• Convergence Security Journal
• /
• v.10 no.1
• /
• pp.29-34
• /
• 2010

It is very important to evaluate the quality of soft wares based on SOA, which develops rapidly. Particularly, one of the most important properties influencing on the quality of system is complexity. Therefore, we propose the metrics for measuring a structural complexity of softwares based on SOA. The proposed metrics is composed of the size of a service, the depth of a service and interdependency from the viewpoint of system structure, and finally we applied the proposed metric to an example.

• Smart Media Journal
• /
• v.12 no.2
• /
• pp.66-75
• /
• 2023

Recently, the number of cloud web applications is increasing owing to the accelerated migration of enterprises and public sector information systems to the cloud. Traditional network attacks on cloud web applications are characterized by Denial of Service (DoS) attacks, which consume network resources with a large number of packets. However, HTTP DoS attacks, which consume application resources, are also increasing recently; as such, developing security technologies to prevent them is necessary. In particular, since low-bandwidth HTTP DoS attacks do not consume network resources, they are difficult to identify using traditional security solutions that monitor network metrics. In this paper, we propose a new detection model for detecting HTTP DoS attacks on cloud web applications by collecting the application metrics of web servers and learning them using machine learning. We collected 18 types of application metrics from an Apache web server and used five machine learning and two deep learning models to train the collected data. Further, we confirmed the superiority of the application metrics-based machine learning model by collecting and training 6 additional network metrics and comparing their performance with the proposed models. Among HTTP DoS attacks, we injected the RUDY and HULK attacks, which are low- and high-bandwidth attacks, respectively. As a result of detecting these two attacks using the proposed model, we found out that the F1 scores of the application metrics-based machine learning model were about 0.3 and 0.1 higher than that of the network metrics-based model, respectively.

• Journal of Preventive Medicine and Public Health
• /
• v.57 no.3
• /
• pp.298-303
• /
• 2024

Objectives: The aim of this study was to estimate drug prescription indicators in outpatient services provided at Iran Social Security Organization (SSO) healthcare facilities. Methods: Data on all prescribed drugs for outpatient visits from 2017 to 2018 were extracted from the SSO database. The data were categorized into 4 main subgroups: patient characteristics, provider characteristics, service characteristics, and type of healthcare facility. Logistic regression models were used to detect risk factors for inappropriate drug prescriptions. SPSS and IBM Modeler software were utilized for data analysis. Results: In 2017, approximately 150 981 752 drug items were issued to outpatients referred to SSO healthcare facilities in Iran. The average number of drug items per outpatient prescription was estimated at 3.33. The proportion of prescriptions that included an injection was 17.5%, and the rate of prescriptions that included an antibiotic was 37.5%. Factors such as patient sex and age, provider specialty, type of facility, and time of outpatient visit were associated with the risk of inappropriate prescriptions. Conclusions: In this study, all drug prescription criteria exceeded the recommended limits set by the World Health Organization. To improve the current prescription patterns throughout the country, it would be beneficial to provide providers with monthly and annual reports and to consider implementing some prescription policies for physicians.

• International Journal of Computer Science & Network Security
• /
• v.24 no.6
• /
• pp.23-32
• /
• 2024

Mobile Ad hoc Network is a network of multiple wireless nodes which communicate and exchange information together without any fixed and centralized infrastructure. The core objective for the development of MANET is to provide movability, portability and extensibility. Due to infrastructure less network topology of the network changes frequently this causes many challenges for designing routing algorithms. Many routing protocols for MANET have been suggested for last few years and research is still going on. In this paper we review three main routing protocols namely Proactive, Reactive and Hybrid, performance comparison of Proactive such as DSDV, Reactive as AODV, DSR, TORA and Hybrid as ZRP in different network scenarios including dynamic network size, changing number of nodes, changing movability of nodes, in high movability and denser network and low movability and low traffic. This paper analyzes these scenarios on the performance evaluation metrics e.g. Throughput, Packet Delivery Ratio (PDR), Normalized Routing Load(NRL) and End To-End delay(ETE).This paper also reviews various network layer security attacks challenge by routing protocols, detection mechanism proposes to detect these attacks and compare performance of these attacks on evaluation metrics such as Routing Overhead, Transmission Delay and packet drop rates.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.7
• /
• pp.101-108
• /
• 2022

We propose an intrusion detection model that detects denial-of-service(DoS) and distributed reflection denial-of-service(DRDoS) attacks, based on the empirical data of each internet of things(IoT) device by training system and network metrics that can be commonly collected from various IoT devices. First, we collect 37 system and network metrics from each IoT device considering IoT attack scenarios; further, we train them using six types of machine learning models to identify the most effective machine learning models as well as important metrics in detecting and distinguishing IoT attacks. Our experimental results show that the Random Forest model has the best performance with accuracy of over 96%, followed by the K-Nearest Neighbor model and Decision Tree model. Of the 37 metrics, we identified five types of CPU, memory, and network metrics that best imply the characteristics of the attacks in all the experimental scenarios. Furthermore, we found out that packets with higher transmission speeds than larger size packets represent the characteristics of DoS and DRDoS attacks more clearly in IoT networks.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.21-29
• /
• 2020

