• Journal of Communications and Networks
• /
• v.9 no.4
• /
• pp.428-437
• /
• 2007

Along with the development of network, more and more functions and services are required by users, while traditional network fails to support all of them. Although overlay is a good solution to some demands, using them in an efficient, scalable way is still a problem. This paper puts forward a framework on how to construct an efficient, scalable overlay mesh in real network. Main differences between other overlays and ours are that our overlay mesh processes some nice features including class-of-service(CoS) and traffic engineering(TE). It embeds the end-to-end optimal traffic control law which can distribute traffic in an optimal way. Then, an example is given for better understanding the framework. Particularly, besides good scalability, and failure recovery, it possesses other characteristics such as routing simplicity, self-organization, etc. In such an overlay mesh, an applicable source routing scheme called hierarchical source routing is used to transmit data packet based on UDP protocol. Finally, a guideline derived from a number of simulations is proposed on how to set various parameters in this overlay mesh, which makes the overlay more efficient.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.15 no.5
• /
• pp.635-642
• /
• 2012

The Packet radio C2OTM(Command and Control On The Move) for Command, Control and situational awareness in communication environment of current Combat Net Radio Network is required in a relay transmission techniques. This is to assure the reliability of information transfer, and extend Wireless Coverage and overcome Communication obstacles of mountainous terrain. For the reliability of information transmission in tactical environment, Ad hoc Networking is necessary considering communication environment and an appropriate application of error correction. In this study, We propose a on-demand SDR algorithm that is currently being applied the FEC, Golay, Repetition Code. This enhanced relay transfer uses Ack Reply in tactical operating environment of MIL-STD-188-220 Protocol.

• Journal of Institute of Control, Robotics and Systems
• /
• v.13 no.12
• /
• pp.1198-1206
• /
• 2007

It is common to use PC or Digital picture frame in stand-alone fashion to view images, movies, or to listen MP3 musics which are considered as multimedia contents, However, such existing methods have weakness for expanding network requirements or augmenting extra data, in such case inevitably requiring external devices. With keeping in mind for such expansion, in this study, we have suggested a new concepts of network module which may utilize an image server for data transmission, in the proposed module, data alarm packet was defined for alerting incoming data from the image server and it became possible to synchronize between the image server and device not only in wired but also in wireless environments through UART. The method consists of a control module for an image server and a synchronization module between the server and the device. We have also tested the feasibility for future commercial usages such as advertisements through performance evaluations.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.85-92
• /
• 2005

For an efficient role based access control in highly distributed computing environment to reduce management cost, we utilize attribute certificates. Especially highly distributed computing environments such as ubiquitous computing environments which cannot have global or broad control, need another attribute certificate management technique. The techniques for transmission of the attribute certificates and management of the group keys should be considered to reduce management cost. For better performance we structure attribute certificates. We group roles and make the role group relation tree. It results secure and efficient role renewing and distribution. For scalable attribute certificate distribution, multicasting packets are used. We take into account the packet loss and quantifying performance enhancements of structuring attribute certificates.

• Journal of Communications and Networks
• /
• v.9 no.3
• /
• pp.319-329
• /
• 2007

This paper presents a price-based quality-of-service (QoS) control framework for two-class network services, in which circuit-switched and packet-switched services are defined as "premium service class" and "best-effort service class," respectively. Given the service model, a customer may decide to use the other class as a perfect or an imperfect substitute when he or she perceives the higher utility of the class. Given the framework, fixed-point problems are solved numerically to investigate how static pricing can be used to control the demand and the QoS of each class. The rationale behind this is as follows: For a network service provider to determine the optimal prices that maximize its total revenue, the interactions between the QoS-dependent demand and the demand-dependent QoS should be thoroughly analyzed. To test the robustness of the proposed model, simulations were performed with gradually increasing customer demands or network workloads. The simulation results show that even with substantial demands or workloads, self-adjustment mechanism of the model works and it is feasible to obtain fixed points in equilibrium. This paper also presents a numerical example of guaranteeing the QoS statistically in the short term-that is, through the implementation of pricing strategies.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.299-306
• /
• 2009

