• Journal of KIISE:Information Networking
• /
• v.28 no.4
• /
• pp.489-497
• /
• 2001

In the coming age of information warfare, information security patterns take on a more offensive than defensive stance. It is necessary to develop an active form of offensive approach to security protection in order to guard vital information infrastructures and thwart hackers. Information security products need to support an automatic response facility without human intervention in order to minimize damage to the attacked system and cope with the intrusion immediately. This paper presents an automatic intrusion response model which is developed on a Self-Extension Monitoring. It also proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested model. The Self-Extension Monitoring using self-protection and replication minimizes spatial limitations on collection of monitoring information and intruder tracing. It enhances the accuracy of intrusion detection and tracing.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.19 no.6
• /
• pp.981-993
• /
• 1994

As the EDI message is the commercial electronic document having legal binding forces, it is necessary to use the method of digital signature for the message integrity and identification between trading partners. This research proposes a new digital multisignature scheme suitable for transmission to multi-destination of the EDI message. The proposed scheme is based on Fiat-Shamir signature scheme and can perform the message authentication suitable for the EDI message. It can verify the message forged by a hash function attack from intruder or intruder. It also can perform the digital signature using smaller hash value than that of Fiat-Shamir signature scheme. When the EDI message is transmitted to multi-destination, all designated receivers can perform the digital signature faster and safer.

• International Journal of Naval Architecture and Ocean Engineering
• /
• v.8 no.5
• /
• pp.423-433
• /
• 2016

In this paper, we consider the cybersecurity issue of ship information system (SIS) from a new perspective which is called opacity. For a SIS, its confidential information (named as "secret") may be leaked through the working behaviors of each Distributed Control Unit (DCU) from an outside observer called an "intruder" which is able to determine ship's mission state by detecting the source of each data flow from the corresponding DCUs in SIS. Therefore we proposed a dual layer mechanism to enforce opacity by activating non-essential DCU during secret mission. This mechanism is calculated by two types of insertion functions: Safety-assured insertion function ($f_{IS}$) and Admissibility-assured insertion function ($f_{IA}$). Due to different objectives, $f_{IS}$ is designed to confuse intruder by constructing a non-secret behaviors from a unsafe one, and the division of $f_{IA}$ is to polish the modified output behaviors back to normal. We define the property of "$I_2$-Enforceability" that dual layer insertion functions has the ability to enforce opacity. By a given mission map of SIS and the marked secret missions, we propose an algorithm to select $f_{IS}$ and compute its matchable $f_{IA}$ and then the DCUs which should be activated to release non-essential data flow in each step is calculable.

• Proceedings of the Ginseng society Conference
• /
• 1987.06a
• /
• pp.59-66
• /
• 1987

Psychotropic actions of crude ginseng saponins(CGS), pure ginsenoslue Rbl(GS-bl) and gin- senoside Rgl(GS-gl) isolated from the root of Panax ginseng, were evaluated by determining their effects on agonistic behavior in male(Experiment 1) and female(Experiment 2) mice, using a biologically relevant method. The results of experiment 1 demonstrated that CGS and GS-bl significantly suppressed aggressive episodes (offensive sideways posture and attack bite) in a dose-dependent manner when the resident was drugged, whereas G5-gl was ineffective. However, when the intruder was treated with one of three ginseng saponins, agonistic behavior between resident and intruder males was not altered. In experiment 2, acute administration of CGS and G5-bl significantly suppressed maternal aggression, whereas GS-gl was ineffective. As compared with the vehicle-treated group, chronic treatment with CGS and GS-bl significantly suppressed maternal aggression, while GS-gl showed a tendency to increase the frequency of attack bite by females. These findings clearly indicate that the root of Panax ginseng contains psychoactive ingredient, which can suppress both intermale and maternal aggression in mice. We suggest that the present results have important implications for the clinical usefulness of ginseng saponins in psychiatric medicine.

• Journal of the Korean Society for Nondestructive Testing
• /
• v.23 no.2
• /
• pp.140-147
• /
• 2003

A detection technique is studied to determine the location and the weight of an intruder into infrastructure using fiber optic ROTDR (Rayleigh optical time domain reflectometry) sensor. Fiber optic sensing plates buried in sand are prepared to measure the intruder effects. The signal of ROTDR was analyzed to confirm the detection performance. The constructed ROTDR system could be used up to 12km at the pulse width of 30ns. The location error was less than 3m and the weight could be detected into three levels of grade, such as 20kgf, 40kgf and 60kgf.

• ETRI Journal
• /
• v.38 no.6
• /
• pp.1145-1152
• /
• 2016

Because the nodes in a wireless sensor network (WSN) are mobile and the network is highly dynamic, monitoring every node at all times is impractical. As a result, an intruder can attack the network easily, thus impairing the system. Hence, detecting anomalies in the network is very essential for handling efficient and safe communication. To overcome these issues, in this paper, we propose a rule-based anomaly detection technique using roaming honeypots. Initially, the honeypots are deployed in such a way that all nodes in the network are covered by at least one honeypot. Honeypots check every new connection by letting the centralized administrator collect the information regarding the new connection by slowing down the communication with the new node. Certain predefined rules are applied on the new node to make a decision regarding the anomality of the node. When the timer value of each honeypot expires, other sensor nodes are appointed as honeypots. Owing to this honeypot rotation, the intruder will not be able to track a honeypot to impair the network. Simulation results show that this technique can efficiently handle the anomaly detection in a WSN.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.11-18
• /
• 2006

In the field of network defense, a lot of researches are directed toward locating the source of network attacks. When an intruder launches attack not from their own computer but from intermediate hosts that they previously compromised, and these intermediate hosts are called stepping-stones. There we two kinds of traceback technologies : IP packet traceback and connection traceback. We focused on connection traceback in this paper This paper classifies process structures of detoured attack type in stepping stone, designs an algorithm for traceback agent, and implements the traceback system based on the agent

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.45-54
• /
• 2001

It is necessary to control security management consistently and respond to an intrusion automatically in order to use the network securely in the single administrative domain. This paper presents a Shadowing Mechanism supporting a dynamic extension of security scheme and proposes an ARTEMIS(Advanced Realtime Emergency Management and Intruder Identification System), which is designed and implemented based on the suggested technique. It is possible for security management system developed on the basis of the Shadowing Mechanism to make all network components working under the same security scheme. It enhances the accuracy of intrusion tracing and automatic response through dynamic extension of space and time for security management.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2001.01a
• /
• pp.298-309
• /
• 2001

This research aims to unravel the significant features of the human immune system, which would be successfully employed for a novel network intrusion detection model. Several salient features of the human immune system, which detects intruding pathogens, are carefully studied and the possibility and the advantages of adopting these features for network intrusion detection are reviewed and assessed.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.11a
• /
• pp.695-698
• /
• 2001

본 논문에서는 보안 침해의 사후 처리 방법으로 이용되는 침입자 역추적 기법 및 시스템에 대해 알아보고, 기존 침입자 역추적 시스템의 특징과 문제점을 파악하여, 역추적에 대한 오버헤드를 초래하지 않으며 보다 효율적으로 작동하는 새로운 역추적 시스템인 이더넷 주소를 이용한 침입자 역추적 시스템을 제안한다.