• Journal of KIISE:Databases
• /
• v.34 no.6
• /
• pp.546-553
• /
• 2007

As ontologies are used widely, interest for semantic similarity search is also increasing. In this paper, we suggest a query evaluation scheme for k-nearest neighbor query, which retrieves k most similar objects to the query object. We use the best match method to calculate the semantic similarity between objects and use the signature tree to index annotation information of objects in database. The signature tree is usually used for the set similarity search. When we use the signature tree in similarity search, we are required to predict the upper-bound of similarity for a node; the highest similarity value which can be found when we traverse into the node. So we suggest a prediction function for the best match similarity function and prove the correctness of the prediction. And we modify the original signature tree structure for same signatures not to be stored redundantly. This improved structure of signature tree not only reduces the size of signature tree but also increases the efficiency of query evaluation. We use the Gene Ontology(GO) for our experiments, which provides large ontologies and large amount of annotation data. Using GO, we show that proposed method improves query efficiency and present several experimental results varying the page size and using several node-splitting methods.

• Journal of Korea Spatial Information System Society
• /
• v.10 no.3
• /
• pp.1-18
• /
• 2008

Because we can usually get many information through analyzing trajectories of moving objects on spatial networks, efficient trajectory index structures are required to achieve good retrieval performance on their trajectories. However, there has been little research on trajectory index structures for spatial networks such as FNR-tree and MON-tree. Also, because FNR-tree and MON-tree store the segment unit of moving objects, they can't support the trajectory of whole moving objects. In this paper, we propose an efficient trajectory index structures based on signatures on a spatial network, named SigMO-Tree. For this, we divide moving object data into spatial and temporal attributes, and design an index structure which supports not only range query but trajectory query by preserving the whole trajectory of moving objects. In addition, we divide user queries into trajectory query based on spatio-temporal area and similar-tralectory query, and propose query processing algorithms to support them. The algorithm uses a signature file in order to retrieve candidate trajectories efficiently Finally, we show from our performance analysis that our trajectory index structure outperforms the existing index structures like FNR-Tree and MON-Tree.

• Annual Conference of KIPS
• /
• 2020.11a
• /
• pp.370-373
• /
• 2020

본 연구는 파일기반 악성파일 탐지시간을 줄이는 알고리즘 사용에 대해 기술하고 있다. 기존 탐지방식은 파일의 시그니처 값에 대한 유사도를 단순히 비교하는 것에만 그쳐 오탐율이 높거나 새롭게 생성되는 악성파일을 대응할 수 없는 제한점이 있다. 또한 정확도를 높이고자 딥 러닝을 통한 탐지방식이 제안되고 있으나 이 또한 동적분석으로 진행이 되기 때문에 시간이 오래 걸리는 제한이 있다. 그래서 우리는 이를 보완하는 VP Tree 탐지를 제안한다. 이 방법은 시그니처 값이 아닌 다차원에서의 해시 값의 데이터 위치를 기반으로 거리를 척도 한다. 유클리드 거리 법, 맨해튼 거리법이 사용되며 삼각부등식의 만족하는 기준으로 K-NN 이 생성이 되며, K-NN 을 이진 트리로 구성하여 인덱스를 통한 탐지를 진행하기에 기존 방법들을 보완할 수 있는 대안점이 될 수 있으며, 악성파일과 정상파일이 섞여 존재하는 총 3 만개의 데이터를 대상으로 악성파일 탐지 테스트를 진행하였으며 기본 방식에 비해 약 15~20%정도 속도가 단축된다는 것을 입증했다.

• Journal of KIISE:Databases
• /
• v.29 no.1
• /
• pp.79-88
• /
• 2002

Data on the Internet are usually represented and transfered as XML. the XML data is represented as a tree and therefore, object repositories are well-suited to store and query them due to their modeling power. XML queries are represented as regular path expressions and evaluated by traversing each object of the tree in object repositories. Several indexes are proposed to fast evaluate regular path expressions. However, in some cases they may not cover all possible paths because they require a great amount of disk space. In order to efficiently evaluate the queries in such cases, we propose an optimized traversing which combines the signature method and block traversing. The signature approach shrink the search space by using the signature information attached to each object, which hints the existence of a certain label in the sub-tree. The block traversing reduces disk I/O by early evaluating the reachable objects in a page. We conducted diverse experiments to show that the hybrid approach achieves a better performance than the other naive ones.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.3
• /
• pp.45-54
• /
• 2014

In this paper, an improved two-step P2P traffic classification scheme is proposed to overcome the limitations of the existing methods. The first step is a signature-based classifier at the packet-level. The second step consists of pattern heuristic rules and a statistics-based classifier at the flow-level. With pattern heuristic rules, the accuracy can be improved and the amount of traffic to be classified by statistics-based classifier can be reduced. Based on the analysis of different decision tree algorithms, the statistics-based classifier is implemented with REPTree. In addition, the ensemble algorithm is used to improve the performance of statistics-based classifier Through the verification with the real datasets, it is shown that our hybrid scheme provides higher accuracy and lower overhead compared to other existing schemes.

• Journal of Korea Spatial Information System Society
• /
• v.11 no.2
• /
• pp.99-110
• /
• 2009

Currently, there are many applications being developed based on sensor network technology. A tracking method for moving objects in sensor network is one of the main issue of this field. There is a little research on this issue, but most of the existing work has two problems. The first problem is a communication overhead for visiting sensor nodes many times to track a moving object. The second problem is an disability for dealing with many moving objects at a time. To resolve the problems, we, in this paper, propose a signature-based tracking method using efficient data aggregation for moving objects, called SigMO-TRK. For this, we first design a local routing hierarchy tree to aggregate moving objects' trajectories efficiently by using a space filtering technique. Secondly, we do the tracking of all trajectories of moving objects by using signature in a efficient way, our approach generates signatures to method. In addition, by extending the SigMO-TRK, we can retrieve the similar trajectories of moving objects for given a query. Finally, by using the TOSSIM simulator, we show that our signature-based tracking method outperforms the existing tracking method in terms of energy efficiency.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.209-215
• /
• 2018

In this paper, we propose a method to detect and block Meltdown malicious code which is increasing rapidly using dynamic sandbox tool. Although some patches are available for the vulnerability of Meltdown attack, patches are not applied intentionally due to the performance degradation of the system. Therefore, we propose a method to overcome the limitation of existing signature detection method by using machine learning method for infrastructures without active patches. First, to understand the principle of meltdown, we analyze operating system driving methods such as virtual memory, memory privilege check, pipelining and guessing execution, and CPU cache. And then, we extracted data by using Linux strace tool for detecting Meltdown malware. Finally, we implemented a decision tree based dynamic detection mechanism to identify the meltdown malicious code efficiently.