• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.161-168
• /
• 2007

Web attack uses structural, logical and coding error or web application rather than vulnerability to Web server itself. According to the Open Web Application Security Project (OWASP) published about ten types of the web application vulnerability to show the causes of hacking, the risk of hacking and the severity of damage are well known. The detection ability and response is important to deal with web hacking. Filtering methods like pattern matching and code modification are used for defense but these methods can not detect new types of attacks. Also though the security unit product like IDS or web application firewall can be used, these require a lot of money and efforts to operate and maintain, and security unit product is likely to generate false positive detection. In this research profiling method that attracts the structure of web application and the attributes of input parameters such as types and length is used, and by installing structural database of web application in advance it is possible that the lack of the validation of user input value check and the verification and attack detection is solved through using profiling identifier of database against illegal request. Integral security management system has been used in most institutes. Therefore even if additional unit security product is not applied, attacks against the web application will be able to be detected by showing the model, which the security monitoring log gathering agent of the integral security management system and the function of the detection of web application attack are combined.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.462-465
• /
• 2011

A pulse oximeter is a device which provides non-invasive estimate of percentage oxygen saturation of haemoglobin (SpO2). Due to the limitations of resources of personal health devices (PHDs) including pulse oximeters, they generally transmit the estimated data to a remote monitoring server through a close manager (e.g. mobile device or PC). Therefore, communication protocols between PHDs and a manager is an important research topic in terms of interoperability. In this paper, we present design results of an SpO2 transmission agent based on the ISO/IEEE 11073 (X73) protocol. The protocol is an international standard for PHDs. The agent is an embedded program which generates X73 messages from the estimated pulse rates and SpO2, and transmits the messages to a close manager. The agent consists of a Session, Message and Memory Handler. The Session Handler manages a communication session with the manager, and the Message Handler generates and analyzes the exchanged messages according to the X73 protocol. The Memory Handler extracts pulse rates and SpO2s which are stored in a memory of the pulse oximeter. The SpO2 transmission agent allows pulse oximeters to communicate with managers based on x73 standard. Consequently, the interoperability between the pulse oximeters and the managers is guaranteed.

• Journal of KIISE:Software and Applications
• /
• v.31 no.12
• /
• pp.1637-1648
• /
• 2004

When digital libraries are developed by the traditional client/sever system using a single agent on the distributed environment, several problems occur. First, as the search method is one dimensional, the search results have little relationship to each other. Second, the results do not reflect the user's preference. Third, whenever a client connects to the server, users have to receive the certification. Therefore, the retrieval of documents is less efficient causing dissatisfaction with the system. I propose a new platform of mobile multiagents for a personal digital library to overcome these problems. To develop this new platform I combine the existing DECAF multiagents platform with the Voyager mobile ORB and propose a new negotiation algorithm and scheduling algorithm. Although there has been some research for a personal digital library, I believe there have been few studies on their integration and systemization. For searches of related information, the proposed platform could increase the relationship of search results by subdividing the related documents, which are classified by a supervised neural network. For the user's preference, as some modular clients are applied to a neural network, the search results are optimized. By combining a mobile and multiagents platform a new mobile, multiagents platform is developed in order to decrease a network burden. Furthermore, a new negotiation algorithm and a scheduling algorithm are activated for the effectiveness of PDS. The results of the simulation demonstrate that as the number of servers and agents are increased, the search time for PDS decreases while the degree of the user's satisfaction is four times greater than with the C/S model.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.17 no.11
• /
• pp.1206-1218
• /
• 1992

Token ring systems which control to switch the data stream of networks by passing the token have been widely used to medium access controls in many ring or bus topology LANs. The system could be modeled for analysis as single-server-multi-queue system of the cyclic service method. These concepts could be expanded to multi-token ring systems interconnected with single ring consisting of bridges implemented simply to be stored and transmitted. In the proposal for the performance analysis of the interconnected token ring system, in has been assumed M/G/1 queueing model that frame arrivals are the Poisson process at each station queue and frame sizes are independently and identically distributed. And the average time delays were analyzed mathematically for arbitrary frame transferred from source station to destination area. The time delay of the frame transmission could be explained as the sum of the average time which the token passed from arbitrary position to source station, such as the waiting time in the source station transferring the previous arrival frames, and the propagation time from source station to interdestinated point. These delays were given as the sum of the duration from inner and outer bridge queues, the time delays from inner and outer bridge queues, and the time from outer bridge queue to destination station. These results were investigated by varing parameters effected to total time delays. In the results, those factors to be effected to dominant the total time delays were increased were in the cases of the high arrival rates and the high ration of destination of the other outerring. The system were shown the time delays increased exponentially in spite of the priority service policy. In order to decreasing the number of outerrings and increasing the number of nodes in backbone relatively, so the systems could be decreased the total delay in the interconnected token ring system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.11
• /
• pp.2083-2090
• /
• 2006

In an proposed Context-Aware SOA(Service Oriented Architecture) based OSGi(Open Service Gateway initiative) platform, Service provider manages relative kinds of services in an integrative basis from various sensors, puts each service in a SOAP (Simple Object access Protocol) message, and register thorn to the UDDI(Universal Description Discovery and Integration) server of service registry, service requester retrivel the specified kinds of services and call them to service provider. Recently most context-aware technologies for ubiquitous home network are mainly putting emphasis on RFID/USN and location-based technology. Because of this, service-oriented architecture researches have not been made enough. Under the environment of an OSGi service platform, various context-aware services are dynamically mapping from various sensors, new services are being offered for the asking of users, and existing services are changing. Accordingly, the data sharing between services provided, management of service life cycle, and the facilitation of service distribution are needed. Taking into considering all these factors, this study has suggested an Context-Aware SOA based eclipse SOA Tools Platform using OSGi platform that can transaction throughtput of more than 546 TPS of distributional Little's Law from ATAM(Architecture Tradeoff Analysis Method) while remaining stable other condition.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.10
• /
• pp.2523-2529
• /
• 2014

