• Journal of Communications and Networks
• /
• 제12권4호
• /
• pp.382-394
• /
• 2010

Cross-domain event information sharing is a topic of great interest in the area of event based network management. In this work we use data sets which represent actual attacks in the operational Internet. We analyze the data sets to understand the dynamics of the attacks and then go onto show the effectiveness of sharing incident related information to contain these attacks. We describe universal data acquisition system for event based management (UniDAS), a novel system for secure and automated cross-domain event information sharing. The system uses a generic, structured data format based on a standardized incident object description and exchange format (IODEF). IODEF is an XML-based extensible data format for security incident information exchange. We propose a simple and effective security model for IODEF and apply it to the secure and automated generic event information sharing system UniDAS. We present the system we have developed and evaluate its effectiveness.

• 한국정보과학회논문지:정보통신
• /
• 제37권1호
• /
• pp.8-15
• /
• 2010

본 연구에서 우리는 복합 이벤트(complex event)와 관점지향 프로그래밍(aspect-oriented programming)을 함께 고려하여 확장된 복합 이벤트 모델을 제시한다. 우리는 이 두 모델의 통합을 통해 이벤트 상관 기반의 네트워크 관리 시스템에 적합한 진보된 이벤트 명세 방법을 제안한다. 구체적으로, 계층적 이벤트 구조를 지원하도록 모델을 확장하고 관점지향 프로그래밍의 교차점(point cut)을 이벤트로 인식하도록 한다. 또한 이벤트 명세를 인스턴스(instance) 단위로 할 수 있도록 이벤트 연산자를 제공하고 시간적 관계를 원활하게 표현할 수 있도록 한다. 마지막으로 다른 이벤트 모델과의 비교를 통해 본 이벤트 모델의 장점을 제시한다.

• 한국컴퓨터산업학회논문지
• /
• 제3권9호
• /
• pp.1189-1198
• /
• 2002

최근 분산시스템 환경에서 다양한 사용자의 요구에 부응하고 통신망의 효과적인 관리를 위해서는 네트워크 자원의 관리에 대한 정책기반 통신망관리시스템이 요구된다. 본 논문에서는 다양한 통신망의 효율적인 관리와 일관된 관리정책을 적용하기 위해 ECA(Event-Condition-Action) 규칙을 갖는 능동특성의 정책기반 관리객체정보를 모델링하였다. 본 논문에 기술된 정책에는 하나의 외부요인이 발생하였을 때 외부요인이 수행되기 위한 하나이상의 조건과 그 조건이 만족된 경우 수행되는 행위들로 구성된 규칙들을 기술한다. 그리고 실질적인 환경에서 적용되고 있는 ATM 관리객체 중 폭주제어 모델에 정책의 구성요소를 적용함으로써 관리객체의 동적 수행 기능이 체계적이고 정형적으로 기술되는 장점을 제시하였다.

• 대한안전경영과학회지
• /
• 제11권2호
• /
• pp.137-144
• /
• 2009

EPCIS(EPC Information Services) system is a core component of EPCglobal Architecture Framework offering information of the freights, the time of awareness and the location of awareness on the EPCglobal Network. The role of EPCIS is to exchange information based on EPC. There are four kinds of event data which are object event data, aggregation event data, quantity event data, and transaction event data. These EPCIS events data are stored and managed in EPCIS repository. This study suggest the quantitative modeling about total number of EPCIS event data under the assumption to aware the RFID tags of items, cases(boxes), vehicles(carriers, forklifts, auto guided vehicles, rolltainers) at a time on the reading points. We also estimate the number of created EPCIS event data by the suggested quantitative modeling under scenario of process in the integrated logistics center based on RFID system And this study compare the TO-BE model with the AS-IS model about the total sizes of created EPCIS event data using the simulation, in which we suggested the TO-BE model as the development of the repository by skipping the overlapped records.

• 대한안전경영과학회지
• /
• 제12권4호
• /
• pp.169-174
• /
• 2010

EPCIS(EPC Information Services) system is a core component of EPCglobal Architecture Framework offering information of the freights, the time of awareness and the location of awareness on the EPCglobal Network. The role of EPCIS is to exchange information based on EPC. There are four kinds of event data which are object event data, aggregation event data, quantity event data, and transaction event data. These EPCIS events data are stored and managed in EPCIS repository. This paper deals with the method which diversifies the data flow load of intensive EPCIS events and effectively manages EPCIS repository for exchanging data smoothly. In order to verify a effectiveness, we measure the performance of the system using a simulation by comparing the existing method with the suggested method.

