• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.12
• /
• pp.1771-1779
• /
• 2016

In these days, the world is getting connected to the internet like a sophisticated net, such an environment gives a suitable environment for cyber attackers, so-called cyber-terrorists. As a result, a number of cyber attacks has significantly increased and researches to find cyber attack traffics in the field of network monitoring has also been proceeding. But cyber attack traffics have been appearing in new forms in every attack making it harder to monitor. This paper suggests a method of tracking down cyber attack traffic sources by defining relational information flow of traffic data from highest cascaded and grouped relational flow. The result of applying this cyber attack source tracking method to real cyber attack traffic, was found to be reliable with quality results.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.3
• /
• pp.449-455
• /
• 2021

This paper proposes an encryption web transaction attack detection system based on the existing web application monitoring system. Although there was difficulty in detecting attacks on the encrypted web traffic because the existing web traffic security systems detect and defend attacks based on encrypted packets in the network area of the encryption section between the client and server, by utilizing the technology of the web application monitoring system, it is possible to detect various intelligent cyber-attacks based on information that is already decrypted in the memory of the web application server. In addition, since user identification is possible through the application session ID, statistical detection of attacks such as IP tampering attacks, mass web transaction call users, and DDoS attacks are also possible. Thus, it can be considered that it is possible to respond to various intelligent cyber attacks hidden in the encrypted traffic by collecting and detecting information in the non-encrypted section of the encrypted web traffic.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.6B
• /
• pp.600-607
• /
• 2011

As network traffic is dramatically increasing due to the popularization of Internet, the need for application traffic identification becomes important for the effective use of network resources. In this paper, we present an Internet application traffic identification method based on flow correlation to overcome limitation of signature-based identification methods and to improve performance (completeness) of it. The proposed method can identify unidentified flows from signature-based method using flow correlation between identified and unidentified flows. We propose four separate correlation methods such as Server-Client, Time, Host-Host, and Statistic correlation and describe a flow correlation-based identification system architecture which incorporates the four separate methods. Also we prove the feasibility and applicability of our proposed method by an acceptable experimental result.

• Journal of Institute of Control, Robotics and Systems
• /
• v.6 no.4
• /
• pp.313-319
• /
• 2000

As the interest of flexible manufacturing systems and computer integrated manufacturing systems increase, the distribution of centralized control systems using industrial control networks is getting more attention. In this paper, we investigate the rate-based traffic control of industrial control networks to improve the performance regarding the throughput, fairness, and error rates. Especially, we consider the protocol of Lon-$Works^{(TM)}$ which consists of all OSI 7-layers and supports various communication media at a low cost. Basically, the proposed rate-based traffic control system is closed loop by utilizing the feedback channel errors, which shows improved performance when compared with other industrial control networks commonly operated in open loop. To this end, an additional network node called monitoring node is introduced to check the channel status without increasing the channel load. The Proposed control loop is in effect whenever the feedback channel error becomes greater than an admittable value. We demonstrate the improved performance of the controlled network system in view of throughput and fairness measures by implementing the lab-scale network system based on LonWorks and through the experimentation upon it.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.821-828
• /
• 2004

To analyze the usage information of system and network resources to the each grid application by measuring the real time traffic and calculating the statistic information, we suggested the kernel-based monitoring methods by researching the efficient monitoring method. This method use small system resourcesand measure the monitoring information accurately with less delay than the usual packet capture methods such as tcpdump. Also we implemented the monitoring systems which can monitor the used resources of system and network for grid application using the suggested kernel-based monitoring method. This research can give the useful information to the development of grid application and to grid network scheduler which can assign the proper resources to the grid application to perform efficiently. Network administrator can decide whether the expansion of network is required or not using the monitoring information.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.24 no.12B
• /
• pp.2298-2319
• /
• 1999

In this paper, we propose a new moving mobile base station (MMBS) scheme for very low power and micro-size RMIMS (radio-interfaced micro information monitoring system) terminals. RMIMS terminals can be used in various application service areas such as pollution monitoring, environment surveillance, traffic monitoring, emergency monitoring (e.g., building, bridge, railroad breakdown), security monitoring (e.g., theft, alarm) and military application. For these applications based on wireless transmission technologies, sensor type RMIMS terminals must satisfy low cost and low power design (e.g., solar power, life limited battery) requirement. In RMIMS terminal design, this low power requirement limits transmission range of uplink or reverse link and means small cell size. Also these applications using RMIMS terminals may have a little bit non real-time traffic characteristic and low scattering density in service area.

