• 디지털산업정보학회논문지
• /
• 제6권3호
• /
• pp.31-36
• /
• 2010

In this paper, We propose a transaction signing-based authentication scheme for protecting sinkhole attacks in wireless sensor networks. Sinkhole attack makes packets that flow network pass through attacker. So, Sinkhole attack can be extended to various kind of attacks such as denial of service attacks, selective delivery or data tamper etc. We analyze sinkhole attack methods in directed diffusion based wireless sensor networks. For the purpose of response to attack method, Transaction signing-based authentication scheme is proposed. This scheme can work for those sensor networks which use directed diffusion based wireless sensor networks. The validity of proposed scheme is provided by BAN logic.

• 한국컴퓨터정보학회:학술대회논문집
• /
• 한국컴퓨터정보학회 2010년도 제42차 하계학술발표논문집 18권2호
• /
• pp.525-526
• /
• 2010

2000년 대규모 DDoS 공격이래, 2009년 7월 7일 국가주요정부기관 및 인터넷 포털, 금융권 등의 웹사이트 대상으로 1차, 2차, 3차로 나누어 대규모 사이버 공격이 발생하였다. 지속적으로 발전되는 행태를 보이고 DDoS 공격에 대해 본 논문에서는 계층적인 침입탐지시스템을 설계하였다. 네트워크 패킷을 분석하기 위해 e-Watch, NetworkMiner등의 패킷, 프로토콜 분석도구를 이용하여 TCP/IP의 Layer별 공격을 분석한 후 패킷의 유입량, 로그정보, 접속정보, Port, Address 정보를 분석하고 계층침입에 대한 방어를 수행하도록 설계하였다. 본 논문은 DDoS(Distributed Denial of Service)에 대한 패킷 전송에 대해 계층적인 방어를 통해 보다 안정적인 패킷수신이 이루어진다.

• IEIE Transactions on Smart Processing and Computing
• /
• 제2권3호
• /
• pp.176-187
• /
• 2013

Message replay, malicious Access Point (AP) associations and Denial of Service (DoS) attacks are the major threats in Wireless LANs. These threats are possible due to a lack of proper authentication and insecure message communications between wireless devices. Current wireless authentication & key exchange (AKE) schemes and security protocols (WEP, WPA and IEEE 802.11i) are not sufficient against these threats. This paper presents a novel Secure WLAN Authentication Scheme (SWAS). The scheme introduces the delegation concept of mobile authentication in WLANs, and provides mutual authentication to all parties (Wireless Station, Access Point and Authentication Server). The messages involved in the process serve both authentication and key refreshing purposes. The scheme enhances the security by protecting the messages through cryptographic techniques and reduces the DoS impact. The results showed that cryptographic techniques do not result in extra latencies in authentication. The scheme also reduces the communication cost and network overhead.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2014년도 추계학술발표대회
• /
• pp.215-217
• /
• 2014

In Software Defined Network (SDN), data plane and control plane are decoupled. Dummy switches on the data plane simply forward packet based on the flow entries that are stored in its flow table. The flow entries are generated by a centralized controller that acts as a brain of the network. However, the size of flow table is limited and it can conduct a security issue related to Distributed Denial of Service (DDoS). Especially, it related to resource attack that consumes all flow table resource and consumes controller resources. In this paper, we will analyze the impact of flow table limitation to the controller. Then we propose an approach that is called Flow Table Management to handle flow table limitation.

• 한국컴퓨터정보학회논문지
• /
• 제24권7호
• /
• pp.87-91
• /
• 2019

In the IoT(Internet of Things) environment, various devices are utilized and applied for different sites. But attackers can access easy to IoT systems, and try to operate DDoS(Distributed Denial-of-Service) attacks. In this paper, Sensor nodes, Cluster heads, and Gateways operates lightweight mutual authentication each others. Since authenticated sensor nodes and cluster heads only send transactions to Gateways, proposed techniques prevent DDoS attacks. In addition, the blockchain system contains secure keys to decrypt data from sensor nodes. Therefore, attackers can not decrypt the data even if the data is eavesdropped.

