• The Journal of the Convergence on Culture Technology
• /
• v.6 no.1
• /
• pp.455-461
• /
• 2020

Electronic payment system using Internet banking is a very important application for users of e-commerce environment. With rapidly growing use of fintech applications, the risk and damage caused by malicious hacking or identity theft are getting significant. To prevent the damage, fraud detection system (FDS) calculates the risk of the electronic payment transactions using user profiles including types of goods, device status, user location, and so on. In this paper, we propose a new risk calculation method using relative location of users such as SSID of wireless LAN AP and MAC address. Those relative location information are more difficult to imitate or copy compared with conventional physical location information like nation, GPS coordinates, or IP address. The new method using relative location and cumulative user characteristics will enable stronger risk calculation function to FDS and thus give enhanced security to electronic payment systems.

• 한국정보통신설비학회:학술대회논문집
• /
• 2007.08a
• /
• pp.336-340
• /
• 2007

This paper proposes a multicast scheme over IEEE 802.16 networks which support multiple upper layer protocols such as ATM, IPv4 packets, IPv6 packets, IEEE 802.3 over IPv4 and so on. The multicast capabilities over IEEE 802.16 are important both control plane and data plane. The proposed multicast scheme can be divided into two types: direct mapping and indirect mapping. The direct mapping scheme is that layer 3 address is directly mapped into CID information which is used for connection identifier at IEEE 802.16 link layer. The indirect mapping scheme has two steps for mapping between layer 3 address and layer 2 CID. Firstly, a layer 3 address translates to Ethernet MAC address with group MAC address. Secondly, a group MAC address is mapped into CID. The mapping scheme depends on the upper layer protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.1
• /
• pp.19-26
• /
• 2003

Recently, the number of internet service companies is increasing and so is the number of malicious attackers. Damage such as distrust about credit and instability of the service by these attacks may influence us fatally as it makes companies image failing down. One of the frequent and fatal attacks is DoS(Denial-of-Service). Because the attacker performs IP spoofing for hiding his location in DoS attack it is hard to get an exact location of the attacker from source IP address only. and even if the system recovers from the attack successfully, if attack origin has not been identified, we have to consider the possibility that there may be another attack again in near future by the same attacker. This study suggests to find the attack origin through MAC address marking of the attack origin. It is based on an IP trace algorithm, called Marking Algorithm. It modifies the Martins Algorithm so that we can convey the MAC address of the intervening routers, and as a result it can trace the exact IP address of the original attacker. To improve the detection time, our algorithm also contains a technique to improve the packet arrival rate. By adjusting marking probability according to the distance from the packet origin we were able to decrease the number of needed packets to traceback the IP address.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.8
• /
• pp.1955-1960
• /
• 2014

Many routing protocols have been proposed for low-power and ad-hoc networks to deliver command or data among nodes and recently, various researches are carried out about networking scheme considering reliability and scalability. In low-power networking technology, the performance of network layer is closely connected with the operation of data link layer and mesh routing mechanisms based on TDMA MAC are considered for reliability and scalability. This paper proposes mesh routing algorithm utilizing the characteristics of TDMA MAC and topological addressing in TDMA based low-power and ad-hoc networks and implementation results are presented.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.5B
• /
• pp.429-436
• /
• 2011

The G-PON is an efficient solution to implement the FTTH and have GEM frame to accomodate various protocols like Ethernet frames, IP packets, and TDM signals. Above all, the Ethernet is one of the most widely used 2nd layer protocol in the campus, the subscriber access, and the carrier service. So G-PON system has to provide an Ethernet interface with top priority. In this paper, we implement a gigabit Ethernet adapter based on Ethernet over GEM in the ITU-T G.984.3 to accommodate Ethernet protocol in the G-PON TC chip. The adapter maps each Ethernet frame to a single or multiple GEM frames and has several functions including generation of the GEM header, encapsulation of frames and the SAR. In particular, the adapter have converter (LUT) MAC address to port-ID which is a key to identify logical connections though it is not defined in specification but important. We implement the adapter with a FPGA and verify the functions of segmentation and reassembling, MAC address learning, and throughput with the logic analyzer and the Ethernet analyzer.

