• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.544-548
• /
• 2004

DHCP(Dynamic Host Configuration Protocol) is a protocol which dynamically allocates an IP address and/or host configuration parameters to a host. The DHCP client's address can be changed dynamically any time. For the possible communication with other system, the DHCP client has to inform its address to the DNS system with dynamic update facility. But the DNS dynamic update has a problem related to the security. So we proposed the efficient mechanism for the secure integration of DHCP and DNS by using DNS security extensions. The system also uses the DNS server as the certificate repository for the storing & retrieval of each other's certificate.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.6
• /
• pp.111-118
• /
• 2012

In this paper, a technique wherein the DHCP server has a restriction in providing the IP address to the computers that has no malicious bot curing vaccine is proposed, so that users will cooperate in the curing of malicious bot to avoid inconvenience. In order to provide restricted ip address periodically, the DHCP server makes a request of vaccine installation check for user's computer. Proposed technique is effective in the curing of malicious bot, because it does not depend on specific systems or organizations.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.4
• /
• pp.747-754
• /
• 2016

DHCP(Dynamic Host Configuration Protocol) is a protocol for efficiency and convenience of the IP address management. DHCP automatically assigns an IP address and configuration information needed to run the TCP/IP communication to individual host in the network. However, existing DHCP is vulnerable for network attack such as DHCP spoofing, release attack because there is no mutual authentication systems between server and client. To solve this problem, we have designed a new DHCP protocol supporting the following features: First, ECDH(Elliptic Curve Diffie-Hellman) is used to create session key and ECDSA(Elliptic Curve Digital Signature Algorithm) is used for mutual authentication between server and client. Also this protocol ensures integrity of message by adding a HMAC(Hash-based Message Authentication Code) on the message. And replay attacks can be prevented by using a Nonce. As a result, The receiver can prevent the network attack by discarding the received message from unauthorized host.

• Journal of Communications and Networks
• /
• v.7 no.4
• /
• pp.525-536
• /
• 2005

In an IP-based network, automated dynamic assignment of IP addresses is preferable. In most wired networks, a node relies on a centralized server by using dynamic host configuration protocol (DHCP) to obtain a dynamic IP address. However, the DHCP­based approach cannot be employed in a mobile ad hoc network (MANET) due to the uncertainty of any centralized DHCP server. That is, a MANET may become partitioned due to host mobility. Therefore, there is no guarantee to access a DHCP server. A general approach to address this issue is to allow a mobile host to pick a tentative address randomly, and then use duplicate address resolution (DAR) protocol to resolve any duplicate addresses. In this paper, an innovative distributed dynamic host configuration protocol designed to configure nodes in MANET is presented. The proposed protocol not only can detect the duplicate address, but also can resolve the problem caused by duplicate address. It shows that the proposed protocol works correctly and is more universal than earlier approaches. An enhanced version of DAR scheme is also proposed in this paper to solve the situation of duplicate MAC address. The new and innovative approach proposed in this paper can make the nodes in MANET provide services to other networks and avoid packets from being delivered to incorrect destinations.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.8
• /
• pp.1490-1494
• /
• 2006

Most network equipment is an embedded system designed to execute specific function. An embedded system is an electronic control system mixing hardware and software to execute only fixed function for the purpose of system, not confuter, performing diverse function for a wide use. Early embedded system executed only simple function, combining specific function with optimization, a micro size, and low power, but it has developed to meet complex and diverse system. The purpose of this study is to realize DHCP server based on embedded system. To achieve this, embedded Linux was ported in ez Bord-M01 mounted with Intel Strong ARM SA1110 processor, and ethernet-based network was constructed for network function. In this way, this study suggests embedded DHCP server where Window and Linux client hosts are dynamically configurated as network information by dynamically assigning network information in embedded board.

• The KIPS Transactions:PartC
• /
• v.16C no.6
• /
• pp.753-760
• /
• 2009

As it becomes increasingly important that Internet access is available anywhere at any time, providing MANET (Mobile Ad-Hoc Network) with the Internet access attracts more attention. The existing DHCP (Dynamic Host Configuration Protocol) address configuration schemes require message exchanges between MANET nodes and the DHCP server through multi-hop routes. Messages can be easily dropped in the wireless multi-hop communication environment and the address configuration may be instable and need long delay. In this paper, we propose a new address configuration scheme using the concept of address pool allocation. In the proposed scheme, the DHCP server assigns a part of its address pool to a node instead of a single address and the node can assign a part of its own address pool to its neighbor nodes. Through simulation studies, we show that our scheme yields about 77% of the address configuration delay and 61% of the control message overhead of the existing DHCP based mechanism.

• Journal of Korea Society of Industrial Information Systems
• /
• v.15 no.5
• /
• pp.1-9
• /
• 2010

Abstract The DHCP power saving system provides advantage to driving active participation in which users installs the power saving software by restricting IP address through the power management server. However, the problem with this approach is the vulnerability to IP spoofing attacks, therefore we need to solve the mistake that disrupt the entire network system rather than saving electric power. In this paper, we propose the authentication system that can implement the efficiency saving power by providing high security for the members' computer system of the public institutions based on the saving power system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.557-560
• /
• 2005

The purpose of this study is to realize DHCP server based on embedded system. To achieve this, embedded Linux was ported in ez Bord-M01 mounted with Intel Strong ARM SA1110 processor, and ethernet-based network was constructed for network function. In this way, this study suggests embedded DHCP server where Window and Linux client hosts are dynamically configurated as network information by dynamically assigning network information in embedded board.

• Journal of KIISE:Information Networking
• /
• v.31 no.6
• /
• pp.659-672
• /
• 2004

A Mobile Ad hoc Network (MANET) is a group of independent mobile computing nodes that consist of a multi-hop wireless network without a central administration or any infrastructure. Every node that wants to join a MANET must obtain an address for communication. Having a centralized DHCP server that provides addresses to nodes, we can easily and automatically obtain addresses. However, a MANET lacks any fixed infrastructure such as a DHCP server. We therefore propose a distributed address autoconfiguration approach for a MANET using a reserved address and optimistic Duplicated Address Detection (DAD). The reserved address helps to reduce the allocation latency, and the optimistic DAD guarantees the uniqueness of addresses and lessens communication overhead. We then suggest methods of handling network partition and network merging situations, and go on to evaluate our approach through simulations. The simulation result shows that our scheme guarantees the uniqueness of allocated address and considerably improves allocation latency and communication overheads.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11B
• /
• pp.979-986
• /
• 2006

DSTM is one of the 1Pv6/IPv4 transition mechanisms using IPv4-in-IPv6 tunneling for communication between IPv6 node with dual stack and Ipv4-only node. In DSTM, the DSTM server using the DHCPv6 is vulnerable to DoS attacks which can exhaust the IPv4 address pool. In this paper, an authentication model using a HRAA (Human Recognition Address Allocation) scheme was proposed to protect DHCP server against DoS attacks. The proposed authentication model in DSTM that uses an image file for verification is effective because only human can respond to the challenge for authenticated address allocation. The proposed model can be used anytime and anywhere in a DSTM domain, and is secure against DoS attacks.