• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.322-327
• /
• 2001

전자상거래의 활성화는 인터넷을 통한 금융거래를 보편화시켰고, 안전한 금융거래를 제공하기 위한 보안 프로토콜과 서비스가 지속적으로 개발되고 있다. 이러한 기술적 발전을 바탕으로 무선단말기를 통한 금융거래 서비스에 대한 관심이 높아지고 있다. 본 논문에서는 전용패킷교환방식의 무선데이터통신 환경 아래에서 전용 단말기를 이용한 금융거래에 필요한 인증 및 데이터 보호 등을 제공하는 프로토콜과 운영방안을 제안한다. 제안하는 프로토콜에서는 단말기와 인증서버 사이의 키 공유를 위하여 password-based protocol과 ANSI X9.17을 사용하는 키 운영방안을 제시하고, 가입자 id와 비밀번호에 근거한 인증절차와 전송 데이터 암호화를 통한 안전한 금융거래를 제공한다. 또한, 무선 Gateway에 의한 보안 제어가 아닌, End-to-End의 보안 서비스를 제공함으로, 그 신뢰성을 높이도록 설계되었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1417-1420
• /
• 2008

본 연구에서는 서비스를 제공하는 각 서버들을 위협에서 보호하고 통합적으로 관리하기 위해 내장 IDS기반의 통합 보안관리 시스템을 개발하였다. IDS 서버를 외부망과 단절시킴으로써 IDS 서버에 대한 위협 자체를 원천적으로 차단하였고, 관리 대상 서버들에 에이전트를 탑재하여 탑재된 에이전트가 서버의 시스템 자원 및 네트워크 트래픽, 위협이 되는 패킷들의 자세한 정보를 수집, 분석하여 관리서버로 전송한다. 관리 프로그램은 비동기식의 X-Internet기술을 도입한 Adobe Flex를 사용한 웹 어플리케이션으로 개발하여 어떤 플랫폼에서도 접속하여 관리자의 역할을 수행할 수 있도록 하였다. 이와 같은 관리 프로그램을 통하여 대상 서버들의 시스템 자원 및 네트워크 트래픽들을 효율적으로 파악할 수 있고 IDS에서 탐지한 위협을 탐지 및 차단이 가능하도록 구현하였다.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.12 s.354
• /
• pp.53-60
• /
• 2006

Handover of WiBro is based on 802.16e hard handover scheme. When PSS is handover, it is handover that confirm neighbor's cell condition and RAS ID in neighbor advertisement message. Serving RAS transmits HO-notification message to neighbor RAS. Transmiting HO-notification message to neighbor RAS, it occurs many signaling traffics. Also, When WiBro is handover, It occurs many packet loss. Therefore, user suffer service degradation. LPM handover is supporting seamless handover because it buffers data packets during handover. So It is proposed scheme that predicts is LPM handover and reserves target RAS with pre-authentication. These schemes occur many signaling traffics. In this paper, we propose PSS Movement Prediction to solve signaling traffic. Target RAS is decided by old data in history cache. When serving RAS receives HO-notification-RSP message to target RAS, target RAS inform to crossover node. And crossover node bicast data packet. If handover is over, target RAS forward data packet. Therefore, It reduces signaling traffics but increase handover success rate. When history cache success, It decrease about 48% total traffic. But When history cache fails, It increase about 6% total traffic

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.129-140
• /
• 2003

Recently viruses and various hacking tools that threat hosts on a network becomes more intelligent and cleverer, and so the various security mechanisms against them have ken developed during last decades. To detect these network attacks, many NIPSs(Network-based Intrusion Prevention Systems) that are more functional than traditional NIDSs are developed by several companies and organizations. But, many previous NIPSS are hewn to have some weakness in protecting important hosts from network attacks because of its incorrectness and post-management aspects. The aspect of incorrectness means that many NIPSs incorrectly discriminate between normal and attack network traffic in real time. The aspect of post-management means that they generally respond to attacks after the intrusions are already performed to a large extent. Therefore, to detect network attacks in realtime and to increase the capability of analyzing packets, faster and more active responding capabilities are required for NIPS frameworks. In this paper, we propose a framework for real-time intrusion prevention. This framework consists of packet filtering component that works on netfilter in Linux kernel and traffic control component that have a capability of step-by-step control over abnormal network traffic with the CBQ mechanism.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.5B
• /
• pp.429-436
• /
• 2011

