• Proceedings of the KAIS Fall Conference
• /
• 2011.12b
• /
• pp.562-564
• /
• 2011

본 논문에서는 리눅스 운영체제를 기반으로 오픈 소스 침입탐지 시스템인 Snort 등울 LSM(Linux Security Module) 구조의 hooking 부분에 구현시켜 보안 관리자가 의도하는 포트 스캔, DDOS 공격, ARP/IP 위장, 서명 탐지 등이 가능하도록 시스템을 구현하는 방법을 제시하고자 한다.

• Proceedings of the Korea Institute of Convergence Signal Processing
• /
• 2000.12a
• /
• pp.149-152
• /
• 2000

A scanner is an output device that scans documents, photographs, films etc, and convert them to digital data. Especially, a film scanner is used for scanning negative/positive films. In this paper, we design step motor control part, image sensor part, and Aか converter part which are components of the scanner and use DSP for fast signal processing. We also design the interface circuits using EPLD between these peripherals and DSP. The PC interface circuits between scanner and PC are designed by using parallel port to control and transfer the scanned data from scanner to PC. For 35mm film, we design hardwares which obtain high resolution more than 9 million pixels (horizontal resolution is 3835 and vertical resolution is 2592).

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.4
• /
• pp.785-790
• /
• 2017

Network scanning tools typically use port scans to steal information from network terminals and identify vulnerabilities. In particular, Shodan and Censys use a network scanning tool to gather a wide range of terminal information, store it in their database and provide it to the users. In order to prevent such information gathering, it is required to know the scanning methods of Shodan and Censys. However, the scanning model used by Shodan and Censys is not known exactly. Therefore, this paper estimates scanning models of Shodan and Censys and analyzes the performance of each models.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.191-200
• /
• 2005

The brilliant achievements in computers and the internet technology make it easy for users to get useful information. But at the same time, the damages caused by intrusions and denial of service attacks are getting more worse. Specially because denial of service attacks by internet worm incapacitate computers and networks, we should draw up a disposal plan against it. So far many rule-based intrusion detection systems have been developed, but these have the limits of these ability to detect new internet worms. In this paper, we propose a system to detect intrusion and generate detection rule against scan-based internet worm, paying attention to the fact that internet worms scan network to infect hosts. The system detects internet worms using detection rule. And if it detects traffic causing by a new scan-based internet worm, it generates new detection nile using traffic information that is gathered. Therefore it can response to new internet worms early. Because the system gathers packet payload, when it is being necessary only, it can reduce system's overhead and disk space that is required.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.30 no.3
• /
• pp.202-208
• /
• 2019

In this study, an active element pattern (AEP) of a printed dipole was analyzed in 1D and 2D arrays. First, an AEP of the printed dipole was obtained using the simulation in the 2D infinite array. The scan blindness in the 2D array occurred in the E-plane direction at around ${\pm}36^{\circ}$; however, it was barely observed in the 1D array. To analyze the cause of the scan blindness in the 2D array, the dispersion properties of a unit cell was obtained and compared with the scan blindness by frequency change. The difference between the scan blindness of the 1D and 2D arrays was clarified using the comparison of the Q value in the unit cell in the 1D and 2D arrays. Then, the coupling of the electric field in the E-plane direction was observed when nine elements were separated between the two ports in a linearly arranged dipole structure. Finally, the printed dipole array was fabricated, and an AEP was measured for the $11{\times}1$ and $11{\times}3$ sub arrays. The proposed theory was verified using these observations and by comparison with the simulation results.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.13 no.5
• /
• pp.500-506
• /
• 2002

This paper presents a design of wide angle steering microstrip Rotman lens operating over broadband frequency range for Electronic Warfare equipments. It has a compact and simple structure which it is easy to manufacture repetitively. The lens is modelled as a 2-dimension planar circuit, the contour integral method is performed over entire lens contour and the transmission coefficients from 8 beam ports to 8 array ports are found. The measured results are well agreed with those of analysis. Prediction of the multibeam array pattern fed by linear array antenna shows $\pm$65$^{\circ}$ of beam steering and $\pm$5 dB insertion loss deviation over 3:1 frequency range.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.4
• /
• pp.1942-1950
• /
• 2013

