• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.585-600
• /
• 2012

Security issues in online games are increasing as the online game industry grows. Real money trading (RMT) by online game users has become a security issue in several countries including Korea because RMT is related to criminal activities such as money laundering or tax evasion. RMT-related activities are done by professional work forces, namely gold-farmers, and many of them employ the automated program, bot, to gain cyber asset in a quick and efficient way. Online game companies try to prevent the activities of gold-farmers using game bots detection algorithm and block their accounts or IP addresses. However, game bot detection algorithm can detect a part of gold-farmer's network and IP address blocking also can be detoured easily by using the virtual private server or IP spoofing. In this paper, we propose a method to detect gold-farmer groups by analyzing their connection patterns to the online game servers, particularly information on their routing and source locations. We verified that the proposed method can reveal gold-farmers' group effectively by analyzing real data from the famous MMORPG.

• The KIPS Transactions:PartC
• /
• v.19C no.3
• /
• pp.185-190
• /
• 2012

The recent trends in malwares show the most widely used for the distribution of malwares that the targeted computer is infected while the user is accessing to the website, without being aware of the fact that, in which the harmful codes are concealed. In this thesis, we propose a new malicious web page detection system based on a real time analysis of normal/abnormal behaviors in client-side. By means of this new approach, it is not only the limitation of conventional methods can be overcome, but also the risk of infection from malwares is mitigated.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.17-25
• /
• 2004

As Internet and Internet users are rapidly increasing and getting popularized in the world the existing firewall has limitations to detect attacks which exploit vulnerability of web server. And these attacks are increasing. Most of all, intrusions using web application's programming error are occupying for the most part. In this paper, we introduced real-time web-server agent which analyze web-server based log and detect web-based attacks after the analysis of the web-application's vulnerability. We propose the method using real-time agent which remove Process ID(pid) and block out attacker's If if it detects the intrusion through the decision stage after judging attack types and patterns.

• Review of KIISC
• /
• v.27 no.4
• /
• pp.22-26
• /
• 2017

온라인 게임은 가장 성공적인 인터넷 서비스 중 하나로서 빠른 속도로 성장해 왔다. 그러나 게임을 대상으로 하는 다양한 공격들이 있었고 그로 인해 많은 정상 사용자들 및 게임서비스 회사에 피해가 발생함에 따라, 온라인 게임 서비스를 보호하기 위한 다양한 기법들이 연구되어 왔다. 실제로 대규모 이용자들이 접속하는 PC 게임들의 경우, 게임 클라이언트단, 네트워크 단, 서버 단 각 구간별로 다양한 보안 기법들이 개발되어 적용되어 왔다. 이 중, 게임 클라이언트는 사용자 및 해커 쪽에서 손쉽게 접근이 가능하기 때문에 공격에 쉽게 노출되어 있어 신뢰하기 어려운 구간이었다. 더불어, 게임 클라이언트 단에 강력한 보안을 적용할 경우 성능저하가 발생하기 때문에 상용 게임보안 솔루션에 의해 프로세스 및 메모리 보호를 받는 등 역공학 방지 기법 및 난독화 기법 정도만을 최소한으로 적용하고, 그 외에는 대부분의 탐지 및 차단 기법들을 네트워크 단 및 서버 단에 적용하는 것이 일반화 되어 있다. 하지만, 최근 하드웨어의 지원을 받아 클라이언트 단의 성능저하를 최소화 하면서도, 게임 클라이언트를 TEE (Trusted Execution Environment)에서 안전하게 실행할 수 있는 기술들이 등장하면서, 게임 클라이언트 단의 보안기술이 다시 주목받고 있다. 본 논문에서는 메모리 변조 공격 및 게임프로세스에 인젝션 공격을 하는 게임해킹 기법들에 대응하기 위하여 Intel에서 발표한 새로운 하드웨어 보안 기술인 Intel SGX(Software Guard Extensions)를 적용하는 방안에 대해 소개한다. Intel SGX를 적용하여 게임프로그램의 프로세스를 보호할 경우 코드와 데이터의 무결성 및 기밀성을 보장하며 실행시킬 수 있기 때문에, 온라인게임보안 발전에 상당히 기여할 수 있을 것으로 기대된다.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.1
• /
• pp.49-56
• /
• 2004

