• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10a
• /
• pp.475-477
• /
• 1999

기존의 개발 방법이 절차지향 방법에서 객체지향 방법으로 변화해감에 따라 구현시의 중요성보다는 분석 및 설계 단계의 중요성이 높아지고 있고 이를 지원하는 여러 가지 모델링 도구들이 개발되었다. 그러나 이러한 도구는 사용자를 위한 기능에 더 많은 비중을 두어 도구 자체를 구조적으로 정확한 객체지향 방법을 적용하지 못하였다. 본 연구는 인터넷/인트라넷 환경에서 프레임워크를 기반으로 소프트웨어를 개발하기 위한 도구 중에서 모델러에 관한 모듈을 개발하는 것으로서, 도구 자체를 MVC 기반의 객체지향 개념을 적용하여 개발하고 있고, 플랫폼에 독립적인 Java 언어를 이용하여 개발하고 있기 때문에 이와 유사한 OMT 에디터(Java version)를 분석하여 문제점을 개선함으로써 UML 표기법을 사용할 수 있는 모델러를 설계 및 구현하였다. 본 논문은 이러한 모델러를 개발하기 이전의 도구의 구조에 관한 기초 연구로서 위임형 이벤트 모델을 사용한 컨트롤러의 독립성을 이용한 이벤트 처리 기법을 적용하였으며, 여러 개의 뷰(폼)사이의 메시지 전달을 위하여 Agent 패턴이라는 자체 설계 패턴을 개발함으로써 도구 자체를 객체지향적으로 구조화하였다. 이러한 객체지향적 설계 및 구현은 사용자의 요구가 변경되고 도구 자체의 기능 확장이 요구될 경우에 빠르고 쉽게 이를 반영할 수 있다는 장점을 가지고 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.744-746
• /
• 2013

서버는 사용자의 요청에 따라 정보를 제공한다. 사용자는 외부 혹은 내부 네트워크에서 서버에 접근하여 데이터를 요청하고, 서버는 서버 내의 데이터 스토어에 저장되어 있는 데이터들을 지정된 방식에 맞게 사용자에게 보여주게 된다. 이러한 일련의 처리 과정들은 서버의 로그로 보관되어지며, 로그는 처리 과정의 세부적인 정보들을 가지고 있다. 서버 관리자는 로그에 기록되어 있는 정보들을 이용해 사용자의 행동을 파악할 수 있으며, 악의적이거나 잘못된 접근 또한 감지할 수 있다. 로그데이터 안에는 접속시간, 사용자 IP, 포트정보, 프로토콜정보, 이벤트 등 사용자가 활동한 흔적들이 기록된다[1]. 어떤 사용자가 언제 어떠한 경로로 어떠한 행위를 하였는지에 대하여 로그는 기록하고 있다. 본 논문에서는 이벤트로 서버에 요청하는 쿼리문과 사용자의 IP주소를 이용하여 사용자의 행동 패턴을 파악하고 분석하며, 분석된 행동 패턴과 사용자 정보를 기반으로 악의적인 접근을 방지하고 통제하고자 한다.

• The KIPS Transactions:PartD
• /
• v.18D no.4
• /
• pp.261-274
• /
• 2011

In recent competitive business environment each enterprise has to be agile and flexible. For these purposes run-time monitoring ofservices provided by an enterprise and early decision making through this becomes core competition of the enterprise. In addition, in order to process various innumerable events which are generated on enterprise systems techniques which make filtering of meaningful data are needed. However, the existing study related with this is nothing but discovering of service faults by monitoring depending upon API of BPEL engine or middleware, or is nothing but processing of simple events based on low-level events. Accordingly, there would be limitations to provide useful business information. In this paper, through situation detection an extended complex event model is presented, which is possible to provide more valuable and useful business information. Concretely, first of all an event processing architecture in an enterprise system is proposed, and event meta-model which is suitable to the proposed architecture is going to be defined. Based on the defined meta-model, It is presented that syntax and semantics of constructs in our event processing language including various and progressive event operators, complex event pattern, key, etc. In addition, an event context mechanism is proposed to analyze more delicate events. Finally, through application studies application possibility of this study would be shown and merits of this event model would be present through comparison with other event model.

