Hyundo Park

Learn More
Threads posed by Distributed Denial of Service (DDoS) attacks are becoming more serious day by day. Accurately detecting DDoS becomes an important and necessary step in securing a computer network. However, Flash Event (FE), which is created by legitimate requests , shares very similar characteristics with DDoS in many aspects and makes it hard to be(More)
Host-based anomaly detectors monitor the control-flow and data-flow behavior of system calls to detect intrusions. Control-flow-based detectors monitor the sequence of system calls, while data-flow-based detectors monitor the data propagation among arguments of system calls. Besides pointing out that data-flow-based detectors can be layered on top of(More)
Since early responses are crucial to reduce the damage from unknown Internet attacks, our first consideration while developing a defense mechanism can be on time eciency and observing (and predicting) the change of network statuses, even at the sacrifice of accuracy. In the recent security field, it is an earnest desire that a new mechanism to predict(More)
etwork intrusion detection is performed by monitoring network traffic and detecting the evidence of attacks by scanning known signatures (misuse detection) or recognizing anomalous traffic behaviors (anomaly detection). Misuse detection has been widely used for finding known attacks, and the low false alarm rate is one of its biggest advantages. While(More)
The proportion of packed malware has been growing rapidly and now comprises more than 80 % of all existing malware. In this paper, we propose a method for classifying the packing algorithms of given unknown packed executables, regardless of whether they are malware or benign programs. First, we scale the entropy values of a given executable and convert the(More)
  • 1