IP 스푸핑 공격 발생 시 유클리드 거리 기반의 트레이스 백 분석시간 개선 모델

유양,백현철,박재흥,김상복 한국융합보안학회 2017 융합보안 논문지 Vol.17 No.5

오늘날 컴퓨터를 이용한 정보교환 방식은 다양하게 변화하고 있으며, 이를 이용한 불법적인 공격은 더욱 증가하고 있 다. 특히 IP 스푸핑 공격은 그 특성상 DDoS 공격과 같은 자원고갈 공격을 수반하기 때문에 정확하고 빠른 탐지가 요구 된다. IP 스푸핑 공격을 탐지하는 기존 방식에는 접속을 요청한 클라이언트의 트레이스 백 경로 정보를 서버에서 미리 보유하고 있는 정상적인 경로 정보와 비교하는 방식을 사용하고 있다. 그렇지만 이러한 공격 탐지 방식은 경로상에 존 재하는 모든 라우터들의 IP 정보를 순차적으로 단순 비교하는 방식을 사용하기 때문에 빠르게 변화하는 공격을 탐지하 고 대응하기에는 시간적 어려움이 존재한다. 본 논문에서는 이러한 문제를 개선하기 위하여 먼저 경로상에 존재하는 모 든 라우터들의 IP에 해당하는 좌표값을 유클리드 거리 계산을 통하여 도출해 놓고, 이를 기반으로 트레이스 백 정보를 분석하여 공격 탐지를 위한 분석횟수를 개선할 수 있었다. Now the ways in which information is exchanged by computers are changing, a variety of this information ex change method also requires corresponding change of responding to an illegal attack. Among these illega l attacks, the IP spoofing attack refers to the attack whose process are accompanied by DDoS attack an d resource exhaustion attack. The way to detect an IP spoofing attack is by using traceback informatio n. The basic traceback information analysis method is implemented by comparing and analyzing the nor mal router information from client with routing information existing in routing path on the server. There fore, Such an attack detection method use all routing IP information on the path in a sequential comparison. It 's difficulty to responding with rapidly changing attacks in time. In this paper, all IP addresses on the path to com pute in a coordinate manner. Based on this, it was possible to analyze the traceback information to improve the num ber of traceback required for attack detection.

유클리드 거리식을 이용한 암호화 기반의 사용자 인증 서비스 모델

유양,백현철,홍석원,박재흥,김상복 한국지식정보기술학회 2018 한국지식정보기술학회 논문지 Vol.13 No.6

Nowadays, network technology is changing rapidly in the environment of cloud computing and Internet of Things, but there are still many difficulties in providing dynamic correspondence and efficient services when illegal attacks occur. In particular, attackers with high-end attack techniques will try to use the IP spoofing attack. For IP spoofing attacks, it is based on the connection path of the client to detect and correspond. This is based on traceback, after the normal path information is generated, the client connection information is compared and analyzed. But the benchmark detection method in the process of connection intelligence analysis will make OTP (One Time Password) occur frequently, resulting in low service availability. In order to improve this problem, this paper takes traceback information , and uses the Euclidean law calculation method (Euclidean Distance) and the security model put forward by phases of encryption method. Based on this, abnormal path intelligence in the simple comparison process, the different path information of block first policy can complement. After analyzing the changing path information, also implement phases of encryption. Then, the process of decryption is used to certify whether service is needed.

유클리드 거리 기반의 OTP 재인증 감소 모델

유양,백현철,박재흥,김상복 한국지식정보기술학회 2017 한국지식정보기술학회 논문지 Vol.12 No.5

Nowadays,intelligence communications technology is developing rapidly in a cloud computing environment with big data services. With the change of the network environment, the protection function for increasing information exchange process on the Internet and important intelligence materials needs to be further developed. Intelligence protection based on the internet has OTP authentication and encryption technology for network for the detection technology with non-normal general access. But the weaknesses of these technologies are being discovered in a variety of attack technologies. In particular, attackers with high-end illegal access technologies frequently try IP spoofing attacks. That is, it uses the cloud hosting intelligence that can build mutual trust to constantly try increase the trust relationship in the cloud service environment by illegal attacks. In order to improve the accessibility of information service in the cloud computing environment, this study analyzes the traceback information by using the Euclidean distance law in mathematics. In this study, the IP value of each hop is dually grouped, and the Euclidean distance is calculated by the two sets of coordinates. The chart changes composed of these datas are then calculated. Then the study will analyze and change the appropriate information for OTP authentication or encryption, and then obtain information to reduce the implementation process of OTP authentication.

