• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5442-5463
• /
• 2016

Designing efficient routing protocols for a wireless sensor network with mobile sinks (mWSN) is a challenging task since the network topology and data paths change frequently as sink nodes move. In this paper, we design a novel lightweight reactive ring based routing protocol called R3, which removes the need of proactively maintaining data paths to mobile sinks as they move in the network. To achieve high packet delivery ratio and low transmission cost, R3 combines ring based forwarding and trail based forwarding together. To support efficient ring based forwarding, we build a ring based structure for a network in a way such that each node in the network can easily obtain its ring ID and virtual angle information. For this purpose, we artificially create a virtual hole in the central area of the network and accordingly find a shortest cycled path enclosing the hole, which serves as base ring and is used for generating the remaining ring based structure. We accordingly present the detailed design description for R3, which only requires each node to keep very limited routing information. We derive the communication overhead by ring based forwarding. Extensive simulation results show that R3 can achieve high routing performance as compared with existing work.

• Journal of Korean Society of Forest Science
• /
• v.96 no.1
• /
• pp.70-76
• /
• 2007

The main purpose of this study was to realize Mountain Search and Rescue System based on Ubiquitous Sensor Network for applying search and rescue operations in the mountains. The on-site survey was conducted in order to test the possibility of data reception rate and sensor network stability, ten nodes was installed on the trail at 100m intervals Unson waterfall to Kwanumbong in Kyeryongsan national park. The results showed that the data reception rate was over 90.0% at least. To test sensor network stability, nodes were randomly turned off one by on. The result was 100% functionality.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.2 no.1
• /
• pp.159-169
• /
• 1999

Recently a firewall is being employed to protect hacking by controlling the traffics. The security services in the firewall include authentication, access control, confidentiality, integrity, and audit trail. A token is adapted for authentication to the firewall. A token has a small battery within which has restricted power capacity, This paper proposes a novel cost-effective firewall token for hacking protecting on transmission control protocol/internet protocol (TCP/IP) based network. This paper proposes a fast exponentiation method with a sparse prime that take a major operation for a public-key crypto-system and a major power consumption in the token. The proposed method uses much less amount of modular operations in exponentiation that is reduced of battery's capacity or CPU's price in the token.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.3258-3279
• /
• 2019

Recently, ransomware has earned itself an infamous reputation as a force to reckon with in the cybercrime landscape. However, cybercriminals are adopting other unconventional means to seamlessly attain proceeds of cybercrime with little effort. Cybercriminals are now acquiring cryptocurrencies directly from benign Internet users without the need to extort a ransom from them, as is the case with ransomware. This paper investigates advances in the cryptovirology landscape by examining the state-of-the-art cryptoviral attacks. In our approach, we perform digital autopsy on the malware's source code and execute the different malware variants in a contained sandbox to deduce static and dynamic properties respectively. We examine three cryptoviral attack structures: browser-based crypto mining, memory resident crypto mining and cryptoviral extortion. These attack structures leave a trail of digital forensics evidence when the malware interacts with the file system and generates noise in form of network traffic when communicating with the C2 servers and crypto mining pools. The digital forensics evidence, which essentially are IOCs include network artifacts such as C2 server domains, IPs and cryptographic hash values of the downloaded files apart from the malware hash values. Such evidence can be used as seed into intrusion detection systems for mitigation purposes.

• Proceedings of the KIEE Conference
• /
• 2006.04a
• /
• pp.147-149
• /
• 2006

We designed an intelligent intrusion detection scheme that works based on target system's operational states and doesn't depend on humans' analysis. As a prior work, we presents a scheme to describe computer system's operational states. For this, Hidden Markov Model is used. As input to modeling, huge amount of system audit trail including data on events occurred in target system connected to network and target system's resource usage monitoring data is used. We can predict system's future state based on current events' sequence using developed model and determine whether it would be in daniel or not.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.48 no.4
• /
• pp.371-378
• /
• 1999

This paper presents an efficient algorithm for loss reduction of distribution system by automatic sectionalizing switch operation in large scale distribution systems of radial type. Simulated Annealing algorithm among optimization techniques can avoid escape from local minima by accepting improvements in cost, but the use of this algorithm is also responsible for an excessive computation time requirement. To overcome this major limitation of Simulated Annealing algorithm, we may use advanced Simulated Annealing algorithm. All constaints are divided into two constraint group by using perturbation mechanism and penalty factor, so all trail solutions are feasible. The polynomial-time cooling schedule is used which is based on the statistics calculation during the search. This approaches results in saving CPU time. Numerical examples demonstrate the validity and effectiveness of the proposed methodology.

