• Journal of Digital Contents Society
• /
• v.19 no.4
• /
• pp.711-717
• /
• 2018

The breakthrough in computer and network has facilitated a variety of information exchange. However, at the same time, malicious users and groups are attacking vulnerable systems. Intrusion Detection System(IDS) detects malicious behaviors through network packet analysis. However, it has a burden of processing a large amount of packets in a short time. Therefore, in order to solve these problem, we propose a network intrusion detection system that operates at kernel level to improve detection performance at user level. In fact, we confirmed that the network intrusion detection system implemented at kernel level improves packet analysis and detection performance.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.11 no.10
• /
• pp.1003-1008
• /
• 2016

Recently hospitals have divided into many divisions, specialized the medical service, and shown organic cooperation, all to provide patients with various and high quality medical service. They have also showed improvement in information protection by introducing an information protection system to regulate the access to patients' medical and personal information. The purpose of this paper is to present a case study to implement of a limited hospital medical information system that can regulate the access to medical information. For this, a router-based virtual network applying an ACL(: Access Control List) to regulate access to information was made using a packet tracer.

• The Journal of the Korea Contents Association
• /
• v.10 no.3
• /
• pp.101-112
• /
• 2010

The recent trend of the hacking deals with all the IT infrastructure related to the profit of the companies. Presently, they attack the service itself, the source of the profit, while they tried to access to the service infrastructure through the non-service port in the past. Although they affect the service directly, it is difficult to block them with the old security solution or the old system and they threaten more and more companies with the demand of money menacing the protection of customers and the sustainable management. This paper aims to design and implement multi-platform network packet scanner targeting the exception handling network intrusion detection system which determines normal, abnormal by traffic. Linux and unix have the various network intrusion detection and packet management tools like ngrep, snort, TCPdump, but most of them are based on CUI (Character based User Interface) giving users discomfort who are not used to it. The proposed system is implemented based on GUI(Graphical User Interface) to support the intuitive and easy-to-use interface to users, and using Qt(c++) language that supports multi-platform to run on any operating system.

• ETRI Journal
• /
• v.27 no.5
• /
• pp.595-607
• /
• 2005

The widespread use of the Internet has led to the problem of intellectual property and copyright infringement. Digital rights management (DRM) technologies have been developed to protect digital content items. Digital content can be classified into static content (for example, text or media files) and dynamic content (for example, VOD or multicast streams). This paper deals with the protection of a multicast stream on set-top boxes connected to an IP network. In this paper, we examine the following design and architectural issues to be considered when applying DRM functions to multicast streaming service environments: transparent streaming service and large-scale user environments. To address the transparency issue, we introduce a 'selective encryption scheme'. To address the second issue, a 'key packet insertion scheme' and 'hierarchical key management scheme' are introduced. Based on the above design and architecture, we developed a prototype of a multicasting DRM system. The analysis of our implementation shows that it supports transparent and scalable DRM multicasting service in a large-scale user environment.

• Journal of Power Electronics
• /
• v.16 no.4
• /
• pp.1526-1540
• /
• 2016

This work mainly discusses an accurate and fast islanding detection based on fractional wavelet packet transform (FRWPT)for multibus microgrid systems. The proposed protection scheme uses combined desirable features retrieved from discrete fractional Fourier transform (FRFT) and wavelet packet transform (WPT) techniques, which provides precise time-frequency information on minute perturbation signals introduced in the system. Moreover, this study focuses on the design of decoupling control with a distributed controller based on state feedback for the efficient operation of microgrid systems that are transitioning from the grid-connected mode to the islanded mode. An IEEE 9-bus test system with inverter based distributed generation (DG) units is considered for islanding assessment and smooth operation. Finally, tracking errors are greatly reduced with stability improvement based on the proposed controller. FRWPT based islanding detection is demonstrated via a time domain simulation of the system. Simulated results show an improvement in system stability with the application of the proposed controller and accurate islanding detection based on the FRWPT technique in comparison with the results obtained by applying the wavelet transform (WT) and WPT.

