Total: 8
Sunghyun Kim, Heejo , "Abnormal Policy Detection and Correction Using Overlapping Transition", Korea University, CIC-CCS-TR 10-001, Jan. 5. 2010. | |
Policy in security devices such as firewalls and Network Intrusion Prevention Systems(
NIPS) is usually implemented as a sequence of rules. This allows network packets
to proceed or to be discarded based on rule’s decision. Since attack methods are increasing
rapidly, a huge number of security rules are generated and maintained in security
devices. Under attack or during heavy traffic, the policy configured wrong creates security
holes and prevents the system from deciding quickly whether to allow or deny a
packet. Anomalies between the rules occur when there is overlap among the rules. In
this paper, we propose a new method to detect anomalies among rules and generate new
rules without configuration error in multiple security devices as well as in a single security
device. The proposed method cuts the overlap regions among rules into minimum
overlap regions and finds the abnormal domain regions of rules’ predicates. Classifying
rules by the network traffic flow, the proposed method not only reduces computation
overhead but blocks unnecessary traffic among distributed devices.
|
|
Wan Yeon Lee, Hyogon Kim, Heejo Lee, "Energy-Efficient Scheduling of a Real-Time Task on DVFS-Enabled Multi-Cores", Korea University, CIC-CCS-TR 08-001, Aug. 18. 2008. | |
TV and video streaming on mobile devices is fast becoming reality, thanks to recent technical
developments such as broadband wireless communication and packetized video services. In order to
maximize the quality and lifetime of mobile video services, their energy-efficient processing is crucial.
Even though processors on mobile devices are evolving into multi-core architectures, little work has
been done for their energy-efficient scheduling. of real-time video tasks on a multi-core processor. In this
paper, we propose an energy-efficient scheduling of a long-lived real-time video task running on DVFSenabled
multi-core platforms. The proposed scheduling minimizes the energy consumption by executing
the task in parallel on an appropriate number of cores with the other cores powered off, and assigning
as lower frequency as possible while meeting the deadline. Evaluation shows that the scheduling saves
impressive amount of energy, up to 72% and 90% of energy consumed when executing the task on a
single core and all cores respectively.
|
|
Wan Yeon Lee, Hyogon Kim, Heejo Lee, "Utility Maximized Scheduling for Uncertain Task Completions with Limited Energy Budget", Korea University, CIC-CCS-TR 08-002, Aug. 18. 2008. | |
The completion times of tasks are not always predictable, and scheduling such tasks under energy
constrained environments has become an important issue. In this paper, we solve the utility maximization
problem in the execution of multiple tasks under a resource constraint. The tasks have probabilistic
execution times and are executable on discrete operation modes having different utilities with different
resource requirements. Armed with the theoretical solution to the problem, we design two adaptive
scheduling methods that efficiently work for the tasks having widely varying execution times under a
limited energy budget: Optimal Method and Approximate Method. The Optimal Method statistically yields
the maximum utility at the cost of heavy run-time overhead. The Approximate Method, on the other
hand, provides a near-maximum utility with much less overhead, where the utility decrease is bounded.
Extensive experiments on the adaptive MPEG streaming of multimedia tasks show that the proposed
methods give higher utility, by up to about 150%, than existing methods that solve for the worst-case
execution time.
|
|
Keun Park, Heejo Lee, "A Taxonomy of Online Game Security", Encyclopedia of Internet Technologies and Applications, Oct. 31. 2007. | |
online games face many threats (Chen,
Hwang, Song, Yee, & Korba, 2005). An attacker who
comprehends the mechanism of online games attempts
to lead a game to his favor with malicious actions. This
generates unfair advantage for fun or profit (Pritchard,
2001). Online game cheating has not been a simple
problem because it is the primary reason an honest
player quits the game if he or she had experienced
unfair playing from a cheater. Therefore, an online
game designer should consider online game security
seriously (Yan & Choi, 2002).
|
|
Kihong Park, Heejo Lee, "A Proactive Approach to Distributed DoS Attack Prevention using Route-Based Packet Filtering", Purdue University, CSD-TR-00-017, CERIAS-TR-2001-40, Dec. 2000. | |
Denial-of-service(DoS) attack on the Internet has become a pressing problem.
