• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1284-1297
• /
• 2019

The network environment is presently becoming very increased. Accordingly, the study of traffic classification for network management is becoming difficult. Automatic signature extraction system is a hot topic in the field of traffic classification research. However, existing automatic payload signature generation systems suffer problems such as semi-automatic system, generating of disposable signatures, generating of false-positive signatures and signatures are not kept up to date. Therefore, we provide a fully automatic signature update system that automatically performs all the processes, such as traffic collection, signature generation, signature management and signature verification. The step of traffic collection automatically collects ground-truth traffic through the traffic measurement agent (TMA) and traffic management server (TMS). The step of signature management removes unnecessary signatures. The step of signature generation generates new signatures. Finally, the step of signature verification removes the false-positive signatures. The proposed system can solve the problems of existing systems. The result of this system to a campus network showed that, in the case of four applications, high recall values and low false-positive rates can be maintained.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.6
• /
• pp.1593-1602
• /
• 1998

In this paper, a hybrid firewall system using the screening router, dual-homed gateway, screened host galeway and the application level gateway is proposed, The screened host gateway is comjXlsed of screening router, DMZ and bastion host. All external input traffics are filtered by screening router with network protrcol filtering, and transmitted to the bastion host performing application level filtering, The dual homed gateway is an internlediate equipment prohibiting direct access from external users, The application level gateway is an equipment enabling transmission using only the proxy server. External users can access only through the public servers in the DMZ, but internal users can aeee through any servers, The rule base which allows Telnet only lo the adrnilllslratol is applied to manage hosts in the DMZ According to the equipmental results, denial of access was in orderof Web. Mail FTP, and Telnet. Access to another servers except for server in DMZ were denied, Prolocol c1mials of UDP was more than that of TCP, because the many hosts broadcasted to networds using BOOTP and NETBIOS, Also, the illegal Telnet and FTP that transfer to inside network were very few.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.6
• /
• pp.1-10
• /
• 2005

This paper describes the implementation of HTML converter for wireless internet access in wireless application protocol environment. The implemented HTML converter consists of the contents conversion module, the conversion rule set, the WML file generation module, and the frame contents reformatting module. Plain text contents are converted to WML contents through one by one mapping, referring to the converting rule set in the contents converting module. For frame contents, the first frameset sources are parsed and the request messages are reconstructed with all the file names, reconnecting to web server as much as the number of files to receive each documents and append to the first document. Finally, after the process of reformatting in the frame contents reformatting module, frame contents are converted to WML's table contents. For image map contents, the image map related tags are parsed and the names of html documents which are linked to any sites are extracted to be replaced with WML contents data and linked to those contents. The proposed conversion method for frame contents provides a better interface for the users convenience and interactions compared to the existing converters. Conversion of image maps in our converter is one of the features not currently supported by other converters.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.5
• /
• pp.787-799
• /
• 2023

As IoT devices are widely used at home, IoT automation system that is integrate IoT devices for users' demand are gaining populrity. There is automation rule in IoT automation system that is collecting event and command action. But attacker delay the packet and make time that real state is inconsistent with state recongnized by the system. During the time, the system does not work correctly by predefined automation rule. There is proposed some detection method for delay attack, they have limitations for application to IoT systems that are sensitive to traffic volume and battery consumption. This paper proposes a practical packet delay attack detection technique that can be applied to IoT systems. The proposal scheme in this paper can recognize that, for example, when a sensor transmits an message, an broadcast packet notifying the transmission of a message is sent to the Server recognized that event has occurred. For evaluation purposes, an IoT system implemented using Raspberry Pi was configured, and it was demonstrated that the system can detect packet delay attacks within an average of 2.2 sec. The experimental results showed a power consumption Overhead of an average of 2.5 mA per second and a traffic Overhead of 15%. We demonstrate that our method can detect delay attack efficiently compared to preciously proposed method.

• The Journal of the Korea Contents Association
• /
• v.6 no.10
• /
• pp.126-133
• /
• 2006

Application software streaming is a virtualization technology that enables users to use applications without installation on her/his computer. With application streaming service, a client immediately starts and uses the application as if it were installed. The application can be executed while executable codes for the application may still be streamed. Since the software streaming is based on networks, its service is affected by network failures. Network failures may cause the streamed application to stop, and to make it worse, also the system may crash because executable codes for the application can't be streamed from the streaming server. Using the Pareto principle (80 vs. 20 rule), users can be served continuously with the minimum functions that are frequently used, pre-fetched and cached if we provide a more intelligent and fault-tolerant streaming technique. This paper proposes the concept and technique named Evergreen. Using the Evergreen technique, users can continue using the streamed application while a network failure occurs, although user can access only the streamed code. We also discuss the implementation of Evergreen technique in details.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.16 no.5
• /
• pp.109-120
• /
• 2017

