• Journal of Service Research and Studies
• /
• v.5 no.1
• /
• pp.57-70
• /
• 2015

This paper develop curnel based high speed packet filtering imbedded gateway and firewall using cloud database. This study develop equipment include of predict function through bigdata analysis using cloud system. This equipment include intrusion prevention for network attack, and include system security function of L7 switch based contents. This study can improve security level of little company and general family. This study can pioneer a new market. This study can develop high perfomance switch and replacement of existing security equipment. This study proposed new next generation algorithm for constuction of high performance system from low specifications.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.741-756
• /
• 2001

With the development of computer systems, there has been a sharp increase in the threats on these systems including attacks by malicious programs such as virus, vandal, etc. Currently virus vaccines are widely used to thwart these threats, but they have many weaknesses. They cannot guard against unknown threats and sometimes, they also cannot detect the existence of malicious programs before these malicious programs make any destructive results. For lack of an efficient security model, the existing security programs have the problem that they raise many false-positive alarms in spite of normal action. So it becomes very important to develop the improved security program that can make up for the weakness of the existing computer security program and can detect many threats of malicious programs as early as possible. In this paper we describe the design of an improved security model and the implementation of a security program that can filter and handle the threats on computer systems at the kernel level in real time.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.519-523
• /
• 2002

NIDS의 보급이 보편화됨에 따라 NUDS를 우회하기 위한 공격 기법 역시 많이 개발 되고 있다. 이런 공격들 중 일부는 NIDS 구조의 근본적인 결함을 이용하기 때문에 NIDS 구조에서는 해결될 수 없다. NIDS의 많은 장점들을 유지하면서도 NIDS의 한계를 극복하는 새로운 HIDS 모델을 제시한다. HIDS는 시스템에 많은 부하를 준다는 것이 가장 큰 문제점이지만, Web 서버는 특성상 모든 곳에서의 접속을 허용하므로 보안에 취약하기 때문에 어느 정도 HIDS에 의한 부하를 감수하더라도 보안을 강화해야만 한다. 또한. Web 서버는 Web 서비스라는 특정 목적만을 위해 운영되기 때문에 HIDS를 설치하더라도 Web 공격에 대해서만 고려함으로써 HIDS의 부하를 상당히 줄일 수 있다. 본 논문에서 제안하는 HIDS는 Linux 운영체제의 Kernel에서 TCP Stream을 추출하여 이를 감사 자료로써 사용하여 침입탐지를 한다.

• Journal of the Chungcheong Mathematical Society
• /
• v.20 no.3
• /
• pp.333-342
• /
• 2007

Suppose that ${\mu}$ is a finite positive Borel measure on the unit ball $B{\subset}C^n$. The boundary of B is the unit sphere $S=\{z:{\mid}z{\mid}=1\}$. Let ${\sigma}$ be the rotation-invariant measure on S such that ${\sigma}(S)=1$. In this paper, we will show that if $sup_{{\zeta}{\in}S}\;{\int}_{B}\;P(z,{\zeta})d{\mu}(z)$<${\infty}$ where $P(z,{\zeta})$ is the Poission-Szeg$\ddot{o}$ kernel for B, then ${\mu}$ is a Carleson measure. We will also show that if $sup_{{\zeta}{\in}S}\;{\int}_{B}\;P(z,{\zeta})d{\mu}(z)$<${\infty}$, then the operator T such that T(f) = P[f] is compact as a mapping from $L^p(\sigma)$ into $L^p(B,d{\mu})$.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.1-11
• /
• 2006

The files of intellectual property on computer systems have increasingly been exposed to such threats that they can be flowed out by internal users or outer attacks through the network. The File Outflow Protection System detects file outflow when users not only copy files on client computers into storage devices, but also print them. This Protection system has been designed to Win32 API hooking by I/O Manager in kernel level if files are flowed out by copying. As a result, the monitoring system has exactly detected file outflows, which is proved through testing.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.277-280
• /
• 2001

