본문 바로가기 사이드메뉴 바로가기 주메뉴 바로가기

Media Center

A multimedia mosaic of moments at GIST

GIST Excellence

Professor Hyuk Lim's research team develops network-traffic monitoring system for improved cyber security

  • 전체관리자
  • REG_DATE : 2017.07.20
  • HIT : 1385

Professor Hyuk Lim's research team develops network-traffic monitoring system for improved cyber security

□ A research team led by Professor Hyuk Lim of the School of Electrical Engineering and Computer Science at the Gwangju Institute of Science and Technology (GIST, President Seung Hyeon Moon) has developed a software-defined networking (SDN) traffic monitoring sampling technique that can enhance cyber security by detecting and analyzing various large scale cyberattacks.

∘ Cyberattacks are occurring more frequently; for example, hackers are taking advantage of online anonymity to attack governments, corporations, and individuals. Therefore, the researchers have developed a SDN-based traffic monitoring system that can replace existing network data traffic monitoring methods that are less flexible and scalable.


* Software defined network: A new networking paradigm that controls and manages the delivery of data traffic over the network in a centralized manner through software-based protocols.

∘ To monitor vast amounts of internet traffic, the researchers proposed an algorithm for determining the sampling location and ratio of data traffic based on network status information, and their SDN tests verified that their proposed scheme greatly improves cyber security. It is expected to play a major role in detecting and responding to various malicious cyberattacks, including ransomware attacks *, advanced persistent threats (APT) *, and distributed denial of service (DDoS) attacks.

* Ransomware Attack: Attacks that infects a user's computer and encrypts the data, which requires a monetary payment to unencrypt the data.

* APT Attack: An attack method that utilizes malicious computer software to secretly and continuously monitor and steal specific information.

* DDoS Attack: An attack method that paralyzes a service by having an overwhelming number of infected computers requesting access to a site at the same time, thereby causing the site to crash.

□ Professor Hyuk Lim said, "While existing malicious network traffic monitoring methods are able to statically sample data only at a specific accessible location, the software that we have developed has the ability to dynamically determine the optimal monitoring location during malicious cyberattacks by analyzing the data from the Intrusion Detection System (IDS) traffic."

□ This research was supported by an Institute for Information & Communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) for Cyber Security Defense Cycle Mechanism for New Security Threats.

□ Their paper entitled "Scalable Traffic Sampling Using Centrality Measure on Software-Defined Networks" was authored by Seunghyun Yoon, Taejin Ha, Sunghwan Kim, and Hyuk Lim and published on July 14, 2017, in IEEE Communications Magazine.