The rapid advancement of IT technology has enabled the quick discovery,sharing and collection of quality information,but has also increased cyberattacks at a fast pace at the same time.There exists no means to block t...The rapid advancement of IT technology has enabled the quick discovery,sharing and collection of quality information,but has also increased cyberattacks at a fast pace at the same time.There exists no means to block these cyberattacks completely,and all security policies need to consider the possibility of external attacks.Therefore,it is crucial to reduce external attacks through preventative measures.In general,since routers located in the upper part of a firewall can hardly be protected by security systems,they are exposed to numerous unblocked cyberattacks.Routers block unnecessary services and accept necessary ones while taking appropriate measures to reduce vulnerability,block unauthorized access,and generate relevant logs.Most logs created through unauthorized access are caused by SSH brute-force attacks,and therefore IP data of the attack can be collected through the logs.This paper proposes a model to detect SSH brute-force attacks through their logs,collect their IP address,and control access from that IP address.In this paper,we present a model that extracts and fragments the specific data required from the packets of collected routers in order to detect indiscriminate SSH input attacks.To do so,the model multiplies a user’s access records in each packet by weights and adds them to the blacklist according to a final calculated result value.In addition,the model can specify the internal IP of an attack attempt and defend against the first 29 destination IP addresses attempting the attack.展开更多
In the NEtwork MObility (NEMO) environment, mobile networks can form a nested structure. In nested mobile networks that use the NEMO Basic Support (NBS) protocol, pinball routing problems occur because packets are...In the NEtwork MObility (NEMO) environment, mobile networks can form a nested structure. In nested mobile networks that use the NEMO Basic Support (NBS) protocol, pinball routing problems occur because packets are routed to all the home agents of the mobile routers using nested tunneling. In addition, the nodes in the same mobile networks can communicate with each other regardless of Internet connectivity. However, the nodes in some mobile networks that are based on NBS cannot communicate when the network is disconnected from the Internet. In this paper, we propose a route optimization scheme to solve these problems. We introduce a new IPv6 routing header named "destination-information header" (DH), which uses DH instead of routing header type 2 to optimize the route in the nested mobile network. The proposed scheme shows at least 30% better performance than ROTIO and similar performance improvement as DBU in inter-route optimization. With respect to intra-route optimization, the proposed scheme always uses the optimal routing path. In addition, the handover mechanism in ROAD+ outperforms existing schemes and is less sensitive to network size than other existing schemes.展开更多
基金supported by the Ministry of Education of the Republic of Korea and the National Research Foundation of Korea(NRF-2019S1A5C2A04083374).
文摘The rapid advancement of IT technology has enabled the quick discovery,sharing and collection of quality information,but has also increased cyberattacks at a fast pace at the same time.There exists no means to block these cyberattacks completely,and all security policies need to consider the possibility of external attacks.Therefore,it is crucial to reduce external attacks through preventative measures.In general,since routers located in the upper part of a firewall can hardly be protected by security systems,they are exposed to numerous unblocked cyberattacks.Routers block unnecessary services and accept necessary ones while taking appropriate measures to reduce vulnerability,block unauthorized access,and generate relevant logs.Most logs created through unauthorized access are caused by SSH brute-force attacks,and therefore IP data of the attack can be collected through the logs.This paper proposes a model to detect SSH brute-force attacks through their logs,collect their IP address,and control access from that IP address.In this paper,we present a model that extracts and fragments the specific data required from the packets of collected routers in order to detect indiscriminate SSH input attacks.To do so,the model multiplies a user’s access records in each packet by weights and adds them to the blacklist according to a final calculated result value.In addition,the model can specify the internal IP of an attack attempt and defend against the first 29 destination IP addresses attempting the attack.
基金supported by MKE,Korea,under ITRC NIPA-2009-(C1090-0902-0046)by MEST,Korea under WCU Program supervised by the KOSEF(No.R31-2008-000-10062-0).
文摘In the NEtwork MObility (NEMO) environment, mobile networks can form a nested structure. In nested mobile networks that use the NEMO Basic Support (NBS) protocol, pinball routing problems occur because packets are routed to all the home agents of the mobile routers using nested tunneling. In addition, the nodes in the same mobile networks can communicate with each other regardless of Internet connectivity. However, the nodes in some mobile networks that are based on NBS cannot communicate when the network is disconnected from the Internet. In this paper, we propose a route optimization scheme to solve these problems. We introduce a new IPv6 routing header named "destination-information header" (DH), which uses DH instead of routing header type 2 to optimize the route in the nested mobile network. The proposed scheme shows at least 30% better performance than ROTIO and similar performance improvement as DBU in inter-route optimization. With respect to intra-route optimization, the proposed scheme always uses the optimal routing path. In addition, the handover mechanism in ROAD+ outperforms existing schemes and is less sensitive to network size than other existing schemes.