• Journal of the Speleological Society of Korea
• /
• no.87
• /
• pp.8-13
• /
• 2008

The automatic firewall block and fire alarm system was embodied by using gas circuit and wireless communication equipment, using a smoke sensor (ST-QA1A) and RF Module. OR-CAD was also used for testing circuit system and experiment circuit after assembling circuit. As a result in experiment, the gas sensor detected well an imaginary smoke and worked reliably for driving action of firewall block motor and wireless warning alarm. Through the smoke sensitive perception from the fire, the warning alarm and the preventing fire propagation from the specific closed region were verified reliably. The gas sensor and RF module for firewall and fire alarm system were actually available.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.261-264
• /
• 2008

IPv6 has been proposed and deployed to cater the shortage of IPv4 addresses. It is expected to foresee mobile phones, pocket PCs, home devices and any other kind of network capable devices to be connected to the Internet with the introduction and deployment of IPv6. This scenario will bring in more challenges to the existing network infrastructure especially in the network security area. Firewalls are the simplest and the most basic form of protection to ensure network security. Nowadays, firewalls' usage has been extended from not only to protect the whole network but also appear as software firewalls to protect each network devices. IPv6 and IPv4 are not interoperable as there are separate networking stacks for each protocol. Therefore, the existing states of the art in firewalling need to be reengineered. In our context here, we pay attention only to the IPv6 firewalls configuration anomalies without considering other factors. Pre-evaluation of security risk is important in any organization especially a large scale network deployment where an add on rules to the firewall may affect the up and running network. We proposed a new probabilistic based model to evaluate the security risks based on examining the existing firewall rules. Hence, the network administrators can pre-evaluate the possible risk incurred in their current network security implementation in the IPv6 network. The outcome from our proposed pre-evaluation model will be the possibilities in percentage that the IPv6 firewall is configured wrongly or insecurely where known attacks such as DoS attack, Probation attack, Renumbering attack and etc can be launched easily. Besides that, we suggest and recommend few important rules set that should be included in configuring IPv6 firewall rules.

• Journal of Digital Convergence
• /
• v.15 no.5
• /
• pp.197-205
• /
• 2017

To achieve web application security goals effectively by providing web security features such as information leakage prevention, web application firewall system must be able to achieve the goal of enhancing web site security and providing secure services. Therefore, it is necessary to study the security evaluation of web application firewall system based on related standards. In this paper, we analyze the requirements of the base technology and security quality of web application firewall, and established the security evaluation criteria based on the international standards for software product evaluation. Through this study, it can be expected that the security quality level of the web application firewall system can be confirmed and the standard for enhancing the quality improvement can be secured. As a future research project, it is necessary to continuously upgrade evaluation standards according to international standards that are continuously changing.

• The Journal of the Korea Contents Association
• /
• v.3 no.4
• /
• pp.38-47
• /
• 2003

Distributed problem solving is the cooperative solution of problem by a decentralized and loosely couped collection of knowledge-sources (KS's), located in a number of distinct processor nodes. The contract net protocol has been developed to specify problem-solving communication and control for nodes in a distributed problem solver. Task distribution is affected by a negotiation process, a discussion carried on between nodes with tasks to be executed and nodes that may be able to execute tasks In this paper, we present the coordination method among distributed intrusion detection system and firewall by the contract net protocol. The method enhances the intrusion detection performance and provides the communication methods. To mode IDS and firewall, security models hue been hierarchically constructed based on the DEVS (Discrete Event system Specification) formalism. Each ID agent cooperates through the contract net protocol for detecting intrusions. The IDS which detects the intrusion informs to firewall, so the harmful network traffic is blocked. If an agent detects infusions, the agent transfers attacker's information to a firewall. Using this mechanism attacker's packets detected by In can be prevented from damaging the network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.5C
• /
• pp.435-444
• /
• 2002

In this paper, a novel packet scheduling algorithm, so-called the CSL algorithm is discussed, whereby the firewall property as well as the deterministic delay bound guarantee are supported in session level. Lots of simulation studies validate those properties of the CSL algorithm. The CSL algorithm is distingushable from the well- known EDD scheme in terms of the firewall property. Regarding the implementation complexity, the CSL algorithm turns out to be of 0(1) besides the sorting overhead. Owing to the maintained generic fair queueing structure in the CSL algorithm, a various fair queueing schemes can be applied with minor modification. For the TCP/IP network which is vulnerable to the misbehaving traffic sources, the firewall property of the CSL algorithm is quite useful for the advanced quality of services.

