• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1093-1095
• /
• 2007

As the networking and data communication technology is making progress, there has been an augmented concern about the security. Intrusion Detection and Prevention Systems have long being providing a reliable layer in the field of Network Security. Intrusion Detection System works on analyzing the traffic and finding a known intrusion or attack pattern in that traffic. But as the new technology provides betterment for the world of the Internet; it also provides new and efficient ways for hacker to intrude in the system. Hence, these patterns on which IDS & IPS work need to be updated. For detecting the power and knowledge of attackers we sometimes make use of Honey-pots. In this paper, we propose a Honey-pot architecture that automatically updates the Intrusion's Signature Knowledge Base of the IDS in a Network.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.882-885
• /
• 2003

In this paper, we describe a haptic jacket and wheel as a haptic interface to enhance VR game realism. Building upon the VR game system using this devices, our haptic interface technique allows the user to intuitive interact on game contents, and then to sense the game event properties such as walking, attacking, driving and fire in a natural way. In addition, we extended the initial haptic model to support haptic decoration and dynamic interactions due to the added game event in a real time display. An application example presented here is a VR Dino-Attack game. This game supports interactions among dynamic and our intuitive haptic interface. Modeling physic interactions involves precise collision detection, real-time force computation, and high control-loop bandwidth.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.07a
• /
• pp.121-125
• /
• 2003

In this paper, we propose a framework of Transmission Control Protocol with Software Rejuvenation methodology, which is applicable for network system survivability. This method is utilized to improve the survivability because it can limit the damage caused by successful attacks. The main objectives are to detect intrusions in real time, to characterize attacks, and to survive in face of attacks. To counter act the attacks' attempts or intrusions, we perform the Software Rejuvenation methods such as killing the intruders' processes in their tracks, halting abuse before it happens, shutting down unauthorized connection, and responding and restarting in real time. These slogans will really frustrate and deter the attacks, as the attacker can't make their progress. This is the way of survivability to maximize the deterrence against an attack in the target environment. We address a framework to model and analyze the critical intrusion tolerance problems ahead of intrusion detection on Transmission Control Protocol (TCP).

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.207-210
• /
• 2017

최근 국방부는 우리 군이 운영하는 내부망이 해킹에 의해 공격당한 사실을 발표했다. 국방부는 내부망은 외부와의 망 분리를 통해 안전하게 관리되고 있다고 밝혔지만, 이번 사건으로 군에서 사용하는 내부망에도 악성코드 공격이 가능한 취약점이 존재한다는 사실이 밝혀졌다. 본 논문에서는 국방부에서 사용되는 내부망과 일반적으로 사용하는 외부망에서도 보안을 강화할 수 있는 시스템을 개발했다. 본 시스템은 공격 등급을 적용한 트리를 생성하여 일정 수준이 되면 사용자에게 알리고 공격에 이르기 전에 시스템 단에서 차단이 가능하다. 본 논문에서 개발한 시스템을 사용하면 중요한 국가기밀자료나 지적 재산이 높은 자료를 가진 국가 및 기업들이 데이터를 보호 할 수 있고 시스템이 파괴당하는 것을 사전에 방지하여 물리적인 측면도 이점을 얻을 수 있다.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.64-72
• /
• 2024

In recent times cyber attackers can use Artificial Intelligence (AI) to boost the sophistication and scope of attacks. On the defense side, AI is used to enhance defense plans, to boost the robustness, flexibility, and efficiency of defense systems, which means adapting to environmental changes to reduce impacts. With increased developments in the field of information and communication technologies, various exploits occur as a danger sign to cyber security and these exploitations are changing rapidly. Cyber criminals use new, sophisticated tactics to boost their attack speed and size. Consequently, there is a need for more flexible, adaptable and strong cyber defense systems that can identify a wide range of threats in real-time. In recent years, the adoption of AI approaches has increased and maintained a vital role in the detection and prevention of cyber threats. In this paper, an Ensemble Deep Restricted Boltzmann Machine (EDRBM) is developed for the classification of cybersecurity threats in case of a large-scale network environment. The EDRBM acts as a classification model that enables the classification of malicious flowsets from the largescale network. The simulation is conducted to test the efficacy of the proposed EDRBM under various malware attacks. The simulation results show that the proposed method achieves higher classification rate in classifying the malware in the flowsets i.e., malicious flowsets than other methods.

