• The KIPS Transactions:PartA
• /
• v.11A no.5
• /
• pp.373-382
• /
• 2004

In this paper, a register promotion technique that translates memory accesses to register accesses is presented to enhance embedded software performance. In the proposed method, a source code is profiled to generate a memory trace. From the profiling results, target functions with high dynamic call counts are selected, and the proposed register promotion technique is applied only to the target functions to save the compilation time. The memory trace of the target functions is searched for the memory accesses that result in cycle count reduction when replaced by register accesses, and they are translated to register accesses by modifying the intermediate code and allocating promotion registers. The experiments on MediaBench and DSPstone benchmark programs show that the proposed method increases the performance by 14% and 18% on the average for ARM and MCORE, respectively.

• The Korean Journal of Air & Space Law and Policy
• /
• v.22 no.2
• /
• pp.155-175
• /
• 2007

As intellectual terror threats increase, we feel the limit in coping with those threats and the things we do are placing traditional X-ray machines & ETD and increasing aviation security staffs. In fact, even if air transportation system is the fast and most efficient transportation methods, it is true that there are many inconveniences to endure due to terror threats. In the name of security, even if we make a lot of efforts and time to screen both good-natured passengers, baggage, cargo and suspicious passengers, it is impossible to screen perfectly and it is not an efficient methods. Therefore, we introduce profiling system that reduce the effort to screen good-natured passengers but focus on screening dangerous passengers and baggages. Profiling system strengthens aviation security, using the concept "Selection & Concentration". Israel started to introduce manual profiling system in aviation security, which is interviewing suspicious passengers and it has been used in crime investigation since 1960. And it has been upgraded and diversified to CAPPS(Computer Assisted Passenger Screening Program) and SPOT(Screening Passenger by Observation). So, this theses is to study on the concept & kind of profiling and profiling methods adopted in airlines. Also it presents the method of introduction of profiling system in Korea and the necessity of making law on it.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.397-404
• /
• 2003

Intrusion detection techniques based on program behavior can detect potential intrusions against systems by analyzing system calls made by demon programs or root-privileged programs and building program profiles. But there is a drawback : large profiles must be built for each program. In this paper, we apply $X^2$ distance-based multivariate analysis to profiling program behavior and detecting abnormal behavior in order to reduce profiles. Experiment results show that profiles are relatively small and the detection rate is significant.

• Annual Conference of KIPS
• /
• 2001.10b
• /
• pp.923-926
• /
• 2001

침입 탐지 기법에 있어서 finite automata 를 통해 정상 행위를 프로파일링 하는 연구들이 많이 진행되어 왔으나, 자동으로 간결한 형태의 오토마타를 생성하는 것이 매우 어려웠다. 이 논문에서는 많은 침입 탐지 기법의 데이터 소스로 사용되고 있는 시스템 콜을 이용하여 자동으로 finite automata 를 생성하고, 여기에 언어 압축 알고리즘을 이용하여 오토마타를 압축하고 일반화 시킴으로써 다양한 프로세스의 행위들을 프로파일링 하도록 하였다. 제안된 알고리즘을 통해 모델링한 후 정상 행위와 비정상 행위를 가지고 실험을 한 결과 이들 사이에는 많은 수치적인 차이가 있음을 발견하였고, 이 결과를 바탕으로 침입을 탐지하는 것도 충분히 가능함을 알 수 있었다.

