• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.2
• /
• pp.39-46
• /
• 2011

Privacy IP hacking problems such as invasion of privacy, password cracking, voice wiretapping and internet over charged occurred, because VoIP internet voice phone service gradually spread. This thesis attempted to attack the VoIP service network by application. First use application to spoof IP address then attempted wiretap the VoIP service and sends a lot of messages to disturb service movement. At this point, we connected VoIP soft terminal, so we can operate real-time filtering operator to block the SIP Flooding offence by monitor the traffic and detect the location where it got attacked. This thesis used experiment to prove it is possible to detect the offence and defend from SIP Flooding offence.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.9
• /
• pp.73-80
• /
• 2018

In this paper, we propose a new type of client server environment to improve the architecture vulnerable to hacking in an existing client server environment. On the server side, move the existing Web server to the client side and This is a way for clients to communicate only the data they need and suggests a structure that completely blocks the web attack itself to the server. This can completely prevent a server from being hacked, spreading malicious code and hacking data on a server. It also presents a new paradigm that will not affect servers even if malware is infected with client PCs. This paper validates the proposed environment through BBS (Big Bad Stick) hardware in the form of USB on the client side. This study proof that secure services are provided through encryption communication with server-side security equipment, indicating that this study is a system with new security.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.623-624
• /
• 2009

본 논문에서는 신경망의 오류 역전파(Backpropagation) 학습 알고리즘을 이용한 얼굴의 정상 비정상을 인식하는 보안 시스템을 제안하였다. 제안된 시스템은 정지영상 및 동영상에서 입력된 얼굴영상을 전처리 단계에서 얼굴영역을 검출하여 $160{\times}160$ 크기의 고정 크기로 확대 및 축소 작업을 거친다. Mosaic 처리와 LaplacianEdge 처리를 거쳐 $40{\times}40$ 크기로 이진화한 정규화 데이터를 Gravity-Center 처리를 한다. 오류 역전파 학습 알고리즘으로 얼굴의 특징을 학습한 후 각종 정상 및 비정상 얼굴 데이터를 이용하여 인식률을 실험 하였다. 실험데이터는 이 분야의 공인 자료인 LFW Face Database[7] 데이터를 사용하였으며, 실험결과는 제안된 방법이 문제 해결에 적합한 접근임을 보여준다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.477-478
• /
• 2024

본 논문에서는 관련 지식이 없더라도 취약한 비밀번호를 사용하는 AP(Access Point)를 빠르고 편하게 점검할 수 있는 소형 해킹 장치를 제안한다. 터치 디스플레이를 이용한 입출력 장치의 통합으로 휴대성을 극대화시켰다. 필요한 정보를 특정하여 출력하고, 숫자 입력만으로 프로그램을 제어하며, AP의 보안 프로토콜 유형을 자동으로 인식하여 그에 맞는 공격을 시도하는 등의 사용자의 편의성을 고려한 프로그램 설계로 입력장치의 제한으로 인해 생길 수 있는 불편함을 해소하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.800-803
• /
• 2003

Recently the number of internet users has very fast increased, and the number of intrusions has also increased very much. Hence, Security production developed to prevent systems and network from being hacked and intruded. However, hacking and virus getting on automation, intelligence, decentralization, large-scale and concealment. Therefore, Network security service necessary to deal with such threat. In this paper, we investigate about new network security services of trace-back, recovery, network vulnerability analysis, attack prediction and consideration for these services.

• Journal of Information Processing Systems
• /
• v.11 no.1
• /
• pp.104-115
• /
• 2015

Along with the evolution of Internet and its new emerging services, the quantity and impact of attacks have been continuously increasing. Currently, the technical capability to attack has tended to decrease. On the contrary, performances of hacking tools are evolving, growing, simple, comprehensive, and accessible to the public. In this work, network penetration testing and auditing of the Redhat operating system (OS) are highlighted as one of the most popular OS for Internet applications. Some types of attacks are from a different side and new attack method have been attempted, such as: scanning for reconnaissance, guessing the password, gaining privileged access, and flooding the victim machine to decrease availability. Some analyses in network auditing and forensic from victim server are also presented in this paper. Our proposed system aims confirmed as hackable or not and we expect for it to be used as a reference for practitioners to protect their systems from cyber-attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.10
• /
• pp.93-100
• /
• 2017

Current internet has evolved from the sharing and efficiency aspects of information, it is still vulnerable to the fact that the Internet is not secure in terms of security and is not safe to secure of security mechanism. Repeating patches on continuous hacking are continuously demanding additional resources for network or system equipment, and consequently the costs continue to increase. Businesses and individuals alike are speeding up the damage caused by crime like of ransomware, not jusy simple attacks, and businesses and individuals need to respond to cyber security. In addition, the ongoing introduce of security device, and separate of networks for secure transmission of contents in the existing TCP/IP system, but it is still lacking in security. To complement the security implications of this existing TCP/IP Internet Protocol, we intend to propose a Secure Contents Transport System (SCTS) on the network using the CCN concept.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.6
• /
• pp.1320-1326
• /
• 2011

National institutions on the importance of information security is being recognized, information security laws are being discussed in Congress 3.4 DDoS incident and Nonghyup hacking, etc. However, National Assembly Secretariat when the results of the Information Security Consulting has been assessed very low 61.2 points, evaluation of hardware and software in secure areas were vulnerable. This paper, the legislative support agencies National Assembly and National Assembly Secretariat on the network and computer systems, and managerial, technical and physical security elements are analyzed for the status. And network should have the legislative support agencies and system for the physical network separation, DDoS attack response, Virus attack response, hacking attacks response, and Cyber Emergency Response Team/Coordination Center for Cyber infringing design and research through the confidentiality, integrity, availability, access control, authentication and security analysis is based on the evaluation criteria. Through this study, the legislative support agencies to strengthen the security of data and security laws enacted to provide the basis for.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.719-724
• /
• 2004

Recently, since the number of internet users is increasing rapidly and, by using the public hacking tools, general network users can intrude computer systems easily, the hacking problem is getting more serious. In order to prevent the intrusion, it is needed to detect the sign in advance of intrusion in a positive prevention by detecting the various foms of hackers' intrusion trials to know the vulnerability of systems. The existing network-based anomaly detection algorithms that cope with port- scanning and the network vulnerability scans have some weakness in intrusion detection. they can not detect slow scans and coordinated scans. therefore, the new concept of algorithm is needed to detect effectively the various forms of abnormal accesses for intrusion regardless of the intrusion methods. In this paper, SPAD(Session Pattern Anomaly Detector) is presented, which detects the abnormal service patterns by comparing them with the ordinary normal service patterns.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1079-1090
• /
• 2012

As the number of information asset and their vulnerabilities are increasing, it becomes more difficult for network security administrators to assess security vulnerability of their system and network. There are several researches for vulnerability analysis based on quantitative approach. However, most of them are based on experts' subjective evaluation or they require a lot of manual input for deriving quantitative assessment results. In this paper, we propose HRMS(Hacking and Response Measurement System) for enumerating attack path using automated vulnerability measurement automatically. HRMS can estimate exploitability of systems or applications based on their known vulnerability assessment metric, and enumerate attack path even though system, network and application's information are not fully given for vulnerability assessment. With this proposed method, system administrators can do proactive security vulnerability assessment.