• Journal of the Korea Society of Computer and Information
• /
• v.9 no.4 s.32
• /
• pp.157-165
• /
• 2004

The paper suggests that web-server security management system will be able to detect the web service attack accurately and swiftly which is keeping on increasing at the moment and reduce the possibility of the false positive detection. This system gathers the results of many unit security modules at the real time and enhances the correctness of the detection through the correlation analysis procedure. The unit security module consists of Network based Intrusion Detection System module. File Integrity Check module. System Log Analysis module, and Web Log Analysis and there is the Correlation Analysis module that analyzes the correlations on the spot as a result of each unit security module processing. The suggested system provides the feasible framework of the range extension of correlation analysis and the addition of unit security module, as well as the correctness of the attack detection. In addition, the attack detection system module among the suggested systems has the faster detection time by means of restructuring Snort with multi thread base system. WSM will be improved through shortening the processing time of many unit security modules with heavy traffic.

• Journal of Korea Multimedia Society
• /
• v.15 no.8
• /
• pp.1048-1058
• /
• 2012

This paper proposes the DDMPF(Distributed Data Management Protocol using FAT) which prevents data loss and keeps the security of self-organized storages by comprising a client, a storage server, and a verification server in clouding environment. The DDMPF builds a self-organized storage server, solves data loss by decentralizing the partitioned data in it in contrast to the centralized problem and the data loss caused by the storage server problems of existing clouding storages, and improves the efficiency of distributed data management with FAT(File Allocation Table). And, the DDMPF improves the reliability of data by a verification server's verifying the data integrity of a storage server, and strengthens the security in double encryption with a client's private key and the system's master key using EC-DH algorithm. Additionally, the DDMPF limits the number of verification servers and detects the flooding attack by setting the TS(Time Stamp) for a verification request message and the replay attack by using the nonce value generated newly, whenever the verification is requested.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.1
• /
• pp.253-260
• /
• 2008

This paper is based on the ubiquitous network of telematics technology, equipped with a black box to the car by a unique address given to IPv6. The driver's black box at startup and operation of certification, and the car's driving record handling video signals in real-time sensor signals handling to analyze the records. Through the recorded data is encrypted transmission, and the Ubiquitous network of base stations, roadside sensors through seamless mobility and location tracking data to be generated. This is a file of Transportation Traffic Operations Center as a unique address IPv6 records stored in the database. The car is equipped with a black box used on the road go to Criminal cases, the code automotive black boxes recovered from the addresses and IPv6, traffic records stored in a database to compare the data integrity verification and authentication via secure. This material liability in the courtroom and the judge Forensic data are evidence of the recognition as a highly secure. convenient and knowledge in the information society will contribute to human life.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.305-311
• /
• 2010

iATA (Internet Advanced Technology Attachment) is a block-level protocol developed to transfer ATA commands over TCP/IP network, as an alternative network storage solution to address insufficient storage problem in mobile devices. This paper employs RAID5 distributed storage servers concept into iATA, in which the idea behind is to combine several machines with relatively inexpensive disk drives into a server array that works as a single virtual storage device, thus increasing the reliability and speed of operations. In the case of one machine failed, the server array will not destroy immediately but able to function in a degradation mode. Meanwhile, information can be easily recovered by using boolean exclusive OR (XOR) logical function with the bit information on the remaining machines. We perform I/O measurement and benchmark tool result indicates that additional fault tolerance feature does not delay read/write operations with reasonable file size ranged in 4KB-2MB, yet higher data integrity objective is achieved.

• Journal of KIISE
• /
• v.42 no.7
• /
• pp.852-859
• /
• 2015

As the amount of knowledge information significantly increases, a lot of progress has been made in the studies focusing on how to reason large scale ontology effectively at the level of RDFS or OWL. These reasoning methods are divided into TBox classifications and ABox realizations. A TBox classification mainly deals with integrity and dependencies in schema, whereas an ABox realization mainly handles a variety of issues in instances. Therefore, the ABox realization is very important in practical applications. In this paper, we propose a realization method for analyzing the constraint of the specified class, so that the reasoning system automatically infers the classes to which instances belong. Unlike conventional methods that take advantage of the object oriented language based distributed file system, we propose a large scale ontology reasoning method using spark, which is a functional programming-based in-memory system. To verify the effectiveness of the proposed method, we used instances created from the Wine ontology by W3C(120 to 600 million triples). The proposed system processed the largest 600 million triples and generated 951 million triples in 51 minutes (696 K triple / sec) in our largest experiment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.4
• /
• pp.3-14
• /
• 2001

