• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.466-468
• /
• 1999

현재 인터넷 프로토콜인 IPv4의 주소 부족 등의 문제를 해결하기 위해 차세대 인터넷 프로토콜 IPv6에 대한 연구가 활발히 진행되고 있다. 그러나 새로운 프로토콜 IPv6 상에서 기존의 다른 상위 프로토콜 및 응용이 어떠한 영향을 받게 될지는 의문이다. 한편, IPv6 상에서 새로운 프로토콜 및 응용을 개발할 때에 많은 시험이 요구된다. 이와 같은 이유로 인해 새로운 통신 프로토콜에 있어서 모니터링은 필수적이다. 그러나 지금까지의 많은 모니터링 라이브러리들은 텍스트에 기반하고 있으며, 그래픽 데이터를 제공하는 도구들도 대부분 통계정보의 제공에 초점을 두고 있다. 이를 두고 프로토콜이 그 표준에 따라 정확한 원리에 맞게 동작하는 지를 파악하는 데는 큰 도움이 되지 않고 있다. 이에 본 연구에서는 대상 프로토콜의 실제적인 동작 과정이나 원리를 알 수 있도록 그래픽 기반의 사용자 친화적 모니터링 도구를 제작한다. 이를 위해, 먼저 IPv6가 다른 프로토콜에 영향을 미칠 수 있는 사항들을 분석한다. 다음으로 본 교에 구축되어 있는 IPv6 호스트에 모니터링에 필요한 환경을 구축하고, Java Applet을 이용한 모니터 프로그램을 제작한다. 현재 개발하는 모니터 프로그램은 TCP의 슬라이딩 윈도우(Sliding Window) 기법에 관련된 사항을 모니터링 해주는 것으로 그 범위를 한정한다. 개발된 도구를 이용하여 IPv6 상에서 FTP가 TCP를 이용하여 파일을 전송하는 경우의 모니터링을 실시하고, 그 결과를 분석 제시한다. 이로써, 개발된사용자 친화적 모니터링 도구가 얼마나 쉽게 슬라이딩 윈도우 기법을 이해시켜 주고, 내포된 의미를 파악할 수 있게 해주는지를 알 수 있다.한 것으로 연구되었다. 정상조 직에 비해 산소가 부족하여 염기성대사(anaerobic metabolism)를 많이 함으로 그 부산물인 유산 (lactic acid)이 많이 생성됨으로 정상조직보다 pH가 낮아 암 조직이 정상조직에 비해 고온온열치료에 더 잘 듣는 원인이 된다. 3) 영양이 부족한 상태의 세포는 고온온열치료에 훨씬 예민하다. 4) 암조직은 혈관상태가 정상조직에 비해 좋지 않음으로 정상조직보다 쉽게 가온이 되며, 일단 가온된 온도는 잘 식지 않음으로 정상조직에 비해 훨씬 효율적이다. 5)고 온온열치료는 4$0^{\circ}C$~43.5 $^{\circ}C$정도에서만 이 작용이 일어남으로 정상인체에서 43$^{\circ}C$이상의 가온 은 쉽지 않음으로 이 효과는 암조직에서 주고 일어나게 된다. 6)고온온열치료는 방사선치료 후에 생기는 손상의 재생을 억제함으로 방사선의 치료효과를 높인다. 7)38.5$^{\circ}C$~41.5$^{\circ}C$의 낮 은 온도에서도 암조직의 산소 상태를 호전시켜 방사선 치료효과를 증대시키는 역할을 한다.alization)가 나타난다. 그러나 무의식에 대칭화만 있는 것은 아니며, 의식의 사고양식인 비대칭도 어느 정도 나타나며, 대칭화의 정도에 따라, 대상들이 잘 구분되어 있는 단계, 의식수준의 감정단계, 집단 내에서의 대칭화 단계, 집단간에서의 대칭화 단계, 구분이 없어지는 단계로 구분하였다.systems. We believe that this taxonomy is a significant contribution because it ad

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.4
• /
• pp.135-140
• /
• 2015

The WDSS improves defensive capacity against web application layer DDoS attack by using web cache server and L7 switch which are added on the DDoS shelter system. When web DDoS attack occurs, security agents divert traffic from backbone network to sub-network of the WDSS and then DDoS protection device and L7 switch block abnormal packets. In the meantime, web cache server responds only to requests of normal clients and maintains stable web service. In this way, the WDSS can counteract the web DDoS attack which generates small traffic and depletes server-client session resource. Furthermore, the WDSS does not require IP tunneling because it is not necessary to retransfer the normal requests to original web server. In this paper, we validate operation of the WDSS and verify defensive capability against web application layer DDoS attacks. In order to do this, we built the WDSS on backbone network of an ISP. And we performed web DDoS tests by using a testing system that consists of zombie PCs. The tests were performed by three types and various amounts of web DDoS attacks. Test results suggest that the WDSS can detect small traffic of the web DDoS attacks which do not have repeat flow whereas the formal DDoS shelter system cannot.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1631-1636
• /
• 2015