An Encrypted Response Model using Application Access Failure information for the Attack of IP Spoofing in a Cloud Computing Environment

유양,김상복,박재흥,배종민 한국지식정보기술학회 2015 한국지식정보기술학회 논문지 Vol.10 No.6

The big data is typically collect a large amount of information. It is processed of receiving a service and is based on a cloud computing environment. These environments are easily exposed to illegal accesses, which use IP Spoofing compared to that of a single system. In this study traceback information is used to identify normal users in order to response to illegal accesses in a cloud computing environment. Then, services are provided after the identification process for the normal access frequency of users by comparing it with access failure information within a specific time. If there exists mismatches in traceback information or the access failure information exceeds a critical value, the access will be identified as an illegal access. Then, the access is immediately interrupted and is recorded as illegal access information. In addition, as an access that is attempted at an unexpected location, which is not registered in the existing user traceback information due to movements of normal users, is presented, the data will be provided after encrypting it for responding illegal accesses due to leaks of OTP. The model presented in this study is safe for authorized users against illegal accesses, which use IP Spoofing in a cloud computing based big data collecting environment, and improves service availabilities.

The Effect of Oral Cola Ingestion for Endoscopic Inspection of Remnant Stomach: Randomized Case Control Study

김호,박종재,김기현,김지원,정용,유양재,주문경,이범재,김지훈,연종은,변관수,박영태,이상우 대한상부위장관ㆍ헬리코박터학회 2014 Korean Journal of Helicobacter Upper Gastrointesti Vol.14 No.1

Background/Aims: Nasogastric administration of cola for dissolution of phytobezoar was reported but the mechanism is not well understood. We aimed to evaluate the efficacy of cola ingestion for upper gastrointestinal endoscopy in patients who have had distal gastrectomy. Materials and Methods: Patients were enrolled from July 2007 to October 2007 and all previously received subtotal gastrectomy. We conducted a randomized case-control study which the patients were randomly assigned to two groups. Group A had preparation with cola and group B had no preparation. Cola preparation group ingested about 1,500 mL of cola between 7 PM to 10 PM in the evening before the procedure. Two examiners who were blinded to the type of preparation performed the endoscopy. We assessed the degree of food residue and bile reflux by Japanese classification. Results: A total of 70 patients were included. The comparison of clinical and laboratory characteristics between the two groups showed no statistically significant difference. During endoscopy, food residue was less found in group A than B, but without statistically significance (group A=12.1%, group B=21.6%, P=0.087). However, bile reflux was significantly less found in group A than B (group A=36.4%, group B=67.6%, P=0.015). Multivariate analysis, cola preparation significantly reduced food residue (OR, 0.032; P=0.001) and bile reflux (OR, 0.102; P=0.001). Conclusions: Preparation with cola in the evening before endoscopic examination may provide a good quality of preparation in patient with remnant stomach after distal gastrectomy.

국내 주요 급식전문업체의 홈페이지 운영평가

김종군,유양자,차은석,홍완수 한국조리과학회 2002 한국식품조리과학회지 Vol.18 No.2

This study was conducted to compare and analyze the management status of internet homepage of catering companies in Korea for improving internet marketing. An evaluation tool with 6 categories consisting of contents, information update, user's convenience, design, provision of related information, and accessibility was developed and used for the analysis of 6 major catering companies. A five-point likert scale (1=very badly organized, 5=very well organized) was used for evaluating above six categories. The overall mean score for six categories was 2.91 out of 5, showing below the average. The categories received less than 3 points were information update (2.16), user's convenience (2.33), and provision of related information (2.83). The scores for design was the highest (3.66), followed by accessibility (3.33), and contents (3.16). These results suggest that the internet homepage of the catering companies should be improved especially in the provision of enough information and its update in order to promote their internet marketing.

마음수련 프로그램이 아동 및 청소년의 공격성 및 자율성에 미치는 효과

김미한 ( Mi Han Kim ),유양경 ( Yang Gyeong Yoo ),이은진 ( Eun Jin Lee ),손무경 ( Moo Kyung Son ) 한국정서·행동장애아교육학회(구 한국정서학습장애아교육학회) 2013 정서ㆍ행동장애연구 Vol.29 No.1