• The Journal of Korea Robotics Society
• /
• v.16 no.2
• /
• pp.122-129
• /
• 2021

For the Simultaneous Localization and Mapping (SLAM) problem, a different path results in different SLAM results. Usually, SLAM follows a trail of input data. Active SLAM, which determines where to sense for the next step, can suggest a better path for a better SLAM result during the data acquisition step. In this paper, we will use reinforcement learning to find where to perceive. By assigning entire target area coverage to a goal and uncertainty as a negative reward, the reinforcement learning network finds an optimal path to minimize trajectory uncertainty and maximize map coverage. However, most active SLAM researches are performed in indoor or aerial environments where robots can move in every direction. In the urban environment, vehicles only can move following road structure and traffic rules. Graph structure can efficiently express road environment, considering crossroads and streets as nodes and edges, respectively. In this paper, we propose a novel method to find optimal SLAM path using graph structure and reinforcement learning technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.3-12
• /
• 2004

Secure operating system is a special operating system that integrates some security functions(i.e. access control, user authentication, audit-trail and etc.) with normal operating system in order to protect system from various attacks. But it doesn't consider my security of network traffic. To guarantee the security of the whole system, network traffic must be protected by a certain way and IPsec is a representative technology for network security. However, it requires administrator's carefulness in managing security policies and the key management mechanism is very heavy as well as complicated. Moreover, it doesn't have a suitable framework for delivery of security information for access control mechanism. So we propose a simple trusted channel mechanism for secure communication between secure operating systems. It provides confidentiality md authentication for network traffic and ability to deliver security information. It is implemented at the kernellevel of IP layer and the simplicity of the mechanism can minimize the overhead of trusted channel processing.

• Journal of Communications and Networks
• /
• v.10 no.4
• /
• pp.455-464
• /
• 2008

To provide network services consistently under various network failures, enterprise networks increasingly utilize path diversity through multi-homing. As a result, multi-homed non-transit autonomous systems become to surpass single-homed networks in number. In this paper, we address an inevitable problem that occurs when networks with multiple entry points deploy firewalls in their borders. The majority of today's firewalls use stateful inspection that exploits connection state for fine-grained control. However, stateful inspection has a topological restriction such that outgoing and incoming traffic of a connection should pass through a single firewall to execute desired packet filtering operation. Multi-homed networking environments suffer from this restriction and BGP policies provide only coarse control over communication paths. Due to these features and the characteristics of datagram routing, there exists a real possibility of asymmetric routing. This mismatch between the exit and entry firewalls for a connection causes connection establishment failures. In this paper, we formulate this phenomenon into a state-sharing problem among multiple fire walls under asymmetric routing condition. To solve this problem, we propose a stateful inspection protocol that requires very low processing and messaging overhead. Our protocol consists of the following two phases: 1) Generation of a TCP SYN cookie marked with the firewall identification number upon a SYN packet arrival, and 2) state sharing triggered by a SYN/ACK packet arrival in the absence of the trail of its initial SYN packet. We demonstrate that our protocol is scalable, robust, and simple enough to be deployed for high speed networks. It also transparently works under any client-server configurations. Last but not least, we present experimental results through a prototype implementation.

• The Korean Journal of Archival Studies
• /
• no.60
• /
• pp.317-358
• /
• 2019

Blockchain technology has emerged as one of the key technologies of the fourth industrial revolution. Blockchain technology is characterized by being able to verify the authenticity of stored information in a block and whether it is false or falsified, cannot arbitrarily manipulate or delete a particular record, and is capable of transparent audit trail. This study is designed to explore how to apply blockchain technology to record management. For this purpose, we want to approach the code area, the physical area of the blockchain technology, to explore some of the key physical structures, and to derive the applicability of the blockchain technology. By implementing the part of 'Cloud-Record Management System', future record management system model and currently in the process of phasing out step by step, as a modular block chain, I suggest a blockchain network model that can simplify or replace various functions of the current record management process.