• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.65-67
• /
• 2013

The recent high-performance network equipment is required, and also require high network bandwidth utilization. It is a trend to develop increasingly using multi-core processors for high-performance network servers. Propose a method to improve the performance of the network sub-system, considering the characteristics of multi-core as a way to improve these high-performance and high network throughput. In this paper, we confirm through experiments on how to improve the communication performance, optimize performance and take full advantage of multi-core by Network communication process to improve the performance of the multi-core processor architecture, the process of concentration, the overhead for each core, based on network traffic according to the interrupt affinity in this process to determine the optimal core to give. The experiments were implemented in the Linux kernel, and experiments to improve the network throughput up to 30%, bringing reduces the Linux communication process to improve the performance of the processor overhead of up to 10%.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.865-874
• /
• 2005

The information stored in the computer system needs to be protected from unauthorized access, malicious destruction or alteration and accidental inconsistency. In this paper, we propose an intrusion detection system based on sensor concept for defecting and preventing malicious attacks We use software sensor objects which consist of sensor file for each important directory and sensor data for each secret file. Every sensor object is a sort of trap against the attack and it's touch tan be considered as an intrusion. The proposed system is a new challenge of setting up traps against most interception threats that try to copy or read illicitly programs or data. We have implemented the proposed system on the Linux operating system using loadable kernel module technique. The proposed system combines host~based detection approach and network-based one to achieve reasonably complete coverage, which makes it possible to detect unknown interception threats.

• The KIPS Transactions:PartA
• /
• v.13A no.6 s.103
• /
• pp.517-524
• /
• 2006

In cluster computers, it is essential to Implement the single I/O space(SIOS) supporting integrated I/O substructure to efficiently process I/O intensive applications. SIOS service provides with global I/O address space to directly access peripherals and hard disks in its own or remote nodes from any node in the cluster computer In this thesis, we propose the implementation method of SIOS in Linux clusters by using only freewares. This method is implemented at device driver level that uses Enhanced Network Block Device(ENBD) and file system level that uses S/W RAID and NFS. The major strengths of this method are easiness of implementation and almost no cost due to using freewares. In addition, since freewares used are open sources, it is possible to apply this method to other platforms with only slight modification. Moreover, experiments show that I/O throughputs are up to 5.5 times higher in write operations and approximately 2.3 times higher in read operations than those of CDD method that uses the device driver developed at kernel level.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.763-765
• /
• 2005

DVS(dynamic voltage sealing)은 이동형 프로세서에서 에너지 효율을 높이기 위한 필수 요소로 자리 잡고있다. DVS를 효과적으로 사용하기 위해선 대상 태스크의 특성과 하드웨어 특성에 맞는 DVS 알고리즘이 필요하다. 상품화 수준의 않은 운영체계들이 일정한 인터벌(interval)을 바탕으로 시스템 사용 상황을 분석하여 목표 성능을 결정하는 방식을 사용하고 있다. 이러한 방식은 태스크의 특성이 갑자기 변하여 성능을 요구할 경우 인터벌만큼의 시간이 진행된 후에야 반응 한다는 단점이 있다. 또한, 태스크 별 특성이 아닌 시스템 전체의 특성을 따르므로 이질적인 성격의 태스크들이 동시에 실행 되는 환경에는 적합하지 않다. 최근의 모바일 프로세서들은 수 마이크로초 수준의 성능 전환 시간을 제공하고 있으며 이 속도는 계속 줄어들고 있다. 프로세서의 고성능화로 인해 I/O 작업의 경우 프로세서 성능에 따른 실행 시간의 차이가 존재 하지 않는다. 이러한 두 가지 특성을 바탕으로 우리는 TIB(timer interrupt based) 알고리즘을 제안한다. TIB 알고리즘은 일정한 길이의 인터벌 대신 타임 슬라이스(time slice)를 성능 결정의 단위로 삼는다. 성능의 결정은 태스크 별로 이루어지며 각 태스크가 사용했던 이전 타임 슬라이스가 타이머 인터룹트(timer interrupt)에 의해 끝났다면 최대의 성능을 그 외의 경우는 최저의 성능으로 실행하게 된다. 이러한 접근 방식을 통해 I/O 작업이나 이벤트를 기다리는 태스크에 대해 최저 성능을 제공함으로써 실행 시간의 적은 손해를 대가로 많은 에너지 절감을 이룰 수 있다. 또한, 태스크의 속성이 변한 경우 타임 슬라이스 길이 만큼의 지체만을 허용하게 된다. 이러한 TIB 인터벌에 기반한 알고리즘에 비해 개별 태스크의 특성에 따른 성능 조절과 태스크의 변화에 따른 빠른 반응을 자랑으로 한다. 본 논문에선 TIB 알고리즘을 리눅스 커널에 구현하여 성능을 평가하였고 그 결과 리눅스에서 사용되는 기존 인터벌 기반의 알고리즘들에 비해 좋은 전력 절감 효과를 얻을 수 있었다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.3
• /
• pp.557-567
• /
• 2018

There are currently various file encryption solutions for encrypting and storing files on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this paper, we propose a system call supporting partial encryption function of the file. The user sets the encryption information with the system call interface at a portion where encryption of the file data is desired. And then the user writes file data, the data is encrypted and stored. Also if the user sets decryption information and reads the file data, the necessary part is decrypted by applying the set information. For the proposed system call, It consists of inspection module, management module, encryption module, decryption module, and HMAC module as per required system call. And it was implemented on the Linux environment. Also the operation of implemented system call was verified on the development board, and the performance was analyzed by measuring performance speed.