• Proceedings of the KIEE Conference
• /
• 2004.11c
• /
• pp.15-18
• /
• 2004

In this paper, it is implemented the monitoring system for TV advertisement using video watermark. The functions of an advertisement monitoring system are automatically monitoring for the time, length, and index of the on-air advertisement, saving the log data, and reporting the monitoring result. The performance of the video watermark used in this paper is tested for TV advertisement monitoring. This test includes LAB test and field test. LAB test is done in laboratory environment and field test in actually broadcasting environment. LAB test includes PSNR, distortion measure in image, and the watermark detection rate in the various attack environment such as AD/DA(analog to digital and digital to analog) conversion, noise addition, and MPEG compression The result of LAB test is good for the TV advertisement monitoring. KOBACO and SBS are participated in the field test. The watermark detection rate is 100% in both the real-time processing and the saved file processing. The average deviation of the watermark detection time is 0.2 second, which is good because the permissible average error is 0.5 second.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.56 no.1
• /
• pp.206-213
• /
• 2007

In this paper, The monitoring system for TV advertisement is implemented using video watermark. The functions of the advertisement monitoring system are monitoring the time, length, and index of the on-air advertisement, saving the log data, and reporting the monitoring result. The performance of the video watermark used in this paper is tested for TV advertisement monitoring. This test includes LAB test and field test. LAB test is done in laboratory environment and field test in actually broadcasting environment. LAB test includes PSNR, distortion measure in image, and the watermark detection rate in the various attack environment such as AD/DA(analog to digital and digital to analog) conversion, noise addition, and MPEG compression. The result of LAB test is good for the TV advertisement monitoring. KOBACO and SBS are participated in the field test. The watermark detection rate is 100% in both the real-time processing and the saved the processing. The average deviation of the watermark detection time is 0.2 second, which is good because the permissible average error is 0.5 second.

• Journal of the Korea Convergence Society
• /
• v.9 no.7
• /
• pp.55-62
• /
• 2018

Recently, as the threat of cyber crime increases, the importance of security control to cope with cyber attacks on the information systems in the first place such as real-time detection is increasing. In the name of security control center, cyber terror response center and infringement response center, institutional control personnel are making efforts to prevent cyber attacks. Especially, we are detecting infringement accident by using network security equipment or utilizing control system, but it's not enough to prevent infringement accident by just controlling based on device-driven simple patterns. Therefore, the security control system is continuously being upgraded, and the development and research on the detection method are being actively carried out by the prevention activity against the threat of infringement. In this paper, we have defined the method of detecting infringement of major component module in order to improve the problem of existing infringement detection method. Through the performance tests for each module, we propose measures for effective security control and study effective infringement threat detection method by upgrading the control system using Security Information Event Management (SIEM).

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.17-25
• /
• 2004

As Internet and Internet users are rapidly increasing and getting popularized in the world the existing firewall has limitations to detect attacks which exploit vulnerability of web server. And these attacks are increasing. Most of all, intrusions using web application's programming error are occupying for the most part. In this paper, we introduced real-time web-server agent which analyze web-server based log and detect web-based attacks after the analysis of the web-application's vulnerability. We propose the method using real-time agent which remove Process ID(pid) and block out attacker's If if it detects the intrusion through the decision stage after judging attack types and patterns.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.2
• /
• pp.39-46
• /
• 2011

Privacy IP hacking problems such as invasion of privacy, password cracking, voice wiretapping and internet over charged occurred, because VoIP internet voice phone service gradually spread. This thesis attempted to attack the VoIP service network by application. First use application to spoof IP address then attempted wiretap the VoIP service and sends a lot of messages to disturb service movement. At this point, we connected VoIP soft terminal, so we can operate real-time filtering operator to block the SIP Flooding offence by monitor the traffic and detect the location where it got attacked. This thesis used experiment to prove it is possible to detect the offence and defend from SIP Flooding offence.