• Journal of KIISE:Computer Systems and Theory
• /
• v.29 no.7
• /
• pp.401-410
• /
• 2002

Control independence has been put forward as a new significant source of instruction-level parallelism for superscalar processors. In branch prediction mechanisms, all instructions after a mispredicted branch have to be squashed and then instructions of a correct path have to be re-fetched and re-executed. This paper presents a new branch misprediction recovery mechanism to reduce the number of instructions squashed on a misprediction. Detection of control independent instructions is accomplished with the help of the static method using a profiling and the dynamic method using a control flow of program sequences. We show that the suggested branch misprediction recovery mechanism improves the performance by 2~7% on a 4-issue processor, by 4~15% on an 8-issue processor and by 8~28% on a 16-issue processor.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.827-838
• /
• 2005

DDoS (Distributed Denial of Service) attack is a critical threat to current Internet. To solve the detection and response of DDoS attack on BcN, we have investigated detection algorithms of DDoS and Implemented anomaly detection modules. Recently too many technologies of the detection and prevention have developed, but it is difficult that the IDS distinguishes normal traffic from the DDoS attack Therefore, when the DDoS attack is detected by the IDS, the firewall just discards all over-bounded traffic for a victim or absolutely decreases the threshold of the router. That is just only a method for preventing the DDoS attack. This paper proposed the mechanism of response for the legitimated clients to be protected Then, we have designed and implemented the statistic based system that has the automated detection and response functionality against DDoS on Linux Zebra router environment.

• Journal of Digital Contents Society
• /
• v.19 no.4
• /
• pp.837-844
• /
• 2018

Recently, the cloud technology has made dynamical network changes by enabling the construction of a logical network without building a physical network. Despite recent research on the cloud, it is necessary to study security functions for the identification of fake virtual network functions and the encryption of communication between entities. Because the VNFs are open to subscribers and able to implement service directly, which can make them an attack target. In this paper, we propose a virtual public key infrastructure mechanism that detects a fake VNFs and guarantees data security through mutual authentication between VNFs. To evaluate the virtual PKI, we built a management and orchestration environment to test the performance of authentication and key generation for data security. And we test the detection of a distributed denial of service by using several AI algorithms to enhance the security in NFV.

• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.37-48
• /
• 2008

VoIP service is a transmission of voice data using SIP protocol on IP based network, The SIP protocol has many advantages such as providing IP based voice communication and multimedia service with cheap communication cost and so on. Therefore the SIP protocol spread out very quickly. But, SIP protocol exposes new forms of vulnerabilities on malicious attacks such as Message Flooding attack and protocol parsing attack. And it also suffers threats from many existing vulnerabilities like on IP based protocol. In this paper, we propose a new Virtual Proxy Server system in front of the existed Proxy Server for anomaly detection of SIP attack and stateful management of SIP session with enhanced security. Based on stateful virtual proxy server, out solution shows promising SIP Message Flooding attack verification and detection performance with minimized latency on SIP packet transmission.

• Journal of Aerospace System Engineering
• /
• v.16 no.1
• /
• pp.49-55
• /
• 2022

The role of drones has been expanded to various fields such as agriculture, construction, and logistics. In particular, agriculture drones are emerging as an effective alternative to solve the problem of labor shortage and reduce the input cost. In this study therefore, we proposed the fruit recognition algorithm and harvesting mechanism for fruit harvesting drone system that can safely harvest fruits at high positions. In the fruit recognition algorithm, we employ "You-Only-Look-Once" which is a deep learning-based object detection algorithm and verify its feasibility by establishing a virtual simulation environment. In addition, we propose the fruit harvesting mechanism which can be operated by a single driving motor. The rotational motion of the motor is converted into a linear motion by the scotch yoke, and the opened gripper moves forward, grips a fruit and rotates it for harvesting. The feasibility of the proposed mechanism is verified by performing Multi-body dynamics analysis.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.4
• /
• pp.406-411
• /
• 2010

A honeynet is a closely monitored computing resource that we want to be probed, attacked or compromised. More precisely, a honeypot is "an information system resource whose value lies in unauthorized or illicit use of that resource The value of honeynet is weighed by the information that can be obtained from it. but It's very difficult to deploy Honeynet in Real World, So I focused on Virtual Honeynet. The strength of virtual honeynet is scalability and ease of maintenance. It is inexpensive to deploy and accessible to almost everyone. Compared with physical honeypots, this approach is more lightweight. Instead of deploying a physical computer system that acts as a honeypot, we can also deploy one physical computer that hosts several virtual machines that act as honeypots.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06d
• /
• pp.208-210
• /
• 2006

