• KNOM Review
• /
• v.24 no.2
• /
• pp.13-23
• /
• 2021

Recently, as networks become more complex due to the activation of IoT devices, research on long-term traffic prediction beyond short-term traffic prediction is being activated to predict and prepare for network congestion in advance. The recursive strategy, which reuses short-term traffic prediction results as an input, has been extended to multi-step traffic prediction, but as the steps progress, errors accumulate and cause deterioration in prediction performance. In this paper, an LSTM-based multi-step traffic prediction method using a multi-output strategy is introduced and its performance is evaluated. As a result of experiments based on actual DNS request traffic, it was confirmed that the proposed LSTM-based multiple output strategy technique can reduce MAPE of traffic prediction performance for non-stationary traffic by 6% than the recursive strategy technique.

• KNOM Review
• /
• v.23 no.1
• /
• pp.10-17
• /
• 2020

As the threat of Distributed Denial-of-Service attacks that exploit weakly secure IoT devices has spread, research on source-side Denial-of-Service attack detection is being activated to quickly detect the attack and the location of attacker. In addition, a collaborative source-side attack detection technique that shares detection results of source-side networks located at individual sites is also being activated to overcome regional limitations of source-side detection. In this paper, we evaluate the performance of a collaborative source-side DDoS attack detection using statistical weights. The statistical weight is calculated based on the detection rate and false positive rate corresponding to the time zone of the individual source-side network. By calculating weighted sum of the source-side DoS attack detection results from various sites, the proposed method determines whether a DDoS attack happens. As a result of the experiment based on actual DNS request to traffic, it was confirmed that the proposed technique reduces false positive rate 2% while maintaining a high attack detection rate.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.7
• /
• pp.2257-2285
• /
• 2022

Cyber-physical systems (CPS) have been growing exponentially due to improved cloud-datacenter infrastructure-as-a-service (CDIaaS). Incremental expandability (scalability), Quality of Service (QoS) performance, and reliability are currently the automation focus on healthy Tier 4 CDIaaS. However, stable QoS is yet to be fully addressed in Cyber-physical data centers (CP-DCS). Also, balanced agility and flexibility for the application workloads need urgent attention. There is a need for a resilient and fault-tolerance scheme in terms of CPS routing service including Pod cluster reliability analytics that meets QoS requirements. Motivated by these concerns, our contributions are fourfold. First, a Distributed Non-Recursive Cloud Model (DNRCM) is proposed to support cyber-physical workloads for remote lab activities. Second, an efficient QoS stability model with Routh-Hurwitz criteria is established. Third, an evaluation of the CDIaaS DCN topology is validated for handling large-scale, traffic workloads. Network Function Virtualization (NFV) with Floodlight SDN controllers was adopted for the implementation of DNRCM with embedded rule-base in Open vSwitch engines. Fourth, QoS evaluation is carried out experimentally. Considering the non-recursive queuing delays with SDN isolation (logical), a lower queuing delay (19.65%) is observed. Without logical isolation, the average queuing delay is 80.34%. Without logical resource isolation, the fault tolerance yields 33.55%, while with logical isolation, it yields 66.44%. In terms of throughput, DNRCM, recursive BCube, and DCell offered 38.30%, 36.37%, and 25.53% respectively. Similarly, the DNRCM had an improved incremental scalability profile of 40.00%, while BCube and Recursive DCell had 33.33%, and 26.67% respectively. In terms of service availability, the DNRCM offered 52.10% compared with recursive BCube and DCell which yielded 34.72% and 13.18% respectively. The average delays obtained for DNRCM, recursive BCube, and DCell are 32.81%, 33.44%, and 33.75% respectively. Finally, workload utilization for DNRCM, recursive BCube, and DCell yielded 50.28%, 27.93%, and 21.79% respectively.

