• Journal of KIISE:Databases
• /
• v.31 no.1
• /
• pp.1-12
• /
• 2004

As network systems are developed rapidly and network architectures are more complex than before, it needs to use PBNM(Policy-Based Network Management) in network system. Generally, architecture of the PBNM consists of two hierarchical layers: management layer and enforcement layer. A security policy server in the management layer should be able to generate new policy, delete, update the existing policy and decide the policy when security policy is requested. And the security policy server should be able to analyze and manage the alert messages received from Policy enforcement system in the enforcement layer for the available information. In this paper, we propose an alert analyzer using data mining. First, in the framework of the policy-based network security management, we design and implement an alert analyzes that analyzes alert data stored in DBMS. The alert analyzer is a helpful system to manage the fault users or hosts. Second, we implement a data mining system for analyzing alert data. The implemented mining system can support alert analyzer and the high level analyzer efficiently for the security policy management. Finally, the proposed system is evaluated with performance parameter, and is able to find out new alert sequences and similar alert patterns.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.4
• /
• pp.141-149
• /
• 2002

Recently, a number of network systems are developed rapidly and network architectures are more complex than before, and a policy-based network management should be used in network system. Especially, a new paradigm that policy-based network management can be applied for the network security is raised. A security policy server in the management layer can generate new policy, delete. update the existing policy and decide the policy when security policy is requested. The security server needs to analyze and manage the alert message received from server Policy enforcement system in the enforcement layer for the available information. In this paper, we implement an alert analyzer that analyze the stored alert data for making of security policy efficiently in framework of the policy-based network security management. We also propose a data mining system for the analysis of alert data The implemented mining system supports alert analyzer and the high level analyzer efficiently for the security.

• Electronics and Telecommunications Trends
• /
• v.20 no.1 s.91
• /
• pp.22-32
• /
• 2005

기존의 사이버 공격은 특정 호스트나 서버를 목표로 하여 정보의 탈취 및 변경 등에 집중되었으나, 현재는 직접 혹은 간접적으로 과다 트래픽을 유발하여 네트워크 서비스를 마비시키는 방향으로 그 경향이변하고 있다. 이런 사이버 공격을 방지하여 네트워크의 안정적인 서비스의 제공을 위해서는 공격 징후나 이상 징후를 탐지하고 네트워크 차원에서 이에 대한 대응 방안을 결정하여 이를 네트워크 상에 강제할 수 있는 체계적인 보안 관리가 이루어져야 한다. 또한 네트워크 각 운용 주체별로 개별 보안 상황에 대해 적용할 보안 정책이 다르므로 이를 모델링하고 적용할 수 있는 방법이 제공되어야 한다. 본 논문에서는 정책 기반 네트워크 보안 관리 기능을 수행하기 위해 필요한 공격 및 이상 징후의 탐지, 그에 대한 대응과 이런 일련의 작업에 보안 정책을 강제하기 위한 보안 정책관련 연구 동향에 대해 다루도록한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.8B
• /
• pp.525-534
• /
• 2005

This paper proposes the architecture and the methods of security network management for auto-configuration of security systems by extending the existing policy-based network management architecture. The architecture and the methods proposed in this paper enable a security management sewer to automatically decide the best-suited security policy to apply to a security system and the most effective and efficient security system to perform security policy rule, based on the role and capability information of security systems and the role and time information of security policy. For integrated control of network system and security system, this paper also proposes SNMP protocol based security network topology map generator. To show the excellence of the proposed architecture and methods, we simulate and evaluate the automatic response against attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.2B
• /
• pp.192-202
• /
• 2004

In this paper we have proposed policy-based network management system architecture for Internet QoS support Mobile IP networks that is divided into four layers(application layer, information management layer, policy control layer, device layer), then we propose an implementation strategy of policy-based network management system to enforce various control and network management operations and a model of policy server using SCOPS(Simple Common Open Policy Service) protocol that is developed in this research. For policy-based mobile IP network management system implementation, we have derived four policy classes(access control, mobile IP operation, QoS control, and network monitoring) and we showed operation procedures for each policy scenarios. Finally we have implemented Internet QoS support policy-based mobile IP network testbed and management system and verified out DiffServ policy enforcement behaviors for a target class service that is arranged a specific bandwidth on network congestion conditions.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.119-125
• /
• 2007

On account of limited resources and diverse topology change. it is difficult to manage MANET and guarantee QoS. In current MANET, QoS grantee is exceedingly significant. However, today's MANET are being concentrately worked on MAC protocols and routing protocols. Thus we proposed a framework for effective management of MANET and supporting QoS using policy based network management paradigm and active network technology. Since this framework employs the policy-based management approach in active network environment, it provides an abstract and autonomous management method to network managers.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.10
• /
• pp.21-29
• /
• 2013

This paper proposed the architecture of the authentication and the transmission for high reliable emergency data management based on U-healthcare wireless mesh networks. In U-healthcare monitoring service, the high reliable bio data management as well as the data transmission are required because the monitoring emergency bio data is related linked to life. More specifically, the technologies of the identity authentication of the measuring bio data, the personalized emergency status diagnosis who is authenticated the bio data and the emergency data transmission are important first of all. To do this, this paper presents the structure and protocol of the identity authentication management with using the extended IEEE 11073 PHD, the structure of policy-based management of the emergency bio data for the highly reliable management and the resilient routing protocol based on wireless mesh network for the reliable data transmission.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1425-1428
• /
• 2004

모바일 애드 혹 네트워크의 제한된 자원과 다양한 토폴로지 변화 때문에 모바일 애드 혹 네트워크를 관리하고 QoS를 보장하기란 매우 어려운 일이다. 또한 현재까지 모바일 애드 혹 네트워크에서 QoS 보장에 대한 관심은 많지만, 그에 대한 연구는 아직까지 미비한 실정이며 주로 MAC 프로토콜과 라우팅 프로토콜에 집중되어 있다. 따라서 본 논문에서는 차등화 서비스(DiffServ) QoS 모델을 기반으로 하는 정책기반 망 관리 기술과 동적으로 네트워크의 기능을 확장할 수 있는 액티브 네트워크 기술을 이용하여 모바일 애드 혹 네트워크를 효율적으로 관리하고 QoS를 제공할 수 있는 프레임워크를 제안한다.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.429-438
• /
• 2004

This Paper Presents the control structure for incoming traffic from arbitrary node to Provide admission control in policy-based W network management structure using fuzzy logic control approach. The proposed control structure uses scheme for deciding network resource allocation depending on requirements predefined-policies and network states. The proposed scheme enhances policy adapting methods of existing binary methods, and can use resource of network more effectively to provide adaptive admission control, according to the unpredictable network states for predefined QoS policies. Simulation results show that the proposed controller improves the ratio of packet rejection up to 26%, because it Performs the soft adaption based on the network states instead of accept/reject action in conventional CAC(Connection Admission Controller).

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.414-426
• /
• 2003

XML is being used to describe components and applications in a vendor and language neutral. Therefore it already has a role in distributed system. XML is also being used as a data interchange format between components and applications in loosely coupled large-scale application. Until now, policy is described for specific applications and devices. Its use has been very limited. In current network management system, we can only invoke predefined operations and actions using policy-based network management. The main motivation for the recent interests in policy-based networks is to support dynamic adaptability of behavior by changing policy without recoding or stopping system. For these reasons we present the use of the XML for describing the policy and PIB(Policy Information Base) in COPS-PR. It improves flexibility and interoperability among heterogeneous network systems. It also can add new functionality into network components. In this paper, we propose a dynamically extensible network management architecture using XML-based PIB.