• The Transactions of the Korea Information Processing Society
• /
• v.5 no.6
• /
• pp.1593-1602
• /
• 1998

In this paper, a hybrid firewall system using the screening router, dual-homed gateway, screened host galeway and the application level gateway is proposed, The screened host gateway is comjXlsed of screening router, DMZ and bastion host. All external input traffics are filtered by screening router with network protrcol filtering, and transmitted to the bastion host performing application level filtering, The dual homed gateway is an internlediate equipment prohibiting direct access from external users, The application level gateway is an equipment enabling transmission using only the proxy server. External users can access only through the public servers in the DMZ, but internal users can aeee through any servers, The rule base which allows Telnet only lo the adrnilllslratol is applied to manage hosts in the DMZ According to the equipmental results, denial of access was in orderof Web. Mail FTP, and Telnet. Access to another servers except for server in DMZ were denied, Prolocol c1mials of UDP was more than that of TCP, because the many hosts broadcasted to networds using BOOTP and NETBIOS, Also, the illegal Telnet and FTP that transfer to inside network were very few.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.273-277
• /
• 2013

Phishing attacks have been implemented in smarter, more advanced ways with the passage of time. Hackers use intelligent phishing attacks to take over computers and to penetrate internal networks in major organizations. So, in this paper, a model for a prevention of phishing attack spread is conceptual designed in order to protect internal users and sensitive or important information from sophisticated phishing attacks. Internal users simultaneously utilize both external web and organizational mail services. And hackers can take the both side equally as a vector. Thus, packets in each service must be monitored and stored to recognize threatening elements from both sides. The model designed in this paper extends the mail server based security structure used in conventional studies for the protection of Internet mail services accessed by intranet users. This model can build a list of phishing sites as the system checks e-mails compared to that of the method that directly intercepts accesses to phishing sites using a proxy server, so it represents no standby time for request and response processes.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.10
• /
• pp.3262-3271
• /
• 2000

Continuous media objects, due to large volume and real-time consiraints in their delivery,are likely to consume much network andwidth Generally, proxy servers are used to hold the fiequently requested objects so as to reduce the network traffic to the central server but most of them are designed for text and image dae that they do not go well with continuous media data. So, in this paper, we propose a two-layered network cache management policy for continuous media object delivery on the wide area networks. With the proposed cache management scheme,in cach LAN, there exists one LAN cache and each LAN is further devided into a group of sub-LANs, each of which also has its own sub-LAN eache. Further, each object is also partitioned into two parts the front-end and rear-end partition. they can be loaded in the same cache or separately in different network caches according to their access frequencics. By doing so, cache replacement overhead could be educed as compared to the case of the full size daa allocation and replacement , this eventually reduces the backbone network traffic to the origin server.

• The Journal of Korean Association of Computer Education
• /
• v.12 no.4
• /
• pp.47-55
• /
• 2009

There are many researches considering mobile devices as resources in mobile grids. However, the mobile device has some limitations: wireless connection and battery capacity. So, the grid operations using mobile devices have lower reliability and efficiency than those in fixed grid environments. In this paper, we propose a job migration scheme using mobile devices to overcome these limitations. The proposed job migration scheme predicts failure condition during execution and takes checkpoints. Then, if the failure occurs on mobile device during execution, the executing job can be migrated to other mobile device by checkpoint information. To perform the proposed migration scheme, we establish a mobile device manager on a proxy server and a status manager on a mobile device. Connection, wireless signal strength and battery capacity of mobile devices are identified through two managers. The simulation results show improvement of efficiency and reliability during execution.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.4
• /
• pp.57-61
• /
• 2014

Zeroboard is a public bulletin board that can support PHP and MySQL. It has been used by many people because it is easy to use, but there is no more updates after Zeroboard4. So, there is a problem that its administrator will have nothing to do about it if zeroboard has a vulnerability. In this paper, we will discuss about CSRF(Cross Site request Forgery) which is developed and expanded by XSS(Cross Site Scripting). Also, we will find CSRF attacks and suggest an alternative method using VM-ware. The main features and contributions of the proposed method are as follows. First, make an environment construction using VM-ware and other tools. Second, analyze and prepare vulnerabilities using Proxy server. Performance evaluation will be conducted by applying possible countermeasure.

