• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.6
• /
• pp.2188-2203
• /
• 2021

With the rapid development of mobile Internet, smart phones have been widely popularized, among which Android platform dominates. Due to it is open source, malware on the Android platform is rampant. In order to improve the efficiency of malware detection, this paper proposes deep learning Android malicious detection system based on behavior features. First of all, the detection system adopts the static analysis method to extract different types of behavior features from Android applications, and extract sensitive behavior features through Term frequency-inverse Document Frequency algorithm for each extracted behavior feature to construct detection features through unified abstract expression. Secondly, Long Short-Term Memory neural network model is established to select and learn from the extracted attributes and the learned attributes are used to detect Android malicious applications, Analysis and further optimization of the application behavior parameters, so as to build a deep learning Android malicious detection method based on feature analysis. We use different types of features to evaluate our method and compare it with various machine learning-based methods. Study shows that it outperforms most existing machine learning based approaches and detects 95.31% of the malware.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.333-336
• /
• 2022

With the development of IT technology, cybercrime is becoming sophisticated and intelligent. In particular, in the case of BackDoor, which is used in the APT attack (intelligent continuous attack), it is very important to detect malicious behavior and respond to infringement because it is often unaware that it has been damaged by an attacker. This paper aims to build an EDR platform that can monitor, analyze, and respond to malicious behavior in real time by collecting, storing, analyzing, and visualizing logs in an endpoint environment in real time using open source-based analysis solutions ELK Stack and Sysmon.

• Korean Journal of Remote Sensing
• /
• v.30 no.4
• /
• pp.445-454
• /
• 2014

In recent days, trend technologies for cloud, bigdata, or mobile, as the important marketable keywords or paradigm in Information Communication Technology (ICT), are widely used and interrelated each other in the various types of platforms and web-based services. Especially, the combination of cloud and mobile is recognized as one of a profitable business models, holding benefits of their own. Despite these challenging aspects, there are a few application cases of this model dealing with geo-based data sets or imageries. Among many considering points for geo-based cloud application on mobile, this study focused on a performance test of mobile cloud of Bayesian image fusion algorithm with satellite images. Two kinds of cloud platform of Amazon and OpenStack were built for performance test by CPU time stamp. In fact, the scheme for performance test of mobile cloud is not established yet, so experiment conditions applied in this study are to check time stamp. As the result, it is revealed that performance in two platforms is almost same level. It is implied that open source mobile cloud services based on OpenStack are enough to apply further applications dealing with geo-based data sets.

• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.77-86
• /
• 2018

For the past few years, KISTI has been servicing an online simulation execution platform, called EDISON, allowing users to conduct simulations on various scientific applications supplied by diverse computational science and engineering disciplines. Typically, these simulations accompany large-scale computation and accordingly produce a huge volume of output data. One critical issue arising when conducting those simulations on an online platform stems from the fact that a number of users simultaneously submit to the platform their simulation requests (or jobs) with the same (or almost unchanging) input parameters or files, resulting in charging a significant burden on the platform. In other words, the same computing jobs lead to duplicate consumption computing and storage resources at an undesirably fast pace. To overcome excessive resource usage by such identical simulation requests, in this paper we introduce a novel framework, called IceSheet, to efficiently manage simulation data based on execution metadata, that is, provenance. The IceSheet framework captures and stores each provenance associated with a conducted simulation. The collected provenance records are utilized for not only inspecting duplicate simulation requests but also performing search on existing simulation results via an open-source search engine, ElasticSearch. In particular, this paper elaborates on the core components in the IceSheet framework to support the search and reuse on the stored simulation results. We implemented as prototype the proposed framework using the engine in conjunction with the online simulation execution platform. Our evaluation of the framework was performed on the real simulation execution-provenance records collected on the platform. Once the prototyped IceSheet framework fully functions with the platform, users can quickly search for past parameter values entered into desired simulation software and receive existing results on the same input parameter values on the software if any. Therefore, we expect that the proposed framework contributes to eliminating duplicate resource consumption and significantly reducing execution time on the same requests as previously-executed simulations.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.1
• /
• pp.157-164
• /
• 2012

This paper introduces an implementation of SVC player which runs on Android platform and can play SVC video stream on line from SVC video server. SVC(Scalable Video Coding) is a scalable video encoding technique which supports three scalability such as temporal scalability, spatial scalability, and quality scalability. To implement the SVC player on Android, we implemented a SVC decoder using JSVM open source written in C/C++ as a native part on Android and developed Android UI in Java. Also we built an SVC encoding system off line and an SVC streaming server to conduct on-line SVC streaming experiments. Finally, after we installed the SVC player developed in this paper on Motoroi mobile phone, we evaluated and analyzed on-line streaming performance of the SVC player. The result showed that the player worked well and it had no jitter in streaming with the size of QCIF and 10fps from a fully encoded SVC video source.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06a
• /
• pp.259-261
• /
• 2012

