• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.16 no.1
• /
• pp.46-56
• /
• 1991

In this paper, 16word X 8bit Content Addressable and Reentrant Memory(CARM) is described. This device has 4 operation modes(read, write, match, reentrant). The read and write operation of CARM is like that of static RAM, CARM has the reentrant mode operation where the on chip garbage collection is accomplished conditionally. Thus function can be used for high speed matching unit of dynamic data flow computer. And CARM also can encode matching address sequentially according to therir priority. CARM consists of 8 blocks(CAM cell, Sequential Address Encoder(S.A.E). Reentrant operation. Read/Write control circuit, Data/Mask Register, Sense Amplifier, Encoder. Decoder). Designed DARM can be used in data flow computer, pattern, inspection, table look-up, image processing. The simulation is performed using the QUICKSIM logic simulator and Pspice circuit simulator. Having hierarchical structure, the layout was done using the 3{\;}\mu\textrm{m} n well CMOS technology of the ETRI design rule.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.3-10
• /
• 2020

Recently, the Internet and networks are regarded as essential infrastructures that constitute society, and security threats have been constantly increased. However, the network switch that actually transmits packets in the network can cope with security threats only through firewall or network access control based on fixed rules, so the effective defense for the security threats is extremely limited in the network itself and not actively responding as well. In this paper, we propose an in-network security framework using the high-level data plane programming language, P4 (Programming Protocol-independent Packet Processor), to deal with DDoS attacks and IP spoofing attacks at the network level by monitoring all flows in the network in real time and processing specific security attack packets at the P4 switch. In addition, by allowing the P4 switch to apply the network user's or administrator's policy through the SDN (Software-Defined Network) controller, various security requirements in the network application environment can be reflected.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.5
• /
• pp.37-45
• /
• 2004

As Internet technologies are mature, many new applications that are different characteristics are emerging. Recently we see wide use of P2P(Peer to Peer) applications of which traffic shows different statistical characteristics compared with traditional application such as web(HTTP) and FTP(File Transfer Protocol). In this paper, we measured subscriber network of KT(Korea Telecom) to analyze P2P traffic characteristics. We show flow characteristics of measured traffic. We also estimate Hurst parameter of P2P traffic and compare self-similarity with web traffic. Analysis results indicate that P2P traffic is much bustier than web traffic and makes both upstream traffic and downstream traffic be symmetric. To predict parameters related QoS such as packet loss and delays we model P2P traffic using two self-similar traffic models and predict both loss probability and mm delay then compare their accuracies. With simulation we show that the self-similar traffic models we derive predict the performance of P2P traffic accurately and thus when we design a network or evaluate its performance, we can use the P2P traffic model as reference input traffic.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.1
• /
• pp.23-34
• /
• 2022

With the development of network technology, the application area has also been diversified, and protocols for various purposes have been developed and the amount of traffic has exploded. Therefore, it is difficult for the network administrator to meet the stability and security standards of the network with the existing traditional switching and routing methods. Software Defined Networking (SDN) is a new networking paradigm proposed to solve this problem. SDN enables efficient network management by programming network operations. This has the advantage that network administrators can flexibly respond to various types of attacks. In this paper, we design a threat level management module, an attack detection module, a packet statistics module, and a flow rule generator that collects attack information through the controller and switch, which are components of SDN, and detects attacks based on these attributes of SDN. It proposes a method to block denial of service attacks (DoS) of advanced attackers by programming and applying honeypot. In the proposed system, the attack packet can be quickly delivered to the honeypot according to the modifiable flow rule, and the honeypot that received the attack packets analyzed the intelligent attack pattern based on this. According to the analysis results, the attack detection module and the threat level management module are adjusted to respond to intelligent attacks. The performance and feasibility of the proposed system was shown by actually implementing the proposed system, performing intelligent attacks with various attack patterns and attack levels, and checking the attack detection rate compared to the existing system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.842-845
• /
• 2012

의료기기는 헬스케어 서비스를 위한 필수요소로 최근 의료와 관련된 스마트폰 애플리케이션의 증가와 함께 스마트폰과 연결되는 의료기기를 활용한 스마트 헬스케어가 대두되고 있다. 이러한 스마트 헬스케어는 현재 ISO/IEEE 11073 표준을 통해 의료기기와 게이트웨이를 연결하여 임상정보를 전송하고 게이트웨이는 HL7 CDA 표준 문서를 통해 전자 건강 기록 및 개인 건강 기록 시스템, 임상 워크플로우 및 임상 의사 결정 지원 시스템과 같은 유형의 의료 서비스 시스템과 연동하는 솔루션이다. ISO/IEEE 11073은 DIM(Domain Information Model)이라는 정보 모델을 기반으로 하며 HL7 v3인 CDA는 RIM(Reference Information Model)이 있기 때문에 상이한 인터페이스간의 매핑 매커니즘을 필요로 한다. 이에 본 논문에서는 스마트폰 환경에서 의료 응용 애플리케이션에서의 효율적인 의료기기 데이터 운용을 위해 RMIM(Refined Message Information Model) 기반의 IEEE 11073 DIM/HL7 v3 RIM 표준 인터페이스 변환 방법을 제안한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.04a
• /
• pp.874-876
• /
• 2002

