• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.9
• /
• pp.675-684
• /
• 2009

Internet worm can cause a traffic problem through DDoS(Distributed Denial of Services) or other kind of attacks. In those manners, it can compromise the internet infrastructure. In addition to this, it can intrude to important server and expose personal information to attacker. However, current detection and response mechanisms to worm have many vulnerabilities, because they only use local characteristic of worm or can treat known worms. In this paper, we propose a new framework to detect unknown worms. It uses macroscopic characteristic of worm to detect unknown worm early. In proposed idea, we define the macroscopic behavior of worm, propose a worm detection method to detect worm flow directly in IP packet networks, and show the performance of our system with simulations. In IP based method, we implement the proposed system and measure the time overhead to execute our system. The measurement shows our system is not too heavy to normal host users.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.6
• /
• pp.1100-1105
• /
• 2017

In this paper, we propose a power control technique for D2D communication in the heterogenous network consisting of cellular and D2D communication systems. Although the transmit signal of D2D communication degrades the performance of cellular system by interfering the signal reception at CU in the conventional heterogenous networks without eavesdroppers, it can be utilized as jamming signal for preventing other devices from recovering the transmitted information if there are eavesdroppers in the network. The proposed power control technique maximizes the achievable rate of D2D communication while ensuring the target security performance of cellular communication system. Through simulation results, we validate the analysis results and compare the performance with the conventional D2D communication scheme that utilizes its full transmit power for maximizing the achievable rate regardless of the performance of cellular system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1411-1420
• /
• 2015

Lawful interception(LI) standard of telephone networks has technical limitations to lawfully intercept IMS/SIP-based mobile communication network subscriber who using Android and iPhone device. In addition, the technical standards related to legal interception of the IMS/SIP of the wireless network is insufficient compared to the systematic study of the development of a wireless network infrastructure. The architecture proposed in the standard of ETSI(European Telecommunications Standards Institute) for the seamless LI is insufficient to overcome the limitations of traditional voice-centric LI techniques. This paper proposes an IMS/SIP-based architecture to perform LI under 3G networks that focuses on mobility-supported environments with merging cellular networks and the Internet. We implemented the simulation to verify the efficiency of the proposed architecture, and the experimental results show that our method achieves higher lawful interception rate than that of existing interception methods.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.42 no.2 s.302
• /
• pp.59-68
• /
• 2005

The amount of digitalized contents has been rapidly increased, but the main distribution channel of them is Internet which is easily accessible. Therefore 'security' necessarily arises as one of the most important issues and the method of protecting contents becomes a major research topic as much as data coding techniques. In recent years, many developers have studied on techniques that allow only authorized person to access contents. Among them the scrambling method is one of well-known security techniques. In this paper, we propose a simple and effective digital video scrambling method which utilizes the intra block properties of a recent video coding technique, H.264. Since intra prediction modes are adopted in H.264 standard, it is easy to scramble a video sequence with modification of the intra prediction modes. In addition to its simplicity, the proposed method does not increase bit rate after scrambling. The inter blocks are also distorted by scrambling intra blocks only. This paper introduces a new digital video scrambling method and verifies its effectiveness through simulation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2B
• /
• pp.91-97
• /
• 2006

As increasing the network bandwidth, the threat of a network also increases with emerging various new services. For a high-performance network security, It is generally used that high-speed packet classification methods which employ hardware like TCAM. There needs an method using these devices efficiently because they are expensive and their capacity is not sufficient. In this paper, we propose an efficient packet classification using a Ternary-CAM(TCAM) which is widely used device for high-speed packet classification in which we have applied Snort rule set for the well-known intrusion detection system. In order to save the size of an expensive TCAM, we have eliminated duplicated IP addresses and port numbers in the rule according to the partitioning of a table in the TCAM, and we have represented negation and range rules with reduced TCAM size. We also keep advantages of low TCAM capacity consumption and reduce the number of TCAM lookups by decreasing the TCAM partitioning using combining port numbers. According to simulation results on our TCAM partitioning, the size of a TCAM can be reduced by upto 98$\%$ and the performance does not degrade significantly for high-speed packet classification with a large amount of rules.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.39-47
• /
• 2002

