• Journal of the Korea Society for Simulation
• /
• v.10 no.1
• /
• pp.83-92
• /
• 2001

For the prevention of the network intrusion from damaging the system, both IDS (Intrusion Detection System) and Firewall are frequently applied. The collaboration of IDS and Firewall efficiently protects the network because of making up for the weak points in the each demerit. A model has been constructed based on the DEVS (Discrete Event system Specification) formalism for the simulation of the system that consists of IDS and Firewall. With this model we can simulation whether the intrusion detection, which is a core function of IDS, is effectively done under various different conditions. As intrusions become more sophisticated, it is beyond the scope of any one IDS to deal with them. Thus we placed multiple IDS agents in the network where the information helpful for detecting the intrusions is shared among these agents to cope effectively with attackers. If an agent detects intrusions, it transfers attacker's information to a Firewall. Using this mechanism attacker's packets detected by IDS can be prevented from damaging the network.

• Journal of the Korea Society for Simulation
• /
• v.14 no.1
• /
• pp.9-18
• /
• 2005

Attempts to attack hosts in the network have become diverse, due to crackers developments of new creative attacking methods. Under these circumstances the role of intrusion detection system as a security system component gets considerably importance. Therefore, in this paper, we have suggested multiple intrusion detection system based on the contract net protocol which provides the communication among multiple agents. In this architecture, fuzzy rule based system has been applied for agent selection among agents competing for being activated. The simulation models are designed and implemented based on DEVS formalism which is theoretically well grounded means of expressing discrete event simulation models.

• Proceedings of the KOSOMBE Conference
• /
• v.1995 no.05
• /
• pp.155-159
• /
• 1995

A design method that can easily construct intelligent patient monitoring systems is proposed. To achieve the design method, the SES/MB concept and a discrete event-based logic control formalism based on a set theory is introduced. In this control paradigm the controller expects to receive confirming sensor responses to its control commands within definite time windows determined by DEVS model of the system under control. Because data to be used for rule-based symbolic reasoning are to be abstracted, several AI methods are applied the processes. These methods are applied to intelligent patient monitoring systems so that they facilitate transformation from low level raw data to high level linguistic data. Model-based system representations have advantages of reusability, extensibility, flexsibility, independent testability and encapsulation.

• Journal of the Korea Society for Simulation
• /
• v.13 no.4
• /
• pp.43-53
• /
• 2004

The distributed OCSP (Online Certificate Status Protocol), composed of multiple responders, is a model that enhances the utilization of each responder and reduces the response time. In a multi-user distributed environment, load balancing mechanism must be developed for the improvement of the performance of the whole system. Conservative load balancing algorithms often ignore the communication cost of gathering the information of responders. As the number of request is increased, however, fail to consider the communication cost may cause serious problems since the communication time is too large to disregard. We propose an adaptive load balancing algorithm and evaluate the effectiveness by performing modeling and simulation. The principal advantage of new algorithm is in their simplicity: there is no need to maintain and process system state information. We evaluated the quality of load balancing achieved by the new algorithm by comparing the queue size of responders and analyzing the utilization of these responders. The simulation results show how efficiently load balancing is done with the new algorithm.

• Proceedings of the KAIS Fall Conference
• /
• 2003.11a
• /
• pp.155-162
• /
• 2003

Today's network consists of a large number of routers and servers running a variety of applications. Policy-based network provides a means by which the management process can be simplified and largely automated. In this paper we build a foundation of policy-based network modeling and simulation environment. The procedure and structure for the induction of policy rules from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Base) are developed. The structure also transforms the policy rules into PCIM (Policy Core Information Model). The effect on a particular policy can be tested and analyzed through the simulation with the PCIMs and SVDB.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2003.11a
• /
• pp.207-217
• /
• 2003

지능적으로 공격 패턴을 달리하는 많은 공격들에 대응하기 위해 기존의 보안 시스템은 강력한 보안시스템으로 확장되고 있다. 보안 시스템과 같은 규모가 크거나 복잡한 소프트웨어 계발에 있어서 설계 및 구현 과정에서 있는 설계 변경 및 구현상의 변경으로 인한 전체 시스템에 미치는 영향이 크다. 본 논문에서는 규모가 큰 보안시스템 계발에 있어서 전체 시스템의 영향 관계를 체계적으로 정립한 소프트웨어 설계 방법론으로의 적용이다. 소프트웨어 설계 방법론은 시스템 형식론에 의거하여 소프트웨어가 표현되었으므로 논리적 연관관계를 추적하기 쉽다 이는 소프트웨어 설계 또는 설계 변경 후 인터페이스 시스템의 중요한 동적 특성을 미리 파악 할 수 있게 하여 소모적일 수 있는 시간과 노력을 절약 할 수 있다.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2003.11a
• /
• pp.127-132
• /
• 2003

