• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.209-215
• /
• 2018

In this paper, we propose a method to detect and block Meltdown malicious code which is increasing rapidly using dynamic sandbox tool. Although some patches are available for the vulnerability of Meltdown attack, patches are not applied intentionally due to the performance degradation of the system. Therefore, we propose a method to overcome the limitation of existing signature detection method by using machine learning method for infrastructures without active patches. First, to understand the principle of meltdown, we analyze operating system driving methods such as virtual memory, memory privilege check, pipelining and guessing execution, and CPU cache. And then, we extracted data by using Linux strace tool for detecting Meltdown malware. Finally, we implemented a decision tree based dynamic detection mechanism to identify the meltdown malicious code efficiently.

• Proceedings of the KSME Conference
• /
• 2001.06e
• /
• pp.613-618
• /
• 2001

For the evaluation of operability of MOV(Motor Operated Valve), the precision prediction of thrust/torque acting on the valve is important. In this paper, the analytical prediction method of thrust/torque was proposed. The design basis stem thrust calculation typically considers the followings: Packing thrust, Stem rejection load, design basis differential pressure load. In general, test results show that temperature, pressure, fluid type, and differential pressure, independently and combination, all have an effect on the friction factor. The prediction results of thrust/torque are well agrement with dynamic test results.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2002.11b
• /
• pp.178-181
• /
• 2002

본 논문에서는 서명의 동적 특징에 기반한 구간 분할과 3단계 정합을 특징으로 하는 온라인서명 인증 시스템을 제안한다. 온라인 서명 인증을 위해 구간 분할에 이은 구간별 정합이 널리 연구, 적용되어왔다. 그러나 기존의 구간 분할법은 정적 특징인 서명의 모양에 기반하므로 모조의 단서를 제공하는 위험이 있었다. 제안한 방법은 전자 펜의 속도나 가속도 등과 같은 동적 특징을 기반으로 구간 분할을 수행하므로써 모조가 어렵게 하였다. 분할된 구간들은 모델 서명의 구간들과 보강된 동적 프로그래밍(DP) 기법으로 대응 구간들을 찾도록 하였으며, 이 과정에서 정적 특징량을 제한 조건으로 사용하므로써 안정되게 대응 구간을 추출하였다. 또한 서명 특징들에 가중치를 부여하고, 정합 단계를 세 단계로 분리하므로써 상충 관계에 있는 Type Ⅰ과 Ⅱ오류를 최소화하였다. 실험은 온라인 서명 특징들간의 비교 분석을 통해 그들의 가중치를 결정하는 근거를 보이고, 동적 특징에 기반한 구간 분할의 유효성을 보였다.

• Transactions of the Korean Society of Mechanical Engineers
• /
• v.17 no.12
• /
• pp.3045-3054
• /
• 1993

The mechanics related with piston-slap induced vibration has been studied in terms of non-dimensionalized dynamic equation of motion, various non-dimensional parameters such as non-dimensional side-thrust force and non-dimensional impact velocity throughout the numerical simulation. Experimental verification on the suggested prediction method has been also performed by using single cylinder engine which was carefully designed and manufactured to wisely control the engine parameters, especially clearance and the mass of piston. The predicted and experimentally observed vibration signature confirm that the proposed method is practically useful.

• Bulletin of the Korean Space Science Society
• /
• 2009.10a
• /
• pp.37.1-37.1
• /
• 2009

Solar type II radio burst is regarded as a signature of coronal shock. However its association with coronal mass ejections (CMEs)-driven shock and/or flare blast waves remains controversial. On December 31 2007, SOHO/LASCO and STEREO/COR observed a CME that occurred on the east limb of the Sun. Meanwhile, two type II bursts were observed sequently by KASI/E-Callisto and the Culgoora radio observatory during the CME apparence time. In this study, we estimate kinematics of the two coronal shocks from dynamic spectrum of the multiple type II bursts and compare with the kinematics of the CME derived from the space observations. An origin of the multiple type II bursts is inspected and discussed briefly.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.53-58
• /
• 2014

