• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.543-545
• /
• 2011

The concern which is abundant in MANET VoIP for comprising the mobility guarantee and mobile network is received without the infrastructure system between the mobile terminal node. However, because the access of system and border is easy, the issue which is big in the security problem becomes more than the wired network system with this convenience by the foreign network attacker differently. In this paper, we would like to the fundamental web network, NAT and concluding the security problem technology in which Firewall can inquire on MANET VoIP and whether it is appropriate or not which can solve this is proposed.

• Journal of Service Research and Studies
• /
• v.5 no.1
• /
• pp.57-70
• /
• 2015

This paper develop curnel based high speed packet filtering imbedded gateway and firewall using cloud database. This study develop equipment include of predict function through bigdata analysis using cloud system. This equipment include intrusion prevention for network attack, and include system security function of L7 switch based contents. This study can improve security level of little company and general family. This study can pioneer a new market. This study can develop high perfomance switch and replacement of existing security equipment. This study proposed new next generation algorithm for constuction of high performance system from low specifications.

• Journal of the Korea Society for Simulation
• /
• v.12 no.4
• /
• pp.25-40
• /
• 2003

With the growing usage of the networks, the world-wide Internet has become the main means to exchange data and carry out transactions. It has also become the main means to attack hosts. To solve the security problems which occur in the network such as Internet, we import software products of network security elements like an IDS (Intrusion Detection System) and a firewall. In this paper, we have designed and constructed the general simulation environment of network security model composed of multiple IDSes and a firewall which coordinate by CNP (Contract Net Protocol) for the effective detection of the intrusion. The CNP, the methodology for efficient integration of computer systems on heterogeneous environment such as distributed systems, is essentially a collection of agents, which cooperate to resolve a problem. Command console in the CNP is a manager who controls the execution of agents or a contractee, who performs intrusion detection. In the network security model, each model of simulation environment is hierarchically designed by DEVS(Discrete Event system Specification) formalism. The purpose of this simulation is that the application of rete pattern-matching algorithm speeds up the inference cycle phases of the intrusion detection expert system and we evaluate the characteristics and performance of CNP architecture with rete pattern-matching algorithm.

• The Journal of Society for e-Business Studies
• /
• v.9 no.4
• /
• pp.137-155
• /
• 2004

A video-conference system is being utilized in web based application services in various fields due to the widespread use of Internet and the progress of computer technologies. This system should use the public IP address for sharing file and white board and it is difficult to manage the internal network users of the firewall and non-public IP address users. In this paper, we propose an Application Level Gateway which transforms non-public IP address into public IP address. This mechanism is for the internal network users of the firewall or non-public IP address users over the Internet. We also propose a Control Daemon which manages video and audio media dynamically according to network bandwidth. This mechanism can start and terminate a video conference and manage the process of the video conference.

• Proceedings of the KAIS Fall Conference
• /
• 2003.11a
• /
• pp.197-206
• /
• 2003

With the growing usage of the networks, the world-wide Internet has become the main means to exchange data and carry out transactions. It has also become the main means to attack hosts. To solve the security problems which occur in the network such as Internet, we import software products of network security elements like an IDS (Intrusion Detection System) and a firewall. In this paper, we have designed and constructed the General Simulation Environment of Network Security model composed of multiple IDSes and a firewall which coordinate by CNP (Contract Net Protocol) for the effective detection of the intrusion. The CNP, the methodology for efficient integration of computer systems on heterogeneous environment such as distributed systems, is essentially a collection of agents, which cooperate to resolve a problem. Command console in the CNP is a manager who controls tie execution of agents or a contractee, who performs intrusion detection. In the Network Security model, each model of simulation environment is hierarchically designed by DEVS (Discrete EVent system Specification) formalism. The purpose of this simulation is to evaluate the characteristics and performance of CNP architecture with rete pattern matching algorithm and the application of rete pattern matching algorithm for the speeding up the inference cycle phases of the intrusion detection expert system.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.519-524
• /
• 2003

During the period of co-existence of IPv4 and IPv6, Ipv6 over IPv4 tunneling technique is intended as a start-up transition mechanism. However, most of IPv4 firewalls do not support the IPv6 over IPv4 tunneling packet filtering. Finally, it is impossible that a user inside IPv4 firewall connects with an IPv6 host across IPv4 network. Without any additional hardware or changing the policy of IPv4 firewall, we solve this problem using proposed Double-encapsulation and applied-HTTP tunneling technique that are end-to-end solutions. This enables cheaper IPv6 migration solutions.

