• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.3
• /
• pp.178-192
• /
• 2006

The buffer overflow attack is the single most dominant and lethal form of security exploits as evidenced by recent worm outbreaks such as Code Red and SQL Stammer. In this paper, we propose microarchitectural techniques that can detect and recover from such malicious code attacks. The idea is that the buffer overflow attacks usually exhibit abnormal behaviors in the system. This kind of unusual signs can be easily detected by checking the safety of memory references at runtime, avoiding the potential data or control corruptions made by such attacks. Both the hardware cost and the performance penalty of enforcing the safety guards are negligible. In addition, we propose a more aggressive technique called corruption recovery buffer (CRB), which can further increase the level of security. Combined with the safety guards, the CRB can be used to save suspicious writes made by an attack and can restore the original architecture state before the attack. By performing detailed execution-driven simulations on the programs selected from SPEC CPU2000 benchmark, we evaluate the effectiveness of the proposed microarchitectural techniques. Experimental data shows that enforcing a single safety guard can reduce the number of system failures substantially by protecting the stack against return address corruptions made by the attacks. Furthermore, a small 1KB CRB can nullify additional data corruptions made by stack smashing attacks with only less than 2% performance penalty.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.1
• /
• pp.7-16
• /
• 2016

This paper discusses a method of selecting variant groups to be reviewed for LGR (Label Generation Rule) of Internet Top-Level Hanja Domain. The most difficult problem in setting up LGR of Internet Top-Level Hanja Domain is how to treat Hanja variants. If domains containing variants (e.g.: 東海國) are directed to different addresses, confusion will arise. Therefore, it is desirable that such domains are directed to the same address. Since variant groups of Korea and China are not same, we need to unify variant groups of Korea and China. In the process of reviewing 3093 Chinese variant groups, the author found that Korea does not need to review Chinese variant groups which include no or just one Korean Hanja character. Korea only need to review Chinese variant groups which include two or more Korean Hanja characters. By doing so, the author could reduce the number of Chinese variant groups to be reviewed by Korea from 3093 to 303, which is only one-tenth of the original number of Chinese variant groups. After Korea finishes reviewing 303 Chinese variant groups selected according to the method suggested in this paper, the job of setting up LGR of Internet Top-Level Hanja domain will be accelerated by negotiating with China.

• International Commerce and Information Review
• /
• v.15 no.2
• /
• pp.261-283
• /
• 2013

ISBP745 has new provisions about sea waybill, road, rail or inland waterway transport documents which ISBP681 did not have provisions about. The main revisions of ISBP745 which were not existent or different from ICC Opinion are as follows: First, where B/L is required when multimodal transport is used as a modes of transport, the revisions stipulates that it is subject to UCP600 article19. this differs from previous ICC Opinion. Second, when a credit requires a transport document to indicate the name, address and contact details of a delivery agent, for the place of final destination or port of discharge, the address need not be one that is located at the place of destination or port of discharge or within the same country as that of the place of destination or port of discharge. Third, in case there exist a number of shippers and a consignee, multiple transport documents are issued. This rule has a clear stipulation on this case. Transport industry regards the indication of "LCL/FCL" or "CFS/CY" common in this case as that requiring multiple transport documents. However, ISBP745 does not regard it the case as that requiring multiple transport documents. This may cause some confusion in examination of documents. Forth, when partial shipment is allowed, and more than one set of original transport documents are presented as part of a single presentation made under one covering schedule and incorporate different dates of shipment, the earliest of these dates is to be used of the calculation of an presentation period.

• The KIPS Transactions:PartA
• /
• v.9A no.2
• /
• pp.241-248
• /
• 2002

With the structure of tilde-area computing system which Is specified by a researching team in Vrije University, Netherlands, lots of researchers and developers have been progressing the studies of global location and interconnection services of distributed objects existing in global sites. Most of them halve focused on binding services of only non-duplicated computational objects existing wide-area computing sites without any consideration of duplication problems. But all of objects existing on the earth rave the duplicated characteristics according to how to categorize their own names or properties. These objects with the same property can define as duplicated computational objects. Up to now, the existing naming or trading mechanism has not supported the binding services of duplicated objects, because of deficiency of independent location service. For this reason, we suggest a new model that can not only manages locations of duplicated objects In wide-area computing environments, but also provide minimum binding time by considering both the optimal selection of one of duplicated objects and load balance among distributed systems. Our model is functionally divided into 2 parts, one part to obtain an unique object handle of duplicated objects with same property as a naming and trading service, and the other to search one or more contact addresses by a node manager using a liven object handle, as a location service For location transparency, these services are independently executing each other. Based on our model, we described structure of wide-area integrated tree and algorithms for searching and updating contact address of distributed object on this tree. finally, we showed a federation structure that can globally bind distributed objects located on different regions from an arbitrary client object.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.5
• /
• pp.1-12
• /
• 2015

NAND flash memory has being used for storage systems widely, because it has good features which are low-price, low-power and fast access speed. However, NAND flash memory has an in-place update problem, and therefore it needs FTL(flash translation layer) to run for applications based on hard disk storage. The FTL includes complex functions, such as address mapping, garbage collection, wear leveling and so on. Futhermore, implementation of the FTL on low-power embedded systems is difficult due to its memory requirements and operation overhead. Accordingly, many index data structures for NAND flash memory have being studied for the embedded systems. Overall performances of the index data structures are enhanced by a decreasing of page write counts, whereas it has increased page read counts, as a side effect. Therefore, we propose an index management method using a page mapping log table in $B^+$-Tree based on NAND flash memory to decrease page write counts and not to increase page read counts. The page mapping log table registers page address information of changed index node and then it is exploited when retrieving records. In our experiment, the proposed method reduces the page read counts about 61% at maximum and the page write counts about 31% at maximum, compared to the related studies of index data structures.

