• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.3
• /
• pp.595-603
• /
• 2017

We propose a scheme to reduce the time for the SSL/TLS handshake by embedding it into the TCP 3-way handshake. The scheme can be selectively applied on the standard TCP for making the SSL/TCP handshake happen within the TCP handshake, rather than performing the TCP handshake and SSL/TLS handshake in sequence. We implemented a prototype of the scheme and did some experiments on its performance. Experimental results showed that, compared to the sequential handshakes of the TCP and the SSL/TLS, the time reduction achieved by the scheme varied in the range of 3.2% and 14%(when the elapsed time by the ping program from the client to the server was 11.6ms). The longer the time measured by the ping program, which would grow as the propagation and queuing delays do, the larger the reduction rate. It accords with the supposition that the reduced time due to the scheme will increase in proportion to the amount of the elapsed time measured by the ping program.

• Journal of KIISE:Software and Applications
• /
• v.34 no.7
• /
• pp.681-687
• /
• 2007

Face recognition technique is very popular for a personal information security and user identification in recent years. However, the face recognition system is very hard to be implemented due to the difficulty where change in illumination, pose and facial expression. In this paper, we consider that an illumination change causing the variety of face appearance, virtual image data is generated and added to the D-LDA which was selected as the most suitable feature extractor. A less sensitive recognition system in illumination is represented in this paper. This way that consider nature of several illumination directions generate the virtual training image data that considered an illumination effect of the directions and the change of illumination density. As result of experiences, D-LDA has a less sensitive property in an illumination through ORL, Yale University and Pohang University face database.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.39-51
• /
• 2024

This paper proposes a novel approach to enhance the security of container-based systems by analyzing system calls to dynamically detect race conditions without modifying the kernel. Container escape attacks allow attackers to break out of a container's isolation and access other systems, utilizing vulnerabilities such as race conditions that can occur in parallel computing environments. To effectively detect and defend against such attacks, this study utilizes eBPF to observe system call patterns during attack attempts and employs a AdaBoost model to detect them. For this purpose, system calls invoked during the attacks such as Dirty COW and Dirty Cred from popular applications such as MongoDB, PostgreSQL, and Redis, were used as training data. The experimental results show that this method achieved a precision of 99.55%, a recall of 99.68%, and an F1-score of 99.62%, with the system overhead of 8%.

• Journal of Broadcast Engineering
• /
• v.17 no.2
• /
• pp.374-387
• /
• 2012

In this paper, we implement a new hardware for finding the significant coefficients of a digital hologram and ciphering them using discrete wavelet packet transform (DWPT). Discrete wavelet transform (DWT) and packetization of subbands is used, and the adopted ciphering technique can encrypt the subbands with various robustness based on the level of the wavelet transform and the threshold of subband energy. The hologram encryption consists of two parts; the first is to process DWPT, and the second is to encrypt the coefficients. We propose a lifting based hardware architecture for fast DWPT and block ciphering system with multi-mode for the various types of encryption. The unit cell which calculates the repeated arithmetic with the same structure is proposed and then it is expanded to the lifting kernel hardware. The block ciphering system is configured with three block cipher, AES, SEED and 3DES and encrypt and decrypt data with minimal latency time(minimum 128 clocks, maximum 256 clock) in real time. The information of a digital hologram can be hided by encrypting 0.032% data of all. The implemented hardware used about 200K gates in $0.25{\mu}m$ CMOS library and was stably operated with 165MHz clock frequency in timing simulation.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.13 no.3
• /
• pp.14-28
• /
• 2010

The aim of this study is to investigate crime hotspot areas using the spatio-temporal cluster analysis which is possible to search simultaneously time range as well as space range as an alternative method of existing hotspot analysis only identifying crime occurrence distribution patterns in urban area. As for research method, first, crime data were collected from criminal registers provided by official police authority in M city, Gyeongnam and crime occurrence patterns were drafted on a map by using Geographic Information Systems(GIS). Second, by utilizing Ripley K-function and Space-Time Scan Statistics analysis, the spatio-temporal distribution of crime was examined. The results showed that the risk of crime was significantly clustered at relatively few places and the spatio-temporal clustered areas of crime were different from those predicted by existing spatial hotspot analysis such as kernel density analysis and k-means clustering analysis. Finally, it is expected that the results of this study can be not only utilized as a valuable reference data for establishing urban planning and crime prevention through environmental design(CPTED), but also made available for the allocation of police resources and the improvement of public security services.

• The KIPS Transactions:PartC
• /
• v.13C no.7 s.110
• /
• pp.821-830
• /
• 2006

As internet worms are spread out worldwide, the detection and filtering of worms becomes one of hot issues in the internet security. As one of implementation methods to detect worms, the Linux Netfilter kernel module can be used. Its basic operation for worm detection is a string matching where coming packet(s) on the network is/are compared with predefined worm signatures(patterns). A worm can appear in a packet or in two (or more) succeeding packets where some part of worm is in the first packet and its remaining part is in its succeeding packet(s). Assuming that the maximum length of a worm pattern is less than 1024 bytes, we need to perform a string matching up to two succeeding packets of 2048 bytes. To do so, Linux Netfilter keeps the previous packet in buffer and performs matching with a combined 2048 byte string of the buffered packet and current packet. As the number of concurrent connections to be handled in the worm detection system increases, the total size of buffer (memory) increases and string matching speed becomes low In this paper, to reduce the memory buffer size and get higher speed of string matching, we propose a string matching scheme without using buffer. The proposed scheme keeps the partial matching result of the previous packet with signatures and has no buffering for previous packet. The partial matching information is used to detect a worm in the two succeeding packets. We implemented the proposed scheme by modifying the Linux Netfilter. Then we compared the modified Linux Netfilter module with the original Linux Netfilter module. Experimental results show that the proposed scheme has 25% lower memory usage and 54% higher speed compared to the original scheme.

• KOREAN JOURNAL OF CROP SCIENCE
• /
• v.68 no.4
• /
• pp.343-370
• /
• 2023

Developing improved wheat varieties is vital for global food security to meet the rising demand for food. Therefore, assessing the genetic diversity across wheat genotypes is crucial. This study examined the diversity of 168 durum wheat and 47 common wheat collections from 54 different countries using twelve agro-morphological parameters. Geumgang, a prominent Korean common wheat variety, was used as a control. Both qualitative and quantitative agronomical characteristics showed wide variations. Most durum wheats were shown to possess dense spikes (90%), while common wheats showed dense (40%) or loose (38%) spikes, with yellowish-white being the dominant spike color. The majority of the accessions were awned regardless of wheat type, yellowish-white being the main awn color. White or red kernels were produced, with white kernels dominating in both common (74%) and durum (79%) wheats. Days to heading (DH) and days to maturity (DM) were in the ranges of 166-215 and 208-250 days, respectively, while the culm length (CL), spike length (SL), and awn length (AL) were in the ranges of 53.67-163, 5.33-18.67, and 0.50-19.00 cm, respectively. Durum wheats possessed the shortest average DH, DM, and SL, while common wheat had the longest CL and AL (p < 0.05). Common wheats also exhibited the highest average one-thousand-kernel weight. Hierarchical cluster analysis, aided by principal component analysis, grouped the population into seven clusters with significant differences in their quantitative variables (p < 0.05). In conclusion, this research revealed diversity among common and durum wheat genotypes. Notably, 26 durum wheat and 17 common wheat accessions outperformed the control, offering the potential for developing early-maturing, high-yielding, and lodging-resistant wheat varieties.