• Journal of the Society of Naval Architects of Korea
• /
• v.61 no.4
• /
• pp.278-288
• /
• 2024

According to International Association of Classification Societies (IACS) Unified Requirement (UR) E26, ships contracted for construction after July 1, 2024 should be designed, constructed, commissioned and operated taking into account of cyber security. In particular, ship network monitoring tools should be installed in accordance with requirement 4.3.1 in IACS UR E26. In this paper, we propose a Security Information and Event Management (SIEM) security policy model for ships as an effective threat detection method by analyzing the cyber security regulations and ship network status in the maritime domain. For this purpose, we derived the items managed in the SIEM from the maritime cyber security regulations such as those of International Maritime Organization (IMO) and IACS, and defined 14 detection policies considering the status of the ship network. We also presents the detection policy for non-expert crews to understand it, and occurrence conditions depending on the ship's network environment to minimize indiscriminate alarms. We expect that the results of this study will help improve the efficiency of ship SIEM to be installed in the future.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.1
• /
• pp.161-171
• /
• 1998

In this paper, we shows the implementation of Web based performance manager which analyze the traffic of a Web server to support the diagnostics of it. The manager monitors the HTIP traffic by polling and measures and presents is performance on demand. To enhance the adaptability of management interface Web based interfaces with JAVA is used. Recently, the need of traffic management on s Web has grown, because of increasing Web traffic. Therefore, the traffic management of Web service and the effective management of a Web server's performance are needed. We have designed interfaces with which is comprised of Collection-Request, Analysis-Request, Realtime-Monitoring, Comparison-Analysis on a client with Web Browser on a network, and implemented the server system that can analyze these requests. Also we have introduced some perfonnance indicator by referring a Web related MIB. Also, we have designed and developed a message format for communication between the Web client and the server system.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.20 no.1
• /
• pp.109-118
• /
• 2024

Recently, a social issue has arisen involving RDDoS attacks following the sending of threatening emails to security administrators of companies and institutions. According to a report published by the Korea Internet & Security Agency and the Ministry of Science and ICT, survey results indicate that DDoS attacks are increasing. However, the top response in the survey highlighted the difficulty in countering DDoS attacks due to issues related to security personnel and costs. In responding to DDoS attacks, administrators typically detect anomalies through traffic monitoring, utilizing security equipment and programs to identify and block attacks. They also respond by employing DDoS mitigation solutions offered by external security firms. However, a challenge arises from the initial failure in early response to DDoS attacks, leading to frequent use of detection and mitigation measures. This issue, compounded by increased costs, poses a problem in effectively countering DDoS attacks. In this paper, we propose a system that creates detection rules, periodically collects traffic using mail detection and IDS, notifies administrators when rules match, and Based on predefined threshold, we use IPS to block traffic or DDoS mitigation. In the absence of DDoS mitigation, the system sends urgent notifications to administrators and suggests that you apply for and use of a cyber shelter or DDoS mitigation. Based on this, the implementation showed that network traffic was reduced from 400 Mbps to 100 Mbps, enabling DDoS response. Additionally, due to the time and expense involved in modifying detection and blocking rules, it is anticipated that future research could address cost-saving through reduced usage of DDoS mitigation by utilizing artificial intelligence for rule creation and modification, or by generating rules in new ways.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.21 no.6
• /
• pp.299-310
• /
• 2022

The ability of an automated driving system is based on vehicle sensors, judgment and control algorithms, etc. The safety of automated driving system is highly related to the operational status of the road network and compliant road infrastructure. The safe operation of automated driving necessitates continuous monitoring to determine if the road and traffic conditions are suitable and safe. This paper presents a node and link system to build a road monitoring system by considering the ODD(Operational Design Domain) characteristics. Considering scalability, the design is based on the existing ITS standard node-link system, and a method for expressing the monitoring target as a node and a link is presented. We further present a technique to classify and manage hazard risk into five levels, and a method to utilize node and link information when searching for and controlling the optimal route. Furthermore, we introduce an example of system implementation based on the proposed node and link system for Sejong City.

