• Journal of KIISE:Information Networking
• /
• v.33 no.2
• /
• pp.113-130
• /
• 2006

Recently with the explosive growth of Internet applications, the attacks of hackers on network are increasing rapidly and becoming more seriously. Thus information security is emerging as a critical factor in designing a network system and much attention is paid to Network Intrusion Detection System (NIDS), which detects hackers' attacks on network and handles them properly However, the performance of current intrusion detection system cannot catch the increasing rate of the Internet speed because most of the NIDSs are implemented by software. In this paper, we propose a new high performance network intrusion using Network Processor. To achieve fast packet processing and dynamic adaptation of intrusion patterns that are continuously added, a new high performance network intrusion detection system using Intel's network processor, IXP1200, is proposed. Unlike traditional intrusion detection engines, which have been implemented by either software or hardware so far, we design an optimized architecture and algorithms, exploiting the features of network processor. In addition, for more efficient detection engine scheduling, we proposed task allocation methods on multi-processing processors. Through implementation and performance evaluation, we show the proprieties of the proposed approach.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11A
• /
• pp.1059-1067
• /
• 2006

AODV(Ad-hoc On-demand Distance Vector) routing protocol was devised for use of mobile nodes in Ad-hoc network. When we use the AODV routing protocol in Ad-hoc networks with high mobility, disturbance of optimized route path and link break occur. In order to solve the shortcomings, this paper proposes a new routing protocol in which new routing control messages are added to the existing AODV. The proposed protocol minimizes link break and transmission delay while is able to secure the optimized route path constantly in changes of network topology The performance of the proposed routing protocol was evaluated by using us2 network simulator. The actual Ad-hoc network test bed provides us the most reliable experimental data for Ad-hoc networks. In order to support this experimental environment, the dissertation also developed an efficient embedded system on which AODV routing protocol, NAT, Netfilter can run and other event message can be verified without declining efficiency. The correct operation of AODV routing protocol has been verified in both the Ad-hoc network test bed in which the embedded system was used, and Ad-hoc networks linked with Ethernet backbone network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.213-225
• /
• 2022

Containerization, a lightweight virtualization technology, enables agile deployments of enterprise-scale microservices in modern cloud environments. However, containerization also opens a new window for adversaries who aim to disrupt the cloud environments. Since microservices are composed of multiple containers connected through a virtual network, a single compromised container can carry out network-level attacks to hijack its neighboring containers. While existing solutions protect containers against such attacks by using network access controls, they still have severe limitations in terms of performance. More specifically, they significantly degrade network performance when processing packet payloads for L7 access controls (e.g., HTTP). To address this problem, we present BPFast, an eBPF/XDP-based payload inspection system for containers. BPFast inspects headers and payloads of packets at a kernel-level without any user-level components. We evaluate a prototype of BPFast on a Kubernetes environment. Our results show that BPFast outperforms state-of-the-art solutions by up to 7x in network latency and throughput.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.02a
• /
• pp.17-20
• /
• 2008

네트워크에서의 공격은 일반 사용자의 개인 정보 노출 및 국가 중요 네트워크에서의 불법 정보 노출 등 많은 위험 상황을 야기할 수 있다. 현재의 네트워크가 대규모화되고 고속화되고 있는 시점에서 기존의 저 수준의 공격이 아닌 다양한 기술이 접목된 네트워크 공격이 발생하고 있다. 이러한 공격의 영향을 실제 상황에서 분석하기에는 많은 어려움이 따르며 정확한 분석에 제약이 따르게 된다. 따라서 이러한 네트워크 공격을 모델링하고 침입탐지 및 차단을 모델링할 수 있는 시뮬레이션의 발달이 필요하다. 본 논문에서는 정상상태 모델, 공격 모델, 방어 모델로 이루어지는 네트워크 공격 및 방어 시뮬레이션 프레임워크를 제안하도록 하겠다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.721-724
• /
• 2011

