• 대한인간공학회지
• /
• 제30권2호
• /
• pp.319-330
• /
• 2011

In computer forensics investigation, the investigators collect, protect, analyze and interpret massive amount of data which were used in cyber crime. However, due to its huge amount of information, it takes a great deal of time and errors often result even when they use forensics investigation tool in the process. The information visualization techniques will greatly help to improve the information processing ability of human when they deal with the overwhelming amount of data and have to find out significant information in it. The importance of Intrusion Detection System(IDS) among network forensics is being emphasized in computer forensics. In this study, we apply the information visualization techniques which are proposed to be a great help to IDS and carry out the usability test to find out the most effective information visualization techniques for IDS.

• 제어로봇시스템학회:학술대회논문집
• /
• 제어로봇시스템학회 2003년도 ICCAS
• /
• pp.1051-1055
• /
• 2003

Policies are collections of general principles specifying the desired behavior and state of a system. Network management is mainly carried out by following policies about the behavior of the resources in the network. Policy-based (PB) network management supports to manage distributed system in a flexible and dynamic way. This paper focuses on configuration management based on Internet Engineering Task Force (IETF) standards. Network security approaches include the usage of intrusion detection system to detect the intrusion, building firewall to protect the internal systems and network. This paper presents how the policy-based framework is collaborated among the network security systems (intrusion detection system, firewall) and intrusion detection systems are cooperated to detect the intrusions.

• 수산해양교육연구
• /
• 제27권6호
• /
• pp.1842-1853
• /
• 2015

The behavior characteristics of the saltwater intrusion in the Seomjin River Estuary by the inflow of fresh water were analysed by the field observation using CTD in the neap tide in January, June, and August 2013 as well as a numerical model, EFDC (Environmental Fluid Dynamics Code). As a result, Seomjin River Estuary is found that the saltwater intrusion is sensitive to the tide and tidal and freshwater flow. The results of field observation and numerical model were similar in the range of salt, but the results of salt wedge distribution were quite different. The observation of tide and tidal current as well as hydrographic surveying the Seomjin River Estuary will be jointly conducted for the accurate analysis.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2006년도 춘계학술발표대회
• /
• pp.1117-1120
• /
• 2006

Wide applications because of their flexibilities and conveniences of Wireless Mobile Ad-hoc Networks (MANETs) also make them more interesting to adversaries. Currently, there is no applied architecture efficient enough to protect them against many types of attacks. Some preventive mechanisms are deployed to protect MANETs but they are not enough. Thus, MANETs need an Intrusion Detection System (IDS) as the second layer to detect intrusion of adversaries to response and diminish the damage. In this paper, we propose an algorithm for detecting bogus nodes when they attempt to intrude into network by attack routing protocol. In addition, we propose a procedure to find the most optimize path between two nodes when they want to communicate with each other. We also show that our algorithm is very easy to implement in current proposed architectures.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 2003년도 하계종합학술대회 논문집 Ⅲ
• /
• pp.1359-1362
• /
• 2003

The intrusions appears continuously by new unknown attacks exploiting vulnerabilities of systems or components but there are no perfect solutions to protect this unknown attacks. To overcome this problem, in this paper, we have proposed and implemented a Web service intrusion tolerant system that provides continuous Web services to the end users transparently even after the occurrence of an attack against the Web services, and prevents the disclosure of system's configuration data from server Our system has an N+l node architecture which is to minimize the number of redundant server nodes and to tolerate the intrusion effectively, and it also supports diversity in its design. Experimental result obtained on an implemented system show that our system can cope with intrusion such as DoS, file modification, confidentiality compromise of system properly.

• 한국데이타베이스학회:학술대회논문집
• /
• 한국데이타베이스학회 1999년도 춘계공동학술대회: 지식경영과 지식공학
• /
• pp.307-313
• /
• 1999

This paper reviews and assesses the analogy between the human immune system and network intrusion detection systems. The promising results from a growing number of proposed computer immune models for intrusion detection motivate this work. The paper begins by briefly introducing existing intrusion detection systems (IDS's). A set of general requirements for network-based IDS's and the design goals to satisfy these requirements are identified by a careful examination of the literature. An overview of the human immune system is presented and its salient features that can contribute to the design of competent network-based IDS's are analysed. The analysis shows that the coordinated actions of several sophisticated mechanisms of the human immune system satisfy all the identified design goals. Consequently, the paper concludes that the design of a novel network-based IDS based on the human immune system is promising for future network-based IDS's

• 인터넷정보학회논문지
• /
• 제4권2호
• /
• pp.69-80
• /
• 2003

프로그램 행위 침입 탐지 기법은 데몬 프로그램이나 루트 권한으로 실행되는 프로그램이 발생시키는 시스템 호출들을 분석하고 프로파일을 구축하여 변형된 공격을 효과적으로 탐지한다. 본 논문에서는 베이지안 네트워크와 다중 서열 정렬을 이용하여 여러 프로세스의 시스템 호출간의 관계를 표현하고, 프로그램 행위를 모델링하여 변형된 이상 침입 행위를 분류함으로써 이상행위를 탐지한다. 제안한 기법을 UNM 데이터를 이용한 시뮬레이션을 수행하였다.

• 한국지능시스템학회:학술대회논문집
• /
• 한국퍼지및지능시스템학회 2003년도 ISIS 2003
• /
• pp.660-663
• /
• 2003

The advanced computer network technology enables connectivity of computers through an open network environment. There has been growing numbers of security threat to the networks. Therefore, it requires intrusion detection and prevention technologies. In this paper, we propose a network based intrusion detection model using Fuzzy Cognitive Maps(FCM) that can detect intrusion by the Denial of Service(DoS) attack detection method adopting the packet analyses. A DoS attack appears in the form of the Probe and Syn Flooding attack which is a typical example. The Sp flooding Preventer using Fuzzy cognitive maps(SPuF) model captures and analyzes the packet information to detect Syn flooding attack. Using the result of analysis of decision module, which utilized FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. The result of simulating the "KDD ′99 Competition Data Set" in the SPuF model shows that the Probe detection rates were over 97 percentages.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권7호
• /
• pp.1874-1893
• /
• 2012

An approach to detect abnormal activities based on reputations created individually by each node is vulnerable to a false accusation since intrusion detection in ad-hoc networks is done in a distributed and cooperative manner. Detection of false accusation is considered important because the efficiency or survivability of the network can be degraded severely if normal nodes were excluded from the network by being considered as abnormal ones in the intrusion detection process. In this paper, we propose an improved reputation-based intrusion detection technique to efficiently detect and manage false accusations in ad-hoc networks. Additionally, we execute simulations of the proposed technique to analyze its performance and feasibility to be implemented in a real environment.

• 한국지능정보시스템학회:학술대회논문집
• /
• 한국지능정보시스템학회 1999년도 춘계공동학술대회-지식경영과 지식공학
• /
• pp.307-313
• /
• 1999

This paper reviews and assesses the analogy between the human immune system and network intrusion detection systems. The promising results from a growing number of proposed computer immune models for intrusion detection motivate this work. The paper begins by briefly introducing existing intrusion detection systems (IDS's). A set of general requirements for network-based IDS's and the design goals to satisfy these requirements are identified by a careful examination of the literature. An overview of the human immune system is presented and its salient features that can contribute to the design of competent network-based IDS's are analysed. The analysis shows that the coordinated actions of several sophisticated mechanisms of the human immune system satisfy all the identified design goals. Consequently, the paper concludes that the design of a network-based IDS based on the human immune system is promising for future network-based IDS's