• Journal of the Korea Society of Computer and Information
• /
• v.8 no.1
• /
• pp.37-43
• /
• 2003

The growing Internet business has required the acceleration of the development of security components. There are many different kinds of security components that have been developed in accordance with the appearance of various logs. Therefore, it is important that after the logs are collected they become integrated and need to Once the data from the logs have been collected form the IDS/Firewall/Router logs. It needs to be analyzed and formatted for standardization. This paper suggests designs that the log analyzation system could use in analyzing, detecting, and preventing intrusion in the various systems. Once the data has been analyzed it would be possible to Prevent further intrusion as well as trace the intrusion back to the source.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.12
• /
• pp.5058-5071
• /
• 2010

International standard is the documents that is constructed based on general and common characteristics of software. Thus, it is necessary to consider the characteristics of product and optimize the evaluation method by using related standard to adapt to some specific knowledge information security products. Also, because rapid development of software field was obliged to change the international standard, the content and construction of standard has changed, it is necessary to construct the evaluation method with this change. In this paper, we developed the evaluation model that can support the quality enhancement by evaluating the quality level and extracting the improvement method of firewall. For this, we surveyed and analyzed the trend and the technical elements of firewall and considering the general quality requirements and unique quality requirements, and proposed the quality evaluation model and method.

• Journal of Korea Multimedia Society
• /
• v.9 no.8
• /
• pp.1037-1044
• /
• 2006

It's difficult to check cyber attacks and the performance of a security system in a real large-scale network. Generally, a new security system or the effect of a new security attack are checked by simulation. We use SSFNet to simulate our security system and cyber attack. SSFNet is an event-driven simulation tools based on process, which has a strength to be capable of expressing a large-scale network. But it doesn't offer any API's which can manipulate not only the related function of security but also the packet. In this paper, we developed a firewall and IPS class, used for a security system, and added to them components of SSFNet. The firewall is modelled a security system based on packet filtering. We checked the function of the firewall and the IPS with network modelled as using our SSFNet. The firewall blocks packets through rules of an address and port of packets. The result of this simulation shows that we can check a status of packets through a log screen of IPS installed in a router and confirm abnormal packet to be dropped.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.15-28
• /
• 2009

This paper proposes HWbF(Hit and WLC based Firewall) design which consists of an PFS(Packet Filter Station) and APS(Application Proxy Station). PFS is designed to reduce bottleneck and to prevent the transmission delay of them by distributing packets with PLB(Packet Load Balancing) module, and APS is designed to manage a proxy cash server by using PCSLB(Proxy Cash Server Load Balancing) module and to detect a DoS attack with packet traffic quantity. Therefore, the proposed HWbF in this paper prevents packet transmission delay that was a drawback in an existing Firewall, diminishes bottleneck, and then increases the processing speed of the packet. Also, as HWbF reduce the 50% and 25% of the respective DoS attack error detection rate(TCP) about average value and the fixed critical value to 38% and 17%. with the proposed expression by manipulating the critical value according to the packet traffic quantity, it not only improve the detection of DoS attack traffic but also diminishes the overload of a proxy cash server.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1997.03a
• /
• pp.163-181
• /
• 1997

This dissertation provides a theroetic study on the network security in general , the firewall in particular . In fact, the firewall has been recognized as a very promising option to obtain the security in the real world network environment . The dissertation provides a thorough theoretic investigation on the various problems raised in the computer network, and also explores a methodology of the security against IP spoofing. Moreover, it investigates a systematic procedure to make analysis plans of the firewall configuration. Based on the above investigation and analysis , this dissertation provides two approaches to network security, which address a number of issues both at the network and at application level. At the network level. a new methdo is proposed which uses packet filtering based on the analysis of the counter plot about the screen router. On the other hand at the application level, a novel method is exlored which employs security software , Firewall-1, on Bastion host. To demonstrate the feasibility and the effectiveness of the proposed methodologes, a prototype implementation is made. The experiment result shows that the screen router employing the proposesed anti-IP spoofing method at the network level is effective enough for the system to remain secure without being invaded by any illegarl packets entering from external hackers. Meanwhile , at the application level. the proposed software approach employing Firewall -1 is proved to be robust enough to provent hackings from the outer point to point protocol connection. Theoretically, it is not possible to provide complete secuirty to the network system, because the network security involove a number of issues raised from low level network equipments form high level network protocol. The result in this dissertation provides a very promising solution to network security due to its high efficiency of the implementation and superb protectiveness from a variety of hacking.