• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.6
• /
• pp.1443-1448
• /
• 2007

In this paper, we implement a distributed computing environment-based travel information service that can use web(internet) and speech interface at the same time and can apply location information, using voice and web browser-based VoiceXML and GPS, to escape the limitations of traditional web(internet)-based travel information services. Because of IVR(Interactive Voice Response) of traditional call center has operated to a pre-installation scenario, it takes much a service time and has the inconveniences that must repeat speech recording according to the revised scenarios in case change response contents. However, suggested VoiceXML and GPS-based travel information service system has advantages that reorganization of system setups is easy, because it consists of the method to update server after make individual conversation scenarios by file format(document), and can provide usefully various travel information in environmental restriction conditions such as the back regions environment, according as our prototype find user's present location using GPS information and then provide various travel information service by this information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.89-100
• /
• 2011

Physical memory analysis has been an issue on a field of live forensic analysis in digital forensics until now. It is very useful to make the result of analysis more reliable, because record of user behavior and data can be founded on physical memory although process is hided. But most memory analysis focuses on windows based system. Because the diversity of target system to be analyzed rises up, it is very important to analyze physical memory based on other OS, not Windows. Mac OS X, has second market share in Operating System, is operated by loading kernel image to physical memory area. In this paper, We propose a methodology for physical memory analysis on Mac OS X using symbol information in kernel image, and acquire a process information, mounted device information, kernel information, kernel extensions(eg. KEXT) and system call entry for detecting system call hooking. In additional to the methodology, we prove that physical memory analysis is very useful though experimental study.

• Journal of Korea Society of Industrial Information Systems
• /
• v.27 no.2
• /
• pp.1-10
• /
• 2022

Deception technology is an extended concept of honeypot, which detects, prevents or delays attacks by deceiving adversaries. It has been applied to various system components such as network ports, services, processes, system calls and database management systems. We can apply the same concept to attacks on files. A representative example of a file attack is ransomware. Ransomware is a type of malware that encrypts user files and ask for ransom to recover those files. Another example is the wiper attack, which erases all or target files of a system. In this paper we propose a defense mechanism against these kinds of attacks by hiding files. Compared to backup or virtualization techniques, the proposed method incurs less space and performance overheads.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.12
• /
• pp.429-436
• /
• 2022

Temporary files are generated when the Hash Join is performed on tables larger than the memory. During the join process, each temporary file is deleted sequentially after it completes the I/O operations. This paper reveals for that the fallocate system call and file deletion-related trim options significantly impact the hash join performance when temporary files are managed on SSDs rather than hard disks. The experiment was conducted on various commercial and research SSDs using PostgreSQL, a representative open-source database. We find that it is possible to improve the join performance up to 3 to 5 times compared to the default combination depending on whether fallocate and trim options are used for temporary files. In addition, we investigate the write amplification and trim command overhead in the SSD according to the combination of the two options for temporary files.

• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.6
• /
• pp.460-471
• /
• 2004

Since the RTP is suitable for real-time data transmission in multimedia services like VoD, AoD, and VoIP, it has been adopted as a real-time transport protocol by RTSP, H.323, and SIP. Even though the RTP protocol stack for embedded systems has been in great need for efficient support of multimedia services, such a stack has not been developed yet. In this paper, we explain embeddedRTP which supports the RTP protocol stack at the kernel level so that it is suitable for embedded systems. Since embeddedRTP is designed to reside in the UBP module, existing applications which rely ell TCP/IP services can proceed the same as before, while applications which rely on the RTP protocol stack can request HTP services through embeddedRTp API. EmbeddedRTP stores transmitted RTP packets into per session packet buffer, using the packet's port number and multimedia session information. Communications between applications and embeddedRTP is performed through system calls and signal mechanisms. Additionally, embeddedRTP API makes it possible to develop applications more conveniently. Our performance test shows that packet-processing speed of embeddedRTP is about 7.5 times faster than that oi VCL RTP for multimedia streaming services on PDA in spite that its object code size is reduced about by 58% with respect to UCL RTP's.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.13-25
• /
• 2005

In these days, there are various uses of Linux such as small embedded systems, routers, and huge servers, because Linux gives several advantages to system developers by allowing to use the open source code of the Linux kernel. On the other hand, the open source nature of the Linux kernel gives a bad influence on system security. If someone wants to exploit Linux-based systems, the attacker can easily do it by finding vulnerabilities of their Linux kernel sources. There are many kinds of existing methods for lading source-level vulnerabilities of softwares, but they are not suitable for finding source-level vulnerabilities of the Linux kernel which has an enormous amount of source code. In this paper, we propose the Onion mechanism as a methodology of finding source-level vulnerabilities of Linux kernel variables. The Onion mechanism is made up of two steps. The Int step is to select variables that may be vulnerable by using pattern matching mechanism and the second step is to inspect vulnerability of each selected variable by constructing and analyzing the system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.

• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.177-195
• /
• 2003

In a traditional customer support environment, mainly call centers or service centers are responsible for receiving inquiries from their customers via telephone calls. Due to the rapid growth of Internet with its widespread acceptance and accessibility, means of communication with customers in the traditional customer support center, such as telephones, letters, and direct-visiting, have been replaced by e-mails and bulletin board systems (BBSs) using the Internet constantly. BBSs are basically question and answer systems, they require some lead time to get answer from administrator. To reduce lead time, BBSs enable remote customers or users to log on and tap into a knowledge database that is generally formatted in the form of Frequently Asked Questions (FAQs) that provide answers and solutions to the common problems. And, many different types of the questions are mixed on the BBS. It is a burden to administrator. To build FAQs and to support BBS adminstrator, a supporting tool which is to categorize questions is helpful. In this research, we suggest an interactive question categorizing methodology which consists of steps to present question using keywords, identifying keywords' affinity, computing similarity among questions, and clustering questions. This methodology allows users to interact iteratively for clear manifestation of ambiguous questions. We also developed a prototype system, IQC (interactive question categorizer) and evaluated its performance using the comparison experiments with other systems. IQC is not a general purposed system, but it produces a good result in a given specific domain.

• Journal of Technology Innovation
• /
• v.18 no.2
• /
• pp.59-89
• /
• 2010

One of the key words that represent the culture and social phenomena in this 21st century is 'Digital Convergence'. Presently our society is going through the second evolving phase of the convergence, integration between industries. Integration between industries refers to the phenomenon of integrating various industrial areas such as broadcasting, communication, finance, automobile, and medical treatment as the range of IT utilization becomes extended. The telecommunication-broadcasting bundling is a typical example of integration between industries. This study analyzed the effect of the service features of the bundling on the customer's acceptance intention by applying the innovative technology product acceptance model, TAM, in the process of accepting the telecommunication-broadcasting bundling. This study suggests three independent variables, the 'low cost(discount)', 'service integrity', and 'selectability', which affect perceived usefulness, perceived ease of use, and perceived risk, and figures out the actual influence as follows. In conclusion, these results suggest that in order to accept and spread the telecommunication-broadcasting bundling, it is necessary to establish (1) the cost discounting strategy realize (price strategy), (2) the fee noticing system, payment system, call-service system, and systemic integration including installation and A/S system integration, and develop (service strategy), (3) the bundling or related options that can provide users with selectability (product strategy).

• The Transactions of the Korea Information Processing Society
• /
• v.1 no.2
• /
• pp.263-271
• /
• 1994

Automation of production in modern manufacturing is based on the integration of the various stage of production process by means of processing system. Information processing and network interface are of fundamental importance in programmable device in industrial automation, as they essential in order to active integration in production lines. In this paper, TBC(token bus controller) in the Mini-MAP board performs the function of the MAC sublayer, The LLC sublayer is implemented according to the specification of Class 3 that includes Type 1 and 3. And the MMS services are designed within the scope of implementation MAP 3.0 All the softwares are implemented under the real time executive for real time application of the Mini-MAP and they are loaded into PROMs at the network board. We tested the LLC functions to make use of a protocol analyzer for the token bus protocol. Also the MMS conformance test was carried out by exchanging primitives between a model system(including NIU) and a MMS product that had already passed the conformance the conformance test based on measurement method of network analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.145-154
• /
• 2014

In this paper, we propose a novel anti-malware system based on behavior profiling, called Andro-profiler. Andro-profiler consists of mobile devices and a remote server, and is implemented in Droidbox. Our aim is to detect and classify malware using an automatic classifier based on behavior profiling. First, we propose the representative behavior profiling for each malware family represented by system calls coupled with Droidbox system logs. This is done by executing the malicious application on an emulator and extracting integrated system logs. By comparing the behavior profiling of malicious applications with representative behavior profiling for each malware family, we can detect and classify them into malware families. Andro-profiler shows over 99% of classification accuracy in classifying malware families.