• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.11B
• /
• pp.1234-1244
• /
• 2009

Nowadays, the traffic type and behavior are extremely diverse due to the appearance of various services and applications on Internet, which makes the need of application-level traffic classification important for the efficient management and control of network resources. Although lots of methods for traffic classification have been introduced in literature, they have some limitations to achieve an acceptable level of performance in terms of accuracy and completeness. In this paper we propose an application traffic classification method using statistic signatures, defined as a directional sequence of packet size in a flow, which is unique for each application. The statistic signatures of each application are collected by our automatic grouping and extracting mechanism which is mainly described in this paper. By matching to the statistic signatures we can easily and quickly identify the application name of traffic flows with high accuracy, which is also shown by comprehensive excrement with our campus traffic data.

• The KIPS Transactions:PartC
• /
• v.18C no.4
• /
• pp.243-250
• /
• 2011

Nowadays, the traffic type and behavior are extremely diverse due to the appearance of various services on Internet, which makes the need of traffic identification important for efficient operation and management of network. In recent years traffic identification methodology using statistical features of flow has been broadly studied. We also proposed a traffic identification methodology using payload size distribution in our previous work, which has a problem of low completeness. In this paper, we improved the completeness by solving the PSD conflict using IP and port. And we improved the accuracy by changing the distance measurement between flow and statistic signature from vector distance to per-packet distance. The feasibility of our methodology was proved via experimental evaluation on our campus network.

• Asian-Australasian Journal of Animal Sciences
• /
• v.33 no.4
• /
• pp.539-546
• /
• 2020

Objective: The Jeju native pig (JNP) found on the Jeju Island of Korea is a unique black pig known for high-quality meat. To investigate the genetic uniqueness of JNP, we analyzed the selection signature of the JNP in comparison to commercial pigs such as Berkshire and Yorkshire pigs. Methods: We surveyed the genetic diversity to identify the genetic stability of the JNP, using the linkage disequilibrium method. A selective sweep of the JNP was performed to identify the selection signatures. To do so, the population differentiation measure, Weir-Cockerham's F_st was utilized. This statistic directly measures the population differentiation at the variant level. Additionally, we investigated the gene ontologies (GOs) and genetic features. Results: Compared to the Berkshire and Yorkshire pigs, the JNP had lower genetic diversity in terms of linkage disequilibrium decays. We summarized the selection signatures of the JNP as GO. In the JNP and Berkshire pigs, the most enriched GO terms were epithelium development and neuron-related. Considering the JNP and Yorkshire pigs, cellular response to oxygen-containing compound and generation of neurons were the most enriched GO. Conclusion: The selection signatures of the JNP were identified through the population differentiation statistic. The genes with possible selection signatures are expected to play a role in JNP's unique pork quality.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.191-199
• /
• 2014

Currently, HTTP traffic has been developed rapidly due to appearance of various applications and services based web. Accordingly, HTTP Traffic classification is necessary to effective network management. Among the various signature-based method, Payload signature-based classification method is effective to analyze various aspects of HTTP traffic. However, the payload signature-based method has a significant drawback in high-speed network environment due to the slow processing speed than other classification methods such as header, statistic signature-based. Therefore, we proposed various classification method of HTTP Traffic based HTTP signatures of hierarchical structure and to improve pattern matching speed reflect the hierarchical structure features. The proposed method achieved more performance than aho-corasick to applying real campus network traffic.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.6B
• /
• pp.600-607
• /
• 2011

As network traffic is dramatically increasing due to the popularization of Internet, the need for application traffic identification becomes important for the effective use of network resources. In this paper, we present an Internet application traffic identification method based on flow correlation to overcome limitation of signature-based identification methods and to improve performance (completeness) of it. The proposed method can identify unidentified flows from signature-based method using flow correlation between identified and unidentified flows. We propose four separate correlation methods such as Server-Client, Time, Host-Host, and Statistic correlation and describe a flow correlation-based identification system architecture which incorporates the four separate methods. Also we prove the feasibility and applicability of our proposed method by an acceptable experimental result.