• Journal of Ocean Engineering and Technology
• /
• v.37 no.3
• /
• pp.99-110
• /
• 2023

When a fire accident accompanied by an explosion occurs, the surrounding firewalls are affected by impact and thermal loads. Damaged firewalls due to accidental loads may not fully perform their essential function. Therefore, this paper proposes an advanced methodology for evaluating the fire resistance performance of firewalls damaged by explosions. The fragments were assumed to be scattered, and fire occurred as a vehicle exploded in a large compartment of a roll-on/roll-off (RO-RO) vessel. The impact velocity of the fragments was calculated based on the TNT equivalent mass corresponding to the explosion pressure. Damage and thermal-structural response analyses of the firewall were performed using Ansys LS-DYNA code. The fire resistance reduction was analyzed in terms of the temperature difference between fire-exposed and unexposed surfaces, temperature increase rate, and reference temperature arrival time. The degree of damage and the fire resistance performance of the firewalls varied significantly depending on impact loads. When naval ships and RO-RO vessels that carry various explosive substances are designed, it is reasonable to predict that the fire resistance performance will be degraded according to the explosion characteristics of the cargo.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.11B
• /
• pp.750-757
• /
• 2005

This paper reports on the study of P2P traffic behaviors in a high-speed campus network under a simple firewall which drops packets with default port numbers for the well-blown P2P applications. Among several ways of detecting P2P traffic, the easiest method is to filter out packets with the default port number of each P2P application. After deploying the port-based firewall against P2P-traffic, it is expected that the amount of P2P traffic will be decreased. However, during the eight-month measurement period, three new commercial P2P applications have been identified and their traffic usages have reached up to $30/5.6\%$ of the total outbound/inbound traffic volumes at the end of the measurement period. In addition, the most famous P2P application, eDonkey, has adapted and has escaped detection through port hopping. The measurement result shows that the amount of eDonkey traffic is around $6.7/4.0\%$ of the total outbound/inbound traffic volume. From the measurement results, it is observed that the port-based firewall is not effective to limit the usage of P2P applications and that the P2P traffic is steadily growing due to not only the evolution of existing P2P applications such as port hopping but also appearances of new P2P applications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1087-1101
• /
• 2020

Various security devices are used to protect internal networks and valuable information from rapidly evolving cyber attacks. Firewall, which is the most commonly used security device, tries to prevent malicious attacks based on a text-based filtering rule (i.e., access control policy), by allowing or blocking access to communicate between inside and outside environments. However, in order to protect a valuable internal network from large networks, it has no choice but to increase the number of access control policy. Moreover, the text-based policy requires time-consuming and labor cost to analyze various types of vulnerabilities in firewall. To solve these problems, this paper proposes a 3D-based hierarchical visualization method, for intuitive analysis and management of access control policy. In particular, by providing a drill-down user interface through hierarchical architecture, Can support the access policy analysis for not only comprehensive understanding of large-scale networks, but also sophisticated investigation of anomalies. Finally, we implement the proposed system architecture's to verify the practicality and validity of the hierarchical visualization methodology, and then attempt to identify the applicability of firewall data analysis in the real-world network environment.

• Korea Information Processing Society Review
• /
• v.4 no.2
• /
• pp.115-122
• /
• 1997

인테넷이란 거대한 네트웍들의 네트웍을 가리킨다. 즉 네트웍들은 개방된