• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.337-340
• /
• 2022

SQL Injection attacks are one of the older attack techniques and are the dominant type of hacking attempts against web services. There have been many attempts to hack SQL injection attacks by exposing data or obtaining privileges. In this paper, we implement a log analysis system that can respond to SQL injection attacks in real time using the open source ELK Stack. did. By providing a visualization of SQL injection attack log data through the implemented system, it is expected that users will be able to easily grasp the degree of attack risk and quickly prepare for attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.333-336
• /
• 2022

With the development of IT technology, cybercrime is becoming sophisticated and intelligent. In particular, in the case of BackDoor, which is used in the APT attack (intelligent continuous attack), it is very important to detect malicious behavior and respond to infringement because it is often unaware that it has been damaged by an attacker. This paper aims to build an EDR platform that can monitor, analyze, and respond to malicious behavior in real time by collecting, storing, analyzing, and visualizing logs in an endpoint environment in real time using open source-based analysis solutions ELK Stack and Sysmon.

• Transactions of the Korean hydrogen and new energy society
• /
• v.20 no.3
• /
• pp.202-207
• /
• 2009

A 75kW MCFC stack with the reactive area of 9,600cm$^2$ has been operated and validated in Boryeong thermal power plant. The 75kW MCFC stack was installed at the end of November 28, 2008 and started initial operation on December 23, 2008 after pretreated for about 20 days. At initial load operation, the stack showed the Open Circuit Voltage of 137V, which approaches the theoretical value. At the early stage of rated power operation, the stack displayed the voltage of 104V at the current of 754A and reached the maximum generating power of 78.5kW DC. This stack has been operated for 2,890 hours until April, 2009. In addition, the operation time of rated power records 1890 hours. This Operating result is scheduled to be reflected the design of l25kW stack.

• Electronics and Telecommunications Trends
• /
• v.31 no.6
• /
• pp.67-76
• /
• 2016

Promise는 OPNFV의 자원 예약 및 할당, 용량 관리 프로젝트이다. 자원을 많이 필요로 하는 월드컵 경기나 쓰나미 경보 같은 재해를 대비한 자원 예약을 통해 끊임없는 서비스를 제공하기 위함이다. 그러나 기능 구현을 위해 OpenStack 내 많은 컴포넌트의 수정이 필요한 어려운 점이 있다. 그래서 Phase2의 OpenStack 과의 통합된 모델을 목표로, 현재의 Phase1은 Shim-layer 구현물 단계에 있다. Shim-layer는 Node.js 위에서 실행되는 YangForge 프레임워크로 기술된다. 이는 Yang 데이터 모델링로서 스키마를 표현하고, 컨트롤 로직은 YAML로, 설정 데이타는 JSON으로, JavaScript를 만드는 CoffeeScript 언어로서 스펙을 기술한다. 인터페이스는 CLI, Web GUI, REST/JSON, WebSockets이다. 이를 OPNFV summit 2015년 11월에 데모한 바 있다. 이 프로젝트를 분석을 통해 용량 관리, 자원 예약 및 자원 할당하는 예약기법들을 살펴보고자 한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.01a
• /
• pp.155-158
• /
• 2015

클라우드 컴퓨팅 기술의 발전과 맞물려서 이를 위한 많은 플랫폼들이 제안되고 있다. Amazon이나 Google 등의 세계적인 기업들을 이미 자신들 만의 플랫폼을 구축하여 안정적으로 서비스를 제공하고 있으며 오픈소스 커뮤니티들이 주도 하는 오픈 플랫폼들도 속속 등장하여 발전을 거듭하고 있다. 본 논문에서는 가장 대표적이고 널리 사용되는 오픈소스 기반의 클라우드 컴퓨팅 플랫폼들을 분석하고 그 기능들을 서로 비교해서 사용자가 자신의 요구사항에 가장 적합한 플랫폼을 선택할 수 있게 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.253-254
• /
• 2015

계산과학분야에서 컴퓨팅자원을 사용하는 사용자들은 수천 개의 CPU 규모의 클러스터단위로 컴퓨팅 자원을 사용한다. 자원의 크기에 따라 작업 실행 시간이 줄어들기 때문에 사용자들이 정확하고 빠른 연구결과를 얻기 위해서는 많은 컴퓨팅자원이 필요하다. 하지만 컴퓨팅자원의 한계와 비용의 문제로 모든 사용자들이 원하는 자원을 할당 받지 못한다. 본 논문에서는 컴퓨팅자원을 가상머신 클러스터 단위로 제공하는 방법과 자원의 낭비를 줄이기 위한 가상머신 동적 할당방법을 구현하였다.

