• Proceedings of the KIEE Conference
• /
• 2003.11c
• /
• pp.552-554
• /
• 2003

This paper is about the method by which Power Control Unit(PCU) of Control Rod Control System(CRCS) logs events in the system and the real-time monitoring display. This method enables the functions like the event logging of Control Rod Drive Mechanism(CRDM)/power Cabinet, the off-line show of the event data logged and the on-line show by communication between the PCU and the monitoring display. Operators in a nuclear power plant must be able to grasp any possible abnormal states correctly. Because our newly designed system has a good ability to log and display the kinds, tine, and the prior and posterior states of urgent or non-urgent events, the operators can judge, maintain and repair the abnormal event more easily.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.5
• /
• pp.125-130
• /
• 2017

Since field control equipment such as PLC has no function to log key event information in the log, it is difficult to analyze the accident. Therefore, it is necessary to secure information that can analyze when a cyber accident occurs by logging the main event information of the field control equipment such as PLC and IED. The protocol analyzer is required to analyze the field control device (the embedded device) communication protocol for event logging. However, the conventional analyzer, such as Wireshark is difficult to process the data identification and extraction of the large variety of protocols for event logging is difficult analysis of the payload data based and classification. In this paper, we developed a system for Big Data based on field control device communication protocol payload data extraction for event logging of large studies.

• The KIPS Transactions:PartD
• /
• v.13D no.2 s.105
• /
• pp.147-156
• /
• 2006

Event logging plays increasingly an important role in system and network management, and syslog is a de-facto standard for logging system events. However, due to the semi-structured features of Common Log Format data most studies on log analysis focus on the frequent patterns. The extensible Markup Language can provide a nice representation scheme for structure and search of formatted data found in syslog messages. However, previous XML-formatted schemes and applications for system logging are not suitable for semantic approach such as ranking based search or similarity measurement for log data. In this paper, based on ranked keyword search techniques over XML document, we propose an XML tree structure through a new data modeling approach for syslog data. Finally, we show suitability of proposed structure for semantic retrieval.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.14 no.2
• /
• pp.87-96
• /
• 2019

Low power issue is one of the most critical problems in the Internet of Things (IoT), which are powered by battery. To solve this problem, various approaches have been presented so far. In this paper, we propose a method to reduce the power consumption by reducing the numbers of accesses into the flash memory consuming a large amount of power for on-chip software execution. Our approach is based on using cooperative logging structure to distribute the sampling overhead in single sensor node to adjacent nodes in case of rare-event applications. The proposed algorithm to identify event occurrence is newly introduced with negative feedback method by observing difference between past data and recent data coming from the sensor. When an event with need of flash access is determined, the proposed approach only allows access to write the sampled data in flash memory. The proposed event detection algorithm (EDA) result in 30% reduction of power consumption compared to the conventional flash write scheme for all cases of event. The sampled data from the sensor is first traced into the random access memory (RAM), and write access to the flash memory is delayed until the page buffer of the on-chip flash memory controller in the micro controller unit (MCU) is full of the numbers of the traced data, thereby reducing the frequency of accessing flash memory. This technique additionally reduces power consumption by 40% compared to flash-write all data. By sharing the sampling information via LoRa channel, the overhead in sampling data is distributed, to reduce the sampling load on each node, so that the 66% reduction of total power consumption is achieved in several IoT edge nodes by removing the sampling operation of duplicated data.

• The Journal of the Korea Contents Association
• /
• v.10 no.1
• /
• pp.114-121
• /
• 2010

Based on a complex event processing technique, an abuse pattern monitoring method is developed to provide an real-time detection. CEP is a technique to find complex event pattern in a massive information system. In this study, the events occurred by game-play are observed to be against the rules using CEP. User abuse patterns are pre-registered in CEP engine. And CEP engine monitors user abuse after aggregating the game data transferred by game logging server.

