Hyong-Shik Kim

A bluetooth-UPnP bridge for the wearable computing environment

This paper presents a software bridge connecting Bluetooth devices and the UPnP network using a virtual agent, which aims at the wearable computing environment. The bridge enables a non-IP Bluetooth device to work as an IP based UPnP device. Upon discovering a Bluetooth device, the bridge registers a corresponding UPnP virtual device and automatically generates its UPnP description using the extracted information. The experimental results show that the Bluetooth device can join the UPnP network and establish its service with negligible overhead.

IEEE 802.15.4 based service configuration mechanism for smartphone

Recent advances in wireless communication technologies have made it possible for even tiny consumer devices to communicate to host systems in a reliable way. Since it is now equipped with strong computational power and sufficient amount of memory, the smartphone could play a role as the host system. In this paper, a service configuration mechanism based on IEEE 802.15.4 will be proposed. The mechanism targets various consumer devices and is managed by the smartphone, which runs necessary middleware. It could discover an LR-WPAN device and run an appropriate application program for the device. The middleware also provides the high level APIs to develop the application program associated to the device. An experimental prototype shows that the middleware effectively works with LR-WPAN devices within expected latency ranges and that it provides a platform to host application programs.

Implementation and overhead analysis of a log-based intrusion recovery module on Linux file system

Most people always want to get reliable information, even if there are intrusions that illegitimate hacker damages to file systems through operations modifying, appending, and deleting files. To accomplish this, we need the recovery function with transparent to user and return to its former state. This paper proposes design and implementation of a log-based intrusion recovery module (LBIRM). It can keep the previous contents of designated files as a chain of logs and recover the damaged file by using the log.

Function partitioning methods for malware variant similarity comparison

There have been found many modified malwares which could avoid detection simply by replacing a sequence of characters or a part of code. Since the existing anti-virus program performs signature-based analysis, it is difficult to detect a malware which is slightly different from the well-known malware. This paper suggests a method of detecting modified malwares by extending a hash-value based code comparison. We generated hash values for individual functions and individual code blocks as well as the whole code, and thus use those values to find whether a pair of codes are similar in a certain degree. We also eliminated some numeric data such as constant and address before generating hash values to avoid incorrectness incurred from them. We found that the suggested method could effectively find inherent similarity between original malware and its derived ones.

Enhancing survivability of internet appliances using an on-the-fly packet filtering method

Internet appliances have been used for various application-specific purposes. One of the challenges regarding the appliance is to enhance its survivability when confronted with more traffic than could be processed. In this paper, we propose a simple on-the-fly packet filter that can classify some good packets as well as some bad (attack) packets from the given packet stream, thus effectively reducing the workload that actually goes to the appliance.