• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.41-48
• /
• 2016

In this paper we propose a new method of security visualization, VisFlow, using traffic flows to solve the problems of existing traffic flows based visualization techniques that were a loss of end-to-end semantics of communication, reflection problem by symmetrical address coordinates space, and intuitive loss problem in mass of traffic. VisFlow, a simple and effective security visualization interface, can do a real-time analysis and monitoring the situation in the managed network with visualizing a variety of network behavior not seen in the individual traffic data that can be shaped into patterns. This is a way to increase the intuitiveness and usability by identifying the role of nodes and by visualizing the highlighted or simplified information based on their importance in 2D/3D space. In addition, it monitor the network security situation as a way to increase the informational effectively using the asymmetrical connecting line based on IP addresses between pairs of nodes. Administrator can do a real-time analysis and monitoring the situation in the managed network using VisFlow, it makes to effectively investigate the massive traffic data and is easy to intuitively understand the entire network situation.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.50-59
• /
• 2006

The new communication paradigm is rapidly shifted from wireless mobile networks to an All-IP(Internet Protocol) network, led by service industry leaders and communication manufacturers. In this paradigm, providing authentication and session keys of a subscriber becomes one of the critical tasks because of IP open accessibility among heterogeneous networks. In this paper, we introduce authentication process procedure of heterogeneous wireless mobile networks and develop so-called IMAS(Integrated Mobile Authentication Server) which can securely inter-work among all mobile networks and support the legacy networks with backward compatibility. Especially, in designing IMAS, mobile authentication inter-working mechanism, key management technique, and other issues to be overcome are presented. We analyze and evaluate the performance of authentication algorithm which creates session key. A simulation environment of IMAS is established, and a performance(TPS; Transaction Per Second) result is analyzed and evaluated. It turned out that IMAS works among heterogeneous wireless mobile networks without compensating efficiency and functionalities of the legacy networks and decrease the entropy of data redundancy and data inconsistency among networks because of the integrity of the distributed Data Base(DB).

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10c
• /
• pp.279-281
• /
• 1998

CSCW는 지리적으로 분산된 작업자 간의 효율적인 의사소통을 위해 화상회의, 채팅(chatting), 화이트 보드(white board), 그리고 텔리포인팅(telepointing)과 같은 기능들을 제공한다. 이 중 텔리포인팅은 지역 시스템(local system)의 공유 윈도우(shard window)에서 텔리포인터(telepointer)를 통해 발생한 이벤트를 원격지 시스템(remote System)의 공유 윈도우에서 나타낼 수 있도록 하는 기능을 제공함으로써 작업자 간의 보다 효율적인 의사소통을 가능하게 한다. 이러한 의사소통 기능으로써의 텔리포인팅은 원격진료, 공동작업 플랫폼에 관한 연구에서 응용된 바 있으나 공동저작을 위한 텔리포인팅 기능에 관한 연구 및 이를 공동저작 관리 시스템 구조에 관한 연구가 미흡하다. 공동제작에서의 텔리포인팅은 저작자 간의 의사소통을 위한 기능 뿐만 아니라 동기적 공동저작과 동기적 프리젠테이션을 위한 기능으로써 응용될 수 있어야 한다. 이를 위해 공동저작 관리 시스템은 저작자 그룹인 세션(session) 단위로 텔리포인터에 대한 권한 관리와 텔리포인팅을 통한 공유객체 엑세스(access) 기능을 제공해야 한다. 또한 텔리포인팅 구조(telepointing architecture)는 텔리포인팅 이벤트의 멀티캐스팅(multicasting) 및 동기화(synchronization)를 위해 중앙에서 이벤트를 조정하는 텔리포인팅 조정 에이전트 (telepointing coordination agent)와 각 저작자의 지역 시스템에 존재하며 공유 윈도우로부터 지역 이벤트(local event)를 인식하고 텔리포인팅 이벤트를 공유 윈도우에 알리는 텔리포인팅 지역 에이전트(telepointing local agent)로 구성되어야 한다. 본 논문은 공동저작을 위한 텔리포인팅의 기능들과 이를 위한 공동저작 관리 시스템 구조를 설명하고 텔리포인팅 구조를 제시한다.cid 함량이 가장 많이 용출된 분획은 sodium hydroxide 부분으로서 hemicellulose구조가 polyuronic acid의 형태인 것으로 사료된다. 추출획분의 구성단당은 여러 곡물연구의 보고와 유사하게 glucose, arabinose, xylose 함량이 대체로 높게 나타났다. 점미가 수가용성분에서 goucose대비 용출함량이 고르게 나타나는 경향을 보였고 흑미는 알칼리가용분에서 glucose가 상당량(0.68%) 포함되고 있음을 보여주었고 arabinose(0.68%), xylose(0.05%)도 다른 종류에 비해서 다량 함유한 것으로 나타났다. 흑미는 총식이섬유 함량이 높고 pectic substances, hemicellulose, uronic acid 함량이 높아서 콜레스테롤 저하 등의 효과가 기대되며 고섬유식품으로서 조리 특성 연구가 필요한 것으로 사료된다.리하였다. 얻어진 소견(所見)은 다음과 같았다. 1. 모년령(母年齡), 임신회수(姙娠回數), 임신기간(姙娠其間), 출산시체중등(出産時體重等)의 제요인(諸要因)은 주산기사망(周産基死亡)에 대(對)하여 통계적(統計的)으로 유의(有意)한 영향을 미치고 있어 $25{\sim}29$세(歲)의 연령군에서, 2번째 임신과 2번째의 출산에서 그리고 만삭의 임신 기간에, 출산시체중(出産時體重) $3.50{\sim}3.99kg$사이의 아이에서 그 주산기사망률(周産基死亡率)이 각각 가장 낮았다. 2. 사산(死産)과 초생아사망(初生兒死亡)을 구분(區分)하여 고려해 볼때 사산(死産)은 모성(母性)의 임신력(姙娠歷)과 매우 밀접한 관련이 있는 것으로 사료(思料)되었고 초생아사망(初生兒死亡)은 미숙아(未熟兒)와 이에 관련된 병발이 거의 결정적(決定的) 원인(原因)이 된다고 사료(思料)되었다. 3. 주산기사망률(周産基死亡率)을 감소시키는 관점(觀點)에서의 모자보건사업(母子保健事業)은 미숙아방지책(未熟兒防止策

