http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
Kim, Soongohn,Kim, Seoksoo,Lee, Geuk Elsevier 2009 Future generations computer systems Vol.25 No.3
<P><B>Abstract</B></P><P>In this paper, we have discussed the issues concerning the basic concept and classification of OT (Oblivious Transfer). We have proposed secure verifiable non-interactive oblivious transfer protocols for the exchange of secrets on distributed environments. One is a new secure verifiable non-interactive oblivious transfer protocol using RSA, the other is that with bit commitment using one-way functions. The structure of the protocols is similar to that of the original protocols proposed by Bellare and Micali. Their protocols are based on the difficulty of the discrete logarithm problem. Our protocols are also based on the difficulty of the discrete logarithm problem. The secret in their protocol could be chosen as a random number. The security in our protocols also can be chosen as a random number. These methods have the additional functions that enable us to authenticate the sender and to protect one’s denial of what he/she has sent the messages to the other. The traffic amount of transfer of the proposed methods is less than or equal to that of the conventional interactive method.</P>
소프트웨어-정의 네트워크에서 분산형 서비스 거부(DDoS) 공격에 대한 탐지 기술 연구
김순곤(SoonGohn Kim) 한국정보전자통신기술학회 2020 한국정보전자통신기술학회논문지 Vol.13 No.1
최근 네트워크 구성은 SDN/NFV 기반으로 쉽고 자유로운 네트워크 서비스 구성이 가능하도록 빠르게 전환중이다. SDN의 많은 장점과 적용에도 불구하고 분산형 서비스 거부(Distributed Denial of Service: DDoS) 공격과 같은 많은 보안 문제가 연구 이슈로 지속적으로 제기되고 있다. 특히, DDoS 공격의 효과는 훨씬 더 신속하게 나타나며 기존의 네트워크에 비하여 SDN에서는 더욱더 치명적인 피해를 발생시키고 있다. 본 논문에서는 SDN에서 DDoS 공격을 감지하고 완화하기 위해 엔트로피 기반 기법을 제안하고 실험을 통해 입증하였다. 본 논문에서 제안하는 기법은 단일 시스템에 대한 DDoS 공격을 탐지하고 시간 특성 기법을 활용하여 이러한 공격을 완화하도록 설계하였으며, 제안한 기법을 적용했을때 3.21%의 네트워크 혼잡도를 발생시키지만, 20(19.86)%의 패킷 분실률을 줄이는 효과를 실험을 통해 확인하였다. Recently, the network configuration is being rapidly changed to enable easy and free network service configuration based on SDN/NFV. Despite the many advantages and applications of SDN, many security issues such as Distributed Denial of Service (DDoS) attacks are being constantly raised as research issues. In particular, the effectiveness of DDoS attacks is much faster, SDN is causing more and more fatal damage. In this paper, we propose an entropy-based technique to detect and mitigate DDoS attacks in SDN, and prove it through experiments. The proposed scheme is designed to mitigate these attacks by detecting DDoS attacks on single and multiple victim systems and using time – specific techniques. We confirmed the effectiveness of the proposed scheme to reduce packet loss rate by 20(19.86)% while generating 3.21% network congestion.