• Convergence Security Journal
• /
• v.5 no.1
• /
• pp.35-43
• /
• 2005

It is need to control network access that a user personally change own IP or network devices in managing network address. Also, When we use new network devices or assign network address, we do them by design, not arbitrarily. And then, we can immediately control network's problems. It could be used network management and security in low level. But most of managers do this works by hand not automatically. This paper propose the solutions that improve the security by network address authentication in VLAN environment, such as corporations and public offices.

• Journal of KIISE:Information Networking
• /
• v.34 no.5
• /
• pp.328-339
• /
• 2007

Conventional topology-based routing protocols are not suitable for inter-vehicular communication, where frequent route updates are necessary due to continuous and abrupt changes in network topology Position-based routing protocols are widely accepted to better serve their purpose in such a scenario as they do not require path discovery or maintenance. However they have to deal with the overhead of the location service and inaccurate position information. This paper proposes the MMFP (Multi-hop MAC Forwarding Protocol) for inter-vehicle communication that relies on reachability information collected from received packets in making a forwarding decision without path discovery. The MMFP is designed as an extension to the IEEE 802.11 MAC layer to ensure accuracy in its time-critical operations. This paper also presents some simulation results that demonstrate the superior performance of the MMFP over AODV in a realistic inter-vehicular communication.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.11B
• /
• pp.979-986
• /
• 2006

DSTM is one of the 1Pv6/IPv4 transition mechanisms using IPv4-in-IPv6 tunneling for communication between IPv6 node with dual stack and Ipv4-only node. In DSTM, the DSTM server using the DHCPv6 is vulnerable to DoS attacks which can exhaust the IPv4 address pool. In this paper, an authentication model using a HRAA (Human Recognition Address Allocation) scheme was proposed to protect DHCP server against DoS attacks. The proposed authentication model in DSTM that uses an image file for verification is effective because only human can respond to the challenge for authenticated address allocation. The proposed model can be used anytime and anywhere in a DSTM domain, and is secure against DoS attacks.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.310-314
• /
• 2007

WiBro는 IEEE 802.16에 이동성을 추가한 것으로서 현재 IPv4만을 지원하는데, IPv6를 적용할 경우 발생할 수 있는 문제점들은 최근에 이르러서야 이슈가 되고 있다. WiBro MAC은 IP 프로토콜 설계시 기본이 되는 이더넷과 많은 차이점이 존재한다. 망 구성요소들의 점대다(point-to-multipoint) 연결 형태와 상향링크 멀티캐스트 불가능으로 인해 정상적인 IP 멀티캐스팅/브로드캐스팅 동작이 어렵기 때문이다. 또한 이더넷과 같이 48비트 MAC 주소를 사용하는 것이 아니라 16비트 CID를 사용하기 때문에 IPv6를 적용할 경우 IPv6 Address Auto-Configuration, Neighbor Discovery, Duplicate Address Detection, Multicast Listener Discovery 등에서 정상적인 동작이 불가능하다. 이에 본 논문은 WiBro의 IPv6에서 MLD 프로토콜 적용방안과 무선자원을 효과적으로 사용하는 방법을 제시한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2008.06d
• /
• pp.131-136
• /
• 2008

와이브로는 IEEE 802.16e 기반으로 이동 중에도 사용자에게 고속 무선 데이터 서비스를 제공하는 기술로 IPv4 기반 인터넷을 통한 이동성 지원은 원활하게 제공되나 IPv6 환경에서는 많은 문제점을 가지고 있다. 와이브로 MAC은 유선망의 이더넷과 와이브로 망 구성요소 간 점대다 연결과 브로드 캐스트 기능을 지원하지 않는다. 또한 이더넷에서 사용하는 MAC 주소를 대체한 CID(Connection ID)를 사용하기 때문에 Mobile IPv6에서 CoA(Care of Address) 생성을 위한 IPv6 Address Auto-Configuration 기능을 이용하는 것은 매우 어렵다. 본 논문에서는 와이브로 서비스 제공을 위하여 Mobile IPv6의 Proxy 기능을 도입하고 이를 적용하는 방안을 제시한다. 제안된 방식을 통하여 와이브로 망에서 IPv6의 장점을 이용한 고속 핸드오버 서비스 제공이 가능하다.