• Title/Summary/Keyword: Network Address

Search Result 1,249, Processing Time 0.026 seconds

Trends in Network Address Moving Technology (네트워크 주소 이동 기술 동향)

  • Park, K.M.;Woo, S.;Moon, D.S.;Kim, I.K.
    • Electronics and Telecommunications Trends
    • /
    • v.32 no.6
    • /
    • pp.73-82
    • /
    • 2017
  • Moving Target Defense(MTD) is a novel security technology concept in which the IT infrastructure changes its form actively and prevents various types of cyber attacks. Network address moving technology is the field that has been most actively researched in terms of MTD. A number of studies on network address moving published over the last decade have suggested a virtual address-based network address moving technology for efficiency in the implementation. However, virtual address-based network address moving technology has serious vulnerabilities in terms of security and availability. This paper examines the technological characteristics of the existing studies and analyzes their limitations. It suggests security requirements to be considered when designing the network address moving technology through a technological analysis.

Implementation of IPv6 Neighbor Discovery Protocol supporting CGA

  • Kim Joong Min;Park In Kap;Yu Jae Wook
    • Proceedings of the IEEK Conference
    • /
    • 2004.08c
    • /
    • pp.571-575
    • /
    • 2004
  • Having age of ubiquitous ahead, existing IPv4's address space insufficiency phenomenon appears because of increasing network usage as well as multimedia data transmission becomes much, necessity of new IP address system that guarantee QoS are needed. IPv6 was made to solve these problem. IPv6 solves address space insufficiency phenomenon offering by 128bit address space, and also offers hierarchical address layer that support improved QoS. IPv6 defines relation between surrounding node using Neighbor Discovery protocol. Used Neighbor Discovery messages, grasp surrounding node, include important informations about network. These network information outcrops can give rise in network attack and also service that use network will paralysis. Various kinds of security limitation was found in Present Neighbor Discovery protocol therefore security function to supplement tris problem was required. In this thesis, Secure Neighbor Discovery protocol that add with security function was design and embody by CGA module and SEND module.

  • PDF

A Duplicate Address Resolution Protocol in Mobile Ad Hoc Networks

  • Lin Chunhung Richard;Wang Guo-Yuan Mikko
    • Journal of Communications and Networks
    • /
    • v.7 no.4
    • /
    • pp.525-536
    • /
    • 2005
  • In an IP-based network, automated dynamic assignment of IP addresses is preferable. In most wired networks, a node relies on a centralized server by using dynamic host configuration protocol (DHCP) to obtain a dynamic IP address. However, the DHCP­based approach cannot be employed in a mobile ad hoc network (MANET) due to the uncertainty of any centralized DHCP server. That is, a MANET may become partitioned due to host mobility. Therefore, there is no guarantee to access a DHCP server. A general approach to address this issue is to allow a mobile host to pick a tentative address randomly, and then use duplicate address resolution (DAR) protocol to resolve any duplicate addresses. In this paper, an innovative distributed dynamic host configuration protocol designed to configure nodes in MANET is presented. The proposed protocol not only can detect the duplicate address, but also can resolve the problem caused by duplicate address. It shows that the proposed protocol works correctly and is more universal than earlier approaches. An enhanced version of DAR scheme is also proposed in this paper to solve the situation of duplicate MAC address. The new and innovative approach proposed in this paper can make the nodes in MANET provide services to other networks and avoid packets from being delivered to incorrect destinations.

Effective address assignment method in hierarchical structure of Zigbee network (Zigbee 네트워크 계층 구조에서의 효율적인 주소 할당 방법)

  • Kim, Jae-Hyun;Hur, Soo-Jung;Kang, Won-Sek;Lee, Dong-Ha;Park, Yong-Wan
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.44 no.10
    • /
    • pp.20-28
    • /
    • 2007
  • Zigbee sensor network base on IEEE802.15.4 has local address of 2 byte on transmit packet data which is pick up the address for each sensor node. Sensor network is requested low power, low cost, many nodes at hues physical area. There for Zigbee is very good solution supporting for next Ubiquitous generation but the Zigbee sensor network has address allocation problem of each sensor node. Is established standard from Zigbee Alliance, to the address allocation method uses Cskip algorithm. The Cskip algorithm use the hazard which allocates an address must blow Hop of the maximum modification and child node number. There is to address allocation and from theoretically it will be able to compose a personal 65536 sensor nodes only actual with concept or space, only 500 degree will be able to compose expansion or the low Zigbee network. We proposed an address allocation method using coordinate value for Zigbee sensor network.

Address Auto-Resolution Network System for Neutralizing ARP-Based Attacks (ARP 기반 공격의 무력화를 위한 주소 자동 결정 네트워크 시스템)

  • Jang, RhongHo;Lee, KyungHee;Nyang, DaeHun;Youm, HeungYoul
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.6 no.4
    • /
    • pp.203-210
    • /
    • 2017
  • Address resolution protocol (ARP) is used for binding a logical address to a physical address in many network technologies. However, since ARP is an stateless protocol, it always abused for performing ARP-based attacks. Researchers presented many technologies to improve ARP protocol, but most of them require a high implementation cost or scarify the network performance for improving security of ARP protocol. In this paper, we present an address auto-resoultion (AAR) network system to neutralize the ARP-based attacks. The AAR turns off the communication function of ARP messages(e.g. request and reply), but does not disable the ARP table. In our system, the MAC address of destination was designed to be derived from destination IP address so that the ARP table can be managed statically without prior knowledge (e.g., IP and MAC address pairs). In general, the AAR is safe from the ARP-based attacks since it disables the ARP messages and saves network traffics due to so.

