• The Bulletin of The Korean Astronomical Society
• /
• v.39 no.1
• /
• pp.70.2-70.2
• /
• 2014

We developed a three-dimensional (3D) magnetohydrodynamic (MHD) simulation code to reproduce the structure of a solar wind and the propagation of a coronal mass ejection (CME) through it. This code is constructed by a finite volume method based on a total variation diminishing (TVD) scheme using an unstructured grid system (Tanaka 1994). The grid system can avoid the singularity arising in the spherical coordinate system. In this study, we made an improvement of the code focused on the propagation of a CME through a solar wind, which extends a previous work done by Nakamizo et al. (2009). We first reconstructed a solar wind in a steady state from physical values obtained at 50 solar radii away from the Sun via an MHD tomography applied to interplanetary scintillation (IPS) data (Hayashi et al. 2003). We selected CR2057 and inserted a spheromak-type CME (Kataoka et al. 2009) into a reconstructed solar wind. As a result, we found that our simulation well captures the velocity, temperature and density profiles of an observed solar wind. Furthermore, we successfully reproduce the general characteristics of an interplanetary coronal mass ejection (ICME) obtained by the Helios 1/2 spacecraft (R. J. FORSYTH et al. 2006).

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.2
• /
• pp.185-191
• /
• 2008

Most threats of WLAN are easily caused by attackers who access to the radio link between STA and AP, which involves some Problems to intercept network communications or inject additional messages into them. In comparison with wired LAN, severity of wireless LAN against threats is bigger than the other networks. To make up for the vulnerability of wireless LAN, it needs to use the Intrusion Detection System using a powerful intrusion detection method as SVM. However, due to classification based on calculating values after having expressed input data in vector space by SVM, continuous data type can not be used as any input data. In this paper, therefore, we design the IDS system for WLAN by tuning with SVM and data-mining mechanism to defend the vulnerability on certain WLAN and then we demonstrate the superiority of our method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.101-115
• /
• 2011

A botnet is a huge network of hacked zombie PCs. Recognizing the fact that the majority of email spam is sent out by botnets, a system that is capable of detecting botnets and zombie PCS will be designed in this study by analyzing email spam. In this study, spam data collected in "an email spam trail system", Korea's national spam collection system, were used for analysis. In this study, we classified the spam groups by the URLs or attached files, and we measured how much the group has the characteristics of botnet and how much the IPs have the characteristics of zombie PC. Through the simulation result in this study, we could extract 16,030 zombie suspected PCs for one hours and it was verified that email spam can provide considerably useful information in tracing zombie PCs.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.20 no.1
• /
• pp.109-118
• /
• 2024

Recently, a social issue has arisen involving RDDoS attacks following the sending of threatening emails to security administrators of companies and institutions. According to a report published by the Korea Internet & Security Agency and the Ministry of Science and ICT, survey results indicate that DDoS attacks are increasing. However, the top response in the survey highlighted the difficulty in countering DDoS attacks due to issues related to security personnel and costs. In responding to DDoS attacks, administrators typically detect anomalies through traffic monitoring, utilizing security equipment and programs to identify and block attacks. They also respond by employing DDoS mitigation solutions offered by external security firms. However, a challenge arises from the initial failure in early response to DDoS attacks, leading to frequent use of detection and mitigation measures. This issue, compounded by increased costs, poses a problem in effectively countering DDoS attacks. In this paper, we propose a system that creates detection rules, periodically collects traffic using mail detection and IDS, notifies administrators when rules match, and Based on predefined threshold, we use IPS to block traffic or DDoS mitigation. In the absence of DDoS mitigation, the system sends urgent notifications to administrators and suggests that you apply for and use of a cyber shelter or DDoS mitigation. Based on this, the implementation showed that network traffic was reduced from 400 Mbps to 100 Mbps, enabling DDoS response. Additionally, due to the time and expense involved in modifying detection and blocking rules, it is anticipated that future research could address cost-saving through reduced usage of DDoS mitigation by utilizing artificial intelligence for rule creation and modification, or by generating rules in new ways.

• Journal of Intelligence and Information Systems
• /
• v.26 no.3
• /
• pp.37-50
• /
• 2020

