• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.1B
• /
• pp.29-40
• /
• 2004

In this paper, we propose a new early congestion detection and notification technique called QR-AQM. Unlike RED and it's variation, QR-AQM measures the total traffic rate from TCP sessions, predicts future network congestion, and determine the packet marking probability based on the measured traffic rate. By incorporating the traffic rate in the decision process of the packet marking probability, QR-AQM is capable of foreseeing future network congestion as well as terminating congestion resolution procedure in much more timely fashion than RED. As a result, simulation results show that QR-AQM maintains the buffer level within a fairly narrow range around a target buffer level that may be selected arbitrarily as a control parameter. Consequently, compared to RED and its variations, QR-AQM is expected to significantly reduce the jitter and delay variance of packets traveling through the buffer while achieving nearly identical link utilization.

• Journal of Korea Multimedia Society
• /
• v.7 no.10
• /
• pp.1389-1399
• /
• 2004

Modern computer networks are growing wider, more complicated. Therefore, we have needed so much the function of the performance management to, by making this kind of the network performance best fitted, guarantee Quality of Service which the users require. Currently, Netflow, RMON and Packet Capture methods are used to analyze Traffic, the principal function of the performance management, but they are not the fundamental solution from the integrated point of view. In this paper, we suggest the integrated performance management architecture and, by means of it, design and implement the performance man-agement system so that we can manage the performance of multi-technology and multi-vender devices.

• ETRI Journal
• /
• v.27 no.6
• /
• pp.725-732
• /
• 2005

The reconfiguration management scheme changes a logical topology in response to changing traffic patterns in the higher layer of a network or the congestion level on the logical topology. In this paper, we formulate a reconfiguration scheme with a shared buffer-constrained cost model based on required quality-of-service (QoS) constraints, reconfiguration penalty cost, and buffer gain cost through traffic aggregation. The proposed scheme maximizes the derived expected reward-cost function as well as guarantees the required flow's QoS. Simulation results show that our reconfiguration scheme significantly outperforms the conventional one, while the required physical resources are limited.

• Smart Media Journal
• /
• v.4 no.4
• /
• pp.24-32
• /
• 2015

Recently, SDN is actively used as datacenter networks and gradually increase its applied areas. Along with this change of networking environment, research of deploying network security systems on SDN becomes highlighted. Especially, systems for detecting network flooding attacks by monitoring every packets through ports of OpenFlow switches have been proposed. However, because of the centralized management of a SDN controller which manage multiple switches, it may be substantial overhead that the attack detection system continuously monitors all the flows. In this paper, a sampling based network flooding attack detection and prevention system is proposed to reduce the overhead of monitoring packets and to achieve reasonable functionality of attack detection and prevention. The proposed system periodically takes sample packets of network flows with the given sampling conditions, analyzes the sampled packets to detect network flooding attacks, and block the attack flows actively by managing the flow entries in OpenFlow switches. As network traffic sampler, sFlow agent is used, and snort, an opensource IDS, is used to detect network flooding attack from the sampled packets. For active prevention of the detected attacks, an OpenDaylight application is developed and applied. The proposed system is evaluated on the local testbed composed with multiple OVSes (Open Virtual Switch), and the performance and overhead of the proposed system under various sampling condition is analyzed.

• Journal of KIISE:Information Networking
• /
• v.32 no.4
• /
• pp.443-451
• /
• 2005

Stateful inspection devices must maintain flow information. These devices create the flow information also for network attack packets, and it can fatally inflate the dynamic memory allocation on stateful inspection devices under network attacks. The memory inflation leads to memory overflow and subsequent performance degradation. In this paper, we present a guideline to set the flow entry timeout for a stateful inspection device to remove harmful embryonic entries created by network attacks. Considering Transmission Control Protocol (TCP) if utilized by most of these attacks as well as legitimate traffic, we propose a parsimonious memory management guideline based on the design of the TCP and the analysis of real-life Internet traces. In particular, we demonstrate that for all practical purposes one should not reserve memory for an embryonic TCP connection with more than (R+T) seconds of inactivity where R=0, 3, 9 and $1\leqq{T}\leqq{2}$ depending on the load level.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.11B
• /
• pp.1234-1244
• /
• 2009

