• Proceedings of the KAIS Fall Conference
• /
• 2011.05a
• /
• pp.53-56
• /
• 2011

지난 7.7 DDoS(Distributed Denial of Service), 3.3 DDoS 대란을 통해서 보여주듯 DDoS 공격이 네트워크 주요 위협요소로 매우 부각되고 있으나, 공격에 대해서 실시간으로 감지하고 대응하기에 어렵다. 그리고 현재 여러 분야에서 매우 많은 용도로 사용되는 SMS(Short Message Service)도 DDoS 공격 수단으로 사용되어 이동전화 시스템에 큰 혼란을 야기할 수 있다. 기존의 Bloom Filter 탐지 기법은 구조가 간단하고 실시간 탐지가 가능한 장점을 갖지만 오탐지율에 대한 문제점을 가진다. 본 논문에서는 목적지 기반의 다중의 해시함수를 사용한 Counting Bloom Filter 기법을 이용하여 임계치 이상 카운트된 동일한 목적지로 발송되는 SMS에 대하여 공격으로 탐지하고 SMSC에 통보하여 차단시키는 시스템을 제안한다.

• Journal of information and communication convergence engineering
• /
• v.9 no.4
• /
• pp.431-434
• /
• 2011

Password-based user-authentication schemes have been widely used when users access a server to avail internet services. Multiserver password-authentication schemes enable remote users to obtain service from multiple servers without separately registering with each server. In 2008, Jia-Lun Tsai proposed an improved and efficient password-authenticated key agreement scheme for a multiserver architecture based on Chang-Lee's scheme proposed in 2004. However, we found that Tsai's scheme does not provide forward secrecy and is weak to insider impersonation and denial of service attacks. In this article, we describe the drawbacks of Tsai's scheme and provide a countermeasure to satisfy the forward secrecy property.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.1
• /
• pp.1-7
• /
• 2013

The cloud computing is technology which gives flexible and solid infrastructure to IT environment. With this technology multiple computing environment can be consolidated in to a single server so that maximize system resource utilization. Better processing power can be achieved with less system resource. IT manager can cope with increasing unnecessary cost for additional server and management cost as well. This means a enterprise is able to provide services with better quality and create new services with surplus resource. The time required for recovery from system failure will be reduced from days to minutes. Enhanced availability and continuity of enterprise business minimize the codt and the risk produced by service discontinuity. In this paper, we propose framework architecture that is strong against denial-of-service attack.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.76-79
• /
• 2016

Remote Authentication Dial-In User Service (RADIUS)은 원격지의 사용자들을 인증하기 위한 대표적인 프로토콜이다. 기존의 RADIUS인증은 인증 서버가 클라이언트 IP, URI정보와 같은 데이터 통신의 기본사항만을 확인한 후 세션을 설정한다. 하지만, 악의적인 공격자가 IP 혹은 URI정보를 위/변조해서 인증을 요청하거나 반복적인 인증요청을 통한 DOS(Denial Of Service)공격을 수행할 경우 부적절한 인증, 사용자의 인증시간 지연 및 실패와 같은 심각한 문제가 발생할 수 있다. 본 논문에서는 클라이언트와 서버가 공유하는 데이터의 Hash값을 검증한 후, Packet Signing 방식을 활용해서 유효한 사용자에게만 서버접근을 허용하는 방안을 제안한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.69-78
• /
• 2015

Internet of Things(IoT) is electronic devices and household appliances use wireless sensor network in environment of high speed wireless network and LTE mobile service. The combination of the development of Internet and wireless network led to development of new forms of service such as electronic devices and household appliances can connect to the Internet through various sensors and online servers such as a Home Network. Even though Internet of Things is useful, there are problems in Internet of Things. In environment of Internet of Things, information leakage could happens by illegal eavesdropping and spoofing. Also illegal devices of wireless communication interference can cause interfere in Internet of things service, physical damage and denial of service by modulation of data and sensor. In this thesis, it will analyze security threats and security vulnerability in environment of mobile services and smart household appliances, then it will suggest plan. To solve security issues, it is important that IT and RFID sensor related companies realize importance of security environment rather than focus on making profit. It is important to develop the standardized security model that applies to the Internet of Things by security-related packages, standard certification system and strong encrypted authentication.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4204-4222
• /
• 2015