• Journal of Convergence Society for SMB
• /
• v.2 no.1
• /
• pp.51-58
• /
• 2012

Android platform is a powerful operating system developed on Linux 2.6 Kernel, and provides many features such as comprehensive libraries, a multimedia environment, and powerful interface for phone applications. Since Android is an open operating system, which can be installed in any vendors's equipments. Current smartphones as well as netbooks, navigations, car PCs, tablet PCs, Industrial PCs are used in various fields. It is difficult a lot that to mount to other devices on the Android platform or new devices. In this Paper, The process that data that occurred from a hardware was passed to the highest application and Android platform system for managing hardware devices were analyzed. Building Android & driver compilation environment, How to support the protocol for the use of WiFi in the kernel, How to Mount a WiFi device in the kernel, Device driver registration for the Android platform, WiFi Management Service Daemon (wpa_supplicant) and IP allocation services daemon (dhcpcd) registration, How to create a socket for communication between the daemon (wpa_supplicant) and HAL have been presented. In the experiment using the proposed method, WiFi devices were mounted on the Android platform in the X-86 & ARM family. Understanding the whole process of control flow in Android hierarchy is very important to porting a new device on it. The process included in this paper can help technicians who might encounter the obstacles in their porting works.

• Journal of KIISE
• /
• v.43 no.11
• /
• pp.1179-1187
• /
• 2016

Android- and Linux-based embedded systems require device drivers, which are structured and built in kernel functions. However, device driver software (firmware) provided by various 3rd parties is not usually checked in terms of their security requirements but is simply included in the final products, that is, Android-based smart phones. In addition, static analysis, which is generally used to detect vulnerabilities, may result in extra cost to detect critical security issues such as privilege escalation due to its large proportion of false positive results. In this paper, we propose and evaluate an effective technique to detect vulnerabilities in Android device drivers using both static and dynamic analyses.

• The Journal of the Korea Contents Association
• /
• v.9 no.5
• /
• pp.33-39
• /
• 2009

As the usage of computers and mobile handsets is popularized, the processing and storing of private and business data are increased. Hence we note that these sensitive data should never be transferred out of these personal devices without user's permission. In this paper, we propose a simple method to prevent transferring the sensitive data out of personal computing devices through their networking interfaces. The proposed method determines which processes invoke open system call related to the sensitive data, and then traces them within a specific duration. The proposed scheme has advantage over the existing ones using authentication or encryption because it could be still working well independent upon the new attack technologies or the latest vulnerabilities of hardware and software. In order to verify the proposed algorithm, we test it by implementing the necessary codes at the user and kernel spaces of Linux.

• Proceedings of the KIEE Conference
• /
• 2006.11a
• /
• pp.6-8
• /
• 2006

변전소 자동화 시스템에서 IED(Intelligent Electronic Device)들 간의 효과적인 통신을 위해 표준프로토콜인 IEC-61850이 제시되면서 이를 구현하고 응용하기 위한 관심이 높아지고 있다. 본 논문은 IEC-61850 표준규격을 분석하여 제시된, 거리 계전 IED 모델을 이용해 송전선 보호 IED를 구현하였다. 통신기능 구현은 리눅스 커널 2.6 기반의 통신보드를 사용하였고 계전 알고리즘의 수행은 TMS320C32 기반의 DSP(Digital Signal Processor) 보드를 사용하였다. 보드간 통신은 CAN(Cont roller Area Network) 통신으로 이루어 졌으며 사례연구를 위해 RTDS(Real Time Digital Power System Simulator)를 이용하여 입력신호를 생성하였다. 구성된 시스템의 검증을 위해 거리계전기에서 후비보호 시 발생할 수 있는 문제점을 시뮬레이션 하였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1049-1055
• /
• 2013

Smartphones are rapidly growing because of easy installation of the apps (application software) that users actually want. There are increasingly many apps that require cryptographic suites to be installed, for instance, for protecting account and financial data. Android platform provides protection mechanisms for memory and storage based on Linux kernel, but they are vulnerable to rooting attacks. In this paper, we analyze security mechanisms of Android platform and point out security problems. We show the security vulnerabilities of several commercial apps and suggest appropriate countermeasures.