• Title/Summary/Keyword: Access Log

Search Result 198, Processing Time 0.03 seconds

Design and Implementation of a Real Time Access Log for IP Fragmentation Attack Detection (IP Fragmentation 공격 탐지를 위한 실시간 접근 로그 설계 및 구현)

  • Guk, Gyeong-Hwan;Lee, Sang-Hun
    • The KIPS Transactions:PartA
    • /
    • v.8A no.4
    • /
    • pp.331-338
    • /
    • 2001
  • With the general use of network, cyber terror rages throughout the world. However, IP Fragmentation isn\`t free from its security problem yet, even though it guarantees effective transmission of the IP package in its network environment. Illegal invasion could happen or disturb operation of the system by using attack mechanism such as IP Spoofing, Ping of Death, or ICMP taking advantage of defectiveness, if any, which IP Fragmentation needs improving. Recently, apart from service refusal attack using IP Fragmentation, there arises a problem that it is possible to detour packet filtering equipment or network-based attack detection system using IP Fragmentation. In the paper, we generate the real time access log file to make the system manager help decision support and to make the system manage itself in case that some routers or network-based attack detection systems without packet reassembling function could not detect or suspend illegal invasion with divided datagrams of the packet. Through the implementation of the self-managing system we verify its validity and show its future effect.

  • PDF

An Improved LLR Generation Technique for SC-FDMA Systems Using Frequency Domain MMSE Equalization (주파수 영역 MMSE 등화방식 기반의 SC-FDMA 시스템을 위한 개선된 LLR 생성 기법)

  • Kim, Jin-Min;Im, Tae-Ho;Kim, Jae-Kwon;Yi, Joo-Hyun;Cho, Yong-Soo
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.12C
    • /
    • pp.1197-1207
    • /
    • 2009
  • Orthogonal Frequency Division Multiple Access (OFDMA) is widely used as a multiple access technique for next generation mobile communication systems, however, its main drawback is the high peak-to-average ratio (PAPR). Thus for the uplink case where the transmit power is strictly limited due to the battery life of mobile units, single carrier frequency division multiple access (SC-FDMA) with low PAPR is preferred to OFDMA method. In this paper, we propose a method to improve the performance of SC-FDMA using frequency domain MMSE equalization. The proposed improved log-likelihood ratio (LLR) generation method exploits both the diversity characteristic of channels and the reciprocity that is obtained from the received signals. The complexity of the proposed method is analyzed and its performance gain is demonstrated via a set of computer simulations.

A Study on the Analysis of Validity and Importance of Event Log for the Detection of Insider Threats to Control System (제어시스템의 내부자 위협 탐지를 위한 Event Log 타당성 및 중요도 분석에 관한 연구)

  • Kim, Jongmin;Kim, DongMin;Lee, DongHwi
    • Convergence Security Journal
    • /
    • v.18 no.3
    • /
    • pp.77-85
    • /
    • 2018
  • With the convergence of communications network between control system and public network, such threats like information leakage/falsification could be fully shown in control system through diverse routes. Due to the recent diversification of security issues and violation cases of new attack techniques, the security system based on the information database that simply blocks and identifies, is not good enough to cope with the new types of threat. The current control system operates its security system focusing on the outside threats to the inside, and it is insufficient to detect the security threats by insiders with the authority of security access. Thus, this study conducted the importance analysis based on the main event log list of "Spotting the Adversary with Windows Event Log Monitoring" announced by NSA. In the results, the matter of importance of event log for the detection of insider threats to control system was understood, and the results of this study could be contributing to researches in this area.