Followed by the popularity of the Internet, a number of access technologies to the Internet have been developed. EAP is an authentication framework. It is designed to provide the authentication functionality in the access network. Because of its flexibility and extensibility EAP poses a global solution for the authentication supported by many access networks. However, EAP has critical weaknesses in the protocol which may, in turn, decrease the EAP performance. Some of the weaknesses are caused by the "lock-step" flow control which only supports a single packet in flight. Considering the weaknesses, we propose a solution for the flow control. Using simulation we prove that our solutions improve the EAP performance.

• Nuclear Engineering and Technology
• /
• v.52 no.12
• /
• pp.2687-2698
• /
• 2020

Most of the machine learning-based intrusion detection tools developed for Industrial Control Systems (ICS) are trained on network packet captures, and they rely on monitoring network layer traffic alone for intrusion detection. This approach produces weak intrusion detection systems, as ICS cyber-attacks have a real and significant impact on the process variables. A limited number of researchers consider integrating process measurements. However, in complex systems, process variable changes could result from different combinations of abnormal occurrences. This paper examines recent advances in intrusion detection algorithms, their limitations, challenges and the status of their application in critical infrastructures. We also introduce the discussion on the similarities and conflicts observed in the development of machine learning tools and techniques for fault diagnosis and cybersecurity in the protection of complex systems and the need to establish a clear difference between them. As a case study, we discuss special characteristics in nuclear power control systems and the factors that constraint the direct integration of security algorithms. Moreover, we discuss data reliability issues and present references and direct URL to recent open-source data repositories to aid researchers in developing data-driven ICS intrusion detection systems.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.429-438
• /
• 2004

This Paper Presents the control structure for incoming traffic from arbitrary node to Provide admission control in policy-based W network management structure using fuzzy logic control approach. The proposed control structure uses scheme for deciding network resource allocation depending on requirements predefined-policies and network states. The proposed scheme enhances policy adapting methods of existing binary methods, and can use resource of network more effectively to provide adaptive admission control, according to the unpredictable network states for predefined QoS policies. Simulation results show that the proposed controller improves the ratio of packet rejection up to 26%, because it Performs the soft adaption based on the network states instead of accept/reject action in conventional CAC(Connection Admission Controller).

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.3
• /
• pp.19-27
• /
• 2011

Due to the growth of optical fiber network technologies, most networks recently support several tens of Gb/s bandwidth. UDT(UDP-based Data Transfer protocol) is an optimized protocol for bulk data transmission on the network, which has the high bandwidth and long delay time. It periodically controls the sending rate on the fixed sync-interval, 0.01 sec. Here, if the network traffic status varies quickly, available network bandwidth is not able to be properly utilized in-between the sync-intervals. In this paper, we propose an adaptive rate control method with considering the network traffic status in-between the sync-interval periods. The network traffic status is determined based on the RTT variances. With dividing the network status into four classes, the proposed method performs a new rate control by adjusting the inter-packet sending period for a corresponding class. As a simulation result, the proposed method improves the message delivery throughput as well as stability than that of the existing UDT Protocol.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.759-761
• /
• 2016

Recent changes in the information security environment have led to persistent attacks on intelligent assets such as cyber security breaches, leakage of confidential information, and global security threats. Since existing information security systems are not adequate for Advanced Persistent Threat; APT attacks, bypassing attacks, and attacks on encryption packets, therefore, continuous monitoring is required to detect and protect against such attacks. Accordingly, this paper suggests an operation plan for managing an information security system to block the attack routes of advanced persistent threats. This is achieved with identifying the valuable assets for prevention control by establishing information control policies through analyzing the vulnerability and risks to remove potential hazard, as well as constructing detection control through controlling access to servers and conducting surveillance on encrypted communication, and enabling intelligent violation of response by having corrective control through packet tagging, platform security, system backups, and recovery.