• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.391-394
• /
• 2004

Change of paradigm of network attack technique was begun by fast extension of the latest Internet and new attack form is appearing. But, Most intrusion detection systems detect informed attack type because is doing based on misuse detection, and active correspondence is difficult in new attack. Therefore, to heighten detection rate for new attack pattern, visibilitys to apply human immunity mechanism are appearing. In this paper, we create self-file from normal behavior profile about network packet and embody self recognition algorithm to use self-nonself discrimination in the human immune system to detect anomaly behavior. Sense change because monitors self-file creating anomaly detector based on Negative Selection Algorithm that is self recognition algorithm's one and detects anomaly behavior. And we achieve simulation to use DARPA Network Dataset and verify effectiveness of algorithm through the anomaly detection rate.

• Proceedings of the Korea Contents Association Conference
• /
• 2004.05a
• /
• pp.291-295
• /
• 2004

Recently, distributing information on the Internet is common in our daily li(e. Also, data exchange on Internet has rapidly changed the way we connect with other people. But current firewall and IDS(Intrusion Detection System) of the network level suffers from many vulnerabilities in internal computing informations and resources. In this paper, we analyzes Traceback System that based on active network and design of Traceback System that based on active network for efficiently traceback.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.8
• /
• pp.877-889
• /
• 2016

In this paper, we introduce the basic components of the Cognitive Radio Networks along with possible threats. Specifically, we investigate the SSDF (Spectrum Sensing Data Falsification) attack which is one of the easiest attack to carry out. Despite its simplicity, the SSDF attack needs careful attention in order to build a secure system that resists to it. The proposed scheme utilizes the Anomaly Detection technique to identify malicious users as well as their sensing reports. The simulation results shows that the proposed scheme can effectively detect erroneous sensing reports and thus result in correct detection of the active primary users.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.484-510
• /
• 2017

Network security is rapidly developing, but so are attack methods. Network worms are one of the most widely used attack methods and have are able to propagate quickly. As an active defense approach to network worms, the honeynet technique has long been limited by the closed architecture of traditional network devices. In this paper, we propose a closed loop defense system of worms based on a Software-Defined Networking (SDN) technology, called Worm-Hunter. The flexibility of SDN in network building is introduced to structure the network infrastructures of Worm-Hunter. By using well-designed flow tables, Worm-Hunter is able to easily deploy different honeynet systems with different network structures and dynamically. When anomalous traffic is detected by the analyzer in Worm-Hunter, it can be redirected into the honeynet and then safely analyzed. Throughout the process, attackers will not be aware that they are caught, and all of the attack behavior is recorded in the system for further analysis. Finally, we verify the system via experiments. The experiments show that Worm-Hunter is able to build multiple honeynet systems on one physical platform. Meanwhile, all of the honeynet systems with the same topology operate without interference.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.393-398
• /
• 2003

본 논문에서는 사용자 인증에 사용되는 패스워드 검증자의 안전성을 더욱 보강한 새로운 패스워드 검증자 기반 키 분배 프로토콜을 제안한다 기존 패스워드 기반 키 분배프로토콜 방식은 네트워크 상에서 패스워드의 안전한 전송이 어려웠고, 패스워드 파일의 안전한 보호가 어렵다는 문제가 있었다. 이에 패스워드 파일을 그대로 서버에 저장하지 않고 패스워드를 사용하여 생성한 검증자(verifier)를 저장하게 함으로써 패스워드파일을 보다 안전하게 보호할 수 있게 되었으며, 서버가 사용자의 패스워드를 알지 못하더라도 검증자를 사용한 증명방식을 통해 사용자를 인증할 수 있게 되었다. 본 논문에서는 사용자와 서버의 비밀정보로 만든 새로운 형태의 검증자를 사용하고, 사용자는 다른 저장정보 없이 기억하고 있는 ID와 패스워드만을 사용하여 키 분배를 수행하는 패스워드 검증자 기반 키 분배 프로토콜을 제안한다. 제안하는 프로토콜의 안전성 분석을 위해 active impersonation과 forward secrecy, man-in-the-middle attack, off-line dictionary attack 등의 공격 모델을 적용하였다.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.28 no.4
• /
• pp.269-278
• /
• 2017

