• Review of KIISC
• /
• v.6 no.2
• /
• pp.5-20
• /
• 1996

본 고는 인터네트와 내부(로컬) 네트워크 사이에 위치하여 내부 네트워크의 자원 및 중요한 정보를 해커 및 불법 침입자로부터 보호하기 위해서 사용되는 방화벽(Firewall) 시스템에 대해 분석하였다. 방화벽 시스템은 OSI 참조 모델의 계층 3과 계층 4에서 프로토콜 정보에 따라 패킷 필터링을 수행하는 스크리닝 라우터(Screening Router) 와 OSI 참조 모델의 상위 계층에서 트래픽을 허가 및 거절하는 게이트웨이 혹은 proxy로 크게 나눌 수 있다. 이러한 방화벽 시스템들은 인터네트 등의 외부 네트워크와 내부 네트워크 사이에서 네트워크 트래픽을 감시하고, 허가 및 거절하는 역할을 수행한다. 인터네트 등 외부 네트워크에 연결된 내부 네트워크를 보호하기 위해서는 강력한 암호화기법 및 정보보호 서비스를 내부 네트워크의 시스템에 구현하고, 방화벽 시스템을 사용하면 해커 등과 같은 불법 침입자로부터 내부 네트워크의 자원 및 정보를 보다 효율적으로 보호할 수 있다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.41-47
• /
• 2012

MANET has vulnerable structure on security owing to structural characteristics as follows. MANET consisted of moving nodes is that every nodes have to perform function of router. Every node has to provide reliable routing service in cooperation each other. These properties are caused by expose to various attacks. But, it is difficult that position of environment intrusion detection system is established, information is collected, and particularly attack is detected because of moving of nodes in MANET environment. It is not easy that important profile is constructed also. In this paper, conformal predictor - support vector machine(CP-SVM) based intrusion detection technique was proposed in order to do more accurate and efficient intrusion detection. In this study, IDS-agents calculate p value from collected packet and transmit to cluster head, and then other all cluster head have same value and detect abnormal behavior using the value. Cluster form of hierarchical structure was used to reduce consumption of nodes also. Effectiveness of proposed method was confirmed through experiment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4641-4657
• /
• 2017

Named Data Networking (NDN) has emerged and become one of the most promising architectures for future Internet. However, like traditional IP-based networking paradigm, NDN may not evade some typical network threats such as malicious data aggregates (MDA), which may lead to bandwidth exhaustion, traffic congestion and router overload. This paper firstly analyzes the damage effect of MDA using realistic simulations in large-scale network topology, showing that it is not just theoretical, and then designs a fine-grained MDA mitigation mechanism (MDAM) based on the cooperation between routers via alert messages. Simulations results show that MDAM can significantly reduce the Pending Interest Table overload in involved routers, and bring in normal data-returning rate and data-retrieval delay.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.205-207
• /
• 2004

MIPv6(Mobile IPv6)를 확장한 새로운 이동통신 기술인 이동 네트워크 (NEtwork Mobility, NEMO)는 여러 개의 노드와 하나 이상의 이동 라우터(Mobile Router, MR)로 구성되어 네트워크 단위로 이동성을 지원한다. NEMO의 경우 여러 네트워크들이 계층적으로 이루어진 형태를 가지고 있기 때문에, 상위 네트워크와 하위 네트워크의 긴밀한 관계가 유지되어야 한다. 따라서 이동 네트워크와 자신에게 서비스를 제공해 줄 방문 네트워크상에서 상위 네트워크와의 상호인중이 보안상 무엇보다 중요하다. 본 논문은 PKI와 challenge-response를 사용한 상호인중을 제안한다. 또한, 이러한 인중에 필요한 인증서를 받기 위해서는 기존의 중앙 집중화된 인중기관의 인중서 서비스는 이동 환경에 적합하지 않으므로, secret-share 기법을 이용하여 분산화 된 환경에서 인중서 서비스를 제공하는 안전한 보안 구조를 제안한다.