• Journal of Ecology and Environment
• /
• v.47 no.4
• /
• pp.187-192
• /
• 2023

The United States (US) National Science Foundation's (NSF's) National Ecological Observatory Network (NEON) is a continental-scale observation facility, constructed and operated by Battelle, that collects long-term ecological data to better understand and forecast how US ecosystems are changing. All data and samples are collected using standardized methods at 81 field sites across the US and are freely and openly available through the NEON data portal, application programming interface (API), and the NEON Biorepository. NSF led a decade-long design process with the research community, including numerous workshops to inform the key features of NEON, culminating in a formal final design review with an expert panel in 2009. The NEON construction phase began in 2012 and was completed in May 2019, when the observatory began the full operations phase. Full operations are defined as all 81 NEON sites completely built and fully operational, with data being collected using instrumented and observational methods. The intent of the NSF is for NEON operations to continue over a 30-year period. Each challenge encountered, problem solved, and risk realized on NEON offers up lessons learned for constructing and operating distributed ecological data collection infrastructure and data networks. NEON's construction phase included offices, labs, towers, aquatic instrumentation, terrestrial sampling plots, permits, development and testing of the instrumentation and associated cyberinfrastructure, and the development of community-supported collection plans. Although colocation of some sites with existing research sites and use of mostly "off the shelf" instrumentation was part of the design, successful completion of the construction phase required the development of new technologies and software for collecting and processing the hundreds of samples and 5.6 billion data records a day produced across NEON. Continued operation of NEON involves reexamining the decisions made in the past and using the input of the scientific community to evolve, upgrade, and improve data collection and resiliency at the field sites. Successes to date include improvements in flexibility and resilience for aquatic infrastructure designs, improved engagement with the scientific community that uses NEON data, and enhanced methods to deal with obsolescence of the instrumentation and infrastructure across the observatory.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.11
• /
• pp.441-448
• /
• 2019

Previous researches on automatic spacing of Korean sentences has been researched to correct spacing errors by using n-gram based statistical techniques or morpheme analyzer to insert blanks in the word boundary. In this paper, we propose an end-to-end automatic word spacing by using deep neural network. Automatic word spacing problem could be defined as a tag classification problem in unit of syllable other than word. For contextual representation between syllables, Bi-LSTM encodes the dependency relationship between syllables into a fixed-length vector of continuous vector space using forward and backward LSTM cell. In order to conduct automatic word spacing of Korean sentences, after a fixed-length contextual vector by Bi-LSTM is classified into auto-spacing tag(B or I), the blank is inserted in the front of B tag. For tag classification method, we compose three types of classification neural networks. One is feedforward neural network, another is neural network language model and the other is linear-chain CRF. To compare our models, we measure the performance of automatic word spacing depending on the three of classification networks. linear-chain CRF of them used as classification neural network shows better performance than other models. We used KCC150 corpus as a training and testing data.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.1
• /
• pp.37-44
• /
• 2015

In traditional social network analysis, the betweenness centrality measure has been heavily used to identify the relative importance of nodes. Since the time complexity to calculate the betweenness centrality is very high, however, it is difficult to get it of each node in large-scale social network where there are so many nodes and edges. In our past study, we defined a new type of network, called the expanded ego network, which is built only with each node's local information, i.e., neighbor information of the node's neighbor nodes, and also defined a new measure, called the expanded ego betweenness centrality. In this paper, We propose algorithm that quickly computes expanded ego betweenness centrality by exploiting structural properties of expanded ego network. Through the experiment with virtual network used Barab$\acute{a}$si-Albert network model to represent the generic social network and facebook network to represent actual social network, We show that the node's importance rank based on the expanded ego betweenness centrality has high similarity with that the node's importance rank based on the existing betweenness centrality. We also show that the proposed algorithm computes the expanded ego betweenness centrality quickly than existing algorithm.