• Proceedings of the Korean Institute of Landscape Architecture Conference
• /
• 2014.10a
• /
• pp.44-46
• /
• 2014

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1315-1324
• /
• 2012

Security visualization is a form of the data visualization techniques in the field of network security by using security-related events so that it is quickly and easily to understand network traffic flow and security situation. In particular, the security visualization that detects the abnormal situation of network visualizing connections between two endpoints is a novel approach to detect unknown attack patterns and to reduce monitoring overhead in packets monitoring technique. However, the session-based visualization doesn't notice a difference between normal traffic and attacks that they are composed of similar connection pattern. Therefore, in this paper, we propose an efficient session-based visualization method for analyzing and detecting between normal server activities and attacks by using the IP address splitting and port attributes analysis. The proposed method can actually be used to detect and analyze the network security with the existing security tools because there is no dependence on other security monitoring methods. And also, it is helpful for network administrator to rapidly analyze the security status of managed network.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.7
• /
• pp.2638-2647
• /
• 2010

X-MAC reduces transmission delay and energy consumption by using a short preamble instead of the existing long preamble. To solve the problem of X-MAC, this paper proposes a new MAC protocol called Express-MAC. The wireless sensor network is mainly used for the purpose of gathering event data or situation information. Especially, the transmission pattern of the sensor network with the purpose of event detection such as intrusion detection is very intermittent as well as successively occurring when a single event takes place in most cases. By reflecting sensor network's key transmission patterns as above, EX-MAC has used multi-hub path's path reservation system and awake section's transmission time reservation method in data transmission when the first event takes place. The awake time reservation in transmission path has improved successive data transmission's end-to-end delay, and it has also increased efficiency in terms of energy consumption by reducing the preamble length of data transmission and reception node.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06b
• /
• pp.134-137
• /
• 2007

임베디드 소프트웨어 모델링에서 패턴의 활용은 설계 모델의 품질을 향상시키는데 매우 중요한 역할을 수행한다. 특히 상태 기반의 모델링은 임베디드 시스템의 행위를 중심으로 표현되기 때문에 패턴의 활용은 정확한 기능의 설계 및 설계 모델의 복잡도 감소에 도움이 된다. 본 연구에서는 임베디드 소프트웨어의 상태 전이 모델의 복잡도를 감소시키기 위해 제시된 기존의 설계 패턴을 고찰하고, 이에 대한 신택스와 시맨틱의 확장을 통해 새로운 설계 패턴을 제시한다. 제시된 설계 패턴은 임베디드 소프트웨어가 갖는 비예측성(unexpected) 이벤트를 반영할 수 있도록 확장되었으며, 이는 보다 유연하고, 확장 가능한 임베디드 소프트웨어의 모델링을 가능하도록 할 것이다.

• KIISE Transactions on Computing Practices
• /
• v.21 no.8
• /
• pp.513-523
• /
• 2015

A complex event processing system, becoming useful in real life domains, efficiently processes stream of continuous events like sensor data from IoT systems. However, those systems do not work well on some types of queries yet, so that programmers should be careful about that. For instance, they do not sufficiently provide detailed guide to choose efficient queries among the almost same meaning queries. In this paper, we propose an query preprocessing tool for event stream processing systems, which helps programmers by giving them the hints to improve performance whenever their queries fall in any possible bad formats in the performance sense. We expect that our proposed module would be a big help to increases productivity of writing programs where debugging, testing, and performance tuning are not straightforward.

• Journal of KIISE:Databases
• /
• v.36 no.3
• /
• pp.169-179
• /
• 2009

Communication log data consist of communication events such as sending and receiving e-mail or instance message and visiting web sites, etc. Many countries including USA and EU enforce the retention of these data on the communication service providers for the purpose of investigating or detecting criminals through the Internet. Because size of the retained data is very large, the efficient method for extracting valuable information from the data is needed for Law Enforcement Authorities to use the retained data. This paper defines the Interactive Communication Sequence Patterns(ICSPs) that is the important information when each communication event in communication log data consists of sender, receiver, and timestamp of this event. We also define a Mining(FDICSP) problem to discover such patterns and propose a method called Fast Discovering Interactive Communication Sequence Pattern(FDICSP) to solve this problem. FDICSP focuses on the characteristics of ICS to reduce the search space when it finds longer sequences by using shorter sequences. Thus, FDICSP can find Interactive Communication Sequence Patterns efficiently.

• Journal of Internet Computing and Services
• /
• v.20 no.1
• /
• pp.87-96
• /
• 2019

In this paper, we propose a MapReduce-supported clustering technique for collecting and classifying distributed workflow enactment event logs as a preprocessing tool. Especially, we would call the distributed workflow enactment event logs as Workflow BIG-Logs, because they are satisfied with as well as well-fitted to the 5V properties of BIG-Data like Volume, Velocity, Variety, Veracity and Value. The clustering technique we develop in this paper is intentionally devised for the preprocessing phase of a specific workflow process mining and analysis algorithm based upon the workflow BIG-Logs. In other words, It uses the Map-Reduce framework as a Workflow BIG-Logs processing platform, it supports the IEEE XES standard data format, and it is eventually dedicated for the preprocessing phase of the ${\rho}$-Algorithm that is a typical workflow process mining algorithm based on the structured information control nets. More precisely, The Workflow BIG-Logs can be classified into two types: of activity-based clustering patterns and performer-based clustering patterns, and we try to implement an activity-based clustering pattern algorithm based upon the Map-Reduce framework. Finally, we try to verify the proposed clustering technique by carrying out an experimental study on the workflow enactment event log dataset released by the BPI Challenges.