• Journal of Information Processing Systems
• /
• 제17권4호
• /
• pp.772-786
• /
• 2021

The process of tracking suspicious behavior manually on a system and gathering evidence are labor-intensive, variable, and experience-dependent. The system logs are the most important sources for evidences in this process. However, in the Microsoft Windows operating system, the action events are irregular and the log structure is difficult to audit. In this paper, we propose a model that overcomes these problems and efficiently analyzes Microsoft Windows logs. The proposed model extracts lists of both common and key events from the Microsoft Windows logs to determine detailed actions. In addition, we show an approach based on the proposed model applied to track illegal file access. The proposed approach employs three-step tracking templates using Elastic Stack as well as key-event, common-event lists and identify event lists, which enables visualization of the data for analysis. Using the three-step model, analysts can adjust the depth of their analysis.

• 한국정보시스템학회지:정보시스템연구
• /
• 제11권1호
• /
• pp.175-198
• /
• 2002

This paper is to develop a security module for electronic approval systems. Electronic documents are created, transmitted and saved in the company's intranet computer network. Transmitting electronic documents, however, brings us a security problem. Communications among various computer systems are exposed to many security threats. Those threats are eavesdropping, repudiation, replay back etc. The main purpose of this paper is to develop a module which provides the security of electronic documents while they are passed from one place to another This paper applies Multi-Level security to the electronic approval system that guarantees security of electronic documents from many threats. Multi-Level security controls the access to the documents by granting security level to subject users and object electronic documents. To prevent possible replay back attacks, this paper also uses one time password to the system. The security module is composed of client program and server one. The module was developed using Microsoft Visual Basic 6.0 and Microsoft SQL Server 7.0. The code uses Richard Bondi's WCCO(Wiley CryptoAPI COM Objects) library functions which enables Visual Basic to access Microsoft CryptoAPI.

• 한국CDE학회논문집
• /
• 제9권4호
• /
• pp.373-381
• /
• 2004

Using standard components of a press die is recognized as a way for a cost reduction and a short lead time. It also provides a way for a quick maintenance of a die under repair. It is expected to contribute to integration of CAD/CAM system for manufacturing dies in the future. This paper presents a 3D CAD library which is constructed using the standard components and is used for designing a press die. This 3D CAD library is generated by a database system made of Microsoft Access for standard components and by CATIA V5 R10 API for geometric features. The library is implemented using Visual Basic 6.0 utility of CATIA API function in the Windows NT environment. It creates a 3D model of the standard components of press die easily when a die designer inputs numerical values of geometric features and the BOM of the completely assembled parts. It also generates automatically the assembly drawing of die set by using variables for standard values of die parts. Therefore users can save the cost of time to design the press die components, and even a beginner can use this program with ease. The test results of the 3D CAD library for designing shearing and bending dies verify its usefulness and feasibility.

• Nuclear Engineering and Technology
• /
• 제37권5호
• /
• pp.491-502
• /
• 2005

Reliable human performance is a prerequisite in securing the safety of complicated process systems such as nuclear power plants. However, the amount of available knowledge that can explain why operators deviate from an expected performance level is so small because of the infrequency of real accidents. Therefore, in this study, a database that contains a set of useful information extracted from simulated emergencies was developed in order to provide important clues for understanding the change of operators' performance under stressful conditions (i.e., real accidents). The database was developed under Microsoft Windows TM environment using Microsoft Access $97^{TM}$ and Microsoft Visual Basic $6.0^{TM}$. In the database, operators' performance data obtained from the analysis of over 100 audio-visual records for simulated emergencies were stored using twenty kinds of distinctive data fields. A total of ten kinds of operators' performance data are available from the developed database. Although it is still difficult to predict operators' performance under stressful conditions based on the results of simulated emergencies, simulation studies remain the most feasible way to scrutinize performance. Accordingly, it is expected that the performance data of this study will provide a concrete foundation for understanding the change of operators' performance in emergency situations.

• Journal of Information Processing Systems
• /
• 제17권4호
• /
• pp.834-850
• /
• 2021

IT security companies have been releasing file system filter driver security solutions based on the whitelist, which are being used by several enterprises in the relevant industries. However, in February 2019, a whitelist vulnerability was discovered in Microsoft Edge browser, which allows malicious code to be executed unknown to users. If a hacker had inserted a program that executed malicious code into the whitelist, it would have resulted in considerable damage. File system filter driver security solutions based on the whitelist are discretionary access control (DAC) models. Hence, the whitelist is vulnerable because it only considers the target subject to be accessed, without taking into account the access rights of the file target object. In this study, we propose an industrial device security system for Windows to address this vulnerability, which improves the security of the security policy by determining not only the access rights of the subject but also those of the object through the application of the mandatory access control (MAC) policy in the Windows industrial operating system. The access control method does not base the security policy on the whitelist; instead, by investigating the setting of the security policy not only for the subject but also the object, we propose a method that provides improved stability, compared to the conventional whitelist method.