Cloud is the latest buzz word in the internet community among developers, consumers and security researchers. There have been many attacks on the cloud in the recent past where the services got interrupted and consumer privacy has been compromised. Denial of Service (DoS) attacks effect the service availability to the genuine user. Customers are paying to use the cloud, so enhancing the availability of services is a paramount task for the service provider. In the presence of DoS attacks, the availability is reduced drastically. Such attacks must be detected and prevented as early as possible and the power of computational approaches can be used to do so. In the literature, machine learning techniques have been used to detect the presence of attacks. In this paper, a novel approach is proposed, where intelligent rule based feature selection and classification are performed for DoS attack detection in the cloud. The performance of the proposed system has been evaluated on an experimental cloud set up with real time DoS tools. It was observed that the proposed system achieved an accuracy of 98.46% on the experimental data for 10,000 instances with 10 fold cross-validation. By using this methodology, the service providers will be able to provide a more secure cloud environment to the customers.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.143-145
• /
• 2022

With the spread of the Internet around the world, devices connected to the Internet are gradually increasing. In addition, the number of distributed reflection service attacks (DrDoS), an attack that maliciously requests large responses by deceiving IPs as if the attacker was a victim, using vulnerabilities in application protocols such as DNS, NTP, and CLDAP, is increasing rapidly. It is believed that the security threat of distributed reflection service attacks will not disappear unless ISPs establish appropriate countermeasures to IP Spoofing. Therefore, this paper describes the security threat and response status of distributed reflection service attacks based on IP Spoofing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5529-5552
• /
• 2016

Mobile cloud computing (MCC) has revolutionized the way in which the services can be obtained from the cloud service providers. Manifold increase in the number of mobile devices and subscribers in MCC has further enhanced the need of an efficient and robust authentication solution. Earlier, the subscribers could get cloud-computing services from the cloud service providers only after having consulted the trusted third party. Recently, Tsai and Lo has proposed a multi-server authenticated key agreement solution for MCC based on bilinear pairing, to eliminate the trusted third party for mutual authentication. The scheme has been novel as far as the minimization of trusted party involvement in authenticating the user and service provider, is concerned. However, the Tsai and Lo scheme has been found vulnerable to server spoofing attack (misrepresentation attack), de-synchronization attack and denial-of-service attack, which renders the scheme unsuitable for practical deployment in different wireless mobile access networks. Therefore, we have proposed an improved model based on bilinear pairing, countering the identified threats posed to Tsai and Lo scheme. Besides, the proposed work also demonstrates performance evaluation and formal security analysis.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2004.10a
• /
• pp.619-622
• /
• 2004

For recent years, hacking is in the trends of making excessive traffic unnecessarily to obstruct the service by getting a system's performance down. And we can also see systems paralyzed in service ability due to the flash crowds of normal traffic to a popular website. This is an important problem certainly solved in the point of QoS guarantee for the clients. It is known that the former is DDoS(Distributed Denial of Service) attack and the latter is FE(Flash Event). These two are samely anomalous traffic because these make excessive congestion on the network or system and downgrade the system's service ability. In this paper, we propose a scheme for protecting the system against anomalous traffic and for guaranteeing the QoS. For this, a server records and maintains the information of clients accessed more than one time before when it is in normal condition. When it falls into the congestion, the records are used for filtering the spoofed IP. We send and receive the ICMP request/reply packet to know whether the IP is spoofed. And we also propose for applying the object spliting of CDN to guarantee the QoS in the initial FE situation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.7
• /
• pp.1518-1523
• /
• 2005

With the expansion of service over the internet, the recent network demands the amount of the more bandwidth and fast transfer rate. Optical Burst Switching has considered as a promising solution for supporting high-speed Internet Service. Because of OBS architecture, it has the security threats such as eavesdropping, masquerading, denial of service and so on. In this Paper, We analyze OBS-specific security threats and requirement for supporting security protocol n OBS networks. We propose an authentication and key exchange protocol for supporting the security service. This protocol supports explicit key authentication by using the control messages and protects the control message by using the session key.