• Journal of Internet Computing and Services
• /
• v.2 no.4
• /
• pp.41-53
• /
• 2001

Multi-distributed web cluster model built for high availability E-Business model exposes internal system nodes on its structural characteristics and has a potential that normal job performance is impossible due to the intentional prevention and attack by an illegal third party. Therefore, the security system which protects the structured system nodes and can correspond to the outflow of information from illegal users and unfair service requirements effectively is needed. Therefore the suggested distributed invasion detection system is the technology which detects the illegal requirement or resource access of system node distributed on open network through organic control between SC-Agents based on the shared memory of SC-Server. Distributed invasion detection system performs the examination of job requirement packet using Detection Agent primarily for detecting illegal invasion, observes the job process through monitoring agent when job is progressed and then judges the invasion through close cooperative works with other system nodes when there is access or demand of resource not permitted.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.831-840
• /
• 2002

Due to the advance of computer and communication technology, intrusions or crimes using a computer have been increased rapidly while tremendous information has been provided to users conveniently Specially, for the security of a database which stores important information such as the private information of a customer or the secret information of a company, several basic suity methods of a database management system itself or conventional misuse detection methods have been used. However, a problem caused by abusing the authority of an internal user such as the drain of secret information is more serious than the breakdown of a system by an external intruder. Therefore, in order to maintain the sorority of a database effectively, an anomaly defection technique is necessary. This paper proposes a method that generates the normal behavior profile of a user from the database log of the user based on an association mining method. For this purpose, the Information of a database log is structured by a semantically organized pattern tree. Consequently, an online transaction of a user is compared with the profile of the user, so that any anomaly can be effectively detected.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.412-415
• /
• 2004

As computers and networks become popular, corporation or country organization composes security network including various kinds information protection system to protect informations and resources from internet and is operating system and network. But current firewall and IDS(Intrusion Detection System) of the network level suffers from many vulnerabilities in internal computing informations and resources. In this paper, we design of ICMP-based Traceback System using a ICMP Traceback Message for efficiently traceback without change structure of routers. ICMP-based Traceback System. Create of ICMP message is managed by “Traceback Agent” mirroring port for router. Victim's systems that are received the message store it and “Traceback Manager” is detect a attack(like a DDoS). Using a information of this message starting a traceback and detecting a source of attacker, so response a attack.

• Journal of Digital Convergence
• /
• v.20 no.5
• /
• pp.559-567
• /
• 2022

The effect of smartphone usage motivation on application display advertising attitude and advertising avoidance was investigated. In addition, the mediating effect of advertising intrusion was confirmed. The total number of participants in the study was 309, and the data collection method used a survey method. Covariate structural analysis was conducted to investigate the causal relationship between smartphone usage motivation and advertising attitude and the mediating effect of perceived intrusion on advertising avoidance. There are five results. First, the motivation for using smartphones had a significant effect on the display advertising attitude of smartphone applications. Second, the display advertising attitude of the smartphone application had a significant effect on the advertising avoidance behavior. Third, the display advertising attitude of smart phone application had a significant effect on perceived advertising intrusion. Fourth, the perception of intrusiveness of display advertising in smartphone applications had a significant effect on advertising avoidance behavior. Finally, it was confirmed that the perceived ad intrusion has a partial mediating effect in the causal relationship of the smartphone application display advertising attitude to the ad avoidance behavior. The results of this study will contribute to suggesting strategies to reduce advertising avoidance behavior.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.111-122
• /
• 2002

Malicious attackers generally attempt to intrude the target systems by taking advantage of existing system vulnerabilities and executing readily available code designed to exploit blown vulnerabilities. To the network security administrators, the rat and minimal step in providing adequate network security is to identify existing system vulnerabilities and patch them as soon as possible. Network-based vulnerability analysis scanners (NVAS), although widely used by network security engineers, have shortcomings in that they depend on limited information that is available and generally do not have access to hast-specific information. Host-based vulnerability analysis scanner (HVAS) can serve as an effective complement to NVAS. However, implementations of HVAS differ from one platform to another and from one version to another. Therefore, to security engineers who often have to maintain a large number of heterogeneous network of hosts, it is impractical to develop and manage a large number of HVAS. In this paper, we propose an agent-based architecture named ISMAEL and describe its prototype implementation. Manager process provides various agent processes with descriptiom on vulnerabilities to check, and an agent process automatically generates, compiles, and executes an Java code to determine if the target system is vulnerable or not. The result is sent back to the manager process, and data exchange occurs in % format. Such architecture provides maximal portability when managing a group of heterogeneous hosts and vulnerability database needs to be kept current because the manager process need not be modified, and much of agent process remains unchanged. We have applied the prototype implementation of ISMAEL and found it to be effective.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.277-280
• /
• 2008

Security policy that use defense system such as Intrusion Detection System or Firewall is limited to passive response that only manage important data and resources. This paper analyzes security problem and maximum of passive response, provides a responsive way to Pharming attack which is one kind of hacking. This paper also includes ICMP-based traceback system that uses ICMP traceback Message about invasion that is decided through hacking. With this paper we can intercept damage of personal information leakage and property loss that is done through Pharming attacks.

• Proceedings of the IEEK Conference
• /
• 2000.06b
• /
• pp.119-122
• /
• 2000

The speckle pattern is formed by laser light from a multimode optical fiber. The speckle fluctuation is the result of interference among propagation modes when the optical fiber is subjected to a mechanical distortion at any point along its length. The experiments were carried on for the study of the feasibility of producing an intrusion detection system using the speckle fluctuation. The speckle fluctuation signals were monitored at real time by an oscilloscope which was connected with an amplifier and a filter. The experiment results showed that the intrusion sensor had enough sensitivity to detect an intruder.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.5
• /
• pp.1165-1171
• /
• 2012

Latest, it is dealt with seriously problems that an intruder kidnapping students in elementary school. Especially young students is more vulnerable in these risks. Elementary School has many limitations in controlling the intrusion of trespassers. A problem occurs that requires a lot of manpower through the deployment and management of security systems such as CCTV and control systems. In this paper, we is designed and implemented the outsider access management system using a sensor network and PZT camera called the USN's core technology to monitoring the access control for controlling the mobility of the trespassers.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.157-164
• /
• 2006

From the hazard which it prepares in the hazards increase which it follows in information demand augmentation of information technical development and the consumer from inside systematizing integrity and solubility of information technological resources. inside against a confidentiality. The control against information and a system and a data outside is demanded. From the dissertation which it sees demand function and the structure which do information technical risk management system development it will be able to manage the danger which it infiltrates with the root which is various overview in hazard necessity it investigated the inside and outside of the country instance in the center and it analyzed. And it plans the dangerous civil official integrated process model ultimately as against a hazards it will be able to prepare in the dictionary in order, it put the place objective which it induces.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.1
• /
• pp.119-124
• /
• 2003

In this paper, we modeled positive selection and negative selection that is developing process of cytotoxic T-cell that plays important role in biological immune system. Also, we developed change detection algorithm, which is very Important part in detecting data change by intrusion and data infection by computer virus. Proposed method is the algorithm that produces MHC receptor lot recognizing self and antigen detector for recognizing non-self. Therefore, proposed method detects self and intruder by two type of detectors like real immune system. We show the effectiveness and characteristics of proposed change detection algorithm by simulation about point and block change of self file.