• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39A no.12
• /
• pp.708-717
• /
• 2014

In this paper, we present a secret key distribution protocol without resorting to a key management infrastructure targeting at providing a low-complexity distributed solution to wireless network. The proposed scheme extracts a secret key from the random fluctuation of wireless channels. By exploiting time division duplexing transmission, two legitimate users, Alice and Bob can have highly correlated channel gains due to channel reciprocity, and a pair of random bit sequences can be generated by quantizing the channel gains. We propose a novel adaptive quantization scheme that adjusts quantization thresholds according to channel variations and reduces the mismatch probability between generated bit sequences by Alice and Bob. BCH codes, as a low-complexity and pratical approach, are also employed to correct the mismatches between the pair of bit sequences and produce a secret key shared by Alice and Bob. To maximize the secret key extraction rate, the parameters, quantization levels and code rates of BCH codes are jointly optimized.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.5
• /
• pp.514-520
• /
• 2018

Presence service provides various information about users such as locations, status of on/offline and network access methods, and number of presence resources required by each users increases largely in mobile environment. Therefore an effective method which can reduce load of presence servers is needed. In this paper, a large scale distributed presence service system which can distribute effectively total presence system load of presence servers using message control session has been presented. This large scale distributed presence service system provides various presence information for massive volumes of users. In this study, a new message control session architecture which can dynamically distribute loads of the presence servers to multiple servers has been presented, and a new presence information data architecture for controlling load of the presence servers has been designed. In this architecture, each presence server can exchange current load level in real time to get variance of the total system load change according to user numbers, and can distribute system load to maintain load level of each server evenly. The performance of the proposed large scale distributed presence service system has been analysed by experiments. The results has been showed that average presence resource subscription processing time reduced from 42.6% to 73.6%, and average presence notification processing time reduced from 37.6% to 64.8%.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.985-996
• /
• 2004

In order to solve the increasing security problems, IDSs(Intrusion Detection System) have appeared. However, local IDSs have a limit to detect various intrusions in a large-scale network environment. So there are a lot of researches in progress which organize the elements of IDS in a distributed or hierarchical manner. In this paper, we design a integrated IDS which exchanges messages between them through the standardized message format (IDMEF) and communication protocol (IDXP). We also propose a policy profile for an effective control of IDSs, and employ the PKI mechanism for mutual authentication. We implement a prototype system for the proposed IDSs communicating with Snort and analyze its performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2709-2734
• /
• 2020

The growing demand to make wireless data services 5G compatible has necessitated the development of an energy-efficient approach for an effective new wireless environment. In this paper, we first propose a cognitive sensor node (CSN) based game theory for deriving energy via a primary user-transmitted radio frequency signal. Cognitive users' time was segmented into three phases based on a time switching protocol: energy harvest, spectrum sensing and data transmission. The proposed model chooses the optimal energy-harvesting phase as the effected factor. We further propose a distributed energy-harvesting model as a utility function via pricing techniques. The model is a non-cooperative game where players can increase their net benefit in a selfish manner. Here, the price is described as a function pertaining to transmit power, which proves that the proposed energy harvest game includes Nash Equilibrium and is also unique. The best response algorithm is used to achieve the green connection between players. As a result, the results obtained from the proposed model and algorithm show the advantages as well as the effectiveness of the proposed study. Moreover, energy consumption was reduced significantly (12%) compared to the benchmark algorithm because the proposed algorithm succeeded in delivering energy in micro which is much better compared to previous studies. Considering the reduction and improvement in power consumption, we could say the proposed model is suitable for the next wireless environment represented in 5G.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.116-120
• /
• 2011

In this paper, we have designed and implemented the integrated protocol gateway for the integration of CAN and Profibus networks. To do that, we used the Switched Ethernet as Backbone network, and each fieldbus network is connected by CAN/Ethernet or Profibus/Ethernet gateway, and each gateway perform the translation between fieldbus and Ethernet frames. Futhermore, we realized the real-time features in the environment of the Switched Ethernet by applying the distributed hard real-time scheduling algorithm among each gateways. To implement tht CAN/Ethernet and Profibus/Ethernet gateways, we used the Linux of kernel 2.6.31.12 real-time patched version(PREEMTED_RT), and we could verify successful message translation and real-time features through real implementation.

• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.532-543
• /
• 2004

Mobile Ad hoc NETworks (MANET) consist of mobile nodes which are usually powered by battery Approaches for minimizing power consumption have been proposed for all network layers and devices. IEEE 802.11 DCF (Distributed Coordination Function), a well-known medium access control protocol for MANETS, also defines a power save mode operation. The nodes in power save mode periodically repeat the awake state and the doze state in synchronized fashion. When all nodes are in the awake state, the exchange the announcements for the subsequent message transmission with neighbors. The nodes that send or receive the announcements stay awake for data transmission, and others go into the dole state. The previous works for enhancing the power save mode operation have focused on shortening the duration of the awake state. We observed that the longer sleeping period results in seriously long delivery latency and the consequent unnecessary power consumption as well, because the packets can move forward only one hop for a fixed interval. In this paper, we propose an improved protocol for the power save mode of IEEE 802.11 DCF, which allows the flooding packets to be forwarded several hops in a transmission period. Our approach does not reduce the duration of compulsory awake period, but maximizes its utilization. Each node propagates the announcements for next flooding to nodes of several hops away, thus the packets can travel multiple hops during one interval. Simulation results of comparison between our scheme and the standard show a reduction in flooding delay maximum 80%, and the unicasting latency with accompanying flooding flows near 50%, with slight increase of energy consumption.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.7
• /
• pp.118-127
• /
• 2010

Current TCP/IP-based Internet architecture has been used for over 30 years, however it will confront with fundamental problems due to new protocol extension limitation since communication environments will change drastically and various user requirements will be emerging in near future. To solve these problems, major countries have started Future Internet researches based on clean slate approach and they will deploy large-scale testbed to experiment and verify new functions. OpenFlow switch technology has been proposed as a new experimental technology for independent protocol that can utilized the legacy network devices and does not interfere with the production Internet traffic. Korea also started Future Internet testbed project called FIRST and OpenFlow switch with NetFPGA card will be used to deploy this testbed. To interconnect distributed testbed using OpenFlow switches, logical tunnel should be established by encapsulating MAC frame inside a unicast IP packet between OpenFlow switches because OpenFlow switches are not directly connected. In this paper, we have implemented a NetFPGA-based that performs MAC in IP tunneling between various OpenFlow switch sites implemented in domestic research network KOREN. The performance evaluation shows that the NetFPGA-based capsulator reveals better performance than the software-based tunneling and it can be utilized as a testbed for experimentation of Future Internet technologies.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.25 no.1A
• /
• pp.90-95
• /
• 2000

In the Ordered Core Based Tree(OCBT) protocol, a core location is the most important feature to affect the performance. In this paper, the location placement of multiple level cores is studied. The proposed algorithm isthat each node in the network evaluates a sum of shortest path costs from all the other nodes and the entirenetwork is divided into a hierarchy region to have 3-logical level(Small, Medium, Large). The node to have thelowest cost in each S-Region is decided to be a core node. Then, the core nodes in the each S-Region evaluatea sum of shortest path costs from all the other core nodes in the same M-Region. The core node to have thelowest cost is decided to be the upper level core node. Similarly the highest level core node is decided in theL-Region. The proposed algoritthm is compared with conventional two methods to put the core nodes in thenetwork One is the random method to put the core nodes randomly. The other is the center method to locatethe core node at the nearest node from the center of each S-Region and then to locate the highest level corenode at the nearest core node from the center of the entire network. Extensive simulations are performed in theview of mean tree cost and join latency. Simulation results show that the proposed algorithm has betterperformance than random method or center method.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.50-59
• /
• 2006

The new communication paradigm is rapidly shifted from wireless mobile networks to an All-IP(Internet Protocol) network, led by service industry leaders and communication manufacturers. In this paradigm, providing authentication and session keys of a subscriber becomes one of the critical tasks because of IP open accessibility among heterogeneous networks. In this paper, we introduce authentication process procedure of heterogeneous wireless mobile networks and develop so-called IMAS(Integrated Mobile Authentication Server) which can securely inter-work among all mobile networks and support the legacy networks with backward compatibility. Especially, in designing IMAS, mobile authentication inter-working mechanism, key management technique, and other issues to be overcome are presented. We analyze and evaluate the performance of authentication algorithm which creates session key. A simulation environment of IMAS is established, and a performance(TPS; Transaction Per Second) result is analyzed and evaluated. It turned out that IMAS works among heterogeneous wireless mobile networks without compensating efficiency and functionalities of the legacy networks and decrease the entropy of data redundancy and data inconsistency among networks because of the integrity of the distributed Data Base(DB).

• Journal of Internet of Things and Convergence
• /
• v.2 no.2
• /
• pp.37-49
• /
• 2016

An IP address is used as a host identifier and a locator to bind hosts and applications to their location in existing Internet. Several protocols are proposed to eliminate this binding. Most of these protocols use IPv6-based host identifiers to maintain compatibility with existing Internet, but these identifiers cannot be handled by standard IPv6 routers because such identifiers are unroutable. Therefore, host identifiers need to be usually converted to locators at hosts, and the standard IPv6 protocol should be modified to interoperate with these protocols. In this paper, we propose a network-based host identifier locator separating scheme in software-defined networking. The proposed scheme separates the underlying network into Host Identity and IP domains in order to directly forward unroutable identifiers. The Host Identity domain operates as an overlaid network over IP domain, and it makes the unroutable identifiers to be routable using distributed hash table based routing strategy. For the evaluation, we compared the proposed scheme with the previous scheme using signaling costs and packet delivery costs. The result shows that the proposed scheme is more suitable in the recent mobile-based environments.