• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.775-784
• /
• 2019

Malware infringement attacks are continuously increasing in various environments such as mobile, IOT, windows and mac due to the emergence of new and variant malware, and signature-based countermeasures have limitations in detection of malware. In addition, analytical performance is deteriorating due to obfuscation, packing, and anti-VM technique. In this paper, we propose a system that can detect malware based on machine learning by using similarity hashing-based pattern detection technique and static analysis after file classification according to packing. This enables more efficient detection because it utilizes both pattern-based detection, which is well-known malware detection, and machine learning-based detection technology, which is advantageous for detecting new and variant malware. The results of this study were obtained by detecting accuracy of 95.79% or more for benign sample files and malware sample files provided by the AI-based malware detection track of the Information Security R&D Data Challenge 2018 competition. In the future, it is expected that it will be possible to build a system that improves detection performance by applying a feature vector and a detection method to the characteristics of a packed file.

• Journal of the Institute of Convergence Signal Processing
• /
• v.19 no.2
• /
• pp.47-53
• /
• 2018

This paper proposes a method to express an MP3 audio file by a series of color QR codes which can be printed on the paper. Moreover, the method can compress the data considerably. Firstly, an MP3 file is divided into many small files which have maximum capacity of binary file of a QR code. Secondly, the multiple files are converted to multiple black-and-white QR codes. Lastly, every three QR codes are combined into color QR codes. When combining, each of three black-and-white QR codes are regarded as red, green, blue components respectively. In this method, the areas of a color QR code where two QR codes are overlapped are expressed by the colors Cyan, Magenta and Yellow. And the areas where three components are overlapped are expressed by white color. Contrarily, the areas that no components are overlapped are expressed by white color. Experimentation result shows that an MP3 file with 8.5MB the original MP3 files are compressed with the compression rate around 15.7. This method has the advantage that can be used in the environments that the internet access is impossible.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.177-181
• /
• 2016

This paper analyzes the host cache effectiveness in full virtualization, particularly associated with journaling of guests. We observe that the journal access of guests degrades cache performance significantly due to the write-once access pattern and the frequent sync operations. To remedy this problem, we design and implement a novel caching policy, called PDC (Pollution Defensive Caching), that detects the journal accesses and prevents them from entering the host cache. The proposed PDC is implemented in QEMU-KVM 2.1 on Linux 4.14 and provides 3-32% performance improvement for various file and I/O benchmarks.

• Journal of Korea Multimedia Society
• /
• v.11 no.10
• /
• pp.1420-1426
• /
• 2008

The most recent programs tend to use picture or audio files which need mass storage resources. For these mass storages, the performance of automatic management decreases as the sizes of these resources increases. Moreover, the more the number of resources increases, the more the management of resources gets difficult. This paper suggests a resource management system to which the interface of tree-structure file system is applied in order to increase convenience and efficiency. The system uses the access technique based on character string path to have more compatibility, and supports tree structure which is more systematic. Further, it supports virtual nodes to show high performance. The system can be used to control resources from outside as well as inside of processes.

• Korean Journal of Computational Design and Engineering
• /
• v.15 no.5
• /
• pp.354-361
• /
• 2010

The paper presents an efficient computation of optimal tool length for 5-axis mold & die machining. The implemented procedure processes an NC file as an initial input, where the NC data is generated by another commercial CAM system. A commercial CAM system generates 5-axis machining NC data which, in its own way, is optimal based on pre-defined machining condition such as tool-path pattern, tool-axis control via inclination angles, etc. The proper tool-length should also be provided. The tool-length should be as small as possible in order to enhance machinability as well as surface finish. A feasible tool-length at each NC block can be obtained by checking interference between workpiece and tool components, usually when the tool-axis is not modified at this stage for most CAM systems. Then the minimum feasible tool-length for an NC file consisting of N blocks is the maximum of N tool-length values. However, it can be noted that slight modification of tool-axis at each block may reduce the minimum feasible tool-length in mold & die machining. This approach can effectively be applied in machining feature regions such as steep wall or deep cavity. It has been implemented and is used at a molding die manufacturing company in Korea.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.5
• /
• pp.272-284
• /
• 2010