• Journal of the Korean Society for information Management
• /
• v.27 no.1
• /
• pp.25-40
• /
• 2010

The purpose of this study is to analyze the usage pattern between each academic database through social network analysis, and to support the academic database for users's needs. For this purpose, we have extracted log data to construct the academic database networks in the proxy server of K university library and have analyzed the usage pattern among each research area and among each social position. Our results indicate that the specialized academic database for the research area has more cohesion than the generalized academic database in the full-time professors' network and the doctoral students' network, and the density, degree centrality and degree centralization of the full-time professors' network and the doctoral students' network are higher than those of the other social position networks.

• KIISE Transactions on Computing Practices
• /
• v.22 no.6
• /
• pp.296-301
• /
• 2016

Object-based storage is an efficient storage solution that can handle unstructured data and shows better security and scalability than traditional block-based storage. However, in terms of power management, Object-based storage writes multiple copies in storage cluster, hence many servers consume unnecessary power in idle state. In order to resolve this problem, it is necessary to apply power management strategy by adjusting power mode of servers in idle state according to their workloads. In this paper, we proposed a new dynamic power management (DPM) method to transform power mode of storage servers dynamically according to workload information sent from proxy server. The experimental result shows that the proposed power management technic reduces total power consumption by 12% in the OpenStack based Swift object storage.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5B
• /
• pp.498-507
• /
• 2004

The fast and Precise service for the users request is the most important in the World Wide Web. However, the lest service is difficult due to the rapid increase of the Internet users recently. The Shared Web Caching (SWC) is one of the methods solving this problem. The performance of SWC is highly depend on the hit rate and the hit rate is effected by the memory size, processing speed of the server, load balancing and so on. The conventional load balancing is usually based on the state history of system, but the prediction of the state of the system can be used for the load balancing that will further improve the hit rate. In this study, a Hot Spot Prediction Method (HSPM) has been suggested to improve the throughputs of the proxy. The predicted hot spots, which is the item most frequently requested, should be predicted beforehand. The result show that the suggested method is better than the consistent hashing in the point of the load balancing and the hit rate.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.11B
• /
• pp.1297-1304
• /
• 2011

SIP(Session Initiation Protocol) has some security vulnerability because it works on the Internet. Therefore, the proxy server can be affected by the flooding attack such as DoS and service interruption. However, traditional schemes to corresponding Denial of Service attacks have some limitation. These schemes have high complexity and cannot protect to the variety of Denial of Service attack. In this paper, we newly define the normal user who makes a normal session observed by verifier module. Our method provides continuous service to the normal users in the various situations of Denial of Service attack as constructing a whitelist using normal user information. Various types of attack/normal traffic are modeled by using OPNET simulator to verify our scheme. The simulation results show that our proposed scheme can prevent DoS attack and achieve a low false rate and fast searching time.

• The KIPS Transactions:PartB
• /
• v.11B no.3
• /
• pp.361-368
• /
• 2004

This paper proposes an interactive VOD system to serve truly interactive VCR services using multicast delivery, client buffer and web-caching technique which implements the distributed proxy in Head-End- Network(HNET). This technique adopts some caches in the HNET that consists of a Switching Agent(SA), some Head-End-Nodes(HEN) and many clients. In this model, HENs distributively store the requested video under the control of SA. Also, client buffer dynamically expands to support various VCR playback rate. Thus, interactive services are offered with transmitting video streams from network, HENs and stored streams on buffer. Therefore this technique makes the load of network occur In the limited area, minimizes the additional channel allocation from server and restricts the transmission of duplicated video contents