• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.7-12
• /
• 2009

The advanced computer network and Internet technology enables connectivity of computers through an open network environment. Despite the growing numbers of security threats to networks, most intrusion detection identifies security attacks mainly by detecting misuse using a set of rules based on past hacking patterns. This pattern matching has a high rate of false positives and can not detect new hacking patterns, making it vulnerable to previously unidentified attack patterns and variations in attack and increasing false negatives. Intrusion detection and prevention technologies are thus required. We proposed a network based hybrid Probe Intrusion Detection model using Fuzzy cognitive maps (PIDuF) that detects intrusion by DoS (DDoS and PDoS) attack detection using packet analysis. A DoS attack typically appears as a probe and SYN flooding attack. SYN flooding using FCM model captures and analyzes packet information to detect SYN flooding attacks. Using the result of decision module analysis, which used FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. For the performance evaluation, the "IDS Evaluation Data Set" created by MIT was used. From the simulation we obtained the max-average true positive rate of 97.064% and the max-average false negative rate of 2.936%. The true positive error rate of the PIDuF is similar to that of Bernhard's true positive error rate.

• The Journal of Society for e-Business Studies
• /
• v.21 no.1
• /
• pp.105-118
• /
• 2016

Game companies are frequently attacked by attackers while the companies are servicing their own games. This paper analyzes the limit of the Signature detection method, which is a way of detecting hacking modules in online games, and then this paper proposes the Scoring Signature detection scheme to make up for these problems derived from the limits. The Scoring Signature detection scheme enabled us to detect unknown hacking attacks, and this new scheme turned out to have more than twenty times of success than the existing signature detection methods. If we apply this Scoring Signature detection scheme and the existing detection methods at the same time, it seems to minimize the inconvenient situations to collect hacking modules. And also it is expected to greatly reduce the amount of using hacking modules in games which had not been detected yet.

• Journal of Information Technology Applications and Management
• /
• v.13 no.4
• /
• pp.141-153
• /
• 2006

According to supply of super high way internet service, importance of security becomes more emphasizing. Therefore, flawless security solution is needed for blocking information outflow when we send or receive data. large enterprise and public organizations can react to this problem, however, small organization with limited work force and capital can't. Therefore they need to elevate their level of information security by improving their information security system without additional money. No hackings can be done without passing invasion blocking system which installed at the very front of network. Therefore, if we manage.isolation log effective, we can recognize hacking trial at the step of pre-detection. In this paper, it supports information security manager to execute isolation log analysis very effectively. It also provides isolation log analysis module which notifies hacking attack by analyzing isolation log.