• Journal of Digital Convergence
• /
• v.10 no.1
• /
• pp.49-57
• /
• 2012

The Internet succeeded because of the end-to-end principle which allowed anyone to add functionality to the network. However, as the internet is increasingly becoming the platform for smart IT applications such as VoIP, IPTV, Cloud Computing and Smart Phone, networks are now under increasing strain of traffic congestion and the absence of quality of service insurances. To date, the debate over internet rules has focused on network neutrality rather than network efficiency. This article emphasizes the well-functioning role of market mechanism for the efficient use and further development of the network. To maximize the value of the network, this article proposes a differential treatment to packets based on customer types, and a two-part tariff pricing rule to secure funding to expand and upgrade networks.

• Proceedings of the IEEK Conference
• /
• 2003.07c
• /
• pp.2537-2540
• /
• 2003

In this paper, an integrated monitoring system is implemented for industrial equipments which use different types of network protocols to communicate with other equipments. Dedicated gateway systems mate it difficult to modify or to add contents of network systems for communication with other systems. We suggest an integration method of effectively utilizing the general purpose gateway system (ETOS-l00A) which converts various types of protocols into TCP/IP protocol. To demonstrate the validity of the proposed integrated monitoring system, PLC-based automated inspection system is considered and the monitoring system is implemented using Visual Basic and HMI software.

• Journal of Institute of Control, Robotics and Systems
• /
• v.10 no.4
• /
• pp.334-340
• /
• 2004

In this paper, a Web-based management system for the building network is described. A multi-protocol converter based on SoC and embedded Linux is designed. The open source licensing, reliability, and broad hardware support are key reasons for use of embedded Linux in embedded industry. The multi-protocol converter integrates control network of RS-485 and LonWorks devices through TCP/IP protocol for a client with Java applet. The system consists of three-tier architecture, such as a client, a server that is performed on a multi-protocol converter, and control devices. The developed system includes the inverter motor control system with modbus protocol for the RS-485 network. The experiment results show that the multi-protocol converter using embedded Linux is a flexible and effective way to builda Web -based monitoring and control system.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.4
• /
• pp.425-434
• /
• 2010

This study shows a limit to attacks that the prevention system, which is used as the mutual third aggressive packet path between open heterogeneous networks and applies prevention techniques according to the trace like IP tracking and attack methods, can prevent. Therefore, the study aims to learn information of constant attack routing protocol and of the path in network, the target of attack and build a database by encapsulating networks information routing protocol operates in order to prevent source attack paths. In addition, the study is conducted to divide network routing protocols developed from the process of dividing the various attack characters and prevent various attacks. This study is meaningful in that it analyzes attack path network and attacks of each routing protocol and secure exact mechanism for prevention by means of 3D-Puzzle, Path, and Cube of the integrated security system which is an implementation method of integrated information protection for access network defense.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.5
• /
• pp.113-120
• /
• 2020

KISTI(Korea Institute of Science and Technology Information) provides HPC(High Performance Computing) service to users of university, institute, government, affiliated organization, company and so on. The NURION, supercomputer that launched its official service on Jan. 1, 2019, is the fifth supercomputer established by the KISTI. The NURION has 25.7 petaflops computation performance. Understanding how supercomputing services are used and how researchers are using is critical to system operators and managers. It is central to monitor and analysis network traffic. In this paper, we briefly introduce the NURION system and supercomputing service network with security configuration. And we describe the monitoring system that checks the status of supercomputing services in real time. We analyze inbound/outbound traffics and abnormal (attack) IP addresses data that are collected in the NURION supercomputing service network for 11 months (from January to November 1919) using time series and correlation analysis method.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.145-152
• /
• 2009

