• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.41-51
• /
• 2009

Recently, there are many researches on security to remove vulnerability which is caused by wireless communication in wireless sensor networks. To guarantee secure communication, we should basically provide key management for each node, mutual authentication and key agreement protocol between two nodes. Although many protocols are presented to supply these security services, some of them require plentiful storage memory, powerful computation and communication capacity. In this paper, we propose a lightweight and efficient authentication and key agreement protocol between two sensor nodes, which is an enhanced version of Juang's scheme. In Juang's protocol, sensor node's information used to share a secret key should be transmitted to registration center via a base station. On the contrary, since node's information in our protocol is transmitted up to only base station, the proposed scheme can decrease computation and communication cost for establishing the shared key between two nodes.

• Annual Conference of KIPS
• /
• 2009.04a
• /
• pp.1214-1217
• /
• 2009

무선 센서 네트워크에서 각각의 센서 노드들은 무선 통신을 통해 서로 간에 통신을 수행한다. 과거에는 이러한 센서 노드간의 통신을 제 3 자로부터 안전하게 지키는 것이 중요한 보안 이슈였다. 특히 보안 서비스를 제공 하기 위한 키 관리 기법들이 주요 연구방향이었다. 하지만 안전하게 만들어진 확률론적 키(key)를 기반으로 하는 키 사전분배 방법은 공격받은 다른 노드로 인해 자신의 키가 노출 될 수 있다. 공격자는 노출된 공유키(shared key)를 통해 노출되지 않은 정상 노드(non-compromised node) 사이의 대칭키(pairwise key)를 얻을 수 있으며, 공격자는 네트워크에 심각한 영향을 줄 수 있는 메시지 삽입 및 수정 공격을 감행할 수 있다. 이와 같은 오용된 키를 폐기하고 메시지 삽입 및 수정 공격을 막기 위해 Liu and Dong 은 오용키 탐지 방법을 제안하였다. 하지만 이들의 방법에는 한계점이 있어 이를 보완하기 위한 에너지 효율적인 오용키 탐지 기법을 제안한다.

• Annual Conference of KIPS
• /
• 2008.11a
• /
• pp.1496-1499
• /
• 2008

DoS/DDoS로 대표되는 트래픽 폭주 공격은 대상 시스템뿐만 아니라 네트워크 대역폭 및 시스템 자원 등을 고갈시킴으로써 네트워크에 심각한 장애를 유발하기 때문에, 신속한 공격 탐지와 공격유형별 분류는 안정적인 서비스 제공 및 시스템 운영에 필수요건이다. 본 논문에서는 1) 데이터마이닝의 대표적인 분류 모델인 C4.5 알고리즘을 기반으로 SNMP MIB 정보를 사용하여 트래픽 폭주공격을 탐지하고 각 공격유형별 분류를 수행하는 시스템을 설계 및 구현하였다; 2) C4.5에서 추가적으로 제공하는 동작원리에 관한 규칙들을 상세히 분석함으로써 공격탐지 및 공격유형별 분류에 관한 시스템의 의미론적 해석을 시도하였다; 3) C4.5는 주어진 SNMP MIB의 속성들의 정보이익 값을 이용하여 예측모형을 구축하는 알고리즘으로, 특징선택 및 축소의 효과를 추가적으로 얻었다. 따라서 시스템의 운용 시, 제안된 모델은 전체 13개의 MIB 정보 중 5개의 MIB 정보만을 사용하여 보다 신속하고, 정확하며, 또한 가벼운 공격탐지 및 공격유형별 분류를 수행함으로써 네트워크 시스템의 자원관리와 효율적인 시스템 운영에 기여하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.2
• /
• pp.332-340
• /
• 2013

As a means for users to interact online, Social Network Service focuses on facilitating the building of social relation. Also, Social Network Service(SNS) provides various functions for managing relationships and sharing information based on relationships. Analyzing behavioral characteristics and the process of relationship formation can help to identify the characteristics of the model for online human relationship. In this paper, we analyze usage pattern based on characteristics posted messages of influential users in Twitter. Also, classifying Facebook users into influential group and uninfluential group based on the number of their social relations, we analyze and compare characteristics of relationship formation patterns of the two classified groups. In addition, we present characteristics of human relation model in social network according to the pattern analysis.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.131-145
• /
• 2004

