• KIISE Transactions on Computing Practices
• /
• v.24 no.3
• /
• pp.129-137
• /
• 2018

NVMe(Non-Volatile Memory Express) SSD(Solid State Drive) is a high-performance storage that makes use of flash memory as a storage cell, PCIe as an interface and NVMe as a protocol on the interface. It supports multiple I/O queues which makes it feasible to process parallel-I/Os on multi-core environments and to provide higher bandwidth than SATA SSDs. Hence, NVMe SSD is considered as a next generation-storage for data-center and cloud computing system. However, in the virtualization system, the performance of NVMe SSD is not fully utilized due to the bottleneck of the software I/O stack. Especially, when it uses I/O stack of the hypervisor or the host operating system like Xen and KVM, I/O performance degrades seriously due to doubled-I/O stack between host and virtual machine. In this paper, we propose a new I/O engine, called Direct-AIO (Direct-Asynchronous I/O) engine, that can access NVMe SSD directly for I/O performance improvements on QEMU emulator. We develop our proposed I/O engine and analyze I/O performance differences between the existed I/O engine and Direct-AIO engine.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.947-953
• /
• 2011

These days, a consistent and fatal attack attribute toward a database has proportionally evolved in the similar development form to that of security policy. Because of access control-based defensive techniques regarding information created in closed networks and attacks on a limited access pathway, cases of infringement of many systems and databases based on accumulated and learned attack patterns from the past are increasing. Therefore, the paper aims to separate attack information by its types based on a virtual infringement pattern system loaded with dualistic VM in order to ensure stability to limited certification and authority to access, to propose a system that blocks infringement through the intensive management of infringement pattern concerning attack networks, and to improve the mechanism for implementing a test that defends the final database, the optimal defensive techniques, and the security policies, through research.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.9
• /
• pp.1081-1094
• /
• 2016

KREONET is a principal national R&E network running by KISTI in Korea. It uniquely provides production research network services for around 200 non-profit research and educational organizations, based on hybrid (IP and non-IP) network infrastructure. However, KREONET is limited to meet various needs of new network services for advanced Science & Technology (S&T) users because its infrastructure is inherently derived form classical hardware-based, fixed and closed environments. So, KREONET-S is designed to provide advanced S&T services to catch up with time-to-research and time-to-collaboration. In this paper, we present a system architecture of KREONET-S based on network infrastructure that consists of data and control planes separately. Furthermore, we propose and describe VDN service which is capable of building a virtual dedicate & bandwidth-guaranteed network for S&T group dynamically. we implement VDN application on KREONET-S and then perform performance analysis for proving that KREONET-S system and VDN application can be a good solutions to cope with new network paradigms for various advanced S&T applications and users.

• Journal of Korea Society of Industrial Information Systems
• /
• v.27 no.2
• /
• pp.1-10
• /
• 2022

Deception technology is an extended concept of honeypot, which detects, prevents or delays attacks by deceiving adversaries. It has been applied to various system components such as network ports, services, processes, system calls and database management systems. We can apply the same concept to attacks on files. A representative example of a file attack is ransomware. Ransomware is a type of malware that encrypts user files and ask for ransom to recover those files. Another example is the wiper attack, which erases all or target files of a system. In this paper we propose a defense mechanism against these kinds of attacks by hiding files. Compared to backup or virtualization techniques, the proposed method incurs less space and performance overheads.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.5
• /
• pp.1041-1051
• /
• 2012

Attack on Cloud Computing, an intensive service solution using network infrastructure recently released, generates service breakdown or intrusive incidents incapacitating developmental platforms, web-based software, or resource services. Therefore, it is needed to conduct research on security for the operational information of three kinds of services (3S': laaS, PaaS, SaaS) supported by the Cloud Computing system and also generated data from the illegal attack on service blocking. This paper aims to build a system providing optimal services as a 4-stage defensive method through the test on the attack and defense of Cloud Computing services. It is a defense policy that conducts 4-stage, orderly and phased access control as follows: controlling the initial access to the network, controlling virtualization services, classifying services for support, and selecting multiple routes. By dispersing the attacks and also monitoring and analyzing to control the access by stage, this study performs defense policy realization and analysis and tests defenses by the types of attack. The research findings will be provided as practical foundational data to realize Cloud Computing service-based defense policy.

