http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
서비스 거부 공격에 대응한 웹서버 가용성 향상을 위한 운용 정책 방안
백남균(Namkyun Baik),정수환(Souhwan Jung) 한국통신학회 2008 韓國通信學會論文誌 Vol.33 No.8B
본 연구에서는 네트워크 기반 서비스거부공격에 대응하여 웹서버의 가용성을 향상 시킬 수 있는 보안노드를 설계하고자, 과부하 상태에서 문서의 인기도에 기반 하여 신규 세션 허용을 제어할 수 있는 동적 서비스 메커니즘을 품질 향상방안으로 제안하였다. 그 결과, 과부하가 지속될수록 기존 방식에 비해 웹서비스 요청 세션에 대한 연결접속률과 연결완성률이 크게 향상됨을 알 수 있었다. This paper proposes a 'secure node' to be robust against network-based DoS attacks. The secure node selectively accepts new sessions based on the Zipf's law while a link is in the overload state. Our scheme calculates a threshold value for overload state, and provides a dynamic service mechanism for enhancing availability of a web server. The simulation results show performance improvement of the proposed scheme in terms of completion/connection ratios.
HTTP GET Flooding 공격에 대한 다단계 탐지 기법
백남균(Namkyun Baik),이재호(Jaeho Lee) 인문사회과학기술융합학회 2018 예술인문사회융합멀티미디어논문지 Vol.8 No.5
This paper proposes a method of establishing an effective application-based countermeasure against distributed denial-of-service (DDoS) attacks utilizing HTTP GET flooding. We propose a new multi-level detection scheme that requires simple pattern matching and low-volume computation. First of all, traffic load versus web service connection is the starting point of the detection function in order to eliminate the limitation that the normal HTTP GET packet of the existing countermeasures may be blocked indiscriminately. Next, we proposed a function to remove the abnormal traffic filtering by the same sequence number duplication check and dynamic content request comparison of HTTP GET requests. Since the proposed multi-phase scheme greatly improves the degree of availability of web services that the normal user actually feels, this study is expected to greatly contribute to the identification and response of HTTP GET Flooding DDoS attacks. 본 연구에서는 HTTP GET Flooding DDoS 공격에 대한 효과적인 응용계층 기반 대응책을 수립하는데 필요한 기초 자료를 제공하고자, 단순한 패턴 매칭과 저용량 연산을 요구하는 새로운 다단계 탐지기법을 제안하고자 한다. 먼저 기존의 대응 방식들이 가지고 있는 정상적인 HTTP GET 패킷도 무분별하게 차단될 수 있는 한계를 제거하고자 ‘웹 서비스 연결 대비 트래픽 부하량‘을 탐지 기능의 시작점으로 두었다. 다음으로 HTTP GET 요청들의 ‘동일한 순서번호 중복 검사’ 그리고 ‘동적 콘텐츠 요청 비교’에 의한 비정상 트래픽 선별 제거 기능을 제안하였다. 제안된 기법이 기존의 방식보다 성능면에서 우수함을 보이기 위해 웹 서비스 특성 기반 성능 평가 지표인 ‘서비스 접속률’과 ‘콘텐츠 완성률’을 사용하였다. 시험을 통해 제안한 다단계 기법이 정상 사용자가 실제 느끼는 웹서비스 가용성의 정도를 크게 높여 주었기에 본 연구결과는 HTTP GET Flooding DDoS 공격 식별 및 대응에 크게 기여할 수 있을 것으로 기대한다.
백남균,Baik, Namkyun 디지털산업정보학회 2019 디지털산업정보학회논문지 Vol.15 No.2
In this paper, we propose 'a self - conformance system of convergence security provider' to provide basic data for security and reliability of convergence industrial technology, system and service. It is difficult to evaluate convergence security systems, limited to information and communication service providers, unable to check convergence security items, burden of submission documents, difficulty in measuring convergence security service level and we will summarize product and service-based requirements that can be integrated and systematically measure the level of convergence security and define renewed life cycle-based convergence security information and content security and assurance requirements. On the basis of this, each convergence security company declares conformity with the standard itself without the certification of the certification body, and introduces the provider conformity certification system which can manufacture and sell. This will enable the company to strengthen its competitiveness through timely launch and implementation of products and services and cost reduction.
GABP Neural Network Algorithm Applied in Evaluation of Computer Network Security
Ranbeer Tyagi,Geetam Singh Tomar,Namkyun Baik 보안공학연구지원센터 2016 International Journal of Security and Its Applicat Vol.10 No.12
In this paper, in order to assess the risk of network, network security assessment process being involved in the content in detail. The above-mentioned research-based support system platform security test and evaluate research of the safety situation assessment. Prediction subsystem detailed design and carry out the implementation. In this paper, network security issues, as a detailed study of neural networks knowledge. Focus on the evaluation methods and calculation rules of nerve network technology, it has been studied by specific examples. Calculation demonstrated the feasibility of neural network evaluation model through actual case, which pointed out the traditional methods. This paper focuses on the network security assessment based on neural network technology, extensive analysis of the proposed major modeling tool indicator system for network security analysis. The application of neural networks was a network security assessment and to optimize the network by genetic algorithm. The key parameter combination operated efficiency of neural networks to get better play.
Mobile Phone-based Real-time Dangerous Object Recognition for the Visually Impaired
Seungbin Kim,Hartono Rodi,Tshibang Patrick A Kalend,Namkyun Baik,Kyoo Jae Shin 대한전자공학회 2023 IEIE Transactions on Smart Processing & Computing Vol.12 No.2
This paper proposes a dangerous object recognition Android application for the visually impaired using a smartphone. Among the one-stage and two-stage detectors, which are representative object recognition methods, the one-stage method is more suitable for real-time object recognition. Among them, more accurate object recognition is possible using the SSD network. In addition, the visually impaired cannot see the screen or the front properly in their daily life, so it informs them of dangerous situations in advance through sound. The system helps the visually impaired using a priority queue that notifies the visually impaired with a different sound according to a high-priority object. The experiment results of the proposed system are expected to bring positive results when applied to the smartphones of visually impaired people.
A Probabilistic-Based Reputation Computation Model for VANET
Kapil Sharma,Aditya shrivastava,Ranjeet Singh Tomar,Brijesh Kumar Chaurasia,Namkyun Baik 보안공학연구지원센터 2016 International Journal of Software Engineering and Vol.10 No.12
Reputation computation model facilitates vehicles to broadcast traffic information in a vehicular ad hoc network (VANET) in order to improve road safety and efficiency. In this paper, a probabilistic-based reputation computation model for VANETs has been evaluated. The uncertainty of reputation is transformed into a probability distribution over possible reputed states that are hidden from observation but determined by a vehicle’s expected experience in VANET are addressed in this work. HMM is utilized to evaluate the level of reputation in VANET exhibiting dynamic behaviour. The proposed mechanism is probability distribution centric, though the later mechanism is docile to predict accurate trust value of messages. The time taken by the proposed scheme is significantly less and transmission over the shared wireless channel is in the order of milliseconds. Extensive results and simulation show that efficacy of the proposed model.