• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2381-2390
• /
• 2011

This paper presents the effective and detailed secure monitoring method being used based on Secure OS. For this, the detailed secure log of process, object, user's command and database query in task server are collected by 3 kinds of log collecting module. The log collecting modules are developed by ourselves and contained as constituents of security system. Secure OS module collects process and system secure log of objective unit, Backtracker module collects user's command session log, SQLtracker module collects database query in details. When a system auditor monitors and traces the behaviour of specified user or individual user, the mutual connection method between the secure logs can support detailed auditing and monitering effectively.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.85-96
• /
• 2015

In IT system, logs are an indicator of the previous key events. Therefore, when a security problem occurs in the system, logs are used to find evidence and solution to the problem. So, it is important to ensure the integrity of the stored logs. Existing schemes have been proposed to detect tampering of the stored logs after the key has been exp osed. Existing schemes are designed separately in terms of log transmission and storage. We propose a new log sys tem for integrating log transmission with storage. In addition, we prove the security requirements of the proposed sc heme and computational efficiency with existing schemes.

• Convergence Security Journal
• /
• v.15 no.2
• /
• pp.33-41
• /
• 2015

A safe Linux system for security enhancement should have an audit ability that prohibits an illegal access and alternation of data as well as trace ability of illegal activities. In addition, construction of the log management and monitoring system is a necessity to clearly categorize the responsibility of the system manager or administrator and the users' activities. In this paper, the Linux system's Security Log is analyzed to utilize it on prohibition and detection of an illegal protrusion converting the analyzed security log into a database. The proposed analysis allows a safe management of the security log. This system will contribute to the enhancement of the system reliability by allowing quick response to the system malfunctions.

• Proceedings of the KIEE Conference
• /
• 2002.11c
• /
• pp.465-468
• /
• 2002

Today large corporations are constructing distributed server environment. Many corporations are respectively operating Web server, FTP server, Mail server and DB server on heterogeneous operation. However, there is the problem that a manager must manage each server individually. In this paper, we present distributed FTP server for log mining system on ACE. Proposed log mining system is based upon ACE (Adaptive Communication Environment) framework and data mining techniques. This system provides a united operation with distributed FTP server.

• Journal of Information Technology Applications and Management
• /
• v.13 no.4
• /
• pp.141-153
• /
• 2006

According to supply of super high way internet service, importance of security becomes more emphasizing. Therefore, flawless security solution is needed for blocking information outflow when we send or receive data. large enterprise and public organizations can react to this problem, however, small organization with limited work force and capital can't. Therefore they need to elevate their level of information security by improving their information security system without additional money. No hackings can be done without passing invasion blocking system which installed at the very front of network. Therefore, if we manage.isolation log effective, we can recognize hacking trial at the step of pre-detection. In this paper, it supports information security manager to execute isolation log analysis very effectively. It also provides isolation log analysis module which notifies hacking attack by analyzing isolation log.

• Progress in Medical Physics
• /
• v.28 no.3
• /
• pp.129-133
• /
• 2017

The machine log files recorded by a scanning control unit in proton beam therapy system have been studied to be used as a quality assurance method of scanning beam deliveries. The accuracy of the data in the log files have been evaluated with a standard calibration beam scan pattern. The proton beam scan pattern has been delivered on a gafchromic film located at the isocenter plane of the proton beam treatment nozzle and found to agree within ${\pm}1.0mm$. The machine data accumulated for the scanning beam proton therapy of five different cases have been analyzed using a statistical method to estimate any systematic error in the data. The high-precision scanning beam log files in line scanning proton therapy system have been validated to be used for off-line scanning beam monitoring and thus as a patient-specific quality assurance method. The use of the machine log files for patient-specific quality assurance would simplify the quality assurance procedure with accurate scanning beam data.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.39 no.2
• /
• pp.129-137
• /
• 2016

