• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.1
• /
• pp.81-87
• /
• 2020

Recently, the network configuration is being rapidly changed to enable easy and free network service configuration based on SDN/NFV. Despite the many advantages and applications of SDN, many security issues such as Distributed Denial of Service (DDoS) attacks are being constantly raised as research issues. In particular, the effectiveness of DDoS attacks is much faster, SDN is causing more and more fatal damage. In this paper, we propose an entropy-based technique to detect and mitigate DDoS attacks in SDN, and prove it through experiments. The proposed scheme is designed to mitigate these attacks by detecting DDoS attacks on single and multiple victim systems and using time - specific techniques. We confirmed the effectiveness of the proposed scheme to reduce packet loss rate by 20(19.86)% while generating 3.21% network congestion.

• Proceedings of KOSOMES biannual meeting
• /
• 2008.05a
• /
• pp.1-4
• /
• 2008

근년 일본, 캐나다, 호주, 미국, EU(주로 노르웨이, 영국) 등에서 인공위성을 이용한 해양 안전의 확보를 위한 연구개발이 진행되고 있으며, 일부 실해역 적용의 분야도 도출되고 있는 실정이다. 9.11테러 이후, 국제해사기구에서도 해상보안의 문제는 주요 이슈로 대두되어, 해상보안에의 활용 기술 개발이 먼저 시작되었다. 그 외, 밀입국 선박 감시 덴 해양오염 모니터링이 주요 활용분야이다. 간단하게 요약하면 다음과 같다. -노르웨이: Norwegian Defence Hesearch Establishment(NDRE)에서 주도적으로 선박 탐지 실험 및 기술 개발을 실시. 주로, ESA의 위성을 활용. 국가 보안의 목적으로는 적용을 하고 있음. -캐나다: 캐나다에서 소유하고 있는 RADARSAT을 이용하여 가장 많은 실험을 실시함. 영상을 처리하고 결과에 대한 평가를 수행하기 위한 시스템(Ocean Monitoring Workstation, OSM)을 개발하여 보급에 주력. -호주: 주로 캐나다의 위성 및 시스템의 적용을 하고 있음 영해 및 환경 감시의 역할을 수행. Coastwatch조직을 만들어 해상 감시활동을 하고 있음. -영국: 데이터 취득 후, 2.5시간 이내에 선박의 위치를 전송하는 인터페이스를 개발함. 일본의 경우, 다른 선진국에 비해서는 다소 늦게 시작되었다. 2003년 발간된 '재해 등에 대응한 인공위성이용기술에 관한 종합보고서'를 시작으로 정보수집위성 4기 및 지구관측위성을 이용한 해양 감시 활동이 시작되었다. 또한, 제 3기 과학기술기본계획(2006-2012)내에 해양 불법침입 탐지 기술 개발 항목이 반영되어 있다. 유럽의 해상보안서비스(MARISS)의 사용자 워크숍이 ESA ESRIN(이탈리아 프라스카티)에서 2008년 1월 22일 열렸다. 실질적인 내용은, '해상보안을 위한 우주 시스템'에 관한 것으로 인공위성 이용하는데 있어 설계안 및 데이터 이용 컨셉을 제시하는 것이었다. 여기서 중요한 것은 국가간의 협력이 절대적으로 필요하며, 기존의 시스템과의 통합에 있어 신뢰성을 어떻게 확보하는가에 있다고 할 수 있다. 또한, 보안과 환경모니터링의 기능이 분리되어 진행되고 있는 부분에 대한 정보 통합 방향도 제기되었다. 국내에서도 AIS와 SAR정보의 결합에 관한 검토는 이루어졌으며, 이를 바탕으로 EU와 같은 시스템의 구축(조직과 연구개발)을 위한 실질적인 검토가 필요하다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.3
• /
• pp.91-98
• /
• 2021

In most hacking attacks, hackers tend to access target systems in a variety of circumvent connection methods to hide their original IP. Therefore, finding the attacker's IP(Internet Protocol) from the defender's point of view is one of important issue to recognize hackers. If an attacker uses a proxy, original IP can be obtained through a program other than web browser in attacker's computer. Unfortunately, this method has no effect on the connection through VPN(Virtual Private Network), because VPN affects all applications. In an academic domain, various IP traceback methods using network equipments such as routers have been studied, but it is very difficult to be realized due to various problems including standardization and privacy. To overcome this limitation, this paper proposes a practical way to use client's network configuration temporarily until it can detect original IP. The proposed method does not only restrict usage of network, but also does not violate any privacy. We implemented and verified the proposed method in real internet with various VPN tools.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.637-644
• /
• 2012

In our current information focused society, information is regarded as a core asset and the leakage of customers' information has emerged as a critical issue, especially in financial companies. It is very likely that the technology that safeguards which is currently in commercial use is not focused at an enterprise level but is fragmented by function or by only guards portions of a customer's personal information. Therefore, It is necessary to study the systems which monitor the indicators of access at an enterprise level in order to preemptively prevent the compromise of such data. This study takes an enterprise perspective on such systems for a financial company. I will focus on examination of the methods of implementation of the monitoring system, the application of pattern analysis and examination of Security Risk Indicators (SRI). A trial of the monitoring system provided security managers and related departments with proper screening capabilities of information. Therefore, it is possible to establish a systemic counter-plans based on detectable patterns.