이 연구는 마음수련의 원리를 적용한 명상 프로그램이 학생들의 공격성 및 자율성에 어떠한 영향을 미치는지 그 효과를 알아보고자 실시된 것이다. 연구방법은 비동등성 대조군 사전사후 유사실험 설계로서 마음수련 청소년 캠프에 참가한 16명을 실험군으로, 참가하지 않은 15명을 대조군으로 선정하였다. 캠프 전·후에 대상자에게 적용한 도구는 공격성 측정도구(강지흔, 2004), Holland 진로발달검사 중 자율성 측정도구(안창규, 안현의, 2005), 인물화검사(Machoover, 1949), 집-나무-사람 그림검사(Buck, 1987), 동적가족화 검사(Burns & Kaufman, 1972)이다. 명상 프로그램에 참여한 실험군은 대조군에 비하여 공격성 점수가 감소하였고 자율성 점수는 증가하였다. 이러한 결과는 마음수련 명상 프로그램이 학교나 다양한 지역사회 현장에서 아동 및 청소년들의 인성교육의 대안으로써 활용가능성이 높음을 시사한다. The purpose of the study was to evaluate effectiveness of the maum meditation program on the aggression and autonomy of the children and the juveniles. The research is based on the nonequivalent control group pretest-posttest design. The participants in the study were 16 children and the juveniles in the experimental group and 15 in control group. Data were collected from the questionnaires using the Aggression scale(Kang, 2004), Holland`s Career Exploration Inventory(Ann, 2005) and drawing test using Draw A Person(Machoover, 1949), House-Tree-Person(Buck, 1987), Kinetic Family Drawing test(Burns & Kaufman, 1972). The data were analyzed as t-test, χ2-test, analysis of covariance using SPSS 12.0. The score of aggression was decreased and the score of autonomy increased in the experimental group as compared to the control group. These results indicates that maum meditation program was effective for changing children and juveniles` aggression and autonomy. Therefore maum meditation program could be proposed to a good personality education in the school and the various community.

수필:어느 해후,엄마의 고백,남대문로터리,어느날의 소설가

하유양,왕수영,이근우,김광주 북한연구소 1973 北韓 Vol.- No.22

시스템콜 시퀀스 추출 프레임워크를 이용한 시퀀스 기반 컨테이너 보안 강화 기법의 정량적 분석 연구

송소민,김유양,탁병철 한국정보과학회 2023 정보과학회논문지 Vol.50 No.11

Container escape is one of the most critical threats in containerized applications that share a host kernel. Attackers exploit kernel vulnerabilities through a series of manipulated system calls to achieve privilege escalation, which can lead to container escape. Seccomp is a security mechanism widely used in containers. It strengthens the level of isolation by filtering out unnecessary system call invocations. However, the filtering mechanism of Seccomp that blocks individual system calls has a fundamental limitation in that it can be vulnerable to attacks that use system calls allowed by the policy. Therefore, this study presents a hybrid analysis framework that combines static and dynamic analyses to extract system call sequences from exploit codes. Using this framework, we compared the security strength of an existing individual system call-based filtering mechanism and proposed a system call sequence-based filtering mechanism in terms of the number of blockable exploit codes using system call profiles for the same exploit codes. As a result, the proposed system call sequence-based filtering mechanism was able to increase the defense coverage from 63% to 98% compared to the existing individual system call-based filtering mechanism.

강원도 지역 대학생들의 음식 기호도 및 영양 섭취실태 조사연구

최영심(Young-Sim Choi),유양자(Yang-Ja Yoo),김종군(Jong-Goon Kim),남상명(Sang-Myung Nam),정명은(Myung-Eun Jung),정차권(Cha-Kwon Chung) 한국식품영양과학회 2001 한국식품영양과학회지 Vol.30 No.1

