• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.11-18
• /
• 2012

Deep packet inspection which perform pattern matching to search for malicious patterns in the packet is most computationally intensive task. Hardware-based pattern matching is required for real-time packet inspection in high-speed network. In this paper, we have designed and implemented network intrusion detection hardware as a Microblaze-based SoC using Virtex-6 FPGA, which capture the network input packet, perform hardware-based pattern matching for patterns in the Snort rule, and provide the matching result to the software. We verify the operation of the implemented system using traffic generator and real network traffic. The implemented hardware can be used in network intrusion detection system operated in wire-speed.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.1-11
• /
• 2006

The exponential increase of malicious and criminal activities in cyber space is posing serious threat which could destabilize the foundation of modem information society. In particular, unexpected network paralysis or break-down created by the spread of malicious traffic could cause confusion and disorder in a nationwide scale, and unless effective countermeasures against such unexpected attacks are formulated in time, this could develop into a catastrophic condition. As a result, there has been vigorous effort and search to develop a functional state-level cyber-threat early-warning system however, the efforts have not yielded satisfying results or created plausible alternatives to date, due to the insufficiency of the existing system and technical difficulties. The existing cyber-threat forecasting and early-warning depend on the individual experience and ability of security manager whose decision is based on the limited security data collected from ESM (Enterprise Security Management) and TMS (Threat Management System). Consequently, this could result in a disastrous warning failure against a variety of unknown and unpredictable attacks. It is, therefore, the aim of this research to offer a conceptual design for "Knowledge-based Real-Time Cyber-Threat Early-Warning System" in order to counter increasinf threat of malicious and criminal activities in cyber suace, and promote further academic researches into developing a comprehensive real-time cyber-threat early-warning system to counter a variety of potential present and future cyber-attacks.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.52 no.6
• /
• pp.21-31
• /
• 2015

The Internet users want to get real-time services for various multi-media applications. Network traffic rate has been rapidly increased, and data amounts that the Internet has to carry have been exponentially increased. A packet is the basic unit in transferring data at the Internet, and packet classification is one of the most challenging functionalities that routers should perform at wire-speed. Among various known packet classification algorithms, area-based quad-trie (AQT) algorithm is one of the efficient algorithms which can lookup five header fields simultaneously. As a representative space decomposition algorithm, the AQT requires a small amount of memory in storing classification rules, but it does not provide high-speed classification performance. In this paper, we propose a new packet classification algorithm by applying a binary search for the codewords of the AQT to overcome the issue of the AQT. Throughout simulation, it is shown that the proposed algorithm provides a better performance than the AQT in the number of rule comparisons with each input packet.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2015.10a
• /
• pp.87-90
• /
• 2015

Equipments that can transmit maritime distress signals in accordance to Global Maritime Distress Safety System are the followings: A1 water(Very High Frequency, SART), A2 water(MF/HF Radio Equipment), A3 water(INMARSAT), A4 water(Emergency Position Indicating Radio Beacon). Institutions with the capacity to receive distress signals are Korea Coast Guard affiliated radio stations, patrol ships, Rescue Coordination centers, Vessel Traffic centers, Complex problems regarding repetitive distress alarms, inaccurate statistics, multiple control towers are existent. Consequently, effective measurement to resolve dispersed operating maritime distress signal system are in time of need. Moreover, current KCG Headquarter is considering to integrate five distress radio stations dispersed across nation into a single international safety communication center. The integration of radio stations are efficient in terms of information coordination between nations, however, it cannot support efficient response to real-time maritime incident. Therefore, in this study, a new system that can rapidly response to real-time maritime incident will be proposed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.10
• /
• pp.1309-1316
• /
• 2016

