• Journal of the Korea Society of Computer and Information
• /
• v.11 no.2 s.40
• /
• pp.75-82
• /
• 2006

The service use management for keeping up stable and effective environment is hard little by little by according to increase of internet user and being complicated network environment of the Internet little by little. being various of the requirements of the service which is provided and the user demand. And the beginning flag security was limited in IDS, But recently the integrated civil management is coming to be considered seriously according to adventting IDS. Firewall , Security or system. The development of integrated security civil management system to analyze widely through observation and detection at Network or host base, the judgment of attack, and integrated analysis of infiltration information is necessary because of detecting the various type attack.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.8
• /
• pp.106-113
• /
• 2008

In this paper, we will design and substantiate the Network Traffic management system(MAGI), which makes up for the weak points of existing Network Monitoring tools and realize dynamic firewall; MRTG, ntop, ethereal, and nettest. The Network Traffic Monitoring and analyzing system differs from existing software-based Network Monitoring tools as MAGI is a combination of software and hardware. Not only the innovative web user interface applied to the software makes analyzing traffic simpler, but it also has a function for monitoring and managing conditions of the hardware. The web user interface implemented with PHP and MySQL helps to use the database and as a result, analyzing data becomes easier. On the hardware part, the appliance is configured as a bridge in a network. As a result, managed system does not have overload.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.6
• /
• pp.91-103
• /
• 2004

The survey of network firewall system has been focused on the deny policy that protects information from the unlicensed and the intrusion detection system. Government has solved several firewall problems as building the intranet separated from the intranet. However, the new firewall system would been satisfied both the denialpolicy and information share with the public, according as government recently emphasizes electronic service. Namely, it has to provide the functions such as the information exchange among divisions, partial share of information with the public, network connection and the interception of illegal access. Also, it considers the solution that protects system from hacking by inner user and damage of virus such as Worm. This Paper suggests the protects information system using the intrusion prevention system and role-based security policy to support the partial opennessand the security that satisfied information share among governments and public service.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.297-299
• /
• 1999

방화벽은 외부 네트워크와 내부 네트워크 사이의 액세스를 제안하는 한 가지 방법이라고 할 수 있다. 기존의 방화벽은 침입자에 의한 공격을 탐지하기 어려웠다. 이러한 문제점을 개선하여 본 논문은 분산 환경에서의 침입탐지를 제안함으로써 침입자에 의한 공격을 방어하는 방화벽 시스템의 설계를 제안하고자 한다.

• Electronics and Telecommunications Trends
• /
• v.11 no.3 s.41
• /
• pp.115-122
• /
• 1996

인터네트와 응용 프로그램이 하나로 통합된 인트라네트(IntraNet)가 차세대 네트워크 환경으로 급격히 부상하고 있다. 본 고에서는 인트라네트 개념, 기본 구성도, firewall 및 개발 동향 등을 조사 분석함으로써 유사한 환경에 처한 국내 PC 통신 서비스의 추진 전략 수립에 참고가 되도록 하였다.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.9
• /
• pp.2342-2353
• /
• 1997

According to the outstanding development of information industry, a study of firewall is progressing as one of methods to cope with threat and loss of the data through computer network. For the secure network, this paper proposes the method diminishing threat and loss of the network using the correlation firewall with network audit trail system. Also, this paper suggests not only the audit analyzer execution model but also the type of databases used in audit analyzer to analyze the audit data. Network audit trail system has the function of identifing and analyzing of all intruder actions using audit records created by users.

• Journal of The Institute of Information and Telecommunication Facilities Engineering
• /
• v.2 no.4
• /
• pp.71-77
• /
• 2003

Security system in internet as well as the performance in information network became more important as the internet environment is getting popular and complicate. In this study, the security system (Firewall and IDS) was installed in high speed information network and analyzed for a change in the speed of data transfer and the possibility of invasion. The selection of appropriate system, efficient detection and protection and surveillance method were suggested and analyzed In order to do experiments, an experimental model was com prized to analyze the parameters that was affected by the detection and protection system in network. This will give a standard how much we can pull up the security system maintaining the network speed.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.9-15
• /
• 2004

The Internet is aggregate of trustless networks essentially Because the Internet is very difficult to control flowing of information, taking advantage of enough sporadic resource, security problem that can protect internal important stock from the Internet is risen seriously. Recently, virus accident and generation rate about system intrusion that happen become much higher and various than past. On these time, is progressing researcher for invasion cutout to keep away illegal act vigorouslyand do continuous development. In this paper, reporting administrator log information about invader's illegal act depending on XML format form, and I wished to solve problem that happen in administration side developing invasion interception system that can control to remote.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.60 no.3
• /
• pp.150-154
• /
• 2011

The technology to build high speed network using low cost DSL in the areas where the cost to build high speed network is high and the network environment is not very accommodating is important in providing the high speed network that meets the user demand and utilizing the network resources in an efficient way. This study presents development of the link aggregation equipment that performs the access control and firewall functions for packet processing based LAN users. The equipments developed support up to 5 line link aggregation as opposed to current 2 line link aggregation. The equipments also allow the use of high speed network in the areas where the network environment is not very accommodating. Also, the fail-over function is added to each line to provide reliability and the self-security function is enhanced to protect the network from unauthorized use and prevents waste of network resources by authorized users.