• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.1 no.1
• /
• pp.52-57
• /
• 2002

A simulation tool for an optimal ATIS design and drivers' dynamic route choice behavior analysis is developed, which is applicable to urban networks. Due to the difficulty to make drivers feel the time pressure according to traffic conditions, current SP questionnaire survey type surveys have a limitation to capture correct driver reactions to real-time traffic Information provision. The simulator Is a web-based upgraded version, named WATiSim (Web-based ATIS Simulator), to quickly perform a wide population survey with a minimal cost using INTERNET Furthermore, the time pressure issue is lessened by its interface and simulation modules. After WATiSim mimicked a VMS based ATIS in a partial network of Seoul Metropolitan, reactions of drivers to various traffic conditions were surveyed through INTERNET and analyzed using a logit model. Drivers under the ATIS environment clearly understood the provided traffic information, and their reactions were closely related to traffic conditions, scheduled delay, trip purposes as well as toll charge if any.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.06a
• /
• pp.69-75
• /
• 2002

In this paper, we propose the realtime network traffic monitoring system usin SNMP that can supported network and system operation, management, expansion, and design using network analysis and diagnosis to a network administrator. The proposed system consists of two parts: analysis server for collection and analysis of the network information, and supports real-time monitoring of network traffic, and client system shows user a graphical data that analyzed a returned result from the server. This system implements web-based technology using Java and contributes to enhance the effectiveness of network administrator's management.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.1342-1345
• /
• 2004

An analytical of throughput and delay on reverse link in a cellular slotted CDMA system with integrated voice and World Wide Web (WWW) traffic is presented in this paper. Our results show that the Gaussian approximation it was found that the voice traffic can have a significant impact on the WWW traffic. It was also found that the different mobiles velocity and number of resolvable paths is impact each other the system performance.

• The KIPS Transactions:PartC
• /
• v.15C no.4
• /
• pp.321-328
• /
• 2008

In this paper, we analyze web response time depending on queue managements and transmission latencies in highly congested network situation. Under FIFO scheme, the response times are for three different sizes of queue are almost the same, but the response time increases as traffic intensity increases. The performance between different queue sizes shows more different in 90% and 98% traffic intensity than in 80% traffic intensity. Especially the difference becomes bigger in short latency case than long latency case. Under RED scheme, three differently tunned RED schemes do not impact on the response time when the size of queue is relatively large. When the queue size becomes smaller, the response time of the differently tunned RED schemes becomes different for short latency case while the response times are almost same for long latency case. When comparing FIFO and RED schemes under same size of queue, RED scheme shows less response time than that of FIFO for the long latency case in high traffic intensity.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.2B
• /
• pp.279-288
• /
• 2004

Rapidly emerging P2P(Peer to Peer) applications generate very bursty traffic, which gives a lot of burden to network, and the amount of such traffic is increasing rapidly. Thus it is becoming more important to understand the characteristics of such traffic and reflect it when we design and analyze the network. To do that we measured the traffic in a campus network and present flow statistics and traffic models of the measured traffic, and compare them with those of the web traffic. The results indicate that P2P traffic is much burstier than web traffic and as a result it negatively affects network performance. We modeled P2P traffic using self-similar traffic model to predict packet delay and loss occurred in network which are very important to evaluate network performance. We also predict queue length distribution and loss probability in SSQ(Single Sewer Queue). To assess accuracy of traffic model, we compare the SSQ statistics of traffic models with that of the traffic trace. The results show that self-similar traffic models we use can predict P2P traffic behavior in network precisely. It is expected that the traffic models we derived can be used when we design network capacity and predict network performance and QoS of the P2P applications.

• KIISE Transactions on Computing Practices
• /
• v.21 no.10
• /
• pp.651-657
• /
• 2015

The amount of web traffic has increased as a result of the rapid growth of the use of web-based applications. In order to obtain valuable information from web logs, we need to develop systems that can support interactive, flexible, and efficient ways to analyze and handle large amounts of data. In this paper, we present CERES, a log-based, interactive web analytics system for backbone networks. Since CERES focuses on analyzing web log records generated from backbone networks, it is possible to perform a web analysis from the perspective of a network. CERES is designed for deployment in a server cluster using the Hadoop Distributed File System (HDFS) as the underlying storage. We transform and store web log records from backbone networks into relations and then allow users to use a SQL-like language to analyze web log records in a flexible and interactive manner. In particular, we use the data cube technique to enable the efficient statistical analysis of web log. The system provides users a web-based, multi-modal user interface.

• Journal of the Korea Society for Simulation
• /
• v.18 no.1
• /
• pp.27-34
• /
• 2009

Currently network users, especially the number of internet users, increase rapidly. Also, high quality of service is required and this requirement results a sudden network traffic increment. As a result, an efficient management system for huge network traffic becomes an important issue. Ontology/data engineering based context awareness using the System Entity Structure (SES) concepts enables network administrators to access traffic data easily and efficiently. The network traffic analysis system, which is studied in this paper, is designed and implemented based on a model and simulation using data engineering methodology to be avaiable in evaluating large network traffic data. Extensible Markup Language (XML) is used for metadata language in this system. The information which is extracted from the network traffic analysis system could be modeled and simulated in Discrete Event Simulation (DEVS) methodology for further works such as post simulation evaluation, web services, and etc.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.1
• /
• pp.69-75
• /
• 2016

The performance of a web application is an essential issue to provide high quality of the services in interactive web environments. On a sudden increase in traffic in a very short span of time, the servers became CPU starved and would become unresponsive. This would lead to a bad experience for the clients of web service. This paper deals with the effects of two configurable software settings of J2EE application servers: the maximum size of the thread pool and the maximum size of database connection pool. In order to figure out the optimum configuration value, this paper builds experimental evaluation method for web performance analysis. Finally, a case study related with the proper experimental method is presented with performance result.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11
• /
• pp.2900-2910
• /
• 1999

Since its introduction in the early 1990s, the quick growth of the world Wide Web (WWW) traffic raises the question whether past LAN packet traces still reflect the current situation or whether they have become obsolete. For this study, several LAN packet traces were obtained by monitoring the LAN of a typical academic environment. The tools for monitoring the network were a stand-alone HP LAN Protocol Analyzer as well as the free-ware software tool tcpdump. Our main focus was placed on acquiring a low-level overview of the LAN traffic. Thus, we could determine what protocols were mainly used and how the packet sizes were distributed. In particular, we were interested in establishing the amount of WWW traffic on the LAN, and what MIME-Types this traffic is subdivided into. Our results indicate that in a typical academic environment such as ours, conventional sources of LAN traffic such as NFS are still predominant, whereas WWW traffic plays a rather marginal role. Furthermore, we verified that a large portion of the network packets contains little or no data at all, while another significant portion of the packets has sizes around the MTU. Consequently, research in the networking field has to direct its focus on issues beyond the WWW.