• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.298-301
• /
• 2024

클라우드 환경에서 컨테이너 사용이 증가하면서 컨테이너 환경을 대상으로 하는 여러 보안 위협이 증가하고 있다. 대표적인 악성 컨테이너는 크립토재킹 컨테이너로, 인스턴스 소유자의 승인 없이 리소스를 탈취하여 암호화폐를 채굴하는 공격이다. 이러한 공격은 리소스 낭비를 초래할 뿐 아니라 자원을 공유하는 정상 컨테이너나 호스트 인프라에까지도 영향을 미칠 수 있다. 따라서 본 논문에서는 크립토재킹 컨테이너를 탐지하기 위한 앙상블 기반의 크립토재킹 컨테이너 탐지 프레임워크 설계를 제안한다. 또한, 앙상블 모델 학습을 위한 데이터 수집에 있어 크립토재킹 컨테이너의 동적 특징을 나타내는 시스템 콜 및 네트워크 플로우 기반의 특성 활용 가능성을 사례 연구를 통해 분석하였다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.7
• /
• pp.462-475
• /
• 2007

The Embedded system provides human-centric services in many fields of education, information, industry and service, and monitoring programs have been variously developed for managing, controlling and testing for these embedded systems. Currently, many kernel trace toolkits are being used for monitoring. These trace toolkits are so complicate that we present $ETT^{plus}$, our simple and explicit embedded kernel trace toolkit, for embedded systems and describe the transmission method for trace data between the embedded target system and the host system. $ETT^{plus}$ provides the solution to solve the problems such as the difficult kernel patch and file system dependency in existing kernel trace toolkits like LTT. Furthermore, we present the experimental results about embedded system performance evaluations such as system call execute time or network data transmission time by using $ETT^{plus}$.

• Journal of Energy Engineering
• /
• v.20 no.1
• /
• pp.30-35
• /
• 2011

To clarify the hydraulic and thermal characteristics of ice slurry which made from 6.5% ethylene glycol-water solution flow in the double tube and plate type heat exchanger, experimental studies were performed. The mass flux and ice fraction of ice slurry were varied from 800 to 3500 kg/$m^2s$(or 7 to 17 kg/min) and from 0 to 25%, respectively. Through the experiment, it was found that the measured pressure drop and heat transfer rate increase with the mass flux and ice fraction; however the effect of ice fraction appears not to be significant at high mass flux region. At the region of low mass flux, a sharp increase in the pressure drop and heat transfer rate were observed depends on mass flux.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.340-347
• /
• 2001

Security operating system applied to MAC(Mandatory Access Control) or to MLS(Multi Level Security) gives both subject and object both Security Level and value of Category, and it restrict access to object from subject. But it violates Security policy of system and could be a circulated course of illegal information. This is correctly IPC(Interprocess Communication)mechanism and Covert Channel. In this thesis, I tried to design and implementation as OS kernel in order not only to give confidence of information circulation in the Security system, but also to defend from Covert Channel by Storage and IPC mechanism used as a circulated course of illegal information. For removing a illegal information flow by IPC mechanism. I applied IPC mechanism to MLS Security policy, and I made Storage Covert Channel analyze system call Spec. and than distinguish Storage Covert Channel. By appling auditing and delaying, I dealt with making low bandwidth.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 1990.04a
• /
• pp.22-31
• /
• 1990

In this paper, we have studied modelling and simulation of computer communication protocols theoretically. After describing a definition and functions of communication protocols, we have classified models for protocol design. And, in those protocol models, by endowing Timed Petri Net (TPN) models with a time function .tau., we have proposed a structural definition of TPN models. Furthermore, in order to complement Petri Net Based models with some problems, we have introduced the Discrete EVent system Specification (DEVS) concept in system simulation field. As an important result of our study, we have presented a theorem, which says that a TPN model becomes a DEVS model, and proved it. According to the theorem, we can perform efficient simulation by using the DEVS model transformed from a TPN model when we intend the TPN model to be simulated, otherwise we design another simulation model for it.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.18 no.2
• /
• pp.272-277
• /
• 2008

