• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.16-18
• /
• 2005

2003년 1.25 대란을 통해 우리나라와 같이 초고속 인터넷망의 인프라를 갖춘 국가는 웜에 의한 DDoS공격 등에 취약하다는 것이 입증되었다. 이러한 취약성을 극복하기 위해서는 웜의 공격에 대해 웜 코드 자체에 대한 세부적인 분석과 전파 특성을 관찰하는 것이 중요하다. 하지만 웜의 전파 특성이나 취약점을 확인할 수 있는 방법으로는 소스코드 디어셈블러, 웜이 전파된 후 감염된 호스트들을 분석하는 방법이외에는 타당한 기법들이 제시되지 않고 있다. 웜 코드를 실제 네트워크 환경에서 테스트하기 위한 환경을 구축하기 위해서는 많은 시간과 비용이 소요되며 , 제도나 법률에 반하는 비현실적인 방법이라 할 수 있다. 이에 본 논문에서는 심각한 피해를 유발할 수 있는 치명적인 웜들의 시뮬레이션을 통해 웜의 전파 과정에서 발생하는 트래픽을 분석, 확인할 수 있는 시뮬레이터를 제시하고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06a
• /
• pp.98-100
• /
• 2012

모바일 웜의 전파 속도는 시간이 지날수록 급격히 빨라진다. 급속도로 전파하는 웜을 억제하기 위한 연구가 계속 진행되어 왔다. 기존 연구 중 하나로 소셜 네트워크를 그래프(Graph)로 표현하고 분할한 뒤 각 파티션의 대표노드(Key Node)를 선택해 웜 패치를 전파하는 기법이 있다. 이 기법은 패치 전파 속도를 웜 전파 속도보다 빠르게 해서 웜을 억제 시킨다. 하지만 이 기법에서는 대표노드에 가중치(Weight)가 낮은 간선(Edge)이 연결 될 수 있거나 대표노드가 없는 파티션이 생길 수 있다. 잘못된 대표노드 선정은 패치 전파속도를 저하시키고 웜 억제를 지연시킬 수 있다. 본 논문에서는 페이지랭크를 이용해서 대표노드를 선정하는 개선된 소셜 네트워크 기반의 웜 패칭 기법을 제안한다. 제안 기법은 웜 패칭 전략에 사용할 수 있도록 수정한 페이지랭크를 각 파티션에 적용해서 대표노드를 선정한다. 파티션마다 전파 능력이 가장 높은 노드가 대표노드로 선정되기 때문에 웜 패치 전파 속도를 향상시킬 수 있다.

• Journal of the Korean earth science society
• /
• v.39 no.1
• /
• pp.23-45
• /
• 2018

Moderately diverse, but very abundant trace fossils are found from the Late Pleistocene deposits of Jeju Island, Korea. Vertical I-, Y- and U-shaped domichnia of annelids or decapods are, over 2500, extremely abundant, 3D network domichnia of callianassids are, over 200, very abundant, and small sinuous trails of nematode repichnia are, over 50, abundant in number. Horizontal trails attributable to polychaete or worm-like animals are, less than 50, common, but horizontal spreiten burrows, fish traces and crab trackways are, less than 10, rare in occurrence. Of these trace fossils, Taenidium barretti, Undichna britannica and Undichna unisulca represent the first record from the Pleistocene in Asia. Psilonichnus upsilon is the second record in Asia. Crab trackways probably produced by underwater punting gait of sideway walking crabs may represent the first record in the world. In addition, diverse and very abundant footprints of more than 500 hominids, more than 200 birds and more than 1000 mammals are closely associated with these invertebrate trace fossils. Trace fossil assemblage integrated with sedimentary facies is interpreted to have been formed in the marginal marine foreshore to backshore environment corresponding to the Psilonichnus and Skolithos ichnofacies.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.53-62
• /
• 2015

Recently, number of tablet or Smartphone users increased significantly in domestic and around the world. But violation of personal information such as leakage, misuse and abuse are constantly occurring by using mobile devices which is very useful in our society. Therefore, in this paper it will talk about the problems in the network environment of the mobile environment such as tablet and Smartphone, Mobile Malware, hacking of the public key certificate, which could be potential threat to mobile environment. This thesis will research for people to use their mobile devices more reliable and safer in mobile environment from invasion and leakage of personal information. In order to use Smartphone safely, users have to use Wi-Fi and Bluetooth carefully in the public area. This paper will research how to use App safely and characteristic of risk of worm and Malware spreading. Because of security vulnerabilities of the public key certificate, it will suggest new type of security certification. In order to prevent from the information leakage and infect from Malware in mobile environment without knowing, this thesis will analyze the improved way to manage and use the mobile device.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.185-192
• /
• 2006