To identify the cause of the error and maintain the health of system, an administrator usually analyzes event log data since it contains useful information to infer the cause of the error. However, because today's systems are huge and complex, it is almost impossible for administrators to manually analyze event log files to identify the cause of an error. In particular, as OpenStack, which is being widely used as cloud management system, operates with various service modules being linked to multiple servers, it is hard to access each node and analyze event log messages for each service module in the case of an error. For this, in this paper, we propose a novel message-based log analysis method that enables the administrator to find the cause of an error quickly. Specifically, the proposed method 1) consolidates event log data generated from system level and application service level, 2) clusters the consolidated data based on messages, and 3) analyzes interrelations among message groups in order to promptly identify the cause of a system error. This study has great significance in the following three aspects. First, the root cause of the error can be identified by collecting event logs of both system level and application service level and analyzing interrelations among the logs. Second, administrators do not need to classify messages for training since unsupervised learning of event log messages is applied. Third, using Dynamic Time Warping, an algorithm for measuring similarity of dynamic patterns over time increases accuracy of analysis on patterns generated from distributed system in which time synchronization is not exactly consistent.

• Convergence Security Journal
• /
• v.15 no.5
• /
• pp.37-45
• /
• 2015

In IT system, logs are an indicator of the previous key events. Therefore, when a security problem occurs in the system, logs are used to find evidence and solution to the problem. So, it is important to ensure the integrity of the stored logs. Existing schemes have been proposed to detect tampering of the stored logs after the key has been exp osed. Existing schemes are designed separately in terms of log transmission and storage. We propose a new log sys tem for integrating log transmission with storage. In addition, we prove the security requirements of the proposed sc heme and computational efficiency with existing schemes.

• Journal of Plant Biology
• /
• v.15 no.3
• /
• pp.1-8
• /
• 1972

A comparison between the productivity of the evergreen needle pine(Pinus densiflora) and of the deciduous broad leaved oak(Quercus mongolica) stands, which is located near Choon-Chun city, Kangwon dist. have been established. The pine stand had a stand density of 938 trees per ha and oak stand had of 638 trees per ha. The diameter at breast height (D) and the height of tree (H) of each tree were measured in sample plot of 800$m^2$. Twelve standard sample trees chose from the sample area felled down, and then weighed the stem, branches and leaves separately, according to both the stratified clip technique and the stem analysis. The vertical distribution of photosynthetic system was arranged effectively for high productivity in the productive structure of both trees. The allometric relation between D2H and dry weight of stem (Ws), branches (Wb) and leaves (Wl) of pine were approximated by log Ws=0.6212 log D2H-0.5383 log Wb=0.4681 log D2H-0.7236 log Wl=0.2582 log D2H-5.1567 and those of oak were approximated by log Ws=0.5125 log D2H＋0.0231 log Wb=0.5125 log D2H-0.3755 log Wl=0.8721 log D2H-2.9710 From the above, the standing crops of pine and oak in the sample area were estimated to be as much as 38.83ton and 48.11 ton of dry matter, above ground, per ha, respectively. Annual net production as the sum of the biomass newly formed during one year was appraised at 12.66ton/ha.yr in pine stand and at 8.74 ton/ha.yr in oak. The reason of high productivity of pine stand compared with oak might be resulted from much more about 4 times of the amount of the photosynthetic system, but less non-photosynthetic one of pine than those of oak. To increase the productivity of the forest stands investigated it was necessary to make densly a stand density, to be abundant in the inorganic nutrients and to preserve much water in soil to conserve the litters.

• Journal of Convergence for Information Technology
• /
• v.7 no.1
• /
• pp.35-42
• /
• 2017

In this paper, we propose to implement an integrated monitoring system using log data to reduce the load of analysis task of information security officer and to detect information leak in advance. To do this, we developed a transmission module between different model DBMS that transmits large amount of log data generated by the individual security system (MSSQL) to the integrated monitoring system (ORACLE), and the transmitted log data is digitized by individual and individual and researches about the continuous inspection and measures against malicious users when the information leakage symptom is detected by using the numerical data.