With the growing usage of the networks, the users in the Internet uses some kinds of web server. They confused that each web server uses the different user ID and passwords. To solve these problems, SSO (Single Sign-On) solution is introduced. We presents the modeling methods which are efficiently constructed the network management models. We constructed the intrusion detection systems and firewalls using the SSO. This architecture is efficient to manage the network usage and control. SSO solution designed on the small scale Intranet. CA server in the 550 that depends on PKI (Public Key Infrastructure) is used to issue the certificates. SHTTP based on SSL (Secure Socket Layer) is used to protect the data between certificate server and the intranet users.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.739-742
• /
• 2011

This paper describes system design and realization to the ubiquitous intelligent lesson management. This system includes students management by utilizing RFID and web-cam, personal security certification by fingerprint recognition, keyboard locking of PC by hooking technology, personal data management by cloud system, internet block access by a packet monitoring. We have design and realize this system, In the future, we will applicate our system to the classes using computer.

• Proceedings of the KIEE Conference
• /
• 2008.07a
• /
• pp.834-835
• /
• 2008

전자기 접촉기(electromagnetic contactor)는 교류 또는 직류 저압의 전로(電路)에 사용되는 부하개폐기의 한 종류로 전자석 코일(electromagnet coil)의 여자(勵磁)에 의하여 주 접촉자를 개폐시키는 기기이다. 일반적으로 전자기 접촉기는 단락전류를 차단하도록 설계되어 있지는 않다. 그러므로 설치 시 적절한 단락 보호가 이루어져야 하며, 반드시 접촉기의 일부분일 필요는 없다. 차단기와 퓨즈 등을 단락보호장치(SCPD, Short-Circuit Protective Device)로 많이 사용한다. 전자기 접촉기는 특히 고빈도 개폐를 목적으로 사용되는 개폐기로, 농형모터(squirrel-cage motors)의 시동, 운전 중의 정지, 플러깅(plugging, 모터가 운전하고 있는 중에 모터의 1차측 접속을 역으로 바꿔서 모터를 급격히 정지시키거나 역 회전시키는 것) 및 인칭(inching, 모터를 짧은 기간 동안 1회 또는 반복 여자해서 피동기구를 조금 이동시키는 것)에 많이 쓰인다. 이러한 기기의 개폐특성을 평가하기 위한 부하는 과도회복 전압의 진동 주파수(oscillatory frequency)와 진폭율 ${\gamma}$를 얻을 수 있도록 조정되어야 한다. 본 논문에서는 고빈도 개폐능력을 갖고 있는 전자기 접촉기의 과도회복 전압 특성과 그 특성을 얻기 위한 부하 회로의 조정방법에 대해 고찰하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1955-1962
• /
• 2012

Recently the flow of information security has become a user-centered change. This is mostly breach of security by the normal and abnormal entering harmful files during user internet. Therefore, we would like to design security system that breach of security can be prevented in advance to improve using the reliability of DNS and system control in this paper. In other words, we would like to suggest method can be block randomly to access the site which information security system of user-centric is breached harmful files infected in user computer.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.685-687
• /
• 2013

Today, as wireless communications devices such as laptops, smart phones are generalized, wireless LAN has been widely installed in the corporate office conference rooms, industrial warehouses, Internet-ready classrooms, and even in a coffee shop. Though a wired network can be accessed and attacked only by the physical penetration, the wireless network which can be accessed anywhere within the reach of anyone has relative vulnerability by unauthorized users' attack. To defend these vulnerabilities, the introduction of WIDS / WIPS is required. In this paper, we recognize the limitations of WLAN security technology, review the current technology trends and propose the solutions in the future security problems.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.10A
• /
• pp.1529-1539
• /
• 2000

The contact procedure of access channel necessary to set up the originating call has a close relation with the performance and capacity of the base station system in CDMA cellular network. This paper investigates the structure and the operation of the backward channel of IS-95 CDMA standard and explains the related system parameters. We can derive the throughput of the CDMA access channel depending on the arrivals of the access probes per access channel slot, given the system parameters such as cell radius, the maximum number of retransmission, and the error rates of the access and paging channel. It shows that the performance in throughput is much better in the CDMA IS-95 access channel than in the slotted aloha channel. It also gives the reasonable number of the trafic channels in a cell with the given blocking probability.