• Annual Conference of KIPS
• /
• 2002.04b
• /
• pp.1407-1410
• /
• 2002

한 호스트에게 과다한 트래픽을 보내는 서비스 거부 공격을 막기 위하여, 허용한도 이상의 트래픽을 차단할 필요가 있다. 이 때 가능한 한 트래픽의 근거지에서 가까운 곳의 라우터에서 그 차단을 실행해줄수록 이상적으로 차단할 수 있으므로, 공격자의 네트워크 상의 위치를 파악하는 일이 중요하다. 본 연구에서는 피해자의 요청 및 공격의 파악에 따라, 피해자와 공격자사이에 있는 공격경로 상의 라우터들이 서로 협조하여 공격자를 적발할 수 있는 프로토콜을 제안한다. 설계된 프로토콜은 시뮬레이션을 통하여 성능을 평가하였으며, 그 결과 설계된 프로토콜은 적은 시간 내에 공격자의 위치를 찾는 효과를 가져왔다.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.6
• /
• pp.1593-1602
• /
• 1998

In this paper, a hybrid firewall system using the screening router, dual-homed gateway, screened host galeway and the application level gateway is proposed, The screened host gateway is comjXlsed of screening router, DMZ and bastion host. All external input traffics are filtered by screening router with network protrcol filtering, and transmitted to the bastion host performing application level filtering, The dual homed gateway is an internlediate equipment prohibiting direct access from external users, The application level gateway is an equipment enabling transmission using only the proxy server. External users can access only through the public servers in the DMZ, but internal users can aeee through any servers, The rule base which allows Telnet only lo the adrnilllslratol is applied to manage hosts in the DMZ According to the equipmental results, denial of access was in orderof Web. Mail FTP, and Telnet. Access to another servers except for server in DMZ were denied, Prolocol c1mials of UDP was more than that of TCP, because the many hosts broadcasted to networds using BOOTP and NETBIOS, Also, the illegal Telnet and FTP that transfer to inside network were very few.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.29-34
• /
• 2004

As the number of internet users grows rapidly, the services which users required becomes various. However, for fulfilling these various user requirements, the existing passive network should be standardized for a long time. To resolve the delay on providing services, active network as a new technology was suggested. Its router or switch with DARPA as center has the program running ability, so user oriented network can be composed. However, active network's architecture can resolve the user required service using mobile code on the network node, but it is more complex, easy-to-attack, various than the passive network. Many researchers have tried to resolve this problem. So, this paper studied the mobile code security service in active network environment to provide user's convenience and accommodation, and introduced ANASP system as an alternative.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.6A
• /
• pp.632-641
• /
• 2007

Since the mobile node acts as the router, the Mobile Ad Hoc network requires the security methods that are different from that of network of the wire environment. Also, since the total network can't be included in the transmission area of the mobile node, when one node sends the message to the other node, we need the middle node. But if the middle node is the unreliable malicious node, we can't guarantee the secure message transmission. Also, because all nodes configuring the network are the mobile nodes, they use the restricted battery capacity and the restricted resources. Therefore, because we have trouble performing the encryption that many resources are required when we sending the message, it is vulnerable to the security than the network of the wire environment. Last, because the network topology continues to change by the mobility of nodes configuring the network, we need the security measure that matches the network characteristics. We suggest the routing attack detection for performance enhancement of AODV protocol in Mobile Ad Hoc networks.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.31-37
• /
• 2011

Recently on tile network to ensure the anonymity of Mixed networking has been actively researched. It uses encrypted communications between Nodes and communications path is changed often to the attacker traceback and response, including the difficult thing is the reality. National institutions and infrastructure in these circumstances, the attack on the national level, if done on a large scale can be disastrous in. However, an anonymous network technology to cover up their own internet communication, it malicious form of Internet use by people who enjoy being continually updated and new forms of technology being developed is a situation continuously. In addition, attacks in the future application of these technologies is expected to continue to emerge. However, this reality does not deserve this thesis is prepared. In this paper, anonymously using a network to respond effectively to a cyber attack on the early detection research is to proceed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.5
• /
• pp.933-939
• /
• 2007

There is a tremendous increase in the growth of Internet making people's life easy. The rapid growth in technology has caused misuse of the Internet like cyber Crime. There are several vulnerabilities in current firewall and Intrusion Detection Systems (IDS) of the Network Computing resources. Automatic real time station chase techniques can track the internet invader and reduce the probability of hacking Due to the recent trends the station chase technique has become inevitable. In this paper, we design and implement Active Security system using ICMP Traceback message. In this design no need to modify the router structure and we can deploy this technique in larger network. Our Implementation shows that ICMP Traceback system is safe to deploy and protect data in Internet from hackers and others.