• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.751-765
• /
• 2012

Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin's group key transfer protocol and Dutta and Barua's group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua's proof of security to make it valid against unknown key share attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.6
• /
• pp.1668-1688
• /
• 2012

Cooperative communications and network coding schemes have been proposed to increase system throughput for ad hoc networks. In this paper, we present throughput and delay analysis of the new network coding-enabled cooperative MAC protocol called NC-MAC, which has been proposed by us in order to significantly enhance system performance. This protocol introduces an approach that can accommodate both cooperative communication and network coding for wireless ad hoc networks by slightly increasing overhead and modifying standards. The protocol's performance is evaluated using mathematical analysis and computer simulation and two performance measures, system throughput and average channel access delay, are used for a performance comparison with previous schemes. It is assumed that all the frames exchanged over a wireless channel are susceptible to transmission errors, which is a new but more reasonable assumption differentiating this research from previous research. Numerical results show this protocol provides significantly enhanced system performance compared with conventional cooperative MAC protocols used in previous research. For instance, system performance is 47% higher using the NC-MAC protocol than when using the rDCF protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.9
• /
• pp.3094-3109
• /
• 2014

This paper proposes a load balanced reliable routing protocol called LBR (Load Balanced Reliable routing) in wireless networks. The LBR protocol transmits messages through a reliable path considering the balancing of the traffic load. Recently, the authors have proposed a multipath-based reliable routing protocol called MRFR, which is an appealing protocol for fault tolerant reliable data transmission. However, However, MRFR has no concern with the problem of load balancing, which results in increasing congestion and consuming high energy at some network nodes. As a result, the problem affects negatively the performance of the network. Taking account of load balancing as a route selection criteria can avoid routing through the congested nodes and allows to find better routes. In this paper, we extend MRFR by considering load balancing in the route discovery process of reliable communication. The simulation results showed that the proposed protocol outperforms AODV in terms of end-to-end delay, packet delivery radio, and average jitter. Compared to MRFR, the LBR protocol has the same packet delivery ratio, and obtains a better efficiency of load balancing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1728-1742
• /
• 2023

In this paper, we extended a hierarchical clustering technique, which is the most researched in the sensor network field, and studied a dynamic differential clustering technique to minimize energy consumption and ensure equal lifespan of all sensor nodes while considering the mobility of sinks. In a sensor network environment with mobile sinks, clusters close to the sinks tend to consume more forwarding energy. Therefore, clustering that considers forwarding energy consumption is desired. Since all clusters form a hierarchical tree, the number of levels of the tree must be considered based on the size of the cluster so that the cluster size is not growing abnormally, and the energy consumption is not concentrated within specific clusters. To verify that the proposed DDC protocol satisfies these requirements, a simulation using Matlab was performed. The FND (First Node Dead), LND (Last Node Dead), and residual energy characteristics of the proposed DDC protocol were compared with the popular clustering protocols such as LEACH and EEUC. As a result, it was shown that FND appears the latest and the point at which the dead node count increases is delayed in the DDC protocol. The proposed DDC protocol presents 66.3% improvement in FND and 13.8% improvement in LND compared to LEACH protocol. Furthermore, FND improved 79.9%, but LND declined 33.2% when compared to the EEUC. This verifies that the proposed DDC protocol can last for longer time with more number of surviving nodes.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.1
• /
• pp.47-59
• /
• 2003

The Internet telephony service is one of the commercially successful Internet application services. VoIP technology makes the service come true. VoIP deploys H.323 or SIP as the standard protocol for the distributed multimedia services over the Internet in which QoS is not guaranteed. VoIP carries the packetized voice over the RTP/UDP/IP protocol stack. The data transmission trouble is caused by UDP when the service is provided in private networks and some ISP-provided Internet access networks in the private address space. The Internet telephony users in such networks cannot listen the voices of the other parties in the public Internet or PSTN. Making the problem more difficult, the Internet telephony service considered in this paper gets the incoming voice packets of every session through only one UDP port number. In this paper, three schemes including the terminal proxy, the gateway proxy, and the protocol translation are suggested to solve the problems. The design and implementation of the NAT proxy server based on gateway proxy scheme are described in detail.

