• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.6
• /
• pp.187-194
• /
• 2020

This paper proposes a website fingerprinting method using ensemble learning over a Tor network that guarantees client anonymity and personal information. We construct a training problem for website fingerprinting from the traffic packets collected in the Tor network, and compare the performance of the website fingerprinting system using tree-based ensemble models. A training feature vector is prepared from the general information, burst, cell sequence length, and cell order that are extracted from the traffic sequence, and the features of each website are represented with a fixed length. For experimental evaluation, we define four learning problems (Wang14, BW, CW_T, CW_H) according to the use of website fingerprinting, and compare the performance with the support vector machine model using CUMUL feature vectors. In the experimental evaluation, the proposed statistical-based training feature representation is superior to the CUMUL feature representation except for the BW case.

• KSCI Review
• /
• v.14 no.2
• /
• pp.235-244
• /
• 2006

This paper attacked the unknown DoS which mixed a DoS attack, Worm and the Trojan horse which used IP Source Address Spoofing and Smurf through the SYN Flooding way that UDP, ICMP, Echo, TCP Syn packet operated. the applications that used TCP/UDP in VoIP service networks. Define necessity of a Dynamic Update Engine for a prevention, and measure Miss traffic at RT statistics of inbound and outbound parts in case of designs of an engine at IPS regarding an Self-learning module and a statistical attack spread. and design a logic engine module. Three engines judge attack grades (Attack Suspicious, Normal), and keep the most suitable filtering engine state through AND or OR algorithms at Footprint Lookup modules. A Real-Time Dynamic Engine and Filter updated protected VoIP service from DoS attacks, and strengthened Ubiquitous Security anger, and were turned out to be.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.165-174
• /
• 2006

This paper attacked the unknown DoS which mixed a DoS attack, Worm and the Trojan horse which used IP Source Address Spoofing and Smurf through the SYN Flooding way that UDP, ICMP, Echo, TCP Syn packet operated, the applications that used TCP/UDP in VoIP service networks. Define necessity of a Dynamic Update Engine for a prevention, and measure Miss traffic at RT statistics of inbound and outbound parts in case of designs of an engine at IPS regarding an Self-learning module and a statistical attack spread, and design a logic engine module. Three engines judge attack grades (Attack, Suspicious, Normal), and keep the most suitable filtering engine state through AND or OR algorithms at Footprint Lookup modules. A Real-Time Dynamic Engine and Filter updated protected VoIP service from DoS attacks, and strengthened Ubiquitous Security anger, and were turned out to be.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.821-828
• /
• 2004

To analyze the usage information of system and network resources to the each grid application by measuring the real time traffic and calculating the statistic information, we suggested the kernel-based monitoring methods by researching the efficient monitoring method. This method use small system resourcesand measure the monitoring information accurately with less delay than the usual packet capture methods such as tcpdump. Also we implemented the monitoring systems which can monitor the used resources of system and network for grid application using the suggested kernel-based monitoring method. This research can give the useful information to the development of grid application and to grid network scheduler which can assign the proper resources to the grid application to perform efficiently. Network administrator can decide whether the expansion of network is required or not using the monitoring information.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.827-838
• /
• 2005

DDoS (Distributed Denial of Service) attack is a critical threat to current Internet. To solve the detection and response of DDoS attack on BcN, we have investigated detection algorithms of DDoS and Implemented anomaly detection modules. Recently too many technologies of the detection and prevention have developed, but it is difficult that the IDS distinguishes normal traffic from the DDoS attack Therefore, when the DDoS attack is detected by the IDS, the firewall just discards all over-bounded traffic for a victim or absolutely decreases the threshold of the router. That is just only a method for preventing the DDoS attack. This paper proposed the mechanism of response for the legitimated clients to be protected Then, we have designed and implemented the statistic based system that has the automated detection and response functionality against DDoS on Linux Zebra router environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.6
• /
• pp.663-671
• /
• 2016

According to rapidly increasing of network traffics, necessity of high-speed router also increased. For various purposes, like traffic statistic and security, traffic measurement function should performed by router. However, because of the nature of high-speed router, memory resource of router was limited. RCC proposed a way to measure traffics with high speed and accuracy. Additional quadratic probing hashing table used for accumulating elephant flows in RCC. However, in our experiment, quadratic probing performed many overheads when allocated small memory space or load factor was high. Especially, quadratic requested many calculations in update and lookup. To face this kind of problem, we use a cuckoo hashing which performed a good performance in update and loop for enhancing the RCC. As results, RCC with cuckoo hashing performed high accuracy and speed even when load factor of memory was high.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.1
• /
• pp.57-70
• /
• 1999

Since a hybrid firewall filters packets at a network layer along with providing gateway functionalities at an application layer, it has a better performance than an If filtering firewall. In addition, it provides both the various kinds of access control mechanisms and transparent services to users. However, the security policies of a network layer are different from those of an application layer. Thus, the user interfaces for managing a hybrid firewalls in a consistent manner are needed. In this paper, we implement a graphical user interface to provide access control mechanisms and management facilities for a hybrid firewall such as log analysis, a real-time monitor for network traffics, and the statisics on traffics. And we also propose a new rule script language for specifying access control rules. By using the script language, users can generate the various forma of access control rules which are adapted by the existing firewalls.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.3
• /
• pp.449-455
• /
• 2021

This paper proposes an encryption web transaction attack detection system based on the existing web application monitoring system. Although there was difficulty in detecting attacks on the encrypted web traffic because the existing web traffic security systems detect and defend attacks based on encrypted packets in the network area of the encryption section between the client and server, by utilizing the technology of the web application monitoring system, it is possible to detect various intelligent cyber-attacks based on information that is already decrypted in the memory of the web application server. In addition, since user identification is possible through the application session ID, statistical detection of attacks such as IP tampering attacks, mass web transaction call users, and DDoS attacks are also possible. Thus, it can be considered that it is possible to respond to various intelligent cyber attacks hidden in the encrypted traffic by collecting and detecting information in the non-encrypted section of the encrypted web traffic.

• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.466-468
• /
• 1999

현재 인터넷 프로토콜인 IPv4의 주소 부족 등의 문제를 해결하기 위해 차세대 인터넷 프로토콜 IPv6에 대한 연구가 활발히 진행되고 있다. 그러나 새로운 프로토콜 IPv6 상에서 기존의 다른 상위 프로토콜 및 응용이 어떠한 영향을 받게 될지는 의문이다. 한편, IPv6 상에서 새로운 프로토콜 및 응용을 개발할 때에 많은 시험이 요구된다. 이와 같은 이유로 인해 새로운 통신 프로토콜에 있어서 모니터링은 필수적이다. 그러나 지금까지의 많은 모니터링 라이브러리들은 텍스트에 기반하고 있으며, 그래픽 데이터를 제공하는 도구들도 대부분 통계정보의 제공에 초점을 두고 있다. 이를 두고 프로토콜이 그 표준에 따라 정확한 원리에 맞게 동작하는 지를 파악하는 데는 큰 도움이 되지 않고 있다. 이에 본 연구에서는 대상 프로토콜의 실제적인 동작 과정이나 원리를 알 수 있도록 그래픽 기반의 사용자 친화적 모니터링 도구를 제작한다. 이를 위해, 먼저 IPv6가 다른 프로토콜에 영향을 미칠 수 있는 사항들을 분석한다. 다음으로 본 교에 구축되어 있는 IPv6 호스트에 모니터링에 필요한 환경을 구축하고, Java Applet을 이용한 모니터 프로그램을 제작한다. 현재 개발하는 모니터 프로그램은 TCP의 슬라이딩 윈도우(Sliding Window) 기법에 관련된 사항을 모니터링 해주는 것으로 그 범위를 한정한다. 개발된 도구를 이용하여 IPv6 상에서 FTP가 TCP를 이용하여 파일을 전송하는 경우의 모니터링을 실시하고, 그 결과를 분석 제시한다. 이로써, 개발된사용자 친화적 모니터링 도구가 얼마나 쉽게 슬라이딩 윈도우 기법을 이해시켜 주고, 내포된 의미를 파악할 수 있게 해주는지를 알 수 있다.한 것으로 연구되었다. 정상조 직에 비해 산소가 부족하여 염기성대사(anaerobic metabolism)를 많이 함으로 그 부산물인 유산 (lactic acid)이 많이 생성됨으로 정상조직보다 pH가 낮아 암 조직이 정상조직에 비해 고온온열치료에 더 잘 듣는 원인이 된다. 3) 영양이 부족한 상태의 세포는 고온온열치료에 훨씬 예민하다. 4) 암조직은 혈관상태가 정상조직에 비해 좋지 않음으로 정상조직보다 쉽게 가온이 되며, 일단 가온된 온도는 잘 식지 않음으로 정상조직에 비해 훨씬 효율적이다. 5)고 온온열치료는 4$0^{\circ}C$~43.5 $^{\circ}C$정도에서만 이 작용이 일어남으로 정상인체에서 43$^{\circ}C$이상의 가온 은 쉽지 않음으로 이 효과는 암조직에서 주고 일어나게 된다. 6)고온온열치료는 방사선치료 후에 생기는 손상의 재생을 억제함으로 방사선의 치료효과를 높인다. 7)38.5$^{\circ}C$~41.5$^{\circ}C$의 낮 은 온도에서도 암조직의 산소 상태를 호전시켜 방사선 치료효과를 증대시키는 역할을 한다.alization)가 나타난다. 그러나 무의식에 대칭화만 있는 것은 아니며, 의식의 사고양식인 비대칭도 어느 정도 나타나며, 대칭화의 정도에 따라, 대상들이 잘 구분되어 있는 단계, 의식수준의 감정단계, 집단 내에서의 대칭화 단계, 집단간에서의 대칭화 단계, 구분이 없어지는 단계로 구분하였다.systems. We believe that this taxonomy is a significant contribution because it ad

• Journal of the Korea Convergence Society
• /
• v.13 no.3
• /
• pp.147-161
• /
• 2022

The purpose of the study was to investigate mothers' beliefs and executions in the social relations area of the 2019 revised Nuri curriculum, and to investigate the effects of beliefs and executions on the emotional intelligence and prosocial behavior of young children. For this purpose, data were collected by distributing questionnaire packets to 268 mothers of children aged 3-5 years who were enrolled in 7 early childhood education institutions in Gyeonggi-do. The collected data were analyzed using the SPSS 25.0 program. As a result of the study, first, there was a statistically significant difference in the overall belief according to the mother's personal characteristic, the educational level, and a significant difference in the sub-factor, living together, in the execution. Second, it was found that there was a significant positive correlation between all variables except for the relationship between social relation execution and the ability to regulate others, which is a sub-factor of emotional intelligence. Third, beliefs and executions in social relation were found to affect all emotional intelligence and pro-social behavior, except for the effect of social relation execution on the ability to regulate others. This study is expected to provide basic data to improve parents' interest in the improvement of young children's social ability and practical interaction in child rearing.