• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.1
• /
• pp.23-34
• /
• 2022

With the development of network technology, the application area has also been diversified, and protocols for various purposes have been developed and the amount of traffic has exploded. Therefore, it is difficult for the network administrator to meet the stability and security standards of the network with the existing traditional switching and routing methods. Software Defined Networking (SDN) is a new networking paradigm proposed to solve this problem. SDN enables efficient network management by programming network operations. This has the advantage that network administrators can flexibly respond to various types of attacks. In this paper, we design a threat level management module, an attack detection module, a packet statistics module, and a flow rule generator that collects attack information through the controller and switch, which are components of SDN, and detects attacks based on these attributes of SDN. It proposes a method to block denial of service attacks (DoS) of advanced attackers by programming and applying honeypot. In the proposed system, the attack packet can be quickly delivered to the honeypot according to the modifiable flow rule, and the honeypot that received the attack packets analyzed the intelligent attack pattern based on this. According to the analysis results, the attack detection module and the threat level management module are adjusted to respond to intelligent attacks. The performance and feasibility of the proposed system was shown by actually implementing the proposed system, performing intelligent attacks with various attack patterns and attack levels, and checking the attack detection rate compared to the existing system.

• Korean Journal of Remote Sensing
• /
• v.38 no.5_3
• /
• pp.873-885
• /
• 2022

The particulate matter (PM) has emerged as a hot topic around the world as it has been reported that PM is related to an increase in mortality and prevalence rates. In South Korea, the importance of PM has been recognized since the late 1990s, and various studies on PM have been conducted. This study investigated the PM research topics and trends for papers (D=2,764) published in Research Information Sharing Service (RISS) using topic modeling based on Latent Dirichlet Allocation (LDA). As a result, a total of 10 topics were identified in the whole papers, and the PM research topics were classified as 'PM reduction (Topic 1)', 'Government policy and management (Topic 2)', 'Characteristics of PM (Topic 3)', 'PM model (Topic 4)', 'Environmental education (Topic 5)', 'Bio (Topic 6)', 'Traffic (Topic 7)', 'Asian dust (Topic 8)', 'Indoor PM (Topic 9)', 'Human risk (Topic 10)'. In particular, the proportion of papers on topics 'Government policy and management (Topic 2)', 'PM model (Topic 4)', 'Environmental education (Topic 5)', and 'Bio (Topic 6)' to the toal number of papers increased over time (linear slope > 0). The results of this study provide the new literature review methodology related to particulate matter and the history and insight.

• The KIPS Transactions:PartC
• /
• v.13C no.2 s.105
• /
• pp.147-154
• /
• 2006

The certificate status validation mechanism is a critical component of a public key infrastructure based on certificate system. The most generally mechanisms used these days are the use of the certificate revocation list and the real-time certificate status protocol. But the certificate revocation list can not give the real-time certificate status because the certificate is being delivered periodically, and the real-time certificate status protocol method will generate a concentrated load to the server because the protocol in the central server will be accessed whenever a certification is necessary. It will also take a long time to validate the certificate because each trade has to send mass information through the network. This paper will present that real-time validation is guaranteed as the real-time certificate status protocol method and the traffic congestion in the network Is reduced in a way that the certification would be requested using the user information hash value and would be validated using the user information kept in the certification authorities and the service providers. Based on the this study, we suggest a real-time certificate status validation mechanism which can reduce the certificate status validation time using the signed user information hash value. And we confirm speed of certificate status verification faster than existing CRL(Certificate Revocation List) and OCSP(Online Certificate Status Protocol) method by test.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.10
• /
• pp.1930-1936
• /
• 2007

Electronic Navigational Charts(ENCs) are official nautical charts which are equivalent to paper charts with supplementary information. Although their main purpose is to be used for the safe navigation of ships, they also contain much information on coasts and seas which may be interesting to ordinary people. However, there is no easy way to access them because of their specialized data format, access method and visualization. This paper proposes m implementation of SVG for the access and services of ENCs. SVG(Scalable Vector Graphic) makes it possible to make use of Vector graphics for map services in basic internet browsing environment. Implementation of SVG for ENC applications by this research is free of special server side GIS mapping system and client side extra technology. The Implementation of SVG for ENC Applications can be summarized as follows: Firstly, SVG provides spatial information to possess searching engine to embody SVG map. Secondly SVG can provide high-quality vector map graphics and interactive facility without special Internet GIS system. It makes it possible to use services with very low cost. Thirdly, SVG information service targeting on maritime transportation can be used as template, so it can be used dynamically any other purpose such as traffic management and vessel monitoring. Many good characteristics of SVG in mapping at computer screen and reusability of SVG document provide new era of visualization of marine geographic information.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.279-290
• /
• 2005

Recently, as the serious damage caused by DDoS attacks increases, the rapid detection and the proper response mechanisms are urgent. However, existing security mechanisms do not effectively defend against these attacks, or the defense capability of some mechanisms is only limited to specific DDoS attacks. In this paper, we propose a detection architecture against DDoS attack using data mining technology that can classify the latest types of DDoS attack, and can detect the modification of existing attacks as well as the novel attacks. This architecture consists of a Misuse Detection Module modeling to classify the existing attacks, and an Anomaly Detection Module modeling to detect the novel attacks. And it utilizes the off-line generated models in order to detect the DDoS attack using the real-time traffic. We gathered the NetFlow data generated at an access router of our network in order to model the real network traffic and test it. The NetFlow provides the useful flow-based statistical information without tremendous preprocessing. Also, we mounted the well-known DDoS attack tools to gather the attack traffic. And then, our experimental results show that our approach can provide the outstanding performance against existing attacks, and provide the possibility of detection against the novel attack.