• 한국멀티미디어학회논문지
• /
• 제23권1호
• /
• pp.24-30
• /
• 2020

As the number of internet-connected appliances and the variety of IoT services are rapidly increasing, it is hard to protect IT assets with traditional network security techniques. Most traditional network log analysis systems use rule based mechanisms to reduce the raw logs. But using predefined rules can't detect new attack patterns. So, there is a need for a mechanism to reduce congested raw logs and detect new attack patterns. This paper suggests enterprise security management for IoT services using graph and network measures. We model an event network based on a graph of interconnected logs between network devices and IoT gateways. And we suggest a network clustering algorithm that estimates the attack probability of log clusters and detects new attack patterns.

• 대한안전경영과학회:학술대회논문집
• /
• 대한안전경영과학회 2010년도 추계학술대회
• /
• pp.349-355
• /
• 2010

EPCIS(EPC Information Services) system is a core component of EPCglobal Architecture Framework offering information of the freights, the time of awareness and the location of awareness on the EPCglobal Network. The role of EPCIS is to exchange information based on EPC. There are four kinds of event data which are object event data, aggregation event data, quantity event data, and transaction event data. These EPCIS events data are stored and managed in EPCIS repository. This paper leads to separate a in-out data overload of integrated EPCIS event and suggests the method to effectively manage EPCIS repository for exchanging data smoothly. In order to verify a effectiveness, we measure the performance of the system using a simple testing simulation by comparing existing method and suggested method.

• Journal of Communications and Networks
• /
• 제15권3호
• /
• pp.301-311
• /
• 2013

This paper proposes a policy-based quality of service (QoS) management framework for adaptive routing decisions. We present an approach considering interior gateway protocol (IGP) for path discovery mechanisms and QoS-aware policies for configuring the network elements. The integration of the aforementioned modules into this policy-based network management (PBNM) system is demonstrated by conducting experiments in a real environment, the hellenic public administration network SYZEFXIS. These experiments combine different traffic conditioning mechanisms through event detectors, consider IP service level agreement mechanisms that interoperate with the PBNM system and analyze the enforcement of IGP and QoS policies. Finally, validation and measurement tools are used to prove the efficiency of this framework. It is shown that this architecture offers significantly increased performance and learning capabilities, while the PBNM system achieves adaptive QoS routing through automated configuration considering the avoidance of suboptimal routing issues or under-performance conditions of the network entities.

• 정보처리학회논문지B
• /
• 제9B권5호
• /
• pp.549-554
• /
• 2002

본 논문에서는 인터넷 기반 멀티미디어 응용 서비스가 요구하는 상호운용성과 사용자에게 높은 품질의 서비스를 지원할 수 있는 UQoS 관리 (UQoSM : User Quality of Service Management) 미들웨어 프레임워크를 제안한다. UQoS 관리 미들웨어 시스템은 멀티미디어 응용 시스템들의 사용자 요구사항들을 지원하기 위해 기존의 이벤트 서비스 모델에 리플렉션(reflection) 기법을 적용하여 이벤트 모니터, 리플렉티브 이벤트 필터링, 실시간 관리 등의 컴포넌트를 포함하는 구조를 가진다. 특히, 본 논문에서는 인터넷 기반 멀티미디어 응용 서비스 사용자의 다양한 요구 사항을 지원할 수 있는 리플렉티브 이벤트 필터링을 제공하는 것에 중점을 두었다. 이로써 사용자는 보다 높은 서비스를 제공받게 되고 이 과정을 통해 전체적인 네트워크 트래픽이 감소되는 효과를 얻을 수 있다.

• 대한원격탐사학회:학술대회논문집
• /
• 대한원격탐사학회 2007년도 Proceedings of ISRS 2007
• /
• pp.568-572
• /
• 2007

With the proliferation of advanced wireless network and sensor technologies, smart devices under USN(ubiquitous sensor network) environment are capable of collecting context information such as temperature, humidity, weight, and location about objects at real time. Therefore, applications must be able to analyze collected information and notify useful information to wanted users timely. This service can be realized by implementing an event-based middleware. In the middleware, event messages collected from physical environment will be filtered according to profiles that users define in advance and the result will be sent to the interested users. In this paper, we present XML-based event model, ECA-based profile model, and the architecture of an event-based middleware suitable to USN environment. We will also model and describe them using the examples of logistics area. By implementing the system based on the design above, the middleware enable applications or users to easily access to physical sources. The proposed middleware can also apply to not only logistics area but also other various areas under USN environment such as intelligent traffic control system, national disaster management system and u-medical system.