• The Journal of the Korea Contents Association
• /
• v.3 no.1
• /
• pp.31-38
• /
• 2003

In this paper, We propose detection mood generation system using learning to generate automatically detection model. It is improved manpower, efficiency in time. Proposed detection model generator system is consisted of agent system and manager system. Model generation can do existing standardization by genetic algorithm because do model generation and apply by new detection model. according to experiment results, detection model generation using learning proposed sees more efficiently than existing intrusion detection system. When intrusion of new type occur by implemented system and decrease of the False-Positive rate, improve performance of existing intrusion detection system.

• Proceedings of the Korean Society for Noise and Vibration Engineering Conference
• /
• 2014.10a
• /
• pp.495-496
• /
• 2014

The suction method is the substructure installation using the water pressure difference generated by discharging water inside the pile by the pumping operation, after the intrusion by the self-weights of a large hollow steel pipe or a concrete structure. It is known as the low-noise and low-vibration method against the general pile driven method and eco-friendly, also. Most current design and safety assessment of the support structure and considering only the static load, however, the importance of dynamic behavior becomes magnified as the size of wind power generator increases. This study measures the natural frequency of the suction pile prototype about the penetration depth as a part of basic research and analyzed the interaction between the soil and the structure.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2000.11a
• /
• pp.113-117
• /
• 2000

침입 탐지 시스템은 네트워크나 호스트에 대한 오용, 남용, 또는 허가되지 않은 접근을 탐지하는 기능을 갖는 시스템이다. 최근 침입들은 그 종류가 매우 다양화되고, 탐지하기가 매우 어려운 형태로 나타나고 있다. 이러한 침입으로 대표적인 것이 분산 공격과 스텔시 공격(Stealthy Attack)이 있다. 분산 공격은 침입자가 공간적으로 분산되어 이를 탐지하기 어렵게 하는 공격을 말하며, 스텔시 공격은 시간적으로 분산되어 이를 탐지하기 어려운 경우를 말한다. 침입 탐지 시스템의 모델링 및 시뮬레이션을 위해서는 침입 탐지 시스템 모델에 필요한 침입을 제공하고, 침입에 대한 탐지 능력을 평가하기 위한 experimental frame을 디자인 해야한다. 본 연구에서는 분산 공격과 스텔시 공격 기능을 갖는 침입 생성 모델링 방법을 소개하며, 침입 생성을 위해 요구되는 침입 정보 베이스의 역할 및 저장 정보를 소개한다. 또한, 침입에 대한 탐지 능력 평가를 위한 Transducer 모델의 디자인을 소개한다.

• Proceedings of the Korean Society of Propulsion Engineers Conference
• /
• 2008.03a
• /
• pp.391-398
• /
• 2008

LES analysis was conducted with in-house CFD code to investigate the turbulence evolution and interaction due to turbulence ring and splash plate in the gas generator. Though chemical reaction was not accounted for, the results can be useful in determining the turbulence characteristics generated by ring and plate. The calculation results show that the installation of turbulence ring can introduce additional turbulences and improve turbulent mixing in the downstream flow. However, the addition of splash plate in the downstream of TR brings totally different shape of perturbation energy and enstrophy distribution for turbulent mixing. This enhancement can be done by the formation of the intensively strong vorticity production and mixing behind the plate. Pressure drop was found to be a reasonable level of about 1% or less of initial pressure in all calculation cases. Also, calculation results revealed that the variation of TR shape and intrusion length did not change the characteristics of turbulent mixing in the chamber. Even though the effect of installation location of splash plate on the turbulent mixing is not investigated yet, calculation results conclude the addition of splash plate leads to the increase in turbulent mixing with an acceptable pressure drop.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.1B
• /
• pp.47-55
• /
• 2009

In recent network intrusion detection systems, regular expressions are used to represent malicious packets. In order to process incoming packets through high speed networks in real time, we should perform hardware-based pattern matching using the configurable device such as FPGAs. However, operating speed of FPGAs is slower than giga-bit speed network and so, multi-byte processing per clock cycle may be needed. In this paper, we propose a hardware architecture of multi-byte based regular expression pattern matching and implement the pattern matching circuit generator. The throughput improvements in four-byte based pattern matching circuit synthesized in FPGA for several Snort rules are $2.62{\sim}3.4$ times.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.11-18
• /
• 2012