• 산업공학
• /
• 제12권4호
• /
• pp.575-585
• /
• 1999

This study develops and operating software for a model plant. The model plant consists of an AS/RS system, two machining centers, an assembly line, and supplementary material handling equipments. Devices of each component are connected with the IBS RT24 DIO 16/16-T I/O module. Each I/O module communicates digital signals with the INTERBUS controller board via SUB-D 9 Connector cable. This study is a previous stage for developing an educational CIM software. Petri Nets is used for modelling the storage/retrieval of the AS/RS system, the flow of workpieces and the assembly line for parts. The operating software is coded with Microsoft Visual $C^{++}$ 5.0 and Interbus Library which is a software driver for the controller board. The operating software can be run on a MS Windows 95. Microsoft Access is used for the implementation of databases for BOM, AS/RS, and parts.

• 한국한의학연구원논문집
• /
• 제11권1호
• /
• pp.109-118
• /
• 2005

In a field of oriental medicine, it is necessary to collect systemically clinical data and integrate. Input data items was decided, then categorized by the modules through discussion of the institute and hospitals. Items are information of patient, history, aspects of occurrence, pattern identification, prescriptions of herbal medicine, the results of biochemical serum examination, blood cell count, urine analysis, CT, MRI, Chest PA, EKG etc. Factors in oriental medicine are Sasang constitution, Stroke-Pattern-Identification(china), differentiation of cold and heat syndrome. This tool was constructed by using Microsoft-Access 2000 and Microsoft Visual Basic 6.0. Furthermore this web-based system could be applied to multi-center clinical investigation.

• 대한원격탐사학회:학술대회논문집
• /
• 대한원격탐사학회 2002년도 Proceedings of International Symposium on Remote Sensing
• /
• pp.145-150
• /
• 2002

Web GIS (Geographic Information Systems) service systems provide the various GIS services of analyzing and displaying the spatial data with friendly user-interface. These services are expanding the business domain and many users want to access the distributed various spatial data. But, it is difficult to access diverse data sources because of different spatial data format and data access methods. In this paper, we design and implement web GIS services based on the inter-operability and GML (Geography Markup Language) of OGC(Open GIS Consortium) in web distributed environment. Inter-operability provides unique accessing method to distributed data sources based on OLE DB technology of Microsoft. In addition, GML support web GIS services based on XML. We design these GIS services as components using UML (Unified Modeling Language) of an object-oriented modeling language for specifying, visualizing, constructing, and documenting the artifacts of software system. In addition, they also were developed in object-oriented computing environment, and it provides the interoperability, language-independent, easy developing environment as well as re-usability.

• 한국정보통신학회논문지
• /
• 제22권10호
• /
• pp.1405-1411
• /
• 2018

본 논문은 MS-워드 문서 시스템에 대한 접근 제어 시스템을 설계한다. 본 논문에서 설계하는 시스템은 MS-워드 문서 구조를 분석하여 문서 관련 정보를 활용한다. MS-워드문서 정보를 일부 변형하여 변형된 정보에 접근할 수 없는 사용자는 접근을 차단하도록 설계하는 것이다. 이렇게 함으로써 MS-워드문서에 대해서 접근 권한을 가진 사용자 외에는 문서를 읽을 수 없도록 한다. 즉, MS-워드문서에 대한 접근 권한을 통제할 수 있도록 한다. MS-워드문서에 대한 접근 권한을 가진 사용자는 변형된 정보를 원래 정보로 복구할 수 있도록 하여 정상적으로 문서를 읽을 수 있도록 한다. 본 논문에서 설계하는 내용을 실제 구현하고 실험을 수행하였다. 실험에서는 MS-워드문서 정보를 변형하였을 경우 문서 접근이 되는지를 수행하였다. 실험을 수행한 결과 MS-word 접근제어시스템이 정상적으로 잘 동작됨을 확인할 수 있었다.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2004년도 학술대회 논문집 정보 및 제어부문
• /
• pp.462-464
• /
• 2004

ActiveX is the general name for a set of Microsoft Technologies that allows users to re-use code and link individual programs together to suit their computing needs. In addition ActiveX technology Provides a standard model for interapplication communication that different programming language. ActiveX is based on COM(Component Object Model), the COM standard allow developer to create code and application from a multitude of different languages and build a defined interface to that code, making it easily accessible by other application. By using ActiveX, user can access the functionality of other applications running remote computer distributed through the network and communicate over the network to build distributed applications. LabVIEW provides access to other Windows applications using ActiveX technologies. So in this paper we implement distributed application using ActiveX technology for remote control and monitoring.