In this paper, we describe, analyze and evaluate route-based distributed packet
filtering(DPF), a novel approach to distributed DoS (DDoS) attack prevention.
We show that there is an intimate relationship between the effectiveness of
DPF at mitigating DDoS attacks and power-law network topology. We evaluate
performance using Internet autonomous system and artificially generated topologies.
The salient features of this work are two-fold. First, we show that DPF is able to
proactively filter out a significant fraction of spoofed packet flows and
prevent attack packets from reaching their targets in the first place. The IP
folws that cannot be proactively curtailed are extremely sparse such that their
origin can be localized - i.e. IP traceback - to within a small, constant number
of candidate sites. We show that the two proactive and reactive performance
effects can be achieved by implementing route-based filtering on less than 20%
of Internet autonomous system(AS) sites. Second, we show that the two complementary
performance measures are dependent on the properties of the underlying AS graph
topology leads to connectivity properties which are crucial in facilitating the
observed performance effects.
As a DDoS prevention architecture, DPF is able to emulate the IP traceback
prowess of probabilistic packet marking, while alleviating the latter's
three principal packet marking, while alleviating the latter's three principal
weakness. (1) need to inscribe link information in the IP packet header, (2)
reactiveness - traceback occurs after the impact of DoS attack has been felt
- and (3) scalability where the effort needed to achieve IP traceback grows
proportionally with the number of attack hosts engaged in a DDoS attack.
|
|
Kihong Park, Heejo Lee, "On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack", Department of Computer Sciences, Purdue University, CSD-TR 00-013, Jun. 10. 2000. | |
Effective mitigation of denial of service (DoS) attack is a pressing
problem on the Internet. In many instances, DoS attacks can be prevented
if the spoofed source IP address is traced back to its origin which
allows assigning penalties to the offending party or isolating the compromised
hosts and domains from the rest of the network. Recently IP traceback
mechanisms based on probabilistic packet marking (PPM) have been
proposed for achieving traceback of DoS attacks. In this paper, we show
that probabilistic packet marking
|
|
Heejo Lee, Jong Kim, Sungjehong, Sunggu Lee, "Parallelizing matrix chain products", Pohang University of Science and Technology, CS-HPC-97-003, 1997. | |
The problem of finding an optimal product sequence for sequential multiplication of a
chain of matrices the matrix chain ordering problem MCOP is well-known and has been
studied for a long time. In this paper, we consider the problem of finding an optimal product schedule for evaluating a chain of matrix products on a parallel computer the matrix
chain scheduling problem - MCSP. The difference between the MCSP and the MCOP is
that the MCOP pertains to a product sequence for single processor systems and the MCSP
pertains to a sequence of concurrent matrix products for parallel systems. The approach
of parallelizing each matrix product after finding an optimal product sequence for single
processor systems does not always guarantee the minimum evaluation time on parallel systems since each parallelized matrix product may use processors ine ciently. We introduce
a new processor scheduling algorithm for the MCSP which reduces the evaluation time of
a chain of matrix products on a parallel computer even at the expense of a slight increase
in the total number of operations. Given a chain of n matrices and a matrix product utilizing at most P/k processors in a P-processor system, the proposed algorithm approaches
k(n-1)/(n+klog(k)-k) times the performance of parallel evaluation using the optimal
sequence found for the MCOP. Also experiments performed on a Fujitsu AP
multicom puter show that the proposed algorithm significantly decreases the time required to evaluate
a chain of matrix products in parallel systems.
|
|
Jong Kim, Heejo Lee, Sunggu Lee, "Load Balancing Process Allocation in Fault-Tolerant Multicomputers", Pohang University of Science and Technology, CS-95-001, 1995. | |