• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1630-1642
• /
• 2016

Inter-domain routing is the most critical function of the Internet. The routing system is a logical network relying on the physical infrastructure with geographical characteristics. Nature disasters or disruptive accidents such as earthquakes, cable cuts and power outages could cause regional failures which fail down geographically co-located network nodes and links, therefore, affect the resilience of inter-domain routing system. This paper presents a model for regional failures in inter-domain routing system called REFER for the first time. Based on REFER, the resilience of the inter-domain routing system could be evaluated on a finer level of the Internet, considering different routing policies of intra-domain and inter-domain routing systems. Under this model, we perform simulations on an empirical topology of the Internet with geographical characteristics to simulate a regional failure locating at a city with important IXP (Internet eXchange Point). Results indicate that the Internet is robust under a city-level regional failure. The reachability is almost the same after the failure, and the reroutings occur at the edge of the Internet, hardly affecting the core of inter-domain routing system.

• Convergence Security Journal
• /
• v.20 no.4
• /
• pp.135-141
• /
• 2020

The Ministry of National Defense is strengthening the power and capacity of cyber operations as cyber protection training is conducted. However, considering the level of enemy cyber attack capability, the level of cyber defense capability of the ministry of national defense is significantly low and the protection measures and response system for responding to cyber threats to military networks are not clearly designed, falling short of the level of cyber security capabilities of the public and private sectors. Therefore, this paper is to investigate and verify the establishment of a military internal network vulnerability mitigation system that applies the intention of attackers, tactics, techniques and procedures information (ATT&CK Framework), identified military internal network main threat information, and military information system security requirements with military specificity as factors that can establish a defense network vulnerability mitigation system by referring to the domestic and foreign cyber security framework It has the advantage of having.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2202-2217
• /
• 2012

The transmission opportunities between nodes in Delay Tolerant Network (DTNs) are uncertain, and routing algorithms in DTNs often need nodes serving as relays for others to carry and forward messages. Due to selfishness, nodes may ask the source to pay a certain reward, and the reward may be varying with time. Moreover, the reward that the source obtains from the destination may also be varying with time. For example, the sooner the destination gets the message, the more rewards the source may obtain. The goal of this paper is to explore efficient ways for the source to maximize its total reward in such complex applications when it uses the probabilistic two-hop routing policy. We first propose a theoretical framework, which can be used to evaluate the total reward that the source can obtain. Then based on the model, we prove that the optimal forwarding policy confirms to the threshold form by the Pontryagin's Maximum Principle. Simulations based on both synthetic and real motion traces show the accuracy of our theoretical framework. Furthermore, we demonstrate that the performance of the optimal forwarding policy with threshold form is better through extensive numerical results, which conforms to the result obtained by the Maximum Principle.

• Journal of Multimedia Information System
• /
• v.6 no.4
• /
• pp.271-282
• /
• 2019

There is a description that you cannot manage what you do not measure. The Korea Ministry of National Defense (MND) is conducting evaluations in various fields to obtain meaningful effects from IT investments, and views that the evaluation of the defense informatization sector is divided into defense informatization policy evaluation and defense informatization project evaluation. The defense informatization level evaluation can measure the informatization level of MND and the armed forces or organizations. Since the evaluation system being studied to measure the level of defense informatization is composed mainly of qualitative metrics, it is necessary to reconstruct it based on quantitative metrics that can guarantee objectivity. In addition, for managing the level of change by evaluation objects, the evaluation system should be designed with a focus on homeostasis of metrics so that it can be measured periodically. Moreover, metrics need to be promoted in terms of performance against targets. To this end, this study proposes to measure the level of defense informatization by dividing it into defense information network, computer systems, interoperability and standardization, information security, information environment, and information system use, and suggests their metrics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.393-399
• /
• 2019

