• Journal of the Korea Society of Computer and Information
• /
• v.11 no.5 s.43
• /
• pp.241-250
• /
• 2006

Regarding a spam attack and the interception that a spinoff is largest among weakness of VoIP service at these papers study. Write scenario of a spam attack regarding VoIP service, and execute Call spam, Instant Messaging spam, Presence spam attack. A spam attack is succeeded in laboratories, and prove, and confirm damage fact of a user in proposals of a spam interception way of VoIP service, 1) INVITE Request Flood Attack 2) Black/White list, 3) Traceback, 4) Black Hole-Sink Hole, 5) Content Filtering, 6) Consent based Communication, 7) Call act pattern investigation, 8) Reputation System Propose, and prove. Test each interception plan proposed in VoIP networks, and confirm security level of a spam interception. Information protection of VoIP service is enlarged at WiBro, BcN, and to realize Ubiquitous Security through result of research of this paper contribute, and may make.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.6
• /
• pp.217-224
• /
• 2008

EThis paper is study regarding banking institution and DoS attack regarding government organization which occurred in 2008. We used a tool aggressive actual DoS You install the N-IDS which used Snort in networks in order to detect a DoS attack. Storages of Winpcap and a packet to detect a packet and MySQL, HSC, to analyze. We install NET Framework etc. E-Watch etc. analyzes Packet regarding a DoS attack of a hacker and TCP, UDP etc. information, Port, MAC and IP information etc. through packet analysis tools. There is a meaning you analyze data regarding the cyber DoS, DDoS attack that is dysfunction of Ubiquitous Information Society, and it generates forensics data regarding an invader and back-tracking analysis data, and to ensure safe Internet information system through this paper study.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.31-38
• /
• 2015

Recently the government civil affairs administration system has been advanced to a cloud computing environment from a simple network environment. The electronic civil affairs processing environment in recent years means cloud computing environment based bid data services. Therefore, there exist lots of problems in processing big data for the government civil affairs service compared to the conventional information acquisition environment. That is, it processes new information through collecting required information from different information systems much further than the information service in conventional network environments. According to such an environment, applications of providing administration information for processing the big data have been becoming a major target of illegal attackers. The objectives of this study are to prevent illegal uses of the electronic civil affairs service based on IPs nationally located in civil affairs centers and to protect leaks of the important data retained in these centers. For achieving it, the safety, usability, and security of services are to be ensured by using different authentication processes and encryption methods based on these processes.

• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.31-37
• /
• 2011

Recently on tile network to ensure the anonymity of Mixed networking has been actively researched. It uses encrypted communications between Nodes and communications path is changed often to the attacker traceback and response, including the difficult thing is the reality. National institutions and infrastructure in these circumstances, the attack on the national level, if done on a large scale can be disastrous in. However, an anonymous network technology to cover up their own internet communication, it malicious form of Internet use by people who enjoy being continually updated and new forms of technology being developed is a situation continuously. In addition, attacks in the future application of these technologies is expected to continue to emerge. However, this reality does not deserve this thesis is prepared. In this paper, anonymously using a network to respond effectively to a cyber attack on the early detection research is to proceed.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.40 no.1
• /
• pp.36-44
• /
• 2003

This paper proposes a Viterbi decoding scheme without trace-back operations to reduce the amount of memory storing the survivor path information, and to increase the decoding speed. The proposed decoding scheme is a modified register exchange scheme, and is verified by a simulation to give the same results as those of the conventional decoders. It is compared with the conventional decoding schemes such as the trace-back and the register exchange scheme. The memory size of the proposed scheme is reduced to 1/(5 x constraint length) of that of the register exchange scheme, and the throughput is doubled compared with that of the trace-back scheme. A decoder with a code rate of 2/3, a constraint length, K＝3 and a trace-back depth of 15 is designed using VHDL and implemented in an FPGA. It is also shown that the modified register exchange scheme can be applied to a block decoding scheme.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.285-288
• /
• 2010

Chinese hackers hack the e-commerce site by bypass South Korea IP to connect to the third country, finance damaging a violation incident that fake account. 7.7.DDoS attack was the case of a hacker attack that paralyzed the country's main site. In this paper, the analysis is about vulnerabilities that breaches by hackers and DDoS attacks. Hacker's attacks and attacks on the sign of correlation analysis is share the risk rating for in real time, Red, Orange, Yellow, Green. Create a blacklist of hackers and real-time attack will be studied security and air conditioning systems that attacks and defend. By studying generate forensic data and confirmed in court as evidence of accountability through IP traceback and detection about packet after Incident, contribute to the national incident response and development of forensic techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.719-731
• /
• 2012

One of the most important point in the Internet crime investigation is tracing back and pointing out a criminal host. However, criminals can forge a crime record stored in the crime host, or can utilize malicious applications in order not to leave a crime record. In addition, criminals can change the source IP address of a crime host and deny their involvement. In this study, we suggests the Network Forensic Evidence Generation and Verification Scheme (NFEGVS) to rectify the current limitation of Network Forensic technologies. This scheme can prove who and when the crime has occurred. In addition, this prevents leaking of symmetric key for guaranteeing certification and integrity of Forensic Evidence by proposing the Timestamp Secret Key Distribution Scheme, and minimizes performance degradation of router when generating forensic evidence with the Flow-Based Selection Scheme. In this paper, we implement the proposed scheme and evaluate overall performance of the proposed system.

