• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.5
• /
• pp.1333-1353
• /
• 2012

The robustness of a network is usually measured by error tolerance and attack vulnerability. Significant research effort has been devoted to determining the network design with optimal robustness. However, little attention has been paid to the problem of how to improve the robustness of existing networks. In this paper, we investigate how to optimize attack tolerance and communication efficiency of an existing network under the limited link addition. A survival fitness metric is defined to measure both the attack tolerance and the communication efficiency of the network. We show that network topology reconfiguration optimization with limited link addition (NTRLA) problem is NP-hard. Two approximate solution methods are developed. First, we present a degree-fitness parameter to guide degree-based link addition method. Second, a preferential configuration node-protecting cycle (PCNC) method is developed to do trade-off between network robustness and efficiency. The performance of PCNC method is demonstrated by numerical experiments.

• Journal of KIISE:Information Networking
• /
• v.34 no.5
• /
• pp.305-315
• /
• 2007

Broadband Convergence Network (BcN) is the network which unifies telephone network, the Internet and broadcasting networks. Threats to each network can bring serious problems in BcN environment since the whole network can be damaged by various types of attack. The purpose of this study is to suggest the prototype of intrusion-tolerant network design of BcN to guarantee the continuous operation of BcN services against malicious attacks. First, BcN service components, selected by analysis of service time and coverage importance, are classified into three groups by their type: server type, gateway type and hybrid type. Second, the necessity of applying intrusion tolerance on BcN services is deduced by possible attack scenarios on BcN. Finally, we suggest the intrusion-tolerant network design suitable to BcN, using hardware redundancy and secure policies. Also, we present that the suggested network design can increase the intrusion tolerance of BcN.

• Convergence Security Journal
• /
• v.9 no.4
• /
• pp.7-12
• /
• 2009

It is very difficult to completely block the DDoS attack, which paralyzes services by depleting resources or occupying the network bandwidth by transmitting a vast amount of traffic to the specific website or server from normal users' PCs that have been already infected by an outside attacker. In order to defense or endure the DDoS attack, we usually use various solutions such as IDS (Intrusion Detection System), IPS (Intrusion Prevention System), ITS (Intrusion Tolerance System), FW (Firewall), and the dedicated security equipment against DDoS attack. However, diverse types of security appliances cause the cost problem, besides, the full function of the equipments are not performed well owing to the unproper setting without considering connectivity among systems. In this paper, we present the effective connectivity of security equipments and countermeasure methodology against DDoS attack. In practice, it is approved by experimentation that this designed methdology is better than existing network structure in the efficiency of block and endurance. Therefore, we would like to propose the effective security control measures responding and enduring against discriminated DDoS attacks through this research.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.1
• /
• pp.1-12
• /
• 2010

Recently, large amount of information in IDS(Intrusion Detection System) can be un manageable and also be mixed with false prediction error. In this paper, we propose a data mining methodology for IDS, which contains uncertainty based on training process and post-processing analysis additionally. Our system is trained to classify the existing attack for misuse detection, to detect the new attack pattern for anomaly detection, and to define border patter between attack and normal pattern. In experimental results show that our approach improve the performance against existing attacks and new attacks,from 0.62 to 0.84 about 35%.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.199-207
• /
• 2010

Recently, large amount of information in IDS(Intrusion Detection System) can be un manageable and also be mixed with false prediction error. In this paper, we propose a data mining methodology for IDS, which contains uncertainty based on training process and post-processing analysis additionally. Our system is trained to classify the existing attack for misuse detection, to detect the new attack pattern for anomaly detection, and to define border patter between attack and normal pattern. In experimental results show that our approach improve the performance against existing attacks and new attacks, from 0.62 to 0.84 about 35%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.13-25
• /
• 2011

Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. The fuzzy fingerprint vault system is one of the most popular solutions for protecting the fingerprint template stored in the database. Recently, however, this system is very susceptible to a correlation attack that finds the real minutiae using multiple fingerprint vaults enrolled for different applications. To solve this problem, we propose a robust fuzzy fingerprint vault system against the correlation attack. In this paper, we add chaff minutiae based on the relative information of minutiae such as direction, coordinate instead of adding randomly. Also, our proposed approach allow to add multiple chaff minutiae within tolerance box for enhanced security level. Experimental results show that the proposed approach can protect the correlation attack and achieve enhanced verification accuracy.

• The KIPS Transactions:PartA
• /
• v.12A no.5 s.95
• /
• pp.395-404
• /
• 2005

There have been large concerns about survivability defined as the capability of a system to perform a mission-critical role, in a timely manner, in the presence of attacks, failures. In particular, One of the most important core technologies required for the design of the ITS(Intrusion Tolerance System) that performs continuously minimal essential services even when the computer system is partially compromised because of intrusions is the survivability one of In included the dependability analysis of a reliability and availability etc. quantitative dependability analysis of the In. In this Paper, we applied self-healing mechanism utilizing two factors of self-healing mechanism (fault model and system response), the core technology of autonomic computing to secure the protection power of the ITS and consisted of a state transition diagram of the ITS composed of a primary server and a backup server. We also defined the survivability, availability, and downtime cost of the ITS, and then performed studies on simulation experiments and two cases of vulnerability attack. Simulation results show that intrusion tolerance capability at the initial state is more important than coping capability at the attack state in terms of the dependability enhancement.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.26 no.4
• /
• pp.267-272
• /
• 2016

Wireless sensor networks (WSNs) are vulnerable to external intrusions due to the wireless communication characteristics and limited hardware resources. Thus, the attacker can cause sinkhole attack while intruding the network. INSENS is proposed for preventing the sinkhole attack. INSENS uses the three symmetric keys in order to prevent such sinkhole attacks. However, the sinkhole attack occurs again, even in the presence of INSENS, through the compromised node because INSENS does not consider the node being compromised. In this paper, we propose a method to counter the sinkhole attack by considering the compromised node, based on the neighboring nodes' information. The goals of the proposed method are i) network reliability improvement and ii) energy conservation through effective prevention of the sinkhole attack by detecting compromised nodes. The experimental results demonstrate that the proposed method can save up to, on average, 19.90% of energy while increasing up to, on average, 71.50%, the report reliability against internal sinkhole attacks in comparison to INSENS.

• Journal of Korea Multimedia Society
• /
• v.8 no.2
• /
• pp.233-248
• /
• 2005

An intrusion tolerant technology has been introduced as a solution to prevent intrusion accident for unknown fragility or attack. However, a systematic modeling technique is not applied into a system design and development based on intrusion tolerant technology. Especially, elements such as availability, integrity, reliability, confidentiality, and so on are important requirements in intrusion tolerant system. Nevertheless, current most of UML-based modeling techniques pass over or don't provide design techniques reflecting those requirements. Therefore, we know these weaknesses and propose both profile and design technique reflecting and applying intrusion tolerant requirements systematically in the development of application software based on intrusion tolerance. We expect that proposed technique can extend not only current UML's limitations but also can improve the quality of application software based on intrusion tolerance.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.7
• /
• pp.333-340
• /
• 2005

One of the most important core technologies required for the design of the ITS (Intrusion Tolerance System) that performs continuously minimal essential services even when the network-based computer system is partially compromised because of the external or internal intrusions is the quantitative dependability analysis of the ITS. In this paper, we applied self-healing mechanism, the core technology of autonomic computing to secure the protection power of the ITS. We analyzed a state transition diagram of the ITS composed of a Primary server and a backup server utilizing two factors of self-healing mechanism (fault model and system response) and calculated the availability of ITS through simulation experiments and also performed studies on two cases of vulnerability attack.