• Journal of Intelligence and Information Systems
• /
• v.25 no.3
• /
• pp.201-220
• /
• 2019

Fake news has emerged as a significant issue over the last few years, igniting discussions and research on how to solve this problem. In particular, studies on automated fact-checking and fake news detection using artificial intelligence and text analysis techniques have drawn attention. Fake news detection research entails a form of document classification; thus, document classification techniques have been widely used in this type of research. However, document summarization techniques have been inconspicuous in this field. At the same time, automatic news summarization services have become popular, and a recent study found that the use of news summarized through abstractive summarization has strengthened the predictive performance of fake news detection models. Therefore, the need to study the integration of document summarization technology in the domestic news data environment has become evident. In order to examine the effect of extractive summarization on the fake news detection model, we first summarized news articles through extractive summarization. Second, we created a summarized news-based detection model. Finally, we compared our model with the full-text-based detection model. The study found that BPN(Back Propagation Neural Network) and SVM(Support Vector Machine) did not exhibit a large difference in performance; however, for DT(Decision Tree), the full-text-based model demonstrated a somewhat better performance. In the case of LR(Logistic Regression), our model exhibited the superior performance. Nonetheless, the results did not show a statistically significant difference between our model and the full-text-based model. Therefore, when the summary is applied, at least the core information of the fake news is preserved, and the LR-based model can confirm the possibility of performance improvement. This study features an experimental application of extractive summarization in fake news detection research by employing various machine-learning algorithms. The study's limitations are, essentially, the relatively small amount of data and the lack of comparison between various summarization technologies. Therefore, an in-depth analysis that applies various analytical techniques to a larger data volume would be helpful in the future.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.277-280
• /
• 2008

Security policy that use defense system such as Intrusion Detection System or Firewall is limited to passive response that only manage important data and resources. This paper analyzes security problem and maximum of passive response, provides a responsive way to Pharming attack which is one kind of hacking. This paper also includes ICMP-based traceback system that uses ICMP traceback Message about invasion that is decided through hacking. With this paper we can intercept damage of personal information leakage and property loss that is done through Pharming attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.2A
• /
• pp.179-187
• /
• 2007

As wireless networks evolve to orthogonal frequency division multiple access(OFDMA) systems, inter-cell interference control becomes a critical issue in radio resource management. The allocation of the same channels in neighbor cells cause inter-cell interference, so the channel allocation needs to be taken carefully to lower the inter-cell interference. In distributed channel allocation, each cell independently tries to allocate channels that suffer low interference level. In this paper, under the assumption of static users, we introduce the concept of interference range and use it in designing our two algorithms; basic and combined. The basic algorithm performs interference range detection and determines whether to use the considered channel, while the combined algorithm checks the channel quality in addition to detecting the interference range. The two algorithms dynamically perform channel allocation with low complexity and show good throughput and fairness performance.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.10
• /
• pp.4794-4800
• /
• 2012

Many researches have been performed to resist buffer overflow attacks. However, the attack still poses one of the most important issue in system security field. It is because programmers are using library functions containing security hole and once buffer overflow vulnerability has been found, the security patches are distributed after the attacks are widely spreaded. In this paper, we propose a new cache level return address stack architecture for resisting buffer overflow attack. We implemented our hardware onto SimpleScalar simulator and verified its functionality. Our circuit can overcome the various disadvantages of previous works with small overhead.

• Journal of Digital Convergence
• /
• v.11 no.4
• /
• pp.215-220
• /
• 2013

The super computer calls usually as the super computer in case the computing power of the computer is 20 G flops (GFLOPS) or greater. In the past, the computer equipped with the vector processor (the instrument processing the order having the logic operation and maximum value or minimum value besides the common computer instruction) processing the scientific calculation with the super high speed was installed as the super computer. Recently, cyber attack focuses on supercomputer because if it is being infected, then it will affect hundreds of client PC. Therefore, our research paper analyzed super computer security issues and biometric countermeasure to develop the level of security on super computer.

• Journal of Korean Society of societal Security
• /
• v.1 no.4
• /
• pp.33-40
• /
• 2008

Personal information security has been as risk ever since the development of information technology increased its internet use. As personal information security is compromised there will be a rise in personal privacy conflicts and this will become an important social issue. The following research is a presentation of the warning map for risk monitoring on personal information security. First, the personal information security process is identified then defined. Second, in order to achieve the personal information security's objective, a survey was taken and the data was collected. Third, factor in the Fishbone Diagram's analysis and figure out the key indicators that include metric and threshold. Last, develop the warning map which has the matrix table composed of the process and the risk. It displays the warning based on the threshold and the value of key indicators related to risks.