• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.51-59
• /
• 2015

JavaScript is a popular technique for activating static HTML. JavaScript has drawn more attention following the introduction of HTML5 Standard. In proportion to JavaScript's growing importance, attacks (ex. DDos, Information leak using its function) become more dangerous. Since these attacks do not create a trail, whether the JavaScript code is malicious or not must be decided. The real attack action is completed while the browser runs the JavaScript code. For these reasons, there is a need for a real-time classification and determination technique for malicious JavaScript. This paper proposes the Analysis Engine for detecting malicious JavaScript by adopting the requirements above. The analysis engine performs static analysis using signature-based detection and dynamic analysis using behavior-based detection. Static analysis can detect malicious JavaScript code, whereas dynamic analysis can detect the action of the JavaScript code.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.61-68
• /
• 2015

Recently, with increasing use of smartphones, the security threats also have increased rapidly. Especially, the compromised smartphone is very dangerous because it could be exploited in a DDOS attacks such as cyberterrorism as well as in the leakage of personal information. However, most bot detection mechanisms are still unsuitable for smartphone with its lower computing capability and limited battery capacity because they incur additional computational overheads or require pre-defined signatures. In this paper, we present an efficient bot detection mechanism in smartphones. Our mechanism detects effectively bots in outgoing traffic by using a correlation between user events and network traffic. We have implemented its prototype in Android smartphone and measured its performance. The evaluation results show that our mechanism provides low overhead to detect bots in smartphones.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.47-54
• /
• 2013

Ad-hoc network is composed of mobile nodes and has a vulnerability of attack like on conventional wire networks. So, many studies have been conducted to apply the traceback mechanism on wire network to Ad-hoc network. In this paper, a new mechanism that can trace back to IP source of spoofing DDoS packet using iTrace message on Ad-hoc network is proposed. The proposed mechanism implements ICMP Traceback message and the traceback path between agents allocated in local network and a server located in management network. Also the proposed mechanism can trace the position of attacker even after an attack is over and has extendability through standardization by using a mechanism that IETF proposed. Result of performance evaluation shows a great improvement in terms of load, integrity, safety, traceback function as compared with conventional mechanisms.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37A no.9
• /
• pp.772-779
• /
• 2012

In the current MANET, DOS or DDOS attacks are increasing, but as MANET has limited bandwidth, computational resources and battery power, the existing traceback mechanisms can not be applied to it. Therefore, in case of traceback techniques being applied to MANET, the resource of each node must be used efficiently. However, in the traceback techniques applied to an existing ad hoc network, as a cluster head which represents all nodes in the cluster area manages the traceback, the overhead of the cluster head shortens each node's life. In addition, in case of multi-hop clustering, as one Cluster head manages more node than one, its problem is getting even worse. This paper proposes TNA(Traceback against Network Attacks) based on multihop clustering using the depth of tree structure in order to reduce the overhead of distributed information management.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.185-196
• /
• 2022

The Internet of Things (IoT) has become more and more widespread in recent years, thus attackers are placing greater emphasis on IoT environments. The IoT connects a large number of smart devices via wired and wireless networks that incorporate sensors or actuators in order to produce and share meaningful information. Attackers employed IoT devices as bots to assault the target server; however, because of their resource limitations, these devices are easily infected with IoT malware. The Distributed Denial of Service (DDoS) is one of the many security problems that might arise in an IoT context. DDOS attempt involves flooding a target server with irrelevant requests in an effort to disrupt it fully or partially. This worst practice blocks the legitimate user requests from being processed. We explored an intelligent intrusion detection system (IIDS) using a particular sort of machine learning, such as Artificial Neural Networks, (ANN) in order to handle and mitigate this type of cyber-attacks. In this research paper Feed-Forward Neural Network (FNN) is tested for detecting the DDOS attacks using a modified version of the KDD Cup 99 dataset. The aim of this paper is to determine the performance of the most effective and efficient Back-propagation algorithms among several algorithms and check the potential capability of ANN- based network model as a classifier to counteract the cyber-attacks in IoT environments. We have found that except Gradient Descent with Momentum Algorithm, the success rate obtained by the other three optimized and effective Back- Propagation algorithms is above 99.00%. The experimental findings showed that the accuracy rate of the proposed method using ANN is satisfactory.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.463-467
• /
• 2002

최근 인터넷을 통한 해킹이나 바이러스 침투로 인한 사례들이 증가하고 있다. 2000년 2월, Yahoo, Amazon, CNN에 발생했던 DDoS 공격으로 인해 각 웹 사이트들은 큰 피해를 입었다. 인터넷의 개방성은 사용자들에게 매우 다양한 서비스를 제공하는 반면, 인터넷을 통한 해킹, 바이러스 등의 공격을 위한 도구로서 사용되고 있다. 본 논문은 근래 분산서비스거부 (DDoS) 공격으로 인하여 남용되고 있는 네트워크 자원의 손실을 감소시키기 위해서, 분산서비스거부 (DDoS) 공격을 탐지하고 그 공격에 대해 적절한 대응 조치를 취할 수 있는 시스템인 FDDS (Flow based DDos Detection System)를 제안한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.8
• /
• pp.891-900
• /
• 2015

Cloud Computing has recently begun to emerge as a new attack target. The malice DDoS attacks are ongoing to delay and disturb the various services of the Cloud Computing. In this paper, we propose the Hornet-Cloud using security Honeypot technique and resources of Cloud Computing, and design the concept of active-interaction and security functions of Hornet-Cloud simply.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.19-22
• /
• 2009

This thesis offers forecast & warning algorithm about the accessing networks though statistical sampling methods to prevent computer terrors. These networks are occurred among U-city network groups. The main characteristic of current computer attacks is avoiding well-known detection patterns by successive changes in spreading speeds and attacking codes. The improvement of attacking stills leads to a problem causing the defense-time delay and creates vicious cycle that tries to fix networks after damage. Proposed algorithm notices and warns the potential attacking areas through defecting previous attacking signs, analysing attaching results ed tracing attaching sources at the beginning of the attack.

• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.2
• /
• pp.55-65
• /
• 2016

Distributed Denial of service attack is one of the major threats nowadays especially to the government infrastructure that give huge impact to the reputation and interrupt the services and resource. Our survey start with brief introduction about DDoS attacks, we illustrate the trends and incident happened at government from various countries. We then provide an extensive literature review on the existing research about implication, types of attacks and initiative to defence against the DDoS attacks. Our discussion aims to identify the trends in DDoS attacks, in depth impact of DDoS attacks to government infrastructure, classification of attacks and techniques against the attacks. And we will use for a fire fight safety and management.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.672-675
• /
• 2014

최근 DDOS 공격이 활발해짐에 따라 많은 사이트에서 검색 페이지에 노출되지 않도록 웹봇을 차단한 경우가 생기게 되었다. 하지만 이는 사이트 사용자나 사이트 측 모두에게 악영향을 미치므로 웹 사이트의 웹봇 접근성을 평가하는 프로그램을 제작하게 되었다. 본 프로그램은 Robots.txt를 분석하거나 Robots 메타 태크 등을 분석하여 웹 사이트의 웹봇 접근성을 평가하는 프로그램이다. 이 프로그램으로 평가한 결과를 피드백의 근거로 삼아 더 나은 검색 결과를 기대할 수 있다.