• Title/Summary/Keyword: Network Security System

Search Result 2,742, Processing Time 0.035 seconds

Simulation of Detecting the Distributed Denial of Service by Multi-Agent

  • Seo, Hee-Suk;Lee, Young-Won
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 2001.10a
    • /
    • pp.59.1-59
    • /
    • 2001
  • The attackers on Internet-connected systems we are seeing today are more serious and more technically complex than those in the past. Computer security incidents are different from many other types of crimes because detection is unusually difficult. So, network security managers need a IDS and Firewall. IDS (Intrusion Detection System) monitors system activities to identify unauthorized use, misuse or abuse of computer and network system. It accomplishes these by collecting information from a variety of systems and network resources and then analyzing the information for symptoms of security problems. A Firewall is a way to restrict access between the Internet and internal network. Usually, the input ...

  • PDF

Policy-based Security System Modeling using Vulnerable Information (취약성 정보를 활용한 정책 기반 보안 시스템 모델링)

  • Sea, Hee-Suk;Kim, Dong-Soo;Kim, Hee-Wan
    • Journal of Information Technology Services
    • /
    • v.2 no.2
    • /
    • pp.97-109
    • /
    • 2003
  • As the importance and the need for network security is increased, many organization uses the various security systems. They enable to construct the consistent integrated security environment by sharing the vulnerable information among firewall, intrusion detection system, and vulnerable scanner. And Policy-based network provides a means by which the management process can be simplified and largely automated. In this article we build a foundation of policy-based network modeling environment. The procedure and structure for policy rule induction from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Based) is conducted. It also transforms the policy rules into PCIM (Policy Core Information Model).

A Study on the Defense Information System Security Guideline for Network Centric Warfare (네트워크 중심전(NCW)하의 국방정보체계 제대별/기능별 정보보호지침 연구)

  • Kwon, Moon-Taek
    • Convergence Security Journal
    • /
    • v.8 no.3
    • /
    • pp.9-18
    • /
    • 2008
  • Information security is a critical issue for network centric warfare(NCW). This paper provides defense information system security guidelines for NCW, which is a result of the research through a group decision making process. The purpose of the research is to intended to help military officers establish information system security measures within their organization.

  • PDF

A Policy-based Secure Framework for Constructing Secure Networking (안전한 네트워크 구성을 위한 정책기반 보안 프레임워크)

  • 박상길;장종수;손승원;노봉남
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.27 no.8C
    • /
    • pp.748-757
    • /
    • 2002
  • Cyber-terror trials are increased in nowadays and these attacks are commonly using security vulnerability and information gathering method by variable services grew by the continuous development of Internet Technology. IDS's application environment is affected by this increasing Cyber Terror. General Network based IDS detects intrusion by signature based Intrusion Detection module about inflowing packet through network devices. Up to now security in network is commonly secure host, an regional issue adopted in special security system but these system is vulnerable intrusion about the attack in globally connected Internet systems. Security mechanism should be produced to expand the security in whole networks. In this paper, we analyzer the DARPA's program and study Infusion Detection related Technology. We design policy security framework for policy enforcing in whole network and look at the modules's function. Enforcement of security policy is acted by Intrusion Detection system on gateway system which is located in network packet's inflow point. Additional security policy is operated on-line. We can design and execute central security policy in managed domain in this method.

An Efficient Method for Analyzing Network Security Situation Using Visualization (시각화 기반의 효율적인 네트워크 보안 상황 분석 방법)

  • Jeong, Chi-Yoon;Sohn, Seon-Gyoung;Chang, Beom-Hwan;Na, Jung-Chan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.3
    • /
    • pp.107-117
    • /
    • 2009
  • Network administrator recognizes the abnormal phenomenon in the managed network by using the alert messages generated in the security devices including the intrusion detection system, intrusion prevention system, firewall, and etc. And then the series of task, which searches for the traffic related to the alert message and analyzes the traffic data, are required to determine where the abnormal phenomenon is the real network security threat or not. There are many alert messages to have to inspect in order to determine the network security situation. Also the much times are needed so that the network administrator can analyze the security condition using existing methods. Therefore, in this paper, we proposed an efficient method for analyzing network security situation using visualization. The proposed method monitors anomalies occurred in the entire IP address's space and displays the detail information of a security event. In addition, it represents the physical locations of the attackers or victims by linking GIS information and IP address. Therefore, it is helpful for network administrator to rapidly analyze the security status of managed network.

