• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.8
• /
• pp.106-113
• /
• 2008

In this paper, we will design and substantiate the Network Traffic management system(MAGI), which makes up for the weak points of existing Network Monitoring tools and realize dynamic firewall; MRTG, ntop, ethereal, and nettest. The Network Traffic Monitoring and analyzing system differs from existing software-based Network Monitoring tools as MAGI is a combination of software and hardware. Not only the innovative web user interface applied to the software makes analyzing traffic simpler, but it also has a function for monitoring and managing conditions of the hardware. The web user interface implemented with PHP and MySQL helps to use the database and as a result, analyzing data becomes easier. On the hardware part, the appliance is configured as a bridge in a network. As a result, managed system does not have overload.

• Journal of KIISE:Computing Practices and Letters
• /
• v.11 no.6
• /
• pp.514-530
• /
• 2005

This paper proposes a compact eAI framework for the integration of various types of applications deployed on different platforms in the Internet. The applications are connected and invoked to achieve a business goal by the coordination of the workflow system in the framework. for the construction of the framework, five sub-modules are elicited and the functions and roles of each module are defined. The elicited five sub-modules include business process modeling tool, eAI platform, business processes transform module, UDDI connection module, and workflow system. In the framework, intra and inter organizational applications can be integrated together across firewalls. In this paper, the extension of a workflow system to implement the framework is also described in detail and the usefulness of the framework is ascertained by implementing an application process within the framework. A full-fledged eAI solution can be constructed by gradually adding supplementary functions within this framework.

• Journal of Convergence Society for SMB
• /
• v.4 no.3
• /
• pp.1-6
• /
• 2014

DDoS (Distributed Denial Service, Distributed Service) attacks are being generated for a constant threat on the Internet, countermeasures for this have been proposed. However, the problem has become an increasingly effective instruction in any Measures are a variety of attacks and sophisticated attacks. Attackers can change a steady attack tools to respond to these, the experts as a countermeasure to this constantly research for a fresh attack. This paper is to introduce countermeasures to DDoS recent representative examples of 7.7DDoS and look for 3.3DDoS existing types of DDoS attacks increased PPS attacks, high traffic sent, web service delay and router and firewall settings, applications and to describe the DDoS countermeasures research by certification, is so that you can plan effectively for the future DDoS attacks proposed method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.6
• /
• pp.1106-1118
• /
• 2006

The Internet has become an important instrument for providing many pieces of information to us. And server systems offer the various services after processing a volume of information, it's network topology also has been complex for providing information. Therefore this expansion means the importance of fast and sustained management of server systems. But most of server systems are located in fire-walls to allow only restricted access. Moreover, due to the difference of management based on the different operating system of each server system, management of server system is not to efficiency. That is, sever administrators have to manage by themselves many kinds of servers by using local-based or socket-based single access applications. Therefore, we design and implement a middleware system which allows to manage many kinds of severs integrally ruling XML-based Web Services which have distributed object technology such as CORBA, Java RMI and DCOM, but are free from platforms or development languages. System also provides location transparency and terminal independence and calls a server system management command to manage systems.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2023.05a
• /
• pp.456-456
• /
• 2023

본 연구에서는 위성영상 상황판연계·표출시스템 적용을 위한 SNS 주민참여 콘텐츠를 개발하고, 재난대응 표준위기관리절차 기반의 주민참여정보 활용방안을 제시하고자 하였다. 재난상황관리에 있어 SNS의 활용을 통한 주민참여 확대적용 방안을 모색하고자 재난 대비·대응 관련 공공 및 정부부처에서 활용 중인 SNS 채널을 조사하였으며, 상황관리에 SNS를 적용한 선행사례를 분석하였다. 이를 기반으로 SNS를 적용한 예방안전 및 피해복원 확대 적용 방안을 제시하였으며, 신속한 위기대응을 위한 보조적인 의사결정 지원도구로서의 콘텐츠를 제안하였다. 먼저, 예방안전 및 피해복원 확대 적용을 위해 SNS에 주민들이 작성한 게시글을 웹 크롤링과 데이터 마이닝을 통해 분석하여 재난 상황인지와 상황판단 및 피해범위 추정에 활용하는 방안을 제시하였고, 이를 상황판연계·표출시스템에서 표출하기 위한 예시화면을 설계하였다. 또한, 연구 1차년에 수행했었던 위성영상을 활용한 재난상황대응 표준위기관리절차 중 위성영상정보에 주민참여정보를 연계·중첩하여 재난의 전조감지 단계부터 확산양상 및 피해범위를 확인하고, 재난기록을 분석하여 추후 발생된 재난에 선제적으로 대비할 수 있는 방안을 제시하였다. 그러나, 주민참여 기반 SNS 콘텐츠 적용을 위한 우선 해결사항으로는 재난상황판단 시, 정보의 정확성과 신뢰성 측면에서 의사결정을 위한 보조도구로서 활용을 할 것인지에 대한 중앙재난안전상황실과의 충분한 협의가 필요하며, 상황실에서 해당 콘텐츠를 활용하게 될 경우, SNS 정보의 행정망 방화벽 허용가능여부에 대한 추가 분석설계가 필요한 상황이다. 이를 위해 금년 연구수행에서 상황실 실무자 수요조사를 통해 SNS 정보 활용에 대한 반영여부를 결정할 예정이다.

• The KIPS Transactions:PartA
• /
• v.18A no.5
• /
• pp.193-204
• /
• 2011

Since web applications are accessed by anonymous users via web, more security risks are imposed on those applications. In particular, because security vulnerabilities caused by insecure source codes cannot be properly handled by the system-level security system such as the intrusion detection system, it is necessary to eliminate such problems in advance. In this paper, to enhance the security of web applications, we develop a static analyzer for detecting the well-known security vulnerability of PHP file inclusion vulnerability. Using a semantic based static analysis, our vulnerability analyzer guarantees the soundness of the vulnerability detection and imposes no runtime overhead, differently from the other approaches such as the penetration test method and the application firewall method. For this end, our analyzer adopts abstract interpretation framework and uses an abstract analysis domain designed for the detection of the target vulnerability in PHP programs. Thus, our analyzer can efficiently analyze complicated data-flow relations in PHP programs caused by extensive usage of string data. The analysis results can be browsed using a JAVA GUI tool and the memory states and variable values at vulnerable program points can also be checked. To show the correctness and practicability of our analyzer, we analyzed the source codes of open PHP applications using the analyzer. Our experimental results show that our analyzer has practical performance in analysis capability and execution time.

• The Journal of the Korea Contents Association
• /
• v.21 no.12
• /
• pp.896-905
• /
• 2021

In the field of SIEM(Security information and event management), many studies try to use a feedback system to solve lack of completeness of training data and false positives of new attack events that occur in the actual operation. However, the current feedback system requires too much human inputs to improve the running model and even so, those feedback from inexperienced analysts can affect the model performance negatively. Therefore, we propose "active model improving feedback technology" to solve the shortage of security analyst manpower, increasing false positive rates and degrading model performance. First, we cluster similar predicted events during the operation, calculate feedback priorities for those clusters and select and provide representative events from those highly prioritized clusters using XAI (eXplainable AI)-based event visualization. Once these events are feedbacked, we exclude less analogous events and then propagate the feedback throughout the clusters. Finally, these events are incrementally trained by an existing model. To verify the effectiveness of our proposal, we compared three distinct scenarios using PKDD2007 and CSIC2012. As a result, our proposal confirmed a 30% higher performance in all indicators compared to that of the model with no feedback and the current feedback system.