• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.666-677
• /
• 2015

The importance of application traffic analysis for efficient network management has been emphasized continuously. Snort is a popular traffic analysis system which detects traffic matched to pre-defined signatures and perform various actions based on the rules. However, it is very difficult to get highly accurate signatures to meet various analysis purpose because it is very tedious and time-consuming work to search the entire traffic data manually or semi-automatically. In this paper, we propose a novel method to generate signatures in a fully automatic manner in the form of sort rule from raw packet data captured from network link or end-host. We use a sequence pattern algorithm to generate common substring satisfying the minimum support from traffic flow data. Also, we extract the location and header information of the signature which are the components of snort content rule. When we analyzed the proposed method to several application traffic data, the generated rule could detect more than 97 percentage of the traffic data.

• The KIPS Transactions:PartC
• /
• v.16C no.6
• /
• pp.773-782
• /
• 2009

A DHT(Distributed Hash Table) based P2P is a method to overcome disadvantages of the existing unstructured P2P method. If a DHT algorithm is used, it can do a fast data search and maintain search efficiency independent of the number of peer. The peers in the DHT method send messages periodically to keep the routing table updated. In a mobile environment, the peers in the DHT method should send messages more frequently to keep the routing table updated and reduce the failure of a request. Therefore, this results in increase of network traffic. In our previous research, we proposed a method to reduce the update load of the routing table in the existing Chord by updating it in a reactive way, but the reactive method had a disadvantage to generate more traffic than the existing Chord if the number of requests per second becomes large. In this paper, we propose an adaptive method of routing table update to reduce the network traffic. In the proposed method, we apply different routing table update method according to the number of request message per second. If the number of request message per second is smaller than some threshold, we apply the reactive method. Otherwsie, we apply the existing Chord method. We perform experiments using Chord simulator (I3) made by UC Berkeley. The experimental results show the performance improvement of the proposed method compared to the existing methods.

• The KIPS Transactions:PartC
• /
• v.16C no.6
• /
• pp.761-772
• /
• 2009

A DHT(Distributed Hash Table) based P2P is a method to overcome disadvantages of the existing unstructured P2P method. If a DHT algorithm is used, it can do a fast data search and maintain search efficiency independent of the number of peer. The peers in the DHT method send messages periodically to keep the routing table updated. In a mobile environment, the peers in the DHT method should send messages more frequently to keep the routing table updated and reduce the failure of a request. Therefore, this results in increase of network traffic. In our previous research, we proposed a method to reduce the update load of the routing table in the existing Chord by updating it in a reactive way, but the reactive method had a disadvantage to generate more traffic than the existing Chord if the number of requests per second becomes large. In this paper, we propose an adaptive method of routing table update to reduce the network traffic. In the proposed method, we apply different routing table update method according to the number of request message per second. If the number of request message per second is smaller than some threshold, we apply the reactive method. Otherwsie, we apply the existing Chord method. We perform experiments using Chord simulator (I3) made by UC Berkeley. The experimental results show the performance improvement of the proposed method compared to the existing methods.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.1
• /
• pp.93-101
• /
• 2015

In modern society, various crimes is occurred. It is necessary to predict the criminal in order to prevent crimes, various studies on the prediction of crime is in progress. Crime-related data, is announced to the statistical processing of once a year from the Public Prosecutor's Office. However, relative to the current point in time, data that has been statistical processing is a data of about two years ago. It does not fit to the data of the crime currently being generated. In This paper, crime prediction data was apply with Naver trend data. By using the Web traffic Naver trend, it is possible to obtain the data of interest level for crime currently being generated. It was constructed a modeling that can predict the crime by using traffic data of the Naver web search. There have been applied to Markov chains prediction theory. Among various crimes, murder, arson, rape, predictive modeling was applied to target. And the result of predictive modeling value was analyzed. As a result, it got the same results within 20%, based on the value of crime that actually occurred. In the future, it plan to advance research for the predictive modeling of crime that takes into the characteristics of the season.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2000.05a
• /
• pp.59-64
• /
• 2000

Active radar reflector may be less familiar, since their uses have been limited to military applications, especially the enhancement of the effective radar cross-sections of missile test range in the drone aircraft and missiles. Perhaps the most widely-blown applications of radar transponders are Identification Friend or Foe(IFF) and its civilian counterpart, secondary surveilliance radar for Air Traffic Control(ATC), and most recently, as Search And Rescue Transponder(SART) in the Global Maritime Distress and Safety System(GMDSS). Since it happens frequently accidents on the sea, the problems of the contamination more seriously considered. The conventional navigation buoy and utilities are not sufficient to maintain the safety of the sea and thus new structured concept must be considered. Therefore, this paper propose and implement the active radar reflector with a enhanced structure. The results are shown that the performance of the system is significantly improved comparing with the conventional utilities.