Information security has become an important issue in the world. Various information and communication technologies, such as the Internet of Things, big data, cloud, and artificial intelligence, are developing, and the need for information security is increasing. Although the necessity of information security is expanding according to the development of information and communication technology, interest in information security investment is insufficient. In general, measuring the effect of information security investment is difficult, so appropriate investment is not being practice, and organizations are decreasing their information security investment. In addition, since the types and specification of information security measures are diverse, it is difficult to compare and evaluate the information security countermeasures objectively, and there is a lack of decision-making methods about information security investment. To develop the organization, policies and decisions related to information security are essential, and measuring the effect of information security investment is necessary. Therefore, this study proposes a method of constructing an investment portfolio for information security measures using game theory and derives an optimal defence probability. Using the two-person game model, the information security manager and the attacker are assumed to be the game players, and the information security countermeasures and information security threats are assumed as the strategy of the players, respectively. A zero-sum game that the sum of the players' payoffs is zero is assumed, and we derive a solution of a mixed strategy game in which a strategy is selected according to probability distribution among strategies. In the real world, there are various types of information security threats exist, so multiple information security measures should be considered to maintain the appropriate information security level of information systems. We assume that the defence ratio of the information security countermeasures is known, and we derive the optimal solution of the mixed strategy game using linear programming. The contributions of this study are as follows. First, we conduct analysis using real performance data of information security measures. Information security managers of organizations can use the methodology suggested in this study to make practical decisions when establishing investment portfolio for information security countermeasures. Second, the investment weight of information security countermeasures is derived. Since we derive the weight of each information security measure, not just whether or not information security measures have been invested, it is easy to construct an information security investment portfolio in a situation where investment decisions need to be made in consideration of a number of information security countermeasures. Finally, it is possible to find the optimal defence probability after constructing an investment portfolio of information security countermeasures. The information security managers of organizations can measure the specific investment effect by drawing out information security countermeasures that fit the organization's information security investment budget. Also, numerical examples are presented and computational results are analyzed. Based on the performance of various information security countermeasures: Firewall, IPS, and Antivirus, data related to information security measures are collected to construct a portfolio of information security countermeasures. The defence ratio of the information security countermeasures is created using a uniform distribution, and a coverage of performance is derived based on the report of each information security countermeasure. According to numerical examples that considered Firewall, IPS, and Antivirus as information security countermeasures, the investment weights of Firewall, IPS, and Antivirus are optimized to 60.74%, 39.26%, and 0%, respectively. The result shows that the defence probability of the organization is maximized to 83.87%. When the methodology and examples of this study are used in practice, information security managers can consider various types of information security measures, and the appropriate investment level of each measure can be reflected in the organization's budget.

• The Journal of the Korea Contents Association
• /
• v.8 no.3
• /
• pp.25-31
• /
• 2008

We propose a low power level-up/down shifter with single supply that can be used at SoC with multiple supply. The proposed circuit interfaces IPs which are operated on the different supply voltages. The circuit is designed with a single supply that decreases the low power consumption and the complexity of supply routing and layout. The proposed circuit operated at 500MHz for level-up and at 1GHz for level-down. The level-up/down shifter improves noise immunity of the system at I/O circuit. The circuit is evaluated for 1.8V, 2.5V, 3.3V supply with 0.18um CMOS technology, respectively.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.2
• /
• pp.293-298
• /
• 2009

In this contribution, a 193-bit elliptic curve cryptography coprocessor was implemented on an FPGA board. Optimized algorithms and numerical expressions which had been verified through C program simulation, should be analyzed again with HDL (hardware description language) such as Verilog, so that the verified ones could be modified to be applied directly to hardware implementation. The reason is that the characteristics of C programming language design is intrinsically different from the hardware design structure. The hardware IP which was double-checked in view of hardware structure together with algoritunic verification, was implemented on the Altera CycloneII FPGA device equipped with ARM9 microprocessor core, to a real chip prototype, using Altera embedded system development tool kit. The implemented finite field calculation IPs can be used as library modules as Elliptic Curve Cryptography finite field operations which has more than 193 bit key length.

• Journal of the Institute of Convergence Signal Processing
• /
• v.8 no.4
• /
• pp.285-292
• /
• 2007

SoC which deploys software modules as well as hardware IPs on a single chip is a major revolution taking place in the implementation of a system design, and high-level synthesis is an important process of SoC design methodology. Recently, SPARK parallelizing high-level synthesis software tool has been developed. It takes a behavioral ANSI-C code as an input, schedules it using code motion and various code transformations, and then finally generates synthesizable RTL VHDL code. Although SPARK employs various loop transformation algorithms, the synthesis results generated by SPARK are not acceptable for basic signal and image processing algorithms with nested loop. In this paper we propose a SoC platform with an application-specific PLD targeting local operations which are feature of many loop algorithms used in signal and image processing, and demonstrate design process which maps behavioral specification with nested loops written in a high-level language (ANSI-C) onto 2D systolic array. Finally the derived systolic array is implemented on the proposed application-specific PLD of SoC platform.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.2
• /
• pp.343-350
• /
• 2016

A secure and effective on-chip bus for detecting and preventing malicious attacks by infected IPs is presented in this paper. Most system inter-connects (on-chip bus) are vulnerable to hardware Trojan (Malware) attack because all data and control signals are routed. A proposed secure bus with modifications in arbitration, address decoding, and wrapping for bus master and slaves is designed using the Advanced High-Performance and Advance Peripheral Bus (AHB and APB Bus). It is implemented with the concept that arbiter checks share of masters and manage infected masters and slaves in every transaction. The proposed hardware is designed with the Xilinx 14.7 ISE and verified using the HBE-SoC-IPD test board equipped with Virtex4 XC4VLX80 FPGA device. The design has a total gate count of 39K at an operating frequency of 313MHz using the $0.13{\mu}m$ TSMC process.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.407-409
• /
• 2017

Many traditional retailers are losing money due to loss and accidents in managing their carts. Therefore, we intend to solve these problems by installing a raspberry pie with various functions in order to efficiently manage the cart. First, use ultrasonic sensors to measure the distance between the cart and the object, use vibration sensors to vary the number of vibration sensors, change the number of vibrations to the user, and use Beacon to transmit the cart in real time. It also contributes to consumers' spending patterns and revenue generation by identifying consumers' consumption patterns. Problems with lost are also resolved by issuing an audible warning (outside of Mart) if a distance is removed (outside of Mart).