의무분리 정책의 목적은 정보의 무결성을 필요로 하는 연산들을 여러 역할이나 사용자에게 분산시킴으로써 조직 내에서 관리하는 정보의 무결성 침해 가능성을 최소화하는 것이며, 이는 기업 환경에서 중요한 보안 요구사항이다. 역할기반 접근제어는 응용에 따라 보호 객체들에 대한 역할들로 분류하여 단순한 권한 관리를 제공하며 ,의무분리 정책을 시행하기에 적합하여 기존의 강제적 접근제어나 임의적 접근제어에 대한 대안으로 의무분리와 관련하여 다양한 기법들이 제시되었다. 그러나 역할 수준의 의무분리는 역할에 할당된 과업들을 상호 배타적인 작업의 수행에 관련되지 않은 과업도 모두 배제시키게 되어 과업 실행의 유연성이 떨어지게 되므로 상호 배타적인 작인을 수행하는 과업들에 할당된 최소의 권한을 배제시키는 것이 합리적이다. 본 논문은 기업 환경에 적합한 과업-역할기반 접근제어 모델을 기초로 하여 과업의 특성에 따라 분류된 유형별로 과업 수준의 동적 의무분리를 적용하는 기법을 제시한다. 특히 실제 사용자가 병렬적으로 수행하는 워크플로우와 다중 세션 환경에서 상호 배타적인 과업들과 과업 인스턴스들에도 적용이 가능만 세션기반의 동적 의무분리 기법을 제시한다 이때 기존의 동일 사용자에 의한 동적 의무분리 적용을 공모가 가능한 사용자들에 의해 생성된 다중 세션들간의 동적 의무분리를 제시함으로써 의무분리의 목적을 만족시킨다.

• Journal of KIISE:Computer Systems and Theory
• /
• v.35 no.1
• /
• pp.53-59
• /
• 2008

In spite of increasing complexity of wireless sensor network applications, most of the sensor node platforms still have severe resource constraints. Especially a small amount of memory and absence of a memory management unit (MMU) cause many problems in managing application thread stacks. Hence, a shared-stack was proposed, which allows several threads to share one single stack for minimizing the amount of memory wasted by fixed-size stacks. In this paper, we present the memory usage models for thread stacks by deriving the overflow probability of the fixed-size stack and the shared-stack and also show that the shared-stack is more reliable than the fixed-size stack.

• Proceedings of the Korea Contents Association Conference
• /
• 2007.11a
• /
• pp.509-512
• /
• 2007

The purpose of the PLSI(Patnership & Leadership for the national Supercomputing Infarastructure) is to maximize a utilization of public supercomputing resources by linking with each other. When someone performs a simulation and visualization of an application using it's resources on each sites, it needs to construct the infrastructure, so that afford to access the data globally. So, in this research, I implemented the global shared filesystem mutually to share remote filesystem's data between KISTI and Pusan National University's supercomputing center based on GPFS of parallel file system, and analyzed a performance of network and filesystem on 1Gbps WAN.

• Journal of Applied Reliability
• /
• v.10 no.2
• /
• pp.93-105
• /
• 2010

The following thesis provides an explanation for the definition of the MIL-HDBK-2155 : Failure Reporting, Analysis and Corrective Action System (FRACAS), which systemizes the collection and analysis of failure data and the feedback process of the results. It also presents a plan based on MIL-HDBK-2155 for the collection and analysis of operating specifications on weapon systems. The collection and analysis of failure data and the feedback process utilizing FRACAS contributes to identifying improvement requirements during equipment operation as well as finding and eliminating the root cause of the failures. The objective of applying FRACAS to weapon systems is to receive source data feedback for reliability enhancements and performance improvements during operation. This is done by recognizing weaknesses in the design or operation by identifying the type of failures that might occur, and by performing Failure Modes, Effects and Criticality Analysis(FMECA) and Failure Tree Analysis(FTA).

• Journal of Korea Multimedia Society
• /
• v.17 no.10
• /
• pp.1189-1197
• /
• 2014

Recently, general purpose graphic processing units(GPUs) are being widely used in mobile embedded systems such as smart phone and tablet PCs. Because of architectural limitations of mobile GPGPUs, only a single program is allowed to occupy a GPU at a time in a non-preemptive way. As a result, it is difficult to meet performance requirements of applications such as frame rate or response time if applications running on a GPU are not scheduled properly. To tackle this difficulty, we propose to specify applications using synchronous data flow model of computation such that applications are formed with edges and nodes. Then nodes of applications are scheduled onto a GPU unlike conventional scheduling an application as a whole. This approach allows applications to share a GPU at a finer granularity, node (or task)-level, providing several benefits such as eliminating need for manually partitioning applications and better GPU utilization. Furthermore, any scheduling policy can be applied in response to the characteristics of applications.