• Journal of the Earthquake Engineering Society of Korea
• /
• v.10 no.6 s.52
• /
• pp.1-8
• /
• 2006

This paper describes the procedures developing the algorithm for analyzing signals acquired from the Bridge Weigh-in-Motion (BWIM) system installed in Seohae Bridge as a part of the bridge monitoring system. Through the analysis procedure, information about heavy traffics such as weight, speed, and number of axles are attempted to be extracted from time domain strain data of the BWIM system. One of numerous pattern recognition techniques, artificial neural network (ANN) is employed since it can effectively include dynamic effects, bridge-vehicle interaction, etc. A number of vehicle running experiments with sufficient load cases are executed to acquire training and/or test set of ANN. Extracted traffic information can be utilized for developing quantitative database of loading effect. Also, it can contribute to estimate fatigue lift or current health condition, and design truck can be revised based on the database reflecting recent trend of traffic.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.15 no.1
• /
• pp.109-118
• /
• 2016

Traffic congestions are rapidly increasing in urban areas. In order to reduce these problems, it needs real-time data and intelligent techniques to quickly identify traffic activities with useful information. This paper proposes a Fuzzy Domain Ontology(FDO)-based opinion mining system to monitor the transportation network in real-time as well to make a city polarity map for travelers. The proposed system retrieves tweets and reviews related to transportation activities and a city. The feature opinions are extracted from these tweets and reviews and then used FDO to identify transportation and city features polarity. This FDO and intelligent prototype are developed using $Prot{\acute{e}}g{\acute{e}}$ OWL (Web Ontology Language) and JAVA, respectively. The experimental result shows satisfactory improvement in tweets and review's analyzing and opinion mining.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.65-73
• /
• 2009

IEEE802.11 Wireless LAN(WLAN) is being widely used in public space such as airport, and increases the networking boundary in campus and enterprise, and it has lastly attracted considerable attention for mesh network and converged network with other 3G mobile communication networks. In WLAN, load balancing among Access Points(AP) is an important issue for efficient resource management or supporting the Quality of Service(QoS) of traffic, but most researches focused on the AP selection in network entry or roaming of Stations(STA). In this paper, we propose an AP-Initiated Flow Redirection(FR) for AP load balancing by monitoring AP's availability in the true sense. When the AP's resource becomes almost saturated, that is used more than a specific threshold, the AP queries the roaming possible neighbor APs about their availability and calculates the distribution of traffic load with statistical methods such as entropy or chi-square. Finally, the AP decides flows and new APs for redirection and performs it. Our simulation results show that our FR mechanism increases the performance in the various views.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.16 no.5
• /
• pp.817-824
• /
• 2021

The SDN(Software Defined Networking) technology, which appeared to overcome the limitations of the existing network system, resolves the rigidity of the existing system through the separation of HW and SW in network equipment. These characteristics of SDN provide wide scalability beyond hardware-oriented network equipment, and provide flexible load balancing policies in data centers of various sizes. In the meantime, many studies have been conducted to apply the advantages of SDN to data centers and have shown their effectiveness. The method mainly used in previous studies was to periodically check the server load and perform load balancing based on this. In this method, the more the number of servers and the shorter the server load check cycle, the more traffic increases. In this paper, we propose a new load balancing technique that can eliminate unnecessary traffic and manage server resources more efficiently by reporting to the controller when a specific level of load occurs in the server to solve this limitation.

• Smart Structures and Systems
• /
• v.6 no.5_6
• /
• pp.461-480
• /
• 2010

This paper analyses the data collected from the $2^{nd}$ Jindo Bridge, a cable-stayed bridge in Korea that is a structural health monitoring (SHM) international test bed for advanced wireless smart sensors network (WSSN) technology. The SHM system consists of a total of 70 wireless smart sensor nodes deployed underneath of the deck, on the pylons, and on the cables to capture the vibration of the bridge excited by traffic and environmental loadings. Analysis of the data is performed in both the time and frequency domains. Modal properties of the bridge are identified using the frequency domain decomposition and the stochastic subspace identification methods based on the output-only measurements, and the results are compared with those obtained from a detailed finite element model. Tension forces for the 10 instrumented stay cables are also estimated from the ambient acceleration data and compared both with those from the initial design and with those obtained during two previous regular inspections. The results of the data analyses demonstrate that the WSSN-based SHM system performs effectively for this cable-stayed bridge, giving direct access to the physical status of the bridge.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.6B
• /
• pp.608-617
• /
• 2011

ubiquitous network management system (u-NMS) is the network management system based on smartphone which are recently of wide use. The purpose of the u-NMS is to provide convenience for network administrator utilizing the mobility of smartphone and to manage the network efficiently. This paper proposes the smart NMS agent and the mobility management server (MMS). The smart NMS agent enables to use the monitoring web server and remote control application on the smartphone in wireless network. The MMS is developed to reduce the problems such as handover latency and packet loss, which can be taken place in wireless network. The network manager can monitor traffic in real time through the smart NMS agent and remotely control the network efficiently when sudden failures happen in the u-NMS. In this paper, performance evaluation is carried out with our test-bed system implemented. We focus on the measurement of the MMS performance. When the MMS is compared to previous mobility management protocol, our mobility management server reduces the average latency up to 65% in initial access, handover latency and processing delay to the network management center.