• IEMEK Journal of Embedded Systems and Applications
• /
• v.7 no.6
• /
• pp.339-343
• /
• 2012

Security and monitoring system has many applications and commonly used for detection, warning, alarm, etc. As the networking technology advances, user requirements are getting higher. An intelligent and cooperative surveillance system is proposed to meet current user demands and improve the performance. This paper focuses on the implementation issue for the embedded intelligent surveillance system. To cover wide area cooperative function is implemented and connected by wireless sensor network technology. Also to improve the performance lots of sensors are employed into the surveillance system to reduce the error but improve the detection probability. The proposed surveillance system is composed of vision sensor (camera), mic array sensor, PIR sensor, etc. Between the sensors, data is transferred by IEEE 802.11s or Zigbee protocol. We deployed a private network for the sensors and multiple gateways for better data throughput. The developed system is targeted to the traffic accident detection and alarm. However, its application can be easily changed to others by just changing software algorithm in a DSP chip.

• Journal of Information Science Theory and Practice
• /
• v.10 no.spc
• /
• pp.143-153
• /
• 2022

With the development of networks and the increase in the number of network devices, the number of cyber attacks targeting them is also increasing. Since these cyber-attacks aim to steal important information and destroy systems, it is necessary to minimize social and economic damage through early detection and rapid response. Many studies using machine learning (ML) and artificial intelligence (AI) have been conducted, among which payload learning is one of the most intuitive and effective methods to detect malicious behavior. In this study, we propose a preprocessing method to maximize the performance of the model when learning the payload in term units. The proposed method constructs a high-quality learning data set by eliminating unnecessary noise (stopwords) and preserving important features in consideration of the machine language and natural language characteristics of the packet payload. Our method consists of three steps: Preserving significant special characters, Generating a stopword list, and Class label refinement. By processing packets of various and complex structures based on these three processes, it is possible to make high-quality training data that can be helpful to build high-performance ML/AI models for security monitoring. We prove the effectiveness of the proposed method by comparing the performance of the AI model to which the proposed method is applied and not. Forthermore, by evaluating the performance of the AI model applied proposed method in the real-world Security Operating Center (SOC) environment with live network traffic, we demonstrate the applicability of the our method to the real environment.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.39 no.6
• /
• pp.1-10
• /
• 2002

According to the rapid evolution of internet, the number of internet users has greatly increased, so that the web servers are getting more important. If there are a great number of users trying to connect to a popular web server, the load of the web server will increase rapidly, so that failures may occur or web services may stop. An efficient load monitoring technique is required for the available web services and the performance management. The traditional techniques for load monitoring of web server using the client-server method have the problem that the server programs in client-server method must be pre-installed to all web servers. This paper implements web server load monitoring system using the mobile agent in order to overcome the problem of client-server computing. The system based on the mobile agent has no need to install the program in advance and it reduces the network traffic and the additional overheads in web servers.

• Journal of the Korean Society of Fisheries and Ocean Technology
• /
• v.45 no.3
• /
• pp.165-176
• /
• 2009

The process of berthing/deberthing operations for entering/leaving vessels in Busan northern harbor was analyzed and evaluated by using an integrated VTS(vessel traffic service) system installed in the ship training center of Pukyong National University, Busan, Korea. The integrated VTS system used in this study was consisted of ARPA radar, ECDIS(electronic chart display and information system), backup(recording) system, CCTV(closed-circuit television) camera system, gyro-compass, differential GPS receiver, anemometer, AIS(automatic identification system), VHF(very high frequency) communication system, etc. The network of these systems was designed to communicate with each other automatically and to exchange the critical information about the course, speed, position and intended routes of other traffic vessels in the navigational channel and Busan northern harbor. To evaluate quantitatively the overall dynamic situation such as maneuvering motions for target vessel and its tugboats while in transit to and from the berth structure inside a harbor, all traffic information in Busan northern harbor was automatically acquired, displayed, evaluated and recorded. The results obtained in this study suggest that the real-time tracking information of traffic vessels acquired by using an integrated VTS system can be used as a useful reference data in evaluating and analyzing exactly the dynamic situation such as the collision between ship and berth structure, in the process of berthing/deberthing operations for entering/leaving vessels in the confined waters and harbor.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.477-480
• /
• 2010

This paper develops a sensor gateway for using Internet for traffic flow control and remote monitoring, it suggest the required protocol with authentication and encryption. The traffic Surveillance and Control System is an important service to the ITS(Intelligent Transportation System). The traffic surveillance and control system's TCP / IP and the Internet network using is may cause damage means accessing from unauthorized users, Subsequent authentication and encryption of data is essential.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.24-32
• /
• 2015

