• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.8
• /
• pp.42-50
• /
• 2011

Recently, research activities on the future internet are being actively performed in foreign and domestic. In domestic, ETRI and 4 universities are focused on implementation of a testbed for research on the future internet named as 'FiRST(Future Internet Research for Sustainable Testbed)'. In the 'FiRST' project, 4 universities are performing a project in collaboration named as 'FiRST@PC' project that is for an implementation of the testbed using the programmable platform-based openflow switches. Currently, the research on the virtualization of the testbed is being performed that has a purpose for supporting an isolated network to individual researcher. In this paper, we implemented a traffic scheduler for providing QoS by using the programmable platform that performs a hardware-based packet processing and we are implemented a testbed using that traffic scheduler. We perform a performance evaluation of the traffic scheduler on the testbed. As a result, we show that the hardware-based NetFPGA scheduler can provide reliable and stable QoS to virtualized networks of the Future Internet Testbed.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.9
• /
• pp.35-46
• /
• 2011

Future Internet should support more efficient mobility management, flexible traffic engineering and various emerging new services. So, lots of traffic engineering techniques have been suggested and developed, but it's impossible to apply them on the current running commercial Internet. To overcome this problem, OpenFlow protocol was proposed as a technique to control network equipments using network controller with various networking applications. It is a software defined network, so researchers can verify their own traffic engineering techniques by applying them on the controller. In addition, for high-speed packet processing in the OpenFlow network, programmable NetFPGA card with four 1G-interfaces and commercial Procurve OpenFlow switches can be used. In this paper, we implement an OpenFlow test-bed using hardware-accelerated NetFPGA cards and Procurve switches on the KREONET, and implement CSPF (Constraint-based Shortest Path First) algorithm, which is one of popular QoS routing algorithms, and apply it on the large-scale testbed to verify performance and efficiency of multimedia traffic engineering scheme in Future Internet.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.4
• /
• pp.135-140
• /
• 2015

The WDSS improves defensive capacity against web application layer DDoS attack by using web cache server and L7 switch which are added on the DDoS shelter system. When web DDoS attack occurs, security agents divert traffic from backbone network to sub-network of the WDSS and then DDoS protection device and L7 switch block abnormal packets. In the meantime, web cache server responds only to requests of normal clients and maintains stable web service. In this way, the WDSS can counteract the web DDoS attack which generates small traffic and depletes server-client session resource. Furthermore, the WDSS does not require IP tunneling because it is not necessary to retransfer the normal requests to original web server. In this paper, we validate operation of the WDSS and verify defensive capability against web application layer DDoS attacks. In order to do this, we built the WDSS on backbone network of an ISP. And we performed web DDoS tests by using a testing system that consists of zombie PCs. The tests were performed by three types and various amounts of web DDoS attacks. Test results suggest that the WDSS can detect small traffic of the web DDoS attacks which do not have repeat flow whereas the formal DDoS shelter system cannot.

• Smart Media Journal
• /
• v.8 no.2
• /
• pp.29-38
• /
• 2019

With the advancement of information and communication technology, tactical networks are continuously being converted to All-IP future tactical networks that integrate all application services based on Internet protocol. Futuristic tactical mesh network is built with tactical WAN (wide area network) nodes that are inter-connected by a mesh structure. In order to guarantee QoS (quality of service) of application services, tactical service mesh (TSM) is suggested as an intermediate layer between infrastructure and application layers for futuristic tactical mesh network. The tactical service mesh requires dynamic QoS monitoring and control for intelligent QoS coordination. However, legacy networking nodes used for existing tactical networks are difficult to support these functionality due to inflexible monitoring support. In order to resolve such matter, we propose a tactical mesh WAN node as a hardware/software co-designed networking node in this paper. The tactical mesh WAN node is conceptually designed to have multi-access networking interfaces and virtualized networking switches by leveraging the DANOS whitebox server/switch. In addition, we explain how to apply eBPF-based traffic monitoring to the tactical mesh WAN node and verify the traffic monitoring feasibility for supporting QoS coordination of tactical-mesh traffic.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.6
• /
• pp.1107-1114
• /
• 2004

