Search

Your search keyword '"Chaetae Im"' showing total 25 results
Start Over Author "Chaetae Im"
25 results on '"Chaetae Im"'

11. A high performance VoLTE traffic classification method using HTCondor

Author

Jian Li, ChaeTae Im, Jae-Hyoung Yoo, James Won-Ki Hong, and Jonghwan Hyun

Subjects
Service quality, Service (systems architecture), Traffic classification, Voice over IP, Computer science, business.industry, Scalability, Core network, Deep packet inspection, Throughput, business, Computer network
Abstract

Voice-over-LTE (VoLTE) is a VoIP-based multimedia service which is provided using All-IP based LTE networks. VoLTE service was first commercialized by Korean telcos in 2012, and now more and more telcos are trying to adopt this technology. With the increased VoLTE service popularity, it is inevitable to have large VoLTE traffic volume (possibly degrading the service quality) and the potential attacks (possibly degrading the service reliability and availability) in the near future. Therefore, in order to avoid such potential issues, we need to perform thorough analysis on VoLTE traffic. As a first step, we propose a VoLTE traffic classification method and its distributed architecture. As the proposed classification method relies on Deep Packet Inspection (DPI) technique, it severely suffers from the large processing time and scalability issues. To overcome these issues, we further propose a distributed architecture for VoLTE traffic classification by adopting a high throughput computing framework — HTCondor. We performed a set of experiments using real-world traces captured from a commercial LTE core network, and have shown that with the proposed architecture, we can achieve up to 23.869 Gbps classification throughput which was almost 35 times faster than the system without distributed processing.

Published
2015
Full Text
View/download PDF

12. Context Based Smart Access Control on BYOD Environments

Author

Joohyung Oh, Dongwan Kang, and Chaetae Im

Subjects
business.industry, Computer science, Bring your own device, Context (language use), Access control, Security policy, Computer security, computer.software_genre, Port (computer networking), Variety (cybernetics), Mobile telephony, business, computer, Mobile device
Abstract

Recent mobile communication developments and the penetration of smartphones are spurring the increase of the number of smart devices owned by individuals. Mobile devices, because of the multitude of services they provide other than simple communication have become deeply rooted into each individual’s life. This development has spread into the work environment spawning a new trend commonly known as BYOD (bring your own device). However, with this trend serious security issues are emerging as a diversity of personal devices with unreliable security are increasingly accessing the typically closed intranets of conventional work environments. Corporations want to improve their productivity by taking advantage of the benefits of BYOD but it is difficult to handle an open BYOD work environment with current security technologies. This study analyzes the characteristics of BYOD environments, current threats to security and required security technologies, and presents a security framework suitable for BYOD environments. The framework presented here can manage a variety of devices despite their disparate operating systems and also control network factors according to the nature of the habits of BYOD users. As it is not based on IP or port-based analysis, which had been primarily used in the past, but on high quality, context information.

Published
2015
Full Text
View/download PDF

14. Threats and Countermeasures on a 4G Mobile Network

Author

Chaetae Im, Seongmin Park, Myoungsun Noh, Sekwon Kim, and Joohyung Oh

Subjects
Radio access network, business.industry, Computer science, Mobile computing, Mobile Web, Computer security, computer.software_genre, Public land mobile network, Intelligent Network, Mobile station, Mobile search, Mobile technology, business, computer, Computer network
Abstract

The appearance of high performance smartphones and increasing mobile services, enabled by the advancement of mobile phones and mobile communication technology, changed the mobile communication network architecture from a closed type to open type. In the open type network, anyone can access the network and various attacks and abnormal traffic can penetrate it, but existing IP based security technologies cannot block them. Particularly, there is no technology to detect the protocols such as GTP (GPRS Tunneling Protocol) specialized to the mobile communication network in the high volume traffic processing environment in the 4G mobile network. This paper describes the various types of threats to 4G mobile networks and measures to cope with them.