Nowadays, the traffic type and behavior are extremely diverse due to the appearance of various services and applications on Internet, which makes the need of application-level traffic classification important for the efficient management and control of network resources. Although lots of methods for traffic classification have been introduced in literature, they have some limitations to achieve an acceptable level of performance in terms of accuracy and completeness. In this paper we propose an application traffic classification method using statistic signatures, defined as a directional sequence of packet size in a flow, which is unique for each application. The statistic signatures of each application are collected by our automatic grouping and extracting mechanism which is mainly described in this paper. By matching to the statistic signatures we can easily and quickly identify the application name of traffic flows with high accuracy, which is also shown by comprehensive excrement with our campus traffic data.

• Journal of Korean Society of Transportation
• /
• v.4 no.1
• /
• pp.3-11
• /
• 1986

One important element of a systematic approach to the management and control of the flow of people over an urban street network is the monitoring and evaluation of system performance. The nature of TSM strategies that, in part, differentiates them from traditional long-range transportation improvement alternatives is that they are less costly, are more quickly implemented and modified, and are often oriented toward sub-area problems which must be addressed at a more microscopic level of analysis. These factors suggest that pre-implementation evaluations of alternative TSM actions will often have to rely on quick-turn around, manual methods of analysis to guide the choice of which management action should be implemented. This paper was prepared to focus on the definition and importance of TSM, specifically associated with monitoring and evaluating traffic performance in the context of TSM startegies. A simple case study of reversible lane technique was presented. The purposes of the case study is to illustrate the methodology of evaluating TSM strategies and demonstrate to identify the benefit from the reversible lane technique, which may otherwise be overlooked in real world. Applying the reversible lane technique to Sam-Il elevate highway, it was found to be a very promising low cost alternative to reduce total travel time(or delay) and fuel consumption.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.11S
• /
• pp.3633-3650
• /
• 2000

Internet is no longer a network for special communities but became a global means of communication infrastructure for everyday life. People are exchanging their personal messages using e-mails, students are getting their educational aids through the web, people are buying a variety of goods from cyber shopping malls, and companies are conducting their businesses over the Internet. Recently, such an explosive growth of the traffic in the Internet raised a big concern on how to accommodate ever-changing user's needs in terms of an amount of the traffic, characteristics of the traffic, and various service quality requirements, Over provisioning can be a simple solution but it is too expensive and inefficient. Thus many new technologies to solve this very difficult puzzle have bcen introduced recently, Any single solution, however, can be insufficient and a carefully designed architecture, which integrates a group of solutions, is required. In this paper, we propose a policy-based Internet QoS provisioning, traffic engineering and perfonnance management system as our solution to this problem. Our integrated management QoS solution can provide highly responsive flow-through service provisioning, more realistic service and resource policy control based on the real network performance information, and centralized control of traffic engineering for heterogeneous networks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.360-363
• /
• 2007

In sensor network, the importance of transporting data with reliability is growing gradually to support communications. Data flow from sink to nodes needs reliability for the control or management, that is very sensitive and intolerable, however relatively, data flow from nodes to sink is tolerable. In this paper, with emphasis of the data flow from sink to nodes, we proposed the mechanism that establishes confidence interval for transport. Establishing confidence interval hop-by-hop, not end to end, if errors happen or there's missing data, this mechanism recovers them with selective acknowledgement using fixed window. In addition, this mechanism supports traffic congestion control depending on the buffer condition. Through the simulation, we showed that this mechanism has an excellent performance for error recovery in sensor network.

• Korean Management Science Review
• /
• v.18 no.2
• /
• pp.107-116
• /
• 2001

In the ring leading problem with demand splitting, traffic demands are given for each pair of nodes in an undirected ring network and a flow is routed in either of the two directions, clockwise and counter-clockwise. The load of a link is the sum of the flows routed through the link and the objective of the problem is to minimize the maximum link load on the ring. Recently, four different optimal a1gorithms have been developed for solving the problem. In this paper, we compare those algorithms in a single framework and conduct a computational study to evaluate the practical performance of those algorithms.