• The KIPS Transactions:PartA
• /
• v.19A no.1
• /
• pp.35-44
• /
• 2012

Traditional technologies that are used to improve the performance of hard disk drives show many negative cases if they are applied to solid state drives (SSD). Access time and block sequence in hard disk drives that consist of mechanical components are very important performance factors. Meanwhile, SSD provides superior random read performance that is not affected by block address sequence due to the characteristics of flash memory. Practically, it is recommended to disable prefetching if a SSD is installed in a personal computer. However, this paper presents a combinational method of a prefetching scheme and a memory management that consider the internal structure of SSD and the characteristics of NAND flash memory. It is important that SSD must concurrently operate multiple flash memory chips. The I/O unit size of NAND flash memory tends to increase and it exceeded the block size of operating systems. Hence, the proposed prefetching scheme performs in an operating unit of SSD. To complement a weak point of the prefetching scheme, the proposed memory management scheme adaptively evicts uselessly prefetched data to maximize the sum of cache hit rate and prefetch hit rate. We implemented the proposed schemes as a Linux kernel module and evaluated them using a commercial SSD. The schemes improved the I/O performance up to 26% in a given experiment.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.10
• /
• pp.3236-3246
• /
• 2000

XML is a meta-language as SGML and also can be xonsructed as an Internet versionof simplified SGML being used in confunction with XLL. Xpointer and XSL. Also W3C established DTDless Well-Formed XML document to use XML document on the Web. But it isnt offered system that consists of browsing, link and DTD generating facihty, and efficiently processes DTDless Well-Formed XML document. This paper studies on an implementation and design of system to process DTDless Well-Formed XML document on the client-side. This system consists of Well-Formed XML viewer displaying Well-Formed XML documet, XLL Processor processing Xll and Auto DTD generator constructing automatically DTDs based on multiple documents of the same class. This study focuses on automatic DTD generation during hyperlink navigation and an implementation of extended links based on XLL and Xpointer. ID and Xpointer location address are used as the address mode in the links. As a result of implement of this system, it conforms to validationof extended link facihties, extracts DTD from Well-Fromed XML Documents including same root element at the same class and constructs generalized DTD.

• Journal of KIISE:Computer Systems and Theory
• /
• v.31 no.5_6
• /
• pp.371-378
• /
• 2004

This paper presents the implementation and performance of the HVIA-GE card, which is a hardware implementation of the Virtual Interface Architecture (VIA) based on Gigabit Ethernet. The HVIA-GE card is a 32-bit/33MHz PCI adapter containing an FPGA for the VIA protocol engine and a Gigabit Ethernet chip set to construct a high performance physical network. HVIA-GE performs virtual-to-physical address translation, Doorbell, and send/receive completion operations in hardware without kernel intervention. In particular, the Address Translation Table (ATT) is stored on the local memory of the HVIA-GE card, and the VIA protocol engine efficiently controls the address translation process by directly accessing the ATT. As a result, the communication overhead during send/receive transactions is greatly reduced. Our experimental results show the maximum bandwidth of 93.7MB/s and the minimum latency of 11.9${\mu}\textrm{s}$. In terms of minimum latency HVIA-GE performs 4.8 times and 9.9 times faster than M-VIA and TCP/IP, respectively, over Gigabit Ethernet. In addition, the maximum bandwidth of HVIA-GE is 50.4% and 65% higher than M-VIA and TCP/IP respectively.

• The KIPS Transactions:PartA
• /
• v.14A no.6
• /
• pp.347-356
• /
• 2007

In designing a branch predictor, in addition to accuracy, microarchitects should consider power consumption, especially for embedded processors. This paper proposes a power-aware branch predictor, which is based on the gshare predictor, by accessing the BTB (Branch Target Buffer) only when the prediction from the PHT (Pattern History Table) is taken. To enable the selective access to the BTB, the PHT in the proposed branch predictor is accessed one cycle earlier than the traditional PHT to prevent the additional delay. As a side effect, two predictions from the PHT are obtained through one access to the PHT, which leads to more power savings. The proposed branch predictor reduces the power consumption, not requiring any additional storage arrays, not incurring additional delay (except just one MUX delay) and never harming accuracy. Simulation results show that the proposed predictor reduces the power consumption by $35{\sim}48%$ compared to the traditional predictor.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.10
• /
• pp.1808-1814
• /
• 2008

In addition to RBL function, which is used to applying for spam e-mail filtering, as an effective way to deal with the recently widespread spam types, this paper proposes how to extract URL that was comprised in the original e-mail, apply it to RBL, and expand it. The BotNet, which is used to using for sending spam mails these days, has a problem that it is not able to solve with the distributed addresses of sent mails in spam e-mails. In general, as these spam e-mails are sent from the infected Zombi PC of individual user, the sent address itself is not efficient and is meaningless to use in RBL. As an effective way to filter spam e-mail sent by BotNet, this paper analyzes URLs that contained in the original spam e-mail and proposes how to effectively improve filter rate, based on the distribution data of URL site tempting users. This paper proposes the sending mechanism of spam e-mails from BotNet and the methods to realize those types of spam e-mails. In order to gather analyzable spam e-mails, this paper also carries out an experiment by configuring trap system of spam e-mail. By analyzing spam e-mails, which have been received during the certain period of experiment, this paper shows that the expanded RBL method, using URLs that contained in spam e-mails, is effective way to improve the filter distribution of spam e-mail.