Published
2014
Full Text
View/download PDF

15. A Study On Abnormal Behavior Detection In Byod Environment

Author

Dongwan Kang, Joohyung Oh, and Chaetae Im

Subjects
Anomaly Behavior Detection, BYOD, Security
Abstract

Advancement of communication technologies and smart devices in the recent times is leading to changes into the integrated wired and wireless communication environments. Since early days, businesses had started introducing environments for mobile device application to their operations in order to improve productivity (efficiency) and the closed corporate environment gradually shifted to an open structure. Recently, individual user's interest in working environment using mobile devices has increased and a new corporate working environment under the concept of BYOD is drawing attention. BYOD (bring your own device) is a concept where individuals bring in and use their own devices in business activities. Through BYOD, businesses can anticipate improved productivity (efficiency) and also a reduction in the cost of purchasing devices. However, as a result of security threats caused by frequent loss and theft of personal devices and corporate data leaks due to low security, companies are reluctant about adopting BYOD system. In addition, without considerations to diverse devices and connection environments, there are limitations in detecting abnormal behaviors, such as information leaks, using the existing network-based security equipment. This study suggests a method to detect abnormal behaviors according to individual behavioral patterns, rather than the existing signature-based malicious behavior detection, and discusses applications of this method in BYOD environment., {"references":["Miller, K.W. \"BYOD: Security and Privacy Considerations,\" IT Professional, Vol 14, No 5, Oct, 2012, pp. 53-55.","Inverse, \"PacketFence,\" 2013, (http://www.packetfence.org/).","V Frias-Martinez, \"Behavior-Based Network Access Control: A Proof-of-Concept,\" ISC, 2008, pp. 175-190.","D'Alconzo, A. \"A Distribution-Based Approach to Anomaly Detection and Application to 3G Mobile Traffic,\" GLOBECOM, Dec. 2009, pp. 1-8.","P. Graham, \"A Plan for Spam,\" http://www.paulgraham.com/spam.html, 2002."]}

Published
2013
Full Text
View/download PDF

16. Abnormal IP Packets on 3G Mobile Data Networks

Author

Joo-Hyung Oh, Dongwan Kang, JunHyung Cho, and Chaetae Im

Subjects
Abnormal IP address, WCDMA, 3G, Mobile Data Network Attack
Abstract

As the mobile Internet has become widespread in recent years, communication based on mobile networks is increasing. As a result, security threats have been posed with regard to the abnormal traffic of mobile networks, but mobile security has been handled with focus on threats posed by mobile malicious codes, and researches on security threats to the mobile network itself have not attracted much attention. In mobile networks, the IP address of the data packet is a very important factor for billing purposes. If one mobile terminal use an incorrect IP address that either does not exist or could be assigned to another mobile terminal, billing policy will cause problems. We monitor and analyze 3G mobile data networks traffics for a period of time and finds some abnormal IP packets. In this paper, we analyze the reason for abnormal IP packets on 3G Mobile Data Networks. And we also propose an algorithm based on IP address table that contains addresses currently in use within the mobile data network to detect abnormal IP packets., {"references":["","CISCO, Global Mobile Data Traffic Forecast 2011-2016, Cisco Visual\nNetworking Index (VNI), 2012.","F. Ricciato, P. Svoboda, E. Hasenleithner, W. Fleischer, On the impact of\nunwanted traffic onto a 3G network, Proceedings of the Security, Privacy\nand Trust in Pervasive and Ubiquitous Computing, 2006, pp. 49-56.","3GPP, GPRS Tunnelling Protocol (GTP) across the Gn and Gp interface\n(Release 10), TS 29.060 V10.2.0, 2011.","H. Holma, A. Toskala, WCDMA for UMTS - Radio Access for Third\nGeneration Mobile Communications (Willey, 2004).","DARWIN Project, http://www.ftw.at/ftw/research/projects/","F. Ricciato, Traffic monitoring and analysis for the optimization of a 3G\nnetwork, Journal of Wireless Communication, Vol. 13, 2006, pp. 42-49.","ASMONIA Project, http://www.asmonia.de/"]}