By mistaking normal packets for harmful traffic, it may not offer service according to the intention of attacker with harmful traffic, because it is not easy to classify network traffic for normal service and it for DUoS(Distributed DoS) attack like the Internet worm. And in the IPv6 environment these researches on harmful traffic are weak. In this dissertation, hosts in the IPv6 environment are attacked by NETWIB and their attack traffic is monitored, then the statistical information of the traffic is obtained from MIB(Management Information Base) objects used in the IPv6. By adapting the ESM(Exponential Smoothing Method) to this information, a normal traffic boundary, i.e., a threshold is determined. Input traffic over the threshold is thought of as attack traffic.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.39-47
• /
• 2002

To recently with the love-letter and Back Orifice the same Worm-virus, with the Trojan and the Linux-virus back against the new species virus which inside and outside of the country to increase tendency the malignant new species virus which is the possibility of decreasing the damage which is enormous in the object appears and to follow a same network coat large scale PC is being quicker, it disposes spontaneously to respect, applied an artificial intelligence technique the research against the next generation malignant computer virus of new form is demanded. Will reach and to respect it analyzes the digital immunity system of the automatic detection which is quick against the next generation malignant virus which had become unconfirmed and the foreign countries which has an removal function.

• Convergence Security Journal
• /
• v.5 no.3
• /
• pp.15-22
• /
• 2005

The spread of Internet and the appear of Downsizing, SI(System Integration) is chaning centralized computing to distributed computing. Also distributed computing is rapidly changing to Ubiquitous computing escape from hard wire connected network. CORBA(Common Object Request Broker Architecture) is a middleware that used for smoothness communication between application program and operation system in a different environment. However distributed computing environment is not safe from the danger, the attack like virus, worm is too intellectual and variety. In this paper, we design a new DB security model and suggest efficiency of it in Ubiquitous environment base on CSS(CORBA Security Service) that present ed from OMG(Object Management Group).

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.53-58
• /
• 2011

There is increasing use of common commercial operation system and standard PCs to control industrial production systems, and cyber security threat for industrial facilities have emerged as a serious problem. Now these network connected ICS(Industrial Control Systems) stand vulnerable to the same threats that the enterprise information systems have faced and they are exposed to malicious attacks. In particular Stuxnet is a computer worm targeting a specific industrial control system, such as a gas pipeline or power plant and in theory, being able to cause physical damage. In this paper we present an overview of the general configuration and cyber security threats of a SCADA and investigate the attack tree analysis to identify and assess security vulnerabilities in SCADA for the purpose of response to cyber attacks in advance.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.89-95
• /
• 2016

Recent growth of hacking threats and development in software and technology put Network security under threat, In addition, intrusion, malware and worm virus have been increased due to the existence of variety of sophisticated hacking methods. The goal of this study is to compare Snort Alpha version with Suricata 2.0.11 version whereas previous study focuses on comparison between snort 2. x version under thread environment and Suricata under multi-threading environment. This thesis' experiment environment is set as followed. Intel (R) Core (TM) i5-4690 3. 50GHz (4threads) of CPU, 16GB of RAM, 3TB of Seagate HDD, Ubuntu 14.04 are used. According to the result, Snort Alpha version is superior to Suricata in performance, but Snort Alpha had some glitches when executing pcap files which created core dump errors. Therefore this experiment seeks to analyze which performs better between Snort Alpha version that supports multi packet processing threads and Suricata that supports multi-threading. Through this experiment, one can expect the better performance of beta and formal version of Snort in the future.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.4 s.36
• /
• pp.173-179
• /
• 2005

The continuous development of computing technique and network technology bring the explosive growth of the Internet, it accomplished the role which is import changes the base facility in the social whole and public infra, industrial infrastructure, culture on society-wide to Internet based environment. Recently the rapid development of information and technology environment is quick repeated the growth and a development which is really unexampled in the history but it has a be latent vulnerability, Therefore the damage from this vulnerability like worm, hacking increases continually. In this paper, in order to resolve this problem, implement the analysis system for harmful traffic for defending new types of attack and analyzing the traffic takes a real-time action against intrusion and harmful information packet.