• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.71-82
• /
• 2011

Live data in physical memory can be acquired by live forensics but not by harddisk file-system analysis. Therefore, in case of forensic investigation, live forensics is widely used these days. But, existing live forensic methods, that use command line tools in live system, have many weaknesses; for instance, it is not easy to re-analyze and results can be modified by malicious code. For these reasons, in this paper we explain the Windows kernel architecture and how to analyze physical memory dump files to complement weaknesses of traditional live forensics. And then, we design and implement the Physical Memory Dump Explorer, and prove the effectiveness of our tool through test results.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.4
• /
• pp.35-42
• /
• 2010

This paper reviews the current studies about the current secure OS, security module and SELinux, and suggests Linux access control module that uses the user discriminating authentication, security authority inheritance of subjects and objects, reference monitor and MAC class process and real-time audit trailing using DB. First, during the user authentication process, it distinguishes the access permission IP and separates the superuser(root)'s authority from that of the security manager by making the users input the security level and the protection category. Second, when the subjects have access to the objects through security authority inheritance of subjects and objects, the suggested system carries out the access control by comparing the security information of the subjects with that of the objects. Third, this system implements a Reference Monitor audit on every current events happening in the kernel. As it decides the access permission after checking the current MAC security attributes, it can block any malicious intrusion in advance. Fourth, through the real-time audit trailing system, it detects all activities in the operating system, records them in the database and offers the security manager with the related security audit data in real-time.

• Journal of Korea Spatial Information System Society
• /
• v.1 no.2 s.2
• /
• pp.47-62
• /
• 1999

To meet the interoperability requirements associated with geospatial data access and geoprocessing, much efforts to design prototypical systems conforming to $OpenGIS^{TM}$ specification has been made. With respect to Object Web GIS, however, current internet mapping technology mainly focuses on either developing mapping libraries or client applications regardless of the future needs for interoperability such as an integration of $OpenGIS^{TM}$ standard for CORBA. In this paper, we propose an $OpenGIS^{TM}$ compliant mapping kernel. OpenViews, which is designed to meet those requirements. The kernel of OpenViews encapsulates the process of acquiring geospatial data in the format of $OpenGIS^{TM}$ Geometry through ORB(Object Request Broker). OpenViews, being designed based on well-known design patterns, is a highly extensible in that programmers can easily customize it on the object oriented architecture. The components implemented in OpenViews are CORBA/Java objects, and as such are portable and scalable in a networked environment. A companion package, OpenBroker, is also developed as a portable geoprocessing application server to facilitate the implementation and configuration of server side CORBA objects. It can be used for implementing objects for spatial analysis service which would be independent of legacy spatial database systems in many cases. OpenViews, together with OpenBroker, has been successfully prototyped using the technologies including EJB and servlet as the core components of an Open GIS compliant internet mapping.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.1993-1998
• /
• 2004

This paper proposes a new framework for control system design, called the data-based control approach or data space approach, in which the input and output data of a dynamical system is directly and solely used to analyze or design a control system without the employment of any mathematical models like transfer functions, state space equations, and kernel representations. Since, in this approach, most of the analysis and design processes are carried out in the domain of the data space, we introduce some notions of geometrical objects, e.g., the openloop and closed-loop data spaces, which serve as the system representations in the data space. In addition, we establish a relationship between the open-loop and closed-loop data spaces that the closed-loop data space is contained in the open-loop data space as one of its subspaces. By using this relationship, we can derive the data-based stabilization condition for a linear time-invariant discrete-time system, which leads to a linear matrix inequality with a rank constraint.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.7 no.3
• /
• pp.135-142
• /
• 2012

The Quality of embedded system depends on the embedded software. As the complexity and the size of embedded software have been increasing, it is more likely that the software may include faults, and the reliability and stability issues are getting more important. In this paper, we propose a remote test tool for software based on VxWorks by using fault injection method. The test tool consists of test server and test client for testing on the cross development environment. The test server operates in the host system and user can not only test but also monitor the software by using it. The test client operates in the target system and it controls kernel objects and sends the input data into the software when receiving the control and data from the test server. We developed the prototype software and demonstrated the ability of testing software robustness by injecting faults.