• Journal of Internet Computing and Services
• /
• v.4 no.3
• /
• pp.47-55
• /
• 2003

Multicast protocols ore developed in order to support group communications efficiently, However. there still exist some issues to be solved for deploy multicast protocol in the public internet. This paper refers problem of existing Reliable Multicast Protocols and redesigns component function, and proposes enhanced reliable multicast transport protocol, This paper proposed a improved multicast transport scheme in NACK based reliable multicast. This scheme is much faster than by sender-initiated or receiver-initiated recovery and latency is smaller. Designed components are implemented in UNIX environment using C programming longuage. Then the protocol was evaluated performance through simulation. As the result, proposed protocol is better than existing protocols in both of transmission delay and packet loss. Especially, proposed protocol in this paper con be used in multicast services needed high reliability.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.10B
• /
• pp.660-668
• /
• 2005

Recently, the Internet-based communication method has been adopted as an open networking solution in the field of remote control and data acquisition. In the current Internet, most networking applications are developed according to the client-server approach. In this paper, we propose an innovative Device Configuration Protocol (DCP) that exchanges the traditional role between client and server to provide a uniform device interface over the Internet for various field devices. The proposed protocol is implemented as an application-level protocol running on top of the standard TCP/IP protocols. Also, the DCP protocol is extended with real-time processing to work with the FlowLabel of IPv6 for QoS (Quality of Service) support. The simulation results show that the real-time packets can be processed prior to the given deadline regardless of throughput, as compared to the normal packets.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.955-963
• /
• 2022

The Internet of Things (IoT), combined with various technologies, is rapidly becoming an integral part of our daily life. While it is rapidly taking root in society, security considerations are relatively insufficient, making it a major target for cyber attacks. Since all devices in the IoT environment are connected to the Internet and are closely used in daily life, the damage caused by cyber attacks is also serious. Therefore, encryption communication using a network security protocol must be considered for a service in a more secure IoT environment. A representative network security protocol includes TLS (Transport Layer Protocol) defined by the IETF. This paper analyzes the performance measurement results for TLS version 1.2 and version 1.3 in an IoT device open platform environment to predict the load of TLS, a representative network security protocol, in IoT devices with limited resource characteristics. In addition, by analyzing the performance of each major cryptographic algorithm in version 1.3, we intend to present a standard for setting appropriate network security protocol properties according to IoT device specifications.

• Journal of Communications and Networks
• /
• v.9 no.4
• /
• pp.350-355
• /
• 2007

Border gateway protocol allows autonomous systems(ASes) to apply diverse routing policies for selecting routes and for propagating reachability information to other ASes. Although a significant number of studies have been focused on the Internet topology, little is known about what routing policies network operators employ to configure their networks. In this paper, we infer and characterize routing policies employed in the Internet. We find that routes learned from customers are preferred over those from peers and providers, and those from peers are typically preferred over those from providers. We present an algorithm for inferring and characterizing export policies. We show that ASes announce their prefixes to a selected subset of providers to perform traffic engineering for incoming traffic. We find that the selective announcement routing policies imply that there are much less available paths in the Internet than shown in the AS connectivity graph, and can make the Internet extremely sensitive to failure events. We hope that our findings will help network operators in designing routing policies.

• Proceedings of the KIEE Conference
• /
• 2001.07d
• /
• pp.2750-2752
• /
• 2001

각종 행정 업무나 금융 업무 등 많은 분야의 업무를 Network로 처리할 수 있도록 Internet 환경이 구축된 현실에서 개개인의 신상정보 또는 금융정보 등과 같은 누설되어서는 안 되는 다량의 정보들이 Internet을 통해 전송 되어지고 있다. 거미줄처럼 얽혀있는 Internet망을 통한 통신 중 어디 한곳에서라도 정보가 손실된다면 큰 혼란을 가져 올 것이다. 또한 누군가가 Internet망을 통해 전송되는 정보들을 들여다 볼 수 있다면 Encryption되지 않은 Data는 모두 누설되고 말 것이다. 이러한 위험요소들은 기술적으로 구현이 가능하며 실제적으로도 암암리에 행해지고 있는 것으로 알려져 있다. 현재 Internet Security를 위한 많은 Encryption Protocol이 존재하고 있지만 일관된 Encryption Protocol의 부재, 사용의 어려움, Cryptography Application의 부재로 인하여 Encryption을 사용할 수 없는 경우가 많이 있다. 본 논문에는 Eavesdropping의 원리를 이해하고 이에 대한 대책을 제시하였다.