• Korean Journal of Computational Design and Engineering
• /
• v.17 no.2
• /
• pp.97-110
• /
• 2012

High performance sensors and modern data logging technology with real-time telemetry facilitate system fault diagnosis in a very precise manner. Fault detection, isolation and identification in fault diagnosis systems are typical steps to analyze the root cause of failures. This systematic failure analysis provides not only useful clues to rectify the abnormal behaviors of a system, but also key information to redesign the current system for retrofit. The main barriers to effective failure analysis are: (i) the gathered data (event) logs are too large in general, and further (ii) they usually contain noise and redundant data that make precise analysis difficult. This paper therefore applies suitable pre-processing techniques to data reduction and feature extraction, and then converts the reduced data log into a new format of event sequence information. Finally the event sequence information is decoded to investigate the correlation between specific event patterns and various system faults. The efficiency of the developed pre-filtering procedure is examined with a terminal box data log of a marine diesel engine.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.05a
• /
• pp.211-214
• /
• 2008

(주)알티베이스에서 개발한 메모리상주형 관계형 DBMS인 ALTIBASE는 로그 정보를 자체 로그파일에 기록한다. 하지만 로그 발생 모듈과 중요도로 각각 분류되어 별개의 로그 파일에 기록되기 때문에 사용자가 참조하는데 불편함이 따른다. 본 논문에서는 윈도 운영체제의 이벤트 로그 기능을 데이터베이스 시스템의 로그 기록 방법으로 구현하여 사용자 편의성을 제공하는 방법을 제시한다.

• The Journal of the Korea Contents Association
• /
• v.11 no.12
• /
• pp.71-77
• /
• 2011

CEP(Complex Event Processing) is a technique to find complex event pattern in a massive information system. Based on CEP technique, an abuse pattern monitoring method has been developed to provide an real-time detection. In the method, the events occurred by game-play are observed to be against the rules using CEP. User abuse patterns are pre-registered in CEP engine. And CEP engine monitors user abuse after aggregating the game data transferred by game logging server. This article provides the performance analysis results of the abuse pattern monitoring method using real game DB. We results that the method proposed in previous study is effective to monitor abusing users.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.12
• /
• pp.152-158
• /
• 2016

In this paper, we implemented the full stack platform design with MongoDB database of open source platform Raspberry PI 3 model. We experimented the triggering of event driven with acceleration sensor data logging with wireless communication. we captured the image of USB Camera(MS LifeCam cinema) with 28 frames per second under the Linux version of Raspbian Jessie and extended the functionality of wireless communication function with Bluetooth technology for the purpose of making Android Mobile devices interface. And therefore we implemented the functions of the full stack platform for recognizing the event triggering characteristics of detecting the acceleration sensor action and gathering the temperature and humidity sensor data under IoT environment. Especially we used MEAN Stack for developing the performance of full stack platform because the MEAN Stack is more akin to working with MongoDB than what we know of as a database. Afterwards, we would enhance the performance of full stack platform for IoT clouding functionalities and more feasible web design with MongoDB.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.263-279
• /
• 2024

With the increasing trend of Cloud migration, security threats in the Cloud computing environment have also experienced a significant increase. Consequently, the importance of efficient incident investigation through log data analysis is being emphasized. In Cloud environments, the diversity of services and ease of resource creation generate a large volume of log data. Difficulties remain in determining which events to investigate when an incident occurs, and examining all the extensive log data requires considerable time and effort. Therefore, a systematic approach for efficient data investigation is necessary. CloudTrail, the Amazon Web Services(AWS) logging service, collects logs of all API call events occurring in an account. However, CloudTrail lacks insights into which logs to analyze in the event of an incident. This paper proposes an automated analysis framework that integrates Cloud Matrix and event information for efficient incident investigation. The framework enables simultaneous examination of user behavior log events, event frequency, and attack information. We believe the proposed framework contributes to Cloud incident investigations by efficiently identifying critical events based on the ATT&CK Framework.