• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.905-916
• /
• 2004

Self-organizing hierarchical ad hoc network (SOHAN) is a new ad-hoc network architecture designed to improve the scalability properties of conventional 'flat' ad hoc networks. This network architecture consists of three tiers of ad-hoc nodes, i.e.. access points, forwarding nodes and mobile nodes. This paper presents a topology discovery and routing protocol for the self-organization of SOHAN. We propose a cross-layer path metric based on link quality and MAC delay which plays a key role in producing an optimal cluster-based hierarchical topology with high throughput capacity. The topology discovery protocol provides the basis for routing which takes place in layer 2.5 using MAC addresses. The routing protocol is based on AODV with appropriate modifications to take advantage of the hierarchical topology and interact with the discovery protocol. Simulation results are presented which show the improved performance as well as scalability properties of SOHAN in terms of through-put capacity, end-to-end delay, packet delivery ratio and control overhead.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.1
• /
• pp.175-183
• /
• 2008

QoS-support technology in networks is based on measuring QoS metrics which reflect a magnitude of stability and performance. The one-way delay measurement of the QoS metrics especially requires a guarantee of clock synchronization between end-to-end hosts. However, the hosts in networks have a relative or absolute difference in clock time by reason of clock offsets. flock skews and clock adjustments. In this paper, we present a theorem, methods and simulation results of one-way delay and clock offset estimations between end-to-end hosts. The proposed theorem is a relationship between one-way delay, one-way delay variation and round-trip time And we show that the estimation error is mathematically smaller than a quarter of round-trip time.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.9
• /
• pp.608-614
• /
• 2006

The popularization of high-speed networks and the innovation of high-performance hardware/servers have enlarged the role of large-scale, highly distributed IT infrastructure. Though many criteria on the assessment of IT infrastructure can be considered, the survivability assessment is treated as the most important one due to the essential role as an infrastructure. While assessing the survivability of some given IT infrastructures, we can not only choose the best one among them but also improve their survivability by modifying their structure and security policies. In this paper, we propose a DMKB-based assessment system on the survivability of IT infrastructures, where DMKB is a kind of database which provides the known vulnerabilities and defense mechanism for many system components.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.397-406
• /
• 2003

As the information technology grows interests in the intrusion detection system (IDS), which detects unauthorized usage, misuse by a local user and modification of important data, has been raised. In the field of anomaly-based IDS several artificial intelligence techniques such as hidden Markov model (HMM), artificial neural network, statistical techniques and expert systems are used to model network rackets, system call audit data, etc. However, there are undetectable intrusion types for each measure and modeling method because each intrusion type makes anomalies at individual measure. To overcome this drawback of single-measure anomaly detector, this paper proposes a multiple-measure intrusion detection method. We measure normal behavior by systems calls, resource usage and file access events and build up profiles for normal behavior with hidden Markov model, statistical method and rule-base method, which are integrated with a rule-based approach. Experimental results with real data clearly demonstrate the effectiveness of the proposed method that has significantly low false-positive error rate against various types of intrusion.

• Journal of the Korean Society for information Management
• /
• v.41 no.3
• /
• pp.381-409
• /
• 2024

In co-authorship networks, temporal networks can be modeled by identifying the formation and dissolution (linking and removing) of co-authorship relationships over time from the publication year information of the papers. Therefore, this study seeks to analyze the overall research collaboration networks of data papers and articles from an evolutionary perspective for modeling the temporal network in terms of informetrics and investigating the dynamic and structural mechanisms of the temporal co-authorship network. For that purpose, Biodiversity Data Journal, a mixed data journal in the biodiversity domain was used as the unit of analysis in this study as this domain had proposed data paper as a new mechanism for data publication. In addition, bibliometric records of 247 data papers and 638 articles involving two or more researchers were collected from the Web of Science. The results indicated that the dynamic co-authorship networks of data papers and articles in the biodiversity domain exhibited the scale-free property of a complex network and the small-world property in the Watts-Strogatz sense during the network evolution. Also, both publication types kept the structure of locally cohesive author groups over time in the networks. The implementation of TTBC (Temporal Triadic Betweenness Centrality) has allowed for the examination and tracking of the evolutionary trends of important or influential time-dependent authors (nodes) by the target year. And last, visualization with a dynamic approach enabled a more effective identification of analysis results, such as the exhibited structural difference in the temporal co-authorship networks of data papers and articles in the biodiversity domain, which can be interpreted as the structural properties of the networks among collaborative researchers dealing with data.

