• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.542-547
• /
• 2003

A network based intrusion detection system(N-IDS), can detect intruders coming in through packets in real time environment. The ability of capture of packet is the most important factor when we evaluate the performance of the system. The time delay between the time handling one packet capture and next one is variant become of packet handling mechanism. So for N-IDS can not settle this problem because most systems use a single processor. In this thesis, we solve the problem of irregular tine delay with a file socket and multi-thread processing. We designed and implement, the Crasto system. By an accurate observation, the performance testing shows that the Crasto reduces the capture delay time to 1/5 comparing to the existing single process N-IDS, and maintain delay time regularly.

• Journal of Information Technology Services
• /
• v.16 no.1
• /
• pp.73-82
• /
• 2017

Recently in-memory data stream processing has been actively applied to various subjects such as query processing, OLAP, data mining, i.e., frequent item sets, association rules, clustering. However, finding regular periodic patterns of events in an infinite data stream gets less attention. Most researches about finding periods use autocorrelation functions to find certain changes in periodic patterns, not period itself. And they usually find periodic patterns in time-series databases, not in data streams. Literally a period means the length or era of time that some phenomenon recur in a certain time interval. However in real applications a data set indeed evolves with tiny differences as time elapses. This kind of a period is called as a pseudo-period. This paper proposes a new scheme called FPMH (Finding Periods using Multiple Hash functions) algorithm to find such a set of pseudo-periods over a data stream based on multiple hash functions. According to the type of pseudo period, this paper categorizes FPMH into three, FPMH-E, FPMH-PC, FPMH-PP. To maximize the performance of the algorithm in the data stream environment and to keep most recent periodic patterns in memory, we applied decay mechanism to FPMH algorithms. FPMH algorithm minimizes the usage of memory as well as processing time with acceptable accuracy.

• The KIPS Transactions:PartA
• /
• v.8A no.1
• /
• pp.16-26
• /
• 2001

This paper proposes an extended scheduler model that is an extension of the existing model proposed already in [4, 5], which consists of upper layer task scheduler and lower layer scheduling framework. However, in order to support aperiodic task scheduling, the task scheduler has been divided into two parts, such as periodic task control component and aperiodic task control component. Thus, the proposed model can support various bandwidth-preserving servers that can service aperiodic tasks. The model distinctly separates a classic monolithic kernel scheduler into several kernel components according to their functionality. This enables system developers to implement a new scheduling algorithm or aperiodic task server independent of complex low kernel mechanism, and reconfigure the system at need. In Real-Time Linux [6], we implemented the proposed scheduling framework representative scheduling algorithms, and server bandwidth-preserving servers on purpose to test. Throughout these implementations, we confirmed that a new algorithm or server could be developed independently without updates of complex low kernel modules. In order to verify efficiency of the proposed model, we measured the performance of several aperiodic task servers. The results showed this the performance of model, which even consisted of two hierarchical components and several modules, didnt have such high run-time overhead, and could efficiently support reconfiguration and scheduler development.

• Economic and Environmental Geology
• /
• v.54 no.3
• /
• pp.399-408
• /
• 2021

Natural soil was artificially contaminated with heavy metals (Cd, Pb, and Zn), and the movement of earthworm was characterized in real time using the ViSSET system composed of vibration sensor and the other components. The manifestation mechanism of ecological toxicity of heavy metals was interpreted based on the accumulative frequency of earthworm movement obtained from the real-time monitoring as well as the conventional indices of earthworm behavior, such as the change in body weight before and after tests and biocumulative concentrations of each contaminant. The results showed the difference in the earthworm movement according to the species of heavy metal contaminants. In the case of Cd, the earthworm movement was decreased with increasing its concentration and then tended to be increased. The activity of earthworm was severely increased with increasing Pb concentration, but the movement of earthworm was gradually decreased with increasing Zn concentration. The body weight of earthworm was proved to be greatly decreased in the Zn-contaminated soil, but it was similarly decreased in Cd- and Pb-contaminated soils. The bioaccumulation factor (BAF) was higher in the sequence of Cd > Zn > Pb, and particularly the biocumulative concentration of Pb did not show a clear tendency according to the Pb concentrations in soil. It was speculated that Cd is accumulated as a metallothionein-bound form in the interior of earthworm for a long time. In particular, Cd has a bad influence on the earthworm through the critical effect at its higher concentrations. Pb was likely to reveal its ecotoxicity via skin irritation or injury of sensory organs rather than ingestion pathway. The ecotoxicity of Zn seemed to be manifested by damaging the cell membranes of digestive organs or inordinately activating metabolism. Based on the results of real-time monitoring of earthworm movement, the half maximal effective concentration (EC50) of Pb was estimated to be 751.2 mg/kg, and it was similar to previously-reported ones. The study confirmed that if the conventional indices of earthworm behavior are combined with the results of newly-proposed method, the mechanism of toxicity manifestation of heavy metal contaminants in soils is more clearly interpreted.