Published
2013
Full Text
View/download PDF

17. 3G WCDMA Mobile Network DoS Attack and Detection Technology

Author

Oh, JooHyung, Dongwan Kang, Sekwon Kim, and ChaeTae Im

Subjects
WCDMA, Security Threat, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 3G, DoS
Abstract

Currently, there has been a 3G mobile networks data traffic explosion due to the large increase in the number of smartphone users. Unlike a traditional wired infrastructure, 3G mobile networks have limited wireless resources and signaling procedures for complex wireless resource management. And mobile network security for various abnormal and malicious traffic technologies was not ready. So Malicious or potentially malicious traffic originating from mobile malware infected smart devices can cause serious problems to the 3G mobile networks, such as DoS and scanning attack in wired networks. This paper describes the DoS security threat in the 3G mobile network and proposes a detection technology., {"references":["Mobile Traffic Data(2011~2016), CISCO VNI Mobile, 2012.","Global Mobile Data Traffic. By Type, Morgan Stanley, 2010.","Kang, D., Oh, J., and Im, C., Security Threats and Countermeasures on\nthe 3G Network, Proceedings of ICCCIT 2011, October 2011.","DARWIN, http:// http://userver.ftw.at/~ricciato/darwin/","ASMONIA, http:// www.asmonia.de","ERNW, http:// ernw.de/content/e6/e180/index_ger.html","H. Holma, A. Toskala, WCDMA for UMTS - Radio Access for third\nGeneration Mobile Communications 3rd, Willey, 2004.","3GPP, GPRS Tunnelling Protocol (GTP) across the Gn and Gp interface\n(Release 10), TS 29.060 V10.2.0, 2011.","Lee, P., Bu, T., and Woo, T., On the Detection of Signaling DoS Attacks\non 3G Wireless Networks, Proceedings of InfoCom 2007, May 2007.\n[10] V. Falletta, F Ricciato, P. Romirer-Maierthofer \"Traffic Analysis at Short\nTime-Scales: An Empirical Case Study from a 3G Cellular Network,\"\nIEEE Transactions on Networks and Service Management, Vol.5, No.1,\npp.11-21, March, 2009."]}

Published
2012
Full Text
View/download PDF

18. Security Threat And Countermeasure On 3G Network

Author

Dongwan Kang, Joohyung Oh, and Chaetae Im

Subjects
Core Network Security, 3G, GTP, Mobile NetworkSecurity
Abstract

Recent communications environment significantly expands the mobile environment. The popularization of smartphones with various mobile services has emerged, and smartphone users are rapidly increasing. Because of these symptoms, existing wired environment in a variety of mobile traffic entering to mobile network has threatened the stability of the mobile network. Unlike traditional wired infrastructure, mobile networks has limited radio resources and signaling procedures for complex radio resource management. So these traffic is not a problem in wired networks but mobile networks, it can be a threat. In this paper, we analyze the security threats in mobile networks and provide direction to solve it., {"references":["F. Ricciato, E. Hasenleithner, P. Svoboda, W. Fleischer, \"On the impact\nof unwanted traffic onto a 3G network,\" in Proc. Security, Privacy and\nTrust in Pervasive and Ubiquitous Computing(SecPerU), June, 2006.","H. Holma, A. Toskala, WCDMA for UMTS - Radio Access for Third\nGeneration Mobile Communications 3rd. Willey, pp.95-96, 2004..","3GPP, \"GPRS Tunnelling Protocol (GTP) across the Gn and Gp interface\n(Release 10),\" TS 29.060 V10.2.0, June, 2011.","S. Jeremy, Z. Hui, B. Jean C, \"Impact of paging channel overloads or\nattacks on a cellular network,\" in Proc. WiSe '06 Proceedings of the 5th\nACM workshop on Wireless security, New York, Sept, 2006.","DARWIN project. http://www.ftw.at/ftw/research/projects.","F. Ricciato, \"Traffic monitoring and analysis for the optimization of a 3G\nnetwork,\" IEEE Wireless Comm. vol. 13, pp. 42-49, Dec, 2006.","F. Ricciato, E. Hasenleithner, P. Romirer-Maierhofer, \"Traffic Analysis\nat Short Time-Scales An Empirical Case Study From a 3G Cellular\nNetwork,\" IEEE Trans. Network and Service Management, vol. 5, .No. 1,\npp. 11-21, March, 2008.","V. Falletta, F Ricciato, F. T. Wien \"Detecting Scanners: Empirical\nAssessment on a 3G Network,\" International Journal of Network\nSecurity, Vol.9, No.2, pp.143-155, Sept, 2009."]}