Deep packet inspection which perform pattern matching to search for malicious patterns in the packet is most computationally intensive task. Hardware-based pattern matching is required for real-time packet inspection in high-speed network. In this paper, we have designed and implemented network intrusion detection hardware as a Microblaze-based SoC using Virtex-6 FPGA, which capture the network input packet, perform hardware-based pattern matching for patterns in the Snort rule, and provide the matching result to the software. We verify the operation of the implemented system using traffic generator and real network traffic. The implemented hardware can be used in network intrusion detection system operated in wire-speed.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.209-220
• /
• 2007

IPS(Intrusion Prevention Systems), which is installed in inline mode in a network, protects network from outside attacks by inspecting the incoming/outgoing packets and sessions, and dropping the packet or closing the sessions if an attack is detected in the packet. In the signature based filtering, the payload of a packet passing through IPS is matched with some attack patterns called signatures and dropped if matched. As the number of signatures increases, the time required for the pattern matching for a packet increases accordingly so that it becomes difficult to develop a high performance US working without packet delay. In this paper, we propose a high performance IPS based on signature hashing to make the pattern matching time independent of the number of signatures. We implemented the proposed scheme in a Linux kernel module in a PC and tested it using worm generator, packet generator and network performance measure instrument called smart bit. Experimental results show that the performance of existing method is degraded as the number of signatures increases whereas the performance of the proposed scheme is not degraded.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.2
• /
• pp.676-682
• /
• 2018

As the IoT world including WSNs develops, the number of sensor systems that sense information according to the environment based on the principle of IoT is increasing. In order to perform security for each sensor system in such a complicated environment, the security modules must be varied. These problems make hardware/software implementation difficult when considering the system efficiency and hacking/cracking. Therefore, to solve this problem, this paper proposes a pseudorandom number generator (FLT: Pseudo-random Number Generator with Fixed Length Tap unrelated to the variable sensing nodes) with a fixed-length tap that generates a pseudorandom number with a constant period, irrespective of the number of sensing nodes, and has the purpose of detecting anomalies. The proposed FLT-LFSR architecture allows the security level and overall data formatting to be kept constant for hardware/software implementations in an IoT environment. Therefore, the proposed FLT-LFSR architecture emphasizes the scalability of the network, regardless of the ease of implementation of the sensor system and the number of sensing nodes.

• Journal of the Korean Society for Aeronautical & Space Sciences
• /
• v.36 no.12
• /
• pp.1171-1179
• /
• 2008

LES analysis was conducted with in-house CFD code to investigate the turbulence evolution and interaction due to turbulence ring and splash plate in the gas generator. The calculation results show that the installation of turbulence ring can introduce additional turbulences and significantly improve turbulent mixing in the downstream flow. However, the addition of splash plate in the downstream of TR(Turbulence Ring) brings totally different shape of perturbation energy and enstrophy distribution into turbulent mixing. This enhancement can be done by the formation of the intensively strong vorticity and mixing behind the plate. Pressure drop was found to be a reasonable level of about 1% or less of initial pressure in all calculation cases. Also, calculation results revealed that the variation of shape and intrusion length of TR did not greatly affect the characteristics of turbulent mixing in the chamber. Even though the effect of installation location of splash plate on the turbulent mixing was not investigated yet, calculation results conclude the addition of splash plate leads to the increase in turbulent mixing with an acceptable pressure drop.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.917-920
• /
• 2006

정보보호 분야에서 네트워크 시뮬레이터에 대한 관심이 커지고 있으나 여러가지 제약 때문에 연구 및 개발이 미흡하다. 특히 침입탐지 시뮬레이터의 평가를 위한 적절한 데이터가 존재하지 않아 침입탐지 시뮬레이터가 적절한지 판단할 근거 자료가 충분하지 않다. 본 논문에서는 네트워크 시뮬레이터에서 DARPA 99 데이터셋을 활용하는 방법으로 트래픽 생성기를 설계 및 구현 하였으며, 그 결과가 정상적으로 동작함을 확인하였다.