This paper suggests adjusting TCP for smartphones that often have small size data transmission tendency. Usage of smartphones has been risen dramatically in recent years, including frequent usage of real-time map search, public transportation search, online games, and SNS. Because the small size data transmission ends before the phase of the TCP congestion avoidance, this paper suggests an algorithm that increases the transmission speed ahead of the traffic congestion event. The algorithm reduces unnecessary delay by data size-driven adjustment of the Linux Quick ACK and Nagle's algorithm. Therefore, TCP is improved to maintain a high transmission rate steadily in small data transmission.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.39 no.3
• /
• pp.1-9
• /
• 2016

NSS (Navigation satellite system) provides the information for determining the position, velocity and time of users in real time using satellite-networking, and is classified into GNSS (Global NSS) and RNSS (Regional NSS). Although GNSS services for global users, the exactitude of provided information is dissatisfied with the degree required in modern systems such as unmanned system, autonomous navigation system for aircraft, ship and others, air-traffic control system. Especially, due to concern about the monopoly status of the countries operating it, some other countries have already considered establishing RNSS. The RNSS services for users within a specific area, however, it not only gives more precise information than those from GNSS, but also can be operated independently from the NSS of other countries. Thus, for Korean RNSS, this paper suggests the methodology to design the satellite constellation considering the regional features of Korean Peninsula. It intends to determine the orbits and the arrangement of navigation satellites for minimizing PDOP (Position dilution of precision). PGA (Parallel Genetic Algorithm) geared to solve this nonlinear optimization problem is proposed and STK (System tool kit) software is used for simulating their space flight. The PGA is composed of several GAs and iterates the process that they search the solution for a problem during the pre-specified generations, and then mutually exchange the superior solutions investigated by each GA. Numerical experiments were performed with increasing from four to seven satellites for Korean RNSS. When the RNSS was established by seven satellites, the time ratio that PDOP was measured to less than 5 (i.e. better than 'Good' level on the meaning of the PDOP value) was found to 94.3% and PDOP was always kept at 10 or less (i.e. better than 'Moderate' level).

• Journal of Communications and Networks
• /
• v.18 no.4
• /
• pp.567-579
• /
• 2016

Several energy saving techniques in cellular wireless networks such as active base station (BS) selection, transmit power budget adaptation and user association have been studied independently or only part of these aspects have been considered together in literature. In this paper, we jointly tackle these three problems and propose an integrated framework, called dynamic cell reconfiguration (DCR). It manages three techniques operating on different time scales for ultimate energy conservation while guaranteeing the quality of service (QoS) level of users. Extensive simulations under various configurations, including the real dataset of BS topology and utilization, demonstrate that the proposed DCR can achieve the performance close to an optimal exhaustive search. Compared to the conventional static scheme where all BSs are always turned on with their maximum transmit powers, DCR can significantly reduce energy consumption, e.g., more than 30% and 50% savings in uniform and non-uniform traffic distribution, respectively.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.26 no.3D
• /
• pp.409-416
• /
• 2006

Real-time traveler information disseminated through Variable Message Signs (VMS) is known to have effects on driver route choice decisions. In the past, many studies have attempted to optimize the system performance using VMS message content as the primary control variable of driver route choice. This research proposes a VMS information provision optimization model which searches the best combination of VMS message contents and display sequence to minimize the total travel time on a highway network considered. The driver route choice models under VMS information provision are developed using a stated preference (SP) survey data in order to realistically capture driver response behavior. The genetic algorithm (GA) is used to find the optimal VMS information provision strategies which consists of the VMS message contents and the sequence of message display. In the process of the GA module, the system performance is measured using micro traffic simulation. The experiment results highlight the capability of the proposed model to search the optimal solution in an efficient way. The results show that the traveler information conveyed via VMS can reduce the total travel time on a highway network. They also suggest that as the frequency of VMS message update gets shorter, a smaller number of VMS message contents performs better to reduce the total travel time, all other things being equal.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.8
• /
• pp.1111-1120
• /
• 2022

Image Capturing is a matter of viewing images and describing images in language. The problem is an important problem that can be solved by keeping, understanding, and bringing together two areas of image processing and natural language processing. In addition, by automatically recognizing and describing images in text, images can be converted into text and then into speech for visually impaired people to help them understand their surroundings, and important issues such as image search, art therapy, sports commentary, and real-time traffic information commentary. So far, the image captioning research approach focuses solely on recognizing and texturing images. However, various environments in reality must be considered for practical use, as well as being able to provide image descriptions for the intended purpose. In this work, we limit the universally available Korean and English image captioning models and text generation techniques for the purpose of image captioning.

