• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.4
• /
• pp.319-324
• /
• 2018

In this paper, we designed and implemented a code conversion method between ISO/IEC 10646 and the multi-byte code set. The Universal Multiple-Octet Coded Character Set(UCS) provides codes for more than 65,000 characters, huge increase over ASCII's code capacity of 128 characters. It is applicable to the representation, transmission, interchange, processing, storage, input and presentation of the written form of the language throughout the world. Therefore, it is so important to guide on code conversion methods to their customers during customer systems are migrated to the environment which the UCS code system is used and/or the current code systems, i.e., ASCII PC code and EBCDIC host code, are used with the UCS together. Code conversion utility including the mapping table between the UCS and IBM new host code is shown for the purpose of the explanation of code conversion algorithm and its implementation in the system. The programs are successfully executed in the real system environments and so can be delivered to the customer during its migration stage from the UCS to the current IBM code system and vice versa.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.71-79
• /
• 2009

Currently much research is being done on host based intrusion detection using system calls which is a portion of kernel based data. Sequence based and frequency based preprocessing methods are mostly used in research for intrusion detection using system calls. Due to the large amount of data and system call types, it requires a significant amount of preprocessing time. Therefore, it is difficult to implement real-time intrusion detection systems. Despite this disadvantage, the frequency based method which requires a relatively small amount of preprocessing time is usually used. This paper proposes an effective method for detecting denial of service attacks using the frequency based method. Principal Component Analysis(PCA) will be used to select the principle system calls and a bayesian network will be composed and the bayesian classifier will be used for the classification.

• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.7
• /
• pp.462-475
• /
• 2007

The Embedded system provides human-centric services in many fields of education, information, industry and service, and monitoring programs have been variously developed for managing, controlling and testing for these embedded systems. Currently, many kernel trace toolkits are being used for monitoring. These trace toolkits are so complicate that we present $ETT^{plus}$, our simple and explicit embedded kernel trace toolkit, for embedded systems and describe the transmission method for trace data between the embedded target system and the host system. $ETT^{plus}$ provides the solution to solve the problems such as the difficult kernel patch and file system dependency in existing kernel trace toolkits like LTT. Furthermore, we present the experimental results about embedded system performance evaluations such as system call execute time or network data transmission time by using $ETT^{plus}$.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.3
• /
• pp.9-15
• /
• 2013

Recently, Intrusion detection system is an important technology in computer network system because of has seen a dramatic increase in the number of attacks. The most of intrusion detection methods do not detect intrusion on real-time because difficult to analyze an auditing data for intrusions. A network intrusion detection system is used to monitors the activities of individual users, groups, remote hosts and entire systems, and detects suspected security violations, by both insider and outsiders, as they occur. It is learns user's behavior patterns over time and detects behavior that deviates from these patterns. In this paper has rule-based component that can be used to encode information about known system vulnerabilities and intrusion scenarios. Integrating the two approaches makes Intrusion Detection System a comprehensive system for detecting intrusions as well as misuse by authorized users or Anomaly users (unauthorized users) using RFM analysis methodology and monitoring collect data from sensor Intrusion Detection System(IDS).

• The KIPS Transactions:PartA
• /
• v.12A no.3 s.93
• /
• pp.253-262
• /
• 2005

Local accounting system used by UNIX-like operating system provides the accounting information of processes that are in single host. But it is impossible for this local accounting system to record the total resource consumption data of all processes for doing the same job simultaneously. In this paper, we implement accounting system to measure and manage resource usage for MPI(Message Passing Interface) job in the clustering environment. We designed and implemented the accounting system which measure resource usage of each process runs on a cluster node and record the interconnection information of the entire set of processes across network. Also we implemented accounting system which collect the resource usage data of process in the local accounting system and generate the job-level accounting information. Finally, to evaluate the resource consumption data measured by this accounting system we compare with the data collected by local scheduler that widely used in large scale clustering environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.11
• /
• pp.2341-2348
• /
• 2009

