• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.7
• /
• pp.476-487
• /
• 2007

Flash memory offers attractive features, such as non-volatile, shock resistance, fast access, and low power consumption for data storage. However, it has one main drawback of requiring an erase before updating the contents. Furthermore, flash memory can only be erased limited number of times. To overcome limitations, flash memory needs a software layer called flash translation layer (FTL). The basic function of FTL is to translate the logical address from the file system like file allocation table (FAT) to the physical address in flash memory. In this paper, a new FTL algorithm called an efficient and advanced space-management technique (EAST) is proposed. EAST improves the performance by optimizing the number of log blocks, by applying the state transition, and by using reallocation blocks. The results of experiments show that EAST outperforms FAST, which is an enhanced log block scheme, particularly when the usage of flash memory is not full.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.873-880
• /
• 2015

Since hardware-based kernel-integrity monitoring systems run in the environments that are isolated from the monitored OS, attackers in the monitored OS cannot undermine the security of monitoring systems. However, because the monitoring is performed by using physical addresses, the hardware-based monitoring systems are vulnerable to Address Translation Redirection Attack (ATRA) that manipulates virtual-to-physical memory translations. To ameliorate this problem, we propose a scheduler-based ATRA detection method. The method detects ATRA during the process scheduling by leveraging the fact that kernel scheduler engages every context switch of processes. We implemented a prototype on Android emulator and TizenTV, and verified that it successfully detected ATRA without incurring any significant performance loss.

• Journal of KIISE:Computing Practices and Letters
• /
• v.11 no.1
• /
• pp.92-99
• /
• 2005

In this paper, we present a high-level design methodology applied on a network system-on-a-chip(SOC) using SystemC. The main target of our approach is to get optimum performance parameters for high network address translation(NAT) throughput. The Fast Ethernet media access controller(MAC) and its direct memory access(DMA) controller are modeled with SystemC in transaction level. They are calibrated through the cycle-based measurement of the operation of the real Verilog register transfer language(RTL). The NAT throughput of the model is within $\pm$10% error compared to the output of the real evaluation board. Simulation speed of the model is more than 100 times laster than the RTL. The validated models are used for intensive architecture exploration to find the performance bottleneck in the NAT router.

• Journal of the Korea Computer Industry Society
• /
• v.2 no.4
• /
• pp.417-424
• /
• 2001

Internet networks consisting of existing routers show the limits in efficiency of traffic managements. In order to overcome the limits, MPLS System is high speed switching technology and is not based on IP address but based on label was designed. However MPLS system being based on ATM has the difficulties of supporting Qos(Quality of Service). This paper suggested the way to consist a service-assured-network using CR-LDP protocol which was designed for guaranteeing QoS in MPLS system being based on ATM switch and using qGSMP protocol, and the way to implicitly establish LSP by implementing QoS Translation and QoS Mapping in LER System.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.10c
• /
• pp.532-534
• /
• 2000

IPv4(Internet Protocol version 4)의 차세대 버전인 IPv6는 기존 IPv4의 문제점인 주소부족 및 새로운 부가기능 등의 필요성 때문에 IETF(Internet Engineering Task Force)에서 IPv4를 대체하기 위해 개발한 프로토콜이다. 하지만 IPv4를 어느 한순간에 IPv6로 대체하는 것은 불가능하기 때문에 기존 IPv4와의 호환 및 연동을 위한 터널링 및 기타 여러 가지 transition mechanism들이 고려되고 있다. 이러한 mechanism들 중에서 최근 표준으로 발표된 NAT-PT(Network Address Translation $\square$ Protocol Translation)는 DNS-ALG (Domain Name System $\square$ Application Level Gateway)라는 개념을 도입하여 IPv4와 IPv6간의 양방향 주소변환 및 프로토콜 변환기능을 수행한다. 각각의 기능에서 주소 변환은 주소크기와 형식이 다른 IPv4와 Pv6간의 서로 상대 노드를 엑세스할 수 있도록 하고 프로토콜 변환은 다른 버전의 프로토콜을 사용하는 노드들이 상대노드가 보낸 패킷의 헤더정보를 이해할 수 있도록 한다. 그리고 이러한 기본적인 변환 외에 헤더정보의 정확한 전달을 위해서는 기존의 path MTU(Maximum Transgfer Unit) discovery 그리고 pseudo header checksum 등도 고려되어야 한다.

• Korean Journal of Computational Design and Engineering
• /
• v.13 no.2
• /
• pp.131-138
• /
• 2008

With the advancements of the Internet and CAD data translation techniques, more CAD models are transferred from a CAD system to another through the network and interoperability is getting a common word in the CAD industry. However, when a CAD model is translated for an incompatible system into a neutral format such as STEP or IGES, its precious feature information is lost. When this feature information is lost, the advantage of feature based modeling is not valid any longer, and modification for the model is purely dependent on geometric and topological manipulations. However, the capabilities of the existing methods to modify these feature-independent models are limited as the modification involves a topological change in the model. To address this issue, we present a volumetric method to modify the solid models in neutral format. First, this method selectively decomposes the solid model to separate the portion of interest called feature volume. Next, the designer modifies the feature volume without concerning a topological change. Finally, the feature volume is united with the original solid model to complete the modification process. The results of test cases are presented to attest the usefulness of the proposed method.