A Web server makes use of the HTTP(Hyper Text Transfer Protocol) to communicate with a client. The HTTP is a stateless protocol; the server does not maintain any state information for ongoing interactions with the client. Therefore, the HTTP inevitably requires additional overhead as repeating data key-in to user for continuing communications. This overhead in Web environment can be resolved by the cookie technologies. However, the cookie is usually unsecured due to the clear-text to transfer on the network and to store in the file. That is, information in the cookie is easy to exposure, copy, and even change. In this paper, we propose a secure cookie mechanism appropriate to Web environment, and then present a design and implement of secure Web system based on the scheme. The Web system can be used to any web environment. It also provides some security services, such as confidentiality, authentication, integrity.

• Journal of the Korean Society for Railway
• /
• v.15 no.4
• /
• pp.323-328
• /
• 2012

The purpose of this study is to develop automated structural design and analysis aided-program of aluminum extrusion carbody structures for railway vehicle. This developed program is called "AUTO-RAP" and could perform simultaneously structural design and verification for railway carbody structures made of aluminum extrusion independent of expertise and experience of design engineers. Design engineers are able to conduct the knowledge-based design by providing database of existing aluminum extrusion or user-defined function. The design verification is automatically programmed to evaluate its structural integrity according to Korean Railway Safety Law or Urban Transit Safety Law. In addition, this program could automatically generate an executable file of various commercial finite element programs such as ANSYS and ABAQUS and CAD files such as .stp and .iges by GUI environment applications using MFC(Microsoft Foundation Classes). In conclusion, it is expected to contribute to reduce product design cost and time of carbody structures aluminum extrusions in railway industry.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.47 no.5
• /
• pp.41-49
• /
• 2010

Being popularized the use of portable entertainment/information devices, the demand on flash memory has been also increased radically. In general, flash memory reveals various error patterns by the devices it is mounted, and thus the memory makers are trying to minimize error ratio in the final process through not only the electric test but also the data integrity test under the same condition as real application devices. This process is called an application-level memory test. Though currently various flash memory testing devices have been used in the production lines, most of the works related to memory test depend on the sensual abilities of human testers. In case of testing the flash memory for MP3 devices, the human testers are checking if the memory has some errors by hearing the audio played on the memory testing device. The memory testing process like this has become a bottleneck in the flash memory production line. In this paper, we propose an audio comparison technique to support the efficient flash memory test for MP3 devices. The technique proposed in this paper compares the variance change rate between the source binary file and the decoded analog signal and checks automatically if the memory errors are occurred or not.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.3
• /
• pp.23-40
• /
• 1997

There are a lot of security tools for the investigation and improvement of UNIX systems. However, most of them fail to provide a consistent and usable user interface. In addition, they concentrate on a specific aspect of a system, not the whole one. For the overall management, system administrators cannot help using several uncomfortable tools. This paper introduces an integrated security analysis tool, named "Zkimi", which provides a convenient user interface and investigates the various aspects of UNIX systems such as account security, system security, network security, and file system integrity. The Zkimi supports user-friendly WWW based interface, so administrators can examine the various aspects of system more easily. We tried the tool for a system of a moderate size, and were confirmed that the tool is very efficient for investigating various security aspects of a system. a system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.131-142
• /
• 2007

In this paper, semi-fragile watermarking algorithm was proposed for the application to RP(Rapid Prototyping) system. In the case of the perceptual change or distortion of the original one, the prototype product will be affected from the process because the RP system requires the high precision measure. Therefore, the geometrical transformations like translation, rotation and scaling, the mesh order change and the file format change are used in the RP system because they do not change the basic shapes of the 3D models, but, the decimation and the smoothing are not used because they change the models. The proposed algorithm which is called semi-fragile watermarking is robust against to these kinds of manipulations which preserve the original shapes because it considers the limitations of the RP system, but fragile against to the other manipulations which change the original shapes. This algorithm does not change the model shapes after embedding the watermark information, that is, there is no shape difference between the original model and the watermarked model. so, it will be useful to authenticate the data integrity and hide the information in the field of mechanical engineering which requires the high precision measure.