An intrusion detection technique based on host consider system call sequence or system call arguments. These two ways are suitable when system call sequence or order and length of system call arguments are out of order. However, there are two disadvantages which a false positive rate and a false negative rate are high. In this paper we propose the T-N2SCD detection model based on Time Window in order to reduce false positive rate and false negative rate. Data for using this experiment is provided from DARPA. As experimental results, the proposed model showed that the false positive rate and the false negative rate are lowest at an interval of 1000ms than at different intervals.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4B
• /
• pp.403-410
• /
• 2004

In general communication system is composed of processor subsystems, I/O processor subsystems and data storage device subsystems those are classified as their functions. In order to improve the data reliability, all subsystems are redundant. Storage device keeps the operational information such as system related information and charging information, and such informations must be stored in non-volatile memory. Flash memory and battery backup memory are commonly used as the non-volatile storage devices. But such kind of memories are expensive per unit capacity and data can't be restored when lost while not being backed up. In this paper we develop a redundant storage device to store a lot of data safely and reliably in communication system. The device consists of micro-controller, FPGA and hard disk It provides many functions those are rebuilding, automatic remapping, host service and remote host service. Also it is designed to provide host service while rebuilding is being done in order not to interrupt the communication services. The developed device can be used instead of expensive storage device like flash memory in various communication systems.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.865-874
• /
• 2005

The information stored in the computer system needs to be protected from unauthorized access, malicious destruction or alteration and accidental inconsistency. In this paper, we propose an intrusion detection system based on sensor concept for defecting and preventing malicious attacks We use software sensor objects which consist of sensor file for each important directory and sensor data for each secret file. Every sensor object is a sort of trap against the attack and it's touch tan be considered as an intrusion. The proposed system is a new challenge of setting up traps against most interception threats that try to copy or read illicitly programs or data. We have implemented the proposed system on the Linux operating system using loadable kernel module technique. The proposed system combines host~based detection approach and network-based one to achieve reasonably complete coverage, which makes it possible to detect unknown interception threats.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.2
• /
• pp.19-29
• /
• 2004

In this paper, the beam steering dipole phased array antenna systems for IMT-2000 base station have been designed. The designed beam steering dipole phased array antenna systems are constituted by the antenna part and the beam steering control system part. The antenna part is designed by the proposed flat dipole for the broadband characteristics, and the 8${\times}$8 dipole way antenna is constructed by the Proposed flat dipole for the directional radiation pattern. Besides the vertical Power divider is designed for the vertical power distribution. The beam steering control system part is designed the horizontal power divider for the horizontal power distribution, the 4-bit phase shifters and the driving circuit of phase shifters for the horizontal beam tilting. In order to evaluate a performance of the designed antenna systems, they were fabricated and the radiation characteristics were measured. From the measured results, we found that the horizontal beams were tilted by the each control signals, and the measured radiation characteristics showed good agreement with the design goals.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.504-507
• /
• 2002

취약성 진단을 위한 시뮬레이션 시스템의 주요 구성 요소인 네트워크 모델의 설계 및 구현을 소개한다. 특히, 네트워크에 존재하는 취약점을 진단, 분석하기 위한 모델링 방법론을 제시하고, 구체적인 모델의 설계와 구현을 수행하였다. 네트워크 모델은 네트워크 구성요소인 허브, 라우터 및 네트워크 호스트들을 추상화한 모델들의 결합(Coupling) 형태로 구성되며, 각 구성 요소들은 각자의 취약성을 가지고 있다. 본 연구에서는 이러한 각 구성요소의 취약성의 집합으로 네트워크를 표현하고, 취약성을 기반으로 한 네트워크 모델의 구조적인 특성과 동적인 특성을 제시한다. 취약성 진단을 위해 제시된 모델링 방법을 통해 구현된 네트워크 모델은 시뮬레이션 실행을 통해 분석되어 그 유효성을 검증하였다.