• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1141-1151
• /
• 2018

In an APT attack, the communication stage between infected hosts and C&C(Command and Control) server is the key stage for intrusion into the attack target. Attackers can control multiple infected hosts by the C&C Server and direct intrusion and exploitation. If the C&C Server is exposed at this stage, the attack will fail. Therefore, in recent years, the Domain Generation Algorithm (DGA) has replaced DNS in C&C Server with a short time interval for making detection difficult. In particular, it is very difficult to verify and detect all the newly registered DNS more than 5 million times a day. To solve these problems, this paper proposes a model to judge DGA-DNS detection by the morphological similarity analysis of normal DNS and DGA-DNS, and to determine the sign of APT attack through it, then we verify its validity.

• The Journal of the Korea Contents Association
• /
• v.11 no.4
• /
• pp.18-26
• /
• 2011

According that smart phones have been widely used, their users can easily access various information around the devices through location information services equipped to the smart phone devices. In this paper, we propose a WeWhere which is a system of client-server model for providing the current location among several smart phone users in real time. A client-side smartphone user send to a server his/her current location obtained by applying location information service provided from smart phones and receive location information of all smartphone users connected to the user from the server. The all location information is displayed on a smartphone of a user in client-side and users can track location of their related users. All most 200,000 persons in the world have used the proposed system, WeWhere, normally without overloading of a server system.

• Journal of Internet Computing and Services
• /
• v.10 no.1
• /
• pp.123-134
• /
• 2009

The CRM(Customer Relationship Management) is a business strategy model which can reap higher profits and can provide a competitive edge to an enterprise in today's new business environments. Early next year (2009), the Capital Market Consolidation Act will be in effect in South Korea. This is required for a qualitative growth to provide QoS (Quality of Service) and ensure growth in finance, IT industry & service. Accordingly, the securities and insurance companies, banks and other financial institutions make efforts to improve their derivative financial product and also enhance their services. In this paper we design and implement a Channel Server model for a Scalable Service Channel Server to efficiently manage the high volumes of inbound customer interactions based on the requirements of a CRM center. The proposed Scalable Service Channel Server supports integration with other third party service and standardization of multiple inbound service channels. The proposed model can be efficiently used in an inbound CRM center of any banking, finance, securities and insurance establishments.

• Journal of KIISE
• /
• v.45 no.2
• /
• pp.175-186
• /
• 2018

Recently, HAS (HTTP Adaptive Streaming) has been the subject of much attention to improve the QoE (Quality of Experience). In a high latency network, HAS degrades the QoE due to the lost RTT cycle since it replies with a response of one segment to the request of one segment. The server-push based HAS schemes of downloading multiple segments in one request cause QoE degradation due to the buffer underflow. In this paper, we propose a VSSDS (Video Streaming Scheme based on Dynamic Server-push) scheme to improve the QoE in a high latency network. The proposed scheme adjust video quality by estimating available bandwidth and determine the number of segments to be downloaded for each segment request cycle. Through the simulation, the proposed scheme not only improves the average video bitrate but also alleviates the buffer underflow.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.6 s.324
• /
• pp.17-24
• /
• 2004

This paper proposes an efficient technique to protect e-mail server from DDoS attack using the CBQ (Class Based Queuing) algorithm The proposed method classifies incoming trafic to an e-mail server into three classes: 'more important mail traffic', 'less important traffic' and 'unknown traffic' and assigns bandwidths differently to the traffics. By differentiating the bandwidths of classes, normal mail traffic may flow even under DDoS attack in the proposed technique. The proposed technique is implemented on an embedded system which hires a switching processor with the WFHBD(Weighted Fair Hashed Bandwidth Distribution) engine that has been known as an efficient algorithm to distribute a given bandwidth to multiple sources, and it is verified that it can be an efficient way to protect e-mail server from DDoS attack.

