• Journal of KIISE
• /
• v.44 no.10
• /
• pp.1112-1123
• /
• 2017

As content providers further offload content-centric services to the cloud, data retrieval over the cloud typically results in many redundant items because there is a prevalent near-duplication of content on the Internet. Simply fetching all data from the cloud severely degrades efficiency in terms of resource utilization and bandwidth, and data can be encrypted by multiple content providers under different keys to preserve privacy. Thus, locating near-duplicate data in a privacy-preserving way is highly dependent on the ability to deduplicate redundant search results and returns best matches without decrypting data. To this end, we propose an efficient near-duplicate detection scheme for encrypted data in the cloud. Our scheme has the following benefits. First, a single query is enough to locate near-duplicate data even if they are encrypted under different keys of multiple content providers. Second, storage, computation and communication costs are alleviated compared to existing schemes, while achieving the same level of search accuracy. Third, scalability is significantly improved as a result of a novel and efficient two-round detection to locate near-duplicate candidates over large quantities of data in the cloud. An experimental analysis with real-world data demonstrates the applicability of the proposed scheme to a practical cloud system. Last, the proposed scheme is an average of 70.6% faster than an existing scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.263-279
• /
• 2024

With the increasing trend of Cloud migration, security threats in the Cloud computing environment have also experienced a significant increase. Consequently, the importance of efficient incident investigation through log data analysis is being emphasized. In Cloud environments, the diversity of services and ease of resource creation generate a large volume of log data. Difficulties remain in determining which events to investigate when an incident occurs, and examining all the extensive log data requires considerable time and effort. Therefore, a systematic approach for efficient data investigation is necessary. CloudTrail, the Amazon Web Services(AWS) logging service, collects logs of all API call events occurring in an account. However, CloudTrail lacks insights into which logs to analyze in the event of an incident. This paper proposes an automated analysis framework that integrates Cloud Matrix and event information for efficient incident investigation. The framework enables simultaneous examination of user behavior log events, event frequency, and attack information. We believe the proposed framework contributes to Cloud incident investigations by efficiently identifying critical events based on the ATT&CK Framework.

• The KIPS Transactions:PartC
• /
• v.16C no.6
• /
• pp.737-746
• /
• 2009

Given the increased interest in ubiquitous computing, wireless sensor network has been researched widely. The localization service which provides the location information of mobile user, is one of important service provided by sensor network. Many methods to obtain the location information of mobile user have been proposed. However, these methods were developed for only one mobile user so that it is hard to extend for multiple mobile users. If multiple mobile users start the localization process concurrently, there could be interference of beacon or ultrasound that each mobile user transmits. In the paper, we propose APL(Adaptive Power Control based Resource Allocation Technique for Efficient Localization Technique), the localization technique for multiple mobile nodes based on adaptive power control in mobile wireless sensor networks. In APL, collision of localization between sensor nodes is prevented by forcing the mobile node to get the permission of localization from anchor nodes. For this, we use RTS(Ready To Send) packet type for localization initiation by mobile node and CTS(Clear To Send) packet type for localization grant by anchor node. NTS(Not To Send) packet type is used to reject localization by anchor node for interference avoidance and STS(Start To Send) for synchronization between 모anchor nodes. At last, the power level of sensor node is controled adaptively to minimize the affected area. The experimental result shows that the number of interference between nodes are increased in proportion to the number of mobile nodes and APL provides efficient localization.

• KIISE Transactions on Computing Practices
• /
• v.21 no.6
• /
• pp.430-435
• /
• 2015

IP-based, next generation digital broadcast systems transmit DASH segment files. Designed by the DASH system, DASH segment files provide variable quality of contents, while the size of DASH segment files varies even if the file has the same quality. Delays and inefficient use of resources are major challenges in the transmission of variable size DASH segment files in broadcasting systems. Traditional broadcasting transmission systems are designed according to characteristics of physical layer of broadcast, and thus, delay and inefficient resources use is difficult to find. Yet, transmission content quantities continue to rise in the next-generation broadcasting systems (e.g. FHD, UHD (4k, 8k)) with variability of the segments file size as well. Resources for next-generation broadcast are more abundant than traditional broadcast with recent development, but continue to be limited and fixed. Resource delay and inefficiency are important but has not been extensively studied. We propose a transmission structure solution to analyze the delay and efficiency of the resource as each DASH segment file is transmitted, and have further performed simulation studies.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.6
• /
• pp.33-42
• /
• 2012

Rapid evolution of wired and wireless technologies results in various types of embedded systems, and the software to be embedded into those devices now needs the flexibility rather than the fixedness which was well-known property for the embedded software in the past. Mobile agent is one of the useful distributed technologies of reducing network load and latency because of its disconnected operations and high asynchrony. In this paper, a component-based mobile agent framework, called EmHUMAN, is designed and implemented for structural embedding into the devices showing different functions and resource constraints. It consists of 3 layers of components. Based on those components, a structural embedding, considering resource constraints of required functions, amount of storage space, computing power, network bandwidth, ${\ldots} $ etc can be performed. The components in each layer can be extended with addition of new components, removing some components and modifying components. EmHUMAN plays the role of a framework for developing mobile agent based distributed systems. It is also a mobile agent system by itself. EmHUMAN provides several utilities as built-in API's, and thus high effectiveness in programming mobile agents can be achieved.

