• Title/Summary/Keyword: malicious link

Search Result 25, Processing Time 0.023 seconds

Defending HTTP Web Servers against DDoS Attacks through Busy Period-based Attack Flow Detection

  • Nam, Seung Yeob;Djuraev, Sirojiddin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.7
    • /
    • pp.2512-2531
    • /
    • 2014
  • We propose a new Distributed Denial of Service (DDoS) defense mechanism that protects http web servers from application-level DDoS attacks based on the two methodologies: whitelist-based admission control and busy period-based attack flow detection. The attack flow detection mechanism detects attach flows based on the symptom or stress at the server, since it is getting more difficult to identify bad flows only based on the incoming traffic patterns. The stress is measured by the time interval during which a given client makes the server busy, referred to as a client-induced server busy period (CSBP). We also need to protect the servers from a sudden surge of attack flows even before the malicious flows are identified by the attack flow detection mechanism. Thus, we use whitelist-based admission control mechanism additionally to control the load on the servers. We evaluate the performance of the proposed scheme via simulation and experiment. The simulation results show that our defense system can mitigate DDoS attacks effectively even under a large number of attack flows, on the order of thousands, and the experiment results show that our defense system deployed on a linux machine is sufficiently lightweight to handle packets arriving at a rate close to the link rate.

Design and Implementation of Interference-Immune Architecture for Digital Transponder of Military Satellite (군통신위성 디지털 중계기의 간섭 회피 처리 구조 설계 및 구현)

  • Sirl, Young-Wook;Yoo, Jae-Sun;Jeong, Gun-Jin;Lee, Dae-Il;Lim, Cheol-Min
    • Journal of the Korean Society for Aeronautical & Space Sciences
    • /
    • v.42 no.7
    • /
    • pp.594-600
    • /
    • 2014
  • In modern warfare, securing communication channel by combatting opponents' electromagnetic attack is a crucial factor to win the war. Military satellite digital transponder is a communication payload of the next generation military satellite that maintains warfare networks operational in the presence of interfering signals by securely relaying signals between ground terminals. The transponder in this paper is classified as a partial processing transponder which performs cost effective secure relaying in satellite communication links. The control functions of transmission security achieve immunity to hostile interferences which may cause malicious effects on the link. In this paper, we present an efficient architecture for implementing the control mechanism. Two major ideas of pipelined processing in per-group control and software processing of blocked band information dramatically reduce the complexity of the hardware. A control code sequence showing its randomness with uniform distribution is exemplified and qualification test results are briefly presented.

Characteristic Analysis of Industrial Network and Security Equipment (산업용 네트워크 장비와 보안 장비의 특징 분석)

  • Shin, Dong-Jin;Hwang, Seung-Yeon;Oh, Jae-Kon;Kim, Jeong-Joon;Lee, Yong-Soo;Park, Kyung-won
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.20 no.3
    • /
    • pp.153-161
    • /
    • 2020
  • Due to the recent development of the 4th industrial revolution, Smart Factories that organically link various technologies such as AI, IoT, Cloud, and Big Data are increasing. Based on this, in the industrial environment where the internal process is controlled automatically, high availability should be secured against the loss caused when the internal process of the Smart Factory is stopped due to the determinism and malicious attack necessary to control the device such as PLC. The research and analysis of industrial network equipment and security equipment used in various industries can improve the efficiency and usability of industrial control systems in national infrastructure and can provide important feedback to build related infrastructure. Therefore, we compared industrial network equipment and security equipment in this paper in a variety of ways and expect to be used as a roadmap for developing technologies for industrial network equipment and industrial security equipment based on the results of this paper.

Secure Mobile-in-Vehicle System with CBC-MAC authentication (CBC-MAC 방식을 적용한 보안 모바일기기 제어시스템)

  • Hwang, Jae-Young;Choi, Dong-Wook;Chung, Yeon-Ho
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.14 no.12
    • /
    • pp.2657-2662
    • /
    • 2010
  • Demand on information security in mobile devices based control system grows rapidly with a view to counteracting information hacking and leakage. Among these techniques, encryption and authentication are most common. This paper presents CBC-MAC (Cipher Block Chaining-Message Authentication Code) based mobile devices control system. The system is termed as Secure Mobile in Vehicle (SMIV)We use CBC-MAC that is one of the most efficient authentication modes to protect information against any malicious attacks. By sharing the secret key of CBC-MAC between the transmitter and receiver, it asserts authentic information. The proposed system is verified in such a way that we develop mobile devices control system, apply the CBC-MAC algorithm to the control system and validate the received data. Unlike conventional systems where the development of control mechanism in mobile devices based control systems is main concern, this proposed system offers a secure communication link of the data in mobile devices control system and therefore would be useful to the design and implementation of various mobile devices based control systems.

Network separation construction method using network virtualization (네트워크 가상화를 이용한 망 분리 구축 방법)

  • Hwang, Seong-Kyu
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.24 no.8
    • /
    • pp.1071-1076
    • /
    • 2020
  • The importance of network separation is due to the use of the Internet with existing business PCs, resulting in an internal information leakage event, and an environment configured to allow servers to access the Internet, which causes service failures with malicious code. In order to overcome this problem, it is necessary to use network virtualization to separate networks and network interconnection systems. Therefore, in this study, the construction area was constructed into the network area for the Internet and the server farm area for the virtualization system, and then classified and constructed into the security system area and the data link system area between networks. In order to prove the excellence of the proposed method, a network separation construction study using network virtualization was conducted based on the basis of VM Density's conservative estimates of program loads and LOBs.