Mobile IP has been designed only to maintain communications as mobile devices move from a place to a place, so it does not guarantee Quality of Service (QoS). Hierarchical MIPv6 improved QoS somewhat using Mobility Anchor Point(MAP), but QoS guarantee problem still remains. QoS in mobile IP is important to provide multimedia and real-timeapplications services in a mobile environment, and QoS is closely related to handoff delay. Therefore, handoff delay problem is actively studied as a main issue in mobile IP research area to guarantee QoS. In this paper, we suggest SNMP Information-based routing that adds keyword management method to Information-based routing in an active network in order to resolve such a problem, Suggested QoS controlled method and existing handoff method, simulations are carried out with NS-2 for performance evaluation. The results of simulations show an improvement on handoff delay, and consequently the QoS improvement.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.7
• /
• pp.293-302
• /
• 2013

Home network providers have many worries about providing home network services with an expandable, reliable, flexible and low-cost structure according to the expanding market environment. The existing client-server system has various problems such as complexity and high costs in providing home network services. In this paper we propose the P2P-SIP structure. P2P communication terminal supporting access of distributed resources provides functions which the existing SIP-based network devices have. Because diverse terminals in a home network access through networks, also, partitioning network domains with home gateways to manage, and applying the network-based PMIPv6(Proxy Mobile IPv6) technology considering mobility of terminals would help to have a more efficient home network structure. Especially, the proposed P2P-SIP structure proves itself as a very efficient structure to have an outstanding expandability among different home networks in a region, and to reduce maintenance costs.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38A no.3
• /
• pp.258-267
• /
• 2013

Recently, Proxy Mobile IPv6(PMIPv6) networks have been drawing attention as the mobility management protocol that uses limited wireless resources effectively. And the multicast, which is a core technology of the Internet broadcast system such as mobile IPTV, has been widely discussed mainly based on PMIPv6 network. However, PMIPv6-based multicast cannot support the global mobility directly between different PMIPv6 domains because PMIPv6 is basically designed for local mobility in single PMIPv6 domain. Moreover, PMIPv6-based multicast causes the disconnection of services because it does not solve the packet loss problem during binding and group joining procedure. In this paper, we propose a global mobility scheme that supports the seamless multicast service in PMIPv6 networks. The proposed scheme supports the global mobility due to the addition of extra signalling messages between LMAs. Also, it achieves low latency because it performs fast binding and group joining procedure. We present the simulation results which show that the proposed scheme achieves the global mobility with low latency through the NS-2 simulation.

• Journal of the military operations research society of Korea
• /
• v.33 no.2
• /
• pp.87-100
• /
• 2007

The aspect of future warfare is NCW(Network Centric Warfare) in accordance with the IT development, so MND have the planning of M-BcN(Military Broadband convergence Network) establishment as the basic system of NCW by the end of 2008. IPv6 address must be managed systematically as a essential element of NCW. In the previous study, it is designed on the basis of the present military information communication network topology. However, it makes some problems. First, it is difficult for present topology to adapt the future M-BcN which is different from the present military network topology. Second, it has defects of inefficiency of route aggregation and enlargement of routing table size. In this paper, we improved the route aggregation and routing table size by assigning the hierarchical address on the basis of M-BcN topology and adjusting the position of field identifying service network. Furthermore, it is proved by the network simulation program(OPNET 12.0).

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.410-415
• /
• 2013

Recently, as Internet enters WEB 2.0, many social network services through such as Facebook, Twitter and Youtube appeared. In these social network sites, users can easily make friends, join groups and access others personal information. Therefore, a malicious user can easily gather information of others. In order to protect user's personal information from the unauthenticated users, we propose privacy protection mechanism based on key assignment and user's trust level. A master-key is generated for each users and is segmented into a core-key and several sub-key. The master-key stores at the information owner's side and the sub-key will be distributed to requestor according to the relation and trust level. At last, in order to proof the efficiency, the performance of our proposed mechanism is compared with those of existing mechanisms.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.10B
• /
• pp.947-956
• /
• 2003

The current IP Routing Protocolspacket networks also need to provide the network QoS based of DiffServ, RSVP, MPLStraffic model which is standardized as IETF reference model for NGN. The first topic of this paper is to propose Traffic-Balanced Routing Protocol(TBRP) to process existing best effort traffic. TBRP will process low priority interactive data and background data which is not sensitive to dealy. Secondly Hierarchical Traffic-Traffic-Scheduling Routing Protocol(HTSRP) is also proposed. HTSRP is the hierarchical routing algorithm for backbone and access networkin case of fixed-wireless convergence network. Finally, HTSRP_Q is proposed to meet the QoS requirement when user want interactive or streaming packet service. This protocol will maximize the usage of resources of access layer based on the QoS parameters and process delay-sensitive traffic. Service classes are categorized into 5 types by the user request, such as conversational, streaming, high priority interactive, low priority interactive, and background class. It could be processed efficiently by the routing protocolstraffic model proposed in this paper. The proposed routing protocolstraffic model provides the increase of efficiency and stability of the next generation network thanks to the routing according to the characteristic of the specialized service categories.