Recently, SDN is actively used as datacenter networks and gradually increase its applied areas. Along with this change of networking environment, research of deploying network security systems on SDN becomes highlighted. Especially, systems for detecting network flooding attacks by monitoring every packets through ports of OpenFlow switches have been proposed. However, because of the centralized management of a SDN controller which manage multiple switches, it may be substantial overhead that the attack detection system continuously monitors all the flows. In this paper, a sampling based network flooding attack detection and prevention system is proposed to reduce the overhead of monitoring packets and to achieve reasonable functionality of attack detection and prevention. The proposed system periodically takes sample packets of network flows with the given sampling conditions, analyzes the sampled packets to detect network flooding attacks, and block the attack flows actively by managing the flow entries in OpenFlow switches. As network traffic sampler, sFlow agent is used, and snort, an opensource IDS, is used to detect network flooding attack from the sampled packets. For active prevention of the detected attacks, an OpenDaylight application is developed and applied. The proposed system is evaluated on the local testbed composed with multiple OVSes (Open Virtual Switch), and the performance and overhead of the proposed system under various sampling condition is analyzed.

• Convergence Security Journal
• /
• v.6 no.3
• /
• pp.49-58
• /
• 2006

Currently there are many standards of network management. They are : SNMP (Simple Network Management Protocol-for Internet management), CMIP (Common Management Information Protocol-standardized by ITU-T and ISO), RMON (Remote network MONitoring-for distributed management of the LAN segment), and so on. Especially RMON has created the many concerns in order to manage subnetworks of a large network, but it has negative aspects. For instance, routers or hubs with RMON capability are expensive to a network manager because of adding heavy management cost. Moreover it imposes a heavier burden on network manager, because it must use a network management tool which will be additionally needed with RMON device. This paper proposes a model of PC based RMON Agent system. The RMON Agent system monitors the traffic on LAN segment through the use of a Virtual Device Driver (VxD), based on PC. In term of cost this model will replace the expensive RMON device, and eventually enable a network manager to manage LAN segment more efficiently, due to reduced cost.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.1C
• /
• pp.11-20
• /
• 2002

In this paper, we propose an efficient quality providing scheme to satisfy a diversify combination of delay bound and loss ratio requirements from users by a predictive dynamic resource allocation method for real-time video applications. For utilizing the network resources more efficiently while meeting the service requirements, we adjust the resources based on the predicted traffic and the currently provided quality level. We developed a simple delayed-packet counter updating scheme for real time QoS monitoring. Simulation results show that our proposed method can provide an accurate and flexible quality control.

• Smart Structures and Systems
• /
• v.5 no.1
• /
• pp.43-54
• /
• 2009

This study introduces a novel approach for locating damage in a structure using wireless sensor system with local level computational capability to alleviate data traffic load on the centralized computation. Smart wireless sensor systems, capable of iterative damage-searching, mimic an optimization process in a decentralized way. The proposed algorithm tries to detect damage in a structure by monitoring abnormal increases in strain measurements from a group of wireless sensors. Initially, this clustering technique provides a reasonably effective sensor placement within a structure. Sensor clustering also assigns a certain number of master sensors in each cluster so that they can constantly monitor the structural health of a structure. By adopting a voting system, a group of wireless sensors iteratively forages for a damage location as they can be activated as needed. Since all of the damage searching process occurs within a small group of wireless sensors, no global control or data traffic to a central system is required. Numerical simulation demonstrates that the newly developed searching algorithm implemented on wireless sensors successfully localizes stiffness damage in a plate through the local level reconfigurable function of smart sensors.

• Journal of the Korea Society of Computer and Information
• /
• v.7 no.1
• /
• pp.68-73
• /
• 2002

One widely-used technique by which network attackers attain anonymity and complicate their apprehension is by employing stepping stones: they launch attacks not from their own computer but from intermediary hosts that they previously compromised. We develop an efficient algorithm for detecting stepping stones by monitoring a site's Internet access link. The algorithm is based on the distinctive characteristics(packet size, timing) of interactive traffic, and not on connection contents, and hence can be used to find stepping stones even when the traffic is encrypted. We evaluate the algorithm on large Internet access traces and find that it Performs quite well. However, the success of the algorithm is tempered by the discovery that large sites have many users who routinely traverse stepping stones for a variety of legitimate reasons.