• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.61-68
• /
• 2015

Recently, with increasing use of smartphones, the security threats also have increased rapidly. Especially, the compromised smartphone is very dangerous because it could be exploited in a DDOS attacks such as cyberterrorism as well as in the leakage of personal information. However, most bot detection mechanisms are still unsuitable for smartphone with its lower computing capability and limited battery capacity because they incur additional computational overheads or require pre-defined signatures. In this paper, we present an efficient bot detection mechanism in smartphones. Our mechanism detects effectively bots in outgoing traffic by using a correlation between user events and network traffic. We have implemented its prototype in Android smartphone and measured its performance. The evaluation results show that our mechanism provides low overhead to detect bots in smartphones.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.55-63
• /
• 2016

SOA(service oriented architecture) based ESB(enterprise service bus) model is widely adopted in many companies for the safe processing of enormous data and the integration of business system. The existing web service technologies for the construction of SOA, however, show unsatisfactory in practical applications though the standardization of web service security technologies is in progress due to their limitations in safe exchange of data. Internal end users using a large business system based on such environment are composed of the variety of organizations and roles. Companies might receive more serious damage from insider threat than that from external one when internal end users get unauthorized information beyond the limits of their authority for private profit and bad purposes. In this paper, we propose a security architecture capable of identifying and coping with the security threats of web service technologies arouse from internal end users.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.6 s.38
• /
• pp.9-16
• /
• 2005

Recently, since the number of internet users is increasing rapidly and, by using the Public hacking tools, general network users can intrude computer systems easily, the hacking problem is setting more serious. In order to prevent the intrusion. it is needed to detect the sign in advance of intrusion in a Positive Prevention by detecting the various forms of hackers intrusion trials to know the vulnerability of systems. The existing network-based anomaly detection algorithms that cope with port-scanning and the network vulnerability scans have some weakness in intrusion detection. they can not detect slow scans and coordinated scans. therefore, the new concept of algorithm is needed to detect effectively the various. In this Paper, we propose a detection algorithm for session patterns and FCM.

• Journal of Internet Computing and Services
• /
• v.10 no.3
• /
• pp.9-15
• /
• 2009

It takes quite amount of time to study a board game because there are many game characters and different stages are exist for board games. Also, the opponent is not just a single character that means it is not one on one game, but group vs. group. That is why strategy is needed, and therefore applying optimum learning is a must. This paper used reinforcement learning algorithm for board characters to learn, and so they can move intelligently. If there were equal result that both are considered to be best ones during the course of learning stage, Heuristic which utilizes learning of problem area of Jul-Gonu was used to improve the speed of learning. To compare a normal character to an improved one, a board game was created, and then they fought against each other. As a result, improved character's ability was far more improved on learning speed.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.11-25
• /
• 2005

In MIPv6 environment, an important design consideration for public key based binding update protocols is to minimize asymmetric cryptographic operations in mobile nodes with constraint computational power, such as PDAs and cellular phones, For that, public key based protocols such as CAM-DH. SUCV and Deng-Zhou-Bao's approach provides an optimization to offload asymmetric cryptographic operations of a mobile node to its home agent. However, such protocols have some problems in providing the optimization. Especially, CAM-DH with this optimization does not unload all asymmetric cryptographic operations from the mobile node, while resulting in the home agent's vulnerability to denial of service attacks. In this paper, we improve the drawbacks of CAM-DH. Furthermore, we adopt Aura's two hash-based CGA scheme to increase the cost of brute-force attacks searching for hash collisions in the CGA method. The comparison of our protocol with other public key based protocols shows that our protocol can minimize the MN's computation overhead, in addition to providing better manageability and stronger security than other protocols.

• Journal of Internet Computing and Services
• /
• v.5 no.5
• /
• pp.93-103
• /
• 2004

The main function of the intrusion Detection System (IDS) usee to be more or less passive detection of the intrusion evidences, but recently it is developed with more diverse types and methodologies. Especially, it is required that the IDS should process large system audit data fast enough. Therefore the data mining or neural net algorithm is being focused on, since they could satisfy those situations. In this study, we first surveyed and analyzed the several recent intrusion trends and types. And then we designed and implemented an IDS using back-propagation algorithm of the neural net, which could provide more effective solution. The distinctive feature of our study could be stated as follows. First, we designed the system that allows both the Anomaly dection and the Misuse detection. Second, we carried out the intrusion analysis experiment by using the reliable KDD Cup ‘99 data, which would provide us similar results compared to the real data. Finally, we designed the system based on the object-oriented concept, which could adapt to the other algorithms easily.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.3
• /
• pp.153-161
• /
• 2020

Due to the recent development of the 4th industrial revolution, Smart Factories that organically link various technologies such as AI, IoT, Cloud, and Big Data are increasing. Based on this, in the industrial environment where the internal process is controlled automatically, high availability should be secured against the loss caused when the internal process of the Smart Factory is stopped due to the determinism and malicious attack necessary to control the device such as PLC. The research and analysis of industrial network equipment and security equipment used in various industries can improve the efficiency and usability of industrial control systems in national infrastructure and can provide important feedback to build related infrastructure. Therefore, we compared industrial network equipment and security equipment in this paper in a variety of ways and expect to be used as a roadmap for developing technologies for industrial network equipment and industrial security equipment based on the results of this paper.

• Journal of Digital Contents Society
• /
• v.18 no.7
• /
• pp.1403-1409
• /
• 2017

As the Internet evolves, security becomes more important. Especially, e-mail has become one of the most important services that companies and ordinary users use on the Internet. However, security vulnerabilities such as sniffing attacks, IDs, and password spoofs are causing many problems. This paper introduces an example of implementation of encrypted mailing program with which the secured mail is encrypted by symmetric key methode and the encrypted message can not be read without proper decryption. In order to use the current mailing systems, we keep the rules related to SMTP and POP3, and only the encrypted message is stored in the mail server system and the message can be decrypted only at the terminals of the senders and the receivers with the key which is shared in advanced by independent route between them. This implementation scheme can provide an efficiency that it does not request any change of current mailing system, which can be an additional security protection.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.6
• /
• pp.127-135
• /
• 2017

Recently, the most brand new vehicles contain a lot of ECU for comfortable and safety driving environments. For efficient communication network among ECUs, almost car manufactures use CAN protocol which enables to decrease the number of communication lines dramatically and ensures higher data transmission reliability. However, CAN dose not ensure authentication of CAN data frame. So it is vulnerable to replay-attack on CAN data frame. This paper proposes the practical message authentication technique for In-vehicle CAN. To transmit data and MAC together, it is very useful to use the short length of MAC after considering limited space of CAN data frame. However to ensure safety of MAC, additional technique is required. We suggested a message authentication technique that can be usefully applied to build a safety network inside the vehicle because it considers limited data payload of CAN.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.719-724
• /
• 2004

Recently, since the number of internet users is increasing rapidly and, by using the public hacking tools, general network users can intrude computer systems easily, the hacking problem is getting more serious. In order to prevent the intrusion, it is needed to detect the sign in advance of intrusion in a positive prevention by detecting the various foms of hackers' intrusion trials to know the vulnerability of systems. The existing network-based anomaly detection algorithms that cope with port- scanning and the network vulnerability scans have some weakness in intrusion detection. they can not detect slow scans and coordinated scans. therefore, the new concept of algorithm is needed to detect effectively the various forms of abnormal accesses for intrusion regardless of the intrusion methods. In this paper, SPAD(Session Pattern Anomaly Detector) is presented, which detects the abnormal service patterns by comparing them with the ordinary normal service patterns.