• Journal of KIISE:Databases
• /
• v.34 no.6
• /
• pp.473-482
• /
• 2007

Network-based IDS(Intrusion Detection System) gathers network packet data and analyzes them into attack or normal. They raise alarm when possible intrusion happens. But they often output a large amount of low-level of incomplete alert information. Consequently, a large amount of incomplete alert information that can be unmanageable and also be mixed with false alerts can prevent intrusion response systems and security administrator from adequately understanding and analyzing the state of network security, and initiating appropriate response in a timely fashion. So it is important for the security administrator to reduce the redundancy of alerts, integrate and correlate security alerts, construct attack scenarios and present high-level aggregated information. False alarm rate is the ratio between the number of normal connections that are incorrectly misclassified as attacks and the total number of normal connections. In this paper we propose a false alarm classification model to reduce the false alarm rate using classification analysis of data mining techniques. The proposed model can classify the alarms from the intrusion detection systems into false alert or true attack. Our approach is useful to reduce false alerts and to improve the detection rate of network-based intrusion detection systems.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.782-785
• /
• 2007

If existing system need to expand security part, the security was established after paying much cost, processing of complicated installation and being patient with inconvenience at user's view because of closed structure. In this thesis, those defects could be overcome by using open security tools and constructing security server, which is firewall of 'bastion' form including proxy server, certification server and so on. Also each security object host comes to decide acceptance or denial where each packet comes from, then determines security level each hosts. Precisely it is possible choosing the packets from bastion host or following at the other policies. Although an intruder enter into inside directly, it is constructed safely because encryption algorithm is applied at communication with security object host. This thesis suggests more flexible, independent and open security system, which improves existing security through systematic linkage between system security and network security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.699-702
• /
• 2003

Most of current shopping malls do not satisfy everyone because they present arrangements of goods and suggestions uniformly and comprehensively according to the thinking of their managers. On the other hand not the standard of selection but the comparison of price plays a decisive role of the purchase of goods as similar form each other. When classifying into groups according to generations, gender, income, job, hobby, etc. the propensity of purchase is showed differently and the interest and real purchasing power of the individual is different in shopping malls. It also will maximize the purchasing power of customers to make and implement the sales strategy more quickly as the basis of fashion and season of environmental factors and natural calamity of environmental variable according to the economic principle. This paper concentrates on the design and implementation of intelligent shopping mall that is added the sales strategy according to environmental variable and can not only analysis, update and classify the propensity of purchase continuously but also construct optimal goods automatically.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.6
• /
• pp.1091-1098
• /
• 2009

In this paper, we designed the authentication system for home network service and applied it to actual sensor nodes. The pair-wise pre-distribution key skim is applied for prevention of authentication key from sniffing on the wireless sensor networks. The authentication key and data are encrypted by using the CBC mode RC5 algorithm based on the SPINS. The experimental environment consists of a base station (BS)and sensor nodes and each sensor node sends both sensing data and the encrypted authentication key to the BS. For simulations we set up some what-if scenarios of security menaces in home network service.Slightly modified the TOS_Msg data arrays of TinyOS is suggested to store 8-byte authentication key which can enable data encryption and authentication at the each sensor node. As a result, malfunction caused by communication between BS and nodes of other groups of added nodes having malicious purpose can be protected. Also, we confirmed that a critical data of home networking service like vital signal can be transmitted securely through this system by encryption technique.

• Journal of KIISE:Databases
• /
• v.29 no.6
• /
• pp.502-512
• /
• 2002

Most of previous replication schemes assume lazy schemes, which asynchronously propagate replica updates to other nodes after the updating transaction commits. While lazy schemes are novel in the sense that they can resolve high deadlock frequencies of eager schemes, they suffer from the fact that users should be responsible for the data consistency. Recently replication schemes based on the messaging order of group communication have been studied. They can reduce the deadlock frequencies using the messaging order, but they have another problem of increasing execution overhead of aborted transactions at high degree of concurrency. This is because the sender node validates global serializability after multicasting replica update messages to other nodes. In this paper, we propose an efficient eager replication scheme for reducing the number of messaging and overhead of aborted transactions significantly. The proposed scheme validates any conflicts before multicasting and does not multicast when there is any conflict; hence, it can exploit performance improvement by alleviating the message traffic for replica update or by reducing the number of disk accesses and locking delay due to aborted transactions.

