• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1019-1022
• /
• 2004

일반적으로 해커들은 네트워크상에 있는 목표(Target) 시스템에 대해 공격을 시도하기 위한 사전 단계로 포트 스캐닝(Port Scanning)을 통한 정보 수집의 단계를 선행하게 된다. 이 때, 사용되는 포트 스캐닝 기술은 이미 여러가지 방법이 알려져 있으며, 네트워크 관리자의 입장에서는 정상적인 네트워크 접속과 포트 스캐닝 공격을 구분해야만 한다. 본 논문에서는 네트워크를 통한 공격의 가장 많은 부분을 차지하고 있는 스캐닝 공격을 빠르고 효율적으로 탐지할 수 있는 룰 기반의 침입 탐지 시스템을 커널레벨과 응용레벨에서 설계하고 구현하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.282-285
• /
• 2007

최근 금융, 공공기관 등에서 개인 정보 유출이 빈번해짐에 따라 사회적으로 심각한 문제가 발생하고 있다. 한국산업기술진흥협회의 조사에 따르면, 이런 정보 유출이 외부의 불법적 시스템 침입으로 인해 발생하는 것보다, 대부분 데이터 접근이 인가된 내부자 소행으로 나타나고 있다. 이는 데이터베이스의 보안 취약성으로 인해, 내부의 비인가자 또는 인가자의 데이터 접근에 대한 통제 정책이 제대로 이루어지지 않기 때문이다. 이에 따라, 본 논문에서는 클라이언트에서 데이터베이스 서버로 요청되는 네트워크상의 패킷 분석을 통한 데이터베이스의 접근통제방법을 제안한다. 제안된 보안모델에서는, 사용자 정보 및 SQL 의 위 변조를 방지하기 위해서 공개키 인증과 메시지 인증코드 교환으로 무결성을 확보하였다. 또한 권한별 테이블의 컬럼 접근통제를 확장하기 위해서 데이터 마스킹 기법을 구현하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.1030-1032
• /
• 2011

주요 ISP(Internet Service Provider)와 금융기관 및 공공기관에서는 로그 분석에 대한 관심도가 높아지고 있다. 보안사고 발생시 원인 규명을 위한 근거자료와 재발방지를 위한 정보를 제공하고, 이를 기반으로 정보보호시스템 관리자에게 다양한 보안정책을 수립할 수 있는 기반자료로 활용 로그정보의 수집과 대용량의 로그정보를 백업할 수 있는 통합로그수집/백업시스템의 필요성이 절실히 요구되고 있다. 이에 본 논문에서는 로그메시지를 처리하기 위해서 제공하는 표준 인터페이스 중 하나인 SysLog를 기반으로 이종의 침입차단시스템의 로그를 통합관리하는 시스템을 설계 구현하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1138-1141
• /
• 2008

현재 컴퓨터와 인터넷, 정보기술의 발전은 사용자에게 편리함을 가져다 주었으나, 사이버 범죄라는 새로운 역기능을 가지게 되었다. 결국 이는 특정 목적을 가진 범죄자를 낳게되고 정보화 사회의 발전을 저해하는 커다란 걸림돌로 작용하게 되었으며, 이에 대응하는 정보보호기술은 개인의 사생활 보호와 국가 경쟁력을 판단하는 척도로 자리잡게 되었고, 현대에는 정보보호 기술 자체가 국가 간 정보전 형태를 띠면서 그 중요성은 매우 커지고 있다. 이러한 정보보호 기술은 방화벽과 침입탐지 시스템의 꾸준한 개발로 이어졌으나, 아직 컴퓨터 범죄를 다루는 피해 시스템의 증거수집, 복구 및 분석을 하는 컴퓨터 포렌식 기술은 아직 활발히 연구되지는 않고 있다. 본 연구에서는 로그파일이 기록되는 시간의 웹 URL 페이지 이미지를 저장하여 이미지 로그파일을 만드는 멀티 쓰레드 TCP 서버를 구현하여 컴퓨터 사이버범죄에 대한 증거자료로서 디지털 포렌식인 이미지 로그파일을 제안하여 보았다.

• Journal of Korean Ophthalmic Optics Society
• /
• v.16 no.4
• /
• pp.375-381
• /
• 2011

Purpose: The purpose of this research was to see how wearing either a SCL or a C-SCL effected the dryness of a person's eye depending on how long they wear either type of lens. Methods: This study was carried out on 52 subjects (104 eyes) who were all in their twenties and had previously experienced wearing contact lenses. All of these subjects were required to wear either a SCL or a C-SCL, which were made out of the same material, for three months. Contents such as the McMonnies Questionnaire survey, the blinking rate per min. and the Noninvasive tear break-up time test (NIBUT) were later conducted on the subjects for this study. Results: According to the results of the McMonnies Questionnaire, it was concluded that the longer the subject wore the SCL and C-SCL, the value of the measurements gradually increased. On the other hand, the results from the NIBUT concluded that the longer the subject wore the SCL, the value of the measurements eventually decreased. However, according to the measurements of the blink rate test, it was concluded that neither results had a significant change. Conclusions: It was concluded that long-term wearing of SCL and C-SCL could be the cause of the induction and progression of dry eyes.

