• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.39-47
• /
• 2002

This paper deals with study of a new framework for the traceback of distributed DoS(Denial of Service) attacks in the Internet, in which many sources flood "spoofed" IP packets towards a single victim. In our scheme, the destination host traces those anonymous packets' losses, and infers the logical end-to-end paths back towards the sources. This method is based on the fact that there is a strong correlation between packet losses when those packets traverse along a same route, and the simulation results show high probabilities of detecting the topology under a certain condition. Compared with previous approaches, our scheme has a number of distinct features: It can be performed in realtime or non-realtime, without any supports of routers or ISPs. Our results may be applied to the inference of physical topology and to support previous approaches.pproaches.

• The Journal of the Korea Contents Association
• /
• v.6 no.1
• /
• pp.151-159
• /
• 2006

This paper studied active response policy generation scheme in intrusion detection system. We considered seven requirements of intrusion detection system for active response with components as the preceding study We presented the scheme which I can generate signature with a base with integrate one model with NIDS and ADS. We studied detection of the Unknown Attack which was active, and studied scheme for generated to be able to do signature automatically through Unknown Attack detection.

• Journal of Service Research and Studies
• /
• v.6 no.3
• /
• pp.79-90
• /
• 2016

Wireless internet service is an important factor to support all industries. In order to connect and use the smart phones or the laptop via a wireless Internet connection, it has been increasing the hacking risks associated with it. As information spills through the DNS address modulation of the Internet router, hacking threats through a wireless router is present. In this paper, we are dealing with the hacking technique utilizing the overall vulnerability of a wireless LAN. We analyzed the need for the wireless LAN security through WEP encryption algorithm and the improved encryption algorithm. In addition, we presented a countermeasure against these hacking technologies which is WEP Crack using wireless vulnerability hacking technology, DDoS attacks, DNS Spoofing.

• Journal of the Korea Convergence Society
• /
• v.10 no.5
• /
• pp.9-16
• /
• 2019

In this paper, it will analyze security problems, so technology's potential can apply to business security area. First, in order to deep learning do security tasks sufficiently in the business area, deep learning requires repetitive learning with large amounts of data. In this paper, to acquire learning ability to do stable business tasks, it must detect abnormal IP packets and attack such as normal software with malicious code. Therefore, this paper will analyze whether deep learning has the cognitive ability to detect various attack. In this paper, to deep learning to reach the system and reliably execute the business model which has problem, this paper will develop deep learning technology which is equipped with security engine to analyze new IP about Session and do log analysis and solve the problem of mathematical role which can extract abnormal data and distinguish infringement of system data. Then it will apply to business model to drop the vulnerability and improve the business performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.81-92
• /
• 2009

Recently, there is a drastic increase in users interested in real-time multimedia services in the WLAN environment, as the demand of IEEE 802.11 WLAN-based services increases. However, the handoff delay based on 802.11i security policy is not acceptable for the seamless real-time multimedia services provided to MS frequently moving in the WLAN environment, and there is a possibility of DoS attacks against session key derivation process and handoff mechanism. In this paper, a secure and efficient handoff mechanism in the centralized WLAN environment is introduced to solve the security problems. The 4-way Handshake for both mutual authentication and session key derivation is replaced by the 2-way Reassociation process.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.1
• /
• pp.147-153
• /
• 2014

The numerous improved schemes of remote user authentication based on password have been proposed in order to overcome the security weakness in user authentication process. Recently, some of biometric-based user authentication schemes to use personal biometric information have been introduced and they have shown the relatively higher security and the enhanced convenience as compared to traditional password-based schemes. These days wireless sensor network is a fundamental technology in face of the ubiquitous era. The wireless sensor networks to collect and process the data from sensor nodes in increasing high-tech applications require important security issues to prevent the data access from the unauthorized person. Accordingly, the research to apply to the user authentication to the wireless sensor networks has been under the progress. In 2010, Yuan et al. proposed a biometric-based user authentication scheme to be applicable for wireless sensor networks. Yuan et al. claimed that their scheme is effectively secure against the various security flaws including the stolen verifier attack. In this paper, author will prove that Yuan et al.'s scheme is still vulnerable to the password guessing attack, user impersonation attack and the replay attack, by analyzing their security weakness.

• 한국초등상담교육학회:학술대회논문집
• /
• 2004.01a
• /
• pp.189-204
• /
• 2004

We can usually found the children who do overactive and aggressive behaviors. They disrupt classroom order and cause other children immense damage. Their teachers exert themselves to control or manage them in class. This may lead to a reduction of precious time for teaching-learning classroom activities. This study has counseled those children doing overactive and aggressive behaviors with solution-focused brief counseling. This study also explores the following problems. First, how does solution-focused brief counseling affect their overactive and aggressive behaviors? Second, what changes do they experience through solution-focused brief counseling? Third, is solution-focused brief counseling useful in elementary schools? To do this study task, four students have been chosen with the help of teachers in the fifth year at B Elementary School in Ansan. The four children scored high in Mi-hyun Han's 'The ratings of the child's behavior problems' and Se-Yong Jeong's 'Life of school and behavior test'. They are all eleven years old and had two interviews before the experiment and five interviews during the experiment. The analysis of the counseling has been interpreted according to the different analytical methods based on the tasks. Solution-focused brief counseling's effect on children doing overactive and aggressive behaviors has been studied by quantity-analysis method, their changes in behaviors by quality analysis method; phenomenal and psychological method and the usefulness of this counseling in school surroundings by the joint of above two methods. The analysis has provided the following results. First, solution-focused brief counseling has been effective in the reduction of behavioral problems for those children doing overactive and aggressive behaviors and the continuation of the counseling has had a positive effect but it has depended on the individual characteristics and the degree of severity in their behaviors. Second, solution-focused brief counseling has lent itself to encouraging children to have egostrength, confidence, and volition in their behavioral changes with a favorable attitude to the counseling. Third, The egostrength formed through counseling has led children to a progressive direction of their behaviors in their school life. The increasing frequency in counseling has caused a decreasing time-period expected for counseling, and a feasibility of counseling with less resistance. In conclusion, solution -focused brief counseling may be a useful means to help children have positive self-esteem and lead a proper school life, leading to be a helpful facilitation for school site facing a deficiency of counseling.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.7
• /
• pp.1518-1523
• /
• 2005

With the expansion of service over the internet, the recent network demands the amount of the more bandwidth and fast transfer rate. Optical Burst Switching has considered as a promising solution for supporting high-speed Internet Service. Because of OBS architecture, it has the security threats such as eavesdropping, masquerading, denial of service and so on. In this Paper, We analyze OBS-specific security threats and requirement for supporting security protocol n OBS networks. We propose an authentication and key exchange protocol for supporting the security service. This protocol supports explicit key authentication by using the control messages and protects the control message by using the session key.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.573-580
• /
• 2002

Within the security architecture of the 3GPP system there is a standardised integrity algorithm f9. The integrity algorithm f9 computes a MAC to authenticate the data integrity and data origin of signalling data over a radio access link of W-CDMA IMT-2000. f9 is a variant of the standard CBC MAC based on the block cipher KASUMI. In this paper we provide the provable security of f9 We prove that f9 is secure by giving concrete bound on an adversary's inability to forge in terms of her inability to distinguish the underlying block cipher from a pseudorandom permutation.