With the advance of wireless communication technology in terrestrial area, underwater communication is also evolving very fast from a simple point-to-point transmission to an elaborate networked communications. Underwater acoustic channel has quite different features comparing with the terrestrial radio channel in terms of propagation delay, Doppler shift, multipath, and path loss. Thus, existing technologies developed for terrestrial communication might not work properly in underwater channel. Especially medium access control (MAC) protocols which highly depend on propagation phenomenon should be newly designed for underwater network. CSMA/CA has drawn lots of attention as a candidate of underwater MAC protocol, since it is able to resolve a packet collision and the hidden node problem. However, a received signal could be degraded by the interferences from the nodes locating outside the receiver's propagation radius. In this paper, we study the effects of interference on the CSMA/CA based underwater network. We derived the SNR with the interference using the sonar equation and analyzed the degradation of the RTS/CTS effects. These results are compared with the terrestrial results to understand the differences. Finally we summarized the design considerations in CSMA/CA based underwater network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.11B
• /
• pp.1133-1141
• /
• 2009

In this paper, we present a distributed fault-tolerant topology control protocol that configure a wireless sensor network to achieve k-connectivity and (k+1)-coverage. One fundamental issue in sensor networks is to maintain both sensing coverage and network connectivity in order to support different applications and environments, while some least active nodes are on duty. Topology control algorithms have been proposed to maintain network connectivity while improving energy efficiency and increasing network capacity. However, by reducing the number of links in the network, topology control algorithms actually decrease the degree of routing redundancy. Although the protocols for resolving such a problem while maintaining sensing coverage were proposed, they requires accurate location information to check the coverage, and most of active sensors in the constructed topology maintain 2k-connectivity when they keep k-coverage. We propose the fault-tolerant topology control protocol that is based on the theorem that k-connectivity implies (k+1)-coverage when the sensing range is at two times the transmission range. The proposed distributed algorithm does not need accurate location information, the complexity is O(1). We demonstrate the capability of the proposed protocol to provide guaranteed connectivity and coverage, through both geometric analysis and extensive simulation.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.659-667
• /
• 2005

A Mobile Ad Hoc Network(MANET) is a multi hop wireless network with no prepared base stations or centralized administrations, where flocks of peer systems gather and compose a network. Each node operates as a normal end system in public networks. In addition to it, a MANET node is required to work as a router to forward traffic from a source or intermediate node to others. Each node operates as a normal end system in public networks, and further a MANET node work as a router to forward traffic from a source or intermediate node to the next node via routing path. Applications of MANET are extensively wide, such as battle field or any unwired place; however, these are exposed to critical problems related to network management, node's capability, and security because of frequent and dynamic changes in network topology, absence of centralized controls, restricted usage on network resources, and vulnerability oi mobile nodes which results from the special MANET's character, shared wireless media. These problems induce MANET to be weak from security attacks from eavesdropping to DoS. To guarantee secure authentication is the main part of security service In MANET because networks without secure authentication are exposed to exterior attacks. In this paper, a multistage authentication strategy based on CGSR is proposed to guarantee that only genuine and veritable nodes participate in communications. The proposed authentication model is composed of key manager, cluster head and common nodes. The cluster head is elected from secure nodes, and key manager is elected from cluster heads. The cluster head will verify other common nodes within its cluster range in MANET. Especially, ID of each node is used on communication, which allows digital signature and blocks non repudiation. For performance evaluation, attacks against node authentication are analyzed. Based on security parameters, strategies to resolve these attacks are drawn up.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.22 no.9
• /
• pp.1916-1932
• /
• 1997

The synchronous stream cipher which require absoulte clock synchronization has the problem of synchronization loss by cycle slip. Synchronization loss makes the state which sender and receiver can't communicate with each other and it may break the receiving system. To lessen the risk, we usually use a continuous resynchronization method which achieve resynchronization at fixed timesteps by inserting synchronization pattern and session key. While we can get resynchronization effectively by continuous resynchroniation, there are some problems. In this paper, we proposed an adaptive resynchronization algorithm for cipher system using HDLC protocol. It is able to solve the problem of the continuous resynchronization. The proposed adaptive algorithm make resynchronization only in the case that the resynchronization is occurred by analyzing the address field of HDLC. It measures the receiving rate of theaddress field in the decision duration. Because it make resynchronization only when the receiving rate is greateer than the threshold value, it is able to solve the problems of continuous resynchronization method. When the proposed adaptive algorithm is applied to the synchronous stream cipher system in packet netork, it has addvance the result in R_e and D_e.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.3
• /
• pp.45-58
• /
• 2020

