• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.201-208
• /
• 2016

The purpose of Email system is used to transmit important information between companies in today. But Email system has vulnerabilities such that changing email address of sender by attacker. So it is important to authenticate mail server and user using mail server. This paper proposed mail proxy located between mail servers that evaluate authority and authenticate sender and receiver. The proposed email platform has some functions to compose trusted domain and to authenticate mail servers in the domain. Also, if sender and recipient are valid users in mail system, each exchanges a key for confidentiality and the sender sends an e-mail encrypted with exchanged key to recipient. In this paper, we propose a key exchange scheme in proposed platform and verify this protocol using Casper which is the formal analysis tool. In the future research, we will study the overall platform of the domain configuration for the security of mail.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.11B
• /
• pp.730-735
• /
• 2005

While the E-mail is a important way of fast communication in these days. it is real that the E-mail is often misused as a commercial advertisement method and creates many social problems. Even though various filtering techniques for blocking spam mails have been developed, reliability of mail systems is decreased by misreading normal mails as spam mails, i.e. false-positive errors. In this paper, the SMBC(Spam Mail Blocking Center) platform employing spam mail recovery method based on privacy information is proposed and designed. The SMBC is designed in frame layer based on spam blocking system of proxy sewer and can be physically implemented in various topology so that flexible development with layered module is possible. Using privacy information makes the proposed SMBC platform minimize processing load and false-positive error rates so that it can improve mail system reliabilities.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.05a
• /
• pp.108-112
• /
• 2002

인터넷을 이용한 여러 응용 서비스들 중에서 저렴한 비용으로 음성을 전송할 수 있는 VoIP 서비스의 발전으로 사용자의 급격한 증가가 예상된다. VoIP에 mobility, universal number, multiparty conference, voice mail, automatic call distribution과 같은 고품질의 서비스를 제공하기 위해서는 시그널링이 가능한 표준화된 프로토콜이 필요하다. 현재 IETF의 SIP(Session Initiation Protocol)가 빠른 호 설정과 parsing 및 compile이 쉬운 장점으로 인해 SIP를 기반으로 한 VoIP 서비스를 제공하기 위해 국내외적으로 SIP 기반 구성요소에 대한 개발에 박차를 가하고 있다. 본 논문에서는 사용자가 보내는 request(INVITE) method를 처리해주는 SIP 서버의 부하 경감, 망 운용의 효율성, 많은 사용자에 대한 서비스를 제공하기 위해 새로운 서버 유형인 Hybrid형 SIP 서버를 제시하고자 한다.

• Journal of the Korea Society for Simulation
• /
• v.11 no.2
• /
• pp.1-16
• /
• 2002

The need for network security is being increasing due to the development of information communication and internet technology. In this paper, firewall models, operating system models and other network component models are constructed. Each model is defined by basic or compound model, referencing DEVS formalism. These models and the simulation environment are implemented with MODSIM III, a general purpose, modular, block-structured high-level programming language which provides direct support for object-oriented programming and discrete-event simulation. In this simulation environment with representative attacks, the following three attacks are generated, SYN flooding and Smurf attack as an attack type of denial of service, Mail bomb attack as an attack type of e-mail. The simulation is performed with the models that exploited various security policies against these attacks. The results of this study show that the modeling method of packet filtering system, proxy system, unix and windows NT operating system. In addition, the results of the simulation show that the analysis of security performance according to various security policies, and the analysis of correlation between availability and confidentiality according to security empowerment.

• Journal of Korea Multimedia Society
• /
• v.4 no.5
• /
• pp.377-389
• /
• 2001

It has a tendency to build Workflow Systems based on the web with the spread of web environment. The important function in Workflow Systems are to automatize job flow according to the predefined regulations, procedures or conditions. Hence, there needs to consider excluding passive jobs, supporting GUI and a migratory information processing for information flow. Distributed Workflow System for workflow of a distributed service system should perform transfer control and Fault-Tolerance between tasks based on process logic, and real time processing. However, the existing mail systems being used are just for transmission and it doesn't fit to automatize job flow. To solve the matter, there needs a Distributed Workflow Engine to design workflow and automatize its control. In this paper, we design a web browser with graphic interface using web mail, a browser creating a script code for a procedural performance. Also, we design a Process-engine has a Preprocessor which tolerates process scheduler for task transaction or server node's faults on distributed environment. The proposed system enhances the reliability and usability of a system reduces the cost rather than a workflow system based on database, for they execute as proxy for a server's fault or suers' absence.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.273-277
• /
• 2013

Phishing attacks have been implemented in smarter, more advanced ways with the passage of time. Hackers use intelligent phishing attacks to take over computers and to penetrate internal networks in major organizations. So, in this paper, a model for a prevention of phishing attack spread is conceptual designed in order to protect internal users and sensitive or important information from sophisticated phishing attacks. Internal users simultaneously utilize both external web and organizational mail services. And hackers can take the both side equally as a vector. Thus, packets in each service must be monitored and stored to recognize threatening elements from both sides. The model designed in this paper extends the mail server based security structure used in conventional studies for the protection of Internet mail services accessed by intranet users. This model can build a list of phishing sites as the system checks e-mails compared to that of the method that directly intercepts accesses to phishing sites using a proxy server, so it represents no standby time for request and response processes.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.6
• /
• pp.1593-1602
• /
• 1998

In this paper, a hybrid firewall system using the screening router, dual-homed gateway, screened host galeway and the application level gateway is proposed, The screened host gateway is comjXlsed of screening router, DMZ and bastion host. All external input traffics are filtered by screening router with network protrcol filtering, and transmitted to the bastion host performing application level filtering, The dual homed gateway is an internlediate equipment prohibiting direct access from external users, The application level gateway is an equipment enabling transmission using only the proxy server. External users can access only through the public servers in the DMZ, but internal users can aeee through any servers, The rule base which allows Telnet only lo the adrnilllslratol is applied to manage hosts in the DMZ According to the equipmental results, denial of access was in orderof Web. Mail FTP, and Telnet. Access to another servers except for server in DMZ were denied, Prolocol c1mials of UDP was more than that of TCP, because the many hosts broadcasted to networds using BOOTP and NETBIOS, Also, the illegal Telnet and FTP that transfer to inside network were very few.