• Journal of Industrial Convergence
• /
• v.21 no.9
• /
• pp.49-56
• /
• 2023

ID is used as identifying information and password as user authentication for ID-based authentication. In order to have a secure user authentication, the password is generated as a hash value on the client and sent to the server, where it is compared with the stored information and authentication is performed. However, if even one character is incorrect, the different hash value is generated, authentication will be failed and cannot be performed and various functions cannot be applied to the password. In this study, we generate several hash value including imaginary number of entered password and transmit to server and perform authentcation. we propose a technique can grants the right differentially to give various rights to the user who have many rights by one account. This can defend shoulder surfing attack by imaginary password and provide convenience to users who have various rights by granting right based on password.

• Journal of KIISE:Databases
• /
• v.35 no.4
• /
• pp.297-306
• /
• 2008

MJoin is proposed as an algorithm to join multiple data streams efficiently, whose characteristics are unpredictably changed. It extends a symmetric hash join to handle multiple data streams. Whenever a tuple arrives from a remote stream source, MJoin checks whether all of hash tables have matching tuples. However, when a join involves many data streams with low join selectivity, the performance of this checking process is significantly influenced by the checking order of hash tables. In this paper, we propose a BiHT-Join algorithm which extends MJoin to conduct this checking in a constant time regardless of a join order. BiHT-Join maintains a bit-vector which represents the existence of tuples in streams and decides a successful/unsuccessful join through comparing a bit-vector. Based on the bit-vector comparison, BiHT-Join can conduct a hash join only for successful joining tuples based on this decision. Our experimental results show that the proposed BiHT-Join provides better performance than MJoin in the processing of multiple streams.

• Journal of KIISE:Databases
• /
• v.36 no.2
• /
• pp.84-98
• /
• 2009

Various algorithms and architectures for IP address lookup have been studied to improve forwarding performance in the Internet routers. Previous IP address lookup architecture using Bloom filter requires a separate Bloom filter as well as a separate hash table in each prefix length, and hence it is not efficient in implementation complexity. To reduce the number of hash tables, it applies controlled prefix expansion, but prefix duplication is inevitable in the controlled prefix expansion. Previous parallel multiple-hashing architecture shows very good search performance since it performs parallel search on tables constructed in each prefix length. However, it also has high implementation complexity because of the parallel search structure. In this paper, we propose a new IP address lookup architecture using all-length Bloom filter and all-length multiple hash table, in which various length prefixes are accomodated in a single Bloom filter and a single multiple hash table. Hence the proposed architecture is very good in terms of implementation complexity as well as search performance. Simulation results using actual backbone routing tables which have $15000{\sim}220000$ prefixes show that the proposed architecture requires 1.04-1.17 memory accesses in average for an IP address lookup.

• Journal of KIISE:Databases
• /
• v.29 no.3
• /
• pp.180-192
• /
• 2002

We investigate the effect of the data skew of join attributes on the performance of a pipelined multi-way hash join method, and propose two new harsh join methods in the shared-nothing multiprocessor environment. The first proposed method allocates buckets statically by round-robin fashion, and the second one allocates buckets dynamically via a frequency distribution. Using harsh-based joins, multiple joins can be pipelined to that the early results from a join, before the whole join is completed, are sent to the next join processing without staying in disks. Shared nothing multiprocessor architecture is known to be more scalable to support very large databases. However, this hardware structure is very sensitive to the data skew. Unless the pipelining execution of multiple hash joins includes some dynamic load balancing mechanism, the skew effect can severely deteriorate the system performance. In this parer, we derive an execution model of the pipeline segment and a cost model, and develop a simulator for the study. As shown by our simulation with a wide range of parameters, join selectivities and sizes of relations deteriorate the system performance as the degree of data skew is larger. But the proposed method using a large number of buckets and a tuning technique can offer substantial robustness against a wide range of skew conditions.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.4-6
• /
• 2002

본 연구는 포워딩 테이블의 자료구조와 검색 알고리즘을 개선하여 고속 IP주소 검색을 구현하는 소프트웨어 기반의 연구로써 목적지 IP주소에서 검색할 길이를 결정한 후 길이별로 준비된 해시 테이블 검색을 통해 O(1)의 속도로 IP주소 검색을 실시할 수 있다. IP주소 검색은 목적지 IP주소와 다수의 포워딩 테이블 엔트리 중에서 가장 많은 비트가 일치하는 엔트리를 검색하는 과정으로 일반적인 완전일치 검색이 적용되기 어렵다. 본 연구에서는 포워딩 테이블 엔트리로 구성된 트라이를 기반으로 길이별 다중 해시 테이블을 구성하여 평균 O(log$_2$N),N=4 의 속도로 IP주소 검색을 한다. 이때 최악의 검색시간은 4회의 주 메모리 접근시간이며 더 빠른 검색을 위해 본 논문은 각 프리픽스의 첫 8비트를 키로 256개 그룹을 만들고 각 그룹별 최대 프리픽스 길이를 기록한 테이블을 캐쉬에 저장함으로써 길이별 해시 테이블 검색 시 N값을 99.9%의 확률로 3이하로 제한할 수 있다. 이것은 포워딩 테이블의 프리픽스 길이 분포에 의한 결과이며, 99.9%의 확률에서 최악의 검색시간을 3회의 주메모리 접근시간으로 할 수 있다. 주 메모리 접근시간 50㎱를 적용하면 150㎱의 검색속도는512B 패킷을 가정할 때 약 27Gb㎰의 검색속도를 지원할 수 있다.

