• Title/Summary/Keyword: 인터넷 공격

Search Result 1,195, Processing Time 0.021 seconds

Harmful Traffic Control Using Sink Hole Routing (싱크홀 라우팅을 이용한 유해 트래픽 제어)

  • Chang, Moon-Soo;Lee, Jeong-Il;Oh, Chang-Suk
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.4
    • /
    • pp.69-76
    • /
    • 2009
  • The construction of Internet IP-based Network is composed of router and switch models in a variety of companies. The construction by various models causes the complexity of the management and control as different types of CLI is used by different company to filter out abnormal traffics like worm, virus, and DDoS. To improve this situation, IETF is working on enacting XML based configuration standards from NETCONF working group, but currently few commands processing at the level of operation layer on NETCONF are only standardized and it's hard for unified control operation process between different make of system as different company has different XML command to filter out abnormal traffics. This thesis proposes ways to prevent abnormal attacks and increase efficiency of network by re-routing the abnormal traffics coming thru unified control for different make of systems into Sinkhole router and designing a control system to efficiently prevent various attacks after checking the possibility of including abnormal traffics from unified control operation.

A Study on Traceback by WAS Bypass Access Query Information of DataBase (DBMS WAS 우회접속의 쿼리정보 역추적 연구)

  • Baek, Jong-Il;Park, Dea-Woo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.14 no.12
    • /
    • pp.181-190
    • /
    • 2009
  • DBMS access that used high speed internet web service through WAS is increasing. Need application of DB security technology for 3-Tier about DBMS by unspecified majority and access about roundabout way connection and competence control. If do roundabout way connection to DBMS through WAS, DBMS server stores WAS's information that is user who do not store roundabout way connection user's IP information, and connects to verge system. To DBMS in this investigation roundabout way connection through WAS do curie information that know chasing station security thanks recording and Forensic data study. Store session about user and query information that do login through web constructing MetaDB in communication route, and to DBMS server log storing done query information time stamp query because do comparison mapping actuality user discriminate. Apply making Rule after Pattern analysis receiving log by elevation method of security authoritativeness, and develop Module and keep in the data storing place through collection and compression of information. Kept information can minimize false positives of station chase through control of analysis and policy base administration module that utilize intelligence style DBMS security client.

Study on Zero Trust Architecture for File Security (데이터 보안을 위한 제로 트러스트 아키텍처에 대한 연구)

  • Han, Sung-Hwa;Han, Joo-Yeon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2021.10a
    • /
    • pp.443-444
    • /
    • 2021
  • Security threats to information services are increasingly being developed, and the frequency and damage caused by security threats are also increasing. In particular, security threats occurring inside the organization are increasing significantly, and the size of the damage is also large. A zero trust model has been proposed as a way to improve such a security environment. In the zero trust model, a subject who has access to information resources is regarded as a malicious attacker. Subjects can access information resources after verification through identification and authentication processes. However, the initially proposed zero trust model basically focuses on the network and does not consider the security environment for systems or data. In this study, we proposed a zero trust-based access control mechanism that extends the existing zero trust model to the file system. As a result of the study, it was confirmed that the proposed file access control mechanism can be applied to implement the zero trust model.

  • PDF

A Study on the Model for Preemptive Intrusion Response in the era of the Fourth Industrial Revolution (4차 산업혁명 시대의 선제적 위협 대응 모델 연구)

  • Hyang-Chang Choi
    • Convergence Security Journal
    • /
    • v.22 no.2
    • /
    • pp.27-42
    • /
    • 2022
  • In the era of the Fourth Industrial Revolution, digital transformation to increase the effectiveness of industry is becoming more important to achieving the goal of industrial innovation. The digital new deal and smart defense are required for digital transformation and utilize artificial intelligence, big data analysis technology, and the Internet of Things. These changes can innovate the industrial fields of national defense, society, and health with new intelligent services by continuously expanding cyberspace. As a result, work productivity, efficiency, convenience, and industrial safety will be strengthened. However, the threat of cyber-attack will also continue to increase due to expansion of the new domain of digital transformation. This paper presents the risk scenarios of cyber-attack threats in the Fourth Industrial Revolution. Further, we propose a preemptive intrusion response model to bolster the complex security environment of the future, which is one of the fundamental alternatives to solving problems relating to cyber-attack. The proposed model can be used as prior research on cyber security strategy and technology development for preemptive response to cyber threats in the future society.

