• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.95-100
• /
• 2007

Alternate Data Streams (ADS) in NTFS originally has developed to provide compatibility with Macintosh Hierarchical File System. However, it is being used by the malware writers in order to support hiding malwares or data for the purpose of anti-forensics. Therefore identifying if hidden ADSs exist and extracting them became one of the most important component in computer forensics. This paper proposes a method to detect ADSs using MFT information. Experiment reveals that proposed method is better in performance and detection rate then others. This method supports not only identification of ADSs which are being used by the operating systems but also investigation of both live systems and evidence images. Therefore it is appropriate for using forensic purpose.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.5B
• /
• pp.509-516
• /
• 2009

The Stream Control Transmission Protocol(SCTP) is a reliable transport layer protocol that provides several features. Multihoming is the one of the features and allows an association(SCTP's term for a connection) between two endpoints to use multiple paths. One of the paths, called a primary path, is used for initial data transmission and in the case of retransmission an alternate path is used. SCTP's current retransmission policy attempts to improve the chance of success by sending all retransmissions to an alternate destination address. However, SCTP's current retransmission policy has been shown to actually degrade performance in many circumstances. It is because that, due to Karn's algorithm, successful retransmissions on the alternate path cannot be used to update RTT(Round-Trip Time) estimation for the alternate path. In this paper we propose a scheme to avoid such performance degradation. We utilize 2bits which is not used in the flag field of DATA and SACK chunks to disambiguate original transmissions from retransmissions and to keep RTT and RTO(Retransmission Time-Out) values more accurate.

• Journal of Korea Water Resources Association
• /
• v.40 no.6 s.179
• /
• pp.431-446
• /
• 2007

Groundwater flow in a basin is greatly affected by many hydrogeological and hydrological characteristics of the basin. A groundwater flow model for the Kap-cheon basin ($area=648.3km^2$) in the Geum river basin was established using MODFLOW by fully considering major features obtained from observed data of 438 wells and 24 streams. Furthermore, spatial groundwater recharge distribution was estimated employing accurately calibrated watershed model developed using SWAT, a physically semi-distributed hydrological model. Model calibration using observed groundwater head data at 86 observation wells yielded the deterministic coefficient of 0.99 and the water budget discrepancy of 0.57%, indicating that the model well represented the regional groundwater flow in the Kap-cheon basin. Model simulation results showed that groundwater flow in the basin was strongly influenced by such factors as topological features, aquifer characteristics and streams. The streams in mountainous areas were found to alternate gaining and losing steams, while the streams in the vicinity of the mid-stream and down-stream, especially near the junction of Kap-cheon and Yudeong-cheon, areas were mostly appeared as gaining streams. Analysis of water budget showed that streams in mountainous areas except for the mid-stream and up-stream of Yudeong-cheon were mostly fed by groundwater recharge while the streams in the mid and down-stream areas were supplied from groundwater inflows from adjacent sub-basins. Hence, it was concluded that the interactions between surface water-groundwater in the Kap-cheon basin would be strongly inter-connected with not only streams but also groundwater flow system itself.

• Proceedings of the Korean Geotechical Society Conference
• /
• 2003.03a
• /
• pp.103-110
• /
• 2003

This study is as for shale that attract recently geotechnical engineer more and more. like sedimentary rocks and metamorpic rocks, shales have many problem with anisotropy for stength and deformation and they have many problems with quick weathering progress and differential weathering of alternate bedding. In foreign countries, many renowned schalors, like Jaeger(1960),McLamore,Gray(1967),Donath(1972),Nova(1980),Hoek&Brown(1980),Ranamurthy(1985), have already studied for a variety of characteristic and announced high level results of their studies. In domestic also, there are many scholars who have announced high level research papers for shale. this study is a part of these stream. and this study not only analyzed strength anisotropy characteristic along with direction of testing(two-direction) by using point-load test(log-log method) but also compared uniaxial strength between the maximum saturated and dried condition. In this study, we also conducted slaking test. these results of slaking test show weathering characteristic of shales. also, we made the most of field data that obtained during slope stability project and we noticed that RQD measured in the field is much differ from drilled core RQD. In order to come close two different value or access to reality, we suggest new RQD method that artificially reduce RQD by separating core with light hand force.