• Electronics and Telecommunications Trends
• /
• v.16 no.6 s.72
• /
• pp.29-40
• /
• 2001

본 고에서는 디스크 기반의 정보검색시스템의 성능을 높이는 것을 목표로, 주기억장치 상주형 정보검색시스템에 적합한 주기억장치 기반의 인덱싱 기법을 비교 평가하고자 한다. 인덱스는 인덱스를 구성하는 키의 순서가 유지되는지의 여부에 따라 크게 두 종류로 나눌 수 있는데, 키가 일정한 순서로 유지되는 트리 계열과 키의 순서와 관계없이 무작위로 유지되는 해시 계열로 구분할 수 있다. 트리 계열 인덱스는 일정한 범위가 주어지는 연산을 처리할 때 유용하게 사용될 수 있으며, 해시 계열 인덱스는 특정한 키에 의한 빠른 데이터 접근을 제공한다. 트리 계열 인덱스로는 AVL 트리, B+ 트리, T 트리 등이 있으며, 해시 계열 인덱스로는 체인 버켓 해싱(Chained Bucket Hashing: CBH), 확장 해싱(Extendible Hashing: EH), 선형 해싱(Linear Hashing: LH), 수정된 선형 해싱(Modified Linear Hashing), 다중 디렉토리 해싱(Multi-directory Hashing) 및 확장된 체인 버켓 해싱(Extendible Chained Bucket Hashing: ECBH) 등이 있다.

• The KIPS Transactions:PartD
• /
• v.9D no.5
• /
• pp.755-768
• /
• 2002

We investigate the effect of the data skew of join attributes on the performance of a pipelined multi-way hash join method, and propose two new hash join methods with load balancing capabilities. The first proposed method allocates buckets statically by round-robin fashion, and the second one allocates buckets adaptively via a frequency distribution. Using hash-based joins, multiple joins can be pipelined so that the early results from a join, before the whole join is completed, are sent to the next join processing without staying on disks. Unless the pipelining execution of multiple hash joins includes some load balancing mechanisms, the skew effect can severely deteriorate system performance. In this paper, we derive an execution model of the pipeline segment and a cost model, and develop a simulator for the study. As shown by our simulation with a wide range of parameters, join selectivities and sizes of relations deteriorate the system performance as the degree of data skew is larger. But the proposed method using a large number of buckets and a tuning technique can offer substantial robustness against a wide range of skew conditions.

• Korean Journal of Remote Sensing
• /
• v.39 no.6_3
• /
• pp.1771-1777
• /
• 2023

With the advancements of deep learning, many semantic segmentation-based methods for land cover classification have been proposed. However, existing deep learning-based models only use image information and cannot guarantee spatiotemporal consistency. In this study, we propose a land cover classification model using geographical coordinates. First, the coordinate features are extracted through the Coordinate Hash Encoder, which is an extension of the Multi-resolution Hash Encoder, an implicit neural representation technique, to the longitude-latitude coordinate system. Next, we propose an architecture that combines the extracted coordinate features with different levels of U-net decoder. Experimental results show that the proposed method improves the mean intersection over union by about 32% and improves the spatiotemporal consistency.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.14 no.5
• /
• pp.60-70
• /
• 2018

A software defined storage (SDS) is being deployed in cloud environment to allow multiple users to virtualize physical servers, but a solution for optimizing space efficiency with limited physical resources is needed. In the conventional data deduplication system, it is difficult to deduplicate redundant data uploaded to distributed storages. In this paper, we propose a distributed deduplication method using similarity-based clustering and multi-layer bloom filter. Rabin hash is applied to determine the degree of similarity between virtual machine servers and cluster similar virtual machines. Therefore, it improves the performance compared to deduplication efficiency for individual storage nodes. In addition, a multi-layer bloom filter incorporated into the deduplication process to shorten processing time by reducing the number of the false positives. Experimental results show that the proposed method improves the deduplication ratio by 9% compared to deduplication method using IP address based clusters without any difference in processing time.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.51-57
• /
• 2024

Although industrial control systems (ICSs) recently keep evolving with the introduction of Industrial IoT converging information technology (IT) and operational technology (OT), it also leads to a variety of threats and vulnerabilities, which was not experienced in the past ICS with no connection to the external network. Since various control command messages are sent to field devices of the ICS for the purpose of monitoring and controlling the operational processes, it is required to guarantee the message integrity as well as control center authentication. In case of the conventional message integrity codes and signature schemes based on symmetric keys and public keys, respectively, they are not suitable considering the asymmetry between the control center and field devices. Especially, compromised node attacks can be mounted against the symmetric-key-based schemes. In this paper, we propose message authentication scheme based on double hash chains constructed from cryptographic hash function without introducing other primitives, and then propose extension scheme using Merkle tree for multiple uses of the double hash chains. It is shown that the proposed scheme is much more efficient in computational complexity than other conventional schemes.