• Journal of Intelligence and Information Systems
• /
• v.8 no.2
• /
• pp.205-227
• /
• 2002

Our study is focused on a multiple-agent system to provide efficient collaborative work by automating the conference calling process with the help of intelligent agents. Automating the meeting scheduling requires a careful consideration of the individual official schedule as well as the privacy and personal preferences. Therefore, the automation of conference calling needs the distributed processing task where a separate calendar management process is associated for increasing the reliability and inherent parallelism. This paper describes in detail the design and implementation issues of a multiple-agent system for conference calling that allows the convener and participants to minimize their efforts in creating a meeting. Our system is based on the client-sewer model. In the sewer side, a scheduling agent, a negotiating agent, a personal information managing agent, a group information managing agent, a session managing agent, and a coordinating agent are operating. In the client side, an interface agent, a media agent, and a collaborating agent are operating. Agents use a standardized knowledge manipulation language to communicate amongst themselves. Communicating through a standardized knowledge manipulation language allows the system to overcome heterogeneity which is one of the most important problems in communication among agents for distributed collaborative computing. The agents of our system propose the dates on which as many participants as possible are available to attend the conference using the forward chaining algorithm and the back propagation network algorithm.

• The Journal of the Korea Contents Association
• /
• v.10 no.1
• /
• pp.46-58
• /
• 2010

The user valence of VoIP services with SIP protocol is increasing rapidly because of cheap communication cost and its conveniency. But attacker can easily modify the packet contents of SIP protocol as SIP header is transmitted by using UDP methods in text form. The reason is that SIP protocols does not provide an authentication function on the transmission session. Therefore, existing SIP protocol is very weak on SIP Packet Flooding attack etc. In order to solve like this kinds of SIP vulnerabilities, we used SIP status codes under the monitoring module for detecting SIP Flooding attacks and additionally proposed an advanced protocol where the authentication and security function is strengthened about SIP packet. We managed SIP session spontaneously in order to strengthen security with SIP authentication function and to solve the vulnerability of SIP protocol. The proposed mechanism can securely send SIP packet to solves the security vulnerability with minimum traffic transmission. Also service delay in SIP proxy servers will be minimized to solve the overload problem on SIP proxy server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.769-780
• /
• 2014