• Journal of the Institute of Electronics Engineers of Korea SP
• /
• v.48 no.2
• /
• pp.116-124
• /
• 2011

In this paper, We implemented vessel USN middleware by server-side method considering characteristics of ocean environment. We designed multiple query process module in order to efficient process multidimensional sensor stream data and proposed optimized query plan using Mjoin query and hash table. This paper proposed method that context aware of vessel and manage considering characteristics of ocean. We decided to risk context using SVM algorithm in context awareness management module. As a result, we obtained about 87.5% average accuracy for fire case and about 85.1% average accuracy for vessel risk case by input 5,000 data sets and implemented vessel USN monitoring system.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.7
• /
• pp.107-115
• /
• 2012

Recently, Li and Hwang scheme proposed a biometrics-based remote user authentication scheme using smart card. It is asserted that this scheme has very excellent benefits by the operation cost efficiency based on the smart card, one-way function and biometrics using random numbers. But this scheme cannot provide the properly authentication, especially, it is analyzed as the vulnerable security scheme for Denial-of-Service(DoS) attacks by impersonate attacks. The attacker controls the insecure channel, they can easily fabricate messages to pass the user's or server's authentication, and the malicious attacker can impersonate the user to cheat the server and can impersonate the server to cheat the user without knowing any secret information. This paper proposes the strong improved scheme which can respond to multiple attacks by supplementing the function of integrity check from the server which applied variable authenticator and OSPA without exposing the user's password information. It is supplemented pregnable of disguise attack and mutual authentication of Li and Hwang scheme.

• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.17-23
• /
• 2013

Clustering is required to configure clustering interdependent structural technology. Clustering handles variable workloads or impede continuity of service to continue operating in the event of a failure. Long as high-availability clustering feature focuses on server operating systems. Active-standby state of two systems when the active server fails, all services are running on the standby server, it takes the service. This function switching or switchover is called failover. Long as high-availability clustering feature focuses on server operating systems. The cluster node that is running on multiple systems and services have to duplicate each other so you can keep track of. In the event of a node failure within a few seconds the second node, the node shall perform the duties broken. Structure for high-availability clustering efficiency should be measured. System performance of infrastructure systems performance, latency, response time, CPU load factor(CPU utilization), CPU processes on the system (system process) channels are represented.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.935-937
• /
• 2013

Currently, depending on the penetration of the mobile device, age of one person one mobile device is open. It is a time when mobile equipment is located to the depths of human life that much. However, equipment for new mobile devices full of, was in the existing, tend to sleeping in the house or abandoned. It is determined that you build one server in a mobile device that individuals have, to be able to break out of the framework of the existing service Twitter and blogs, such as Facebook, and to create multiple Web services with a personality of their own. In this paper, we studied a scheme that can be instead of a simple fixed server, considering the characteristics of only the mobile device and take advantage.

• Proceedings of the KIEE Conference
• /
• 1998.07g
• /
• pp.2373-2376
• /
• 1998

This paper describes the development of the SCADA(Supervisory Control and Data Acquisition) system which can be controlled via the Internet. In this paper, the SCADA system is composed of a number of microprocessor-based RTU(Remote Terminal Unit)s, a MMI(Man Machine Interface) host, a SCADA server, and SCADA clients. There are two protocols used in the system. Each RTU and the MMI host are connected by a RS-485 line and CSMA/CD(Carrier Sense Multiple Access / Collision Detection) protocol is used to communicate with each other. TCP/IP(Transmission Control Protocol/Internet Protocol) is used among the MMI host, the SCADA server, and SCADA clients. The equipments installed in the field are controlled by a number of RTUs. The function of the MMI host is to acquire real-time data from RTUs and control them. The SCADA server supports data transfer between the networked MMI host and the SCADA client on the web-server through TCP/lP. Data transfer is possible regardless of the type of network only if there are TCP/lP Winsock-compatible stack driver. The SCADA client is implemented as the shape of web-page by means of JAVA language. Therefore, it runs on a web-browser such as Netscape and Explorer, and allows a number of users to access this SCADA system.