Study on Improvement of Weil Pairing IBE for Secret Document Distribution (기밀문서유통을 위한 Weil Pairing IBE 개선 연구)

  • Choi, Cheong-Hyeon
    • Journal of Internet Computing and Services
    • /
    • v.13 no.2
    • /
    • pp.59-71
    • /
    • 2012
  • PKI-based public key scheme is outstanding in terms of authenticity and privacy. Nevertheless its application brings big burden due to the certificate/key management. It is difficult to apply it to limited computing devices in WSN because of its high encryption complexity. The Bilinear Pairing emerged from the original IBE to eliminate the certificate, is a future significant cryptosystem as based on the DDH(Decisional DH) algorithm which is significant in terms of computation and secure enough for authentication, as well as secure and faster. The practical EC Weil Pairing presents that its encryption algorithm is simple and it satisfies IND/NM security constraints against CCA. The Random Oracle Model based IBE PKG is appropriate to the structure of our target system with one secret file server in the operational perspective. Our work proposes modification of the Weil Pairing as proper to the closed network for secret file distribution[2]. First we proposed the improved one computing both encryption and message/user authentication as fast as O(DES) level, in which our scheme satisfies privacy, authenticity and integrity. Secondly as using the public key ID as effective as PKI, our improved IBE variant reduces the key exposure risk.

Apple eases up on SDK policy: Avoiding antitrust? or strategic decision? (Apple의 폐쇄적 SDK정책 포기의 함의: 반독점성 시비의 회피와 전략적 결정)

  • Kim, Joon-Young;Park, Jin-Kyung;Lee, Bong-Gyou
    • Journal of Internet Computing and Services
    • /
    • v.11 no.6
    • /
    • pp.135-144
    • /
    • 2010
  • Apple recently announced a new policy about software development kit that banned the use of tools that convert apps built on other platforms into iPhone apps. Therefore, Adobe cannot develop their software to AppStore that inquire to the Department of Justice and the Federal Trade Commission about antitrust actions. Someone argue that Apple try to exclusive smartphone market such as the Microsoft antitrust lawsuit in 1998, but this case is essentially different. First, it need to define Apple's software development kit for iPhone and iPad is whether antitrust or not. Because of the characteristics of two-sided market in Smartphone Apple's iPhone cannot monopoly in cellphone or smartphone market, but it can be an antitrust in application store market. However, Apple re-announced new software development kit policy that shows positive results. Instead of hastily intervened regulatory agencies, the DOJ or the FTC, it is quite desirable that watching the interaction between companies that whether market failures or not and if it's harmful for consumer's benefit. Adobe attack Apple to advocate consumers and developers freedom of choice, but the most important thing is conclusion based on a comprehensive analysis need to objective point of view that Apple do whether antitrust act or not and damage to developers and consumers who are both side of platform.

Design and Implementation of Interactive Game based on Embedded System (내장형 시스템 기반 체험형 게임의 설계 및 구현)

  • Lee, Woosik;Jung, Hoejung;Heo, Hojin;Kim, Namgi
    • Journal of Internet Computing and Services
    • /
    • v.18 no.4
    • /
    • pp.43-50
    • /
    • 2017
  • Embedded System includes touch, GPS, motion, and acceleration sensor, and can communicate with neighbor devices using wireless communication. Because Arduino with embedded system provides good environment for development and application, developers, engineers, designers, as well as artists, students have a great interest. They utilize Arduino in the robot, home appliances, fashion, culture and so on. In this paper, we design and implement a game using Arduino with embedded system which recognizes the human movement by moving away from one-dimensional game of the existing touch method. Implemented embedded system game measures gyro-sensor to recognize human movement and detects the attack success of the opponent by using touch sensor. Moreover, health of the game player is updated in the real time through the android phone-based database. In this paper, implemented embedded system-based game provides GUI screen of android phone. It is possible to select watching mode and competition mode. Also, it has low energy consumption and easy to expand because it send and receive data packet through recent Bluetooth communication.