• Korean Journal of Ichthyology
• /
• v.17 no.3
• /
• pp.187-194
• /
• 2005

Feeding of the maiden goby, Pterogobius virgo and multicolorfin rainbowfish, Halichoeres poecilopterus, was studied at Kurahashi Island in the Seto Inland Sea, Japan. P. virgo foraged on only benthic invertebrates in a pit on the bottom by spot-fixed fin digging. Territory size of P. virgo was very small, because they only defended the excavated pit. H. poecilopterus frequently intruded into the feeding territory of P. virgo and fed on benthic invertebrates flushed out by the fin digging of P. virgo. Feeding activity and vigilance time of P. virgo tended to decrease significantly more in such an association than when solitary. Frequency of aggression of P. virgo when H.poecilopterus intruded into the territory was higher the intruder came from the front of the territory than when the invasion was from the side and back, regardless of the size of the intruder. In small H.poecilopterus, feeding success rate was greater from the side and back of the territory than from the front. However, similar-sized H.poecilopterus were more successful in feeding from the front and side. Feeding association provides an antipredatory benefit to P. virgo because of less alert time against predators and earlier detection of predators, although their cost is great because of territory defense and decrease of feeding activity.

• Journal of the Korean Society of Environmental Restoration Technology
• /
• v.3 no.3
• /
• pp.12-19
• /
• 2000

The purpose of this study is to evaluate the channel changes according to the temporal and spatial distribution of the deposition area by the vegetation invasion in Kyesung-river. The deposition area mainly occurred by landslide and debris flow from the headwater channel. And also the movement of subsequent downstream depends upon the site of deposits by a varity erosional processes. As the age of deposition area is older, it had a tendency to stable by plant invasion relatively. The vegetations grown in deposition area were very effective to estimate a historical deformation process of river-bed occurred by landslide. The vegetations around deposition area consisted of the same as tree species grown in forest area of circumference like Pinus densiflora, Styrax japonica, Quercus acutissima and Salix gracilistyla. If the torrential stream is flooding, the deposition area of 1 to 5 years can be change to the channel easily. Deposition area of 11 to 23 years had a high river-bed because it passed long time since deposited, and amount of sedimention is much more in wide than in narrow channel. It is consider that the change of channel had many influenced by the span of survial time, scale and movement frequency of deposition area after the vegetation invasion.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.23 no.5
• /
• pp.392-399
• /
• 2013

Due to the development of IT technology and the information age, a dependency of the network over the most of our lives have grown to a greater extent. Although it provides us to get various useful information and service, it also has negative effectiveness that can provide network intruder with vulnerable roots. In other words, we need to urgently cope with theses serious security problem causing service disableness or system connected to network obstacle with exploiting various packet information. Many experts in a field of security are making an effort to develop the various security solutions to respond against these threats, but existing solutions have a lot of problems such as lack of storage capacity and performance degradation along with the massive increase of packet data volume. Therefore we propose the packet analysis model to apply issuing Big Data technology in the field of security. That is, we used NoSQL which is technology of massive data storage to collect the packet data growing massive and implemented the packet analysis model based on K-means clustering using MapReudce which is distributed programming framework, and then we have shown its high performance by experimenting.

• Journal of Embryo Transfer
• /
• v.21 no.2
• /
• pp.129-135
• /
• 2006

This study was conducted to investigate the effect of in vitro maturation (IVM) duration of porcine follicular oocytes on maturation rate, polyspermic rate, and subsequent embryo development. The nuclear maturation rates of oocytes matured for 36, 38, 40, 42 and 44 hr were similar between 68.0, 78.0, 79.5, 73.8 and 81.8% respectively. There was no significant difference in the rates of polyspermy after in vitro feritilization (IVF). The cleavage rate in the group of 36 hr was significantly higher in than that of 40, 44 hr (p<0.05) but not to 38 and 42 hr. The development rate to blastocyst stage was significantly higher in the group of 38 hr (23.1%) than that in the group of 44 hr (15.6%) (p<0.05) but not to 36, 40 and 42 hr. These results suggest that the aged oocytes for 44 hr is not required for the production of bias to cysts derived from porcine IVF embryos.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.5
• /
• pp.1066-1072
• /
• 2011

In the method to analyze the relationship in the system call orders, the normal system call orders are divided into a certain size of system call orders to generates gene and use them as the detectors. In the method to consider the system call parameters, the mean and standard deviation of the parameter lengths are used as the detectors. The attack of which system call order is normal but the parameter values are changed, such as the format string attack, cannot be detected by the method that considers only the system call orders, whereas the model that considers only the system call parameters has the drawback of high positive defect rate because of the information obtained from the interval where the attack has not been initiated, since the parameters are considered individually. To solve these problems, it is necessary to develop a more efficient learning and detecting method that groups the continuous system call orders and parameters as the approach that considers various characteristics of system call related to attacking simultaneously. In this article, we detected the anomaly of the system call orders and parameters by applying the temporal concept to the system call orders and parameters in order to improve the rate of positive defect, that is, the misjudgment of anomaly as normality. The result of the experiment where the DARPA data set was employed showed that the proposed method improved the positive defect rate by 13% in the system call order model where time was considered in comparison with that of the model where time was not considered.