• Journal of Internet Computing and Services
• /
• v.12 no.1
• /
• pp.55-70
• /
• 2011

In this paper, we propose a policy-driven RFID data management event definition language, which is possibly applicable as a partial standard for SSI (Software System Infrastructure) Part 4 (Application Interface, 24791-4) defined by ISO/IEC JTC 1/SC 31/WG 4 (RFID for Item Management). The SSI's RFID application interface part is originally defined for providing a unified interface of the RFID middleware functionality―data management, device management, device interface and security functions. However, the current specifications are too circumstantial to be understood by the application developers who used to lack the professional and technological backgrounds of the RFID middleware functionality. As an impeccable solution, we use the concept of event-constraint policy that is not only representing semantic contents of RFID domains but also providing transparencies with higher level abstractions to RFID applications, and that is able to provide a means of specifying event-constraints for filtering a huge number of raw data caught from the associated RF readers. Conclusively, we try to embody the proposed concept by newly defining an XML-based RFID event policy definition language, which is abbreviated to rXPDL. Additionally, we expect that the specification of rXPDL proposed in the paper becomes a technological basis for the domestic as well as the international standards that are able to be extensively applied to RFID and ubiquitous sensor networks.

• The Journal of the Convergence on Culture Technology
• /
• v.5 no.1
• /
• pp.401-407
• /
• 2019

SDN(Softeware Defined Networking) has emerged to address the rapidly growing demand for cloud computing and to support network virtualization services. Therefor many companies and organizations have taken SDN as a next-generation network technology. However, unlike the wired network where the SDN is originally designed, the SDN in the wireless network has a restriction that it can not provide the mobility of the node. In this paper, we extended existing openflow protocol of SDN and developed SDN-based network platform, which enables the SDN controller to manage the radio resources of its network and support the mobility of the nodes. The mobility support function of this paper has the advantage that a node in the network can move using its two or more wireless interfaces by using the radio resource management function of the SDN controller. In order to test the functions implemented in this paper, we measured parameters related to various transmission performance according to various mobile experiments, and compared parameters related to performance using one wireless interface and two interfaces. The SDN-based network platform proposed in this paper is expected to be able to monitor the resources of wireless networks and support the mobility of nodes in the SDN environment.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.21 no.10
• /
• pp.89-100
• /
• 2007

Consumer Portal is defined as "a combination of hardware and software that enables two-way communication between energy service provider(ESP, like KEPCO) and equipment within the consumer's premises". The portal provides both a physical link(between wires, radio waves, and other media) and a logical link(translating among language-like codes and etiquette-like protocols) between in-building and wide-area access networks. Thus, the consumer portal is an important, open public shared infrastructure in the future vision of energy services. In this paper, we describe a new methodology for local communication and computer network capacity design of consumer portal, and also presents capacity calculation method using a network system limitation factors. By the approach, we can check into the limitations of existing methods, and propose an improved data processing algorithm that can expand the maximum number of the networked end-use devices up to $30{\sim}40$ times. For validation, we applies the proposed methode to our real system design. Our contribution will help electrical power information network design.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.24-32
• /
• 2015

Recently, SDN is actively used as datacenter networks and gradually increase its applied areas. Along with this change of networking environment, research of deploying network security systems on SDN becomes highlighted. Especially, systems for detecting network flooding attacks by monitoring every packets through ports of OpenFlow switches have been proposed. However, because of the centralized management of a SDN controller which manage multiple switches, it may be substantial overhead that the attack detection system continuously monitors all the flows. In this paper, a sampling based network flooding attack detection and prevention system is proposed to reduce the overhead of monitoring packets and to achieve reasonable functionality of attack detection and prevention. The proposed system periodically takes sample packets of network flows with the given sampling conditions, analyzes the sampled packets to detect network flooding attacks, and block the attack flows actively by managing the flow entries in OpenFlow switches. As network traffic sampler, sFlow agent is used, and snort, an opensource IDS, is used to detect network flooding attack from the sampled packets. For active prevention of the detected attacks, an OpenDaylight application is developed and applied. The proposed system is evaluated on the local testbed composed with multiple OVSes (Open Virtual Switch), and the performance and overhead of the proposed system under various sampling condition is analyzed.