• Journal of Internet Computing and Services
• /
• v.11 no.6
• /
• pp.73-86
• /
• 2010

In proportion to the rapid increase in the number of Web users, web attack techniques are also getting more sophisticated. Therefore, we need not only to detect Web attack based on the log analysis but also to extract web attack events from audit information such as Web firewall, Web IDS and system logs for detecting abnormal Web behaviors. In this paper, web attack detection system was designed and implemented based on integrated web audit data for detecting diverse web attack by generating integrated log information generated from W3C form of IIS log and web firewall/IDS log. The proposed system analyzes multiple web sessions and determines its correlation between the sessions and web attack efficiently. Therefore, proposed system has advantages on extracting the latest web attack events efficiently by designing and implementing the multiple web session and log correlation analysis actively.

• Journal of the Korean Society for information Management
• /
• v.33 no.3
• /
• pp.287-319
• /
• 2016

Dispatch of ROK Armed Forces is a significant contemporary event that enhances the ROK's position in the international communities and ensures the solid national security by contributing international peace keeping operations. Indirectly, dispatch of armed forces also can contribute to strengthen the national defense. However, despite its importance, record management related to the dispatch is not done properly. Because variable records produced in the process of dispatching troops are transferred to distributed archives, searching or accessing each record is not easy and making a collection from a series of record related to certain dispatch is more difficult. Moreover, since most transferred records were produced in the public domain, production and management of record in the aspect of archive of everyday life is needed. In this paper, we summarize the current state of domestic records by dispatch procedure, organization, and dispatched troops. And we also explore the problem of record management.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.12
• /
• pp.6060-6070
• /
• 2012

Real-Time Enterprise (RTE)'s key requirement is that it should respond and adapt fast to the change of the firms' internal and external situations including the change of market and customers' needs. Recently, the big data processing technology to support the speedy change of the firms is spotlighted. Under the circumstances that wire and wireless communication networks are evolving with an accelerated rate, it is especially critical to provide a strong security monitoring function and stable services through a real-time processing of massive communication data traffic. By applying the big data processing technology based on a cloud computing architecture, this paper solves the managerial problems of telecommunication service providers and discusses how to operate the network management system effectively.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.117-123
• /
• 2016

In recent years, Personal Health Record (PHR) has emerged as a patient-centric model of health information exchange. The Personal Health Record (PHR) owners enjoy the full right of accessing their records anywhere and anytime making storage and retrieval more efficient. Due to the sensitivity and confidential nature of the PHR, however, the PHR is maintained in a secure and private environment with the individual determining rights of access. In this paper, we propose a system which enables access to the user's PHR in the event of emergency. In emergency situation where the user is unconscious, the emergency staff can use the PHR information to request a emergency access to the PHR server based on the predefined rights of access for PHR. Under the proposed system, the PHR owner can specify a fine grain access control policy during emergency situations.

• Journal of the Korea Society for Simulation
• /
• v.23 no.4
• /
• pp.181-188
• /
• 2014

Heterogeneous physical systems and computational devices are incorporated on a large-scale in a CPS (cyber-physical system) environment. Simulations can be useful for the reliable behaviors of CPSs. Time synchronization is one of major technical issues for the simulations. In the CPS, distributed systems control themselves by interacting with each other during runtime. When some simulation models have high complexity, wrong control commands as well as incorrect data can be exchanged due to the time error. We propose a time synchronization algorithm for the hybrid model that has characteristics of both continuous time systems and discrete event systems. In addition, we develop a CPS simulator based on our algorithm. For the verification of the algorithm and the execution of the simulator, we develop an example hybrid model and simulate considering user controls as well as interactions among the distributed systems.

• Journal of the Society of Disaster Information
• /
• v.10 no.1
• /
• pp.159-169
• /
• 2014

The development of science and technology to accompany the convenience of civilization but in addition to nuclear, gas, explosion, accident and spill all over the world with the possibility of a chemical or biological terrorism response efforts collectively as a response to the urgent task of a nation. In this study major economies such as the U.S. and Canada analyzed to investigate the CBRN training programs to fit the reality in Korea CBRN training programs were developed. also the development of training programs to CBRN Korean Activity-Action Diagram technique utilized by CBRN scenarios corresponding to each event needs to be taken when the Activity is defined by its detailed definition of corrective actions for the CBRN Activity to define context-sensitive actions in particular to enable the functionality of the structure in case of CBRN emergency initial response was to establish education and training programs.

