• KIISE Transactions on Computing Practices
• /
• v.22 no.7
• /
• pp.332-337
• /
• 2016

System administrator or security managers need to collect logs of computing device (desktop or server), which are used for the purpose of cause-analysis of security incident and discover if damage to system was either caused by hacking or computer virus. Furthermore, appropriate log maintenance helps preventing security breech incidents through identification of vulnerability. In addition, it can be utilized for prevention of data leakage through the insider. In the paper, we present log collection system developed using open source supported by commands and basic methods of Windows. Furthermore, we aim to collect log information to enable search and analysis from diverse perspectives and to propose a way to integrate with open source-based search engine system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.3
• /
• pp.13-26
• /
• 1999

Widespread use of Internet despite numerous positive aspects resulted in increased number of system intrusions and the need for enhanced security mechanisms is urgent. Systematic collection and analysis of log data are essential in intrusion investigation. Unfortunately existing logs are stored in diverse and incompatible format thus making an automated intrusion investigation practically impossible. We examined the types of log data essential in intrusion investigation and implemented a tool to enable systematic collection and efficient analysis of voluminous log data. Our tool based on RBDMS and SQL provides graphical and user-friendly interface. We describe our experience of using the tool in actual intrusion investigation and explain how our tool can be further enhanced.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.2 no.3
• /
• pp.184-193
• /
• 2007

Flash memory adoption in the mobile devices is increasing or vanous multimedia services such as audio, videos, and games. Although the traditional research issues such as out-place update, garbage collection, and wear-leveling are important, the performance, memory usage, and fast mount issues of flash memory file system are becoming much more important than ever because flash memory capacity is rapidly increasing. In this paper, we address the problems of the existing log-based flash memory file systems analytically and propose an efficient log-based file system, which produces higher performance, less memory usage and mount time than the existing log-based file systems. Our ideas are applied to a well-known log-based flash memory file system (YAFFS2) and the performance tests are conducted by comparing our prototype with YAFFS2. The experimental results show that our prototype achieves higher performance, less system memory usage, and faster mounting than YAFFS2, which is better than JFFS2.

• Journal of Information Technology Services
• /
• v.13 no.4
• /
• pp.231-243
• /
• 2014

Of the various data that corporations can approach, web log data are important data that correspond to data analysis to implement customer relations management strategies. As the volume of approachable data has increased exponentially due to the Internet and popularization of smart phone, web log data have also increased a lot. As a result, it has become difficult to expand storage to process large amounts of web logs data flexibly and extremely hard to implement a system capable of categorizing, analyzing, and processing web log data accumulated over a long period of time. This study thus set out to apply Hadoop, a distributed processing system that had recently come into the spotlight for its capacity of processing large volumes of data, and propose an efficient analysis plan for large amounts of web log. The study checked the forms of web log by the effective web log collection methods and the web log levels by using Hadoop and proposed analysis techniques and Hadoop organization designs accordingly. The present study resolved the difficulty with processing large amounts of web log data and proposed the activity patterns of users through web log analysis, thus demonstrating its advantages as a new means of marketing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.157-167
• /
• 2020

The big data and artificial intelligence technology, which has provided the foundation for the recent 4th industrial revolution, has become a major driving force in business innovation across industries. In the field of information security, we are trying to develop and improve an intelligent security system by applying these techniques to large-scale log data, which has been difficult to find effective utilization methods before. The quality of security log big data, which is the basis of information security AI learning, is an important input factor that determines the performance of intelligent security system. However, the difference and complexity of log data by various product has a problem that requires excessive time and effort in preprocessing big data with poor data quality. In this study, we research and analyze the cases related to log data collection of various firewall. By proposing firewall log data collection format standard, we hope to contribute to the development of intelligent security systems based on security log big data.

• The KIPS Transactions:PartA
• /
• v.15A no.6
• /
• pp.335-344
• /
• 2008

We propose an adaptive garbage collection technique for hybrid flash memory which has both SLC and MLC. Since SLC area is fast and MLC area has low cost, the proposed scheme utilizes the SLC area as log buffer and the MLC area as data block. Considering the high write cost of MLC flash, the garbage collection for the SLC log buffer moves a page into the MLC data block only when the page is cold or the page migration invokes a small cost. The other pages are moved within the SLC log buffer. Also it adjusts the parameter values which determine the operation of garbage collection adaptively considering I/O pattern. From the experiments, we can know that the proposed scheme provides better performance compared with the previous flash management schemes for the hybrid flash and finds the parameter values of garbage collection close to the optimal values.

• The Journal of Information Technology
• /
• v.10 no.4
• /
• pp.41-56
• /
• 2007

In Digital Computing Environment, volatile information such as register, cache memory, and network information are hard to make certain of a real-time collection because such volatile information are easily modified or disappeared. Thus, a collection of volatile information is one of important step for computer forensics system on ubiquitous computing. In this paper, we propose a volatile information collection module, which collects variable volatile information of server system based on memory mapping in real-time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.2
• /
• pp.486-503
• /
• 2023

Logs play an important role in mastering the health of the system, experienced operation and maintenance engineer can judge which part of the system has a problem by checking the logs. In recent years, many system architectures have changed from single application to distributed application, which leads to a very huge number of logs in the system and manually check the logs to find system errors impractically. To solve the above problems, we propose a method based on Message Middleware and ATT-GRU (Attention Gate Recurrent Unit) to detect the logs anomaly of distributed systems. The works of this paper mainly include two aspects: (1) We design a high-performance distributed logs collection architecture to complete the logs collection of the distributed system. (2)We improve the existing GRU by introducing the attention mechanism to weight the key parts of the logs sequence, which can improve the training efficiency and recognition accuracy of the model to a certain extent. The results of experiments show that our method has better superiority and reliability.

• International conference on construction engineering and project management
• /
• 2009.05a
• /
• pp.956-961
• /
• 2009

When construction engineers perform their work in the jobsite, they have to record as-built conditions in the project log (Data Collection). On the other hand, the engineers often have to refer to the construction documents when necessary at the job faces (Data Access). The practice of Data Collection and Data Access in the jobsite can be greatly enhanced by utilizing mobile computing with wireless communications. In this paper, two cases of mobile computing applications for construction field management are presented; Mobile Specifications System and Mobile Data Collection System. The demonstration of the process for developing two mobile applications is the primary purpose of the paper. The problems and issues involved with adopting mobile computing for construction field are also presented. The simple information framework for mobile computing has been also proposed as an outcome of the research. As for development tools, readily available relational database and wireless network have been used. The use of commercial mobile broadband was examined for data communication where local area network is not available.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.11
• /
• pp.2629-2636
• /
• 2015

Recently Big Data management have a rapid increases interest in IT field, much research conducting to solve a problem of real-time processing to Big Data. Lots of resources are required for the ability to store data in real-time over the network but there is the problem of introducing an analyzing system due to aspect of high cost. Need of redesign of the system for low cost and high efficiency had been increasing to solve the problem. In this paper, the document type of database, MongoDB, is used for design a log management system based a document type of database, that is good at big data managing. The suggested log management system is more efficient than other method on log collection and processing, and it is strong on data forgery through the performance evaluation.