• Journal of Convergence Society for SMB
• /
• v.5 no.1
• /
• pp.25-30
• /
• 2015

The APT attacks are hackers created a variety of security threats will continue to attack applied to the network of a particular company or organization. It referred to as intelligent sustained attack. After securing your PC after a particular organization's internal staff access to internal server or database through the PC or remove and destroy the confidential information. The APT attack is so large, there are two zero-day attacks and rootkits. APT is a process of penetration attack, search, acquisition, and is divided into outlet Step 4. It was defined in two ways how you can respond to APT through the process. Technical descriptions were divided into ways to delay the attacker's malicious code attacks time and plan for attacks to be detected and removed through.

• Proceedings of the KSME Conference
• /
• 2002.08a
• /
• pp.189-192
• /
• 2002

In this paper, the submarine model, called DARPA SUBOFF model, has been numerically analyzed to investigate the aerodynamic forces variation in terms of angle of attacks and yaw angles. The SUBOFF model is consisted of the three parts : axisymmetric body, fairwater, and four symmetric stern appendages. Three dimensional unsteady incompressible Wavier-Stokes equation was used on curvilinear multi-block grid system. To validate the present code, the SUBOFF tare hull and an ellipsoid at angle of attacks of $10^{\circ}\;and\;30^{\circ}$ were simulated and a good agreement with experiments was obtained. After the code validation, the flows over SUBOFF model were simulated at three different angle of attacks and yaw angles. The variation of aerodynamic forces in terms of angle of attack and yaw angle were calculated. Also, to understand the flow features around a submarine with variation of yaw and attack angle, the pressure contours and streamlines were plotted.

• Journal of IKEEE
• /
• v.25 no.4
• /
• pp.672-678
• /
• 2021

New malware continues to increase and become advanced by every year. Although various studies are going on executable files to diagnose malicious codes, it is difficult to detect attacks that internalize malicious code threats in emails by exploiting non-executable document files, malicious URLs, and malicious macros and JS in documents. In this paper, we introduce a method of analyzing malicious code for email security through proactive detection and blocking of malicious email attacks, and propose a method for determining whether a non-executable document file is malicious based on AI. Among various algorithms, an efficient machine learning modeling is choosed, and an ML workflow system to diagnose malicious code using Kubeflow is proposed.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2001.05a
• /
• pp.261-267
• /
• 2001

In this paper, we have illustrated implementations and there results of network attacks and detections. We consider two attacks, smurf attach and network mapping attack, which are one of the typical intrusions using the ICMP The NFR/sup TM/ is used to capture all of our interesting packets within the network traffic. We implement the smurf and network mapping attacks with the UNIX raw socket, and build the NFR's backend for it's detection. The N-Code programming is used to build the backend. The implementing results show the possibility of preventing illegal intruding to network systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2576-2590
• /
• 2020

The fundamental reason why most SQL injection detection methods are difficult to use in practice is the low reusability of the implementation code. This paper presents a reusable SQL injection detection method for Java Web applications based on AOP (Aspect-Oriented Programming) and dynamic taint analysis, which encapsulates the dynamic taint analysis processes into different aspects and establishes aspect library to realize the large-grained reuse of the code for detecting SQL injection attacks. A metamodel of aspect library is proposed, and a management tool for the aspect library is implemented. Experiments show that this method can effectively detect 7 known types of SQL injection attack such as tautologies, logically incorrect queries, union query, piggy-backed queries, stored procedures, inference query, alternate encodings and so on, and support the large-grained reuse of the code for detecting SQL injection attacks.

• Proceedings of the KIEE Conference
• /
• 2006.04a
• /
• pp.144-146
• /
• 2006

The Data Matrix of two-dimensional bar codes is a new technology capable of holding relatively large amounts of data compared to the conventional one-dimensional bar code which is just a key that can access detailed information to the host computer database. A secret key is used to prevent a watermark from malicious attacks. We encoded copyright information into a Data Matrix bar code for encoding process and it was spread a pseudo random pattern using owner key. We embedded a randomized watermark into the image using watermark's embedding position, pattern generated with a secret key. The experimental results have shown that the proposed scheme has good quality and is very robust to various attacks, such as JPEG compression and noise. Also the performance of the proposed scheme is verified by comparing the copyright information with the information which is extracted from a bar code scantier.

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.55 no.9
• /
• pp.423-428
• /
• 2006

In this paper we propose a new watermarking scheme using a data matrix and a cryptograph key. The data matrix of two-dimensional bar codes is a new technology capable of holding relatively large amounts of data compared to the conventional one-dimensional bar code. And a cryptograph key is used to prevent a watermark from malicious attacks. We encoded the copyright information into a data matrix bar code, and it was spread as a pseudo random pattern using the owner key. The experimental results show that the proposed scheme has good quality and is robust to various attacks, such as JPEG compression, filtering and resizing. Also the performance of the proposed scheme is verified by comparing the copyright information with the information which is extracted from the watermark.

• Journal of Information Processing Systems
• /
• v.15 no.2
• /
• pp.271-287
• /
• 2019

The synchronization scheme based on moving average is robust and suitable for the same rule to be adopted in embedding watermark and synchronization code, but the imperceptibility and search efficiency is seldom reported. The study aims to improve the original scheme for robust audio watermarking. Firstly, the survival of the algorithm from desynchronization attacks is improved. Secondly, the scheme is improved in inaudibility. Objective difference grade (ODG) of the marked audio is significantly changed. Thirdly, the imperceptibility of the scheme is analyzed and the derived result is close to experimental result. Fourthly, the selection of parameters is optimized based on experimental data. Fifthly, the search efficiency of the scheme is compared with those of other synchronization code schemes. The experimental results show that the proposed watermarking scheme allows the high audio quality and is robust to common attacks such as additive white Gaussian noise, requantization, resampling, low-pass filtering, random cropping, MP3 compression, jitter attack, and time scale modification. Moreover, the algorithm has the high search efficiency and low false alarm rate.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.5
• /
• pp.217-222
• /
• 2013

Return-Oriented Programming(ROP) is an advanced code-reuse attack like a return-to-libc attack. ROP attacks combine gadgets in program code area and make functions like a Turing-complete language. Some of previous defense methods against ROP attacks show high performance overhead because of dynamic execution flow analysis and can defend against only certain types of ROP attacks. In this paper, we propose Indirect Branch Target Address Verification (IBTAV). IBTAV detects ROP attacks by checking if target addresses of indirect branches are valid. IBTAV can defends against almost all ROP attacks because it verifies a target address of every indirect branch instruction. Since IBTAV does not require dynamic execution flow analysis, the performance overhead of IBTAV is relatively low. Our evaluation of IBTAV on SPEC CPU 2006 shows less than 15% performance overhead.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.951-958
• /
• 2004

Nowadays NGN is developed for supporting the e-Commerce, Internet trading, e-Government, e-mail, virtual-life and multimedia. Internet gives us the benefit of remote access to the information but causes the attacks that can break server and modify information. Since 2000 Nimda, Code Red Virus and DSoS attacks are spreaded in Internet. This attack programs make tremendous traffic packets on the Internet. In this paper, we designed and developed the Bandwidth Controller in the gateway systems against the bandwidth saturation attacks. This Bandwidth con-troller is implemented in hardware chipset(FPGA) Virtex II Pro which is produced by Xilinx and acts as a policing function. We reference the TBF(Token Bucket Filter) in Linux Kernel 2.4 and implemented this function in HDL(Hardware Description Language) Verilog. This HDL code is synthesized in hardware chipset and performs the gigabit traffic in real time. This policing function can throttle the traffic at the rate of band width controlling policy in bps speed.