• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2213-2216
• /
• 2003

단일 호스트 환경에 특화되어 설계되어온 기존 침입탐지 시스템(Intrusion Detection System: IDS)은 침입 시 도메인의 보호만을 그 목적으로 하는 수동적인 성격으로써, 새로운 공격 기법에 대한 탐지 및 대응, 그리고 보다 그 규모가 큰 네트워크로의 확장 면에서 구조적인 결함을 가지고 있다. 이러한 IDS의 구조적 문제점의 해결방안으로 액티브 네트워크 기반의 IDS 에 관한 연구가 진행되고 있다. 액티브 네트워크(Active network)란 패킷 스위칭 네트워크 상에 프로그램 가능한 라우터 등인 액티브 노드들을 배치하고, 사용자의 요구에 상응하는 적절한 연산을 위한 데이터와 프로그램으로 구성된 스마트 패킷(smart packet)에 대하여 수행 가능하게 하는 접근 방법이다. 본 논문에서는 이를 기반으로 자율적이며 지능적인 에이전트로 구성된 멀티 에이전트 기술을 액티브 노드에 적용함으로써 기존 IDS 보안메커니즘에서 보다 러 진보된 능동적이고 적극적인 대응을 위한 보안 메커니즘을 제공하여 네트워크 공격에 의한 피해 최소화와 신속한 대응이 가능한 멀티 에이전트 기반 공격 대응 메커니즘을 제시하고, 이를 적용 가능한 액티브 네트워크 기반 프레임 설계를 제안한다.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2003.11a
• /
• pp.139-144
• /
• 2003

Mobile Node has to maintain communication as they move form place to place, so it doesn't guarantee Quality of Service(QoS). Fast Handoff is important to provide multimedia and real-time applications services in mobile, and it is closely related to handoff delay. Therefore, handoff delay problem is actively studied to quarantee QoS as a main issue in mobile IP research area. Next generation Mobile IPv6 resolve this problem somewhat, triangle problem for first packet and handoff delay still remain. In this paper, we suggest SNMP Information-based routing that adds keyword management method to Information-based routing in active network in order to resolve such a problem, and then suggest QoS controlled handoff based on SNMP Information-Based routing. After modeling of suggested method and existing handoff method, simulations are carried out with NS-2 for performance evaluation. The results of simulations show the some improvement on handoff delay, and therefore on QoS improvement.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.833-836
• /
• 2012

외부에서 특정 네트워크의 방화벽 정책을 추론하기 위해서는 Active Probing 을 이용한 탐지 패킷의 응답을 분석하여야 한다. 하지만, 외부에서 특정 네트워크로 탐지 패킷을 어떻게 전송하는가에 따라 방화벽에서 네트워크 공격으로 탐지되기 때문에 무분별하게 탐지 패킷을 전송하는 방법은 위험하다. 본 논문에서는 방화벽 장비가 Active Probing 을 이용한 방화벽 정책 추론 방법에 어떠한 영향을 주는지에 대해서 분석한다. 그리고 실제 방화벽 정책과 추론된 방화벽 정책을 비교하여 방화벽 정책 추론 방법의 정확성을 검증한다.

• Korean Journal of Exercise Nutrition
• /
• v.14 no.2
• /
• pp.81-86
• /
• 2010

The purpose of this study was to identify the factors associated with child's Body Mass Index (BMI) and physical activity. The participants (n = 133) were Korean juveniles (3^rd and 4^th graders) and their parents. They completed a questionnaire packet including the SPARK (Sports, Play, and Active Recreation for Kids) survey and the parent equivalent survey. Correlation, multiple linear regression and binary logistic regression analyses were applied to identify the association between child's BMI and 10 factors of SPARK as predict or variables. 25.6% of the participants were classified as overweight (21.1%) or obesity (4.5%). 3 parental factors including mother's BMI and frequency of mother's and father's physical activity were identified as significant predictors of children's BMI. The 10 variables accounted for 28% of the variance (p<.01) in the linear regression model. These results provide insight into parental factors which are related to a child's BMI and physical activity. Parental role modeling which refers to parents' efforts to model an active lifestyle for children plays an important role.

• 대한공업교육학회지
• /
• v.32 no.1
• /
• pp.134-152
• /
• 2007

This study deals with the development of computer program which can restrict students to access to the unallowable web sites during the Internet based class. Our suggested program can find the student's access list to the unallowable sites, display it on the teacher's computer screen. Through the limitation of the student's access, teacher can enhance the efficiency of class and fulfill his educational purpose for the class. The use of our results leads to the effective and safe utilization of the Internet as the teaching tools in the class. Meanwhile, the typical method is to turn off the LAN (Local Area Network) power in order to limit the student's access to the unallowable web sites. Our program has been developed on the Linux operating systems in the small network environment. The program includes following five functions: the translation function to change the domain name into the IP(Internet Protocol) address, the search function to find the active students' computers, the packet snoop to capture the ongoing packets and investigate their contents, the comparison function to compare the captured packet contents with the predefined access restriction IP address list, and the restriction function to limit the network access when the destination IP address is equal to the IP address in the access restriction list. Our program can capture all passing packets through the computer laboratory in real time and exactly. In addition, it provides teacher's computer screen with the all relation information of students' access to the unallowable sites. Thus, teacher can limit the student's unallowable access immediately. The proposed program can be applied to the small network of the elementary, junior and senior high school. Our research results make a contribution toward the effective class management and the efficient computer laboratory management. The related researches provides teacher with the packet observation and the access limitation for only one host, but our suggested program provides teacher with those for all active hosts.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.12
• /
• pp.9-17
• /
• 2003

