• The Journal of the Korea Contents Association
• /
• v.6 no.12
• /
• pp.29-39
• /
• 2006

With the increasing popularity of the wireless network, the vulnerability issue on IEEE 802.1x Wireless Local Area Network (WLAN) are more serious than we expected. Security issues range from mis-configured wireless Access Point(AP) such as session hijacking to Denial of Service(DoS) attack. We propose a new system based on intrusion detection or prevention mechanism to protect the wireless network against these attacks. The proposed system has a security solution on AP that includes an intrusion detection and protection system(IDS/IPS) as an embedded module. In this paper, we suggest integrated wireless IDS/IPS module on AP with wireless traffic monitoring, analysis and packet filtering module against malicious wireless attacks. We also present that the system provides both enhanced security and performance such as on the university wireless campus network.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.7
• /
• pp.333-340
• /
• 2005

One of the most important core technologies required for the design of the ITS (Intrusion Tolerance System) that performs continuously minimal essential services even when the network-based computer system is partially compromised because of the external or internal intrusions is the quantitative dependability analysis of the ITS. In this paper, we applied self-healing mechanism, the core technology of autonomic computing to secure the protection power of the ITS. We analyzed a state transition diagram of the ITS composed of a Primary server and a backup server utilizing two factors of self-healing mechanism (fault model and system response) and calculated the availability of ITS through simulation experiments and also performed studies on two cases of vulnerability attack.

• Journal of The Korean Digital Architecture Interior Association
• /
• v.12 no.4
• /
• pp.59-66
• /
• 2012

This study is interested in identifying the effectiveness of alkali-activated fire protection material compounds including the alkali-activator such as potassium hydroxide, sodium silicate and fly ash as the fire resistant finishing materials. Also, this paper is concerned with change in compressive strength and pore structure of the alkali-activated fire protection material at high temperatures. The testing methods of fire protection materials in high temperature properties are make use of TG-DSC and mercury intrusion porosimetry measurements. This study results show that compressive strength is rapidly degraded depending on a rise of heating temperature. Porosity showed a tendency to increase irrespective of specimen types. This is due to both the outbreak of collapse of gel comprising the cement and a micro crack by heating. However, alkali-activated fire protection material composed of potassium hydroxide, sodium silicate and fly ash has the thermal stability of the slight decrease of compressive strength and porosity at high temperature. These thermal stability is caused by the ceramic binding capacity induced by alkali activation reaction by the reason of the thermal analysis result not showing the decomposition of calcium hydrate.

• Journal of Information Technology Applications and Management
• /
• v.24 no.1
• /
• pp.81-91
• /
• 2017

In Korea, "Act on the Development of Cloud Computing and Protection of its Users" has been enforced since September 28, 2015. Many countries implemented 'Cloud First' policies and global companies such as Amazon, Microsoft, IBM started cloud services in Korea. Under these circumstance, the Act was established for developing the cloud computing industry. The Act includes clauses for encouraging the use of private cloud computing by public organizations, supporting small- and medium-size cloud service providers, and utilizing secure cloud computing services by users. However, some terms appear to be similar but have different meanings from "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc." and "Personal Information Protection Act". This generated some confusion and conflicts in relation to providing user information to a 3rd party and notifying the intrusion in the Cloud Computing Act. This paper discusses these issues and suggestions for revision of the Cloud Computing Act.

• Convergence Security Journal
• /
• v.6 no.3
• /
• pp.1-12
• /
• 2006

Malicious codes have been widely documented and detected in information security breach occurrences of Microsoft Windows platform. Legacy information security systems are particularly vulnerable to breaches, due to Window kernel-based malicious codes, that penetrate existing protection and remain undetected. To date there has not been enough quality study into and information sharing about Windows kernel and inner code mechanisms, and this is the core reason for the success of these codes into entering systems and remaining undetected. This paper focus on classification and formalization of type target and mechanism of various Windows kernel-based attacks, and will present suggestions for effective response methodologies in the categories of, "Kernel memory protection", "Process & driver protection" and "File system & registry protection". An effective Windows kernel protection system will be presented through the collection and analysis of Windows kernel and inside mechanisms, and through suggestions for the implementation methodologies of unreleased and new Windows kernel protection skill. Results presented in this paper will explain that the suggested system be highly effective and has more accurate for intrusion detection ratios, then the current legacy security systems (i.e., virus vaccines and Windows IPS, etc) intrusion detection ratios. So, It is expected that the suggested system provides a good solution to prevent IT infrastructure from complicated and intelligent Windows kernel attacks.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.1-13
• /
• 2009