This paper suggests a new method of detecting attacks of network traffic by visualizing original traffic data and applying multi-class SVM (support vector machine). The proposed method first generates 2D images from IP and ports of transmitters and receivers, and extracts linear patterns and high intensity values from the images, representing traffic attacks. It then obtains variance of ports of transmitters and receivers and extracts the number of clusters and entropy features using ISODATA algorithm. Finally, it determines through multi-class SVM if the traffic data contain DDoS, DoS, Internet worm, or port scans. Experimental results show that the suggested multi-class SVM-based algorithm can more effectively detect network traffic attacks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.202-205
• /
• 2016

취약점 스캐너(Vulnerability Scanner)는 이름 그대로 기업의 네트워크나 시스템(컴퓨터, 서버, 라우터 등)을 스캔하고 오픈 포트, 활성화된 IP주소와 로그온, 운영체제, 설치되어 실행되는 소프트웨어와 서비스 등을 식별하고 보고하는 도구이다. 가용성과 데이터의 신뢰성이 우선적으로 중요시되고 있는 제어시스템 환경에서는 이러한 취약점 스캐너 도구의 사용은 운영에 영향을 미칠 수 있다. 본 저자는 기존에 상용화된 스캐너 제품의 취약점 식별 방법을 분석하고 현재까지 발표된 제어시스템 풀랫폼의 공개 취약점 정보를 이용하여 폐쇄적인 제어시스템 운영환경에 적합한 새로운 제어시스템 플랫폼 취약점 스캐너를 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1217-1220
• /
• 2005

정보통신 기술의 발달이 가져온 가장 큰 변화중의 하나로 글로벌 커뮤니케이션을 들 수 있을 것이다. 각 지역별 사업장을 운영하는 기업체들은 대부분 사업장들을 연결하는 광역 통신망을 구축하여 사용하고 있지만, 이를 운영하는데 드는 막대한 비용과 보안문제에 많은 어려움을 겪고 있는 실정이다. 본 논문에서는 사업장의 이동이 빈번한 기업의 광역 통신망을 구축함에 있어 비용 절감을 위해 재 활용된 개인용 컴퓨터를 이용하여 리눅스 기반의 VPN 게이트웨이를 만들어 사용하고 포트스캔 기술과 패킷 스니퍼를 이용한 네트워크의 모니터링을 통해 보다 안전하고 효율적으로 통신망을 운영한 사례를 제시하고자 한다.

• Proceedings of the Korean Institute of Electrical and Electronic Material Engineers Conference
• /
• 2003.07a
• /
• pp.127-130
• /
• 2003

4-bit 강유전체 위상변위기를 이용하여 10 GHz, 상온에서 작동하는 위상배열 안테나를 설계 및 제작하였다. 이 안테나는 빔 스캔을 위하여 전압에 대한 비선형특성을 보이는 강유전체 Bal-xSrxTiO3 (BST)를 기본으로 하는 위상변위기를 이용하였다. 우리는 펄스레이져 증착법으로 MgO (001) 기판위에 걸맞게 증착된 BST 박막을 일반적인 사진공정과 식각법을 이용하여 동일평판형 전극을 가진 위상변위기를 만들었다. 일반적인 동일평판형 강유전체 위상변위기의 경우 연결 전송선로의 임피던스와의 차이로 인해 반사손실과 이로 인한 부가적인 삽입손실이 발생한다. 이런 손실들을 줄이기 위해 입력과 출력 포트에 임피던스 매칭을 하였다. 이렇게 테이퍼링되어 만들어진 동일평판형 위상변위기는 이전의 구조에 비해 반사 손실과 삽입 손실 값에서 각각 약 10, 2 dB 정도씩의 개선을 보였다. 이 구조로 전송선로의 길이를 길게하여 만든 1-bit 강유전체 위상변위기는 10 GHz, 150 V의 전압변화에서 180도의 차등위상변위를 보였으며 최대 삽입손실과 최대 반사손실은 각각 약 10 dB, 20 dB 이다. 안테나 모듈은 4개의 마이크로스트림 패치 안테나와 4개의 강유전체 위상변위기로 이루어졌는데 10 GHz, 150 V의 전압변화에서 약 15도의 빔 스캔을 확인하였다.