The G-PON is an efficient solution to implement the FTTH and have GEM frame to accomodate various protocols like Ethernet frames, IP packets, and TDM signals. Above all, the Ethernet is one of the most widely used 2nd layer protocol in the campus, the subscriber access, and the carrier service. So G-PON system has to provide an Ethernet interface with top priority. In this paper, we implement a gigabit Ethernet adapter based on Ethernet over GEM in the ITU-T G.984.3 to accommodate Ethernet protocol in the G-PON TC chip. The adapter maps each Ethernet frame to a single or multiple GEM frames and has several functions including generation of the GEM header, encapsulation of frames and the SAR. In particular, the adapter have converter (LUT) MAC address to port-ID which is a key to identify logical connections though it is not defined in specification but important. We implement the adapter with a FPGA and verify the functions of segmentation and reassembling, MAC address learning, and throughput with the logic analyzer and the Ethernet analyzer.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.4
• /
• pp.547-552
• /
• 2003

In this thesis, interference phenomena of bluetooth networks requiring Security were minimized; strengthened security of piconet by assigning an identical PIN code to bluetooth devices, which was establishing a specific piconet during authentication stage. To establish a bluetooth piconet system. an unique ID was assigned to each bluetooth device, communication algorithms having different data formats between devices was designed, and an embedded hardware module using ARM processor and uCOS-II RTOS was implemented. About 30% of CPU efficiency in the module was increased by modifying functions including block parameters to work as nonblocking; by the increased efficiency of total piconet, the module could be used as an access point. The module could transmit maximum 10 frames of image and also audio signal by switching the packet effectively according to channel condition. By above-mentioned process, video, audio, and data could be well transmitted by the bluetooth managing program and the possibility of a commercial remote control system using bluetooth technology was suggested.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1101-1110
• /
• 2008

Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

• The Journal of the Korea Contents Association
• /
• v.3 no.4
• /
• pp.38-47
• /
• 2003

Distributed problem solving is the cooperative solution of problem by a decentralized and loosely couped collection of knowledge-sources (KS's), located in a number of distinct processor nodes. The contract net protocol has been developed to specify problem-solving communication and control for nodes in a distributed problem solver. Task distribution is affected by a negotiation process, a discussion carried on between nodes with tasks to be executed and nodes that may be able to execute tasks In this paper, we present the coordination method among distributed intrusion detection system and firewall by the contract net protocol. The method enhances the intrusion detection performance and provides the communication methods. To mode IDS and firewall, security models hue been hierarchically constructed based on the DEVS (Discrete Event system Specification) formalism. Each ID agent cooperates through the contract net protocol for detecting intrusions. The IDS which detects the intrusion informs to firewall, so the harmful network traffic is blocked. If an agent detects infusions, the agent transfers attacker's information to a firewall. Using this mechanism attacker's packets detected by In can be prevented from damaging the network.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.10 no.6
• /
• pp.98-107
• /
• 2011

In this paper, we propose the location determination system of an agent mobile device using the information provided by the WLAN(Wireless LAN) infrastructure. This system is configured as a typical ESS(Extended Service Set)-type WLAN structure with real-time location positioning engine and thru AP(Access Point) controller. The positioning engine collects the information of agent devices using SNMP(Small Network Management Protocol) thru AP controller and utilize those information as Cell ID. for LBS(Location Based Service). In the result of a real office environment implementation, the average success rate of inter-AP roaming is measured to 62.5% and the duration time of the device information update within the AP is average of 11 second of time, which means this system is adaptable to the location based service of above average accuracy but somewhat less urgency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.35-45
• /
• 2004

In explosively increasing internet environments, information security is one of the most important consideration. Nowadays, various security solutions are used as such problems countermeasure; IDS, Firewall and VPN. However, basically internet has much vulnerability of protocol itself. Specially, it is possible to establish a covert channel using TCP/IP header fields such as identification, sequence number, acknowledge number, timestamp and so on. In this Paper, we focus cm the covert channels using identification field of IP header and the sequence number field of TCP header. To detect such covert channels, we used Support Vector Machine which has excellent performance in pattern classification problems. Our experiments showed that proposed method could discern the abnormal cases(including covert channels) from normal TCP/IP traffic using Support Vector Machine.