IPv6 Global Address Configuration Algorithm for Internet Interconnection in MANET (MANET기반 Internet 연결에서 IPv6 Global Address 할당 방법)

  • Hwang, Soon-Woo;Park, Sung-Han
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.43 no.12 s.354
    • /
    • pp.68-74
    • /
    • 2006
  • The MANET(Mobile Ad Hoc Network) is an independent network that is oranized by only Mobile Hosts. MANET guarantees the mobility of the node and does not need a backbone network or a base station. Recently, there is a strong demand to connect MANET to the Internet. For the interconnection between MANET and Internet, Mobile hosts of MANET must have global IP address. The well known scheme of the address configuration for MANET is SAA(Stateless Address Autoconfiguration). SAA configurated IP address by node itself. The advantage of SAA is not requiring any server for address configuration. However the SAA has problems of unstable and inefficient interconnection on the AD Hoc Network. To solve this problem we propose a method that assigns an IPv6 Global address to the node through the Internet Gateway. The format of assigned IPv6 address is also defined. The simulation result demonstrates that the proposed method can support the host for fast getting of global IPv6 Address and Mobile IPv6 efficiently.

An ARP-disabled network system for neutralizing ARP-based attack

  • Battulga, Davaadorj;Jang, Rhong-Ho;Nyang, Dae-Hun
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2016.10a
    • /
    • pp.234-237
    • /
    • 2016
  • Address Resolution Protocol (ARP) is used for mapping a network address to physical address in many network technologies. However, since ARP protocol has no security feature, it always abused by attackers for performing ARP-based attacks. Researchers presented many technologies to improve ARP protocol, but most of them require a high implementation cost or scarify the network performance for using ARP protocol securely. In this paper, we present an ARP-disabled network system to neutralize the ARP-based attacks. "ARP-disabled" means suppress the ARP messages like request, response and broadcast messages, but not the ARP table. In our system, ARP tables are used for managing static ARP entries without prior knowledge (e.g. IP, MAC list of client devices). This is possible because the MAC address was designed to be derived from IP address. In general, our system is safe from the ARP-based attacks even the attacker has a strong power. Moreover, we saved network bandwidth by disabling the ARP messages.

Automatic Node Configuration Protocol for Small Sized Mobile Ad-Hoc Networks (소규모 이동 애드혹 네트워크에서의 자동 노드 설정 프로토콜)

  • Lee Hyewon K.;Mun Youngsong
    • Journal of KIISE:Information Networking
    • /
    • v.32 no.1
    • /
    • pp.100-109
    • /
    • 2005
  • A Mobile Ad-Hoc Network (MANET) supports a multi-hop wireless network without any prepared base station (BS). The MANET is capable of building a mobile network automatically without any help from DHCP servers for address allocation or routers to forward or route messages. Many routing protocols have been proposed for the MANET, but these specify the most optimized or shortest path from a source to a destination, and they assume that nodes are pre-configured before communication. To make up for this, address allocation algorithms, such as MANETConf [1] and prophet address allocation algorithm [2], have been proposed. Especially, MANETConf proposes address allocation algorithm with duplication address check. In this paper, we present a dynamic node configuration protocol based on 2-tierd hierarchical network architecture for mobile ad-hoc network, modified from [1]. Especially, it reduces the number of broadcast message exchange between nodes when a new node somes into a network, which lessens network overhead, remarkably. This protocol is based on two-tired structure, and it ensures address allocation with simple duplication address defection mechanism.

Analysis of Inauguration Address of Previous Korean Presidents Based on Network (네트워크 기반 대한민국 역대 대통령 취임사 분석)

  • Kim, Hak Yong
    • The Journal of the Korea Contents Association
    • /
    • v.21 no.11
    • /
    • pp.11-19
    • /
    • 2021
  • The presidential inaugural address is a very useful means of presenting the national vision and conveying the president's political philosophy and policy direction to the people. For this reason, analyzing the address will help to understand the president him/herself and the presidential times. The address can be analyzed in various academic fields, but in this study, it was considered as only content and analyzed based on the network. It is widely used for word cloud analysis based on the frequency of words appearing in the address. If it is analyzed based on a network, it will be a useful method because it is possible to derive the context contained in the sentence. The entire network of the addresses of past presidents of the Republic of Korea was established and structural factors were presented. The president and political direction were derived by comparatively analyzing the key words derived from the network and the word cloud. The characteristics of the address were presented by comparing and analyzing key words and closeness centrality, which is a structural factor of the network, by constructing a network of each president's inaugural address. It is expected that the network-based analysis of past presidential inaugural addresses can ultimately be used as data for understanding and evaluating presidents.

A Study on the Network Access Control of a System in Real Time by Network Address Authentication Based on Policy in the VLAN Environments (VLAN 환경에서 네트워크 주소 인증을 통한 정책 기반 실시간 시스템 제어 기술 연구)

  • Choi, Won-Woo;Ahn, Seong-Jin;Chung, Jin-Wook
    • Convergence Security Journal
    • /
    • v.5 no.1
    • /
    • pp.35-43
    • /
    • 2005
  • It is need to control network access that a user personally change own IP or network devices in managing network address. Also, When we use new network devices or assign network address, we do them by design, not arbitrarily. And then, we can immediately control network's problems. It could be used network management and security in low level. But most of managers do this works by hand not automatically. This paper propose the solutions that improve the security by network address authentication in VLAN environment, such as corporations and public offices.

  • PDF