• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.1
• /
• pp.119-124
• /
• 2003

In this paper, we modeled positive selection and negative selection that is developing process of cytotoxic T-cell that plays important role in biological immune system. Also, we developed change detection algorithm, which is very Important part in detecting data change by intrusion and data infection by computer virus. Proposed method is the algorithm that produces MHC receptor lot recognizing self and antigen detector for recognizing non-self. Therefore, proposed method detects self and intruder by two type of detectors like real immune system. We show the effectiveness and characteristics of proposed change detection algorithm by simulation about point and block change of self file.

• Journal of IKEEE
• /
• v.19 no.1
• /
• pp.58-63
• /
• 2015

This study suggested the mobile intelligent management system based on the cloud service. The mobile intelligent management system are composed of cloud server, middleware and sensor networks. Each modules are controlled on mobile environment and observed operating status of each apparatus for environment. In this pater, the image-based moving detection algorithm applied in order to detect an intruder and average 12.3% are measured in moving detection experiments. it was confirmed the validity of the security device.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.599-600
• /
• 2013

In this paper, a platform of portable cultural assets surveillance system is designed in order to prevent the theft of cultural assets. The platform was designed to take into account the characteristics of the cultural assets for minimizing of the damage of cultural assets. The platform is composed of the portable cultural assets surveillance system and the collaboration network protocol among th surveillance system. If an intruder steals the cultural assets and moves according to the scheduled route, it is expected that the platform has a great role because the platform of portable cultural assets surveillance system can performs the continuous tracking by the collaboration network.

• Journal of Korean Society of Water and Wastewater
• /
• v.27 no.6
• /
• pp.723-730
• /
• 2013

Due to the event of hazardous chemical injection into a water storage tank in Hongseong, Chungcheongnam-do in 2012, the Korean Ministry of Environment has revised the enforcement rules of the Water Supply and Waterworks Installation Act to install surveillance equipments such as closed-circuit television(CCTV). However, the enforcement rules still do not provide concrete provision for installation of physical security equipments. Thus we studied vulnerability of small-scale water supplies in Korea and developed guidelines for the physical security system of the facilities. The guidelines include selection and recommendation of the physical security approaches and measures to detect, delay and response to the presence of an intruder in small-scale water supplies. The security features include protection utilities(e.g., fencing and fence topping), exterior intrusion detectors and alarms, locks and padlocks, surveillance utilities(e.g., CCTV), and others.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4604-4623
• /
• 2014

Authentication mechanisms coupled with strong encryption techniques are used for network security purposes; however, given sufficient time, well-equipped intruders are successful for compromising system security. The authentication protocols often fail when they are analysed critically. Formal approaches have emerged to analyse protocol failures. In this study, Communicating Sequential Processes (CSP) which is an abstract language designed especially for the description of communication patterns is employed. Rank functions are also used for verification and analysis which are helpful to establish that some critical information is not available to the intruder. In order to establish this, by assigning a value or rank to each critical information, it is shown that all the critical information that can be generated within the network have a particular characterizing property. This paper presents an application of rank functions approach to an authentication protocol that combines delaying the decryption process with timed authentication while keys are dynamically renewed under pseudo-secure situations. The analysis and verification of authentication properties and results are presented and discussed.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06c
• /
• pp.304-306
• /
• 2006

21세기 정보혁명을 바탕으로 전쟁의 양상은 정보전, 네트워크 및 컴퓨터 중심의 사이버전과 같은 새로운 전쟁 패러다임으로 변화하고 있다. 이러한 정보전에 대비하여 국방정보체계에 다양한 정보보호시스템을 설치하여 사용하고 있다. 그러나 국방정보체계 환경에 현재까지 배치된 정보보호시스템들은 침해 사고에 대한 탐지 및 보고 등의 수동적인 대응만을 지원한다. 그러므로 발생한 공격에 대한 대응을 마련하더라도 동일한 공격자가 동일한 목표 시스템에 대하여 또 다른 공격 기술을 이용하여 재침입이 가능하다. 이를 방어하기 위하여 공격에 대한 능동적인 대응이 필요하다. 대표적인 능동 대응 기술인 침입자 역추적은 시스템 및 네트워크에 대하여 공격을 시도하는 침입자의 네트워크 상의 실제 위치를 추적하는 기술이다. 침해 사고를 근본적으로 차단하기 위하여 침입자의 실제 신분 확인이 필수적이다. 이를 위하여 본 논문에서는 침입자 역추적 기술을 분석하고 국방정보체계 환경을 위한 세션분석기반의 침입자 역추적 기술을 제안한다. 또한 이 기술을 기반으로 구현한 침입자 역추적 시스템을 소개한다.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.3-13
• /
• 2017

As security log plays important roles in various fields, the integrity of log data become more and more important. Especially, the stored log data is an immediate target of the intruder to erase his trace in the system penetrated. Several theoretical schemes to guarantee the forward secure integrity have been proposed, even though they cannot provide the integrity of the log data after the system is penetrated. Authentication tags of these methods are based on the linear-hash chain. In this case, it is difficult to run partial validation and to accelerate generating and validating authentication tags. In this paper, we propose a log authentication mechanism, based on Mekle Tree, which is easy to do partial validation and able to apply multi threading.

• Journal of Digital Contents Society
• /
• v.10 no.3
• /
• pp.479-484
• /
• 2009

Security system of wireless network take on importance as use of wireless network increases. Detection and opposition about that is difficult even if attack happens because MANET is composed of only moving node. And it is difficult that existing security system is applied as it is because of migratory nodes. Therefore, system is protected from malicious attack of intruder in this environment and it has to correspond to attack immediately. In this paper, we propose intrusion detection system using cluster head in order to detect malicious attack and use resources efficiently. we used method that gathering of rules is defined and it judges whether it corresponds or not to detect intrusion more exactly. In order to evaluate performance of proposed method, we used blackhole, message negligence, jamming attack.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.2
• /
• pp.46-52
• /
• 2002

Trend of wire internet has been transferred to wireless internet gradually due to the spread of mobile phone which made Possible Mobility and portability which wire internet could not afford. Not only front line of business part can access business information but also people can use government information for their daily life without limit of place. The frequent report of larceny and misuse of information has been issued to social sector that the need for IDS considering wire wireless internet. In this paper to design IDS to protect information first, searched wire internet intrusion type, intrusion detection method, and wireless intrusion type. In this paper, first, separate abnormal access at the point of system landing and detect intrusion attack with disguise through mobile wireless internet. Due to the intruder can access system normally with disguise, Circuit Patrol model has been suggested to monitor from intrusion attack.

• The Journal of the Korea Contents Association
• /
• v.13 no.4
• /
• pp.17-22
• /
• 2013

Impersonation attack, based on vulnerable security of SIP, facilitate a intruder to take malicious actions such as toll fraud and session hijacking. This paper suggests a new technique for a countermeasure. When receiving a register request message, registrar checks whether the value of Form header or the value of Call-ID header is stored in location server or not. If the record containing either of them are stored and periodically updated, we regard that message as impersonation attack and discard it. Since this technique uses the information stored in server instead of adding encryption mechanism for user authentication, it can easily build securer SIP environment.