본 연구는 강원도 지역 대학생 200명을 임의로 추출하여 기호도 및 영양소 섭취실태를 조사한 것으로 그 결과를 요약 하면 다음과 같다. 조사 대상자의 식사 섭취 상황은 ‘거의 먹는다’가 88%, ‘거의 먹지않는다’가 2%, ‘가끔 먹는다’가 10%로 나타났으며 타 지역보다 결식율이 낮은 것으로 조사되었다. 결식하는 이유는 ‘시간 부족’이 45%로 가장 컸으며 ‘식욕부족’이 29%로 나타났다. 우유 섭취 상황은 ‘꼭 마신다’가 19%, ‘가끔 마신다’가 48%, ‘거의 마시지 않는다’가 33%로 나타났다. 우유는 거의 완전 식품으로 그 중에서도 칼슘섭취에 가장 큰 기여를 하며, 또한 유당, 카제인, 비타민 D 등 칼슘흡수를 촉진하는 인자가 있으므로 식생활에 이로움을 인지해야 된다. 건강에 대한 관심도는 대학생을 조사대상자로 하여 그런지 ‘보통’으로 조사되었다. 주식에 대한 기호도에서는 밥, 빵, 국수 중 밥을 가장 선호하였다. 좋아하는 밥종류로는 쌀밥ㆍ콩나물밥을, 빵 종류로는 햄버거ㆍ샌드위치ㆍ야채빵을, 국수류로는 비빔국수ㆍ냉면ㆍ라면으로 나타났다. 싫어하는 주식으로는 수수밥ㆍ콩국수 등이었다. 쌀에 대한 아미노산 보족효과가 있는 콩밥에 대한 기호도는 저조하게 나왔는데 이에 대한 영양교육의 필요성이 요구된다. 부식에 대한 기호도에서는 가장 좋아하는 부식의 형태가 찌게이며, 그 다음으로 김치, 볶음, 나물 순이었다. 기호도가 낮은 부식의 종류는 장아찌류이다. 기호도가 높은 부식은, 국종류(고기국「남」, 미역국ㆍ콩나물국), 김치류(배추김치ㆍ총각무김치ㆍ오이김치), 튀김류(오징어ㆍ고구마ㆍ감자ㆍ새우튀김), 볶음(오징어볶음ㆍ김치볶음ㆍ고기볶음「남」), 전류(고기전「남」, 호박전ㆍ햄전), 구이(김구이ㆍ더덕구이ㆍ쇠고기 구이), 조림(오징어조림, 감자조림), 나물류(콩나물), 무침류(오징어ㆍ더덕ㆍ도라지무침), 장아찌(더덕ㆍ마늘장아찌「남」, 오이ㆍ깻잎장아찌「여」) 등을 들었다. 기호도가 낮은 부식은 무국ㆍ부추김치ㆍ쑥튀김ㆍ간볶음ㆍ간전ㆍ가지구이ㆍ가지조림ㆍ가지나물ㆍ양배추무침ㆍ고추ㆍ양파장아찌 등이었다. 조리방법에 관계없이 좋아하는 식품으로는 오징어, 더덕, 쇠고기, 오이, 콩나물이었고, 조리방법에 관계없이 싫어하는 식품으로는 간ㆍ양배추ㆍ당근ㆍ가지ㆍ무우ㆍ돼지고기 등이었다. 기호도가 낮은 식품인 간ㆍ당근ㆍ양배추ㆍ무우 등은 각각 단백질, 비타민, 무기질의 좋은 급원이 되는 식품들이므로 영양교육 차원에서 크게 비중을 두어 강조하여야 하겠다. 일품요리 대한 기호도에서는 특별히 싫어하는 음식은 없었고, 오징어덮밥ㆍ만두국ㆍ비빔밥ㆍ김밥 등이 기호도가 높았으며 간식에 대한 기호도에서는 가장 높은 것이 과일류였다. 조사 대상자의 열량소, 단백질, 무기질(Ca, Fe), 비타민(비타민 Aㆍ비타민 Cㆍ리보플라빈ㆍ나이아신) 등의 평균 영양소 섭취량은 권장량과 비교하여 보았을 때 열량소와 철분, 칼슘을 제외하고는 권장량보다 높거나 비슷한 수준이었다. 권장량이하를 섭취하는 비율은 열량이 가장 많았고, 그 다음이 철분이었다. 강원도 지역 대학생들의 기호도 및 영양실태 조사가 학기중에 실시되었으므로 대학생들의 생활 양식이 매우 유사함을 발견하였으며, 기록자로 하여금 섭취량을 중량으로 환산하기 어려우면 컵량으로 기록하게 하였는데 컵량 표시에 대한 기록자와 분석자간의 눈대중의 오차 또한 있을것으로 생각된다. 그리고 본 조사는 5월부터 7월중에 실시하였는데, 한국의 경우 계절에 따라 섭취 식품의 종류가 다양하므로 타 계절과는 차이점이 있을 수 있다고 사료된다. The main focus of this study was set to help college students in Kangwon province to improve and correct dietary habits and to maintain healthy life. The nutritional status and food preference of college students were examined from May to July, 1999. The collection of the research data has been made on the basis of questionnaires for 184 college students residing in Kangwon province. Statistical analysis of the data was performed using SAS package program for descriptive frequency and statistical significance. The meal skipping ratio of the subjects were 2% and for the reasons of meal skipping 45% responded “lack of time”. As for main dishes, cooked rice turned out to be the most preferred by the subjects and the second and third favored by female students were bread and noodle, respectively. Most preferred side-dishes were meat soup, kimchi, laver Kui, squid Bockeum, fried squid, beef Chon, squid Chorim, soy Namul, Duduk Changachi and squid Muchim. Less preferred side-dishes include radish soup, white kimchi, mugwort fry, liver Bockeum, liver cheon and egg plant Kui. No one-plate food was disliked by the subjects. Male liked Mandukuk and female liked cuttle fish rice. The intakes of nutrient except for energy, iron and calcium for female students were the same or above the Recommended Dietary Allowances (RDA) for Koreans.