• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.115-117
• /
• 2001

대부분의 embedded system에서 hard-disk 대용으로 flash memory를 사용하고 있으며, flash device에 압축 커널이미지와 root file system image를 가지고 있다. Booting 고정 중 커널의 압축이 풀리고 메모리에 로드되어 제어를 넘겨받으면 flash memory 상에 존재하는 root file system image를 ramdisk의 image로 로드하여 시스템은 결국 ramdisk에 root file system을 가지게 된다. Ramdisk 상의 프로그램을 실행하기 위해 메모리로 실행파일 이미지를 copy하는 과정을 피하고 ramdisk 상의 이미지를 바로 프로세스의 virtual memory area에 직접 매핑 시켜 주는 XIP(eXection-In-Place)를 구현함으로써 많은 메모리 절감 효과를 얻을 수 있다. 본 연구에서는 ramdisk를 root file system으로 사용하는 embedded system에서의 XIP 구조를 설계하고 구현하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.121-123
• /
• 2001

최근 인터넷관련 기술은 사용의 편의성이 강조되고 있다. 이에 많은 연구자들은 언제 어디서나 사용자만의 컴퓨터환경을 제공하는 가상 OS(WebOS: Web Operating System)를 개발하였다[1,2,3]. 그러나 가상 OS를 구현할 때 기존 시스템(Unix, Linux, Windows등)의 File System을 사용하면 시스템의 정보를 사용자가 예측할 수 있기 때문에 시스템 안전성 문제가 발생할 수 있다. 본 논문에서는 기존 시스템의 File System을 이용하지 않고 가상의 File System을 사용함으로써 기존 시스템보다 안전하며 향후 가상 OS에서 개발되어질 프로그램들에 사용할 수 있는 DB구조의 File System을 설계 및 구현한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4B
• /
• pp.397-402
• /
• 2004

In this paper, we have designed and simulated a new file transmission method. This method restricts memory copy and context switching happened in traditional file transmission. This method shows an improved performance than traditional method in network environment. When the UNIX/LINUX system that uses the existing file transfer technique transmits a packet to the remote system, a memory copy between the user and kernel space occurs over twice at least. Memory copy between the user and kernel space increase a file transmission time and the number of context switching. As a result, the existing file transfer technique has a problem of deteriorating the performance of file transmission. We propose a new algorithm for solving these problems. It doesn't perform memory copy between the user and kernel space. Hence, the number of memory copy and context switching is limited to the minimum. We have modified the network related source code of LINUX kernel 2.6.0 to analyzing the performance of proposed algorithm and implement new network system calls.

• Journal of Internet Computing and Services
• /
• v.6 no.4
• /
• pp.47-58
• /
• 2005

There are two major type of flash memory products, namely, NAND-type and NOR-type flash memory. NOR-type flash memory is generally deployed as ROM BIOS code storage because if offers Byte I/O and fast read operation. However, NOR-type flash memory is more expensive than NAND-type flash memory in terms of the cost per byte ratio, and hence NAND type flash memory is more widely used as large data storage such as embedded Linux file systems. In this paper, we designed an efficient flash memory file system based an Embedded system and presented to make up for reduced to Swapping a weak System Performance to flash file system using NAND-type flash memory, then proposed Swapping algorithm insured to an Execution time. Based on Implementation and simulation studies, Then, We improved performance bases on NAND-type flash memory to the requirement of the embedded system.

• The Journal of the Korea Contents Association
• /
• v.5 no.5
• /
• pp.182-190
• /
• 2005

As computers and Internet become popular, many corporations and countries are using information protection system and security network to protect their informations and resources in internet. But the Intrusional possibilities are increases in open network environments such as the Internet. Even though many security systems were developed, the implementation of these systems are mostly application level not kernel level. Also many file protection systems were developed, but they aren't used widely because of their inconvenience in usage. In this paper, we implement a kernel module to support a file protection function using Loadable Kernel Module (LKM) on Linux. When a system is damaged due to intrusion, the file system are easily recovered through periodical file system image backup.

• Annual Conference of KIPS
• /
• 2001.10a
• /
• pp.271-274
• /
• 2001

프로세스와 디스크 입출력 속도를 비교해보면, 디스크 입출력의 속도가 휠씬 더 느리다. 따라서 디스크 입출력은 현재의 컴퓨팅 환경에서 병목현상이 되고있다. PFSL(Parallel File System for Linux)은 이런 문제를 해결하기 위한 클러스터링 환경의 병렬 파일 시스템이다. PFSL은 리눅스 머신 상에서 POSIX 스레드 라이브러리를 이용하여 멀티 스레드로 수행된다. 이 논문에서는 PFSL의 성능을 개선하기 위해 클러스터 환경의 작업 부하에 적합하도록 설계한 이중 캐쉬 구조를 소개하고자 한다.

• 제어로봇시스템학회:학술대회논문집
• /
• 2000.10a
• /
• pp.88-88
• /
• 2000

As more and more critical commercial applications move on the Internet, providing highly available servers becomes increasingly important. One of the advantages of a clustered system is that it has hardware and software redundancy. High availability can be provided by detecting node or daemon failure and reconfiguring the system appropriately so that the workload can be taken over bi the remaining nodes in the cluster. This paper presents how to provide the guaranteeing high availability of clustering web server. The load balancer becomes a single failure point of the whole system. In order to prevent the failure of the load balancer, we setup a backup server using heartbeat, fake, mon, and checkpointing fault-tolerance method. For high availability of file servers in the cluster, we setup coda file system. Coda is a advanced network fault-tolerance distributed file system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.3
• /
• pp.557-567
• /
• 2018

There are currently various file encryption solutions for encrypting and storing files on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this paper, we propose a system call supporting partial encryption function of the file. The user sets the encryption information with the system call interface at a portion where encryption of the file data is desired. And then the user writes file data, the data is encrypted and stored. Also if the user sets decryption information and reads the file data, the necessary part is decrypted by applying the set information. For the proposed system call, It consists of inspection module, management module, encryption module, decryption module, and HMAC module as per required system call. And it was implemented on the Linux environment. Also the operation of implemented system call was verified on the development board, and the performance was analyzed by measuring performance speed.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.43-50
• /
• 2005

This paper is about the method that chases the Linux kernel backdoor intruder and copes with the kernel backdoor attack. We have a limit to trace the hacker with the current log analysing method because the hacker generally removes the log file and use the forge IP information. I propose the solution to solve the problem with the DeFor system. Through the restoration of the deleted log file, analysis of it and full HDD image, promptly quick response, it is possible to trace hacker spot and reduce hacking damage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.77-91
• /
• 2019

Recent Linux operating systems having been increasingly used, ranging from automotive consoles, CCTV, IoT devices, and mobile devices to various versions of the kernel. Because these devices can be used as strong evidence in criminal investigations, there is a risk of destroying evidence through file deletion. Ext filesystem forensics has been studied in depth because it can recovery deleted files without depending on the kind of device. However, studies have been carried out without consideration of characteristics of file system which may vary depending on the kernel. This problem can lead to serious situations, such as those that can impair investigative ability and cause doubt of evidence ability, when an actual investigation attempts to analyze a different version of the kernel. Because investigations can be performed on various distribution and kernel versions of Linux file systems at the actual investigation site, analysis of the metadata changes that occur when files are deleted by Linux distribution and kernel versions is required. Therefore, in this paper, we analyze the difference of metadata according to the Linux kernel as a solution to this and recovery deleted file. After that, the investigating agency needs to consider the metadata change caused by the difference of Linux kernel version when performing Ext filesystem forensics.