• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.1
• /
• pp.17-24
• /
• 2017

As the prevalence of removable device, critical intelligences are often stored in the removable device. For that reason, in seizure and search, the removable device became a important evidence of while it could be has a salient key for prove a crime. When we acquired a removable device for proof, we image it by a imaging device or software with a write protection. However, these are high-priced exclusive equipments and sometimes it could be out of order. In addition, we found that some secure USB and inbuilt vaccine USB are failed to connect to the imaging device. Therefore, in this paper, we provide a suitable digital evidence collection procedure for real.

• Convergence Security Journal
• /
• v.6 no.2
• /
• pp.1-11
• /
• 2006

The files of intellectual property on computer systems have increasingly been exposed to such threats that they can be flowed out by internal users or outer attacks through the network. The File Outflow Protection System detects file outflow when users not only copy files on client computers into storage devices, but also print them. This Protection system has been designed to Win32 API hooking by I/O Manager in kernel level if files are flowed out by copying. As a result, the monitoring system has exactly detected file outflows, which is proved through testing.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.2
• /
• pp.77-88
• /
• 2009

According to the size of NAND flash memory as the storage system of mobile device becomes large, the performance of address translation and life cycle management in FTL (Flash Translation Layer) to interact with file system becomes very important. In this paper, we propose the continuity counters, which represent the number of continuous physical blocks whose logical addresses are consecutive, to reduce the number of address translation. Furthermore we propose the prefetching method which preloads frequently accessed pages into main memory to enhance I/O performance of flash memory. Besides, we use the 2-bit write prediction and asynchronous writing method to predict addresses repeatedly referenced from host and prevent from writing overhead. The experiments show that the proposed method improves the I/O performance and extends the life cycle of flash memory. As a result, proposed CFTL (Clustered Flash Translation Layer)'s performance of address translation is faster 20% than conventional FTLs. Furthermore, CFTL is reduced about 50% writing time than that of conventional FTLs.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.307-308
• /
• 2012

최근 서비스가 대규모화 되고 사용자 수와 시간 당 사용량이 폭발적으로 증가함에 따라 디스크 기반의 서버에서 메모리를 저장장치로 활용하는 인메모리 시스템이 개발되고 주목 받고 있다. 이러한 인메모리 시스템은 휘발성인 DRAM 을 사용하기 때문에 전력 공급이 차단되는 경우 크게 문제가 발생할 수 있는데, 이를 해결하기 위해서는 비휘발성 저장장치의 백업이 필수적이다. 본 논문에서는 비휘발성 저장장치 중 가장 저렴하고 일반적인 하드디스크를 활용하여 백업 시스템을 구축할 때, 디스크로 보내는 데이터를 최소화하면서도 디스크의 특성상 성능이 떨어지는 현상을 방지하기 위한 연구를 진행하였다.

• Journal of Korea Spatial Information System Society
• /
• v.11 no.2
• /
• pp.133-142
• /
• 2009

Recently, with the advance of wireless internet and the frequent use of mobile devices, demand for LBS(Location Based Service) is increasing, and research is required on spatial indexes for the storage and maintenance of spatial data to provide efficient LBS in mobile device environments. In addition, the use of flash memory as an auxiliary storage device is increasing in order to store large spatial data in a mobile terminal with small storage space. However, the application of existing spatial indexes to flash-memory lowers index performance due to the frequent updates of nodes. To solve this problem, research is being conducted on flash-memory based spatial indexes, but the efficiency of such spatial indexes is lowered by low utilization of buffer and flash-memory space. Accordingly, in order to solve problems in existing flash-memory based spatial indexes, this paper proposed FR-Tree (Flash-Memory based R-Tree) that uses the node compression technique and the delayed write operation technique. The node compression technique of FR-Tree increased the utilization of flash-memory space by compressing MBR(Minimum Bounding Rectangle) of spatial data using relative coordinates and MBR size. And, the delayed write operation technique reduced the number of write operations in flash memory by storing spatial data in the buffer temporarily and reflecting them in flash memory at once instead of reflecting the insert, update and delete of spatial data in flash-memory for each operation. Especially, the utilization of buffer space was enhanced by preventing the redundant storage of the same spatial data in the buffer. Finally, we perform ed various performance evaluations and proved the superiority of FR-Tree to the existing spatial indexes.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.11
• /
• pp.379-384
• /
• 2016