• Journal of KIISE:Software and Applications
• /
• v.36 no.6
• /
• pp.479-490
• /
• 2009

A number of temporal abstraction approaches have been suggested so far to handle the high computational complexity of Markov decision problems (MDPs). Although the structure of temporal abstraction can significantly affect the efficiency of solving the MDP, to our knowledge none of current temporal abstraction approaches explicitly consider the relationship between topology and efficiency. In this paper, we first show that a topological measurement from complex network literature, mean geodesic distance, can reflect the efficiency of solving MDP. Based on this, we build an incremental method to systematically build temporal abstractions using a network model that guarantees a small mean geodesic distance. We test our algorithm on a realistic 3D game environment, and experimental results show that our model has subpolynomial growth of mean geodesic distance according to problem size, which enables efficient solving of resulting MDP.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.5
• /
• pp.209-216
• /
• 2013

In traditional social network analysis, the betweenness centrality measure has been heavily used to identify the relative importance of nodes in terms of message delivery. Since the time complexity to calculate the betweenness centrality is very high, however, it is difficult to get it of each node in large-scale social network where there are so many nodes and edges. In this paper, we define a new type of network, called the expanded ego network, which is built only with each node's local information, i.e., neighbor information of the node's neighbor nodes, and also define a new measure, called the expended ego betweenness centrality. Through the intensive experiment with Barab$\acute{a}$si-Albert network model to generate the scale-free networks which most social networks have as their embedded feature, we also show that the nodes' importance rank based on the expanded ego betweenness centrality has high similarity with that based on the traditional betweenness centrality.

• Journal of Internet of Things and Convergence
• /
• v.9 no.1
• /
• pp.77-87
• /
• 2023

Applying various association rule mining algorithms to the network intrusion detection task involves two critical issues: too large size of generated rule set which is hard to be utilized for IoT systems and hardness of control of false negative/positive rates. In this research, we propose an association rule mining algorithm based on the newly defined measures called coverage and exclusion. Coverage shows how frequently a pattern is discovered among the transactions of a class and exclusion does how frequently a pattern is not discovered in the transactions of the other classes. We compare our algorithm experimentally with the Apriori algorithm which is the most famous algorithm using the public dataset called KDDcup99. Compared to Apriori, the proposed algorithm reduces the resulting rule set size by up to 93.2 percent while keeping accuracy completely. The proposed algorithm also controls perfectly the false negative/positive rates of the generated rules by parameters. Therefore, network analysts can effectively apply the proposed association rule mining to the network intrusion detection task by solving two issues.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11b
• /
• pp.652-654
• /
• 2005

베이지안 네트워크의 파라메터 학습은 주어진 평가 척도에 따라 데이터의 훈련집합에 가장 잘 부합되는 네트워크 파라메터를 구하는 것으로, 베이지안 네트워크 설계에 드는 시간과 노력을 줄이기 위해 연구되어 왔다. 본 논문에서는 불완전한 데이터로부터 온라인으로 베이지안 네트워크의 파라메터를 학습하는 방법을 제안한다. 제안하는 방법은 불완전한 데이터로부터 학습이 가능하도록 하여 학습의 유연성을 높이고, 온라인 학습을 통해 사용자 또는 환경의 변화를 잘 모델링한다. Choen 등이 제안한 온라인 파라메터 학습 방법인 Voting EM 알고리즘과 비교 실험 결과, 제안하는 방법의 유용성을 확인할 수 있었다.

• ETRI Journal
• /
• v.8 no.3
• /
• pp.29-43
• /
• 1986

어떤 고장이 시스팀의 기능을 완전히 마비시키는 것이 아니라 그 성능이 저하된 상태에서 운용할 수 있는 degradable system에서는 고전적인 신뢰도 모형을 적용하기가 어려우며, 여기서 성능과 신뢰도는 매우 밀접한 관련이 있다. 본고에서는 성능신뢰도(Performance reliability)에 대한 개념 및 모형화 방법에 대해 살펴보고 실제로 TDX-1의스위치 네트워크인 SWCD의 성능을 해석하여 성능신뢰도를 구하였다. SWCD의 성능척도인 통화성공률에 영향을 미치는 요인으로는 스위치 네트워크 내에서의 blocking, T-SW 및 S-SW의 고장, 그리고 T-SW 및 S-SW의 고장으로 인해 DLC 와 TLC의 가용한 서비스 채널이 감소함으로써 발생하는 DLC 및 TLC에서의 blocking등을 들 수 있는데 이 요인들을 고려하여 SWCD의 성능을 해석하였으며, SWCD에 요구되는 표준성능(Normalized performance) 이 0.99라 할 때 single unit라고 가정한 경우 SWCD의 성능 신뢰도는 MTUO(Mean Time to Unreliable Operation)가 3076.7시간이었다. 또한 성능을 해석하는 과정에서 디지틀 스위치 네트워크인 SWC만의 최대 발신 통화처리 용량을 구한 결과, 스위치 네트워크 내에서의 blocking 확률에 대한 최대 허용치를 $10^-3$으로 하였을 때 약 1,700Erlang이었다.