Coordination among the Security Systems using the Blackboard Architecture (블랙보드구조를 활용한 보안 모델의 연동)

  • 서희석;조대호
    • Journal of Institute of Control, Robotics and Systems
    • /
    • v.9 no.4
    • /
    • pp.310-319
    • /
    • 2003
  • As the importance and the need for network security are increased, many organizations use the various security systems. They enable to construct the consistent integrated security environment by sharing the network vulnerable information among IDS (Intrusion Detection System), firewall and vulnerable scanner. The multiple IDSes coordinate by sharing attacker's information for the effective detection of the intrusion is the effective method for improving the intrusion detection performance. The system which uses BBA (Blackboard Architecture) for the information sharing can be easily expanded by adding new agents and increasing the number of BB (Blackboard) levels. Moreover the subdivided levels of blackboard enhance the sensitivity of the intrusion detection. For the simulation, security models are constructed based on the DEVS (Discrete Event system Specification) formalism. The intrusion detection agent uses the ES (Expert System). The intrusion detection system detects the intrusions using the blackboard and the firewall responses to these detection information.

A Study on Five Levels of Security Risk Assessment Model Design for Ensuring the u-Healthcare Information System (u-헬스케어시스템의 정보보안 체계 확보를 위한 5단계 보안위험도 평가모델 설계)

  • Noh, Si Choon
    • Convergence Security Journal
    • /
    • v.13 no.4
    • /
    • pp.11-17
    • /
    • 2013
  • All u-Health system has security vulnerabilities. This vulnerability locally(local) or network(network) is on the potential risk. Smart environment of health information technology, Ad-hoc networking, wireless communication environments, u-health are major factor to increase the security vulnerability. u-health care information systems user terminal domain interval, interval public network infrastructure, networking section, the intranet are divided into sections. Health information systems by separating domain specific reason to assess vulnerability vulnerability countermeasure for each domain are different. u-Healthcare System 5 layers of security risk assessment system for domain-specific security vulnerability diagnosis system designed to take the security measures are needed. If you use this proposed model that has been conducted so far vaguely USN-based health information network security vulnerabilities diagnostic measures can be done more systematically provide a model.

Device Identification System for Corporate Internal Network Visibility in IoT Era (IoT 시대 기업 내부 네트워크의 가시성 확보를 위한 단말 식별 시스템 설계)

  • Lee, Dae-Hyo;Kim, Yong-Kwon;Lee, Dong-Bum;Kim, Hyeob
    • Convergence Security Journal
    • /
    • v.19 no.3
    • /
    • pp.51-59
    • /
    • 2019
  • In this paper, we propose a device identification system for network visibility that can maintain the secure internal network environment in the IoT era. Recently, the area of enterprise network is getting huge and more complicated. Not only desktops and smartphones but also business pads, barcode scanners, APs, Video Surveillance, digital doors, security devices, and lots of Internet of Things (IoT) devices are rapidly pouring into the business network, and there are highly risk of security threats. Therefore, in this paper, we propose the device identification system that includes the process and module-specific functions to identify the exploding device in the IoT era. The proposed system provides in-depth visibility of the devices and their own vulnerabilities to the IT manager in company. These information help to mitigate the risk of the potential cyber security threats in the internal network and offer the unified security management against the business risks.

Event Log Validity Analysis for Detecting Threats by Insiders in Control System

  • Kim, Jongmin;Kang, Jiwon;Lee, DongHwi
    • Journal of information and communication convergence engineering
    • /
    • v.18 no.1
    • /
    • pp.16-21
    • /
    • 2020
  • Owing to the convergence of the communication network with the control system and public network, security threats, such as information leakage and falsification, have become possible through various routes. If we examine closely at the security type of the current control system, the operation of the security system focuses on the threats made from outside to inside, so the study on the detection system of the security threats conducted by insiders is inadequate. Thus, this study, based on "Spotting the Adversary with Windows Event Log Monitoring," published by the National Security Agency, found that event logs can be utilized for the detection and maneuver of threats conducted by insiders, by analyzing the validity of detecting insider threats to the control system with the list of important event logs.

A Study on Scheme of Automatical Security Analysis Tools for Information Security System (정보보호 시스템 보안성 자동 분석 방법 연구)

  • Kim, Jeom-Goo;Kim, Tae-Eun
    • Convergence Security Journal
    • /
    • v.8 no.1
    • /
    • pp.117-127
    • /
    • 2008
  • The backwardness of Domestic security management system tend to depend on foreign security companies which have advanced technology. The appearance risk to flow out confidential affairs of domestic enterprises and public organizations to foreign countries. In this regard, this paper is implement and designed automatic security analysis system for secure public network. This system is to offer enhanced security quality of public organizations and reducing the dependence on foreign companies. And maintains security analysis technique for public network.

  • PDF