Symmerge is a stable minimum storage merging algorithm that needs $O(m{\log}{\frac{n}{m}})$ element comparisons, where in and n are the sizes of the input sequences with $m{\leq}n$. Hence, according to the lower bound for merging, the algorithm is asymptotically optimal regarding the number of comparisons. The Symmerge algorithm is based on the standard recursive technique of "divide and conquer". The objective of this paper is to consider the relationship between m and n for the degenerated case where the recursion depth reaches m-1.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.431-433
• /
• 2010

VoIP is a communication technique can be used anywhere you can find wifi signal and it costs much lower than conventional mobile service. However, security of VoIP is not as robust as former, the converse could be easily intercepted and attacked especially in MANETs which the attackers access easier than in wired networks. Sercurity of VoIP system in MANETs is an important issue nowadays. In this paper, a typical attack method of VoIP systems in MANETs is described and we implement how to prevent it.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.397-400
• /
• 2024

2013년 도커가 등장한 이후, 컨테이너 기술을 기반으로 한 프로젝트 및 사업이 지속적으로 활성화되고 있는 추세이다. 도커 컨테이너는 커널을 포함하고 있지 않음에 따라 기존 가상머신에 비해 경량화된 형태로 애플리케이션을 프로비저닝하는데 활용될 수 있다. 또한, 도커에서는 퍼블릭 도커 이미지 레포지토리인 Docker Hub를 통해 개발된 도커 이미지가 공유 및 배포될 수 있도록 하여 개발자들이 자신의 목적에 부합하는 서비스를 구축하는데 많은 도움을 주고 있다. 최근에는 클라우드 네이티브 환경에 대한 수요가 증가하면서 컨테이너 기술이 더욱 각광받고 있는 실정이다. 이에 따라 도커 이미지 및 이를 기반으로 한 도커 컨테이너 환경에 대한 보안을 위한 연구/개발은 다수 이루어지고 있으나, 도커 이미지 라이선스 컴플라이언스 이슈에 대한 논의 및 민감 데이터 보호 방안에 대한 연구/개발은 부재한 상황이다. 이에 본 논문에서는 도커 이미지 라이선스 컴플라이언스 위반 방지 시스템을 제안하여 도커 이미지 업로드시, Docker Hub 내 도커 이미지와 유사도 검사를 수행할 수 있는 방안을 제시하고자 하며, 도커 이미지 내 민감 데이터를 식별하고 이를 보안할 수 있는 방안에 대해 제시하여 신뢰할 수 있는 도커 컨테이너 공급망을 구축할 수 있음을 보인다.

• Journal of Digital Contents Society
• /
• v.19 no.9
• /
• pp.1751-1758
• /
• 2018

An integrated medical information system that integrates systems consisting of different environments centered on hospital information systems should be provided as a system that prioritizes the improvement of the quality of medical services, customer satisfaction, and patient safety. The RBAC-based medical information system is granted the access right according to task type, role, and rules. Through this, it is possible to use SMS channel, medical reservation and cancellation, customized statistics, and CRM / EMR interworking service using multi-channel to enable communication service without help of counselor and reduce the default rate of reservation patient, Operational improvement services can be extended to medical staff, patients and their families, as well as expanding to important decisions for patients.

• Journal of Digital Convergence
• /
• v.9 no.5
• /
• pp.225-233
• /
• 2011

Internet telephony is an Internet service which supports voice telephone using VoIP technology on the IP-based Internet. It has some advantages in that voice telephone services can be accompanied with multimedia services such as video communication and messaging services. Recently, the introduction of smart phones has led to a growth in social networking services and thus, the research and development of Internet telephony has been actively progressed and has the potential to become a replacement for the telephone service that is currently being used. In this paper we designed and implemented a recording system which records voice data of SIP-based Internet telephone's voice calls. It is developed on the linux system and has some features such as audio mixing of two in/out voice channels, live packet sniffing, and the ability to transfer mixed audio files to the log file server. These functions are implemented using various open source softwares. Afterwards, this VoIP recording system will be applied as a base technology to advanced services like a VoIP-based call center system.