• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2113-2116
• /
• 2003

이 논문에서는 리눅스 기반VDPM(Virus Detection Protection Management)시스템을 제안하고 개발한 응용SW로 감지, 차단 및 관리 방법을 제시한다. 제안된 LVPM시스템은 첫째특정탐색 및 전체탐색 알고리듬에 의하여 개발된 VDPM시스템은 신종 바이러스까지 탐지하는 모든 종류의 바이러스 탐지(VDPM_hawkeye) 모듈, Virus첵크하는 감시 및 Virus첵크후 친정, 제거하는 방지(VDPM_medic)모듈, DB를 update하는 기능을 가지는 관리(VDPM_manager)모듈과 원격 DB관리 및 Virus결과 보고 기능 (VDPM_reporter) 모듈로 되어 있으며 지능적인 Virus방지 시스템, 둘째 네트워크 패킷을 분석하여 네트워크를 통한 침 바이러스 탐지 및 대응 시스템과 셋째 네트워크 패킷을 분석하여 네트워치를 통한 네트워크형 악성 소프트웨어 대응 시스템을 포함한 바이러스 보호 통합 시스템을 구현하였다. 더불어 호스트와 네트웍기반의 통합적인 IDS가 방화벽(Firewall)시스템과 연동하여 IDS 단독 차단이 불가능한 공격을 차단하는 소프트웨어 시스템을 개발하는 것이며 관리자가 사용하기 쉬운 GUI환경으로 구현하였고 대규모 분산 네트워크 환경에서 효율적인 리눅스기반 침입탐지방지관리 솔루션을 제시한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.381-387
• /
• 2003

The importance of protection for data and information is increasing by the rapid development of information communication and network. And concern of the private-information protection is increasing for the requested user's demand. Analysis of unknown signal characteristics is importance for the safe system maintenance from hacker and cracker. Detected target of unknown signals is virus, inner invader and outer invader, etc. Because existed unknown signal detection method exist individually for the virus, inner invader and outer invader system performance is very lower and system cost is very much. Therefore, in this paper proposed merging IDS system performs detection for virus, inner intrusion and outer intrusion method. Design of the proposed system is used Synopsys Ver. 1999.10 and VHDL coding. The proposed IDS system is practical in the system performance and cost for the individually existed IDS, and proposed IDS system utilized a part of system resources.

• The KIPS Transactions:PartA
• /
• v.12A no.5 s.95
• /
• pp.395-404
• /
• 2005

There have been large concerns about survivability defined as the capability of a system to perform a mission-critical role, in a timely manner, in the presence of attacks, failures. In particular, One of the most important core technologies required for the design of the ITS(Intrusion Tolerance System) that performs continuously minimal essential services even when the computer system is partially compromised because of intrusions is the survivability one of In included the dependability analysis of a reliability and availability etc. quantitative dependability analysis of the In. In this Paper, we applied self-healing mechanism utilizing two factors of self-healing mechanism (fault model and system response), the core technology of autonomic computing to secure the protection power of the ITS and consisted of a state transition diagram of the ITS composed of a primary server and a backup server. We also defined the survivability, availability, and downtime cost of the ITS, and then performed studies on simulation experiments and two cases of vulnerability attack. Simulation results show that intrusion tolerance capability at the initial state is more important than coping capability at the attack state in terms of the dependability enhancement.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.12
• /
• pp.287-296
• /
• 2019

Due to the development and increased usage of Internet services such as IoT and cloud computing, a large number of packets are being generated on the Internet. In order to create a safe Internet environment, malicious data that may exist among these packets must be processed and detected quickly. In this paper, we apply MongoDB, which is specialized for unstructured data analysis and big data processing, to intrusion detection system for rapid processing of big data security events. In addition, building the intrusion detection system(IDS) using some of the private cloud resources which is the target of protection, elastic and dynamic reconfiguration of the IDS is made possible as the number of security events increase or decrease. In order to evaluate the performance of MongoDB - based IDS proposed in this paper, we constructed prototype systems of IDS based on MongoDB as well as existing relational database, and compared their performance. Moreover, the number of virtual machine has been increased to find out the performance change as the IDS is distributed. As a result, it is shown that the performance is improved as the number of virtual machine is increased to make IDS distributed in MongoDB environment but keeping the overall system performance unchanged. The security event input rate based on distributed MongoDB was faster as much as 60%, and distributed MongoDB-based intrusion detection rate was faster up to 100% comparing to the IDS based on relational database.