• Journal of Internet Computing and Services
• /
• v.20 no.1
• /
• pp.67-75
• /
• 2019

The Android container is used for various purposes such as Bring Your Own Device (BYOD) solution and Android malware analysis. The strong point of android container than other technologies is it can simulate an android device like a real android phone on a hardware layer. Therefore, automatic management solutions for android container are necessary. This paper introduces a new design of cloud-based management solution for android containers. Through the proposal, android containers are managed automatically from a cloud platform - OpenStack with various tasks like: container configuration, deployment, destroy, android version, hardware device. In addition, the system monitoring and system statistics for android containers and hardware devices are also provided.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.7
• /
• pp.2434-2454
• /
• 2021

This paper developed the software testing factory-cloud testing platform (STF-CTP) to address the software compatible issues in various smart devices. Software developers who only require uploading the application under test (AUT) and test script can test plenty of smart devices in STF-CTP. The challenge for the cloud test platform is how to optimize the resource and increase the performance in the limited resource. This paper proposed a new scheduling mechanism and a new process of the system operation which is based on the OpenStack platform. We decrease about 40% memory usage of OpenStack server, increase 3% to 10% Android device usage of STF-CTP, enhance about 80% test job throughput and reduces about 40% test job average waiting time.

• Journal of the Korean Society for Library and Information Science
• /
• v.28
• /
• pp.23-70
• /
• 1995

This study is to survey the present book numbers used in Korean libraries. to analyze their problems. and to suggest improvement in the book numbers. As the results of the survey several suggestions are derived as follows. 1. The education to the librarians about the kinds and the application methods of the book numbers used in Korean libraries should be sufficiently offered. 2. The present book numbers used should be expanded in detail for avoiding the duplication of the call numbers. Also when book numbers are assigned. shelf list cards should be examined one by one not to give the same number. If the book numbers are overlapped in the state not to expand further. libraries should establish a detailed expansion rules according to their respective situation and maintain it consistently. However, it is impossible for libraries operating open stack systems to arrange books on the shelves in call number sequence, therefore libraries can solve the problems as they accept duplication cases. 3. Since the object word of main mark IS a heading In main entry, we must apply cataloging rules to it closely. 4. For expanding book numbers widely it is desirable that the subsidiary mark of the book numbers which is the most prevalent in general and will be the most preferable In the future through the survey should be added and be provided. 5. The book numbers used being changed, we are to assign new book number leaving former materials as they are at the point of adopting a new book number. So aged materials are stored in a repository or on a compact shelf in the stack, will be discarded or weeded according to subjects after a certain period of time. 6. With library automation bringing together all the books of an author in a particular subject or in a particular form and avoiding completely duplication in open stack systems are meaningless. Rather than chronological book numbers, distinguishing clearly new materials from aged materials and controlling the stack spaces mechanically and effectively, can be regarded as the most modern and future-oriented of all the book numbers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.1
• /
• pp.83-102
• /
• 2024

Recently, as the use of the cloud increases year by year and remote work within the enterprise has become one of the new types of work, the security of the cloud-based remote work environment has become important. The introduction of zero trust is required due to the limitations of the existing perimeter security model that assumes that everything in the internal network is safe. Accordingly, NIST and DoD published standards related to zero trust architecture, but the security requirements of that standard describe only logical architecture at the abstract level. Therefore, this paper intends to present more detailed security requirements compared to NIST and DoD standards by performing threat modeling for OpenStack clouds. After that, this research team performed a security analysis of commercial cloud services to verify the requirements. As a result of the security analysis, we identified security requirements that each cloud service was not satisfied with. We proposed potential threats and countermeasures for cloud services with zero trust, which aims to help build a secure zero trust-based remote working environment.