• International Journal of Computer Science & Network Security
• /
• 제22권4호
• /
• pp.374-386
• /
• 2022

Nowadays, research in deep learning leveraged automated computing and networking paradigm evidenced rapid contributions in terms of Software Defined Networking (SDN) and its diverse security applications while handling cybercrimes. SDN plays a vital role in sniffing information related to network usage in large-scale data centers that simultaneously support an improved algorithm design for automated detection of network intrusions. Despite its security protocols, SDN is considered contradictory towards DDoS attacks (Distributed Denial of Service). Several research studies developed machine learning-based network intrusion detection systems addressing detection and mitigation of DDoS attacks in SDN-based networks due to dynamic changes in various features and behavioral patterns. Addressing this problem, this research study focuses on effectively designing a multistage hybrid and intelligent deep learning classifier based on modified deep forest classification to detect DDoS attacks in SDN networks. Experimental results depict that the performance accuracy of the proposed classifier is improved when evaluated with standard parameters.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2022년도 추계학술발표대회
• /
• pp.709-711
• /
• 2022

ICT 기술의 빠른 발전과 함께 Internet of Things (IoT) 환경에서의 Internet Protocol (IP) 카메라의 사용률이 증가하면서, IP 카메라에 대한 개인정보 이슈와 제품의 보안성 검토 관련 소비자의 개인정보 유출 우려가 증가하고 있다. 본 논문에서는, IP 카메라에 대한 4개 종류의 Denial of Service (DoS) 공격을 통해 IP 카메라 이상 반응을 확인했다. 또한, 이 과정에서 수집한 공격 패킷 데이터를 기반으로, DoS 공격을 탐지하는 간단한 피쳐 구성과 머신러닝 모델을 제안하였다. 최종적으로, DoS 공격을 통해 실제 IP 카메라에 대한 가용성 테스트를 수행하였으며 머신러닝 알고리즘 4개 Decision Tree, Random Forest, Multilayer Perceptron, SVM에서의 DoS 공격 탐지 성능을 비교하였다.

• 전자통신동향분석
• /
• 제39권3호
• /
• pp.48-57
• /
• 2024

Cyberthreats and crimes have become common in society and demand the adoption of robust security measures. Financial cybercrimes, personal information breaches, and spam messages are now prevalent, while companies and nations face an increasing number of cyberthreats and attacks such as distributed denial of service, ransomware, and malware. As the overall socioeconomic landscape undergoes digitalization powered by big data, cloud computing, and artificial intelligence technologies, the importance of cybersecurity is expected to steadily increase. Developed nations are actively implementing various policies to strengthen cybersecurity and providing government support for research and development activities to bolster their domestic cybersecurity industries. In particular, the South Korean government has designated cybersecurity as one of the 12 nationwide strategic technology sectors. We examine the current landscape of cybersecurity companies and the information and communication technology supply chain, providing insights into the domestic cybersecurity market and suggesting implications for South Korea.

• 산업기술연구
• /
• 제22권B호
• /
• pp.147-153
• /
• 2002

It is very important to detect and remove original sources of DOS (Denial of Service) attacks or connection oriented/connectionless attacks. In this paper, we implement a traceback system that does not require the reaction of routers and administrators and does not need log data. We bring in a traceback server and traceback agents in each network and use sniffing and spoofing schemes. Finally, the traceback server detects attacking hosts using information transmitted from traceback agents.

• 한국정보통신설비학회:학술대회논문집
• /
• 한국정보통신설비학회 2009년도 정보통신설비 학술대회
• /
• pp.127-130
• /
• 2009

We propose a method for detecting DDoS (Distributed Denial of Service) traffic in real-time inside the backbone network. For this purpose, we borrow the concepts of MACD (Moving Average Convergence Divergence) and RoC (Rate of Change), which are used for technical analysis in the stock market Due to the fact that the method is based on a quantitative, rather than a heuristic, detection level, DDoS traffic can be detected with greater accuracy (by reducing the false alarm ratio). Through simulation results, we show how the detection level is determined and demonstrate how much the accuracy of detection is enhanced.