This paper deals with study of a new framework for the traceback of distributed DoS(Denial of Service) attacks in the Internet, in which many sources flood "spoofed" IP packets towards a single victim. In our scheme, the destination host traces those anonymous packets' losses, and infers the logical end-to-end paths back towards the sources. This method is based on the fact that there is a strong correlation between packet losses when those packets traverse along a same route, and the simulation results show high probabilities of detecting the topology under a certain condition. Compared with previous approaches, our scheme has a number of distinct features: It can be performed in realtime or non-realtime, without any supports of routers or ISPs. Our results may be applied to the inference of physical topology and to support previous approaches.pproaches.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.17-23
• /
• 2016

Wireless sensor-actuator networks (WSANs) enhance the existing wireless sensor networks (WSNs) by equipping sensor nodes with an actuator. The actuators work with the sensor nodes and perform application-specific operations. The WSAN systems have several applications such as disaster relief, intelligent building, military surveillance, health monitoring, and infrastructure security. These applications require capability of reliable data transfer to act responsively and accurately. Biologically inspired modeling techniques have received considerable attention for achieving robustness, scalability, and adaptability, while retaining individual simplicity. In this paper, an epidemic-inspired algorithm for data dissemination with delay constraints while minimizing energy consumption in WSAN is proposed. The steady states and system stability are analyzed using control theory. Also, simulation results indicate that the proposed scheme provides desirable dissemination delay and energy saving.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2895-2921
• /
• 2018

Security has become one of the major concerns in mobile adhoc networks (MANETs). Data and voice communication amongst roaming battlefield entities (such as platoon of soldiers, inter-battlefield tanks and military aircrafts) served by MANETs throw several challenges. It requires complex securing strategy to address threats such as unauthorized network access, man in the middle attacks, denial of service etc., to provide highly reliable communication amongst the nodes. Intrusion Detection and Prevention System (IDPS) undoubtedly is a crucial ingredient to address these threats. IDPS in MANET is managed by Command Control Communication and Intelligence (C3I) system. It consists of networked computers in the tactical battle area that facilitates comprehensive situation awareness by the commanders for timely and optimum decision-making. Key issue in such IDPS mechanism is lack of Smart Learning Engine. We propose a novel behavioral based "Smart Multi-Instance Multi-Label Intrusion Detection and Prevention System (MIML-IDPS)" that follows a distributed and centralized architecture to support a Robust C3I System. This protocol is deployed in a virtually clustered non-uniform network topology with dynamic election of several virtual head nodes acting as a client Intrusion Detection agent connected to a centralized server IDPS located at Command and Control Center. Distributed virtual client nodes serve as the intelligent decision processing unit and centralized IDPS server act as a Smart MIML decision making unit. Simulation and experimental analysis shows the proposed protocol exhibits computational intelligence with counter attacks, efficient memory utilization, classification accuracy and decision convergence in securing C3I System in a Tactical Battlefield environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.2
• /
• pp.17-22
• /
• 2014

Watermarking is one of the methods that insist on a copyright as it append digital signals in digital informations like still mobile image, video, other informations. This paper proposed an improved DCT-based watermarking scheme using quantized coefficients of image. This process makes quantized coefficients through a Discrete Cosine Transform and Quantization. The watermark is embedded into the quantization coefficients in accordance with location(key). The quantized watermarked coefficients are converted to watermarked image through the inverse quantization and inverse DCT. Watermark extract process only use watermarked image and location(key). In watermark extract process, quantized coefficients is obtained from watermarked image through a DCT and quantization process. The quantized coefficients select coefficients using location(key). We perform it using inverse DCT and get the watermark'. Simulation results are satisfied with high quality of image (PSNR) and Normalized Correlation(NC) from the watermarked image and the extracted watermark.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.197-202
• /
• 2018

The world's ageing population continues to rise rapidly while fertility levels have dropped to low rates in many developed and developing countries, and life expectancy is expected to extend compared to previous decades. Because of demographic changes, a new concept of technology should be introduced. Ambient Assisted Living(AAL) is an innovative form of technology that can be used to provide elderly people with quality of life, to live longer and independently, to monitor and assist elderly, and improve social communication. As far as an AAL system are working, however, the dataset size is continuously increasing. As the AAL data increases in size, therefore, the problem of effectively managing it becomes more difficult. In this paper, therefore, we propose a data management scheme for AAL system on the characteristics of the collected AAL data. Simulation results show that the proposed data management scheme allows achieving space efficiencies higher.