기존 시스템 취약성 공격이나 스캔 공격도구들로부터 최근에는 방화벽이나 기타 보안 시스템을 우회하기 위한 보다 진보된 공격 도구들이 나타났다. 이중 가장 심각한 것이 커널 백도어인데 이는 기존의 사용자 레벨에서가 아닌 커널레벨에서 수행되는 특징을 가진다. 이러한 커널 백도어는 기존의 탐지기술로는 탐지가 불가능하며 현재 피해사례도 정확히 파악되지 않아 그 피해는 더욱 크다 하겠다. 이에 본 논문에서는 현재 배포되어 있는 커널 백도어를 분석하고 기존의 커널 백도어 탐지 기술과 이의 문제점을 해결하는 새로운 커널 백도어 탐지 모델과 구현 방안을 제시한다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.469-474
• /
• 2003

네트워크로 연결된 국가기관의 중요한 정보시스템에 대한 보안위협에 대해 기존의 침입차단/탐지시스템을 중심으로 하는 보안솔루션은 잠재적인 보안위협의 처리 한계와 우회하는 새로운 해킹기법 등의 발달로 인해 시스템의 정보보증을 위한 대응책이 떨어지고 있는 것으로 판단된다. 따라서 이에 대한 대안으로 TCSEC B5급(CC EAL5) 이상의 국가기관용 보안운영체제 개발의 필요성이 부각되고 있다. 본 논문은 국가기관용 보안운영체제 개발을 위해 선행되어야 할 안전커널 요구사항에 관한 연구로 이를 위해 먼저 적용될 보안환경과 목적, TCSEC 요구사항, CC 기반 보호프로파일, CC 요구사항을 분석 적용하였다. 이를 기반으로 정보의 중요도에 따라 두개의 등급으로 분류된 국가기관에 적합한 안전커널 요구사항을 제안하고자 한다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.8
• /
• pp.40-48
• /
• 2023

Speech Emotions recognition has become the active research theme in speech processing and in applications based on human-machine interaction. In this work, our system is a two-stage approach, namely feature extraction and classification engine. Firstly, two sets of feature are investigated which are: the first one is extracting only 13 Mel-frequency Cepstral Coefficient (MFCC) from emotional speech samples and the second one is applying features fusions between the three features: Zero Crossing Rate (ZCR), Teager Energy Operator (TEO), and Harmonic to Noise Rate (HNR) and MFCC features. Secondly, we use two types of classification techniques which are: the Support Vector Machines (SVM) and the k-Nearest Neighbor (k-NN) to show the performance between them. Besides that, we investigate the importance of the recent advances in machine learning including the deep kernel learning. A large set of experiments are conducted on Surrey Audio-Visual Expressed Emotion (SAVEE) dataset for seven emotions. The results of our experiments showed given good accuracy compared with the previous studies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.319-323
• /
• 2023

In intra-process isolation, file descriptors work as another attack vector from the memory corruption attacks. The attacker can read or write by corrupting file descriptors so they can escape the isolation. In this paper, we propose new lightweight capability-based access control system on file descriptor using ARM's hardware extension, PA(Pointer Authentication). Our system was implemented on Linux kernel module, only shows 5% overhead to control the access on the file descriptor.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.107-114
• /
• 2023

The attack technique by the malware distribution form is a dangerous, difficult to detect and prevent attack method. Current malware detection studies and proposals are often based on two main methods: using sign sets and analyzing abnormal behaviors using machine learning or deep learning techniques. This paper will propose a method to detect malware on Endpoints based on Event IDs using deep learning. Event IDs are behaviors of malware tracked and collected on Endpoints' operating system kernel. The malware detection proposal based on Event IDs is a new research approach that has not been studied and proposed much. To achieve this purpose, this paper proposes to combine different data mining methods and deep learning algorithms. The data mining process is presented in detail in section 2 of the paper.