In this paper we proposea method for estimating the bandwidth in next-generation If network. Especially, we concentrate on the edge routers accommodating the VoIP connections as well as a group of data connections. Bandwidth dimensioning is carried out at call level and packet level for voice traffic in the next-generation IP network. The model incorporates the statistical estimation approach at a call level for obtaining the number of voice connections simultaneously in the active mode. The call level model incorporates a statistical technique to compute the statistics of the number of active connections such as the mean and variance of the simultaneously connected calls in the network. The packet level model represents a load map for voice and data traffic by using non-preemptive M/G/1 queuing model with strict priority for voice over data buffer, From the proposed traffic model, we can derive a graph for upper bounds on the traffic load in terms of bandwidth for voice and data connections. Via numerical experiments we illustrate the implication of the work.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.9B
• /
• pp.610-618
• /
• 2005

As developed Internet and Computer Capability, Many Users take the many information through the network. So requirement of User that use to network was rapidly increased and become various. But it spend much time to accept user requirement on current network, so studied such as Active network for solved it. This Active node on Active network have the capability that stored and processed execution code aside from capability of forwarding packet on current network. So required execution code for executed packet arrived in active node, if execution code should not be in active node, have to take by request previous Action node and Code Server to it. But if this execution code take from previous active node and Code Server, bring to time delay by transport execution code and increased traffic of network and execution time. So, As used execution code stored in cache on active node, it need to increase execution time and decreased number of request. So, our paper suggest ANC caching technique that able to decrease number of execution code request and time of execution code by efficiently store execution code to active node. ANC caching technique may decrease the network traffic and execution time of code, to decrease request of execution code from previous active node.

• Journal of KIISE:Information Networking
• /
• v.36 no.5
• /
• pp.425-436
• /
• 2009

In recent years, the user demands have increased for multimedia service of high quality over the broadband convergence network. These rising demands for high quality multimedia service led the popularization of various user terminals and large scale display equipments, which needs a variety type of QoS (Quality of Service). In order to support demands for QoS, numerous research projects are in progress both from the perspective of network as well as end system; For example, at the network perspective, QoS guaranteeing by improving of internet performance such as Active Queue Management, while at the end system perspective, SVC (Scalable Video Coding) encoding scheme to guarantee media quality. However, existing AQM algorithms have problems which do not guarantee QoS, because they did not consider the essential characteristics of video encoding schemes. In this paper, it is proposed to solve this problem by deploying the TS- AQM (Temporal Scalability Active Queue Management) which employs the differentiated packet dropping for dependency of the temporal level among the frames, based on SVC encoding characteristics by exploiting the TID (Temporal ID) field of the SVC NAL unit header. The proposed TS-AQM guarantees multimedia service quality through video decoding reliability for SVC streaming service, by differentiated packet dropping when congestion exists.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.3A
• /
• pp.286-295
• /
• 2008

In this paper, we consider the use of orthogonal multiple beams (OMBs) to simultaneously achieve multi-user diversity and multiplexing gain in a packet-based wireless system. Previous OMB scheme considers the use of a fixed number of multiple beams equal to the number of transmit antennas. However, unless the number of active users is sufficiently large, the use of a fixed number of multiple beams may not provide desired performance due to the interference signal transmitted through other beams, being even worse than the use of a single beam. To alleviate this problem, we consider the adjustment of the number of beams in use to maximize the spectral efficiency according to the operating condition. Simulation results show the validity of the proposed scheme.

• Journal of Communications and Networks
• /
• v.15 no.1
• /
• pp.31-37
• /
• 2013

Mobile ad hoc networks (MANET) refers to a network designed for special applications for which it is difficult to use a backbone network. In MANETs, applications are mostly involved with sensitive and secret information. Since MANET assumes a trusted environment for routing, security is a major issue. In this paper we analyze the vulnerabilities of a pro-active routing protocol called optimized link state routing (OLSR) against a specific type of denial-of-service (DOS) attack called node isolation attack. Analyzing the attack, we propose a mechanism called enhanced OLSR (EOLSR) protocol which is a trust based technique to secure the OLSR nodes against the attack. Our technique is capable of finding whether a node is advertising correct topology information or not by verifying its Hello packets, thus detecting node isolation attacks. The experiment results show that our protocol is able to achieve routing security with 45% increase in packet delivery ratio and 44% reduction in packet loss rate when compared to standard OLSR under node isolation attack. Our technique is light weight because it doesn't involve high computational complexity for securing the network.