• Atmosphere
• /
• v.30 no.2
• /
• pp.103-113
• /
• 2020

In this study, we analyzed and developed the monitoring system in order to confirm the effect of observations on forecast sensitivity on ensemble-based data assimilation. For this purpose, we developed the Ensemble Forecast Sensitivity to observation (EFSO) monitoring system based on Local Ensemble Transform Kalman Filter (LETKF) system coupled with Korean Integrated Model (KIM). We calculated 24 h error variance of each of observations and then classified as beneficial or detrimental effects. In details, the relative rankings were according to their magnitude and analyzed the forecast sensitivity by region for north, south hemisphere and tropics. We performed cycle experiment in order to confirm the EFSO result whether reliable or not. According to the evaluation of the EFSO monitoring, GPSRO was classified as detrimental observation during the specified period and reanalyzed by data-denial experiment. Data-denial experiment means that we detect detrimental observation using the EFSO and then repeat the analysis and forecast without using the detrimental observations. The accuracy of forecast in the denial of detrimental GPSRO observation is better than that in the default experiment using all of the GPSRO observation. It means that forecast skill score can be improved by not assimilating observation classified as detrimental one by the EFSO monitoring system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2512-2531
• /
• 2014

We propose a new Distributed Denial of Service (DDoS) defense mechanism that protects http web servers from application-level DDoS attacks based on the two methodologies: whitelist-based admission control and busy period-based attack flow detection. The attack flow detection mechanism detects attach flows based on the symptom or stress at the server, since it is getting more difficult to identify bad flows only based on the incoming traffic patterns. The stress is measured by the time interval during which a given client makes the server busy, referred to as a client-induced server busy period (CSBP). We also need to protect the servers from a sudden surge of attack flows even before the malicious flows are identified by the attack flow detection mechanism. Thus, we use whitelist-based admission control mechanism additionally to control the load on the servers. We evaluate the performance of the proposed scheme via simulation and experiment. The simulation results show that our defense system can mitigate DDoS attacks effectively even under a large number of attack flows, on the order of thousands, and the experiment results show that our defense system deployed on a linux machine is sufficiently lightweight to handle packets arriving at a rate close to the link rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.659-666
• /
• 2012

Recently, cloud computing service has become a rising issue in terms of utilizing sources more efficiently and saving costs. However, the service still has some limitations to be popularized because it lacks the verification towards security safety. In particular, the possibility to induce Denial of service is increasing as it is used as Zombie PC with exposure to security weakness of Guest OS's. This paper suggests how cloud system, which is implemented by Xen, detects intrusion caused by Denial of service using hypercall. Through the experiment, the method suggested by K-means and EM shows that two data, collected for 2 mins, 5 mins, 10mins and 20mins each, are distinguished 90% when collected for 2mins and 5mins while collected over 10mins are distinguished 100% successfully.

• Journal of Communications and Networks
• /
• v.15 no.1
• /
• pp.31-37
• /
• 2013

Mobile ad hoc networks (MANET) refers to a network designed for special applications for which it is difficult to use a backbone network. In MANETs, applications are mostly involved with sensitive and secret information. Since MANET assumes a trusted environment for routing, security is a major issue. In this paper we analyze the vulnerabilities of a pro-active routing protocol called optimized link state routing (OLSR) against a specific type of denial-of-service (DOS) attack called node isolation attack. Analyzing the attack, we propose a mechanism called enhanced OLSR (EOLSR) protocol which is a trust based technique to secure the OLSR nodes against the attack. Our technique is capable of finding whether a node is advertising correct topology information or not by verifying its Hello packets, thus detecting node isolation attacks. The experiment results show that our protocol is able to achieve routing security with 45% increase in packet delivery ratio and 44% reduction in packet loss rate when compared to standard OLSR under node isolation attack. Our technique is light weight because it doesn't involve high computational complexity for securing the network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3671-3689
• /
• 2019

Software defined networking brings unique security risks such as control plane saturation attack while enhancing the performance of wireless sensor networks. The attack is a new type of distributed denial of service (DDoS) attack, which is easy to launch. However, it is difficult to detect and hard to defend. In response to this, the attack threat model is discussed firstly, and then a DDoS attack prevention extension, called FuzzyGuard, is proposed. In FuzzyGuard, a control network with both the protection of data flow and the convergence of attack flow is constructed in the data plane by using the idea of independent routing control flow. Then, the attack detection is implemented by fuzzy inference method to output the current security state of the network. Different probabilistic suppression modes are adopted subsequently to deal with the attack flow to cost-effectively reduce the impact of the attack on the network. The prototype is implemented on SDN-WISE and the simulation experiment is carried out. The evaluation results show that FuzzyGuard could effectively protect the normal forwarding of data flow in the attacked state and has a good defensive effect on the control plane saturation attack with lower resource requirements.