현재의 네트워크는 다양한 서버, 라우터, 스위치 등 여러 장치들로 구성된 복잡한 구조를 가지고 있다. 정책 기반의 프레임워크는 복잡한 네트워크를 단순화하고 자동화하여 관리할 수 있는 도구를 제공한다. 본 논문에서는 여러 보안 시스템 모델들이 사용할 수 있는 취약성 정보들을 집약시킴으로써 보안 시스템간의 정보 공유를 쉽게 할 수 있는 SVDB (Simulation based Vulnerability Data Base)를 구축하였다. 또한 SVDB를 활용하여 보안 규칙을 유도하고 유도된 보안 규칙을 정책 기반 프레임워크에 적용할 수 있는 환경을 구성하였다. 정책 기반의 프레임워크에서 취약점 데이터베이스를 이용한 정책 유도와 적용을 검증하기 위해 서비스 거부 공격 (Denial of Service)과 Probing 공격을 사용하여 시뮬레이션을 수행하였다. 정책 기반의 프레임워크에서 보안 시뮬레이션을 수행함으로써 적용될 보안 정책이 기대되는 대로 동작하는지 검증할 수 있는 환경을 제공할 수 있을 것이다.

• Journal of the Society of Naval Architects of Korea
• /
• v.61 no.3
• /
• pp.152-160
• /
• 2024

In the event of a maritime accident, search plans have traditionally been planned using experiential methods. However, these approaches cannot guarantee safety when the scale of a maritime accident increases. Therefore, this study proposes a model utilizing discrete event simulation (DES) to predict the diving time for compartment searches of a ship located on the seabed. The discrete event simulation model was created by applying the DEVS formalism. The M/V Sewol sinking was used as an example to simulate how to effectively navigate compartments of different sizes. The simulation results showed the optimal dive time with the number of decompression chambers needed to navigate the compartment as a variable. Based on this, we propose a methodology for efficient navigation planning while ensuring diver safety.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.4
• /
• pp.131-140
• /
• 2013

This paper deals with the design and implementation of an interface for interoperation between DiskSim, a well-known disk simulator, and a system-level simulator based on DEVSim++. Such inter-operational simulation aims at evaluation of an overall performance of storage systems which consist of multiple computer nodes with a variety of I/O level specifications. A well-known system-level simulation framework, DEVSim++ environment is based on the DEVS formalism, which provides a sound semantics of modular and hierarchical modeling methodology at the discrete event systems level such as multi-node computer systems. For maintainability we assume that there is no change of the source codes for two heterogeneous simulation engines. Thus, we adopt a notion of simulators interoperation in which there should be a means to synchronize simulation times as well as to exchange messages between simulators. As an interface for such interoperation DiskSimManager is designed and implemented. Various experiments, comparing the results of the standalone DiskSim simulation and the interoperation simulation using the proposed interface of DiskSimManager, proved that DiskSimManager works correctly as an interface for interoperation between DEVSim++ and DiskSim.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.12
• /
• pp.965-974
• /
• 2003

Today's network consists of a large number of routers and servers running a variety of applications. In this paper, we have designed and constructed the general simulation environment of network security model composed of multiple IDSs agent and a firewall agent which coordinate by CNP (Contract Net Protocol). The CNP, the methodology for efficient integration of computer systems on heterogeneous environment such as distributed systems, is essentially a collection of agents, which cooperate to resolve a problem. Command console in the CNP is a manager who controls the execution of agents or a contractee, who performs intrusion detection. In the knowledge-based network security model, each model of simulation environment is hierarchically designed by DEVS (Discrete Event system Specification) formalism. The purpose of this simulation is the application of rete pattern-matching algorithm speeding up the inference cycle phases of the intrusion detection expert system. we evaluate the characteristics and performance of CNP architecture with rete pattern-matching algorithm.