• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.235-247
• /
• 2021

Today, the cloud computing has become a major demand of many organizations. The major reason behind this expansion is due to its cloud's sharing infrastructure with higher computing efficiency, lower cost and higher fle3xibility. But, still the security is being a hurdle that blocks the success of the cloud computing platform. Therefore, a novel Multi-tenant Decentralized Information Flow Control (MT-DIFC) model is introduced in this research work. The proposed system will encapsulate four types of entities: (1) The central authority (CA), (2) The encryption proxy (EP), (3) Cloud server CS and (4) Multi-tenant Cloud virtual machines. Our contribution resides within the encryption proxy (EP). Initially, the trust level of all the users within each of the cloud is computed using the proposed two-stage trust computational model, wherein the user is categorized bas primary and secondary users. The primary and secondary users vary based on the application and data owner's preference. Based on the computed trust level, the access privilege is provided to the cloud users. In EP, the cipher text information flow security strategy is implemented using the blowfish encryption model. For the data encryption as well as decryption, the key generation is the crucial as well as the challenging part. In this research work, a new optimal key generation is carried out within the blowfish encryption Algorithm. In the blowfish encryption Algorithm, both the data encryption as well as decryption is accomplishment using the newly proposed optimal key. The proposed optimal key has been selected using a new Self Improved Cat and Mouse Based Optimizer (SI-CMBO), which has been an advanced version of the standard Cat and Mouse Based Optimizer. The proposed model is validated in terms of encryption time, decryption time, KPA attacks as well.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.8C
• /
• pp.670-679
• /
• 2012

The recent dissemination of cloud computing makes the amount of data storage to be increased and the cost of storing the data grow rapidly. Accordingly, data and service requests from users also increases the load on the cloud storage. There have been many works that tries to provide low-cost and high-performance schemes on distributed file systems. However, most of them have some weaknesses on performing parallel and random data accesses as well as data accesses of frequent small workloads. Recently, improving the performance of distributed file system based on caching technology is getting much attention. In this paper, we propose a CHPC(Cloud storage High-Performance Caching) framework, providing parallel caching, distributed caching, and proxy caching in distributed file systems. This study compares the proposed framework with existing cloud systems in regard to the reduction of the server's disk I/O, prevention of the server-side bottleneck, deduplication of the page caches in each client, and improvement of overall IOPS. As a results, we show some optimization possibilities on the cloud storage systems based on some evaluations and comparisons with other conventional methods.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.49-56
• /
• 2008

Recently, Phising attack uses trick of URL and sites, and technical concealment method which infiltrates sophisticated malicious code. However, sometimes Phising security technology cannot cover all of Phising methods. Consequently, this research proposes inspection to solve this problem. First, we can install Proxy server for a strong open information exchange of web environment between web servers and clients. Therefore, it compares and analyzes harmful site and Phising URL with White domain list, and filters them. Finally, designs for stable web based information so that we can block Phising with least regulation and active control. So the purpose of this paper is introducing this design system and structure, and inspect them.

• IEIE Transactions on Smart Processing and Computing
• /
• v.5 no.2
• /
• pp.94-99
• /
• 2016

Application layer attacks have for years posed an ever-serious threat to network security, since they always come after a technically legitimate connection has been established. In recent years, cyber criminals have turned to fully exploiting the web as a medium of communication to launch a variety of forbidden or illicit activities by spreading malicious automated software (auto-ware) such as adware, spyware, or bots. When this malicious auto-ware infects a network, it will act like a robot, mimic normal behavior of web access, and bypass the network firewall or intrusion detection system. Besides that, in a private and large network, with huge Hypertext Transfer Protocol (HTTP) traffic generated each day, communication behavior identification and classification of auto-ware is a challenge. In this paper, based on a previous study, analysis of auto-ware communication behavior, and with the addition of new features, a method for classification of HTTP auto-ware communication is proposed. For that, a Not Only Structured Query Language (NoSQL) database is applied to handle large volumes of unstructured HTTP requests captured every day. The method is tested with real HTTP traffic data collected through a proxy server of a private network, providing good results in the classification and detection of suspicious auto-ware web access.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.2
• /
• pp.309-315
• /
• 2017