MANET can quickly build a network because it is configured with only the mobile node and it is very popular today due to its various application range. However, MANET should solve vulnerable security problem that dynamic topology, limited resources of each nodes, and wireless communication by the frequent movement of nodes have. In this paper, we propose a domain-based distributed cooperative intrusion detection techniques that can perform accurate intrusion detection by reducing overhead. In the proposed intrusion detection techniques, the local detection and global detection is performed after network is divided into certain size. The local detection performs on all the nodes to detect abnormal behavior of the nodes and the global detection performs signature-based attack detection on gateway node. Signature DB managed by the gateway node accomplishes periodic update by configuring neighboring gateway node and honeynet and maintains the reliability of nodes in the domain by the trust management module. The excellent performance is confirmed through comparative experiments of a multi-layer cluster technique and proposed technique in order to confirm intrusion detection performance of the proposed technique.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.23 no.9
• /
• pp.1100-1106
• /
• 2012

This paper has presented the analysis of the micro-Doppler signatures scattered from the blades of the rotating propeller using the modified HHT method, one of the joint time-frequency analysis methods. The field scattered from the blade edge of the propeller was calculated using equivalent current method(ECM). After the acquisition of the scattered field data in the time domain, the modified HHT method was applied to analyze the micro-Doppler signature. The analysis results showed not only a good agreement with the realistic dynamic characteristic of the blade but also sinusoidally varing characteristics of the micro-Doppler signatures generated from rotating objects. It could be concluded that the joint time-frequency analysis via the modified HHT provided the discriminative characteristics for recognizing a small aircraft target with small RCS value.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.131-136
• /
• 2007

Ad hoc networks enable efficient resource aggregation in decentralized manner, and are inherently scalable and fault-tolerant since they do not depend on any centralized authority. However, lack of a centralized authority prompts many security-related challenges. Moreover, the dynamic topology change in which network nodes frequently join and leave adds a further complication in designing effective and efficient security mechanism. Security services for ad hoc networks need to be provided in a scalable and fault-tolerant manner while allowing for membership change of network nodes. In this paper, we investigate distributed certification mechanisms using a threshold cryptography in a way that the functions of a CA(Certification Authority) are distributed into the network nodes themselves and certain number of nodes jointly issue public key certificates to future joining nodes. In the process, we summarize one interesting report [5] in which the recently proposed RSA-based ad hoc signature scheme, called URSA, contains unfortunate yet serious security flaws. We then propose new scheme by fixing their security flaws.

• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.51-59
• /
• 2015

JavaScript is a popular technique for activating static HTML. JavaScript has drawn more attention following the introduction of HTML5 Standard. In proportion to JavaScript's growing importance, attacks (ex. DDos, Information leak using its function) become more dangerous. Since these attacks do not create a trail, whether the JavaScript code is malicious or not must be decided. The real attack action is completed while the browser runs the JavaScript code. For these reasons, there is a need for a real-time classification and determination technique for malicious JavaScript. This paper proposes the Analysis Engine for detecting malicious JavaScript by adopting the requirements above. The analysis engine performs static analysis using signature-based detection and dynamic analysis using behavior-based detection. Static analysis can detect malicious JavaScript code, whereas dynamic analysis can detect the action of the JavaScript code.

• Journal of Digital Convergence
• /
• v.12 no.2
• /
• pp.335-341
• /
• 2014

To play the networked video contents in a client's mobile device in real time, the contents should be delivered to it by the contents server with streaming technology. Generally, in a server-client based commerce model, the server is in charge of both the authentication of the paid customer and distribution of the contents. The drawback of it is that if the customers' requests go on growing rapidly, the service quality would be degraded results from the problems of overloaded server or restricted network bandwidth. On the contrary, in P2P based networks, more and more the demand for service increasing, the service quality is upgraded since a customer can act as a server. But, in the P2P based network, there are too many servers to manage, it's possible to distribute illegal contents because the P2P protocol cannot control distributed servers. Thus, it's not suitable for commercial purposes. In this paper, the dymanic group authentication scheme is proposed which is suited to P2P based applications. The proposed scheme consists of group based key generation, key update, signature generation and verification protocols. It can control the seeder's state whether the seeder is joining or leaving the network, and it can be applied to hybrid P2P based commerce model where sales transactions are covered by the index server and the contents are distributed by the P2P protocol.