In the current trend of increasing network traffic due to the popularization of cloud service and mobile devices, WAN bandwidth is very low compared to LAN bandwidth. In a WAN environment, a WAN optimizer is needed to overcome performance problems caused by transmission protocol, packet loss, and network bandwidth limitations. In this paper, we analyze the data deduplication algorithm of WANProxy, an open source WAN optimizer, and evaluate its performance in terms of network latency and WAN bandwidth. Also, we evaluate the performance of the two-stage compression method of WANProxy and Zstandard. We propose a new method to improve the performance of WANProxy by revising its data deduplication algorithm and evaluate its performance improvement. We perform experiments using 12 data files of Silesia with a data segment size of 2048 bytes. Experimental results show that the average compression rate by WANProxy is 150.6, and the average network latency reduction rates by WANProxy are 95.2% for a 10 Mbps WAN environment and 60.7% for a 100 Mbps WAN environment, respectively. Compared with WANProxy, the two-stage compression of WANProxy and Zstandard increases the average compression rate by 33%. However, it increases the average network latency by 2.1% for a 10 Mbps WAN environment and 5.27% for a 100 Mbps WAN environment, respectively. Compared with WANProxy, our proposed method increases the average compression rate by 34.8% and reduces the average network latency by 13.8% for a 10 Mbps WAN and 12.9% for a 100 Mbps WAN, respectively. Performance analysis results of WANProxy show that its performance improvement in terms of network latency and WAN bandwidth is excellent in a 10Mbps or less WAN environment while superior in a 100 Mbps WAN environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.4
• /
• pp.155-162
• /
• 2013

Routing protocol in ad hoc mobile networking has been an active research area in recent years. However, the environments of ad hoc network tend to have vulnerable points from attacks, because ad hoc mobile network is a kind of wireless network without centralized authentication or fixed network infrastructure such as base stations. Also, existing routing protocols that are effective in a wired network become inapplicable in ad hoc mobile networks. To address these issues, several secure routing protocols have been proposed: SAODV and SRPTES. Even though our protocols are intensified security of networks than existing protocols, they can not deal fluidly with frequent changing of wireless environment. Moreover, demerits in energy efficiency are detected because they concentrated only safety routing. In this paper, we propose an energy efficient secure routing protocol for various ad hoc mobile environment. First of all, we provide that the nodes distribute security information to reliable nodes for secure routing. The nodes constitute tree-structured with around nodes for token escrow, this action will protect invasion of malicious node through hiding security information. Next, we propose multi-path routing based security level for protection from dropping attack of malicious node, then networks will prevent data from unexpected packet loss. As a result, this algorithm enhances packet delivery ratio in network environment which has some malicious nodes, and a life time of entire network is extended through consuming energy evenly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1099-1116
• /
• 2019

Industrial control systems(ICS) are widely used in various industrial area and critical infrastructure. To mitigate security threats on ICS, the security assurance test for industrial control devices has been introduced and operating. The test includes testing of the security function of the device itself and testing of communication robustness. In this paper, we describe the security requirements of EDSA, Achilles, and Korea's TTA standard(security requirements for ICS). And also, we analyzed the characteristics of communication robustness test(CRT) of each certification. CRT verifies the device's operation of essential function while transmitting fuzzing and stress packets. Existing test methods are mostly focused on the embedded devices and are difficult to apply to various devices. We propose a method to test communication robustness which reflect the characteristics of control H/W, control S/W, field devices and network devices in ICS. In the future, we will apply the proposed communication robustness test to actual products and present solutions for arising issues.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.1
• /
• pp.9-16
• /
• 2023

Robots are expected to expand their scope of application to the military field and take on important missions such as surveillance and enemy detection in the coming future warfare. Swarm robots can perform tasks that are difficult or time-consuming for a single robot to be performed more efficiently due to the advantage of having multiple robots. Swarm robots require mutual recognition and collaboration. So they send and receive vast amounts of data, making it increasingly difficult to verify SW. Hardware-in-the-loop simulation used to increase the reliability of mission verification enables SW verification of complex swarm robots, but the amount of verification data exchanged between the HILS device and the simulator increases exponentially according to the number of systems to be verified. So communication overload may occur. In this paper, we propose a digital twin-based communication optimization technique to solve the communication overload problem that occurs in mission verification of swarm robots. Under the proposed Digital Twin based Multi HILS Framework, Network DT can efficiently allocate network resources to each robot according to the mission scenario through the Network Controller algorithm, and can satisfy all sensor generation rates required by individual robots participating in the group. In addition, as a result of an experiment on packet loss rate, it was possible to reduce the packet loss rate from 15.7% to 0.2%.