• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.4
• /
• pp.135-140
• /
• 2015

The WDSS improves defensive capacity against web application layer DDoS attack by using web cache server and L7 switch which are added on the DDoS shelter system. When web DDoS attack occurs, security agents divert traffic from backbone network to sub-network of the WDSS and then DDoS protection device and L7 switch block abnormal packets. In the meantime, web cache server responds only to requests of normal clients and maintains stable web service. In this way, the WDSS can counteract the web DDoS attack which generates small traffic and depletes server-client session resource. Furthermore, the WDSS does not require IP tunneling because it is not necessary to retransfer the normal requests to original web server. In this paper, we validate operation of the WDSS and verify defensive capability against web application layer DDoS attacks. In order to do this, we built the WDSS on backbone network of an ISP. And we performed web DDoS tests by using a testing system that consists of zombie PCs. The tests were performed by three types and various amounts of web DDoS attacks. Test results suggest that the WDSS can detect small traffic of the web DDoS attacks which do not have repeat flow whereas the formal DDoS shelter system cannot.

• Journal of Convergence for Information Technology
• /
• v.11 no.5
• /
• pp.30-37
• /
• 2021

Various devices are connected to the Internet, and attacks using the Internet are occurring. Among such attacks, there are attacks that use malicious URLs to make users access to wrong phishing sites or distribute malicious viruses. Therefore, how to detect such malicious URL attacks is one of the important security issues. Among recent deep learning technologies, neural networks are showing good performance in image recognition, speech recognition, and pattern recognition. This neural network can be applied to research that analyzes and detects patterns of malicious URL characteristics. In this paper, performance analysis according to various parameters was performed on a method of detecting malicious URLs using neural networks. In this paper, malicious URL detection performance was analyzed while changing the activation function, learning rate, and neural network structure. The experimental data was crawled by Alexa top 1 million and Whois to build the data, and the machine learning library used TensorFlow. As a result of the experiment, when the number of layers is 4, the learning rate is 0.005, and the number of nodes in each layer is 100, the accuracy of 97.8% and the f1 score of 92.94% are obtained.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.12C
• /
• pp.1288-1298
• /
• 2002

To implement elliptic curve cryptosystem in GF(2$\^$m/) at high speed, a fast divider is required. Although bit-parallel architecture is well suited for high speed division operations, elliptic curve cryptosystem requires large m(at least 163) to support a sufficient security. In other words, since the bit-parallel architecture has an area complexity of 0(m$\^$m/), it is not suited for this application. In this paper, we propose a new serial-in serial-out systolic array for computing division operations in GF(2$\^$m/) using the standard basis representation. Based on a modified version of tile binary extended greatest common divisor algorithm, we obtain a new data dependence graph and design an efficient bit-serial systolic divider. The proposed divider has 0(m) time complexity and 0(m) area complexity. If input data come in continuously, the proposed divider can produce division results at a rate of one per m clock cycles, after an initial delay of 5m-2 cycles. Analysis shows that the proposed divider provides a significant reduction in both chip area and computational delay time compared to previously proposed systolic dividers with the same I/O format. Since the proposed divider can perform division operations at high speed with the reduced chip area, it is well suited for division circuit of elliptic curve cryptosystem. Furthermore, since the proposed architecture does not restrict the choice of irreducible polynomial, and has a unidirectional data flow and regularity, it provides a high flexibility and scalability with respect to the field size m.

• Journal of the Society of Disaster Information
• /
• v.11 no.4
• /
• pp.556-569
• /
• 2015

With about 75% of the population of Korea criticizing the government's disaster policy and a failure to respond to large-scale emergency like the Sewol ferry sinking means that there is a deep distrust in the government. In order to prevent dreadful disasters such as the Sewol ferry sinking, it is important to secure a prime time with respect to disaster safety. Improving crisis management skills and managerial role of police officers who are in close proximity to the people is necessary for the success of disaster management. With disaster management as one of the most essential missions of the police, as a part of a national crisis management, a step by step strengthening of the disaster safety management system of the police is necessary, as below. First, at the prevention phase, law enforcement officers were not injected into for profit large-scale assemblies or events, but in the future the involvement, injection should be based on the level of potential risk, rather than profitability. In the past and now, the priortiy was the priority was on traffic flow, traffic communication, however, the paradigm of traffic policy should be changed to a safety-centered policy. To prevent large-scale accidents, police investigators should root out improper routines and illegal construction subcontracting. The police (intelligence) should strengthen efforts to collect intelligence under the subject of "safety". Second, with respect to the preparatory phase, on a survey of police officers, the result showed that 72% of police officers responded that safety management was not related to the job descriptions of the police. This, along with other results, shows that the awareness of disaster safety must be adopted by, or rather changed in the police urgently. The training in disaster safety education should be strengthened. A network of experts (private, administrative, and police) in safety management should be established to take advantage of private resources with regard to crisis situtions. Third, with respect to the response phase, for rapid first responses to occur, a unified communication network should be established, and a real-time video information network should be adopted by the police and installed in the police situation room. Fourth, during the recovery phase, recovery teams should be injected, added and operated to minimize secondary damage.