• The Journal of the Convergence on Culture Technology
• /
• v.10 no.2
• /
• pp.279-285
• /
• 2024

This study aims to evaluate the accuracy and completeness of Korean and English closed captions for Netflix's "Squid Game" and to present implications based on the findings. To achieve this, the closed captioning guidelines of the U.S. Federal Communications Commission, DCMP, and the Korea Communications Commission were identified and analyzed. The analysis of the subtitle of the entire "Squid Game" series reveals that, while Korean closed captions accurately present slangs and titles, they present non-existent information in speaker identification. In English closed captions, speaker identification guidelines are well followed, but omissions of slangs and title mistranslations are observed. In terms of completeness, both Korean and English closed captions are found to omit certain audio parts. To address these issues, the study suggests strengthening the QA process, establishing a system to communicate original text problems during translation, and utilizing general English subtitles.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10c
• /
• pp.352-354
• /
• 2003

IP 주소 부족 문제를 해결하기 위한 방법은 크게 두 가지로 나누어 볼 수 있다. 32bit 의 주소체계를 갖는 IPv4 를 128bit 의 주소체계를 갖는 IPv6 로 대체하는 장기적인 관점에서의 해결책과 네트워크 주소 변환(NAT : Network Address Translation) 기술을 이용하여 로컬 네트워크의 호스트들이 부족한 공인 IP 주소를 공유하는 단기적인 관점의 해결책이 있다. IPv4 에서 IPv6 로의 전이는 현재 구축된 모든 네트워크 장비와 인터넷에 연결된 호스트들의 수정이 필요하므로 많은 시간과 비용을 필요로 한다. 네트워크 주소 변환 기법은 로컬 네트워크에서 사설 IP 주소를 사용하고 로컬 네트워크의 호스트가 인터넷 접속 시 사설 IP 주소를 공인 IP 주소로 변환하여 인터넷 접속을 지원하는 범용적인 기술이다. 기존 네트워크 주소 변환 기술은 인터넷 통신의 기본 특성인 종단간 연결성(end­to­end connectivity)을 지원하지 못하고 종단 호스트간의 연결 매개 기술이므로 IPSEC 과 같은 종단간 통신 보안 지원을 목적으로 하는 기술에는 적용할 수 없다. 본 논문에서는 NAT 기술의 한계를 분석하고 이를 극복하기 위해 호스트 라우팅을 이용한 공인 IP 주소 공유 기법을 제안한다. 제안된 IP 공유 기법은 IP 패킷의 헤더나 페이로드의 어떠한 수정 없이 단지 창조에 의해 사설 네트워크의 호스트들에게 인터넷 풀 액세스 및 종단간 IPSEC 세션을 지원한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5375-5400
• /
• 2016

IOMMU is a hardware unit that is indispensable for DMA. Besides address translation and remapping, it also provides I/O virtual address space isolation among devices and memory access control on DMA transactions. However, currently commodity virtualization platforms lack of IOMMU virtualization, so that the virtual machines are vulnerable to DMA security threats. Previous works focus only on DMA security problem of directly assigned devices. Moreover, these solutions either introduce significant overhead or require modifications on the guest OS to optimize performance, and none can achieve high I/O efficiency and good compatibility with the guest OS simultaneously, which are both necessary for production environments. However, for simulated virtual devices the DMA security problem also exists, and previous works cannot solve this problem. The reason behind that is IOMMU circuits on the host do not work for this kind of devices as DMA operations of which are simulated by memory copy of CPU. Motivated by the above observations, we propose an IOMMU para-virtualization solution called PVIOMMU, which provides general functionalities especially DMA security guarantees for both directly assigned devices and simulated devices. The prototype of PVIOMMU is implemented in Qemu/KVM based on the virtio framework and can be dynamically loaded into guest kernel as a module, As a result, modifying and rebuilding guest kernel are not required. In addition, the device model of Qemu is revised to implement DMA access control by separating the device simulator from the address space of the guest virtual machine. Experimental evaluations on three kinds of network devices including Intel I210 (1Gbps), simulated E1000 (1Gbps) and IB ConnectX-3 (40Gbps) show that, PVIOMMU introduces little overhead on DMA transactions, and in general the network I/O performance is close to that in the native KVM implementation without IOMMU virtualization.

• The KIPS Transactions:PartD
• /
• v.9D no.3
• /
• pp.501-510
• /
• 2002

A various multimedia application services should be developed with techniques of high speed networks and computer. Among these, video-conference system over Internet is useful and important, and the standardization for it should be showed in ITU-T H.323. H.323 standardization consists of four components such as Terminal, MCU(Multipoint Control Unit), Gatekeeper, and Gateway. Among these, the functions of Gatekeeper are as follows, firstly the address translation service to translate the alias address into the IP address, secondary conference admission control service to control of conference start and termination, thirdly bandwidth management service for H.323 terminals. In this paper, we implemented the Gatekeeper for an efficient management of video-conference components in Internet environment, and will introduce our system. As the experimental results with CUSeeMe and Netmeeting which are well-known H.323 terminal, it is known that our gatekeeper should be satisfied with H.323 standardization.