It is important to estimate objectively in the driving test. Especially, the driving test is examined by totally driving ability, rule observation and situational judgement. For this, a grading automation system for driving test was presented by using GPS, sensor data and equipment operation informations. This system is composed of vehicle mounted module, automatic grading terminal, data controller, data storage and processing server. The vehicle mounted module gathters sensor data in the car. The terminal performs automatic grading using the received sensor data according the driving test criterion. To overcome the misposition of vehicle in the map due to GPS error, we proposed the automatic grading system by map matching method, path deviation and return algorithm. In the experimental results, it was possible to grade automatically, display the right position of the car, and return to the right path under 10 seconds when the vehicle was out of the shadow region of the GPS. This system can be also applied to the driving education.

• The KIPS Transactions:PartB
• /
• v.13B no.5 s.108
• /
• pp.569-578
• /
• 2006

The present study implemented AAC(Augmentative and Alternative Communication) system using images that speech defectives can easily understand. In particular, the implementation was focused on the portability and mobility of the AAC system as well as communication system of a more flexible form. For mobility and portability, we implemented a system operable in mobile devices such as PDA so that speech defectives can communicate as food as ordinary People at any Place using the system Moreover, in order to overcome the limitation of storage space for a large volume of image data, we implemented the AAC system in client/server structure in mobile environment. What is more, for more flexible communication, we built an image dictionary by taking verbs as the base and sub-categorizing nouns according to their corresponding verbs, and regularized the types of sentences generated according to the type of verb, centering on verbs that play the most important role in composing a sentence.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.2
• /
• pp.370-378
• /
• 2008

The CEDA(Certified E-Document Authority) is a reliable third party that deposit electronic document having legal effects securely, and verify contents of document or transmission. This paper focuses on a function of secure transmission among several important functions, and implements public key encryption system for secure transmission when server and user communicate for image transmission. This paper follows a standard fundamental rule of X.509 in ITU-T, and it uses symmetric encryption algorithm to raise speed of a large data operation. A key of symmetric encryption algorithm is encrypted by private key in public key system, it protects to be modified using digital signature for data integrity. Also it uses certificates for mutual authentication.

• The Korean Journal of Food And Nutrition
• /
• v.2 no.1
• /
• pp.73-83
• /
• 1989

The objective of this study was to propse the way that could enlarge the course In life for the graduates of Department of Food and Nutrition in Junior College. This study was carried out through the analysis of statistical data and questionnaires gathered from professors of Department of Food and Nutrition in Junior College and from dieticians of industry, school and hospital. The results of this study could be summarized as follows. 1. The cultivation number of dieticians is too excessive in comparison with the need, and so It is necessary for the colleges to restrict the row establishment of Department of Food and Nutrition for a time, and for the government to tighten the employment system of dieticians. 2. The employment of dieticians will be extended to such fields as school, hospital public health center and counsel office of nutrition to act as a nutritional educator or a medical server in the future, and consequently the colleges which cultivate dieticians should improve the curriculum to agree with this. 3. It is necessary for the government to renovate the system of dietician arrangement to such a way as establishes a new rule in which additional dietician Should be employed In accordance with the feeding number in industry and hospital, as restricts the position-combine of a dietician with a cook in a large feeding institute, as gives the qualification of a nutritional instructor only to the diatician at public health center, as gives the qualification of a nutrition -teacher to the dieticians who completed the course of study for the teaching profession and then allows them to act as a nutrition-teacher in school. 4. The way to give a higher grade of educational opportunity should be given to the graduates of Department of Food and Nutrition in Junior College for the supplement of dietician's faculty.

• The KIPS Transactions:PartD
• /
• v.15D no.4
• /
• pp.441-450
• /
• 2008

Recently, access control on form-based web information systems has become one of the useful methods for implementing client systems in a service-oriented architecture. In particular, XForms language is being adopted in many systems as a description language for XML-based user interfaces and server interactions. In this paper, we propose an efficient algorithm for the evaluation of XPath-based access rules for XForms pages. In this model, an XForms page is a sequence of queries and the client system performs user interface realization along with XPath rule evaluations. XPath rules have instance-dependent predicates, which for the most part are shared between rules. For the efficient evaluation of shared predicate expressions in access control rules, we proposed a predicate graph model that reuses the previously evaluated results for the same context node. This approach guarantees that each predicate expression is evaluated for the relevant xml node only once.