• Atmosphere
• /
• v.21 no.1
• /
• pp.85-93
• /
• 2011

UK Met Office Unified Model (UM) is a grid model applicable for both global and regional model configurations. The Met Office has developed a 4D-Var data assimilation system, which was implemented in the global forecast system on 5 October 2004. In an effort to improve its Numerical Weather Prediction (NWP) system, Korea Meteorological Administration (KMA) has adopted the UM system since 2008. The aim of this study is to provide the basic information on the effects of satellite data assimilation on UM performance by conducting global satellite data denial experiments. Advanced Tiros Operational Vertical Sounder (ATOVS), Infrared Atmospheric Sounding Interferometer (IASI), Special Sensor Microwave Imager Sounder (SSMIS) data, Global Positioning System Radio Occultation (GPSRO) data, Air Craft (CRAFT) data, Atmospheric Infrared Sounder (AIRS) data were assimilated in the UM global system. The contributions of assimilation of each kind of satellite data to improvements in UM performance were evaluated using analysis data of basic variables; geopotential height at 500 hPa, wind speed and temperature at 850 hPa and mean sea level pressure. The statistical verification using Root Mean Square Error (RMSE) showed that most of the satellite data have positive impacts on UM global analysis and forecasts.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.3
• /
• pp.135-142
• /
• 2017

DDoS (Distributed Denial of Service) exhausts the target server's resources using the large number of zombie pc, As a result normal users don't access to server. DDoS Attacks steadly increase by many attacker, and almost target of the attack is critical system such as IT Service Provider, Government Agency, Financial Institution. In this paper, We will introduce the CNN (Convolutional Neural Network) of deep learning based real-time detection system for DNS amplification Attack (DNS DDoS Attack). We use the dataset which is mixed with collected data in the real environment in order to overcome existing research limits that use only the data collected in the experiment environment. Also, we build a deep learning model based on Convolutional Neural Network (CNN) that is used in pattern recognition.

• KNOM Review
• /
• v.23 no.1
• /
• pp.10-17
• /
• 2020

As the threat of Distributed Denial-of-Service attacks that exploit weakly secure IoT devices has spread, research on source-side Denial-of-Service attack detection is being activated to quickly detect the attack and the location of attacker. In addition, a collaborative source-side attack detection technique that shares detection results of source-side networks located at individual sites is also being activated to overcome regional limitations of source-side detection. In this paper, we evaluate the performance of a collaborative source-side DDoS attack detection using statistical weights. The statistical weight is calculated based on the detection rate and false positive rate corresponding to the time zone of the individual source-side network. By calculating weighted sum of the source-side DoS attack detection results from various sites, the proposed method determines whether a DDoS attack happens. As a result of the experiment based on actual DNS request to traffic, it was confirmed that the proposed technique reduces false positive rate 2% while maintaining a high attack detection rate.

• Atmosphere
• /
• v.31 no.3
• /
• pp.283-294
• /
• 2021

An Observing System Experiment (OSE) using Global Ocean Data Assimilation and Prediction System (GODAPS) was conducted to evaluate the assimilation impact of Argo floats, deployed by National Institute of Meteorological Sciences/Korea Meteorological Administration (NIMS/KMA), in marginal seas around Korean peninsula. A data denial experiment was run by removing Argo floats in the Yellow Sea and the East Sea from an operational run. The assimilation results show that Argo floats bring the positive impact on the analysis of ocean internal structure in both Yellow Sea and East Sea. In the East Sea, overall positive impact in the water temperature and salinity context is found, especially outstanding improvement from 300 to 500 m depth. In the Yellow sea, the assimilation impact on water temperature and salinity is also large within 50 m depth, especially greater impact than the East Sea in salinity. However, in the Yellow Sea, the influence of Argo floats tends to be restricted to the vicinity of Argo floats, because there was only one Argo float in the middle of the Yellow Sea during the experiment period. Given that the only limited number of Argo floats generally contribute in a positive way to the improvement of the GODAPS, further progress could be expected with adding more observations from Argo floats to current observing systems.

• The Journal of the Korea Contents Association
• /
• v.18 no.1
• /
• pp.327-335
• /
• 2018

The current study challenges to suggest an umbrella strategy applied to different type of crisis, which is different from normative principle in crisis communication. The umbrella or comprehensive strategy in this study is identification framing. Identification framing is strategic message for organizational identification, which is close to social identification. The current study employed experimental design manipulating crisis types, crisis response types, and identification framing. The crisis types were internal versus external crisis, crisis responses were denial versus apology, and using identification framing $2{\times}2{\times}2$ factorial design were used. Two hundreds forty students participated in the experiment. The result showed the significant effectiveness of identification framing in different crisis types and crisis responses.