• Annual Conference of KIPS
• /
• 2020.05a
• /
• pp.28-31
• /
• 2020

한정된 고성능 자원을 여러 사용자들에게 제공해야하는 슈퍼컴퓨터와 같은 시스템은 제한된 기간 내에 보다 많은 양의 작업이 실행되도록 시스템 활용률을 높이는 방안이 필요하다. 이를 위해 시스템 관리자가 수행할 응용 프로그램에 대한 사전 정보를 파악하는 것이 유용하다. 대부분의 고성능 컴퓨팅 시스템 운영에 있어 작업을 실행할 때 사용자로부터 실행 기간 자원 요구사항들에 대한 정보를 제공 받거나 시스템 사용 통계 값을 사용하여 필요한 정보를 생성하는 등의 프로파일링 기술을 바탕으로 시스템 활용률을 높이는데 활용하고 있다. 본 논문의 선행연구에서 하드웨어 성능 카운터를 이용하여 응용 특성 분석을 실행하고 이 결과를 바탕으로 작업 스케줄링을 최적화하는 기술을 개발한 바 있다. 본 논문에서는 슈퍼컴퓨터 최적 실행 지원을 위한 프로파일링 테스트베드를 구축하고 단일노드를 기반으로 분석한 응용 프로그램 특성 결과를 활용한 스케줄링 최적화 기법이 확장성 있게 동작함을 보이고자 하였다. 또한 중규모 클러스터에 개발한 스케줄링 최적화 기법을 적용한 결과 전체 응용 프로그램이 실행 시간을 단축함으로써 최대 33%의 성능 향상 효과를 얻었다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.4
• /
• pp.151-159
• /
• 2003

Internet as being generalized, intrusion detection system is needed to protect computer system from intrusions synthetically. We propose an intrusion detection method to identify and control the contradiction on self-explanation that happen at profiling process of anomaly detection methodology. Because many patterns can be created on profiling process with association method, we present effective application plan through clustering for rules. Finally, we propose similarity function to decide whether anomaly action or not for user pattern using clustered pattern database.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.293-302
• /
• 2015

With the attack information collected during SMS phishing investigation, this paper will propose SMS phishing profiling model applying criminal profiling. Law enforcement agencies have used signature analysis by apk file hash and analysis of C&C IP address inserted in the malware. However, recently law enforcement agencies are facing the challenges such as signature diversification or code obfuscation. In order to overcome these problems, this paper examined 169 criminal cases and found out that 89% of serial number in cert.rsa and 80% of permission file was reused in different cases. Therefore, the proposed SMS phishing profiling model is mainly based on signature serial number and permission file hash. In addition, this model complements the conventional file hash clustering method and uses code similarity verification to ensure reliability.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.5
• /
• pp.153-160
• /
• 2015

The effectiveness of multicores depends on how well a scheduler can assign tasks onto the cores efficiently. In a heterogeneous multicore platform, the execution time of an application depends on which core it executes on. That is to say, the effectiveness of task assignment is one of the important components for a multicore systems' performance. This work proposes a load scheduling technique that analyzes execution time of each task by profiling. The profiling result provides a basic information to predict which task-to-core mapping is likely to provide the best performance. By using such information, the proposed technique is about 26% performance gain.

• Annual Conference of KIPS
• /
• 2017.11a
• /
• pp.1203-1206
• /
• 2017

IoT-Cloud 융합 가상 기계 시스템은 오프로딩 기법을 사용하여 저성능 사물인터넷 장비에서 고성능 클라우드 서버의 연산력을 제공받는다. 이 경우 오프로딩 실행 대상 프로그램은 사물인터넷 장비와 클라우드 서버의 실행환경에서 일관성이 유지되어야하기 때문에 문맥 동기화가 필요하다. 현재 문맥 동기화 방식은 전체 문맥 동기화를 시도하기 때문에 네트워크 오버헤드가 증가하여 비효율적이다. 본 논문은 오프로딩 실행에 필요한 문맥 정보만을 동기화하는 효율적인 문맥 동기화를 위해서 정적 프로파일링을 통해 오프로딩 실행 대상 작업에 동기화가 필요한 문맥 정보들을 사전에 추출하였다. 추출된 문맥 정보를 기반으로 문맥 동기화가 이뤄지면 오프로딩 실행에 필요한 문맥 정보만을 동기화하기 때문에 네트워크 통신 오버헤드 감소를 기대할 수 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.69-78
• /
• 2004

The change of attack techniques paradigm was begun by fast extension of the latest Internet and new attack form appearing. But, Most intrusion detection systems detect only known attack type as IDS is doing based on misuse detection, and active correspondence is difficult in new attack. Therefore, to heighten detection rate for new attack pattern, the experiments to apply various techniques of anomaly detection are appearing. In this paper, we propose an behavior profiling method using Bayesian framework based on graphics from audit data and visualize behavior profile to detect/analyze anomaly behavior. We achieve simulation to translate host/network audit data into BF-XML which is behavior profile of semi-structured data type for anomaly detection and to visualize BF-XML as SVG.