• Journal of Intelligence and Information Systems
• /
• v.22 no.4
• /
• pp.109-122
• /
• 2016

Recently, big data analysis has developed into a field of interest to individuals and non-experts as well as companies and professionals. Accordingly, it is utilized for marketing and social problem solving by analyzing the data currently opened or collected directly. In Korea, various companies and individuals are challenging big data analysis, but it is difficult from the initial stage of analysis due to limitation of big data disclosure and collection difficulties. Nowadays, the system improvement for big data activation and big data disclosure services are variously carried out in Korea and abroad, and services for opening public data such as domestic government 3.0 (data.go.kr) are mainly implemented. In addition to the efforts made by the government, services that share data held by corporations or individuals are running, but it is difficult to find useful data because of the lack of shared data. In addition, big data traffic problems can occur because it is necessary to download and examine the entire data in order to grasp the attributes and simple information about the shared data. Therefore, We need for a new system for big data processing and utilization. First, big data pre-analysis technology is needed as a way to solve big data sharing problem. Pre-analysis is a concept proposed in this paper in order to solve the problem of sharing big data, and it means to provide users with the results generated by pre-analyzing the data in advance. Through preliminary analysis, it is possible to improve the usability of big data by providing information that can grasp the properties and characteristics of big data when the data user searches for big data. In addition, by sharing the summary data or sample data generated through the pre-analysis, it is possible to solve the security problem that may occur when the original data is disclosed, thereby enabling the big data sharing between the data provider and the data user. Second, it is necessary to quickly generate appropriate preprocessing results according to the level of disclosure or network status of raw data and to provide the results to users through big data distribution processing using spark. Third, in order to solve the problem of big traffic, the system monitors the traffic of the network in real time. When preprocessing the data requested by the user, preprocessing to a size available in the current network and transmitting it to the user is required so that no big traffic occurs. In this paper, we present various data sizes according to the level of disclosure through pre - analysis. This method is expected to show a low traffic volume when compared with the conventional method of sharing only raw data in a large number of systems. In this paper, we describe how to solve problems that occur when big data is released and used, and to help facilitate sharing and analysis. The client-server model uses SPARK for fast analysis and processing of user requests. Server Agent and a Client Agent, each of which is deployed on the Server and Client side. The Server Agent is a necessary agent for the data provider and performs preliminary analysis of big data to generate Data Descriptor with information of Sample Data, Summary Data, and Raw Data. In addition, it performs fast and efficient big data preprocessing through big data distribution processing and continuously monitors network traffic. The Client Agent is an agent placed on the data user side. It can search the big data through the Data Descriptor which is the result of the pre-analysis and can quickly search the data. The desired data can be requested from the server to download the big data according to the level of disclosure. It separates the Server Agent and the client agent when the data provider publishes the data for data to be used by the user. In particular, we focus on the Big Data Sharing, Distributed Big Data Processing, Big Traffic problem, and construct the detailed module of the client - server model and present the design method of each module. The system designed on the basis of the proposed model, the user who acquires the data analyzes the data in the desired direction or preprocesses the new data. By analyzing the newly processed data through the server agent, the data user changes its role as the data provider. The data provider can also obtain useful statistical information from the Data Descriptor of the data it discloses and become a data user to perform new analysis using the sample data. In this way, raw data is processed and processed big data is utilized by the user, thereby forming a natural shared environment. The role of data provider and data user is not distinguished, and provides an ideal shared service that enables everyone to be a provider and a user. The client-server model solves the problem of sharing big data and provides a free sharing environment to securely big data disclosure and provides an ideal shared service to easily find big data.