• Journal of Korea Society of Industrial Information Systems
• /
• v.5 no.3
• /
• pp.38-43
• /
• 2000

Active radar reflector may be less familiar, since their uses have been limited to military applications, especially the enhancement of the effective radar cross-sections of missile test range in the drone aircraft and missiles. Perhaps the most widely-Down applications of radar transponders are Identification Friend or Foe(IFF) and its civilian counterpart secondary surveilliance radar for Air Traffic Control(ATC), and most recently, as Search And Rescue Transponder(SART) in the Global Maritime Distress and Safety System(GMDSS). Since it happens frequently accidents on the sea, the problems of the contamination more seriously considered. The conventional navigation buoy and utilities are not sufficient to maintain the safety of the sea and thus new structured concept must be considered. Therefore, this paper propose and implement the active radar reflector with a enhanced function. The results are shown that the performance of the system is significantly improved comparing with the conventional utilities.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.33 no.6
• /
• pp.2427-2435
• /
• 2013

Design hourly volume and the K-factor, first proposed by FHWA in the 1950s, is based on the 30th hourly traffic volume during a year (out of 8,760 hours). It was used when surveying the traffic volume was laborious in the past and is still being used now although it leaves some to be desired for practical applications. More reasonable K-factor for better design, based on theoretical evidence, is needed. This paper proposes the knee searching method based on simple linear regression to find out the inflection point of the volume ranking curve that describe the annual 8,760 hourly traffic volumes. The method was applied to the Chungcheong province's national highway, and the results were compared to the existing guidelines' values of K-factors. Identified design hourly traffic volumes ranked between 43rd to 694th, which is much lower than the 30th volume, meaning that some overdesign examples are inevitable if the conventional $30^{th}$ volume is used.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.5 no.2 s.10
• /
• pp.61-71
• /
• 2006

The main purpose of this study is to search a method for reducing traffic accident at signalized intersections. One of the important factors for this is the Left-turn phase sequence. In 1985, the operational principle of Left-turn phase Sequence was changed from Lagging left-turn to Leading left-turn in Korea. Then there was a resonable motive-no exclusive left turn-lane and narrow intersection. So, it is necessary to evaluate the performance difference between Leading and Lagging left -turn phase Sequence. The process of this study is as follows: $\cdot$ First, all the intersection was divided three parts for analysis the traffic safety: Inside part of an Intersection, Crosswalk, Intersection approach and exit. $\cdot$ Second, a safety analysis was performed by using the concepts of 'Effective interphase Period(EIP)' and 'Conflict method' The Study result is that the benefit of of phase Sequence changes from Leading to Lagging phase were significant. For an example the Accident cost will reduced about 41.8 billion won per year in korea.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.11B
• /
• pp.1277-1284
• /
• 2011

Today, many applications use 80 port, which is a basic port number of HTTP protocol, to avoid a blocking of firewall. HTTP protocol is used in not only Web browsing but also many applications such as the search of P2P programs, update of softwares and advertisement transfer of nateon messenger. As HTTP traffics are increasing and various applications transfer data through HTTP protocol, it is essential to identify which applications use HTTP and how they use the HTTP protocol. In order to prevent a specific application in the firewall, not the protocol-level, but the application-level traffic classification is necessary. This paper presents a method to classify HTTP traffics based on applications of the client-side and group the applications based on providing services. We developed an application-level HTTP traffic classification system and verified the method by applying the system to a small part of the campus network.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.69-78
• /
• 2005

As the study and use of P2P systems are diversified, the effect of excessive amount of traffic, which occurs in searching peers' resource and is considered as a network bandwidth Problem, cannot let the matter Pass without making a protest. In case P2P application doesn't reduce network traffic, it can be much effected to use bandwidth smoothly in the internet environment where various network applications lie scattered and there will be inconvenience when many network users makes use of related applications . In this Paper, we propose a pure P2P model based-broadcasting technique for producing successful hit ratio and traffic amount in the weakly connected environment based-P2P system where situation of peers' connection and exit is ambiguous . The proposed searching technique is designed/implemented to improve a resident problem in the related system and we have estimated the performance of the proposed searching technique comparing our technique with the existing broadcasting based-searching technique .