Recently it has drawn much attention on the technologies about Internet of Things (IoT) which connects objects with constrained resource and heterogenous communication module in order to communicate information via internet. We propose a real-time sensor monitoring system based on IPv6 over Bluetooth Low Energy (BLE), which is included in Bluetooth 4.2 Specification. Since this system uses a publish-subsribe based IoT protocol, so called Message Queueing Telemetry Transport (MQTT), neither transforming network data nor any proxy server is needed in order to transmit data. Through the web client connected to this system, you can monitor sensor data sent by BLE device in real-time, intermediated via MQTT broker and then delivered to the client via HTTP and websocket protocol. In this paper we evaluated network capacity and availability of the implemented test platform. Thus by using this system it is possible to make development cost low and to construct IoT network with heterogenous devices easily.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5B
• /
• pp.498-507
• /
• 2004

The fast and Precise service for the users request is the most important in the World Wide Web. However, the lest service is difficult due to the rapid increase of the Internet users recently. The Shared Web Caching (SWC) is one of the methods solving this problem. The performance of SWC is highly depend on the hit rate and the hit rate is effected by the memory size, processing speed of the server, load balancing and so on. The conventional load balancing is usually based on the state history of system, but the prediction of the state of the system can be used for the load balancing that will further improve the hit rate. In this study, a Hot Spot Prediction Method (HSPM) has been suggested to improve the throughputs of the proxy. The predicted hot spots, which is the item most frequently requested, should be predicted beforehand. The result show that the suggested method is better than the consistent hashing in the point of the load balancing and the hit rate.

• The KIPS Transactions:PartB
• /
• v.11B no.3
• /
• pp.361-368
• /
• 2004

This paper proposes an interactive VOD system to serve truly interactive VCR services using multicast delivery, client buffer and web-caching technique which implements the distributed proxy in Head-End- Network(HNET). This technique adopts some caches in the HNET that consists of a Switching Agent(SA), some Head-End-Nodes(HEN) and many clients. In this model, HENs distributively store the requested video under the control of SA. Also, client buffer dynamically expands to support various VCR playback rate. Thus, interactive services are offered with transmitting video streams from network, HENs and stored streams on buffer. Therefore this technique makes the load of network occur In the limited area, minimizes the additional channel allocation from server and restricts the transmission of duplicated video contents

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.6
• /
• pp.1593-1602
• /
• 1998

In this paper, a hybrid firewall system using the screening router, dual-homed gateway, screened host galeway and the application level gateway is proposed, The screened host gateway is comjXlsed of screening router, DMZ and bastion host. All external input traffics are filtered by screening router with network protrcol filtering, and transmitted to the bastion host performing application level filtering, The dual homed gateway is an internlediate equipment prohibiting direct access from external users, The application level gateway is an equipment enabling transmission using only the proxy server. External users can access only through the public servers in the DMZ, but internal users can aeee through any servers, The rule base which allows Telnet only lo the adrnilllslratol is applied to manage hosts in the DMZ According to the equipmental results, denial of access was in orderof Web. Mail FTP, and Telnet. Access to another servers except for server in DMZ were denied, Prolocol c1mials of UDP was more than that of TCP, because the many hosts broadcasted to networds using BOOTP and NETBIOS, Also, the illegal Telnet and FTP that transfer to inside network were very few.

• Journal of Digital Convergence
• /
• v.11 no.3
• /
• pp.273-277
• /
• 2013

Phishing attacks have been implemented in smarter, more advanced ways with the passage of time. Hackers use intelligent phishing attacks to take over computers and to penetrate internal networks in major organizations. So, in this paper, a model for a prevention of phishing attack spread is conceptual designed in order to protect internal users and sensitive or important information from sophisticated phishing attacks. Internal users simultaneously utilize both external web and organizational mail services. And hackers can take the both side equally as a vector. Thus, packets in each service must be monitored and stored to recognize threatening elements from both sides. The model designed in this paper extends the mail server based security structure used in conventional studies for the protection of Internet mail services accessed by intranet users. This model can build a list of phishing sites as the system checks e-mails compared to that of the method that directly intercepts accesses to phishing sites using a proxy server, so it represents no standby time for request and response processes.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.847-854
• /
• 2001

The Web continues to grow fast rate in both a large aclae volume of traffic and the size and complexity of Web sites. Along with growth, the complexity of tasks such as Web site design Web server design and of navigating simply through a Web site have increased. An important input to these design tasks is the analysis of how a web site is being used. The is paper proposes a Page logging System(PLS) identifying reliably user sessions required in Web mining system PLS consists of Page Logger acquiring all the page accesses of the user Log processor producing user session from these data, and statements to incorporate a call to page logger applet. Proposed PLS abbreviates several preprocessing tasks which spends a log of time and efforts that must be performed in Web mining systems. In particular, it simplifies the complexity of transaction identification phase through acquiring directly the amount of time a user stays on a page. Also PLS solves local cache hits and proxy IPs that create problems with identifying user sessions from Web sever log.