• Journal of Internet Computing and Services
• /
• v.19 no.1
• /
• pp.27-35
• /
• 2018

This paper is a study to classify malicious applications in Android environment. And studying the threat and behavioral analysis of malicious Android applications. In addition, malicious apps classified by machine learning were performed as experiments. Android behavior analysis can use dynamic analysis tools. Through this tool, API Calls, Runtime Log, System Resource, and Network information for the application can be extracted. We redefined the properties extracted for machine learning and evaluated the results of machine learning classification by verifying between the overall features and the main features. The results show that key features have been improved by 1~4% over the full feature set. Especially, SVM classifier improved by 10%. From these results, we found that the application of the key features as a key feature was more effective in the performance of the classification algorithm than in the use of the overall features. It was also identified as important to select meaningful features from the data sets.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.731-751
• /
• 2021

The Internet of Things is a huge group of devices communicating each other and the interconnection of objects in the network is a basic requirement. Choosing a reliable device is critical because malicious devices can compromise networks and services. However, it is difficult to create a trust management model due to the mobility and resource constraints of IoT devices. For the centralized approach, there are issues of single point of failure and resource expansion and for the distributed approach, it allows to expand network without additional equipment by interconnecting each other, but it has limitations in data exchange and storage with limited resources and is difficult to ensure consistency. Recently, trust management models using fog nodes and blockchain have been proposed. However, blockchain has problems of low throughput and delay. Therefore, in this paper, a trust management model for selecting reliable devices in a fog-based IoT environment is proposed by applying IOTA, a blockchain technology for the Internet of Things. In this model, Directed Acyclic Graph-based ledger structure manages trust data without falsification and improves the low throughput and scalability problems of blockchain.

• Journal of the Korea Convergence Society
• /
• v.13 no.3
• /
• pp.77-89
• /
• 2022

It has been proven through many previous researches that the pretrained language model with a large corpus helps improve performance in various natural language processing tasks. However, there is a limit to building a large-capacity corpus for training in a language environment where resources are scarce. Using the Cross-lingual Post-Training (XPT) method, we analyze the method's efficiency in Korean, which is a low resource language. XPT selectively reuses the English pretrained language model parameters, which is a high resource and uses an adaptation layer to learn the relationship between the two languages. This confirmed that only a small amount of the target language dataset in the relationship extraction shows better performance than the target pretrained language model. In addition, we analyze the characteristics of each model on the Korean language model and the Korean multilingual model disclosed by domestic and foreign researchers and companies.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.3
• /
• pp.73-82
• /
• 2022

Auto-scaling is one of the most important functions for cloud computing technology. Even if the number of users or service requests is explosively increased or decreased, system resources and service instances can be appropriately expanded or reduced to provide services suitable for the situation and it can improves stability and cost-effectiveness. However, since the policy is performed based on a single metric data at the time of monitoring a specific system resource, there is a problem that the service is already affected or the service instance that is actually needed cannot be managed in detail. To solve this problem, in this paper, we propose a method to predict system resource and service response time using a multivariate time series analysis model and establish an auto-scaling policy based on this. To verify this, implement it as a custom scheduler in the Kubernetes environment and compare it with the Kubernetes default auto-scaling method through experiments. The proposed method utilizes predictive data based on the impact between system resources and response time to preemptively execute auto-scaling for expected situations, thereby securing system stability and providing as much as necessary within the scope of not degrading service quality. It shows results that allow you to manage instances in detail.

• The KIPS Transactions:PartC
• /
• v.16C no.6
• /
• pp.691-698
• /
• 2009

A mobile communication device is a small size of portable computer which provides communication service, such as smart phone and PDA. Currently, one of the biggest barriers in developing the mobile communication device is security issue. Even though there are excellent security functions which can remove the security issues, there is a problem that the mobile communication device can not be loaded with all the functions because it has low storage, poor computational power, and inconvenient user interface, compared to the desktop personal computer. This paper proposes a context-aware security reconfiguration scheme for effective security management of the mobile communication device. The scheme can provide the mobile communication device with the optimized security service which is most adapted to its current security context. Through the prototype implementation and the experiments of the proposed scheme, we have confirmed that the proposed scheme is excellent in terms of computing resource efficiency and usability, without degrading security level.