IEEE 802.16e standard, a kind of WMAN standard, was established to support data services with cheaper cost to mobile users than traditional mobile communications system and wireless LAN system can do. In this paper, we propose an uplink QoS packet-scheduler for VoIP service which can be installed in IEEE 802.16 system and evaluate its performance with NS-2 network simulator. The proposed QoS packet-scheduler consists of three procedures: determining scheduler interval, determining the amount of resource assignment, and deciding which mobile station the base station should serve first among multiple mobile stations. According to numerical results, the proposed QoS packet-scheduler can provide more increased system capacity by 220% than UGS service scheme does and by 25 % than ertPS service scheme does.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.4 s.346
• /
• pp.1-12
• /
• 2006

In this paper we propose an efficient mobile multimedia communication protocol, mobile terminal software platform and mobile VoIP application for IP-based convergence networks. The Proposed mobile multimedia communication protocol is called as ST-MRSVP (Split tunnel based Mobile Resource reServation Protocol) which integrates split tunnel based Mobile IP and RSVP in order to support hish speed mobility. Since mobile terminal platform supports QoS (Qualify of Service) with keeping seamless mobility, mobile QoS supporting modules are developed and interworked together by means of shared memory mechanism. Testbed is composed of a core-network embedding the proposed protocols and wireless LAN-based access networks. We verify functionality and performance of the proposed techniques by using various mobility test over the testbed. As a result, the proposed architecture can reduce the handover delay time with QoS support under 30% comparing with the standard mechanisms and support voice quality as good as CDMA phone.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.1
• /
• pp.130-140
• /
• 2010

SIP (Session Initiation Protocol) is a signaling protocol to provide IP-based VoIP (Voice over IP) service. However, many security vulnerabilities exist as the SIP protocol utilizes the existing IP based network. The SIP Malformed message attacks may cause malfunction on VoIP services by changing the transmitted SIP header information. Additionally, there are several threats such that an attacker can extract personal information on SIP client system by inserting malicious code into SIP header. Therefore, the alternative measures should be required. In this study, we analyzed the existing research on the SIP anomaly message detection mechanism against SIP attack. And then, we proposed a Co-occurrence based SIP packet analysis mechanism, which has been used on language processing techniques. We proposed a association rule generation and an attack detection technique by using the actual SIP session state. Experimental results showed that the average detection rate was 87% on SIP attacks in case of using the proposed technique.

• Convergence Security Journal
• /
• v.4 no.3
• /
• pp.37-46
• /
• 2004

This paper presents the design of a certain highly efficient security policy negotiation of SPS(Security Policy System) using mobile agent system. The conventional IP security systems have some problems. A drawback to these systems is that the required policy between each security area is different. Another problem is not possible to guarantee whether a packet is transmitted through the same path by both directions and is protected by the same policy due to the topology of the network. Unlike conventional systems, the model developed herein can be resolved by using a mobile agent technology. If each domain needs a negotiation of security policy, a mobile agent manages the result of the negotiation in the form of a passport and guarantees the authentication and reliability each other by using the passport.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.427-434
• /
• 2006

Broadband Convergence Network(BcN) is a critical infrastructure to provide wired-and-wireless high-quality multimedia services by converging communication and broadcasting systems, However, there exist possible danger to spread the damage of an intrusion incident within an individual network to the whole network due to the convergence and newly generated threats according to the advent of various services roaming vertically and horizontally. In order to cope with these new threats, we need to analyze the vulnerabilities of BcN in a system architecture aspect and classify them in a systematic way and to make the results to be utilized in preparing proper countermeasures, In this paper, we propose a new classification of vulnerabilities which has been extended from the ITU-T recommendation X.805, which defines the security related architectural elements. This new classification includes system elements to be protected for each service, possible attack strategies, resulting damage and its criticalness, and effective countermeasures. The new classification method is compared with the existing methods of CVE(Common Vulnerabilities and Exposures) and CERT/CC(Computer Emergency Response Team/Coordination Center), and the result of an application to one of typical services, VoIP(Voice over IP) and the development of vulnerability database and its management software tool are presented in the paper. The consequence of the research presented in the paper is expected to contribute to the integration of security knowledge and to the identification of newly required security techniques.