• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.5
• /
• pp.113-120
• /
• 2020

KISTI(Korea Institute of Science and Technology Information) provides HPC(High Performance Computing) service to users of university, institute, government, affiliated organization, company and so on. The NURION, supercomputer that launched its official service on Jan. 1, 2019, is the fifth supercomputer established by the KISTI. The NURION has 25.7 petaflops computation performance. Understanding how supercomputing services are used and how researchers are using is critical to system operators and managers. It is central to monitor and analysis network traffic. In this paper, we briefly introduce the NURION system and supercomputing service network with security configuration. And we describe the monitoring system that checks the status of supercomputing services in real time. We analyze inbound/outbound traffics and abnormal (attack) IP addresses data that are collected in the NURION supercomputing service network for 11 months (from January to November 1919) using time series and correlation analysis method.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5B
• /
• pp.348-356
• /
• 2012

The application traffic analysis is getting more and more challenging due to the huge amount of traffic from high-speed network link and variety of applications running on wired and wireless Internet devices. Multi-level combination of various analysis methods is desired to achieve high completeness and accuracy of analysis results for a real-time analysis system, while requires much of processing burden on the contrary. This paper proposes a novel architecture for a real-time traffic analysis system which improves the processing performance on multi-core CPU environment. The main contribution of the proposed architecture is an efficient parallel processing mechanism with multiple threads of various analysis methods. The feasibility of the proposed architecture was proved by implementing and deploying it on our campus network.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.313-316
• /
• 2009

A novel approach for electrocardiogram (ECG) analysis within a functional sensor node has been developed and evaluated. The main aim is to reduce data collision, traffic over loads and power consumption in healthcare applications of wireless sensor networks (WSN). The sensor node attached on the patient's bodysurface around the heart can perform ECG analysis based on a QRS detection algorithm to detect abnormal condition of the patient. Data transfer is activated only after detected abnormality in the ECG. This system can reduce packet loss during transmission by reducing traffic overload. In addition, it saves power supply energy leading to more reliable, cheap and user-friendly operation in the WSN based ubiquitous health monitoring.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.107-117
• /
• 2009

Network administrator recognizes the abnormal phenomenon in the managed network by using the alert messages generated in the security devices including the intrusion detection system, intrusion prevention system, firewall, and etc. And then the series of task, which searches for the traffic related to the alert message and analyzes the traffic data, are required to determine where the abnormal phenomenon is the real network security threat or not. There are many alert messages to have to inspect in order to determine the network security situation. Also the much times are needed so that the network administrator can analyze the security condition using existing methods. Therefore, in this paper, we proposed an efficient method for analyzing network security situation using visualization. The proposed method monitors anomalies occurred in the entire IP address's space and displays the detail information of a security event. In addition, it represents the physical locations of the attackers or victims by linking GIS information and IP address. Therefore, it is helpful for network administrator to rapidly analyze the security status of managed network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.5
• /
• pp.859-876
• /
• 2010

In this paper, we propose a hierarchical application traffic classification system as an alternative means to overcome the limitations of the port number and payload based methodologies, which are traditionally considered traffic classification methods. The proposed system is a new classification model that hierarchically combines a binary classifier SVM and Support Vector Data Descriptions (SVDDs). The proposed system selects an optimal attribute subset from the bi-directional traffic flows generated by our traffic analysis system (KU-MON) that enables real-time collection and analysis of campus traffic. The system is composed of three layers: The first layer is a binary classifier SVM that performs rapid classification between P2P and non-P2P traffic. The second layer classifies P2P traffic into file-sharing, messenger and TV, based on three SVDDs. The third layer performs specialized classification of all individual application traffic types. Since the proposed system enables both coarse- and fine-grained classification, it can guarantee efficient resource management, such as a stable network environment, seamless bandwidth guarantee and appropriate QoS. Moreover, even when a new application emerges, it can be easily adapted for incremental updating and scaling. Only additional training for the new part of the application traffic is needed instead of retraining the entire system. The performance of the proposed system is validated via experiments which confirm that its recall and precision measures are satisfactory.

