• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5C
• /
• pp.523-531
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients'browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, or annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.6
• /
• pp.1106-1118
• /
• 2006

The Internet has become an important instrument for providing many pieces of information to us. And server systems offer the various services after processing a volume of information, it's network topology also has been complex for providing information. Therefore this expansion means the importance of fast and sustained management of server systems. But most of server systems are located in fire-walls to allow only restricted access. Moreover, due to the difference of management based on the different operating system of each server system, management of server system is not to efficiency. That is, sever administrators have to manage by themselves many kinds of servers by using local-based or socket-based single access applications. Therefore, we design and implement a middleware system which allows to manage many kinds of severs integrally ruling XML-based Web Services which have distributed object technology such as CORBA, Java RMI and DCOM, but are free from platforms or development languages. System also provides location transparency and terminal independence and calls a server system management command to manage systems.

• Journal of Broadcast Engineering
• /
• v.9 no.2
• /
• pp.151-163
• /
• 2004

In this paper, we propose a content-based video indexing and retrieval system using MPEG-7 standard to retrieve and manage videos efficiently. The proposed system consists of video indexing module for a video DB and video retrieval module to allow various query methods on a web environment. Video indexing module stores metadata such as manually typed in keywords, automatically recognized character names, and MPEG-7 visual descriptors extracted by indexing module into a DB in a sever side. A user can access to retrieval module by a web and retrieve desired videos through various query methods like keywords, faces, example and sketch. For this retrieval system, we propose ATC(Adaptive Twin Comparison) as a cut detection method for efficient video indexing and QBME(Query By Modified Example) as an improved content-based query method for the convenience of users. Experimental results show that the proposed ATC method detects cuts well and the proposed QBME method provides the conveniences better than existing query methods such as QBE(Query By Example) and QBS(Query By Sketch).

• The Journal of the Korea Contents Association
• /
• v.2 no.2
• /
• pp.17-26
• /
• 2002

In this paper, we suggest a method to acquire the moving object centered video by panning and tilting a camera automatically according to motion vectors calculated by detecting the motion of a moving object on video steam. We create a difference image by estimating the intensity difference at the grid points of neighboring frames. And we detect the motion using both horizontal projection histogram and vertical projection histogram and decide the center of motion part. Then we calculate a new direction and degree of the motion by comparing coordinates at the center of current motion and the center of previous motion. By controling the RCM using these Motion vectors, we can get video stream positioned unwire object on the center of video frame. Through the experiments, we could get a moving object centered video stream continuously arid monitor remotely by implementing sever/client architecture based on the web.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.15-22
• /
• 2002

Java applet, executed in user's web browsers which is via proxy server on web sever, can approach client files or resources, so it is necessary to secure against malicious java applet. Currently, the previous security countermeasures against malicious java applet use two ways: one is making a filter system to detect malicious java applet hewn in proxy, the other is that establishes another security java virtual machine. However, the first one can not detect unknown malicious java applet, and the other one nay increase loads, because it decides whether there is malicious or not after implementing java applet on proxy server. In this paper, after inserting monitoring function to java applet on proxy server using java-methods substitution and transfer it to user to detect malicious java applet, we propose a technique for detecting malicious java applet that can detect the unknown malicious java applet with reducing loads

• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.532-535
• /
• 2004

Architecture generation is the first step in the design of software systems. Most of the qualities that the final software system possesses are usually decided at the architecture development stage itself. Thus, if the final system should be usable, testable, secure, high performance, mobile and adaptable, then these qualities or non­functional requirements should be engineered into the architecture itself. In particular, adaptability is emerging as an important attribute required by almost all software systems. The machinery and tools in the remote site surveillance and connects intelligence information machinery and tools at Internet. We need the server which uses different embedded operating system to become private use. With the progress of information-oriented society, many device with advanced technologies invented by many companies. However, the current firmware technologies have many problems to meet such high level of new technologies. In this paper, we have successfully ported linux on an embedded system, which is based on intel StrongARM SA-1 1 10 processor, then written several network modules for internet-based network devices.

