• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.666-677
• /
• 2015

The importance of application traffic analysis for efficient network management has been emphasized continuously. Snort is a popular traffic analysis system which detects traffic matched to pre-defined signatures and perform various actions based on the rules. However, it is very difficult to get highly accurate signatures to meet various analysis purpose because it is very tedious and time-consuming work to search the entire traffic data manually or semi-automatically. In this paper, we propose a novel method to generate signatures in a fully automatic manner in the form of sort rule from raw packet data captured from network link or end-host. We use a sequence pattern algorithm to generate common substring satisfying the minimum support from traffic flow data. Also, we extract the location and header information of the signature which are the components of snort content rule. When we analyzed the proposed method to several application traffic data, the generated rule could detect more than 97 percentage of the traffic data.

• Journal of the Korean Data and Information Science Society
• /
• v.24 no.1
• /
• pp.117-124
• /
• 2013

Association rule of data mining techniques is the method to quantify the relationship between a set of items in a huge database, andhas been applied in various fields like internet shopping mall, healthcare, insurance, and education. There are three primary interestingness measures for association rule, support and confidence and lift. Confidence is the most important measure of these measures, and we generate some association rules using confidence. But it is an asymmetric measure and has only positive value. So we can face with difficult problems in generation of association rules. In this paper we apply the similarity measures by probabilistic interestingness measure (PIM) with all marginal proportions (AMP) to solve this problem. The comparative studies with support, confidences, lift, chi-square statistics, and some similarity measures by PIM with AMPare shown by numerical example. As the result, we knew that the similarity measures by PIM with AMP could be seen the degree of association same as confidence. And we could confirm the direction of association because they had the sign of their values, and select the best similarity measure by PIM with AMP.

• Journal of The Korean Association of Information Education
• /
• v.14 no.3
• /
• pp.291-300
• /
• 2010

Group-based learning is known to be an effective means to improve scholastic achievement in online learning. Therefore, there are some previous researches for the group-based learning. A lot of previous researches define factors for grouping from the characteristics of classes, teacher's decision and students' preferences and then generate a group based on the defined factors. However, many algorithms proposed by previous researches depend on a specific class and is not a general approach since there exist several differences in terms of the need of courses, learners, and teachers. Moreover it is hard to find a automatic system for group generation. This paper proposes a grouping system which automatically generate a learner group according to characteristics of various classes. the proposed system automatically generates a learner group by using basic information for a class or additional factors inputted from a user. The proposed system defines a set of rules for learner grouping which enables automatic selection of a learner grouping algorithm tailored to the characteristics of a given class. This rule based approach allows the proposed system to accommodate various learner grouping algorithms for a later use. Also we show the usability of our system by serviceability evaluation.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.12
• /
• pp.865-872
• /
• 2013

Two-level morphology analysis method is one of rule-based morphological analysis method. This approach handles morphological transformation using rules and analyzes words with morpheme connection information in a lexicon. It is independent of language and Korean Two-level system was also developed. But, it was limited in practical use, because of using very small set of lexicon built manually. And it has also a over-generation problem. In this paper, we propose an automatic construction method of Korean Two-level lexicon for PC-KIMMO from morpheme tagged corpus. We also propose a method to solve over-generation problem using lexical information and sub-tags. The experiment showed that the proposed method reduced over-generation by 68% compared with the previous method, and the performance increased from 39% to 65% in f-measure.

• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.69-86
• /
• 2003

A Protection Profile(PP) is a common security and assurance requirements for a specific class of Information Technology security products such as firewall and smart card. A PP should be included "TOE(Target of Evaluation) Security Environment", which is consisted of subsections: assumptions, treat, organizational security policies. This paper presents a new threats statement generation method for developing TOE security environment section of PP. Our survey guides the statement of threats in CC(Common Criteria) scheme through collected and analysed hundred of threat statements from certified and published real PPs and CC Tool Box/PKB that is included a class of pre-defined threat and attack statements. From the result of the survey, we present a new asset classification method and propose a threats statement generation model. The former is a new asset classification method, and the later is a production rule for a well formed statement of threats.

• Journal of Korean Association for Spatial Structures
• /
• v.11 no.3
• /
• pp.125-135
• /
• 2011

This study presents the shape creation process using L-system model of morphogenesis technique. In general, L-system model has been applied to represent the visualization of biological plant. But, this study proposes the shape generation process of L-system model to apply the architectural field. The L-system model consists of two parts such as string generation step and string analysis step. The string generation step shows the process for a string rewriting. This step requires alphabet, axiom and rules to generate a string. Also, the string analysis step gives the meaning in string to generate various forms. Especially, through the various application examples, we can find out the shape creation models for the space structures.