In a situation where an unauthorized SW brought into the organization without being authorized is emerging as a threat to the network security, the security of the network based on the SDN(Software-Defined Network) can be strengthened through the development of the security application considering the organization's characteristics. Security technology of existing SDN environment has been studied to protect internal network from external networks such as firewalls and Intrusion Detection Systems, but the research for resolving insider threat was insufficient. Therefore, We propose a system that protects the internal network from unauthorized SW, which is one of the insider threats in the SDN environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.387-390
• /
• 2009

인터넷의 생활화를 통해 우리 생활 패턴이 크게 변화하였다. 특히 상품 구매의 경우 온라인 시장의 성장과 상품 정보의 범람으로 소비자들의 구매 의사결정은 더욱 어려워졌다. 따라서 효율적인 상품 구매 의사결정을 위해서는 소셜 네트워크 분석(Social Network Analysis)을 기반으로 한 더 가치있는 정보를 선별하여 제공해 줄 수 있는 서비스가 필요하다. 따라서 본 논문에서는 온라인 소셜 네트워크 요소 분석을 통해 상품 후기에 대한 개인화된 가치 측정값 정보를 제공함으로써 소비자의 보다 효율적인 상품 구매가 가능하도록 도와주는 '가치 측정 알고리즘'을 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1153-1165
• /
• 2019

Recently, threats of hacking have been increasing on the national intelligence service network and key infrastructure, including the defense field. The defense information system responds to threats from the outside through the network separation, but if the defense information system is hacked, it has a serious impact on the operations of wartime or peacetime military forces. Today, cyberattacks and threats are rising to unpredictable levels and making it practically impossible to completely block and prevent hacking threats completly. So, in this study proposed a maturity model to assess the level of cyber-resilience, which is the ability to ensure the system's viability and maintain continuity through rapid response and recovery if signs of cyberattacks by the defense information system are expected or occurred. The proposed maturity model is expected to contribute to improving the cyber security level of the defense information system by assessing the level of cyber resilience of the defense information system and identifying and supplementing fields that are lacking.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2231-2252
• /
• 2012

With the prevalence of diverse services-oriented applications, such as IPTV systems and on-line games, the current underlying communication networks face more and more challenges on the aspects of flexibility and adaptability. Therefore, an effective and efficient multicast routing mechanism, which can fulfill different requirements of different personalized services, is critical and significant. In this paper, we first define the neighbor gradient, which is calculated based on the weighted sum of attributes such as residual link capacity, normalized hop count, etc. Then two distributed multicast routing algorithms which are neighbor Gradient-based Multicast Routing for Static multicast membership (GMR-S) and neighbor Gradient-based Multicast Routing for Dynamic multicast membership (GMR-D), are proposed. GMR-S is suitable for static membership situation, while GMR-D can be used for the dynamic membership network environment. Experimental results demonstrate the effectiveness and efficiency of our proposed methods.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.12
• /
• pp.97-105
• /
• 2016

Network-Centric Operational Environment(NCOE) service becomes critical in today's military environment network because reusability of service and interaction are being increasingly important as well in business process. However, the refinement of service by semantic similarity and functional similarity at the business process was not detailed yet. In order to enhance accuracy of refining of business service, in this study, the authors introduce a method for refining service by semantic similarity and functional similarity in BPMN model. The business process are designed in a BPMN model. In this model, candidated services are refined through binding related activities by the analysis result of semantic similarity based on word-net and functional similarity based on properties specification between activities. Then, the services are identified through refining the candidated service. The proposed method is expected to enhance the service identification with accuracy and modularity. It also can accelerate more standardized service refinement developments by the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.71-80
• /
• 2009

Ad-hoc network consists f mobile nodes, which they are together in the communication. However, if some misbehaving nodes are in network, it is faced to many threats. Therefore, detection and management of misbehaving node are necessary to make confident in Ad-hoc networks. To solve this problem, we use Node Weight Management Server(NWMS), which it manage each node's weight in local area. When NWMS detect misbehaving node, it adds the node's weight and if the node's weight exceeds threshold then NWMS broadcasts the node's information to isolate in network. These mechanisms show that they are highly effective and can reliably detect a multitude of misbehaving node.