• Journal of IKEEE
• /
• v.17 no.3
• /
• pp.301-308
• /
• 2013

In this paper, we propose the hybrid lighting control system on multiple sensor. The proposed hybrid lighting control system was designed for management and control of street lightings by configured as the data display part of integration-interworking part, the data conversion-processing part of integrated management part, and the communication part of gateway system. The data are implemented to designing the DB to enable to storage in real-time by enable to monitoring by wireless remote control and schedule set. As a result of the efficiency verification of the proposed hybrid lighting control system, the hybrid lighting control system be to the real-time monitoring and remote lighting control was possible, because to peristalsis with smart devices and portable PC etc., and it could be obtained the effect of energy and electricity, communication cost reduction.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.6
• /
• pp.526-532
• /
• 2004

The insufficiency on IP address cause to develope a new internet protocol, IPv6 that the length of address field is expanded. But there are actually many problems on applying and operating this standard for internet. Though NAT(Network Address Translation) is instead of it, NAT has the characteristics that is not allowed to access from outside. This is a big merit in security but a week point because the access from outside should be allowed when a small organization operate web sever or mail server. Therefore, this paper proposes the expanded NAT which can solve such problems as modifying the table of NAT. Furthermore, the function of existing VPN(Virtual Private Network) will be acceptable partly through such a method that provide the linkage among VPNs.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.394-397
• /
• 2018

휴대폰을 개인마다 보유할 정도로 보편화하고 무선 네트워크 기술이 발전하면서 대학가에서 출결관리를 자동화하려는 바람이 불고 있다. 이는 이전의 출결시스템의 결점인 출결 확인 시간을 줄이기 위한 것이다. 그러나 자동화된 스마트 출결시스템에 허점이 많아 출결 정보에 대한 신빙성과 공정성에 문제가 발생하고 있고, 그에 대한 대책이 없는 것이 현재 상황이다. 이번 연구는 얼굴인식을 이용한 스마트 출석 체크 프로그램이다. 수업에서 사진을 찍으면 AWS Recognition 기술을 활용해 얼굴을 인식하여 Django web sever로 보내고 그 얼굴과 학사 시스템에 등록되어있는 학생의 사진을 비교하여 어떤 인물인지 파악한다. 비교한 인물이 일정 유사율을 넘었을 경우 그 학생의 얼굴 사진을 학습, 계속해서 서버 안에 있는 같은 인물 파일에 넣어서 유사율을 높이는 식으로 진행된다. 그렇게 하여 스마트 출결시스템의 목적에 맞게 출결 확인 시간을 대폭 줄일 것이고, 부정적인 방법으로 출석할 수 있는 방법을 없애 기존의 시스템에 없던 신빙성과 공정성을 확립할 것이다. 또한, 어플리케이션을 통해 학생의 경우 언제 어디서든지 자신의 출결 상황을 확인할 수 있고, 교수님 또한 손쉽게 학생들의 출결을 관리할 수 있도록 하였다. 최종적으로 무결성이 확보된 정확한 출결 정보를 자동으로 데이터화하여 이용자와 관리자의 편의를 보장할 것이다.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.8
• /
• pp.95-104
• /
• 2013

DDoS attacks have became as a social threat since 2009 7.7 DDoS turmoil. Even though defence techniques have been developing to provide against those threats, they become much more sophisticate. In recent years, the attack form of DDoS is changing from high amount of traffic attack of network layers to highly sophisticate small amount of application layers. To make matters worse, attack agent for the attack has became very intelligent so that it is difficult to be blocked since it can't be distinguished from normal PCs. In the user authentication system(such as CAPTCHA) User intervention is required to distinguish normal PCs and intelligent attack agents and in particular, in a NAT environment, IP-based blocking method can be cut off the normal users traffic at the same time. This research examined defense techniques which are able to distinguish between agent and normal PC and effectively block ways the HTTP DDoS offense applying one-time session key based authentication method using Cookie which is used in HTTP protocol to protect web sever from sophisticate application layer of DDoS.