Intrusion detection is a process that identifies the attacks and responds to the malicious intrusion actions for the protection of the computer and the network resources. Due to the fast development of the Internet, the types of intrusions become more complex recently and need immediate and correct responses because the frequent occurrences of a new intrusion type rise rapidly. Therefore, to solve these problems of the intrusion detection systems, we propose a sequential pattern miner for analysis of the alert data in order to support intelligent and automatic detection of the intrusion. Sequential pattern mining is one of the methods to find the patterns among the extracted items that are frequent in the fixed sequences. We apply the prefixSpan algorithm to find out the alert sequences. This method can be used to predict the actions of the sequential patterns and to create the rules of the intrusions. In this paper, we propose an extended prefixSpan algorithm which is designed to consider the specific characteristics of the alert data. The extended sequential pattern miner will be used as a part of alert data analyzer of intrusion detection systems. By using the created rules from the sequential pattern miner, the HA(high-level alert analyzer) of PEP(policy enforcement point), usually called IDS, performs the prediction of the sequence behaviors and changing patterns that were not visibly checked.

• 한국디지털정책학회:학술대회논문집
• /
• 2004.11a
• /
• pp.173-184
• /
• 2004

E-Government security is crucial to the development of e-government. Due to the complexity and characteristics of e-government security, the viable current approaches for security focus on preventing the network intrusion or misusing in advanced and seldom concern of the forensics data attaining for the investigation after the network attack or fraud. We discuss the method for resolving the problem of the e-government security from the different side of view - network forensics approaches? from the thinking of the active protection or defense for the e-government security, which can also improve the ability of emergence response and incident investigation for e-government security.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2005.11a
• /
• pp.259-262
• /
• 2005

This paper addresses the problem of protecting security policies in security mechanisms, such as the detection policy of an Intrusion Detection System. Unauthorized disclosure of such information might reveal the fundamental principles and methods for the protection of the whole network. In order to avoid this risk, we suggest two schemes for protecting security policies in Snort using the symmetric cryptosystem, Triple-DES.

• ETRI Journal
• /
• v.25 no.6
• /
• pp.423-436
• /
• 2003

This paper describes our design of a contents distribution framework that supports transparent distribution of digital contents on the Internet as well as copyright protection of participants in the contents distribution value chain. Copyright protection must ensure that participants in the distribution channel get the royalties due to them and that purchasers use the contents according to usage rules. It must also prevent illegal draining of digital contents. To design a contents distribution framework satisfying the above requirements, we first present four digital contents distribution models. On the basis of the suggested distribution models, we designed a contract system for distribution of royalties among participants in the contents distribution channel, a license mechanism for enforcement of contents usage to purchasers, and both a packaging mechanism and a secure client system for prevention of illegal draining of digital contents.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2113-2116
• /
• 2003

이 논문에서는 리눅스 기반VDPM(Virus Detection Protection Management)시스템을 제안하고 개발한 응용SW로 감지, 차단 및 관리 방법을 제시한다. 제안된 LVPM시스템은 첫째특정탐색 및 전체탐색 알고리듬에 의하여 개발된 VDPM시스템은 신종 바이러스까지 탐지하는 모든 종류의 바이러스 탐지(VDPM_hawkeye) 모듈, Virus첵크하는 감시 및 Virus첵크후 친정, 제거하는 방지(VDPM_medic)모듈, DB를 update하는 기능을 가지는 관리(VDPM_manager)모듈과 원격 DB관리 및 Virus결과 보고 기능 (VDPM_reporter) 모듈로 되어 있으며 지능적인 Virus방지 시스템, 둘째 네트워크 패킷을 분석하여 네트워크를 통한 침 바이러스 탐지 및 대응 시스템과 셋째 네트워크 패킷을 분석하여 네트워치를 통한 네트워크형 악성 소프트웨어 대응 시스템을 포함한 바이러스 보호 통합 시스템을 구현하였다. 더불어 호스트와 네트웍기반의 통합적인 IDS가 방화벽(Firewall)시스템과 연동하여 IDS 단독 차단이 불가능한 공격을 차단하는 소프트웨어 시스템을 개발하는 것이며 관리자가 사용하기 쉬운 GUI환경으로 구현하였고 대규모 분산 네트워크 환경에서 효율적인 리눅스기반 침입탐지방지관리 솔루션을 제시한다.