• Journal of Information Technology and Architecture
• /
• v.11 no.4
• /
• pp.449-462
• /
• 2014

In big data era, there are a number of considerable parts in processing systems for capturing, storing, and analyzing stored or streaming data. Unlike traditional data handling systems, a big data processing system needs to concern the characteristics (format, velocity, and volume) of being handled data in the system. In this situation, virtualized computing platform is an emerging platform for handling big data effectively, since virtualization technology enables to manage computing resources dynamically and elastically with minimum efforts. In this paper, we analyze resource utilization of virtualized computing resources to discover suitable deployment models in Apache Hadoop and HBase-based big data processing environment. Consequently, Task Tracker service shows high CPU utilization and high Disk I/O overhead during MapReduce phases. Moreover, HRegion service indicates high network resource consumption for transfer the traffic data from DataNode to Task Tracker. DataNode shows high memory resource utilization and Disk I/O overhead for reading stored data.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.85-90
• /
• 2014

Cloud computing originated simply to request and execute the desired operation from the network of clouds. It means that an IT resource that provides a service using the Internet technology. It is getting the most attention in today's IT trends. In cloud computing networks, devices and data centers which are composed of the server, storage and application are connected over network. That is, data of computers in different physical locations are integrated using the virtualization technology to provide a service. Therefore cloud computing system is a key information resource, standardized methods and assessment system are required. In this paper, we aims to derive the parameters and information for research of technical standards stability evaluation method associated with various cloud computing equipment.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.11
• /
• pp.123-129
• /
• 2020

Recently, cybercrime has become increasingly difficult to track by applying new technologies such as virtualization technology and distribution tracking avoidance. etc. Therefore, there is a limit to the technology of tracking distributors based on malicious code information through static and dynamic analysis methods. In addition, in the field of cyber investigation, it is more important to track down malicious code distributors than to analyze malicious codes themselves. Accordingly, in this paper, we propose a next-generation malicious code information collection architecture to efficiently track down malicious code distributors by converging traditional analysis methods and recent information collection methods such as OSINT and Intelligence. The architecture we propose in this paper is based on the differences between the existing malicious code analysis system and the investigation point's analysis system, which relates the necessary elemental technologies from the perspective of cybercrime. Thus, the proposed architecture could be a key approach to tracking distributors in cyber criminal investigations.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.9
• /
• pp.127-138
• /
• 2012

In this paper, we present a tool (named VMBootFailMonitor) to detect and analyze a failure of a VM boot creation caused by faults on virtual disks of a Xen-based VM. Also, we presents an architecture and detail analysis process of the virtual disk faults in our tool. Especially, VMBootFailMonitor provides a causual analysis result for a case of VM creation failure based on three modules which performs virtual disk analysis, virtualized system analysis and system log analysis. We also support a comparison result between boot times of normal VMs and fault detection times of VM creation based on abnormal virtual disks. At result, our tool detects VM boot failures (3~6 seconds) within normal VM boot times (8~16 seconds).

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.10
• /
• pp.6310-6316
• /
• 2014

The increase in the Internet and smart device users requires high-level network security. Network security consists of Web Firewall, Network Firewall, IPS, DDoS system, UTM (Unified Treat Management), VPN, NAC (Network Access Control), Wireless security, Mobile security, and Virtualization. Most network security solutions running on IPv4, and IPv6 network services are not sufficiently ready. Therefore, in this paper, this study designed and implemented important functions of Network Access Control (NAC), which include IPv6 host detection, isolation, blocking and domain assignment for the IPv6 network. In particular, domain assignment function makes 128 bits IPv6 address management easy. This system was implemented on a KISA IPv6 test-bed using well known devices. Finally, the test result showed that all IPv6 based wired and wireless devices were well-controlled (detection, blocking, isolation and domain assignment).