• Journal of Institute of Control, Robotics and Systems
• /
• v.14 no.1
• /
• pp.1-6
• /
• 2008

The ubiquitous sensor network technique is widely applied to variety of information fields such as home automations, logistics, traffic controls, public administrations, health and environment monitoring and etc. It is particularly useful in the areas where energy consumption is minimal and where continuous monitoring of the surrounding environments, which generates streams of data, are required. In this study, we have designed and implemented a living environment automatic control system which collects the streams of temperature, humidity, light and noise data of a simulated house setting in real-time fashion, then controls the home environment based on the collected data according to the users favorites. In order to differentiate the proposed system from the currently existing similar system, we have demonstrated not only the feasibility of collecting data using sensor network in the controlled environment but also the ability to control the various household equipments through wireless communications.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.58 no.11
• /
• pp.2281-2285
• /
• 2009

Powerline communication is the data signal which is modulated by carrier frequency through the installed powerline at in-home or office is transmitted and received signals are separated into data signal with using band-pass filter which cent-frequency is carrier frequency. The home gateway, an equipment which works as an gateway for ubiquitous home network, relays all functions of a home network. The home gateway must always be connected in order to provide seamless services. However it gives unfavorable power consumption. Therefore the needs for working in maximum power saving mode while there is no data traffic and for invoking to the normal function when it is necessary. So, in this paper we survey the development of low power PLC modem monitoring of power consumption and breaking abnormal power in the home Network.

• Proceedings of the Korean Institute of Intelligent Systems Conference
• /
• 2006.11a
• /
• pp.203-207
• /
• 2006

Nowadays, Cars are continuing to grow at an alarming rate but they also cause many problems such as traffic accident, pollutions and so on. One of the most effective methods that prevent traffic accidents is the use of traffic monitoring systems, which are already widely used in many countries. The monitoring system is beginning to be used in domestic recently. An intelligent monitoring system generates photo images of cars as well as identifies cars by recognizing their plates. That is, the system automatically recognizes characters of vehicle plates. An automatic vehicle plate recognition consists of two main module: a vehicle plate locating module and a vehicle plate number identification module. We study for a vehicle plate number identification module in this paper. We use image preprocessing, feature extraction, multi-layer neural networks for recognizing characters of vehicle plates and we present a feature-comparison method for improving the performance of vehicle plate number identification module. In the experiment on identifying vehicle plate number, 300 images taken from various scenes were used. Of which, 8 images have been failed to identify vehicle plate number and the overall rate of success for our vehicle plate recognition algorithm is 98%.

• Journal of Computing Science and Engineering
• /
• v.2 no.4
• /
• pp.412-427
• /
• 2008

We propose ID-exchange protocol for Connectionless Location-Awareness Service (CLAS) to locate mobile nodes in indoor sensor network. When adapting location-awareness service to sensor network, the target system must be designed in accordance with various metrics which reflect the system requirement. We especially consider sustainability of the existing service which has been provided for its original purpose, such as environmental monitoring. The detailed meaning of sustainability here is that, even if location-awareness service is newly added to the existing service, the system must be assured to retain a stable network condition, and to deal with newly caused traffic properly. The CLAS ID-exchange protocol is especially designed for fixture and mobile nodes communication to achieve these properties. The protocol operates on 802.15.4 MAC layer to make mobile node work independently of the procedure to build routing table of fixture node, so a stable routing condition can be achieved even if there are many mobile nodes. Moreover, the dedicated frequency channel is assigned only for this protocol, so that traffic caused by location-awareness service can be distributed to another channel. A real system adapting the protocol was implemented to monitor fire and authorities' positions. We verified the overhead and elapsed time for location-awareness. The result shows the proposed protocol has a high performance in detecting speed, traffic distribution, and stability of overall network.