• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.700-708
• /
• 2015

A software birthmark is the set of characteristics of a program which can be used to identify the program. Many researchers have studied on detecting theft of java programs using some birthmarks. In case of Android apps, code obfuscation techniques are used to protect the apps against reverse-engineering and tampering. However, attackers can also use the obfuscation techniques in order to conceal a stolen program. A birthmark (feature) of an app can be alterable by code obfuscations. Therefore, it is necessary to detect Android app theft based on the birthmark which is resilient to code obfuscation. In this paper, we propose an effective Android app birthmark and app theft detection through the proposed birthmark. By analyzing some obfuscation tools, we have first selected parameter and the return types of methods as an adequate birthmark. Then, we have measured similarity of target apps using the birthmarks extracted from the apps, where some target apps are not obfuscated and the others obfuscated. The measurement results show that our proposed birthmark is effective for detecting Android app theft even though the apps are obfuscated.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.666-677
• /
• 2015

The importance of application traffic analysis for efficient network management has been emphasized continuously. Snort is a popular traffic analysis system which detects traffic matched to pre-defined signatures and perform various actions based on the rules. However, it is very difficult to get highly accurate signatures to meet various analysis purpose because it is very tedious and time-consuming work to search the entire traffic data manually or semi-automatically. In this paper, we propose a novel method to generate signatures in a fully automatic manner in the form of sort rule from raw packet data captured from network link or end-host. We use a sequence pattern algorithm to generate common substring satisfying the minimum support from traffic flow data. Also, we extract the location and header information of the signature which are the components of snort content rule. When we analyzed the proposed method to several application traffic data, the generated rule could detect more than 97 percentage of the traffic data.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.7
• /
• pp.1330-1338
• /
• 2015

In wireless communication network, the amount of packet data for the video streaming in the playout buffer of the receiver is changed with time according to network condition. If the amount of packet data is less than a specific buffer amount, the buffer underflow problem is generated. On the contrary, if the amount of packet data is more than a given buffer amount, the buffer overflow problem is occurred. When the playout of the video streaming is processed, these buffer underflow and overflow problems cause stop and skip phenomenons and then provide the discontinuity of playout. Therefore, to solve the buffer underflow and overflow problems of the video streaming in wireless communication network, This paper analyzes the combined effect of Token Bucket scheme, which controls the bursty traffic, and AMP(Adaptive Media Playout) scheme, which adaptively changes the playout speed of receiver. Through simulation, we found that the combination of Token Bucket and AMP schemes provides the superiority in terms of the occurrence number of buffer underflow and overflow, the stop duration time and the number of removed frames generated by underflow and overflow, and PSNR.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.7
• /
• pp.1313-1329
• /
• 2015

In MANET, frequent route breaks lead to repeated route discovery process and this increases control packet overhead and packet drop. AODV-I improves performance of AODV by using the event driven approach which removes periodic Hello message. Unlike the Hello message, Interrupt message which is sent for each event can detect and predict the link failure because it allows node to know the status of the neighbor node. From this characteristics of Interrupt message, performance of AODV-I can be further improved by adding a processing procedures for each type of Interrupt message and it is also possible to improve AODV-I by adding the Backup path scheme because it originally has problems due to a single path of AODV. In this paper, we propose AODV-IB that combines improved Backup path scheme and Interrupt message approach of AODV-I in order to reduce transmission delay and the number of route discoveries. AODV-IB improves AODV-I by adding proper processing procedures for the link failure prediction and detection for each Interrupt message. We also implement improved Backup path strategy in AODV-IB by minimizing delay without additional Control packet. Simulation results, using the simulator QualNet 5.0, indicate that proposed AODV-IB performs better than AODV-I.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.12B
• /
• pp.1556-1564
• /
• 2011

The increased life expectancy of human due to the advance of medical techniques has led to many social problems such as rapidly aging populations, increased medical expenses and a lack of medical specialists. Thus, studies on improving the quality of life with the least amount of expense have been going on by incorporating advanced technologies, especially for Personal Health Devices (PHDs), into the medical service market. However, compatibility and extensibility among manufacturers of PHDs have not been taken into account in most of the researches done on the development of PHDs because most of them have been supported by individual medical organizations. The interoperability among medical organizations can not be guaranteed because each medical organization uses different format of the messages. Therefore, in this paper, an expansion module that can enable commercially-available non-standard PHDs to support the IEEE 11073, and a smart-phone-based manager that can support easy and comprehensive management on receiving and transmitting the collected data from each PHD using IEEE 11073 standard were developed. In addition, a u-health system that can transmit the data collected in the manager using the standard data format HL 7 to medical center for real-time medical service from every medical institutions that support this standard was designed and developed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.12B
• /
• pp.1450-1458
• /
• 2011