Adaptive Consensus Bound PBFT Algorithm Design for Eliminating Interface Factors of Blockchain Consensus (블록체인 합의 방해요인 제거를 위한 Adaptive Consensus Bound PBFT 알고리즘 설계)

  • Kim, Hyoungdae;Yun, Jusik;Goh, Yunyeong;Chung, Jong-Moon
    • Journal of Internet Computing and Services
    • /
    • v.21 no.1
    • /
    • pp.17-31
    • /
    • 2020
  • With the rapid development of block chain technology, attempts have been made to put the block chain technology into practical use in various fields such as finance and logistics, and also in the public sector where data integrity is very important. Defense Operations In addition, strengthening security and ensuring complete integrity of the command communication network is crucial for operational operation under the network-centered operational environment (NCOE). For this purpose, it is necessary to construct a command communication network applying the block chain network. However, the block chain technology up to now can not solve the security issues such as the 51% attack. In particular, the Practical Byzantine fault tolerance (PBFT) algorithm which is now widely used in blockchain, does not have a penalty factor for nodes that behave maliciously, and there is a problem of failure to make a consensus even if malicious nodes are more than 33% of all nodes. In this paper, we propose a Adaptive Consensus Bound PBFT (ACB-PBFT) algorithm that incorporates a penalty mechanism for anomalous behavior by combining the Trust model to improve the security of the PBFT, which is the main agreement algorithm of the blockchain.

The study of Defense Artificial Intelligence and Block-chain Convergence (국방분야 인공지능과 블록체인 융합방안 연구)

  • Kim, Seyong;Kwon, Hyukjin;Choi, Minwoo
    • Journal of Internet Computing and Services
    • /
    • v.21 no.2
    • /
    • pp.81-90
    • /
    • 2020
  • The purpose of this study is to study how to apply block-chain technology to prevent data forgery and alteration in the defense sector of AI(Artificial intelligence). AI is a technology for predicting big data by clustering or classifying it by applying various machine learning methodologies, and military powers including the U.S. have reached the completion stage of technology. If data-based AI's data forgery and modulation occurs, the processing process of the data, even if it is perfect, could be the biggest enemy risk factor, and the falsification and modification of the data can be too easy in the form of hacking. Unexpected attacks could occur if data used by weaponized AI is hacked and manipulated by North Korea. Therefore, a technology that prevents data from being falsified and altered is essential for the use of AI. It is expected that data forgery prevention will solve the problem by applying block-chain, a technology that does not damage data, unless more than half of the connected computers agree, even if a single computer is hacked by a distributed storage of encrypted data as a function of seawater.

Implementation of Secure System for Blockchain-based Smart Meter Aggregation (블록체인 기반 스마트 미터 집계 보안 시스템 구축)

  • Kim, Yong-Gil;Moon, Kyung-Il
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.20 no.2
    • /
    • pp.1-11
    • /
    • 2020
  • As an important basic building block of the smart grid environment, smart meter provides real-time electricity consumption information to the utility. However, ensuring information security and privacy in the smart meter data aggregation process is a non-trivial task. Even though the secure data aggregation for the smart meter has been a lot of attention from both academic and industry researchers in recent years, most of these studies are not secure against internal attackers or cannot provide data integrity. Besides, their computation costs are not satisfactory because the bilinear pairing operation or the hash-to-point operation is performed at the smart meter system. Recently, blockchains or distributed ledgers are an emerging technology that has drawn considerable interest from energy supply firms, startups, technology developers, financial institutions, national governments and the academic community. In particular, blockchains are identified as having the potential to bring significant benefits and innovation for the electricity consumption network. This study suggests a distributed, privacy-preserving, and simple secure smart meter data aggregation system, backed up by Blockchain technology. Smart meter data are aggregated and verified by a hierarchical Merkle tree, in which the consensus protocol is supported by the practical Byzantine fault tolerance algorithm.