• Journal of Korea Multimedia Society
• /
• v.11 no.11
• /
• pp.1601-1614
• /
• 2008

The number of web service users has been increased rapidly as existing services are changed into the web-based internet applications. Therefore, it is necessary for us to use web log pre-processing technique to detect attacks on diverse web service transactions and it is also possible to extract web mining information. However, existing mechanisms did not provide efficient pre-processing procedures for a huge volume of web log data. In this paper, we proposed both a field based parsing and a high-speed log indexing mechanism based on the suggested B-tree Index Vector structure for performance enhancement. In experiments, the proposed mechanism provides an efficient web log pre-processing and search functions with a session classification. Therefore it is useful to enhance web attack detection function.

• Proceedings of the Korean Society of Propulsion Engineers Conference
• /
• 2004.03a
• /
• pp.699-702
• /
• 2004

In this study, the affect of mounting axisymmetrical supersonic inlet to airfoil, which has 65 degree swept angle was numerically investigated. The parameter for this calculation are tree stream Mach number M=2.0 and 2.5, the distance between inlet spike and airfoil lower surface $L_{sw}$/$R_{cowl}$ = 1.21-1.54 and angle of attack to the airfoil 0-4. The mass capture ratio improved 3points in M=2.0 condition and 1points in M=2.5 while the mass capture ratio without airfoil surface was 57% and 71 % for each case. These are the result from increase of density and change of velocity deflection by the shock wave structure formed between inlet and airfoil surface. On the other hand, the distortion of Mach number at cowl lip plane increased by 13% in M=2.0, 3% in M=2.5 condition. The effects of the angle attack on the mass capture ratio is greater than that of the shock wave interaction between inlet and cowl, but the effects to the distortion is smaller in the range of this calculation condition. In the condition of M=2.0 with 4 degrees of angle of attack, inlet distortion of Mach number is mainly caused by the affects of the shock wave interaction between inlet and airfoil surface, while the largest angle of the velocity vector in the radial direction at cowl lip plane is caused by the affect of angle of attack. This large velocity vector made the flow inside the cowl subsonic and caused spillage, which interfere with the boundary layer of airfoil surface.

• Convergence Security Journal
• /
• v.13 no.1
• /
• pp.79-86
• /
• 2013

The objective of DDoS Attacks is to simply disturb the services. In recent years, the DDoS attacks have been evolved into Multi-Vector Attacks which use diversified and mixed attacking techniques. Multi-Vector Attacks start from DDoS Attack and Malware Infection, obtain inside information, and make zombie PC to reuse for the next DDoS attacks. These forms of Multi-Vector Attacks are unable to be prevented by the existing security strategies for DDoS Attacks and Malware Infection. This paper presents an approach to effectively defend against diversified Multi-Vector attacks by using Reverse Proxy Group and PMS(Patch Management Server).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.89-98
• /
• 2022

As deep learning technology was applied to various fields, research on adversarial attack techniques, a security problem of deep learning models, was actively studied. adversarial attacks have been mainly studied in the field of images. Recently, they have even developed a complete decision-based attack technique that can attack with just the classification results of the model. However, in the case of the audio field, research is relatively slow. In this paper, we applied several decision-based attack techniques to the audio field and improved state-of-the-art attack techniques. State-of-the-art decision-attack techniques have the disadvantage of requiring many queries for gradient approximation. In this paper, we improve query efficiency by proposing a method of reducing the vector search space required for gradient approximation. Experimental results showed that the attack success rate was increased by 50%, and the difference between original audio and adversarial examples was reduced by 75%, proving that our method could generate adversarial examples with smaller noise.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.47-57
• /
• 2004

The Goldreich-Goldwasser-Halevi(GGH)'s signature scheme from Crypto '97 is cryptanalyzed, which is based on the well-blown lattice problem. We mount a chosen message attack on the signature scheme, and show the signature scheme is vulnerable to the attack. We collects n lattice points that are linearly independent each other, and constructs a new basis that generates a sub-lattice of the original lattice. The sub-lattice is shown to be sufficient to generate a valid signature. Empirical results are presented to show the effectiveness of the attack Finally, we show that the cube-like parameter used for the private-key generation is harmful to the security of the scheme.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.111-119
• /
• 2023

Mobile Ad-hoc Network (MANET) is an infrastructure-less network that can configure itself without any centralized management. The topology of MANET changes dynamically which makes it open for new nodes to join it easily. The openness area of MANET makes it very vulnerable to different types of attacks. One of the most dangerous attacks is the Resource Consumption Attack (RCA). In this type of attack, the attacker consumes the normal node energy by flooding it with bogus packets. Routing in MANET is susceptible to RCA and this is a crucial issue that deserves to be studied and solved. Therefore, the main objective of this paper is to study the impact of RCA on two routing protocols namely, Ad hoc On-Demand Distance Vector (AODV) and Dynamic Source Routing (DSR); as a try to find the most resistant routing protocol to such attack. The contribution of this paper is a new RCA model (RCAM) which applies RCA on the two chosen routing protocols using the NS-2 simulator.