Flash Memory differs from the hard disk, because it cannot be overwritten. Most of the flash memory file systems use not-in-place update mechanisms for the update. Flash memory file systems execute sometimes block cleaning process in order to make writable space while performing not-in-place update process. Block cleaning process collects the invalid pages and convert them into the free pages. Block cleaning process is a factor that affects directly on the performance of the flash memory. Thus this paper suggests the efficient page allocation method, which reduces block cleaning cost by minimizing the numbers of block that has valid and invalid pages at a time. The result of the simulation shows an increase in efficiency by reducing more block cleaning costs than the original YAFFS.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.2 no.3
• /
• pp.204-209
• /
• 2002

The interest of data mining in artificial intelligence with fuzzy logic has been increased. Data mining is a process of extracting desirable knowledge and interesting pattern ken large data set. Because of expansion of WWW, web data is more and more huge. Besides mining web contents and web structures, another important task for web mining is web usage mining which mines web log data to discover user access pattern. The goal of web usage mining in this paper is to find interesting user pattern in the web with user feedback. It is very important to find user's characteristic fer e-business environment. In Customer Relationship Management, recommending product and sending e-mail to user by extracted users characteristics are needed. Using our method, we extract user profile from the result of web usage mining. In this research, we concentrate on finding association rules and verify validity of them. The proposed procedure can integrate fuzzy set concept and association rule. Fuzzy association rule uses given server log file and performs several preprocessing tasks. Extracted transaction files are used to find rules by fuzzy web usage mining. To verify the validity of user's feedback, the web log data from our laboratory web server.

• 한국HCI학회:학술대회논문집
• /
• 2009.02a
• /
• pp.158-162
• /
• 2009

Sound effects coming with appropriate tactile stimuli can strengthen its reality. For example, gunfire in games and movies, if it is accompanied by vibrating effects, can enhance the impressiveness. On a similar principle, adding the vibration information to existing sound data file and playing sound while generating vibration effects through haptic interfaces can augment the sound experience. In this paper, we propose a method to generate vibration information by analyzing the sound. The vibration information consists of vibration patterns and the timing within a sound file. Adding the vibration information is labor-intensive if it is done manually. We propose a sound detection algorithm to search the moments when specific sounds occur in a sound file and a method to create vibration effects at those moments. The sound detection algorithm compares the frequency characteristic of specific sounds and finds the moments which have similar frequency characteristic within a sound file. The detection ratio of the algorithm was 98% for five different kinds of gunfire. We also develop a GUI based vibrating pattern editor to easily perform the sound search and vibration generation.

• The KIPS Transactions:PartD
• /
• v.13D no.7 s.110
• /
• pp.1027-1038
• /
• 2006

There are many technical problems in the recommendation system based on very large database(VLDB). So, it is necessary to study the recommendation system' structure and the data-mining technique suitable for the large scale Internet shopping mail. Thus we design and implement the product recommendation system using k-means clustering algorithm and sequential pattern technique which can be used in large scale Internet shopping mall. This paper processes user information by batch processing, defines the various categories by hierarchical structure, and uses a sequential pattern mining technique for the search engine. For predictive modeling and experiment, we use the real data(user's interest and preference of given category) extracted from log file of the major Internet shopping mall in Korea during 30 days. And we define PRP(Predictive Recommend Precision), PRR(Predictive Recommend Recall), and PF1(Predictive Factor One-measure) for evaluation. In the result of experiments, the best recommendation time and the best learning time of our system are much as O(N) and the values of measures are very excellent.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.658-661
• /
• 2008

As network security is coming up with significant problem after the major Internet sites were hacked nowadays, IDS(Intrusion Detection System) is considered as a next generation security solution for more trusted network and system security. We propose the new IDS model which can detect intrusion in the expanded distribute environment in host level, drawback of existing IDS, and implement prototype. We used pattern extraction agent so that we extract automatically audit file needed in intrusion detection even in other platforms.