• Journal of Korea Multimedia Society
• /
• v.20 no.8
• /
• pp.1208-1215
• /
• 2017

Recently, people's attention and worries about fine particulate matter have been increasing. Due to the construction and maintenance costs, there are insufficient air quality monitoring stations. As a result, people have limited information about the concentration of fine particulate matter, depending on the location. Studies have been undertaken to estimate the fine particle concentrations in areas without a measurement station. Yet there are limitations in that the estimate cannot take account of other factors that affect the concentration of fine particle. In order to solve these problems, we propose a framework for estimating the concentration of fine particulate matter of a specific area using meteorological data and traffic data. Since there are more grids without a monitor station than grids with a monitor station, we used a domain adversarial neural network based on the domain adaptation method. The features extracted from meteorological data and traffic data are learned in the network, and the air quality index of the corresponding area is then predicted by the generated model. Experimental results demonstrate that the proposed method performs better as the number of source data increases than the method using conditional random fields.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.807-814
• /
• 2004

This paper researches and evaluates a bandwidth reallocation mechanism for efficient DiffServ QoS support in MPLS networks by monitoring the network traffic status and reallocating unused bandwidth. While the Differentiated Services in MPLS Networks architecture provides QoS management through the RSVP resource reservation, this mechanism is based on a static provisioning of resource. But this approach can lead to waste bandwidth in some service classes or, leave some service classes' resource starved. This paper presents the bandwidth reallocation dynamically based on network traffic status for bandwidth usage maximization.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.19 no.5
• /
• pp.835-844
• /
• 2024

The rapid expansion of the real-time streaming industry is driven by the widespread adoption of portable devices and the growth of video platforms. Consequently, the demand for transmitting and receiving large volumes of content has increased, leading to traffic congestion and inefficiency in traditional IP address-based networks. To address these issues, Contents Centric Networking (CCN) is being researched as an alternative. CCN is a network architecture based on content names (what) rather than IP addresses (where), where each node has a cache space called Content Store (CS) to alleviate server bottlenecks and traffic congestion. However, in a CCN environment, the departure of intermediate nodes between clients and servers can lead to packet loss and degradation of service quality. Therefore, research on managing the departure of intermediate nodes in real-time environments is essential. This study proposes a new method for detecting the departure of intermediate nodes through RSSI (Received Signal Strength Indicator) monitoring and for efficiently creating backup paths.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.4
• /
• pp.83-94
• /
• 2010

Mobile network infrastructure is being completed with the development of hardware and software for mobile devices. Network in mobile devices has evolved for telematics that is expanded much more than its existing concept. Telematics is compound word that is formed from the words "telecommunication" and "informatics". It means that telematics performs control and monitoring service with using mobile device resources. These services provide their services for users' requests through wired or wireless network from mobile devices and server that offers contents and network service collects management information of mobile devices. Map service is one of the preferred services for many telematics users. However, mobile map service has a limit between traffic and information sharing. Therefore it is very important to supply their information for both service provider and terminal user. In this paper, we design a new interactive sketch map using routes and information on the space to be applied effectively, and provide an extended document format that is defined to an extensible and dynamic clustering scheme to have portability map service for mobile device.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.67-81
• /
• 2011

In recently years, there are cyber-weapon aim to national infrastructure such as 'stuxnet'. Security experts of the world are paying attention to this phenomenon. The networks which controls traffic, subway, waterworks of the city are safe from threats such as computer virus, malware, because the networks were built on closed-networks. However, it's about time to develop countermeasure for the cyber-weapon. In this paper, we review status-quo of the control systems for metropolitan infrastructure and analyze the risk of industrial control system in SCADA(Supervisory Control And Data Acquisition) network. Finally, we propose a security model for control systems of metropolitan infrastructure.