• ETRI Journal
• /
• v.43 no.1
• /
• pp.40-52
• /
• 2021

DNS (Domain Name System) tunnels almost obscure the true network activities of users, which makes it challenging for the gateway or censorship equipment to identify malicious or unpermitted network behaviors. An efficient way to address this problem is to conduct a temporal-spatial analysis on the tunnel traffic. Nevertheless, current studies on this topic limit the DNS tunnel to those with a single protocol, whereas more than one protocol may be used simultaneously. In this paper, we concentrate on the refined identification of two protocols mixed in a DNS tunnel. A feature set is first derived from DNS query and response flows, which is incorporated with deep neural networks to construct a regression model. We benchmark the proposed method with captured DNS tunnel traffic, the experimental results show that the proposed scheme can achieve identification accuracy of more than 90%. To the best of our knowledge, the proposed scheme is the first to estimate the ratios of two mixed protocols in DNS tunnels.

• Structural Engineering and Mechanics
• /
• v.85 no.1
• /
• pp.119-133
• /
• 2023

Impact event is the key factor influencing the operational state of the mechanical equipment. Additionally, nonlinear factors existing in the complex mechanical equipment which are currently attracting more and more attention. Therefore, this paper proposes a novel hybrid-separate identification strategy to solve the force identification problem of the nonlinear structure under impact excitation. The 'hybrid' means that the identification strategy contains both l1-norm (sparse) and l2-norm regularization methods. The 'separate' means that the nonlinear response part only generated by nonlinear force needs to be separated from measured response. First, the state-of-the-art two-step iterative shrinkage/thresholding (TwIST) algorithm and sparse representation with the cubic B-spline function are developed to solve established normalized sparse regularization model to identify the accurate impact force and accurate peak value of the nonlinear force. Then, the identified impact force is substituted into the nonlinear response separation equation to obtain the nonlinear response part. Finally, a reduced transfer equation is established and solved by the classical Tikhonove regularization method to obtain the wave profile (variation trend) of the nonlinear force. Numerical and experimental identification results demonstrate that the novel hybrid-separate strategy can accurately and efficiently obtain the nonlinear force and impact force for the nonlinear structure.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.71-77
• /
• 2004

In general, security server controls information of people who usually come to building. In order to exit and entrance, while they bring Identification card into contact with card reader, server admits them into building after asks whether their informations are or not in database. However if many People want to exit and entrance in all direction. it may give rise to a serious traffic congestion. Therefore the delay is due to server's overload. In this paper, we suggested IZA(Identification Zone Algorithm) in order to prevent of traffic congestion.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.2B
• /
• pp.131-140
• /
• 2011

As the number of Internet users and applications is increasing, the importance of application traffic classification is growing more and more for efficient network management. While a number of methods for traffic classification have been introduced, such as signature-based and machine learning-based methods, Skype application, which uses encrypted communication on its own P2P network, is known as one of the most difficult traffic to identify. In this paper we propose a novel method to identify Skype application traffic on the fly. The main idea is to setup a list of Skype host information {IP, port} by examining the packets generated in the Skype login process and utilizes the list to identify other Skype traffic. By implementing the identification system and deploying it on our campus network, we proved the performance and feasibility of the proposed method.

• Journal of the Korean Society for Aviation and Aeronautics
• /
• v.20 no.1
• /
• pp.19-25
• /
• 2012

The air traffic situation variables were emphasized in this research to review the awareness level of job performance of military air traffic controllers in application of air traffic situation variables such as detection of aircraft identification, type of aircraft, position ,speed, altitude, determination of separation between departing and arriving in-trail aircraft, physical airport conditions, adverse weather conditions, NAVAID outage and ATC facilities' operational status. In this respect, This study was conducted under the auspice of ATC facility operating agencies and devoting air force air traffic controller's participation by answering the questionnaires from nine radar approach control facilities and other air traffic control towers.

• 한국ITS학회:학술대회논문집
• /
• v.2007 no.10
• /
• pp.214-218
• /
• 2007

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.2
• /
• pp.26-36
• /
• 2008

This study proposed a traffic responsive urban traffic control system using RFID(Radio Frequency Identification) technology to get traffic information. The proposed system is a decentralized control using model predictive control. The objective of proposed system is to get traffic data using advanced technology for controlling the junctions' traffic rights. A simulation example is provided to demonstrate the applicability of the proposed model.

• Journal of KIISE:Information Networking
• /
• v.37 no.6
• /
• pp.477-482
• /
• 2010

Recently, advanced Internet applications such as Internet telephone, multimedia streaming, and file sharing have appeared. Especially, P2P or web-based file sharing applications have been notorious for their illegal usage of contents and massive traffic consumption by a few users. This paper presents a novel method to identify the P2P or web-based file names with traffic monitoring. For this purpose, we have utilized the Korean decoding method on the IP packet payload. From experiments, we have shown that the file names requested by BitTorrent, Clubbox, and Tple applications could be correctly identified.

• 제어로봇시스템학회:학술대회논문집
• /
• 1996.10a
• /
• pp.145-148
• /
• 1996

In moving object tracking based on the visual sensory feedback, a prerequisite is to determine which feature or which object is to be tracked and then the feature or the object identification precedes the tracking. In this paper, we focus on the object identification not image feature identification. The target identification is realized by finding out corresponding line segments to the hypothesized model segments of the target. The key idea is the combination of the Mahalanobis distance with the geometrica relationship between model segments and extracted line segments. We demonstrate the robustness and feasibility of the proposed target identification algorithm by a moving vehicle identification and tracking in the video traffic surveillance system over images of a road scene.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1572-1593
• /
• 2018

The diversity and fast growth of Internet traffic volume are highly influenced by mobile and computer applications being developed. Moreover, the developed applications are too dynamic to be identified and monitored by network administrators. Several approaches have been proposed to identify network applications, however, are still not robust enough to identify modern applications. This paper proposes both, TSA (Traffic collection, Signature generation and Applications identification) system and a derived algorithm so called CSP (Contiguous Sequential Patterns) to identify applications for management and security in IP networks. The major focus of this paper is the CSP algorithm which is automated in two modules (Signature generation and Applications identification) of the proposed system. The proposed CSP algorithm generates DNA-like unique signatures capable of identifying applications and their individual services. In this paper, we show that the algorithm is suitable for generating efficient signatures to identify applications and application services in high accuracy.