• The Journal of Korean Institute of Information Technology
• /
• v.17 no.3
• /
• pp.31-41
• /
• 2019

In this paper, we design and implement the simulator for the transmitter and receiver of 4D-8PSK TCM with 2.0, 2.25, 2.5, and 2.75 bits/symbol-channel transmission efficiency recommended by the CCSDS for satellite communications, and then analyze the BER performance of 4D-8PSK TCM system in AWGN channel. The transmitter of 4D-8PSK TCM is designed in accordance with the recommendation in the CCSDS standard. Meanwhile, for the receiver design of 4D-8PSK TCM, we design the differential decoder generalizing the differential encoder/decoder scheme. The trellis decoding algorithm is designed by applying the auxiliary trellis information and the Viterbi algorithm, and an 8-dimensional constellation mapper equation given in the CCSDS standard is deconstructed to design constellation mapper. Especially, we present the optimized receiver for 4D-8PSK TCM system by investigating the BER performances for the traceback lengths in the Viterbi decoder through computer simulations..

• Journal of Microbiology and Biotechnology
• /
• v.32 no.10
• /
• pp.1307-1314
• /
• 2022

In this study, we sought to investigate the various characteristics of Salmonella spp. isolated from raw chicken meats available in Korean markets. The data collected, such as food source of isolation, sampling information, serotype, virulence, and genetic profile including sequence type, were registered in the database for further comparative analysis of the strains isolated from the traceback investigation samples. To characterize serotype, virulence and gene sequences, we examined 113 domestically distributed chicken meat samples for contamination with Salmonella spp. Phylogenetic analysis was conducted on 24 strains (21.2%) of Salmonella isolated from 113 commercially available chicken meats and by-products, using pulsed-field gel electrophoresis (PFGE) and multilocus sequence typing (MLST). Serotyping of the isolated Salmonella spp. revealed S. Enteritidis in 11 strains (45.8%), S. Virchow in 6 strains (25%), S. Montevideo in 2 strains (8.3%), S. Bsilla in 2 strains (8.3%), S. Bareilly in 1 strain (4.2%), S. Dessau in 1 strain (4.2%), and S. Albany in 1 strain (4.2%). The genetic correlation indicated that 24 isolated strains were classified into 18 clusters with a genetic similarity of 64.4-100% between them. Eleven isolated S. Enteritidis strains were classified into 9 genotypes with a sequence identity of 74.4%, whereas the most distantly related S. Virchow was divided into five genotypes with 85.9% identity. Here, the MLST analysis indicated that the major Sequence Type (ST) of the Salmonella spp. isolated from domestic chicken sold in Chungcheong Province belongs to the ST 11 and 16, which differs from the genotype of Salmonella isolated from imported chicken. The differential sequence characteristics can be a genetic marker for identifying causative bacteria for epidemiological investigations of food poisoning.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.3
• /
• pp.916-937
• /
• 2023

Most of the existing Distributed Denial-of-Service mitigation schemes in Software-Defined Networking are only implemented in the network domain managed by a single controller. In fact, the zombies for attackers to launch large-scale DDoS attacks are actually not in the same network domain. Therefore, abnormal traffic of DDoS attack will affect multiple paths and network domains. A single defense method is difficult to deal with large-scale DDoS attacks. The cooperative defense of multiple domains becomes an important means to effectively solve cross-domain DDoS attacks. We propose an efficient multi-domain DDoS cooperative defense mechanism by integrating blockchain and SDN architecture. It includes attack traceability, inter-domain information sharing and attack mitigation. In order to reduce the length of the marking path and shorten the traceability time, we propose an AS-level packet traceability method called ASPM. We propose an information sharing method across multiple domains based on blockchain and smart contract. It effectively solves the impact of DDoS illegal traffic on multiple domains. According to the traceability results, we designed a DDoS attack mitigation method by replacing the ACL list with the IP address black/gray list. The experimental results show that our ASPM traceability method requires less data packets, high traceability precision and low overhead. And blockchain-based inter-domain sharing scheme has low cost, high scalability and high security. Attack mitigation measures can prevent illegal data flow in a timely and efficient manner.