• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.39-52
• /
• 2011

An application-layer attack can effectively achieve its objective with a small amount of traffic, and detection is difficult because the traffic type is very similar to that of legitimate users. We have discovered a unique characteristic that is produced by a difference in client intention: Both a legitimate user and DDoS attacker establish a session through a 3-way handshake over the TCP/IP layer. After a connection is established, they request at least one HTTP service by a Get request packet. The legitimate HTTP user waits for the server's response. However, an attacker tries to terminate the existing session right after the Get request. These different actions can be interpreted as a difference in client intention. In this paper, we propose a detection algorithm for application layer DDoS attacks based on this difference. The proposed algorithm was simulated using traffic dump files that were taken from normal user networks and Botnet-based attack tools. The test results showed that the algorithm can detect an HTTP-Get flooding attack with almost zero false alarms.

• Bulletin of the Korean Chemical Society
• /
• v.33 no.8
• /
• pp.2707-2710
• /
• 2012

The nucleophilic substitution reactions of O-ethyl phenyl phosphonochloridothioate with substituted anilines ($XC_6H_4NH_2$) and deuterated anilines ($XC_6H_4ND_2$) are kinetically investigated in acetonitrile at $55.0^{\circ}C$. The deuterium kinetic isotope effects (DKIEs) invariably increase from a secondary inverse DKIE ($k_H/k_D$ = 0.93) to a primary normal DKIE ($k_H/k_D$ = 1.28) as the substituent of nucleophile (X) changes from electron-donating to electron-withdrawing. These can be rationalized by the gradual transition state (TS) variation from a backside to frontside attack. A concerted $S_N2$ mechanism is proposed. A trigonal bipyramidal TS is proposed for a backside attack while a hydrogen-bonded, four-center-type TS is proposed for a frontside attack.

• Proceedings of the Korea Contents Association Conference
• /
• 2003.11a
• /
• pp.109-112
• /
• 2003

A traffic flooding attack is an attack type that interfere with normal service by running out network bandwidth, process throughput, and system resource. It can be recognized intuitively by network slowdown, connect impossibility state and detected more exactly by collecting and analyzing packets that generate traffic flooding. In this paper, the packet analysis scheme is proposed for the more precise detection.

• Proceedings of the Korea Concrete Institute Conference
• /
• 2006.05b
• /
• pp.169-172
• /
• 2006

The IIA structures exposed to marine environment is subject to many different types of potential attack. The physical attack due to drying and wetting would increase the internal stress of concrete. The chemical attack resulting from the diffusion of ions$(Cl^-,SO_4^{2-},Mg^+)$ from seawater through the pores in concrete. Therefore the sea water resistance of concrete must be considered when it is used for structure in the ocean. The objective of this study is to evaluate chloride diffusion and corrosion characteristics of concrete when using the various concrete materials under marine environment. After 5 years of exposure, concrete incorporating 40% blast-furnace slag as replacement for type I cement with low w/c ratio of 0.42 and using the inhibitor shows excellent performance.

• Proceedings of the Korea Concrete Institute Conference
• /
• 2009.05a
• /
• pp.417-418
• /
• 2009

As iron corrosion by means of penetration of chlorides resulted in a serious deterioration of seaside and landfill concrete construction, it is urgently necessary for seaside construction to acquire watertightness and resistance for chloride-attack. Hence in this study, Si/Al liquor type hybrid-inorganic salt which was very effective compound for improving resistance for chloride-attack applied to mortar and then evaluated resistance for chloride-attack with curing(7, 14, 28, 56 days).

• Proceedings of the Korea Concrete Institute Conference
• /
• 2010.05a
• /
• pp.357-358
• /
• 2010

This study was performed an evaluation of chloride attack resistance properties of marine concrete by accelerated deterioration test of artificial seawater. As the results of study, when considering the compressive strength and chloride ion penetration of concrete, the proper type to improvement of chloride attack resistance is thought to marine cement.

• Bulletin of the Korean Chemical Society
• /
• v.28 no.6
• /
• pp.936-940
• /
• 2007

The aminolyses of diphenyl phosphinic chloride (1) with substituted anilines in acetonitrile at 55.0 oC are investigated kinetically. Large Hammett ρ X (ρnuc = ?4.78) and Bronsted β X (βnuc = 1.69) values suggest extensive bond formation in the transition state. The primary normal kinetic isotope effects (kH/kD = 1.42-1.82) involving deuterated aniline (XC6H4ND2) nucleophiles indicate that hydrogen bonding results in partial deprotonation of the aniline nucleophile in the rate-limiting step. The faster rate of diphenyl phosphinic chloride (1) than diphenyl chlorophosphate (2) is rationalized by the large proportion of a frontside attack in the reaction of 1. These results are consistent with a concerted mechanism involving a partial frontside nucleophilic attack through a hydrogen-bonded, four-center type transition state.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.3
• /
• pp.57-64
• /
• 2012

Computing environment combined with development of internet and IT technology is changing to cloud computing environment. In addition, cloud computing is revitalized more because of propagation of LTE and suggestion of N-screen Service. Virtualization is the point technology for suggest IT resource to service form to users in this cloud computing. This technology combines other system physically or divides one system logically and uses resource efficiently. Many users can be provided application and hardware as needed using this. But, lately various attack using weak point of virtualization technology are increasing rapidly. In this study, we analyze type and weak point of virtualization technology, the point of cloud computing. And we study about function and the position which intrusion detection system has to prepare in order to detect and block attack using this.

• Journal of Korea Society of Industrial Information Systems
• /
• v.7 no.4
• /
• pp.1-8
• /
• 2002

Attacks have been proposed that use side information as timing measurements, power consumption, electromagnetic emissions and faulty hardware. Elimination side-channel information of prevention it from being used to attack a secure system is an active ares of research. In this paper, differential power analysis techniques used to attack DES are compared and analyzed finally, we propose a software prevention idea of DPA attack for DES-like ciphers.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.67-74
• /
• 2022

One type of network security breach is the availability breach, which deprives legitimate users of their right to access services. The Denial of Service (DoS) attack is one way to have this breach, whereas using the Intrusion Detection System (IDS) is the trending way to detect a DoS attack. However, building IDS has two challenges: reducing the false alert and picking up the right dataset to train the IDS model. The survey concluded, in the end, that using a real dataset such as MAWILab or some tools like ID2T that give the researcher the ability to create a custom dataset may enhance the IDS model to handle the network threats, including DoS attacks. In addition to minimizing the rate of the false alert.