클라우드 컴퓨팅은 정보가 인터넷 상의 서버에 영구적으로 저장되고 데스크탑이나 테이블 컴퓨터, 노트북, 벽걸이 컴퓨터, 휴대용 기기 등과 같은 클라이언트에는 일시적으로 보관되는 패러다임을 뜻한다. 가용성과 사용상의 편의에 대한 요구의 증가로 최근들어 빠른 속도로 발전하는 모습을 보이고 있다. 클라우드 컴퓨팅은 제공하는 서비스의 유형에 따라 IaaS(Infrastructure as a Service), PaaS(Platform as a Service), SaaS(Software as a Service)로 나뉜다. 이 중 IaaS는 인프라를 서비스로 제공하는 모델이다. 이를 구현한 오픈소스 클라우드 플랫폼으로 오픈스택과 클라우드 스택이 대표적이다. 시트릭스는 자사가 개발중인 클라우드 플랫폼인 클라우드스택을 아파치 라이센스로 전환하겠다고 발표했다. 이전까지 같은 종류의 클라우드 플랫폼인 오픈스택의 회원사로 참여하고 있던 시트릭스가 오픈스택 그룹에서 탈퇴하고 클라우드스택을 지원한다는 발표는 큰 관심을 받았다. 본 논문에서는 여러 오픈소스 클라우드 플랫폼 중 오픈스택과 클라우드스택을 비교해보고, 이를 통해 향후 오픈소스 클라우드 플랫폼의 발전가능성에 대해 고찰해보고자 한다.

• Korean Journal of Remote Sensing
• /
• v.28 no.3
• /
• pp.337-346
• /
• 2012

In the view from most application system developers and users, cloud computing becomes popular in recent years and is still evolving. But in fact it is not easy to reach at the level of actual operations. Despite, it is known that the cloud in the practical stage provides a new pattern for deploying a geo-spatial application. However, domestically geo-spatial application implementation and operation based on this concept or scheme is on the beginning stage. It is the motivation of this works. Although this study is an introductory level, a simple and practical processed result was presented. This study was carried out on Amazon web services platform, as infrastructure as a service in the geo-spatial areas. Under this environment, cloud instance, a web and mobile system being previously implemented in the multi-layered structure for geo-spatial open sources of database and application server, was generated. Judging from this example, it is highly possible that cloud services with the functions of geo-processing service and large volume data handling are the crucial point, leading a new business model for civilian remote sensing application and geo-spatial enterprise industry. The further works to extend geo-spatial applications in cloud computing paradigm are left.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1471-1492
• /
• 2015

The rapid development of smartphone technologies have resulted in the evolution of mobile botnets. The implications of botnets have inspired attention from the academia and the industry alike, which includes vendors, investors, hackers, and researcher community. Above all, the capability of botnets is uncovered through a wide range of malicious activities, such as distributed denial of service (DDoS), theft of business information, remote access, online or click fraud, phishing, malware distribution, spam emails, and building mobile devices for the illegitimate exchange of information and materials. In this study, we investigate mobile botnet attacks by exploring attack vectors and subsequently present a well-defined thematic taxonomy. By identifying the significant parameters from the taxonomy, we compared the effects of existing mobile botnets on commercial platforms as well as open source mobile operating system platforms. The parameters for review include mobile botnet architecture, platform, target audience, vulnerabilities or loopholes, operational impact, and detection approaches. In relation to our findings, research challenges are then presented in this domain.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.736-739
• /
• 2017

Recently, makers who do not have huge production equipments and who actually make products that they thought by utilizing digital production tools are emerging as new trends. As these makers shared how to make products, the 'maker movement', an open source manufacturing movement, spread. In the case of the domestic market, the maker movement is being activated through the government's policy support. However, compared to developed countries, there is not enough awareness and environment of maker culture, and only open platform hardware and software are used without specialized education / development equipment or kit for maker. Therefore, in this paper, we implement a MQTT protocol based Internet object maker kit for real service interworking rather than simple data connection through hardware connection.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.8
• /
• pp.3904-3917
• /
• 2017

IP multimedia subsystem (IMS) is an open standardized architecture for delivering multimedia service over IP network in a route-agnostic manner. With the increasing popularity of conversational class service, the delivery of a traffic flow with a certain bandwidth demand over a single network path is either not possible or not cost-effective. Multipath transmission is considered to be a promising solution to provide high-quality delivery service. This paper proposes a software defined service overlay network (SDSON) based multipath transmission framework for IMS, which is complementary to existing network architecture. The framework transforms original two-party session negotiation into three-party session negotiation that supports participants to negotiate multipath transmission capacity and path information by signaling message. Based on existing IETF standards, SIP and SDP are scalable to support these functions. Finally, the proposed framework is fully implemented on open source platform and examined by experiments. Experimental results show that multipath-enabled IMS is an effective way to improve the delivery performance of conversational class service.