System Packet Interface Level 4 Phase 2(SPI-4.2) is an interface for packet and cell transfer between a physical layer(PHY) device and a link layer device, for aggregate bandwidths of OC-192 ATM and Packet Over Sonet/SDH(POS), as well as 10Gbps Ethernet applications. SPI-4.2 core consists of Tx and Rx modules and supports full duplex communication. Tx module of SPI-4.2 core writes 64-bit data word and 14-bit header information from the user interface into asynchronous FIFO and transmits DDR(Double Data Rate) data over PL4 interface. Rx module of SPI-4.2 core operates in vice versa. Tx and Rx modules of SPI-4.2 core are designed to support maximum 256-channel and control the bandwidth allocation by configuring the calendar memory. Automatic DIP4 and DIP-2 parity generation and checking are implemented within the designed core. The designed core uses Xilinx ISE 5.li tool and is described in VHDL Language and is simulated by Model_SIM 5.6a. The designed core operates at 720Mbps data rate per line, which provides an aggregate bandwidth of 11.52Gbps. SPI-4.2 interface core is suited for line cards in gigabit/terabit routers, and optical cross-connect switches, and SONET/SDH-based transmission systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.1
• /
• pp.61-71
• /
• 2017

ARP Spoofing is a basic and core hacking technology for almost all sniffing. It makes change the flow of packets by faking the 2nd layer MAC address. In this paper we suggested an efficient hacking technology for sniffing remote servers in the switched network environment. The suggested 'Faked ARP Reply Unicast Spoofing' makes the bidirectional packets sniffing possible between the client and server, and it makes simplify the procedures for ARP sniffing and hacking program. In this paper we researched the network hacking and implementation technologies based on the suggested ARP spoofing. And we researched various types of servers hacking such as Root ID and PW of Telnet/FTP server, Root ID and PW of MySQL DB server, ID and PW of Web Portal Server, and account information and transaction history of Web Banking Server. And also we researched the implementation techniques of core hacking programs for the ARP Spoofing.

• Journal of KIISE:Computing Practices and Letters
• /
• v.6 no.2
• /
• pp.244-253
• /
• 2000

Since no single routing-switching combination performs the best under various different types of applications, a flexible network is required to support a range of polices. This paper introduces an implementation of a look-up table routing engine offering flexible routing and switching polices without performance degradation unlike those based on microprocessors. By deciding contents of look-up tables, the engine can implement wormhole routing, virtual cut-through routing, and packet switching, as well as hybrid switching, under a variety of routing algorithms. Since the routing engine has a piplelined look-up table architecture, the routing delay is as small as one flit, and thus it can overlap multiple routing actions without performance degradation in comparison with hardwired routers dedicated to a specific policy. Because four pipeline stages do not induce a hazard, expensive forwarding logic is not required. The routing engine can accommodate four physical links with a time shared cut-through bus or single link with a cross-bar switch. It is implemented using Xilinx 4000 series FPGA.

• The Journal of the Korea Contents Association
• /
• v.10 no.4
• /
• pp.45-54
• /
• 2010

In this paper, we propose a quality interworking control system to enhance user's quality satisfaction in NGN environment by controling QoS parameters related with QoE in network layer when service user's QoE using variance multimedia service is poor. The proposed system gathers QoS parameter information in network layer through control packet such as RTCP, and evaluates QoE of multimedia service using these QoS parameter information. Comparing the evaluated QoE with the measured QoE in application layer, QCS judges quality degradation, deduces related QoS parameters and decides relative importance of each parameter when QoE is lower than threshold value. QCS generates QoS control values which is based on routing and switching policy in service quality control system(SCS) and forwards them to SCS. Through this proposed system, service and network providers can provide multimedia services of enhanced quality to service users taking account of service characteristic and network performance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.4C
• /
• pp.308-315
• /
• 2002

Guaranteed frame rate (GFR) service has been defied to provide minimum cell rate (MCR) guarantees for virtual connections (VCs) carrying Internet traffic in ATM networks and allow them to fairly share residual bandwidth. The simplest switch implementation mechanism to support the GFR service in ATM networks consists of the frame-based generic cell rate algorithm (F-GCRA) frame classifier and the early packet discard (EPD)-like buffer acceptance algorithm in a single FIFO buffer. This mechanism is simple, but has foiled to guarantee the same bandwidth as an MCR to a VC that has reserved a relatively large MCR. This paper applies the packet spacing scheme to TCP traffic to alleviate its burstness, so as to guarantee a larger MCR to a VC. In addition, the random early detection (RED) scheme is added to the buffer acceptance algorithm in order to improve fairness in use of residual bandwidth. Simulation results show that the applied two schemes improve a quality of service (QoS) in the GFR service for the TCP traffic.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.1
• /
• pp.57-63
• /
• 2013

This paper suggests a method to implement a gateway model that enables an OPNET simulator to interwork with multiple real systems. In general, for two or more real systems to interwork with a simulator, the real systems need to be connected to a switch to form a link to the simulator. This method, however, is useful only when the models in the simulator represent the real systems that have transceivers and have no mobility. Otherwise, the method is not applicable for interworking of multiple real systems. A method to implement a gateway for the case is presented in the paper. The method includes modules that process packets transmitted via remote interrupts.