• Journal of Korean Society for Geospatial Information Science
• /
• v.22 no.3
• /
• pp.137-143
• /
• 2014

Recently, as new paradigm for government operation called government 3.0, government is actively operating policy opening and sharing public data. In addition, the Ministry of Land are operating an open platform integrated map service (the VWorld) which provides a variety of video contents such as the country's national spatial information, traffic information and three-dimensional building for the public. According to W3C Foundation's Open Data Status Report(2013), our country has the evaluated results that the part of the government's policy support and planning is good while the part of the data management is vulnerable. So our country needs the quality improvement for the data management. In addition, a digital aerial photograph image data is required to be up-to-date for the three-dimensional spatial object data. In this paper, we present the method for enhancement of the accuracy of vertical position and for maintainment of up-to-date vertical position. Our methods evaluate the data quality and analyze the cause of error of measurement utilizing the national standard quality assessment method. The result of research shows that the accuracy of vertical position is improved if the height of the building captain is adjusted by the quality assessment values and a three-dimensional model has up-to-date data if reconstruction and extension information of construction register is utilized.

• Journal of KIISE
• /
• v.44 no.1
• /
• pp.1-12
• /
• 2017

The continuously growing internet service requirements has resulted in a multitier system structure consisting of web server and database (DB) server. In this multitier structure, the existing intrusion detection system (IDS) detects known attacks by matching misused traffic patterns or signatures. However, malicious change to the contents at DB server through hypertext transfer protocol (HTTP) requests at the DB server cannot be detected by the IDS at the DB server's end, since the DB server processes structured query language (SQL) without knowing the associated HTTP, while the web server cannot identify the response associated with the attacker's SQL query. To detect these types of attacks, the malicious user is tracked using knowledge on interaction between HTTP request and SQL query. However, this is a practical challenge because system's source code analysis and its application logic needs to be understood completely. In this study, we proposed a scheme to find the HTTP request associated with a given SQL query using only system log files. We first generated an HTTP request-SQL query map from system log files alone. Subsequently, the HTTP request associated with a given SQL query was identified among a set of HTTP requests using this map. Computer simulations indicated that the proposed scheme finds the HTTP request associated with a given SQL query with 94% accuracy.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.10
• /
• pp.1-9
• /
• 2004

User-Perceived application-level performance is a key to the adoption and success of CDMA 2000. To predict this performance in advance, a detailed end-to-end simulation model of a CDMA network was built to include application traffic characteristics, network architecture, network element details, and protocol features. We assess the user application performance when a Radio Access Network (RAN) and a Core Network (CN) adopt different transport architectures such as ATM and If. For voice Performance, we found that the vocoder bypass scenario shows 8% performance improvement over the others. For data packet performance, we found that HTTP v.1.1 shows better performance than that of HTTP v.1.0 due to the pipelining and TCP persistent connection. We also found that If transport technology is better solution for higher FER environment since the IP packet overhead is smaller than that of ATM for web browsing data traffic, while it shows opposite effect to small size voice packet in RAN architecture. Though simulation results we showed that the 3G-lX EV system gives much better packet delay performance than 3G-lX RTT, the main conclusion is that end-to-end application-level performance is affected by various elements and layers of the network and thus it must be considered in all phases of the technology evolution process.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.14 no.2
• /
• pp.163-168
• /
• 2008

Ship detection from satellite remote sensing is a crucial application for global monitoring for the purpose of protecting the marine environment and ensuring marine security. It permits to monitor sea traffic including fisheries, and to associate ships with oil discharge. An automatic ship detection approach for RADARSAT Fine Synthetic Aperture Radar (SAR) image is described and assessed using in situ ship validation information collected during field experiments conducted on August 6, 2004. Ship detection algorithms developed here consist of five stages: calibration, land masking, prescreening, point positioning, and discrimination. The fine image was acquired of Ulsan Port, located in southeast Korea, and during the acquisition, wind speeds between 0 m/s and 0.4 m/s were reported. The detection approach is applied to anchoring ships in the anchorage area of the port and its results are compared with validation data based on Vessel Traffic Service (VTS) radar. Our analysis for anchoring ships, above 68 m in length (LOA), indicates a 100% ship detection rate for the RADARSAT single beam mode. It is shown that the ship detection performance of SAR for smaller ships like barge could be higher than the land-based radar. The proposed method is also applied to estimate the ship's dimensions of length and breadth from SAR radar cross section(RCS), but those values were comparatively higher than the actual sizes because of layover and shadow effects of SAR.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.10
• /
• pp.391-398
• /
• 2021

Since the leased line is a structure that exclusively uses two connected areas for data transmission, a stable quality level and security are ensured, and despite the rapid increase in the number of switched lines, it is a line method that is continuously used a lot in companies. However, because the cost is relatively high, one of the important roles of the network operator in the enterprise is to maintain the optimal state by properly arranging and utilizing the resources of the network leased line. In other words, in order to properly support business service requirements, it is essential to properly manage bandwidth resources of leased lines from the viewpoint of data transmission, and properly predicting and managing leased line usage becomes a key factor. Therefore, in this study, various prediction models were applied and performance was evaluated based on the actual usage rate data of leased lines used in corporate networks. In general, the performance of each prediction was measured and compared by applying the smoothing model and ARIMA model, which are widely used as statistical methods, and the representative models of deep learning based on artificial neural networks, which are being studied a lot these days. In addition, based on the experimental results, we proposed the items to be considered in order for each model to achieve good performance for prediction from the viewpoint of effective operation of leased line resources.