• Journal of the Korean Society of Clothing and Textiles
• /
• v.31 no.5 s.164
• /
• pp.729-741
• /
• 2007

In order to examine the characteristics of brassiere products for the 1924 generation brands on the market and grasp problems, we selected three 'comparative brassieres', each one from among the 1924 underwear brands with the highest recognition and sales profit, and then designed a 'sample brassiere' pattern(75A) with a similar shape to the comparative brassieres. We set up the "New Cup Grading Rule" with a view of reflecting the wearing effect that was varied according to cup sizes, graded the sizes of 75AA and 75B with this method, and made the sample brassieres in three sizes. We conducted the wearing evaluation and body measurements of 9 subjects after analyzing the patterns and characteristics of the sample brassieres and three comparative brassieres. As a result of the wearing evaluation, the sample and comparative brassiere 2, the dimensions and shapes were appropriate for the 1924 generation consumers and expressed an overall natural silhouette, showed satisfactory results in the entire evaluation questions. On the other hand, the comparative brassiere 1 and 3 that tended toward making a big change in the physical characteristics got unsatisfactory evaluations in the dimensions of the cups, clothing pressure, and bust silhouette. As a result of observing the variation in body dimensions by body measurements when nude and when wearing each brassiere and then summing it up with the score of the wearing evaluation, it was proven that too much change in body shape can create a negative image by upsetting the balance of the whole silhouette. Therefore, it is desirable to develop brassiere products with proper dimensions and clothing pressure that can make a physical change that harmonizes the overall bust silhouette and the position and shape of the breasts.

• The Journal of the Korea Contents Association
• /
• v.9 no.2
• /
• pp.152-162
• /
• 2009

At present, Authoring tools, which are used to develop the WIPI applications are less convenient to be coded. Usually, the programming tools only focus on the grammar while scarcity of visualization. Developer forced directly codes all times during the development by this cause. As a procedure for rapid WIPI Application Development, in this paper, WIPI API High Level Component is first visualized, in order words, graphic control is developed. Second this control is used in designing the mobile layout. Then UI Markup Language and source code can be generated automatically. With this view, we propose the JIML(Jlet Interface Markup Language) with UI Markup Language based XML of WIPI Jlet Platform and also present the transformable rule for generation to the WIPI code about WIPI Jlet UI from offered JIML. Also we implement the WIPI Jlet Generation System to make the generation to JIML, WIPI code. The Implemented System provides efficiency when developing WIPI Business Application, and helps to enable rapid development.

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.1
• /
• pp.149-156
• /
• 2014

NGE(Nested Generalized Exemplar Method) can increase the performance of the noisy data at the same time, can reduce the size of the model. It is the optimal distance-based classification method using a matching rule. NGE cross or overlap hyperrectangles generated in the learning has been noted to inhibit the factors. In this paper, We propose the DHGen(Dominant Hyperrectangle Generation) algorithm which avoids the overlapping and the crossing between hyperrectangles, uses interval weights for mixed hyperrectangles to be splited based on the mutual information. The DHGen improves the classification performance and reduces the number of hyperrectangles by processing the training set in an incremental manner. The proposed DHGen has been successfully shown to exhibit comparable classification performance to k-NN and better result than EACH system which implements the NGE theory using benchmark data sets from UCI Machine Learning Repository.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.2
• /
• pp.65-73
• /
• 2014

An overall responding security-centered framework is necessary required for infringement accidents, failures, and cyber threats. On the other hand, the correspondence structures of existing administrative, technical, physical security have weakness in a system responding to complex attacks because each step is performed independently. This study will recognize all internal and external users as a potentially threatening element. To perform connectivity analysis regarding an action, an intelligent convergence security framework and road map is suggested. A suggested convergence security framework was constructed to be independent of an automatic framework, such as the conventional single solution for the priority defense system of APT of the latest attack type, which makes continuous reputational attacks to achieve its goals. This study suggested the next generation convergence security framework to have preemptive responses, possibly against an APT attack, consisting of the following five hierarchical layers: domain security, domain connection, action visibility, action control, and convergence correspondence. In the domain, the connection layer suggests a security instruction and direction in the domains of administrative, physical and technical security. The domain security layer has consistency of status information among the security domain. A visibility layer of an intelligent attack action consists of data gathering, comparison and decision cycle. The action control layer is a layer that controls the visibility action. Finally, the convergence corresponding layer suggests a corresponding system of before and after an APT attack. The administrative security domain had a security design based on organization, rule, process, and paper information. The physical security domain is designed to separate into a control layer and facility according to the threats of the control impossible and control possible. Each domain action executes visible and control steps, and is designed to have flexibility regarding security environmental changes. In this study, the framework to address an APT attack and load map will be used as an infrastructure corresponding to the next generation security.