In this paper, we propose quantitative evaluation method that enable security comparison between Security Container Runtimes. security container runtime technologies have been developed to address security issues such as Container escape caused by containers sharing the host kernel. However, most literature provides only a analysis of the security of container technologies using rough metrics such as the number of available system calls, making it difficult to compare the secureness of container runtimes quantitatively. While the proposed model uses a new method of combining the degree of exposure of host system calls with various external vulnerability metrics. With the proposed technique, we measure and compare the security of runC (Docker default Runtime) and two representative Security Container Runtimes, gVisor, and Kata container.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.21-31
• /
• 2023

In this paper, we focused on the problem of evaluating multi-class classification accuracy and simulation of multiple classifier performance metrics. Multi-class classifiers for sentiment analysis involved many challenges, whereas previous research narrowed to the binary classification model since it provides higher accuracy when dealing with text data. Thus, we take inspiration from the non-linear Support Vector Machine to modify the algorithm by embedding dynamic hyperplanes representing multiple class labels. Then we analyzed the performance of multi-class classifiers using macro-accuracy, micro-accuracy and several other metrics to justify the significance of our algorithm enhancement. Furthermore, we hybridized Enhanced Convolution Neural Network (ECNN) with Dynamic Support Vector Machine (DSVM) to demonstrate the effectiveness and efficiency of the classifier towards multi-class text data. We performed experiments on three hybrid classifiers, which are ECNN with Binary SVM (ECNN-BSVM), and ECNN with linear Multi-Class SVM (ECNN-MCSVM) and our proposed algorithm (ECNNDSVM). Comparative experiments of hybrid algorithms yielded 85.12 % for single metric accuracy; 86.95 % for multiple metrics on average. As for our modified algorithm of the ECNN-DSVM classifier, we reached 98.29 % micro-accuracy results with an f-score value of 98 % at most. For the future direction of this research, we are aiming for hyperplane optimization analysis.

• Journal of Multimedia Information System
• /
• v.6 no.4
• /
• pp.271-282
• /
• 2019

There is a description that you cannot manage what you do not measure. The Korea Ministry of National Defense (MND) is conducting evaluations in various fields to obtain meaningful effects from IT investments, and views that the evaluation of the defense informatization sector is divided into defense informatization policy evaluation and defense informatization project evaluation. The defense informatization level evaluation can measure the informatization level of MND and the armed forces or organizations. Since the evaluation system being studied to measure the level of defense informatization is composed mainly of qualitative metrics, it is necessary to reconstruct it based on quantitative metrics that can guarantee objectivity. In addition, for managing the level of change by evaluation objects, the evaluation system should be designed with a focus on homeostasis of metrics so that it can be measured periodically. Moreover, metrics need to be promoted in terms of performance against targets. To this end, this study proposes to measure the level of defense informatization by dividing it into defense information network, computer systems, interoperability and standardization, information security, information environment, and information system use, and suggests their metrics.

• Asian Journal of Atmospheric Environment
• /
• v.12 no.1
• /
• pp.1-16
• /
• 2018

Ground-level ozone ($O_3$) can be a menace for vegetation, especially in Asia where $O_3$ levels have been dramatically increased over the past decades. To ensure food security and maintain forest ecosystem services, such as nutrient cycling, carbon sequestration and functional diversity of soil biota, in the over-populated Asia, environmental standards are needed. To set proper standards, dose-response relationships should be established from which critical levels are derived. The predictor of the response in the dose-response relationship is an $O_3$ metric that indicates the dose level to which the plant has been exposed. This study aimed to review the relevant scientific literature and summarize the $O_3$ metrics used worldwide to provide insights for Asia. A variety of $O_3$ metrics have been used, for which we discuss their strengths and weaknesses. The most widely used metrics are based only on $O_3$ levels. Such metrics have been adopted by several regulatory agencies in the global. However, they are biologically irrelevant because they ignore the plant physiological capacity. Adopting AOT40 ($O_3$ mixing ratios Accumulated Over the Threshold of $40nmol\;mol^{-1}$) as the default index for setting critical levels in Asia would be a poor policy with severe consequences at national and Pan-Asian level. Asian studies should focus on flux-based $O_3$ metrics to provide relevant bases for developing proper standards. However, given the technical requirements in calculating flux-based $O_3$ metrics, which can be an important limitation in developing countries, no-threshold cumulative exposure indices like AOT0 should always accompany flux-based indices.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.33-39
• /
• 2024

In a previous study we proceeded to the remodularization architecture based on classes and packages using the Formal Concept Analysis (FCA)[13] [14] [30]. we then got two possible remodularized architectures and we explored the issue of redistributing classes of a package to other packages, we used an approach based on Oriented Graph to determine the packages that receive the redistributed classes and we evaluated the quality of a remodularized software architecture by metrics [31] [28] [29]. In this paper, we will address the issue of the efficiency of the Oriented Graph in the remodularization of software architectures compared to the Formal Concept Analysis FCA method. The formal method of FCA concept is not popularized among scientists as opposed to the use of the labeled directed graph. It is for this reason that our directed graph approach is more effective in its simplicity and popularity.