Published
2011
Full Text
View/download PDF

19. A study of malware detection and classification by comparing extracted strings

Author

Chaetae Im, Jin-kyung Lee, and Hyun-Cheol Jeong

Subjects
Similarity (geometry), Character (computing), Computer science, Mutation (genetic algorithm), Process (computing), Malware, Edit distance, Data mining, Static analysis, Malware analysis, computer.software_genre, Computer security, computer
Abstract

Recently, the number of Malware incidents has been rapidly increasing but we are too short of experts to handle the situation. Fortunately, most Malware instances are a mutation of an existing one, so it might be effective to use an auto-analysis system to observe a specific Malware. The auto-analysis system for Malware uses both the dynamic and static methods, but the latter still has some limitations and accordingly requires further research.However, this study uses the static method, which calculates the similarity between two files to be executed through by comparing character strings to identify and classify Malware. This method, whose performance depends on the number and type of character strings to be compared, requires a process to refine the character strings. In addition, it provides an advanced comparison mechanism that reflects the characteristics of the character strings held by a specific Malware, in the calculation of similarity.

Published
2011
Full Text
View/download PDF

20. A System for Analyzing Advance Bot Behavior

Author

Joo-Hyung Oh, Hyun-Cheol Jeong, and Chaetae Im

Subjects
Focus (computing), Software_OPERATINGSYSTEMS, Computer science, System call, Component (UML), Botnet, Process (computing), Operating system, Malware, Binary code, Layer (object-oriented design), computer.software_genre, computer
Abstract

Bot behavior analysis is an essencial component in botnet detection and response. Recent reseach on bot behavior analysis is focus on idenyifing wheather analysis target file is bot or not by monitoring user-level API call information of bot process and discover their malicous behaviors. However, such research does not monitor the bot process which has kernel-rootkit, anti-VM and static-DLL/binary code injection capabilities. In this paper, we present an approach based on a combination of System Call Layer rebuilding and process executing that enables automatic thwarting static-DLL/binary code injection. Also, we have built a system for analyzing advance bot behavior that can monitor the behavior of bot process at kernel-level and thwart some anti-vm methods. For experiments and evaluation, we have conduct experiments on several recent bot samples which have kernl-rootkit, anti-VM and static-DLL/binary code injection capabilities and shown that our system can successfully extrat their API call information and malicious behaviors from them.

Published
2010
Full Text
View/download PDF

21. Botnet Detection and Response Architecture for Offering Secure Internet Services

Author

Mijoo Kim, Hyun-Cheol Jeong, Chaetae Im, and Seung-Goo Ji

Subjects
Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Internet privacy, Botnet, computer.software_genre, Computer security, Electronic mail, Domain (software engineering), ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Server, Current technology, The Internet, Web service, Architecture, business, computer
Abstract

Countermeasures against botnet, which has been recognized as the Internet?s biggest threat, are urgently needed to create a safe Internet environment. However, the current technology lags behind the evolution of botnet, and, unlike in the past, mutual cooperation among ISPs and countries is essential. As botnet is distributed internationally rather than in a particular ISP domain, international cooperation is needed. As such, this paper proposes a framework for the systematic detection and prevention of botnet, as well as a procedure and method for cooperation.