  • PDF

User Access Patterns Discovery based on Apriori Algorithm under Web Logs (웹 로그에서의 Apriori 알고리즘 기반 사용자 액세스 패턴 발견)

  • Ran, Cong-Lin;Joung, Suck-Tae
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.12 no.6
    • /
    • pp.681-689
    • /
    • 2019
  • Web usage pattern discovery is an advanced means by using web log data, and it's also a specific application of data mining technology in Web log data mining. In education Data Mining (DM) is the application of Data Mining techniques to educational data (such as Web logs of University, e-learning, adaptive hypermedia and intelligent tutoring systems, etc.), and so, its objective is to analyze these types of data in order to resolve educational research issues. In this paper, the Web log data of a university are used as the research object of data mining. With using the database OLAP technology the Web log data are preprocessed into the data format that can be used for data mining, and the processing results are stored into the MSSQL. At the same time the basic data statistics and analysis are completed based on the processed Web log records. In addition, we introduced the Apriori Algorithm of Web usage pattern mining and its implementation process, developed the Apriori Algorithm program in Python development environment, then gave the performance of the Apriori Algorithm and realized the mining of Web user access pattern. The results have important theoretical significance for the application of the patterns in the development of teaching systems. The next research is to explore the improvement of the Apriori Algorithm in the distributed computing environment.

Performance Analysis Based On Log-Likelihood Ratio in Orthogonal Code Hopping Multiplexing Systems Using Multiple Antennas (다중 안테나를 사용한 직교 부호 도약 다중화 시스템에서 로그 우도비 기반 성능 분석)

  • Jung, Bang-Chul;Sung, Kil-Young;Shin, Won-Yong
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.15 no.12
    • /
    • pp.2534-2542
    • /
    • 2011
  • In this paper, we show that performance can be improved by using multiple antennas in the conventional orthogonal code hopping multiplexing (OCHM) scheme, which was proposed for accommodating a larger number of users with low channel activities than the number of orthogonal codewords used in code division multiple access (CDMA)-based communication systems through downlink statistical multiplexing. First, we introduce two different types of OCHM systems together with orthogonal codeword allocation strategies, and then derive their mathematical expression for log-likelihood ratio (LLR) values according to the two different schemes. Next, when a turbo encoder based on the LLR computation is used, we evaluate performance on the frame error rate (FER) for the aformentioned OCHM system. For comparison, we also show performance for the existing symbol mapping method using multiple antennas, which was used in 3GPP standards. As a result, it is shown that our OCHM system with multiple antennas based on the proposed orthogonal codeword allocation strategy leads to performance gain over the conventional system---energy required to satisfy a target FER is significantly reduced.

Methodology of Log Analysis for Intrusion Prevention based on LINUX (리눅스 기반 침입 방지를 위한 로그 분석 방법 연구)

  • Lim, Sung-Hwa;Lee, Do Hyeon;Kim, Jeom Goo
    • Convergence Security Journal
    • /
    • v.15 no.2
    • /
    • pp.33-41
    • /
    • 2015
  • A safe Linux system for security enhancement should have an audit ability that prohibits an illegal access and alternation of data as well as trace ability of illegal activities. In addition, construction of the log management and monitoring system is a necessity to clearly categorize the responsibility of the system manager or administrator and the users' activities. In this paper, the Linux system's Security Log is analyzed to utilize it on prohibition and detection of an illegal protrusion converting the analyzed security log into a database. The proposed analysis allows a safe management of the security log. This system will contribute to the enhancement of the system reliability by allowing quick response to the system malfunctions.

Efficient Randomized Parallel Algorithms for the Matching Problem (매칭 문제를 위한 효율적인 랜덤 병렬 알고리즘)

