Total: 8

Sunghyun Kim, Heejo , "Abnormal Policy Detection and Correction Using Overlapping Transition", Korea University, CIC-CCS-TR 10-001, Jan. 5. 2010.
Policy in security devices such as firewalls and Network Intrusion Prevention Systems( NIPS) is usually implemented as a sequence of rules. This allows network packets to proceed or to be discarded based on rule’s decision. Since attack methods are increasing rapidly, a huge number of security rules are generated and maintained in security devices. Under attack or during heavy traffic, the policy configured wrong creates security holes and prevents the system from deciding quickly whether to allow or deny a packet. Anomalies between the rules occur when there is overlap among the rules. In this paper, we propose a new method to detect anomalies among rules and generate new rules without configuration error in multiple security devices as well as in a single security device. The proposed method cuts the overlap regions among rules into minimum overlap regions and finds the abnormal domain regions of rules’ predicates. Classifying rules by the network traffic flow, the proposed method not only reduces computation overhead but blocks unnecessary traffic among distributed devices.
Wan Yeon Lee, Hyogon Kim, Heejo Lee, "Energy-Efficient Scheduling of a Real-Time Task on DVFS-Enabled Multi-Cores", Korea University, CIC-CCS-TR 08-001, Aug. 18. 2008.
TV and video streaming on mobile devices is fast becoming reality, thanks to recent technical developments such as broadband wireless communication and packetized video services. In order to maximize the quality and lifetime of mobile video services, their energy-efficient processing is crucial. Even though processors on mobile devices are evolving into multi-core architectures, little work has been done for their energy-efficient scheduling. of real-time video tasks on a multi-core processor. In this paper, we propose an energy-efficient scheduling of a long-lived real-time video task running on DVFSenabled multi-core platforms. The proposed scheduling minimizes the energy consumption by executing the task in parallel on an appropriate number of cores with the other cores powered off, and assigning as lower frequency as possible while meeting the deadline. Evaluation shows that the scheduling saves impressive amount of energy, up to 72% and 90% of energy consumed when executing the task on a single core and all cores respectively.
Wan Yeon Lee, Hyogon Kim, Heejo Lee, "Utility Maximized Scheduling for Uncertain Task Completions with Limited Energy Budget", Korea University, CIC-CCS-TR 08-002, Aug. 18. 2008.
The completion times of tasks are not always predictable, and scheduling such tasks under energy constrained environments has become an important issue. In this paper, we solve the utility maximization problem in the execution of multiple tasks under a resource constraint. The tasks have probabilistic execution times and are executable on discrete operation modes having different utilities with different resource requirements. Armed with the theoretical solution to the problem, we design two adaptive scheduling methods that efficiently work for the tasks having widely varying execution times under a limited energy budget: Optimal Method and Approximate Method. The Optimal Method statistically yields the maximum utility at the cost of heavy run-time overhead. The Approximate Method, on the other hand, provides a near-maximum utility with much less overhead, where the utility decrease is bounded. Extensive experiments on the adaptive MPEG streaming of multimedia tasks show that the proposed methods give higher utility, by up to about 150%, than existing methods that solve for the worst-case execution time.
Keun Park, Heejo Lee, "A Taxonomy of Online Game Security", Encyclopedia of Internet Technologies and Applications, Oct. 31. 2007.
online games face many threats (Chen, Hwang, Song, Yee, & Korba, 2005). An attacker who comprehends the mechanism of online games attempts to lead a game to his favor with malicious actions. This generates unfair advantage for fun or profit (Pritchard, 2001). Online game cheating has not been a simple problem because it is the primary reason an honest player quits the game if he or she had experienced unfair playing from a cheater. Therefore, an online game designer should consider online game security seriously (Yan & Choi, 2002).
Kihong Park, Heejo Lee, "A Proactive Approach to Distributed DoS Attack Prevention using Route-Based Packet Filtering", Purdue University, CSD-TR-00-017, CERIAS-TR-2001-40, Dec. 2000.
Denial-of-service(DoS) attack on the Internet has become a pressing problem. In this paper, we describe, analyze and evaluate route-based distributed packet filtering(DPF), a novel approach to distributed DoS (DDoS) attack prevention. We show that there is an intimate relationship between the effectiveness of DPF at mitigating DDoS attacks and power-law network topology. We evaluate performance using Internet autonomous system and artificially generated topologies. The salient features of this work are two-fold. First, we show that DPF is able to proactively filter out a significant fraction of spoofed packet flows and prevent attack packets from reaching their targets in the first place. The IP folws that cannot be proactively curtailed are extremely sparse such that their origin can be localized - i.e. IP traceback - to within a small, constant number of candidate sites. We show that the two proactive and reactive performance effects can be achieved by implementing route-based filtering on less than 20% of Internet autonomous system(AS) sites. Second, we show that the two complementary performance measures are dependent on the properties of the underlying AS graph topology leads to connectivity properties which are crucial in facilitating the observed performance effects. As a DDoS prevention architecture, DPF is able to emulate the IP traceback prowess of probabilistic packet marking, while alleviating the latter's three principal packet marking, while alleviating the latter's three principal weakness. (1) need to inscribe link information in the IP packet header, (2) reactiveness - traceback occurs after the impact of DoS attack has been felt - and (3) scalability where the effort needed to achieve IP traceback grows proportionally with the number of attack hosts engaged in a DDoS attack.
Kihong Park, Heejo Lee, "On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack", Department of Computer Sciences, Purdue University, CSD-TR 00-013, Jun. 10. 2000.
Effective mitigation of denial of service (DoS) attack is a pressing problem on the Internet. In many instances, DoS attacks can be prevented if the spoofed source IP address is traced back to its origin which allows assigning penalties to the offending party or isolating the compromised hosts and domains from the rest of the network. Recently IP traceback mechanisms based on probabilistic packet marking (PPM) have been proposed for achieving traceback of DoS attacks. In this paper, we show that probabilistic packet marking
Heejo Lee, Jong Kim, Sungjehong, Sunggu Lee, "Parallelizing matrix chain products", Pohang University of Science and Technology, CS-HPC-97-003, 1997.
The problem of finding an optimal product sequence for sequential multiplication of a chain of matrices the matrix chain ordering problem MCOP is well-known and has been studied for a long time. In this paper, we consider the problem of finding an optimal product schedule for evaluating a chain of matrix products on a parallel computer the matrix chain scheduling problem - MCSP. The difference between the MCSP and the MCOP is that the MCOP pertains to a product sequence for single processor systems and the MCSP pertains to a sequence of concurrent matrix products for parallel systems. The approach of parallelizing each matrix product after finding an optimal product sequence for single processor systems does not always guarantee the minimum evaluation time on parallel systems since each parallelized matrix product may use processors ine ciently. We introduce a new processor scheduling algorithm for the MCSP which reduces the evaluation time of a chain of matrix products on a parallel computer even at the expense of a slight increase in the total number of operations. Given a chain of n matrices and a matrix product utilizing at most P/k processors in a P-processor system, the proposed algorithm approaches k(n-1)/(n+klog(k)-k) times the performance of parallel evaluation using the optimal sequence found for the MCOP. Also experiments performed on a Fujitsu AP multicom puter show that the proposed algorithm significantly decreases the time required to evaluate a chain of matrix products in parallel systems.
Jong Kim, Heejo Lee, Sunggu Lee, "Load Balancing Process Allocation in Fault-Tolerant Multicomputers", Pohang University of Science and Technology, CS-95-001, 1995.