그리드 환경에서는 원격의 이질적인 자원들을 서로 공유하며 상호 접근이 가능하도록 하여 사용자의 작업을 처리 할 수 있는 메커니즘을 제공한다. 하지만 각 노드들은 그리드에 자유롭게 참여 및 탈퇴가 가능하다는 점에서 P2P 네트워크 구조와 매우 유사하기 때문에 기존의 병렬처리 컴퓨터에서의 부하 균형문제와는 다른 특징을 갖게 된다. 본 논문에서는 동적인 자원 구성의 특징을 갖는 그리드 컴퓨팅 환경에서 발생할 수 있는 부하 균형 문제를 정의하고 이를 해결하기 위해 조정 노드(coordinating node)라고 불리는 부하 탐지 모듈을 설계 및 구현한다. 본 논문에서 제안된 조정 노드는 동적으로 변화하는 그리드 자원들의 상태를 실시간으에 탐지하게 되며 각 노드들이 네트워크에 새롭게 참여/탈퇴하여 네트워크 위상이 변화하는 경우에도 부하 균형을 달성 하게 된다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.971-974
• /
• 2002

일반적으로 악의적인 사용자는 시스템에 공격을 가해 관리자 권한을 취득한 후 그 시스템에 쉽게 침입하기 위해 백도어를 설치해 놓는다. 이전의 백도어는 대부분 사용자 영역에서 수행중인 응용 프로그램의 형태로 설치가 되었다. 그러나 최근에는 로더블 모듈과 같은 운영체제의 확장 방법을 이용하여 커널 영역에서 수행되는 백도어가 나타나게 되었다. 이러한 커널 백도어를 구현하는 방식은 크게 시스템 콜 테이블을 수정하는 방법과 시스템 콜 처리 루틴을 수정하는 방법의 두 가지로 나눌 수 있다. 본 논문에서는 기존에 구현된 커널 백도어의 특성 분석을 하였으며, 이를 기반으로 커널 백도어를 효율적으로 차단 및 탐지할 수 있는 방안을 제안하고 있다. 본 논문에서 언급하는 방안은 커널 메모리 영역에 대한 분석을 통하여 백도어가 시스템 콜 테이블을 수정하거나 시스템 콜 처리 루틴을 변경할 수 없도록 하는 보호 메커니즘을 적용하고 있다. 이를 통하여 커널 내부로 적재되어 백도어를 생성하는 악의적인 모듈의 가능성을 원천적으로 방지할 수 있다.

• Journal of Drive and Control
• /
• v.19 no.2
• /
• pp.27-35
• /
• 2022

This study presents one man-portable, hazardous gas detecting and capturing robot. The robot can be fit in the trunk of a sedan car. Its weight is less than 20 kg. A dedicated gas intake mechanism is proposed for the robot. The robot can detect and capture gases at a height of 2 m above the ground, although the height of the robot is about 0.2 m. The performance of the gas intake mechanism is verified through computational fluid dynamics (CFD) analysis and experiments. Its gas detecting signals were acquired by serial communication and processed in Robot Operating System (ROS) based control software. The proposed robot can successfully move on rough terrains such as stairs, sand roads, and rock roads.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.05a
• /
• pp.206-208
• /
• 2023

비대면 활동 및 원격 작업 증가에 따라 문서 파일을 이용한 사이버 공격 빈도가 증가하고 있으며, 별도의 실행 파일 대신 문서 내의 기본적인 기능을 악용하는 문서 공격은 기존의 악성코드 탐지 메커니즘을 우회할 수 있기 때문에 큰 문제가 되고 있다. 이러한 문제에 대응하기 위한 여러 기술 중 CDR 기술은 악성 행위에 이용될 가능성이 있는 액티브 콘텐츠를 제거하거나 비활성화하여 사전에 악성코드로 탐지되지 않았던 파일에 대한 보안성을 제공하지만, 문서의 내용을 분석하고 안전하게 재조합하는 과정에서 오류가 발생하여 전달하고자 했던 내용을 제대로 표현할 수 없게 되거나, 파일을 사용할 수 없게 되는 문제가 발생할 수 있다. 본 논문에서는 파일을 후처리하는 방식으로만 CDR을 적용하는 것이 아니라, 확장 프로그램이나 가상 환경 등을 이용해 문서의 작성 단계에서부터 CDR 처리과정을 거치게 하는 방법을 제안하여 파일 손상이나 내용 누락 문제를 완화하고 사용자의 업무 효율을 높이는 동시에 강화된 보안성을 제공한다.