The HPcN (Hybrid & high Performance Convergence Network) in research networks means environment which can provide both computing resource such as supercomputer, cluster and network resource to application researchers in the field of medical, bio, aerospace and e-science. The most representative research network in Korea, KREONET has been developing following technologies through the HERO (Hybrid Networking project for research oriented infrastructure) from 200S. First, we have constructed and deployed a control plane technology which can provide a connection oriented network dynamically. Second, the integrated resource management system technology has been developing for reservation and allocation of both computing and network resources, whenever users want to utilize them. In this paper, a testbed network is presented, which is possible to reserve and allocate network resource using the integrated resource management system. We reserve network resource through GNSI (Grid Network Service Interface) messages between GRS (Global Resource Scheduler) and NRM (Network Resource Manager) and allocate network resource through GUNI (Grid User Network Interface) messages between the NRM (network resource manager) and routers, based on reservation information provided from a user on the web portal. It is confirmed that GUNI interface messages are delivered from the NRM to each router at the starting of reservation time and traffic is transmitted through LSP allocated by the NRM.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.12B
• /
• pp.1744-1751
• /
• 2011

The concept of the advanced concept technology demonstration (ACTD) has previously been introduced in USA in order to make it possible to rapidly transfer advanced technologies developed in commercial sectors to develop weapon systems in the defense area. Since then in Korea several ACTD programs have been developed and being carried out However, there are few program management methods suitable for the characteristics of the ACTD programs, which requires stringent management of the program requirements and risks due to the radically shortened development time. In this paper such a problem has been addressed and as a solution approach the quality function deployment (QFD) method has been adopted, which is being served as a successful model in various areas such as manufacturing. The QFD method is used in our study to improve communication between various stakeholders involved in the ACTD programs and also to reduce risks related to requirements. Specifically we have developed the ACTD standard templates based on the QFD method and discussed how to use the developed templates. Finally, the application of the study result is demonstrated through the ACTD program of flight information demonstration system and also specific ways are suggested to use the standard templates, to manage requirements, and to reduce risks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.4A
• /
• pp.369-379
• /
• 2011

During the routing process between nodes on the CR(Cognitive Radio) network conducting for efficient use of limited frequency resources, spectrum handover process due to the appearance of the PU occupies most of the routing latency, and also decreases the reliability of the path. In this paper, a cooperative routing protocol in a multi-channel environment is proposed. The source node broadcasts a message with available channel lists and probability of PU appearance during its route guidance. The intermediate nodes re-transmit the message, received from the source node, and update and maintain the information, status table of the path. The destination node determines the optimal path and sends a reply message to the selected path after it receives the messages from the intermediate nodes. The average probability of the PU appearance and the average time of the PU appearance are updated while transferring data. During data transmission the channel with the lowest probability of appearance of the PU is selected dynamically and if a PU appears on the current channel partial repairment is performed. It is examined that reliability of the selected path considerably is improved and the routing cost is reduced significantly compared to traditional routing methods.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.2A
• /
• pp.172-178
• /
• 2011

In this paper, the performance of bit interleaved of coded and modulation(BICM) module of the second generation of digital terrestrial television broadcasting system(DVB-T2) is evaluated with the help of computer simulation. The frame error rate performance is studied in AWGN, Rayleigh fading and 15% erasure channels. In addition, iterative receiver is considered that exchanges extrinsic information between the rotated demapper and the LDPC decoder. Through the simulation it is observed that under the flat fading Rayleigh channel, about 1.2dB gain at FER of $10^{-4}$ is introduced when rotated constellation and iterative demapping and decoding are employed. Under the 15% earasure channel, rotated constellation gives performance gain of about 5dB at BER of $10^{-4}$ and when IDD is applied, additional performance gain of about 3dB can be achieved.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.12B
• /
• pp.1509-1521
• /
• 2011

WfMC, which is one of the international standardization organizations leading the business process and workflow technologies, has been officially released the BPAF1.0 that is a standard format to record process instances' event logs according as the business process intelligence mining technologies have recently issued in the business process and workflow literature. The business process mining technologies consist of two groups of algorithms and their analysis techniques; one is to rediscover flow-oriented process-intelligence, such as control-flow, data-flow, role-flow, and actor-flow intelligence, from process instances' event logs, and the other has something to do with rediscovering relation-oriented process-intelligence like process-driven social networks and process-driven affiliation networks from the event logs. The current standardized format of BPAF1.0 aims at only supporting the control-flow oriented process-intelligence mining techniques, and so it is unable to properly support the relation-oriented process-intelligence mining techniques. Therefore, this paper tries to extend the BPAF1.0 so as to reasonably support the relation-oriented process-intelligence mining techniques, and the extended BPAF is termed BPAF2.0. Particularly, we have a plan to standardize the extended BPAF2.0 as not only the national standard specifications through the e-Business project group of TTA, but also the international standard specifications of WfMC.