We analyze the jamming/deception performance of an active decoy against ground tracking radars on dynamic combat scenarios. Based on the movement and the interference flow of an airborne platform, the trajectories of the active decoy is accurately calculated by solving 6-degree of freedom equations of motion. On realistic combat scenarios, numerical simulations are examined to analyze the jamming performance of the decoy for various movements of the platform and RF specifications of the active decoy. Effective jamming/deception area against the ground tracking radars is estimated from the simulation.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.24-32
• /
• 2015

Recently, SDN is actively used as datacenter networks and gradually increase its applied areas. Along with this change of networking environment, research of deploying network security systems on SDN becomes highlighted. Especially, systems for detecting network flooding attacks by monitoring every packets through ports of OpenFlow switches have been proposed. However, because of the centralized management of a SDN controller which manage multiple switches, it may be substantial overhead that the attack detection system continuously monitors all the flows. In this paper, a sampling based network flooding attack detection and prevention system is proposed to reduce the overhead of monitoring packets and to achieve reasonable functionality of attack detection and prevention. The proposed system periodically takes sample packets of network flows with the given sampling conditions, analyzes the sampled packets to detect network flooding attacks, and block the attack flows actively by managing the flow entries in OpenFlow switches. As network traffic sampler, sFlow agent is used, and snort, an opensource IDS, is used to detect network flooding attack from the sampled packets. For active prevention of the detected attacks, an OpenDaylight application is developed and applied. The proposed system is evaluated on the local testbed composed with multiple OVSes (Open Virtual Switch), and the performance and overhead of the proposed system under various sampling condition is analyzed.

• Journal of Ocean Engineering and Technology
• /
• v.30 no.1
• /
• pp.18-24
• /
• 2016

Stabilizer fins are installed on each side of a ship to control its roll motion. The most common stabilizer fin is a rolling control system that uses the lift force on the fin surface. If the angle of attack of a stabilizer fin is zero or the speed is zero, it cannot control the roll motion. The Coanda effect is well known to generate lift force in marine field. The performance of stabilizer fin that applies the Coanda effect has been verified by model tests and numerical simulations. It was found that a stabilizer fin that applied the Coanda effect at Cj = 0.085 and a zero angle of attack exactly coincided with that of the original fin at α = 26°. In addition, the power needed to generate the Coanda effect was not high compared to the motor power of the original stabilizer fin.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1998.12a
• /
• pp.317-328
• /
• 1998

Matsumoto, Kato, 그리고 Imai가 [1]에서 제안한 SASC(Server-Aided Secret Computation) 프로토콜은 스마트 카드와 같이 계산능력이 현저히 부족한 장치로 하여금 서버의 도움을 받아 효율적으로 서명생성을 할 수 있도록 하는 유용한 프로토콜이다. 그러나, 그 과정에서 유출되는 정보를 통해 스마트 카드의 비밀정보를 알아낼 수 있는 많은 공격방법들이 제안되었다. Crypto'95에서 Beguin과 Quisquater는 기존의 모든 공격방법들에 대해 안전하면서도 효율적으로 RSA 서명을 수행할 수 있는 SASC 프로토콜을 제안하였다. 본 논문에서는 Beguin과 Quisquater의 프로토콜을 공격할 수 있는 능동적 공격(active attack) 방법을 제안한다. 본 논문에서 제안하는 공격방법은 0

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1759-1762
• /
• 2003

최근 키 분배 프로토콜과는 다르게 하드웨어에 암호키를 저장하여 사용하는 것과 달리, 사용자가 기억할 수 있는 길이의 패스워드(password)를 사용해 서버와의 인증과 키 교환을 동시에 수행하는 패스워드 기반 키 분배 프로토콜이 제안되고 있다. 본 논문에서는 이러한 패스워드 기반의 키 분배 프로토콜 중 BPKA(Balanced Password-authenticated Key Agreement)에 속하는 DH-EKE(Diffie-Hellman Encrypted Key Exchange), PAK(Password-Authenticated Key exchange), SPEKE(Simple Password Exponential Key Exchange) 프로토콜을 비교 분석하고, 이를 바탕으로 기존의 BPKA 프로토콜에 비해 적은 연산량을 가지면서 사용자와 서버가 각기 다른 정보를 갖는 패스워드-검증자 기반 프로토콜을 제안한다. 본 논문에서 제안하는 패스워드 기반 키 분배 프로토콜의 안전성 분석을 위해 Active Impersonation 과 Forward Secrecy, Off-line dictionary attack, Man-in-the -middle Attack 등의 공격모델을 적용하였다.