• Journal of KIISE:Databases
• /
• v.35 no.4
• /
• pp.319-332
• /
• 2008

Data cube, which is multi-dimensional data model, have been successfully applied in many cases of multi-dimensional data analysis, and is still being researched to be applied in data stream analysis. Data stream is being generated in real-time, incessant, immense, and volatile manner. The distribution characteristics of data arc changing rapidly due to those characteristics, so the primary rule of handling data stream is to check once and dispose it. For those characteristics, users are more interested in high support attribute values observed rather than the entire attribute values over data streams. This paper propose dynamic data cube for applying data cube to data stream environment. Dynamic data cube specify user's interested area by the support ratio of attribute value, and dynamically manage the attribute values by grouping each other. By doing this it reduce the memory usage and process time. And it can efficiently shows or emphasize user's interested area by increasing the granularity for attributes that have higher support. We perform experiments to verify how efficiently dynamic data cube works in limited memory usage.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.820-823
• /
• 2011

WSN is composed of a lot of small sensors with the limited hardware resources. In WSN, at the initial stage, sensor nodes are randomly deployed over the region of interest, and self-configure the clustered networks by grouping a bunch of sensor nodes and selecting a cluster header among them. In this paper, we propose a self-configuration routing protocol for WSN, which consists of step-wise ripple routing algorithm for initial deployment, effective joining of sensor nodes. RRA is search node in RF-coverage of each node, which result in fast network connection, reducing overall power consumption, and extending the lifetime of network.

• Journal of KIISE:Databases
• /
• v.36 no.4
• /
• pp.292-305
• /
• 2009

Wireless sensor networks have a lot of application areas such as industrial process control, machine and resource management, environment and habitat monitoring. One of the main objects of using wireless sensor networks in these areas is the event detection. To detect events at a user's request, we need a join processing between sensor data and the predicates of the events. If there are too many predicates of events compared with a node's capacity, it is impossible to store them in a node and to do an in-network join with the generated sensor data This paper proposes a predicate-merge based in-network join approach to efficiently detect multiple events, considering the limited capacity of a sensor node and many predicates of events. It reduces the number of the original predicates of events by substituting some pairs of original predicates with some merged predicates. We create an estimation model of a message transmission cost and apply it to the selection algorithm of targets for merged predicates. The experiments validate the cost estimation model and show the superior performance of the proposed approach compared with the existing approaches.

• Journal of KIISE:Databases
• /
• v.30 no.4
• /
• pp.397-407
• /
• 2003

Transactions of updating spatial dta with mobile clients are log transactions because a user disconnected from a server surveys real features and updates them. In this environment, it is appropriate to exploit the optimistic approach based on the validation test in order to control the concurrency of transactions. On the contrary, the pessimistic concurrency control scheme makes transactions wait for a long time due to the lock. In this paper, we propose the surrogate transaction model and implement its manager for the S-S-M(Server-Surrogate PC-Mobile Client) structure which is appropriate for updating spatial data in mobile environments. In the S-S-M structure, the mobile client communicates with the server by the surrogate PC. We extend the validation condition in consideration of spatial relationships between spatial objects in this model. We also present the commit protocol where the user of a surrogate PC adjusts objects of the conflicted surrogate transaction to minimize costs for the abortion of the transaction.

• Journal of KIISE:Databases
• /
• v.31 no.6
• /
• pp.624-640
• /
• 2004

Recently, with the rapid development of location-based techniques, index structures to efficiently manage moving objects have been required. In this paper, we propose a new spatio-temporal index structure that supports a future position retrieval and minimizes a update cost. The proposed index structure combines an assistant index structure that directly accesses current positions of moving objects with KDB-tree that is a space partitioning access method. The internal node in our proposed index structure keeps time parameters in order to support the future position retrieval and to minimize a update cost. Moreover, we propose new update and split methods to maximize the space utilization and the search performance. We perform various experiments to show that our proposed index structure outperforms the existing index structure.