• Journal of the Korea Computer Industry Society
• /
• v.4 no.12
• /
• pp.1053-1068
• /
• 2003

In this paper, we propose a new scheduling method without timing covert channel of real-time transaction for secure database systems that implement mandatory access control. Our scheduling method use the wait queue based on security level to remove timing covert channel. And it use priority queue that consider transaction type, deadline, and weight. Therefore, the proposed scheduling method prevents timing covert channel because it is kept noninterference between transactions with different security level, and maximizes the sum of the weight of transactions that satisfy its deadline. The simulation results, is a comparison of traditional methods, show that our scheduling method is improved to 30%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.35-45
• /
• 2004

In explosively increasing internet environments, information security is one of the most important consideration. Nowadays, various security solutions are used as such problems countermeasure; IDS, Firewall and VPN. However, basically internet has much vulnerability of protocol itself. Specially, it is possible to establish a covert channel using TCP/IP header fields such as identification, sequence number, acknowledge number, timestamp and so on. In this Paper, we focus cm the covert channels using identification field of IP header and the sequence number field of TCP header. To detect such covert channels, we used Support Vector Machine which has excellent performance in pattern classification problems. Our experiments showed that proposed method could discern the abnormal cases(including covert channels) from normal TCP/IP traffic using Support Vector Machine.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1422-1430
• /
• 2016

Researches for oceans are limited to military purpose such as underwater sound detection and tracking system. Underwater acoustic communications with low-probability-of-interception (LPI) covert characteristics were received much attention recently. Covert communications are conducted at a low received signal-to-noise ratio to prevent interception or detection by an eavesdropper. This paper proposed optimal covert communication model based on direct sequence spread spectrum for underwater environments. Spread spectrum signals may be used for data transmission on underwater acoustic channels to achieve reliable transmission by suppressing the detrimental effect of interference and self-interference due to jamming and multipath propagation. The characteristics of the underwater acoustic channel present special problems in the design of covert communication systems. To improve performance and probability of interception, we applied BCJR(Bahl, Cocke, Jelinek, Raviv) decoding method and the direct sequence spread spectrum technology in low SNR. Also, we compared the performance between conventional model and proposed model based on turbo equalization by simulation and lake experiment.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10b
• /
• pp.211-213
• /
• 1998

실시간 응용을 위한 데이터베이스 시스템은 시간 제약 조건을 만족시켜야 하며, 데이터 일관성을 유지해야 한다. 또한 다중레벨을 지원하는 보안 프로토콜은 cover channel의 생성을 방지하는 것이 중요하다. Son과 Mukkamala는 primary copy와 secondary copy를 사용한 SRT-2PL을 개발하였다. 이 프로토콜은 보안 레벨간의 불간섭(non-interference)을 지원하며, covert channel의 발생을 막을 수 있으며, 지연이 적고 취소가 적으므로 실시간 데이터베이스 시스템에서 보안을 유지하는데 사용될 수 있다. 그러나 secondary copy를 모든 데이터 오브젝트에 대해 항상 보존해야 하므로 작업공간의 낭비가 있고, 데이터의 갱신을 위해 update queue를 관리해야 하는 오버헤드와 그에 따른 예측성 결여가 문제점으로 나타난다. 따라서, 본 논문에서는 불간섭을 지원하여 covert channel의 발생을 방지하면서, 복사본의 유지 기간을 줄여 실시간 지원을 강화시키고, 예측성을 좀더 높인 개선된 SRT-2PL 실시간 데이터베이스 보안 프로토콜을 제안한다. 본 논문에서 제안하는 동적 복사 알고리즘은 트랜잭션의 동작에 따라 동적으로 복사본을 생성하여 레벨간의 불간섭을 제공함과 동시에, 복사본의 유지 기간을 줄여 작업공간의 낭비를 줄이고 예측성을 높일 수 있다.