NAND flash storage is widely used for computer systems, because of it has faster response time, lower power consumption, and larger capacity per unit area than hard disk. However, currently used I/O scheduler in the operating system is optimized for characteristics of the hard disk. Therefore, the conventional I/O scheduler includes the unnecessary overhead in the case of the NAND flash storage to be applied. Particularly, when the write requests performed intensively, garbage collection is performed intensively. So, it occurs the problem that the processing of the I/O request delay. In this paper, we propose the new I/O scheduler to solve the problem of garbage collection performs intensively, and to optimize for NAND flash storage. In the result of performance evaluation, proposed scheme shows an improvement the user responsiveness by reducing 1% of the average read response time and 78% of the maximum response time.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.2
• /
• pp.143-151
• /
• 2013

NAND flash-based SSDs (Solid State Drive) have advantages of fast input/output performance and low power consumption so that they could be widely used as storages on tablet, desktop PC, smart-phone, and server. But, SSD has the disadvantage of wear-leveling due to increase of the number of writes. In order to improve the lifespan of the SSD, a variety of data deduplication techniques have been introduced. General fixed-size splitting method allocates fixed size of chunk without considering locality of data so that it may execute unnecessary chunking and hash key generation, and variable-size splitting method occurs excessive operation since it compares data byte-by-byte for deduplication. This paper proposes adaptive chunking method based on application locality and file name locality of written data in SSD-based server storage. The proposed method split data into 4KB or 64KB chunks adaptively according to application locality and file name locality of duplicated data so that it can reduce the overhead of chunking and hash key generation and prevent duplicated data writing. The experimental results show that the proposed method can enhance write performance, reduce power consumption and operation time compared to existing variable-size splitting method and fixed size splitting method using 4KB.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.3
• /
• pp.178-192
• /
• 2006

The buffer overflow attack is the single most dominant and lethal form of security exploits as evidenced by recent worm outbreaks such as Code Red and SQL Stammer. In this paper, we propose microarchitectural techniques that can detect and recover from such malicious code attacks. The idea is that the buffer overflow attacks usually exhibit abnormal behaviors in the system. This kind of unusual signs can be easily detected by checking the safety of memory references at runtime, avoiding the potential data or control corruptions made by such attacks. Both the hardware cost and the performance penalty of enforcing the safety guards are negligible. In addition, we propose a more aggressive technique called corruption recovery buffer (CRB), which can further increase the level of security. Combined with the safety guards, the CRB can be used to save suspicious writes made by an attack and can restore the original architecture state before the attack. By performing detailed execution-driven simulations on the programs selected from SPEC CPU2000 benchmark, we evaluate the effectiveness of the proposed microarchitectural techniques. Experimental data shows that enforcing a single safety guard can reduce the number of system failures substantially by protecting the stack against return address corruptions made by the attacks. Furthermore, a small 1KB CRB can nullify additional data corruptions made by stack smashing attacks with only less than 2% performance penalty.

• Proceedings of the Korean Institute of Electrical and Electronic Material Engineers Conference
• /
• 2009.06a
• /
• pp.29-29
• /
• 2009