In general, internet users need to remember several IDs and passwords when they use diverse web sites. From an effective management perspective, SSO system was suggested to reduce user inconvenience. Kerberos authentication, which uses centralized system management, is a typical example of a broker-based SSO authentication model. However, further research is required, because the existing Kerberos authentication system has security vulnerability problems of password and replay attacks. In SSO authentication systems, a major security vulnerability is the replay attack. When user credentials are seized by attackers, an authorized session can be obtained through a replay attack. In this paper, an improved SSO authentication model based on the broker-based model and a secure lightweight SSO mechanism against credential replay attack is proposed.

• Journal of agricultural medicine and community health
• /
• v.42 no.4
• /
• pp.234-243
• /
• 2017

Objective: This study was aimed to evaluate the effectiveness of the diabetes education program implemented in a community hypertension and diabetes education center. Methods: Participants were thirty nine diabetic patients who received the education program in the center from May 2014 through May 2015. The education program consisted of two sessions for 2 days (45 minutes per session) regarding clinical information, nutrition and exercise for type 2 diabetes patients. Initially, they were assessed for general characteristics, knowledge on diabetes, self-efficacy and self-care behaviors. Reassessment was performed on their knowledge and self-efficacy directly after the program, and on self-care behaviors at 12 weeks after the program. Results: The mean score of diabetes knowledge was significantly increased from $5.27{\pm}2.10$ to $8.21{\pm}1.20$ (p<0.001) between before and after the program. The self-efficacy score was also significantly increased from $6.88{\pm}1.72$ to $8.16{\pm}1.47$ (p<0.001). The self-care behavior score was significantly increased from $3.59{\pm}1.89$ before the program to $4.35{\pm}1.29$ (p<0.001) at 12 weeks after the program. Conclusion: The diabetes education program may be effective on the improvement of knowledge, self-efficacy and self-care behaviors in type 2 diabetic patients.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.747-754
• /
• 2016

DHCP(Dynamic Host Configuration Protocol) is a protocol for efficiency and convenience of the IP address management. DHCP automatically assigns an IP address and configuration information needed to run the TCP/IP communication to individual host in the network. However, existing DHCP is vulnerable for network attack such as DHCP spoofing, release attack because there is no mutual authentication systems between server and client. To solve this problem, we have designed a new DHCP protocol supporting the following features: First, ECDH(Elliptic Curve Diffie-Hellman) is used to create session key and ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication between server and client. Also this protocol ensures integrity of message by adding a HMAC(Hash-based Message Authentication Code) on the message. And replay attacks can be prevented by using a Nonce. As a result, The receiver can prevent the network attack by discarding the received message from unauthorized host.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.12
• /
• pp.2985-2995
• /
• 1997

In this paper, we proposed the "synchronous & asynchronous distance education system" which is able to interact among teachers and students for open education in cyberspace, and it is based telecommunication technology and multimedia technology. Specially, This system gets rid of the nufamiliarity and inconvenient feeling during the distance education. Also it supports the mediation of floor mode, for a group lecture and supports the synchronous mode for face-to-face effective and asynchronous mode for self-learning. The asynchronous mode has the down load function and the consultant mode (between teacher and student). The element technologies of this system consists of application sharing technique, whiteboard, various video window display, audio support, user interface, environment setup, session management, access control, network control and media control for collaborative distance education.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.1
• /
• pp.41-55
• /
• 2005

A group key agreement protocol allows a group of user to share a key which may later be used to achieve certain cryptographic goals. In this paper, we propose a new scalable two-round ID-based group key agreement protocol which would be well fit to a Pay-TV system, additionally. to the fields of internet stock quotes, audio and music deliveries, software updates and the like. Our protocol improves the three round poop key agreement protocol of Nam et al., resulting in upgrading the computational efficiency by using the batch verification technique in pairing-based cryptography. Also our protocol simplifies the key agreement procedures by utilizing ID-based system. We prove the security of our protocol under the Computational Diffie-Hellman assumption and the Bilinear Decisional Diffie-Hellman assumption. Also we analyze its efficiency.