Published
2008
Full Text
View/download PDF

22. SITIS: Scalable Intrusion Tolerance Middleware for Internet Service Survivability

Author

Dong Hoon Lee, Tae Jin Lee, Hyung-Jong Kim, Gang Shin Lee, and Chaetae Im

Subjects
Service (systems architecture), business.industry, Computer science, Survivability, computer.software_genre, Server farm, Middleware, Scalability, Operating system, The Internet, Intrusion tolerance, Isolation (database systems), business, computer, Computer network
Abstract

In this paper, we present design and implementation of SITIS: a middleware for intrusion tolerance of internet service. SITIS is designed for scalable deployment of intrusion tolerant capability in essential internet services. SITIS has abnormal status monitoring and group management modules. The monitoring module gathers various system-information such as memory and processor usages, and group management module manage the server farm using several mechanism such as group leader selection, abnormal server isolation and joining of new server. Also, the voting mechanism is utilized in the group management to check the integrity of each member’s service. In our work, we developed the web server’s intrusion tolerance system using SITIS middleware and it is presented at the end of this paper.

Published
2004
Full Text
View/download PDF

23. Committing Secure Results with Replicated Servers

Author

Sung Ki Kim, Chaetae Im, and Byoung Joon Min

Subjects
business.industry, Computer science, Node (networking), Hash function, computer.software_genre, Digital signature, Asynchronous communication, Wide area network, Server, The Internet, Web service, business, computer, Computer network
Abstract

Data and computations for critical services on Internet are replicated and scattered to remote sites for the purpose of both security and fault-tolerance. In order to deliver only secure results to the users, we need an algorithm to decide agreement on results from replicated servers in a secure manner in terms of integrity and confidentiality. For this purpose, a secure and practical decentralized voting algorithm is proposed in the paper. Since a typical Internet user submits a request to a node and obtains the corresponding reply from the same node, we assume a system model in which service requests are preprocessed and corresponding results are delivered by the same coordination nodes called proxies in an asynchronous wide area network. The algorithm employs hashes and digital signatures. The complexity of the algorithm is compared with other competent voting algorithms. In order to demonstrate the performance of the algorithm, experimental result on a test-bed for web service is also presented.

Published
2004
Full Text
View/download PDF

24. Detecting A Mobile Device infected with Mobile Malware based on Malicious URLs in 4G LTE.

Author

Sujeong Woo, Sekwon Kim, Joohyung Oh, and Chaetae Im

Subjects
MALWARE prevention, MOBILE apps, UNIFORM Resource Locators, 4G networks, LONG-Term Evolution (Telecommunications), COMMAND & control systems
Abstract

Mobile malware attacks are increasing with the number of smartphones in use is also increasing. In order to prevent these malware attacks, mobile telecommunication operators and virus vaccine companies support mobile antivirus software to users. But, users do not activate or update the antivirus. And sometimes it could not detect malware. In this paper, we propose a new method for detecting a mobile device infected with mobile malware based on malicious URLs in 4G LTE. It is to analyze the traffic accessing the malicious URLs such as web servers distributing mobile malware, command and control(C&C) servers, etc in 4G LTE. And in 4G LTE, a mobile device has a static or dynamic IP address according to the IP address assignment policy. Therefore we use a method to distinguish the mobile device that is session management for UEs. This proposed detection method just needs port mirroring to implement a detection system. And it can apply to the 4G LTE without changing the infrastructure. And it provides a convenience that is to support the detection log in real time to mobile telecommunication operators. [ABSTRACT FROM AUTHOR]

Published
2014

Catalog

Books, media, physical & digital resources
See catalog results