• Journal of Communications and Networks
• /
• v.6 no.3
• /
• pp.280-286
• /
• 2004

The widespread use of the Internet and the maturing of digital video technology have led to an increase in various streaming media application. However, new classes of hosts such as mobile devices are gaining popularity, while the transmission became more heterogeneous. Due to the characteristics of mobile networks such as low speed, high error bit rate, etc., the applications over the wireless channel have different needs and limitations from desktop computers. An intermediary between two communicating endpoints to hide the heterogeneous network links is thought as one of the best approaches. In this paper, we adopted the concept of inter-packet gap and the sequence number between continuously received packets as the error discriminator, and designed an adaptive packet sizing mechanism to improve the network efficiency under varying channel conditions. Based on the proposed mechanism, the packetization scheme with error protection is proposed to scalable encoded video delivery. Finally, simulation results reveal that our proposed mechanism can react to the varying BER conditions with better network efficiency and gain the obvious improvement to video quality for stored MPEG-4 FGS video delivery.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.59-65
• /
• 2012

Emergency medical information center performs role of medical direction about disease consult and pre-hospital emergency handling scheme work to people. Emergency medical information system plays a major role to be decreased mortality and disability of emergency patient by providing information of medical institution especially when emergency patient has appeared. But, various attacks as a hacking have been happened in Emergency medical information system recently. In this paper, we proposed security structure which can protect the system securely by detecting attacks from outside effectively. Intrusion detection was performed using rule based detection technique according to protocol for every packet to detect attack and intrusion was reported to control center if intrusion was detected also. Intrusion detection was performed again using decision tree for packet which intrusion detection was not done. We experimented effectiveness using attacks as TCP-SYN, UDP flooding and ICMP flooding for proposed security structure in this paper.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.1B
• /
• pp.52-63
• /
• 2004

Packet loss process of cdma2000 mobile Internet channel deployed in Korea is modeled as a two state Markov process known as Gilbert model. This paper proposes the procedures to derive four parameters of the our modified Gilbert model from packet loss trace taken from two major cdma2000 networks in Korea. These four parameters are derived in various situations, that is, with fixed and moving terminals, in open field and urban areas. They can be used to produce synthetic packet loss patterns for study of the channel. Moreover, if they are calculated on-line during multimedia service, they can be used to make loss protection controls adaptive to network condition.

• The Journal of the Korea Contents Association
• /
• v.8 no.7
• /
• pp.43-52
• /
• 2008

The AODV routing algorithm in a mobile ad-hoc networks broadcasts RREQ packet to find a route from a source to a destination. An attacker node may intercept a RREQ packet and attack by falsifying a field in that packet. In this paper, we propose a simply modified method which can protect a routing table from an attack to falsify the hop count field in the RREQ packet. When establishing a connection between a source and a destination, we update routing table of each node on the connection based on minimum delay instead of minimum hop count. By doing this, we can protect routing table from an attack to falsify a hop count Our simulation is implemented in Network Simulator(NS-2). We analyze how an attacker affects the mobile ad-hoc networks. The result of the simulation shows that the proposed mechanism transfers a data securely.

• Proceedings of the KSR Conference
• /
• 2009.05a
• /
• pp.396-405
• /
• 2009

An interlocking equipment of railway signalling systems should have very high functional safety and reliability properties because of its vital railway protection functionality. In order to achieve the required safety and reliability level, an engineer, in general, designs and implements the interlocking equipment to operate under RTOS(Realtime Operating System) environment, and the control hardware architecture redundant to cope with the random failures of system or subsystem. In such an architecture, it's very difficult to implement the interlocking equipment to communicate with various interface systems including the signal operator's terminal. In this paper, we propose a dual ethernet network topology and dual packet seamless transfer protocol algorithm for railway signaling system such as the interlocking equipment. We verify in this paper that the proposed DPST protocol algorithm has the evidence of its robust properties against the random hardware faults and communication errors. The proposed communication structure and algorithm is implemented in the electronic interlocking equipment for the private railway system of Hyundai Steel Company and its performance and properties are validated on the guideline of European Railway Standard EN50159.