• The Korean Journal of Physiology and Pharmacology
• /
• v.13 no.1
• /
• pp.23-26
• /
• 2009

During operations, neurosurgeons usually perform multiple temporary occlusions of parental artery, possibly resulting in the neuronal damage. It is generally thought that neuronal damage by cerebral ischemia is associated with extracellular concentrations of the excitatory amino acids. In this study, we measured the dynamics of extracellular glutamate release in 11 vessel occlusion(VO) model to compare between single occlusion and repeated transient occlusions within short interval. Changes in cerebral blood flow were monitored by laser-Doppler flowmetry simultaneously with cortical glutamate level measured by amperometric biosensor. From real time monitoring of glutamate release in 11 VO model, the change of extracellular glutamate level in repeated transient occlusion group was smaller than that of single occlusion group, and the onset time of glutamate release in the second ischemic episode of repeated occlusion group was delayed compared to the first ischemic episode which was similar to that of single 10 min ischemic episode. These results suggested that repeated transient occlusion induces less glutamate release from neuronal cell than single occlusion, and the delayed onset time of glutamate release is attributed to endogeneous protective mechanism of ischemic tolerance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2C
• /
• pp.208-218
• /
• 2006

In this paper, we introduce the creation methods of attack detection model using data mining technologies that can classify the latest attack types, and can detect the modification of existing attacks as well as the novel attacks. Also, we evaluate comparatively these attack detection models in the view of detection accuracy and detection time. As the important factors for creating detection models, there are data, attribute, and detection algorithm. Thus, we used NetFlow data gathered at the real network, and KDD Cup 1999 data for the experiment in large quantities. And for attribute selection, we used a heuristic method and a theoretical method using decision tree algorithm. We evaluate comparatively detection models using a single supervised/unsupervised data mining approach and a combined supervised data mining approach. As a result, although a combined supervised data mining approach required more modeling time, it had better detection rate. All models using data mining techniques could detect the attacks within 1 second, thus these approaches could prove the real-time detection. Also, our experimental results for anomaly detection showed that our approaches provided the detection possibility for novel attack, and especially SOM model provided the additional information about existing attack that is similar to novel attack.

• Journal of KIISE:Databases
• /
• v.31 no.6
• /
• pp.684-698
• /
• 2004

The Hippocratic database model recently proposed by Agrawal et al. incorporates privacy protection capabilities into relational databases. Since the Hippocratic database is based on the relational database, it needs extensions to be adapted for XML databases. In this paper, we propose the Hippocratic XML database model, an extension of the Hippocratic database model for XML databases and present an efficient access control mechanism under this model. In contrast to relational data, XML data have tree-like hierarchies. Thus, in order to manage these hierarchies of XML data, we extend and formally define such concepts presented in the Hippocratic database model as privacy preferences, privacy policies, privacy authorizations, and usage purposes of data records. Next, we present a new mechanism, which we call the authorization index, that is used in the access control mechanism. This authorization index, which is Implemented using a multi-dimensional index, allows us to efficiently search authorizations implied by the authorization granted on the nearest ancestor using the nearest neighbor search technique. Using synthetic and real data, we have performed extensive experiments comparing query processing time with those of existing access control mechanisms. The results show that the proposed access control mechanism improves the wall clock time by up to 13.6 times over the top-down access control strategy and by up to 20.3 times over the bottom-up access control strategy The major contributions of our paper are 1) extending the Hippocratic database model into the Hippocratic XML database model and 2) proposing an efficient across control mechanism that uses the authorization index and nearest neighbor search technique under this model.

• Convergence Security Journal
• /
• v.11 no.4
• /
• pp.43-49
• /
• 2011

Web-based health information provides a lot of conveniences, however the security vulnerabilities that appear in the network environment without the risk of exposure in the use of information are growing. Web-based medical information security issues when accessing only the technology advances, without attempting to seek a safe methodology are to increase the threat element. So it is required. to take advantage of web-based information security measures as a web-based access control security mechanism-based design. This paper is based on software architecture, design, ideas and health information systems were designed based on access control security mechanism. The methodologies are to derive a new design procedure, to design architecture and algorithms that make the mechanism functio n. To accomplish this goal, web-based access control for multiple patient information architecture infrastructures is needed. For this software framework to derive features that make the mechanism was derived based on the structure. The proposed system utilizes medical information, medical information when designing an application user retrieves data in real time, while ensuring integration of encrypted information under the access control algorithms, ensuring the safety management system design.

• 한국지구물리탐사학회:학술대회논문집
• /
• 2005.05a
• /
• pp.3-7
• /
• 2005

Focal mechanism of the real and imaginary faults in the western coast of Japan has been assumed by examining the previous studies on the seismicity, seismic gap, fault behaviors, seismic zoning, and faults. In the area of no seismic information, the focal mechanism has been assumed to have the maximum influence on the tsunami height in the eastern coast of Korea. The tsunami height in a particular point of the eastern coast of Korea can vary up to 7 orders with the variation of the strike of the fault in a particular source point of the western coast of Japan with constant magnitude. Tsunami scenario DB including tile arrival times and tsunami heights has been constructing by using the assumed focal mechanism of the western coast of Japan. Tsunami warning system will be reinforced by using this tsunami scenario DB near future.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.12
• /
• pp.31-37
• /
• 2014

In this paper, to compensate the degraded performance in high-resolution infrared sensor due to assembling error, the influence of each component was evaluated through the sensitivity analysis of lens assembly, axis mirror, and detector and also suggested detector tilt mechanism for compensation. 3 detector tilt mechanisms were investigated. The first one is 'Shim plate' method which is applying shim on installing plane. The second one is 'Tilting screw' method that is using tilt screw for adjusting detection plane. The last one is 'Micrometer head' method that is installing micrometer on detection plane and acquiring quantitative data. Based on the investigation result, 'Tilting screw' method was applied due to ease of user control, small volume, and real-time controllability, thereby we could acquire high-resolution infrared images. The research result shows that the tilting mechanism is necessary technology for the implementation of high-resolution infrared imaging system.