• The KIPS Transactions:PartA
• /
• v.11A no.2
• /
• pp.143-148
• /
• 2004

The session management overhead on the network systems like firewalls or intrusion detection systems is getting grown as the session table is glowing. In this paper. we propose the event-based timeout management policy to increase packet processing throughput on network systems by decreasing the system's timeout management overhead that is comparable to the existing time-based timeout management policies. Through some empirical studies using a session management system implemented in this paper we probed that the proposed policy provides better packet processing throughput than the existing policies.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.181-196
• /
• 2014

Cloud computer technology currently provides diverse services based on a comprehensive environment ranging from hardware to solution, network and service. While the target of services has been extended from institutions and corporations to personal infrastructure and issues were made about security problems involved with protection of private information, measures on additional security demands for such service characteristics are insufficient. This paper proposes a multi-session authentication technique based on the characteristics of SaaS (Software as a Service) among cloud services. With no reliable authentication authority, the proposed technique reinforced communication sessions by performing key agreement protocol safe against key exposure and multi-channel session authentication, providing high efficiency of performance through key renewal using optimzied key table. Each formed sessions have resistance against deprivation of individual confirmation and service authority. Suggested confirmation technique that uses these features is expected to provide safe computing service in clouding environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5C
• /
• pp.410-419
• /
• 2012

This paper proposes a secure and efficient anonymous authentication scheme for health information push service based on indoor location in hospital. The proposed scheme has the following benefits: (1)It is just based on a secure one-way hash function for avoiding complex computations for both health care operations users and health care centers. (2)It does not require sensitive verification table which may cause health care centers to become an attractive target for numerous attacks(e.g., insertion attacks and stolen-verifier attacks), (3)It provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, user's privacy, simple key management, and session key independence). As result, the proposed scheme is very suitable for various location-based medical information service environments using lightweight-device(e.g., smartphone) because of very low computation overload on the part of both health care operations users and health care centers.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.343-351
• /
• 2015

With the diverse services of the current M2M environment being expanded to the organizations, the corporations, and the daily lives, the possibility of the occurrence of the vulnerabilities of the security of the related technologies have become an issue. In order to solve such a problem of the vulnerability of the security, this thesis proposes the technique for applying the cryptography algorithm for the protection of the device key of the M2M environment. The proposed technique was based on the elliptic curve cryptography Through the key exchange and the signature exchange in the beginning, the security session was created. And the white box cipher was applied to the encryption that creates the white box table using the security session key. Application results cipher algorithm, Elliptic Curve Cryptography provides a lightweight mutual authentication, a session key for protecting the communication session and a conventional white-box cipher algorithm and was guaranteed the session key used to encrypt protected in different ways. The proposed protocol has secure advantages against Data modulation and exposure, MITM(Man-in-the-middle attack), Data forgery and Manipulation attack.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.619-622
• /
• 2005

본 논문은 최근의 네트웍 장비의 기본적인 기능인 stateful inspection 을 지원하기 위해 생성되는 세션 테이블들의 구조와 그 효율성을 확인한다. 그를 위해 LINUX, FreeBSD, OpenBSD 등의 운영체제에서 사용되고 있는 방화벽 소프트웨어들의 세션 테이블 구조 및 특징을 확인하고 실제 실험을 통해 구조적 특징 및 트래픽의 지역성이 테이블의 탐색에 걸리는 오버헤드를 줄이는 데에 어떠한 영향을 미치는지 실제 실험하였으며, 트리 구조를 가지는 세션 테이블이 worst case 시의 테이블 탐색시간을 줄여줌으로써 전체적인 패킷 처리시간을 줄여줄 수 있는 구조임을 확인한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.4
• /
• pp.127-138
• /
• 2006

The IPSec is a basic security mechanism of the IPv6 protocol, which can guarantee an integrity and confidentiality of data that transmit between two corresponding hosts. Also, both data and communication subjects can be authenticated using the IPSec mechanism. However, it is difficult that the IPSec mechanism protects major important network from attacks which transmit mass abnormal IPSec traffic in session-configuration or communication phases. In this paper, we present a design of the security system that can effectively detect and defeat abnormal IPSec traffic, which is encrypted by the ESP extension header, using the IPSec Session and Configuration table without any decryption. This security system is closely based on a multi-tier attack mitigation mechanism which is based on network bandwidth management and aims to counteract DDoS attacks and DoS effects of worm activity.

• Journal of KIISE:Information Networking
• /
• v.32 no.4
• /
• pp.443-451
• /
• 2005

Stateful inspection devices must maintain flow information. These devices create the flow information also for network attack packets, and it can fatally inflate the dynamic memory allocation on stateful inspection devices under network attacks. The memory inflation leads to memory overflow and subsequent performance degradation. In this paper, we present a guideline to set the flow entry timeout for a stateful inspection device to remove harmful embryonic entries created by network attacks. Considering Transmission Control Protocol (TCP) if utilized by most of these attacks as well as legitimate traffic, we propose a parsimonious memory management guideline based on the design of the TCP and the analysis of real-life Internet traces. In particular, we demonstrate that for all practical purposes one should not reserve memory for an embryonic TCP connection with more than (R+T) seconds of inactivity where R=0, 3, 9 and $1\leqq{T}\leqq{2}$ depending on the load level.

• Journal of the Society of Disaster Information
• /
• v.17 no.1
• /
• pp.143-153
• /
• 2021

Purpose: The purpose of this study was to analyze data from the Ministry of Health, Safety and Health and the Ministry of Employment and Labor, and the total number of deaths (disease + accidents) reached 2,020 in 2019 and the estimated economic loss was 27.6 trillion won. This is believed to be the time to present improvements to ensure that economic loss estimates are steadily increasing as in Table 1, and that government-level losses can be drastically reduced. Method: In this study, factors were selected through prior research, and reliability analysis, technical statistics and correlation analysis, and multi-term analysis were conducted through the Jamovi program for the analysis of results. Result: Multiple session analysis was conducted to verify the research theory indicated in this study, and the analysis showed that mechanical and management factors did not affect the fall death accident of the opening, and human factors, material and environmental factors had a static effect. In addition, mechanical and administrative factors do not affect the fall of the outer wall, and human and material and environmental factors have a static effect. Conclusion:: As a result of analyzing 450 falling deaths over the past 13 years among the data posted to the Korea Health and Safety Corporation, the most common causes of falling deaths were the openings and outer walls.