  • U, Seong-Ho;Yang, Seong-Bong
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.26 no.10
    • /
    • pp.1258-1263
    • /
    • 1999
  • 본 논문에서는 CRCW(Concurrent Read Concurrent Write)와 CREW(Concurrent Read Exclusive Write) PRAM(Parallel Random Access Machine) 모델에서 무방향성 그래프 G=(V, E)의 극대 매칭을 구하기 위해 간결한 랜덤 병렬 알고리즘을 제안한다. CRCW PRAM 모델에서 m개의 선을 가진 그래프에 대해, 제안된 매칭 알고리즘은 m개의 프로세서 상에서 {{{{ OMICRON (log m)의 기대 수행 시간을 가진다. 또한 CRCW 알고리즘을 CREW PRAM 모델에서 구현한 CREW 알고리즘은 OMICRON (log^2 m)의 기대 수행 시간을 가지지만,OMICRON (m/logm) 개의 프로세서만을 가지고 수행될 수 있다.Abstract This paper presents simple randomized parallel algorithms for finding a maximal matching in an undirected graph G=(V, E) for the CRCW and CREW PRAM models. The algorithm for the CRCW model has {{{{ OMICRON (log m) expected running time using m processors, where m is the number of edges in G We also show that the CRCW algorithm can be implemented on a CREW PRAM. The CREW algorithm runs in {{{{ OMICRON (log^2 m) expected time, but it requires only OMICRON (m / log m) processors.

Improved Maximum Access Delay Time, Noise Variance, and Power Delay Profile Estimations for OFDM Systems

  • Wang, Hanho;Lim, Sungmook;Ko, Kyunbyoung
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.12
    • /
    • pp.4099-4113
    • /
    • 2022
  • In this paper, we propose improved maximum access delay time, noise variance, and power delay profile (PDP) estimation schemes for orthogonal frequency division multiplexing (OFDM) system in multipath fading channels. To this end, we adopt the approximate maximum likelihood (ML) estimation strategy. For the first step, the log-likelihood function (LLF) of the received OFDM symbols is derived by utilizing only the cyclic redundancy induced by cyclic prefix (CP) without additional information. Then, the set of the initial path powers is sub-optimally obtained to maximize the derived LLF. In the second step, we can select a subset of the initial path power set, i.e. the maximum access delay time, so as to maximize the modified LLF. Through numerical simulations, the benefit of the proposed method is verified by comparison with the existing methods in terms of normalized mean square error, erroneous detection, and good detection probabilities.

A System for Mining Traversal Patterns from Web Log Files (웹 로그 화일에서 순회 패턴 탐사를 위한 시스템)

  • 박종수;윤지영
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2001.10a
    • /
    • pp.4-6
    • /
    • 2001
  • In this paper, we designed a system that can mine user's traversal patterns from web log files. The system cleans an input data, transactions of a web log file, and finds traversal patterns from the transactions, each of which consists of one user's access pages. The resulting traversal patterns are shown on a web browser, which can be used to analyze the patterns in visual form by a system manager or data miner. We have implemented the system in an IBM personal computer running on Windows 2000 in MS visual C++, and used the MS SQL Server 2000 to store the intermediate files and the traversal patterns which can be easily applied to a system for knowledge discovery in databases.

  • PDF

A Non-fixed Log Area Management Technique in Block for Flash Memory DBMS (플래시메모리 DBMS를 위한 블록의 비고정적 로그 영역 관리 기법)

  • Cho, Bye-Won;Han, Yong-Koo;Lee, Young-Koo
    • Journal of KIISE:Databases
    • /
    • v.37 no.5
    • /
    • pp.238-249
    • /
    • 2010
  • Flash memory has been studied as a storage medium in order to improve the performance of the system using its high computing speed in the DBMS field where frequent data access is needed. The most difficulty using the flash memory is the performance degradation and the life span shortening of flash memory coming from inefficient in-place update. Log based approaches have been studied to solve inefficient in-place update problem in the DBMS where write operations occur in smaller size of data than page frequently. However the existing log based approaches suffer from the frequent merging operations, which are the principal cause of performance deterioration. Thus is because their fixed log area management can not guarantee a sufficient space for logs. In this paper, we propose non-fixed log area management technique that can minimize the occurrence of the merging operations by promising an enough space for logs. We also suggest the cost calculation model of the optimal log sector number minimizing the system operation cost in a block. In experiment, we show that our non-fixed log area management technique can have the improved performance compared to existing approaches.