• The Journal of Engineering Geology
• /
• v.19 no.2
• /
• pp.131-138
• /
• 2009

A simulation-optimization model is developed for development of groundwater and control of a saltwater wedge for protecting over-exploiting freshwater pumping wells. To achieve the goal an objective function is developed for three types of wells: freshwater pumping, freshwater injection and saltwater pumping. Integrity of groundwater environment is accounted for by including three indices. Illustrative cross-sectional examples show that both types of barriers can protect freshwater pumping wells from saltwater intrusion. A barrier well operating at the same rate located anywhere within a certain reach can protect a pumping well. However, the location of the reach appears to contradict the common practice of barrier placements. Consideration of the groundwater environment yields a unique optimal location for barrier wells.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.12
• /
• pp.714-723
• /
• 2003

In order to guarantee system survivability against attacks based on new methodology, we need a solution to recognize important resources for essential services and to adapt the urgent situation properly. In this paper, we present a dynamic resource reallocation scheme which is one of the core technologies for the implementation of intrusion tolerant systems. By means of resource reallocation within a node, this scheme enables the essential services to survive even after the occurrence of a system attack. If the settlement does not work within the node, resource reallocation among nodes takes places, thus the essential services are transferred to another prepared server node. Experimental result obtained on a testbed reveals the validity of the proposed scheme for resource reallocation. This scheme may work together with IDS(Intrusion Detection System) to produce effective responsive mechanism against attacks.

• Journal of Korean Society of Coastal and Ocean Engineers
• /
• v.27 no.5
• /
• pp.353-357
• /
• 2015

A new method is proposed for water resources using aquifers in coastal areas. These aquifers are generally filled with saline water due to seawater intrusion and consequently being left unutilized. Surface water can be injected into these aquifers and recovered for water quality enhancement and stored water. Injection and pumping wells are used. For this technique to be successful protection of pumping well from seawater intrusion is an essential issue. Salt water pumping can be used to prevent saline water upconing. Numerical analysis demonstrated that a properly designed and executed salt water pumping well can protect a freshwater pumping well from salt water intrusion.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.3
• /
• pp.19-25
• /
• 2017

Nowadays, networked computer systems play an increasingly important role in our society and its economy. They have become the targets of a wide array of malicious attacks that invariably turn into actual intrusions. This is the reason computer security has become an essential concern for network administrators. Recently, a number of Detection/Prevention System schemes have been proposed based on various technologies. However, the techniques, which have been applied in many systems, are useful only for the existing patterns of intrusion. Therefore, probe detection has become a major security protection technology to detection potential attacks. Probe detection needs to take into account a variety of factors ant the relationship between the various factors to reduce false negative & positive error. It is necessary to develop new technology of probe detection that can find new pattern of probe. In this paper, we propose an hybrid probe detection using Fuzzy Cognitive Map(FCM) and Self Adaptive Module(SAM) in dynamic environment such as Cloud and IoT. Also, in order to verify the proposed method, experiments about measuring detection rate in dynamic environments and possibility of countermeasure against intrusion were performed. From experimental results, decrease of false detection and the possibilities of countermeasures against intrusions were confirmed.

• Water for future
• /
• v.17 no.2
• /
• pp.72-79
• /
• 1984

This investagation was carried out by analyzing water types and measuring the environmetal isotopes (tritium and deuterium) for development of water resources and protection of ground waters from sea water intrusion. The water sample were taken monthly from April to June, 1983 from sixteen sites in the Cheju metropolitan area; three sea, three spring, and ten ground waters. The ground water in the midwest area of the city contained 20 TU of tritium and-46 per mille of deuterium, classified as the $NaHCO_3$ type of ground water, generally deep seated. The spring water and ground water in the southern part of the city contained 15 to of tritium and-39 per mile of deuterium, and appeared to the $CaHCO_3$ type of shallow ground water, easily affected 표 precipitation. The results of tritium and deuterium analyses showed that the ground water in the coastal area were not affected by sea water intrusion, although they changed from $NaHCO_3$ or $CaHCO_3$ type to NaCl type in May and June. It is concluded that the high Na and Cl content in those ground waters might come from municipal sewage. The sea water in the Yong-duam area was influenced by sping water.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.190-194
• /
• 2023

By looking the importance of communication, data delivery and access in various sectors including governmental, business and individual for any kind of data, it becomes mandatory to identify faults and flaws during cyber communication. To protect personal, governmental and business data from being misused from numerous advanced attacks, there is the need of cyber security. The information security provides massive protection to both the host machine as well as network. The learning methods are used for analyzing as well as preventing various attacks. Machine learning is one of the branch of Artificial Intelligence that plays a potential learning techniques to detect the cyber-attacks. In the proposed methodology, the Decision Tree (DT) which is also a kind of supervised learning model, is combined with the different cross-validation method to determine the accuracy and the execution time to identify the cyber-attacks from a very recent dataset of different network attack activities of network traffic in the UNSW-NB15 dataset. It is a hybrid method in which different types of attributes including Gini Index and Entropy of DT model has been implemented separately to identify the most accurate procedure to detect intrusion with respect to the execution time. The different DT methodologies including DT using Gini Index, DT using train-split method and DT using information entropy along with their respective subdivision such as using K-Fold validation, using Stratified K-Fold validation are implemented.