• The Journal of the Korea Contents Association
• /
• v.18 no.1
• /
• pp.154-163
• /
• 2018

Not only South Korea but also Global world show that the frequency and damages of large-scale natural disaster due to the rise of heavy rain event and typhoon or hurricane intensity are increasing. Natural disasters such as typhoon, flood, heavy rain, strong wind, wind wave, tidal wave, tide, heavy snow, drought, earthquake, yellow dust and so on, are difficult to estimate the scale of damage and spot. Also, there are many difficulties to take action because natural disasters don't appear precursor phenomena However, if scale of damage can be estimated, damages would be mitigated through the initial damage action. In the present study, therefore, wind wave damage estimation functions for the western coastal zone are developed based on annual disaster reports which were published by the Ministry of Public Safety and Security. The wind wave damage estimation functions were distinguished by regional groups and facilities and NRMSE (Normalized Root Mean Square Error) was analyzed from 1.94% to 26.07%. The damage could be mitigated if scale of damage can be estimated through developed functions and the proper response is taken.

• Journal of the Korea Society for Simulation
• /
• v.16 no.3
• /
• pp.75-87
• /
• 2007

As the VoIP service quality is getting better and many shortcomings are being overcome, users are getting interested in this service. Also, there are several additional features that provide a convenience to users such as presence service, instant messaging service and so on. But, as there are always two sides of rein, some security issues have users hesitate to make use of it. This paper deals with one of the issues, the VoIP spam problem. We took into account the signal pattern of voice message in spam call and we have constructed voice signal models of normal call, normal call with noise and spam call. Each voice signal case is inserted into our spam decision algorithm which detects the spam calls based on the amount of information in the call signal. We made use of the DEVS-$Java^{TM}$ for our modeling and simulation. The contribution of this work is in suggestion of a way to detect voice spam call signal and testing of the method using modeling and simulation methodology.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.48 no.5
• /
• pp.99-106
• /
• 2011

In many applications, wireless sensor networks could be thought as data-centric networks, and the sensor nodes are densely distributed over a large sensor field. The sensor nodes are normally vulnerable in terms of security since they are very often deployed in a hostile environment and open space. In this paper, we propose a scheme for contents-based anomaly detection in wireless sensor networks. In this scheme we use the characteristics of sensor networks where several nodes surrounding an event point can simultaneously detect the phenomenon occurring and the contents detected from these sensors are limited to inside a certain range. The proposed scheme consists of several phases; training, testing and refining phases. Anomaly candidates detected by the distance-based anomaly detection scheme in the testing phase are sent to the refining phase. They are then compared in the sink node with previously collected data set to improve detection performance in the refining phase. Our simulation results suggest the effectiveness of the proposed scheme in this paper evidenced by the improvements of the detection rate and the false positive rate.

• Journal of the Korea Society for Simulation
• /
• v.20 no.4
• /
• pp.21-29
• /
• 2011

Wireless sensor nodes operate in open environments. The deployed sensor nodes are very vulnerable to physical attacks from outside. Attackers compromise some sensor nodes. The compromised nodes by attackers can lead to false data injection into sensor networks. These attacks deplete the limited energy of sensor nodes. Ye et al. proposed the Statistical En-Route Filtering (SEF) as a countermeasure of the attacks. The sensor node in SEF examines the event reports based on certain uniform probability. Thus, the same energies are consumed in both legitimate reports and false reports. In this paper, we propose a method that each node controls the probability of attempts to verify a report to reduce energy consumption of sensor nodes. The probability is determined in consideration of the remaining energy of the node, the number of hops from the node to SINK node, the ratio of false reports. the proposed method can have security which is similar with SEF and consumes lower energy than SEF.