• Proceedings of the IEEK Conference
• /
• 2000.07b
• /
• pp.735-738
• /
• 2000

The most important issue in database security is correct concurrency control under the restrictive security policy. The goal of secure transaction management is to keep security and provide many concurrent users with the high availability of database. In this paper, we consider the security environment of multidatabase system with replicated data. The read-from relationship in the existed serializability is improper in security environment. So, we define new read-from relationship and propose new secure 1-copy quasi-seriailzability by utilizing this relationship and display some examples. This security environment requires both the existed local autonomy and the security autonomy as newly defined restriction. To solve covert channel problem is the most difficult issue in developing secure scheduling scheme. The proposed secure 1-copy quasi-serializability is very proper for global transactions in that this serializability not violates security autonomy and prevents covert channel between global transactions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.81-90
• /
• 2003

The presence of the intrusion is judged by intrusion detection system based on the audit log and the Performance of this system depends on how correctly and effectively it has been described about the intrusion pattern with audit log. In this paper, the relativity concerning intrusion is demonstrated among the information those are ‘System call, Network packet and Syslog’ and the related pattern of the state-transition-based method and those rule-based pattern is identified. By applying this correlation to them, the accuracy rate of detection was able to be improved. Especially, the availability of detection with correlation pattern through Covert Channel detection test has been substantiated.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.751-753
• /
• 2003

은닉채널에 관한 연구는 1980년대 이전부터 진행되어 왔으며 최근에는 멀티미디어 데이터에 대한 스테가노그래피에 대한 관심이 집중되고 있다. 하지만, 본 논문에서는 현재 스테가노그래피나 정보은닉에서 다루는 동영상 데이터에 대한 은닉채널이 아닌, 인터넷 환경의 근간을 이루는 TCP/IP 네트워크 트래픽에 존재하는 은닉채널에 대한 연구를 수행하였다. 먼저 은닉채널 개념 및 기존 연구동향을 분석하였으며 그 후 TCP/IP를 구성하는 각 프로토콜에 생성 가능한 은닉채널을 분석하여 향후 연구 방향을 제시하였다.

• Journal of KIISE:Databases
• /
• v.30 no.2
• /
• pp.209-224
• /
• 2003

Recent development of electronic commerce enables the use of Electronic Stock Trading Systems(ESTS) to be expanded. In ESTS, information with various sensitivity levels is shared by multiple users with mutually different clearance levels. Therefore, it is necessary to use Multilevel Secure Database Management Systems(MLS/DBMSs) in controlling concurrent execution among multiple transactions. In ESTS, not only analytical OLAP transactions, but also mission critical OLTP transactions are executed concurrently, which causes it difficult to adapt traditional secure transaction management schemes to ESTS environments. In this paper, we propose Secure One Snapshot(SOS) protocol that is devised for Secure Transaction Management in ESTS. By maintaining additional one snapshot as well as working database SOS blocks covert-channel efficiently, enables various real-time transaction management schemes to be adapted with ease, and reduces the length of waiting queue being managed to maintain freshness of data by utilizing the characteristics of less strict correctness criteria. In this paper, we introduce the process of SOS protocol with some examples, and then analyze correctness of devised protocol.

• Journal of the Korea Society for Simulation
• /
• v.31 no.4
• /
• pp.11-22
• /
• 2022

Unlike a short-range, a long-range underwater acoustic communication(UWAC) uses low frequency signal and deep sound channel to minimize propagation loss. In this case, even though communication signals are modulated using a covert transmission technique such as spread spectrum, it is hard to conceal the existence of the signals. The unconcealed communication signal can be utilized as active sonar signal by enemy and presence of underwater vehicles may be exposed to the interceptor. Since it is very important to maintain stealthiness for underwater vehicles, the detection probability of friendly underwater vehicles should be considered when interceptor utilizes our long-range UWAC signal. In this paper, we modeled a long-range UWAC environment for analyzing the detection performance of underwater vehicles and proposed the region of interest(ROI) setup method and the measurement of detection performance. By computer simulations, we yielded parameters, analyzed the detection probability and the detection performance in ROI. The analysis results showed that the proposed detection performance analysis method for underwater vehicles could play an important role in the operation of long-range UWAC equipment.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.5 s.37
• /
• pp.57-64
• /
• 2005

While the secure concurrency control schemes in multilevel secure database management systems synchronize transactions cleared at different security level they must consider the problem covert channel. although previous works achieve the confidentiality successfully, they overlook the integrity or the availability. For being evaluated as highly secure database systems , the multilevel secure database management systems must achieve the confidentiality, integrity, and the availability that are the well-known major security aspects. By use of verified transactions ordering relationship, in this Paper, we Propose a new secure concurrency control scheme that is capable of increasing the degree of fairness among transactions cleared at different security levels.