• Journal of Korea Multimedia Society
• /
• v.20 no.2
• /
• pp.126-133
• /
• 2017

The conventional hand-crafted features used to track objects have limitations in object representation. Convolutional neural networks, which show good performance results in various areas of computer vision, are emerging as new ways to break through the limitations of feature extraction. CNN extracts the features of the image through layers of multiple layers, and learns the kernel used for feature extraction by itself. In this paper, we use the feature map extracted from the convolution layer of the convolution neural network to create an outline model of the object and use it for tracking. We propose a method to adaptively update the outline model to cope with various environment change factors affecting the tracking performance. The proposed algorithm evaluated the validity test based on the 11 environmental change attributes of the CVPR2013 tracking benchmark and showed excellent results in six attributes.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.3 no.1
• /
• pp.100-104
• /
• 2003

The SVDD(support vector data description) is one of the most well-known one-class support vector learning methods, in which one tries the strategy of utilizing balls defined on the kernel feature space in order to distinguish a set of normal data from all other possible abnormal objects. The major concern of this paper is to consider the problem of modifying the SVDD into the direction of utilizing ellipsoids instead of balls in order to enable better classification performance. After a brief review about the original SVDD method, this paper establishes a new method utilizing ellipsoids in feature space, and presents a solution in the form of SDP(semi-definite programming) which is an optimization problem based on linear matrix inequalities.

• Journal of Internet Computing and Services
• /
• v.6 no.3
• /
• pp.159-170
• /
• 2005

OC-SVM(One Class Support Vector Machine) avoids solving a full density estimation problem, and instead focuses on a simpler task, estimating quantiles of a data distribution, i.e. its support. OC-SVM seeks to estimate regions where most of data resides and represents the regions as a function of the support vectors, Although OC-SVM is powerful method for data description, it is difficult to incorporate human subjective importance into its estimation process, In order to integrate the importance of each point into the OC-SVM process, we propose a fuzzy version of OC-SVM. In FOC-SVM (Fuzzy One-Class Support Vector Machine), we do not equally treat data points and instead weight data points according to the importance measure of the corresponding objects. That is, we scale the kernel feature vector according to the importance measure of the object so that a kernel feature vector of a less important object should contribute less to the detection process of OC-SVM. We demonstrate the performance of our algorithm on several synthesized data sets, Experimental results showed the promising results.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.865-874
• /
• 2005

The information stored in the computer system needs to be protected from unauthorized access, malicious destruction or alteration and accidental inconsistency. In this paper, we propose an intrusion detection system based on sensor concept for defecting and preventing malicious attacks We use software sensor objects which consist of sensor file for each important directory and sensor data for each secret file. Every sensor object is a sort of trap against the attack and it's touch tan be considered as an intrusion. The proposed system is a new challenge of setting up traps against most interception threats that try to copy or read illicitly programs or data. We have implemented the proposed system on the Linux operating system using loadable kernel module technique. The proposed system combines host~based detection approach and network-based one to achieve reasonably complete coverage, which makes it possible to detect unknown interception threats.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.13 no.3
• /
• pp.266-274
• /
• 2003

This paper considers an incremental support vector learning for the abnormality detection problems. One of the most well-known support vector learning methods for abnormality detection is the so-called SVDD(support vector data description), which seeks the strategy of utilizing balls defined on the kernel feature space in order to distinguish a set of normal data from all other possible abnormal objects. The major concern of this paper is to modify the SVDD into the direction of utilizing the relation between the optimal solution and incrementally given training data. After a thorough review about the original SVDD method, this paper establishes an incremental method for finding the optimal solution based on certain observations on the Lagrange dual problems. The applicability of the presented incremental method is illustrated via a design example.