현재 고집적 비휘발성 메모리 소자로는 MRAM (Magnetic Random Access Memory)과 PRAM (Phase Magnetic Random Access Memory)이 활발하게 미국과 일본, 한국 등에서 다양한 연구가 진행되어 오고 있다. 이 중에서 MRAM은 DRAM과 비슷한 10 ns의 빠른 읽기/쓰기 속도와 비휘발성 특성을 가지고 있으며, 전하를 저장할 커패시터가 필요 없고, 두 개의 자성충에 약 10 mA 정도의 전류를 가하면 그때 발생하는 약 10 Oe의 자장을 개개의 비트를 write하고, read 시에는 각 비트의 자기저항을 측정함으로써 데이터를 저장하고 읽을 있으므로, 고집적화가 가능성하다 [1]. 현재 우수한 박막 재료가 개발 되었으나, 고집적 MRAM 소자의 양산에는 해결 하여야 하는 문제점이 있다. 특히 다층 박막으로 구성되어 있으므로 식각 공정의 개발이 필수적이다. 지금까지 MRAM 재료의 식각은 주로 Ion milling, ICP, ECR등의 플라즈마 장치를 되었고, 식각 가스로는 할로겐 기체와 금속카보닐 형성을 위한 Co/$NH_3$와 $Ch_3OH$ 기체가 이용되고 있다. 그러나 할로겐 계열의 기체를 사용할 경우, 식각 부산물들의 높은 끓는점 때문에 식각 부산물이 박막의 표면에서 열적 탈착에 의하여 제거되지 않기 때문에 높은 에너지를 가지는 이온의 도움에 의한 식각이 필요하다. 또한 Cl 계열의 기체를 사용할 경우, 식각 공정 후, 시료가 대기에 노출되면 대기 중의 수분과 식각 부산물이 결합하여 부식 현상이 발생하게 된다. 그러므로 이를 방지하기 위한 추가 공정이 요구된다. 최근에는 부식 현상이 없고, MTJ 상부에 사용되는 Ta 또는 Ti Hard mask와의 높은 선택비를 가지는 $CH_3OH$ 또는 CO/$NH_3$가 사용되고 있다. 하부 박막에 따른 식각 특성에 연구와 다층의 박막의 식각 공정에 발생에 관한 발표는 거의 없다. MRAM을 양산에 적용하기 위하여서는 Main etch 공정에서 빠른 식각 공정이 필요하고, Over etch 공정에서 하부박막에 대한 높은 선택비가 요구된다. 그러므로 본 논문에서는 식각 변수에 따른 플라즈마 측정과 표면 반응을 비교하여 각 공정의 식각 메커니즘을 규명하고, Main Etch 공정에서는 $Cl_2$/Ar 또는 $BCl_3$/Ar 가스를 이용하여 식각 실험을 수행하고, Over etch 공정에는 낮은 Ta 박막 식각 속도를 가지는 $Ch_4/O_2$/Ar 또는 $Ch_3OH$/Ar 가스를 이용하고자 한다. 플라즈마 내의 식각종과 Ta 박막과의 반응을 XPS와 AES를 이용하여 분석하고, 식각 공정 변수에 따른 식각 속도, 식각 선택비와 식각 프로파일 변화를 SEM을 이용하여 관찰한다.

• (The) Research of the performance art and culture
• /
• no.33
• /
• pp.329-354
• /
• 2016

Hyupryulrang was the position that announced the start and end of music in royal ceremonies. It appeared when the royal etiquette was categorized and implemented due to the five etiquette system, which was formed by the influence of Confucianism. Confucianism valued etiquette and music and this aspect was reflected in royal five etiquette, making music involved in royal ceremonies. So there was a need to have a mediator who will announce the insertion of music according to the process of royal ceremonies. For harmonious realization of royal ceremonies and music, hyupryulrang was indispensible. In Korea hyupryulrang appeared in Goryo era and lasted until Joseon era. Hyupryulrang during Joseon was handled by bongsanshi and once was taken by jeonak( 典樂) temporarily but finally was managed by officials in jang-akwon(掌樂院). Among the officials in jang-akwon, jang-akwon jeong(正) mainly served the role but jang-akwon chumjeong(僉正) and jang-akwon juboo(主簿) were sometimes recruited for the role according to circumstances. What was common among jang-akwon jeong, chumjeong, and juboo was that they were all danghakwan(堂下官). Danghakwan was an official who had the fundamental limitation of not being able to participate in policy making so was in a lower position compared to dangsangkwan. Meanwhile, according to circumstances of ceremonial process or the characteristics of ceremonies, gyeraseonjeonkwan(啓螺宣傳官), mushingyungseonjeonkwan(武臣兼宣傳官), and yeojipsa(女執事) were recruited as hyupryulrang instead of officials of jang-akwon, so that there would be no problems in ceremonies and performance of music. The activities of hyupryulrang can be summarized as setting up or laying down hui in most ceremonies that involved band. At night, however, as hui(麾) was invisible, jochok(照燭) or sometimes geumgogi(金鼓旗) was used. As for the term that referred to hyupryulrang, in case of royal banquet, the names of the ceremonial tools were borrowed such as geohuichabi(擧麾差備) and jochokchabi(照燭差備). The location of hyupryulrang was in the west on top of seogye(西階) facing toward the east, which was a position where hyupryulrang could watch the ceremonial process easily and be close to the band. That is, it was a position where one can see the space of ceremony and the space of music at the same time. Also, hyupryulrang was involved in musical parts related to ceremonies such as rehearsals, arrangement of the band, controlling the speed of music, and prevention of missing any musical pieces, and was in charge of such tasks. Hyupryulrang, who had to take charge of music in accordance with ceremonial procedure, was a mediator between royal ceremonies and music.