UDT(UDP-based Data Transfer protocol)는 연구망과 같은 대용량 고속 네트워크에서 신속하고 안정적인 데이터 전송에 효율적인 전송 프로토콜이다. 하지만 네트워크가 혼잡한 상황이거나 데이터 패킷 손실이 발생할 경우 매우 공격적인 전송 메커니즘으로 인해 오히려 성능이 감소하는 경우가 발생한다. 본 논문에서는 네트워크 지연 예측을 통해 혼잡을 제어하는 TCP-Vegas 기법을 UDT에 적용하여 네트워크 상황에 보다 적응적인 UDT 혼잡제어 기법을 제안한다. 즉, 네트워크 라우터 큐에 빌드된 Diff 값을 미리 예측하고 Diff 값에 따라 UDT rate control을 조절하여 기존 방법보다 향상된 성능을 얻는다. 네트워크 시뮬레이터인 NS2를 통해 실험한 결과 패킷 손실이 없는 상황에서 최대 11%, 손실률 0.01%인 상황에서는 최대 31%의 성능 향상을 확인하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.717-720
• /
• 2011

고속 네트워크 환경에서 AR UDT(Adaptive Rate control UDT)는 표준 전송 프로토콜인 TCP에 비해 뛰어난 성능을 보인다. UDT(UDP-based Data Transfer)를 기반으로 하는 AR UDT의 혼잡제어는 네트워크 상태를 예측하여 패킷 간 전송시간을 변화시킴으로써 기존 UDT보다 향상된 성능을 보인다. 그러나 AR UDT는 네트워크 상태 예측의 오차가 클 뿐만 아니라 rate control만을 공격적으로 조절하기 때문에 수신 버퍼의 초과로 인해 안정적인 성능을 기대하기 어렵다. 본 논문에서는 AR UDT환경에서 네트워크 상태에 따라 적응적으로 혼잡제어를 하는 기법을 제안한다. RTT(Round Trip Time)의 변화량에 따라 네트워크 상태를 예측하여 flow control과 rate control을 적응적으로 조절한다. 네트워크 시뮬레이션 결과를 통하여 AR UDT에 비해 전송속도와 안정성이 향상되었음을 보였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1284-1287
• /
• 2008

그리드는 지리적으로 분산된 다양한 컴퓨팅 자원을 초고속 네트워크로 연결하여 고속 연산, 대용량 데이터 처리를 가능케 하는 기술이다. 그리드 컴퓨팅 자원을 안정적으로 지원하기 위해서는 표준화된 그리드 기술과 그리드 네트워크 자원에 대한 관리가 요구된다. 본 논문에서는 네트워크 자원관리를 위하여 네트워크 매니저를 그리드 표준화 기구인 OGF의 WSRF 요구 사항을 기반으로 설계하였다. 또한, 단계별로 추상화된 네트워크 토폴로지 모델을 채택하여 2 단계의 자원 예약과 예약 시간에 따른 자원 할당 및 해제를 수용할 수 있도록 설계하였다. 설계된 그리드 네트워크 매니저를 이용하여 GMPLS 기반의 제어 및 전송망에서 예약 시간을 통한 자원의 예약 및 할당을 실험하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.5
• /
• pp.1049-1057
• /
• 2017

In-vehicle multimedia systems are one of the most important factors in the automotive industry. Especially, multimedia systems are more important in advanced commercial vehicles such as premium express buses. In this paper, we proposed a multimedia streaming system architecture using MEP(MOST Ethernet Packets) for premium express buses based on MOST150. We have designed and implemented the prototype of proposed multimedia streaming system. We have designed a board based on i.MX6 to operate a proposed multimedia streaming system. The software has designed a multimedia system for premium express buses based on Android which is an open source platform. MOST(Media Oriented Systems Transport) is a high-speed multimedia network technology for in-vehicle multimedia system. The MOST network is able to manage up to 64 devices and ring topology is used basically. In addition, the MOST Network meets EMI(Electro-Magnetic Interference)/ EMC(Electro-Magnetic Compatibility) requirements because it uses plastic optical fibers(POF).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.83-86
• /
• 2007

The necessity of the high speed exclusive use server that connect digital measure instrument flag to internet and CPU use rate of measure flag uses other imbedded operating system with many general servers to verification & proofreading system in remotion. This research is objective that embody high speed network module for Site-Based remote verification & proofreading system and through internet digital measure instrument flag to remote verification & proofreading, TCP/IP Offload Engine processing and improved that is Imbedded TCP/IP stack for high speed networking.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.6
• /
• pp.1077-1082
• /
• 2007

The necessity of the high speed exclusive use server that connect digital measure instrument flag to internet and CPU use rate of measure flag uses other imbedded operating system with many general servers to verification & proofreading system in remotion. This research is objective that embody high speed network module for Site-Based remote verification & proofreading system and through internet digital measure instrument flag to remote verification & proofreading, TCP/IP Offload Engine processing and improved that is Imbedded TCP/IP stack for high speed networking.