• Journal of Internet Computing and Services
• /
• v.18 no.6
• /
• pp.35-46
• /
• 2017

Recently, attackers using malicious code in cyber security have been increased by attaching malicious code to a mail and inducing the user to execute it. Especially, it is dangerous because it is easy to execute by attaching a document type file. The author analysis is a research area that is being studied in NLP (Neutral Language Process) and text mining, and it studies methods of analyzing authors by analyzing text sentences, texts, and documents in a specific language. In case of attack mail, it is created by the attacker. Therefore, by analyzing the contents of the mail and the attached document file and identifying the corresponding author, it is possible to discover more distinctive features from the normal mail and improve the detection accuracy. In this pager, we proposed IADA2(Intelligent Attack mail Detection based on Authorship Analysis) model for attack mail detection. The feature vector that can classify and detect attack mail from the features used in the existing machine learning based spam detection model and the features used in the author analysis of the document and the IADA2 detection model. We have improved the detection models of attack mails by simply detecting term features and extracted features that reflect the sequence characteristics of words by applying n-grams. Result of experiment show that the proposed method improves performance according to feature combinations, feature selection techniques, and appropriate models.

• Spatial Information Research
• /
• v.21 no.3
• /
• pp.31-43
• /
• 2013

Although the vector map data possesses much higher values than other types of multimedia, the data copyright and the protection against illegal duplication are still far away from the attention. This paper proposes a novel watermarking technique which is both robust to diverse attacks and optimized to a vector map structure. Six approaches are proposed for the design of the watermarking algorithm: point-based approach, building a minimum perimeter triangle, watermark embedding in the length ratio, referencing to the pixel position of the watermark image, grouping, and using the one-way function. Our method preserves the characteristics of watermarking such as embedding effectiveness, fidelity, and false positive rate, while maintaining robustness to all types of attack except a noise attack. Furthermore, our method is a blind scheme in which robustness is independent of the map data. Finally, our method provides a solution to the challenging issue of degraded robustness under severe simplification attacks.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.179-191
• /
• 2024

With the advancement of modern technology, cyber-attacks are always rising. Specialized defense systems are needed to protect organizations against these threats. Malicious behavior in the network is discovered using security tools like intrusion detection systems (IDS), firewall, antimalware systems, security information and event management (SIEM). It aids in defending businesses from attacks. Delivering advance threat feeds for precise attack detection in intrusion detection systems is the role of cyber-threat intelligence (CTI) in the study is being presented. In this proposed work CTI feeds are utilized in the detection of assaults accurately in intrusion detection system. The ultimate objective is to identify the attacker behind the attack. Several data sets had been analyzed for attack detection. With the proposed study the ability to identify network attacks has improved by using machine learning algorithms. The proposed model provides 98% accuracy, 97% precision, and 96% recall respectively.

• The KIPS Transactions:PartC
• /
• v.15C no.5
• /
• pp.351-358
• /
• 2008

Recently, as network flooding attacks such as DoS/DDoS and Internet Worm have posed devastating threats to network services, rapid detection and proper response mechanisms are the major concern for secure and reliable network services. However, most of the current Intrusion Detection Systems(IDSs) focus on detail analysis of packet data, which results in late detection and a high system burden to cope with high-speed network environment. In this paper we propose a lightweight and fast detection mechanism for traffic flooding attacks. Firstly, we use SNMP MIB statistical data gathered from SNMP agents, instead of raw packet data from network links. Secondly, we use a machine learning approach based on a Support Vector Machine(SVM) for attack classification. Using MIB and SVM, we achieved fast detection with high accuracy, the minimization of the system burden, and extendibility for system deployment. The proposed mechanism is constructed in a hierarchical structure, which first distinguishes attack traffic from normal traffic and then determines the type of attacks in detail. Using MIB data sets collected from real experiments involving a DDoS attack, we validate the possibility of our approaches. It is shown that network attacks are detected with high efficiency, and classified with low false alarms.