimize false positives of station chase through control of analysis and policy base administration module that utilize intelligence style DBMS security client.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.534-543
• /
• 2015

This paper proposes an Energy Theft Traceback Protocol(ETTP) based on Logging and Marking that can trace Energy Theft back in Smart Grid Environment. The ETTP consists of the following three phases. First, it classifies Energy Theft Type into Measurement Rejection and Data Fabrication by generating an Energy Theft Tree. Second, it detects an Energy Theft by using the Energy Theft Tree. Finally, it trace an Energy Theft back by using the Logging Table of a Router and the Marking Information of a Packet. The result of its simulation shows that the Detection Ratio of Energy Theft is estimated at 92% and the Success Ratio of Energy Theft Traceback at 93%. Therefore, the ETTP not only reduces such risk factors as Forgery and Tampering about Billing information but also provides safe and reliable Smart Grid environment.

• Review of KIISC
• /
• v.16 no.1
• /
• pp.49-58
• /
• 2006

디지털 핑거프린팅(Digital Fingerprinting) 기술은 온라인상에서 멀티미디어 콘텐츠의 저작권을 보호하기 위한 기술의 하나로 워터마킹(Watermarking) 기술과 같이 콘텐츠에 저작권을 증명하기 위한 부가정보를 비인지적으로 삽입하고 추출하는 기술이다. 핑거프린팅 기술에서는 주로 구매자의 정보를 삽입하기 때문에 콘텐츠를 처음 유포한 구매자를 역추적 할 수 있는 기능(trace traitor)을 제공한다. 본 고에서는 핑거프린팅 된 콘텐츠에서 악의적인 사용자가 핑거프린트를 제거하기 위하여 같은 콘텐츠를 구매한 다른 구매자와 공모하는 기술과, 이런 공모 후에도 핑거프린트를 추출할 수 있도록 삽입 코드를 공모 허용하도록 설계하는 공모보안코드에 대해 고찰한다.

• Convergence Security Journal
• /
• v.14 no.2
• /
• pp.57-63
• /
• 2014

Internet users drastically increases, also through the Internet to buy various intrusion significantly increased. These various methods of intrusion defense thinking hacker attempting to hack the actual position of the real-time tracking of the intruder backtracking technique for research have been actively carried out. In this paper, a technique used in TCP Connection trace-back System in one packet trace-back technique watermarking technique using TCP Hijacking Connection Reply packets how to solve the difficulties of maintaining presented.

• The Journal of Information Technology
• /
• v.3 no.1
• /
• pp.29-36
• /
• 2000

Viterbi decoder is a maximum likelihood decoding method for convolution coding used in satellite and mobile communications. In this paper, a Viterbi decoder with constraint length of K=7, 3 bit soft decision and traceback depth of ${\Gamma}=96$ for convolution code is implemented using VHDL. The hardware size of designed decoder is reduced by 4 bit pre-traceback in the survivor memory.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.3
• /
• pp.185-194
• /
• 2007

WiBro has become intentionally standardize as IEEE 802.16e. This WiBro service has been started by a portable internet at home as well as abroad. In this paper, an offender hacker do not direct attack on system on system that It marched an attack directly in damage system because a place oneself in mobile station of portable internet WiBro and avoid to attack hacker's system. At this time, a mobile make use of network inspection policy for back-tracking based on log data. Used network log audit, and presented TCP/IP bases at log bases as used algorithm, the SWT technique that used Thumbprint Algorithm. Timing based Algorithm, TCP Sequence number. Study of this paper applies algorithm to have been progressed more that have a speed to be fast so that is physical logical complexity of configuration of present Internet network supplements a large disadvantage, and confirm an effective back-tracking system. result of research of this paper contribute to realize a back-tracking technique in ubiquitous in WiBro internet network.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.273-275
• /
• 2002

고도의 기술을 이용한 최근의 사이버 공격을 방어하기 위해서는 자신의 도메인만을 보호하는 현재의 수동적인 네트워크 보안 서비스보다는 액티브 네트워크 기반 하에 침입자의 위치를 역추적하고 침입자의 근원지에서 네트워크로의 접근을 차단하는 능동적인 대응이 필요하다. 본 논문에서는 TCP 기반의 우회 공격인 TCP 확장 연결 공격을 역추적하고 침입자를 네트워크로부터 고립시키는 메커니즘에 대해 기술한다.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.91-97
• /
• 2003

As increasing of Internet user and fast development of communication, many security problems occur. Because of Internet is design and development for speed not security, it is weak to attack from malicious user. furthermore attack is more developed to have high efficiency and intelligent. We proposed effective traceback system in network and consider that ability of constitution. Traceback by Selected Router system is consists of managed router and manager system. Selected router marks router ID to packet which passing selected router, and use this router ID for traceback and filtering. Consequently this system reduce damage of attack.

• Review of KIISC
• /
• v.21 no.6
• /
• pp.42-48
• /
• 2011

전장의 양상이 물리적인 대량살상을 중심으로 한 전통적인 재래전에서 눈에 보이지 않는 사이버전으로 변화되고 있는 시점에서 이에 대비하기 위한 사이버전 공격 및 방어기술은 매우 중차대한 문제이다. 사이버전을 위한 보안 기술로는 암호 인증 인식 감시와 같은 정보보안 핵심원천 기술, 분산서비스거부공격 대응기술, 스마트 아이디 기술, 영상보안 및 바이오인식 기술, 부채널 공격 방지 기술 등이 있다. 이러한 기술들은 사이버전을 위해 사용될 수 있는 매우 명확한 분야라 할 것이다. 또한, 사이버전 기솔로는 암호 인증 인식 감시와 같은 핵심 원천 기술 및 기존 보안 기술 분야를 포함하고 초경량 고비도 암호화 기술, 밀리터리 포렌식 기술, 사이버공격 근원지 역추적 기술, 사이버 공격 정보공유 협업관제 기술, 사이버 공격 무기 제작 기술 등이었다. 특히, 사이버전은 작은 비용으로 최대 효과를 거둘 수 있는 비대칭 전력의 매우 중요한 분야이며, 주요 선진국들은 사이버 공격에 대한 자위권 확보 차원에서 사이버전에 대한 기술적 제도적 준비를 서두르고 있는 상황이다. 본 기고문에서는 이와 같은 사이버전을 위한 보안 기술 현황과 전망을 살펴보고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.39-47
• /
• 2002

This paper deals with study of a new framework for the traceback of distributed DoS(Denial of Service) attacks in the Internet, in which many sources flood "spoofed" IP packets towards a single victim. In our scheme, the destination host traces those anonymous packets' losses, and infers the logical end-to-end paths back towards the sources. This method is based on the fact that there is a strong correlation between packet losses when those packets traverse along a same route, and the simulation results show high probabilities of detecting the topology under a certain condition. Compared with previous approaches, our scheme has a number of distinct features: It can be performed in realtime or non-realtime, without any supports of routers or ISPs. Our results may be applied to the inference of physical topology and to support previous approaches.pproaches.