• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.6
• /
• pp.1546-1564
• /
• 2012

Pattern-based query processing has not attracted much attention in wireless sensor network though its counterpart has been studied extensively in data stream. The methods used for data stream usually consume large memory and much energy. This conflicts with the fact that wireless sensor networks are heavily constrained by their hardware resources. In this paper, we use piece wise representation to represent sensor nodes' collected data to save sensor nodes' memory and to reduce the energy consumption for query. After getting data stream's and patterns' approximated line segments, we record each line's slope. We do similar matching on slope sequences. We compute the dynamic time warping distance between slope sequences. If the distance is less than user defined threshold, we say that the subsequence is similar to the pattern. We do experiments on STM32W108 processor to evaluate our strategy's performance compared with naive method. The results show that our strategy's matching precision is less than that of naive method, but our method's energy consumption is much better than that of naive approach. The strategy proposed in this paper can be used in wireless sensor network to process pattern-based queries.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2003.09a
• /
• pp.660-663
• /
• 2003

The advanced computer network technology enables connectivity of computers through an open network environment. There has been growing numbers of security threat to the networks. Therefore, it requires intrusion detection and prevention technologies. In this paper, we propose a network based intrusion detection model using Fuzzy Cognitive Maps(FCM) that can detect intrusion by the Denial of Service(DoS) attack detection method adopting the packet analyses. A DoS attack appears in the form of the Probe and Syn Flooding attack which is a typical example. The Sp flooding Preventer using Fuzzy cognitive maps(SPuF) model captures and analyzes the packet information to detect Syn flooding attack. Using the result of analysis of decision module, which utilized FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. The result of simulating the "KDD ′99 Competition Data Set" in the SPuF model shows that the Probe detection rates were over 97 percentages.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.3-17
• /
• 2007

Receiver access control scheme is proposed to protect multicast distribution tree from DoS(Denial-of Service) attack induced by unauthorized use of IGMP(Internet group management protocol), by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP(Content Provider), NSP(Network Service Provider), and group members.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.13-20
• /
• 2009

Recently, as traffic flooding attacks such as DoS/DDoS and Internet Worm have posed devastating threats to network services, rapid detection and proper response mechanisms are the major concern for secure and reliable network services. However, most of the current Intrusion Detection Systems (IDSs) focus on detail analysis of packet data, which results in late detection and a high system burden to cope with high-speed network traffic. In this paper we propose an SNMP-based lightweight and fast detection algorithm for traffic flooding attacks, which minimizes the processing and network overhead of the detection system, minimizes the detection time, and provides high detection rate. The attack detection algorithm consists of three consecutive stages. The first stage determines the detection timing using the update interval of SNMP MIB. The second stage analyzes attack symptoms based on correlations of MIB data. The third stage determines whether an attack occurs or not and figure out the attack type in case of attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2196-2218
• /
• 2017

Multicast communication has been widely used in the Internet. However, multicast communication is vulnerable to DoS attack due to static router configuration. In this paper, HMC, a hopping multicast communication method based on SDN, is proposed to tackle this problem. HMC changes the multicast tree periodically and makes it difficult for the attackers to launch an accurate attack. It also decreases the probability of multicast communication being attacked by DoS and in the meanwhile, the QoS constrains are not violated. In this research, the routing problem of HMC is proven to be NP-complete and a heuristic algorithm is proposed to solve it. Experiments show that HMC has the ability to resist DoS attack on multicast route effectively. Theoretically, the multicast compromised probability can drop more than 0.6 when HMC is adopt. In addition, experiments demonstrate that HMC achieves shorter average multicast delay and better robustness compared with traditional method, and more importantly, it better defends DoS attack.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.4B
• /
• pp.592-598
• /
• 2010

A home network system is made up of subject of cyber attack from a variety factors of threatening, but also have security weakness in cases of hacking, vicious code, worm virus, DoS attack, tapping of communication network, and more. So, the necessity for a security protocol to protect user asset and personal information within a home network is gradually increasing. Thus, this paper designs and suggests a home network security protocol using user authentication and approach-control technology to prevent the threat by unauthorized users towards personal information and user asset in advance by providing the gradual authority to corresponding devices based on authorized information, after authorizing the users with a Public Key Certificate.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1563-1567
• /
• 2005

The Home network system means that information appliances, Home PCs, etc., using wired or wireless network method enable to control and share with peripheral devices such as internet, shared data, a scanner and a printer, and it is networking solution, which intelligent communication will be possible as the system which can do a remote control such as TV Set, refrigerators, air conditioners, DVD players, digital camcorders based on external network using an internet, a potable information terminal and a mobile phone whenever, wherever and freely. In this study, the home network interface solution is used one of the wired network standards, PLC (Power-Line Communication) technology, so we can construct of intelligent home network's home controller without re-build a network at home. On keeping with current waves of thought, we will focus on a home controller development with great interest which is enabled to do an effective managed control, applying intelligent home network technology which can be new paradigm like a cyber apartment.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.41-46
• /
• 2013

Routing protocol using in the existing wire network cannot be used as it is for efficient data transmission in MANET. Because it consists of only mobile nodes, network topology is changing dynamically. Therefore, each mobile node must perform router functions. Variety of routing attack like DoS in MANET is present owing to these characteristic. In this paper, we proposed cooperative-based detection method to improve detection performance of flooding attack which paralyzes network by consuming resource. Accurate attack detection is done as per calculated adaptively threshold value considered the amount of all network traffic and the number of nodes. All the mobile nodes used a table called NHT to perform collaborative detection and apply cluster structure to the center surveillance of traffic.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.715-717
• /
• 2003

DoS (Denial of Service) 공격은 주로 victim 호스트에 대량의 패킷을 보내거나 비정상적인 패킷을 보냄으로써 정상 사용자가 서비스를 이음하지 못하도록 하는 공격을 의미한다. 이러한 DoS 공격을 탐지하기 위해 다양한 기법들이 개발되어 왔으나, 공격의 종류와 방법은 시간이 흐를수록 매우 다양해지고 있어 이를 탐지하는데 한계가 있다. 본 논문에서는 네트워크 패킷의 헤더정보를 감사 자료로 가지고 있는 NIDS (Network-based Intrusion Detection System)에 데이터 마이닝 기법을 적용기켜 이러한 DoS 공격을 탐지할 수 있는 기법을 제안한다. 이 기법을 이용하면 빠르고 자동화된 방법으로 DoS 공격을 탐지할 수 있다. 본 논문에서는 제안 기법을 이용하여 SYN Flooding 공격과 Teardown 공격에 대한 탐지가 가능함을 보인다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.4
• /
• pp.69-78
• /
• 2023

With the global rise of digital data, the uncontrolled quantity of data is susceptible to cyber warfare or cyber attacks. Therefore, it is necessary to improve cyber security systems. This research studies the behavior of malicious acts and uses Higuchi Fractal Dimension (HFD), which is a non-linear mathematical method to examine the intricacy of the behavior of these malicious acts and anomalies within the cyber physical system. The HFD algorithm was tested successfully using synthetic time series network data and validated on real-time network data, producing accurate results. It was found that the highest fractal dimension value was computed from the DoS attack time series data. Furthermore, the difference in the HFD values between the DoS attack data and the normal traffic data was the highest. The malicious network data and the non-malicious network data were successfully classified using the Receiver Operating Characteristics (ROC) method in conjunction with a scaling stationary index that helps to boost the ROC technique in classifying normal and malicious traffic. Hence, the suggested methodology may be utilized to rapidly detect the existence of abnormalities in traffic with the aim of further using other methods of cyber-attack detection.