• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.1051-1055
• /
• 2003

Policies are collections of general principles specifying the desired behavior and state of a system. Network management is mainly carried out by following policies about the behavior of the resources in the network. Policy-based (PB) network management supports to manage distributed system in a flexible and dynamic way. This paper focuses on configuration management based on Internet Engineering Task Force (IETF) standards. Network security approaches include the usage of intrusion detection system to detect the intrusion, building firewall to protect the internal systems and network. This paper presents how the policy-based framework is collaborated among the network security systems (intrusion detection system, firewall) and intrusion detection systems are cooperated to detect the intrusions.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.51-59
• /
• 2019

In this paper, we propose a device identification system for network visibility that can maintain the secure internal network environment in the IoT era. Recently, the area of enterprise network is getting huge and more complicated. Not only desktops and smartphones but also business pads, barcode scanners, APs, Video Surveillance, digital doors, security devices, and lots of Internet of Things (IoT) devices are rapidly pouring into the business network, and there are highly risk of security threats. Therefore, in this paper, we propose the device identification system that includes the process and module-specific functions to identify the exploding device in the IoT era. The proposed system provides in-depth visibility of the devices and their own vulnerabilities to the IT manager in company. These information help to mitigate the risk of the potential cyber security threats in the internal network and offer the unified security management against the business risks.

• Journal of the Korea Society for Simulation
• /
• v.6 no.2
• /
• pp.71-79
• /
• 1997

In this paper, operations system was designed for the centralization of data processing of various state information from the facilities of mobile communication network. And the system performance experimental system module was measured and analyzed from the designed experimental system module. The configuration of system design was presented with the centralized type to monite and control the facilities of mobile communication network in the central office. The communication process design of the internal system was implemented with the resource of message queue having a excellent transmission ability for processing of a great quantity of information in the inter-process communication among communication resources of UNIX system. The process with a server function from the internal communication processes was constructed with a single server or a double server according to the quantity of operations and implemented with the policy of the presented server. And then, we have measured performance elements in accordance with the change of input parameters from the designed experimental module : response time, waiting time, buffer length, the maximum quantity existing in message queue. And from these results, we have compared and analyzed the system state each server algorithm according to performance variations.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.8
• /
• pp.3630-3656
• /
• 2018

Degree distribution can provide basic information for structural characteristics and internal relationship in social network. It is a critical procedure for social network topology analysis. In this paper, based on the mean-field theory, we study a special type of social network with exponential distribution of time intervals. First of all, in order to improve the accuracy of analysis, we propose a spreading coefficient algorithm based on intimate relationship, which determines the number of the joined members through the intimacy among members. Then, simulation show that the degree distribution of follows the power-law distribution and has small-world characteristics. Finally, we compare the performance of our algorithm with the existing algorithms, and find that our algorithm improves the accuracy of degree distribution as well as reducing the time complexity significantly, which can complete 29.04% higher precision and 40.94% lower implementation time.

• Spatial Information Research
• /
• v.21 no.2
• /
• pp.1-9
• /
• 2013

Recently many researches have focused on indoor navigation system. An optimal indoor navigation method can help people to find a path in large and complex buildings easily. However, some indoor navigation algorithms only calculate approximate routes based on spatial topology analysis, while others only use indoor road networks. However, both of them use only one of the spatial topology or network information. In this paper, we present a navigation method based on topology analysis and room internal networks for indoor navigation path. FT-Indoornavi (Flexible Topology Analysis Indoornavi) calculate internal routes based on spatial topology and internal path networks to support length-dependent and running-time optimal routing, which adapt to complex indoor environment and can achieve a better performance in comparison of Elastic algorithm and iNav.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.12
• /
• pp.2649-2656
• /
• 2012

Today, many enterprises have invested heavily for the part of information security in order to protect the internal critical information assets and the business agility. However, there is a big problem that big budget and too many manpower are needed to set the internal corporate network up to the same high level of defense for all of part. On the distributed enterprise networks in this paper, a defense model for effective and rapid response on the IP spoofing attack was designed to protect the enterprise network through the exchange of information between the trust hosts when an attacker attacked any target system using other trusted host.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.109-114
• /
• 2012

Information society in recent times, lots of important information have been stored in information systems. In this situation, unauthorized person can obtains important information by piggy-backing and shoulder surfing in specific area of organization. Therefore, in this study, we proposed network group access control system by combining RFID and infrared-ray for blocking information leakage due to unauthorized access by internal threats and enhancing personnel security. So it can provides a more secure internal network environment.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.35-38
• /
• 2021

The article discusses approaches to the definition and understanding of artificial intelligence, research directions in the field of artificial intelligence; artificial intelligence in the anthropological dimension; the importance of the systems approach as a methodological basis for the design of intelligent systems; structural and functional components of intelligent systems; intelligent systems in the technological aspect; problems and prospects of relations in the system "man - intellectual system".

• Proceedings of the KSR Conference
• /
• 2008.06a
• /
• pp.1032-1038
• /
• 2008

KTX train system is composed of TORNAD* network for transmitting information of train's internal equipments and OBCS which proceed information within train. OBCS of one trainset consisted of 28 equipments takes intelligent and dynamic composition according to equipment handling, train command and control flow. Each OBCS which is installed within trainset handle and supervise mutually action information about equipments, transmit it to driver to transmit information about train operation and preventive management. This mutual supervision and information transmission use KTX TORNAD* network system. TORNAD* network system is the one which is uniquely developped by GEC ALSTHOM, the KTX trainset manafacturing provider and this field is excluded from technical know-how transfer item. Through the research on analysis method of KTX TORNAD* system data structure which is operating on Seoul-Pusan Line, I hope that this thesis can contribute to train network system's standardization after applying it to improvement of train network system maintenance, enhancing quality of train service and applying it to future Korean rolling stock network system development.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.449-456
• /
• 2018

Many organizations divide the network to manage the network in order to prevent the leakage of internal data between separate organizations / departments by sending and receiving unnecessary traffic. The most fundamental network separation method is based on physically separate equipment. However, there is a case where a network is divided and operated logically by utilizing a virtual LAN (VLAN) network access control function that can be constructed at a lower cost. In this study, we first examined the possibility of bypassing the logical network separation through VLAN ID scanning and double encapsulation VLAN hopping attack. Then, we showed and implemented a data leak scenario by utilizing the acquired VLAN ID. Furthermore, we proposed a simple and effective technique to detect and prevent the double encapsulation VLAN hopping attack, which is also implemented for validation. We hope that this study improves security of organizations that use the VLAN-based logical network separation by preventing internal data leakage or external cyber attack exploiting double encapsulation VLAN vulnerability.