Location estimation service can be provided outdoors using various location estimation system based on GPS. However, location estimation system is based on existing indoor resources as GPS cannot be used because of insufficient visible satellites and weak signals. The fingerprinting technique that uses WLAN signal, in particular, is good to use indoors because it uses RSSI provided by AP to estimate location. However, its accuracy may vary depending on how accurate data the offline stage used where the fingerprinting map is built. The study sampled various data at the stage that builds the fingerprinting map and suggested a location estimation system that enhances its precision by saving the data of high frequency among them to improve this problem. The suggested location estimation system based on majority sampling data estimates location by filtering RSSI data of the highest frequency at the client and server to be saved at a map, building the map and measuring a similar distance. As a result of the test, the location estimation precision stood at minimum 87.5 % and maximum 90.4% with the margin of error at minimum 0.25 to 2.72m.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.931-942
• /
• 2010

A home network provides users with a variety of information services. The kind and quality of the services can be substantially enhanced by utilizing a variety of data from sensors. However, home networks currently limit their potential by focusing on providing multimedia services rather than services utilizing sensor data. Outdoor electronics are frequently made in a form that emphasizes only certain limited functions in contrast to home appliances. Thus, sensors with one or two functions rather than many can be used in outdoor systems and their use will be more economical than using sensor nodes indoors with more complex home appliances. In this study, we chose to work with motion sensors as they have many potential uses, and we selected a parking lot control system with to use the motion sensors. This parking lot control system was implemented and applied as part of a home network. For this purpose, we defined and implemented a protocol to manage the network in a ubiquitous sensor network environment for the wireless home network in this study. Although a network management system in a Ubiquitous Sensor Network (USN) related to this study is being advanced for other projects, the protocol interface and message system have not yet been clearly defined for use in a general purpose network or in an extension into heterogeneous kinds of networks, communication support, etc. Therefore, USN network management should be conducted for management of faults, composition, power, and applications. To verify the performance of the protocol interface designed in this study, we designed and implemented the necessary units (sensor nodes, sensor gateway, and server) for each network section and, with them, proved the validity of this study.

• Journal of KIISE:Information Networking
• /
• v.30 no.4
• /
• pp.559-571
• /
• 2003

ENUM(tElephon NUmbering Mapping) is protocol that brings convergence between PSTN Networks and IP Networks using a unique worldwide E.164 telephone number as an identifier between different communication infrastructure. The mechanism provides a bridge between two completely different environments with E.164 number; IP based application services used in PSTN networks, and PSTN based application services used in IP networks. We propose a new way to organize and handle ENUM Tier 2 name servers to improve performance at the name resolution process in ENUM based application service. We build an ENUM based network model when NAPTR(Naming Authority PoinTeR) resource record is registered and managed by area code at the initial registration step. ENUM promises convenience and flexibility to both PSTN and IP users, yet there is no evidence how much patience is required when users decide to use ENUM instead of non-ENUM based applications. We have estimated ENUM response time, and proved how to improve performance up to 3 times when resources are managed by the proposed mechanism. The proposition of this thesis favorably influences users and helps to establish the policy for Tier 2 name server management.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.8
• /
• pp.1960-1971
• /
• 1998

The researches and developments to provide multimedia communication services such as Video on Demand(VoDJ), real time video phonc and multipoint vidco conferencing on broadband ISDN environmcnts have been proceeded with activity. Specifications for Vol) services which is worked by Digital Audio-Visual Council(DAVIC) to support detail technologies including total service system that is consist of VoD server. delive[\! networl, and Set-Top Box(STB) had been already finished and ITU-T SG16 also recommended the standards of H.300 series terminal aspects for conversational multimedia services, But the architectures of multimedia tenninals recommended and specified by these organizations do not have an efficient st11lcture to provide all of retrieval, distrihution and conversational service due to a different point of view about multimedia terminals and services. In this paper, we analyzed the recornmendatio!E and the specifications of intemational public and private organizations like lTU-T, DAVIC and ATM forum. As a result of these analysis. we propose an efficient terminal architecture, and then we have designed, lmplemented the multimedia communication terminal for offering VoI) and real- time conversation ,,, functional module test according to the individual commumication service session and confirined the validiry or terminal implemented to be used on broadband ISDK environments.

• Journal of Internet Computing and Services
• /
• v.7 no.2
• /
• pp.81-92
• /
• 2006

Recently, the number of mobile phone and PDA users has been rapidly increased. Such monitoring and control applications as geographical and traffic information systems are being used widely with wireless devices. In this paper, we introduce the mobile M/VC application framework that supports the rapid constructions of mobile monitoring and control (M/VC) applications. The mobile M/VC application framework uses the mobile Observer/Observable pattern that extends the Java's Observer/Observable for automatic interactions of server and client objects in wireless environments. It also provides the Multiplexer and Demultiplexer classes that supports the assembly feature of Observer and Observable objects. To construct an application using the framework, developers just need to create necessary objects from the Observable and MobileObserver classes and inter-connect them structurally(like the plug-and-play style) through the Multiplexer and Demultiplexer objects. Then, the state change of Observable objects is notified to the connected Observer objects and user's input with Observer objects is propagated to Observable objects. These mechanism is the main process for monitoring and control applications. Therefore, the mobile M/VC application framework can improve the productivity of mobile applications and enhance the reusability of such components as Observer and Observable objects in wireless environments.