• Proceedings of the KIEE Conference
• /
• 1998.07b
• /
• pp.657-659
• /
• 1998

In this paper we discuss an algorithm to discriminate a target under track against multiple acoustic counter-measure (ACM) sources, based on sequential testings of multiple hypotheses. The ACM sources are separated from the target under track and generate, while drifting, measurements with false range and Doppler information. The purpose of the ACM is to mislead the target tracking and to help the true target evade a pursuer. The proposed algorithm uses as a test statistic a function of both the sequences of processed waveform signature and the innovation sequences from extended Kalman filters to estimate the target dynamics and the drifting positions of the ACM sources. Numerical experiments on various scenarios show that the proposed algorithm discriminates the target faster with a higher probability of success than the algorithm using only the innovation sequences from extended Kalman filters.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.8B
• /
• pp.1170-1178
• /
• 2010

Recently as the number of users and application traffic is increasing on high speed network, the importance of application traffic classification is growing more and more for efficient network resource management. Although a number of methods and algorithms for traffic classification have been introduced, they have some limitations in terms of accuracy and completeness. In this paper we propose an application traffic classification based multi-level architecture which integrates several signature-based methods and behavior algorithm, and analyzes traffic using correlation among traffic flows. By strengthening the strength and making up for the weakness of individual methods we could construct a flexible and robust multi-level classification system. Also, by experiments with our campus network traffic we proved the performance and validity of the proposed mechanism.

• Asian-Australasian Journal of Animal Sciences
• /
• v.33 no.2
• /
• pp.187-196
• /
• 2020

Objective: Porcine respiratory disease is one of the most important health problems causing significant economic losses. To understand the genetic basis for susceptibility to swine enzootic pneumonia (EP) in pigs, we detected 102,809 single nucleotide polymorphisms in a total of 249 individuals based on genome-wide sequencing data. Methods: Genome comparison of susceptibility to swine EP in three pig breeds (Jinhua, Erhualian, and Meishan) with two western lines that are considered more resistant (Duroc and Landrace) using cross-population extended haplotype homozygosity and F-statistic (F_ST) statistical approaches identified 691 positively selected genes. Based on quantitative trait loci, gene ontology terms and literature search, we selected 14 candidate genes that have convincible biological functions associated with swine EP or human asthma. Results: Most of these genes were tested by several methods including transcription analysis and candidate genes association study. Among these genes: cytochrome P450 1A1 and catenin beta 1 (CTNNB1) are involved in fertility; transforming growth factor beta receptor 3 plays a role in meat quality traits; Wnt family member 2, CTNNB1 and transcription factor 7 take part in adipogenesis and fat deposition simultaneously; plasminogen activator, urokinase receptor (completely linked to AXL receptor tyrosine kinase, r² = 1) plays an essential role in the successful ovulation of matured oocytes in pigs; colipase like 2 (strongly linked to SAM pointed domain containing ETS transcription factor, r² = 0.848) is involved in male fertility. Conclusion: These adverse genes susceptible to swine EP may be selected while selecting for economic traits (especially reproduction traits) due to pleiotropic and hitchhiking effect of linked genes. Our study provided a completely new point of view to understand the genetic basis for susceptibility or resistance to swine EP in pigs thereby, provides insight for designing sustainable breed selection programs. Finally, the candidate genes are crucial due to their potential roles in respiratory diseases in a large number of species, including human.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.350-359
• /
• 2014

With the rapid growth of Internet, the importance of application traffic analysis is increasing for efficient network management. The statistical information in traffic flows can be efficiently utilized for application traffic identification. However, the packet out-of-order and retransmission occurred at the traffic collection point reduces the performance of the statistics-based traffic analysis. In this paper, we propose a novel method to detect and resolve the packet out-of-order and retransmission problem in order to improve completeness and accuracy of the traffic identification. To prove the feasibility of the proposed method, we applied our method to a real traffic analysis system using statistical flow information, and compared the performance of the system with the selected 9 popular applications. The experiment showed maximum 4% of completeness growth in traffic bytes, which shows that the proposed method contributes to the analysis of heavy flow.

• Journal of the Korea Society for Simulation
• /
• v.21 no.3
• /
• pp.17-24
• /
• 2012

This paper suggests Effectiveness Evaluation Methods of DDoS attacks countermeasures model by simulation. According to the security objectives that are suggested by NIST(National Institute of Standards and Technology), It represents a hierarchical Effectiveness Evaluation Model. we calculated the weights of factors that security objectives, security controls, performance indicator through AHP(Analytic Hierarchy Process) analysis. Subsequently, we implemented Arena Simulation Model for the calculation of function points at the performance indicator. The detection and protection algorithm involve methods of critical-level setting, signature and anomaly(statistic) based detection techniques for Network Layer 4, 7 attacks. Proposed Effectiveness Evaluation Model can be diversely used to evaluate effectiveness of countermeasures and techniques for new security threats each organization.