• Journal of Communications and Networks
• /
• v.12 no.4
• /
• pp.382-394
• /
• 2010

Cross-domain event information sharing is a topic of great interest in the area of event based network management. In this work we use data sets which represent actual attacks in the operational Internet. We analyze the data sets to understand the dynamics of the attacks and then go onto show the effectiveness of sharing incident related information to contain these attacks. We describe universal data acquisition system for event based management (UniDAS), a novel system for secure and automated cross-domain event information sharing. The system uses a generic, structured data format based on a standardized incident object description and exchange format (IODEF). IODEF is an XML-based extensible data format for security incident information exchange. We propose a simple and effective security model for IODEF and apply it to the secure and automated generic event information sharing system UniDAS. We present the system we have developed and evaluate its effectiveness.

• Journal of KIISE:Information Networking
• /
• v.37 no.1
• /
• pp.8-15
• /
• 2010

In this study, we present an extended complex event model by considering both of the complex event and the aspect-oriented programming. We propose an advanced scheme for the event specification suited for the event correlation based network management systems by merging these two models. Specifically, we extend the model to support hierarchical event structures and let the model recognize point-cuts of aspect-oriented programming as events. We provide the event operators designed to specify the events on instances and handle temporal relations of the instances. Lastly, we compare the proposed model with other event models and present the benefits of it.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.9
• /
• pp.1189-1198
• /
• 2002

Policy base management system that can satisfy various user's request in distributed system environment recently and manage network resources efficiently is required. Described policy base management information consisted of ECA(Event-Condition-Action) rules so that efficient management of various communication network and consistent management policy may be available in this paper. Policy is consisted of Event, Condition and Actions to achieve when condition is satisfied. And we can present formality of dynamic function of management object as applying policy to ATM congestion control model been applying in real environment.

• Journal of the Korea Safety Management & Science
• /
• v.11 no.2
• /
• pp.137-144
• /
• 2009

EPCIS(EPC Information Services) system is a core component of EPCglobal Architecture Framework offering information of the freights, the time of awareness and the location of awareness on the EPCglobal Network. The role of EPCIS is to exchange information based on EPC. There are four kinds of event data which are object event data, aggregation event data, quantity event data, and transaction event data. These EPCIS events data are stored and managed in EPCIS repository. This study suggest the quantitative modeling about total number of EPCIS event data under the assumption to aware the RFID tags of items, cases(boxes), vehicles(carriers, forklifts, auto guided vehicles, rolltainers) at a time on the reading points. We also estimate the number of created EPCIS event data by the suggested quantitative modeling under scenario of process in the integrated logistics center based on RFID system And this study compare the TO-BE model with the AS-IS model about the total sizes of created EPCIS event data using the simulation, in which we suggested the TO-BE model as the development of the repository by skipping the overlapped records.

• Journal of the Korea Safety Management & Science
• /
• v.12 no.4
• /
• pp.169-174
• /
• 2010

EPCIS(EPC Information Services) system is a core component of EPCglobal Architecture Framework offering information of the freights, the time of awareness and the location of awareness on the EPCglobal Network. The role of EPCIS is to exchange information based on EPC. There are four kinds of event data which are object event data, aggregation event data, quantity event data, and transaction event data. These EPCIS events data are stored and managed in EPCIS repository. This paper deals with the method which diversifies the data flow load of intensive EPCIS events and effectively manages EPCIS repository for exchanging data smoothly. In order to verify a effectiveness, we measure the performance of the system using a simulation by comparing the existing method with the suggested method.

• Journal of Korea Multimedia Society
• /
• v.23 no.1
• /
• pp.24-30
• /
• 2020

As the number of internet-connected appliances and the variety of IoT services are rapidly increasing, it is hard to protect IT assets with traditional network security techniques. Most traditional network log analysis systems use rule based mechanisms to reduce the raw logs. But using predefined rules can't detect new attack patterns. So, there is a need for a mechanism to reduce congested raw logs and detect new attack patterns. This paper suggests enterprise security management for IoT services using graph and network measures. We model an event network based on a graph of interconnected logs between network devices and IoT gateways. And we suggest a network clustering algorithm that estimates the attack probability of log clusters and detects new attack patterns.

• Proceedings of the Safety Management and Science Conference
• /
• 2010.11a
• /
• pp.349-355
• /
• 2010

EPCIS(EPC Information Services) system is a core component of EPCglobal Architecture Framework offering information of the freights, the time of awareness and the location of awareness on the EPCglobal Network. The role of EPCIS is to exchange information based on EPC. There are four kinds of event data which are object event data, aggregation event data, quantity event data, and transaction event data. These EPCIS events data are stored and managed in EPCIS repository. This paper leads to separate a in-out data overload of integrated EPCIS event and suggests the method to effectively manage EPCIS repository for exchanging data smoothly. In order to verify a effectiveness, we measure the performance of the system using a simple testing simulation by comparing existing method and suggested method.

• Journal of Communications and Networks
• /
• v.15 no.3
• /
• pp.301-311
• /
• 2013

This paper proposes a policy-based quality of service (QoS) management framework for adaptive routing decisions. We present an approach considering interior gateway protocol (IGP) for path discovery mechanisms and QoS-aware policies for configuring the network elements. The integration of the aforementioned modules into this policy-based network management (PBNM) system is demonstrated by conducting experiments in a real environment, the hellenic public administration network SYZEFXIS. These experiments combine different traffic conditioning mechanisms through event detectors, consider IP service level agreement mechanisms that interoperate with the PBNM system and analyze the enforcement of IGP and QoS policies. Finally, validation and measurement tools are used to prove the efficiency of this framework. It is shown that this architecture offers significantly increased performance and learning capabilities, while the PBNM system achieves adaptive QoS routing through automated configuration considering the avoidance of suboptimal routing issues or under-performance conditions of the network entities.

• The KIPS Transactions:PartB
• /
• v.9B no.5
• /
• pp.549-554
• /
• 2002

This paper proposes a UQoSM (User Qualify of Service Middleware) framework for multimedia application systems. UQoSM system is extended the existing event service model added to the event monitoring, reflective event filtering and event dispatcher for supporting multimedia application systems. Especially, this paper is concentrated on providing suitable reflective event filtering function for multimedia application service system in order to meet various user requirements under inter-based environment. It means this system provides high QoS to users. In addition, it results in decreasing network traffic as unnecessary event information is filtered from network.

• Proceedings of the KSRS Conference
• /
• 2007.10a
• /
• pp.568-572
• /
• 2007

With the proliferation of advanced wireless network and sensor technologies, smart devices under USN(ubiquitous sensor network) environment are capable of collecting context information such as temperature, humidity, weight, and location about objects at real time. Therefore, applications must be able to analyze collected information and notify useful information to wanted users timely. This service can be realized by implementing an event-based middleware. In the middleware, event messages collected from physical environment will be filtered according to profiles that users define in advance and the result will be sent to the interested users. In this paper, we present XML-based event model, ECA-based profile model, and the architecture of an event-based middleware suitable to USN environment. We will also model and describe them using the examples of logistics area. By implementing the system based on the design above, the middleware enable applications or users to easily access to physical sources. The proposed middleware can also apply to not only logistics area but also other various areas under USN environment such as intelligent traffic control system, national disaster management system and u-medical system.