• Journal of Communications and Networks
• /
• v.14 no.3
• /
• pp.310-318
• /
• 2012

Detecting intrusion attacks accurately and rapidly in wireless networks is one of the most challenging security problems. Intrusion attacks of various types can be detected by the change in traffic flow that they induce. Wireless industrial networks based on the wireless networks for industrial automation-process automation (WIA-PA) standard use a superframe to schedule network communications. We propose an intrusion detection system for WIA-PA networks. After modeling and analyzing traffic flow data by time-sequence techniques, we propose a data traffic prediction model based on autoregressive moving average (ARMA) using the time series data. The model can quickly and precisely predict network traffic. We initialized the model with data traffic measurements taken by a 16-channel analyzer. Test results show that our scheme can effectively detect intrusion attacks, improve the overall network performance, and prolong the network lifetime.

• Advances in concrete construction
• /
• v.17 no.2
• /
• pp.53-66
• /
• 2024

Domain Name Systems (DNS) provide critical performance in directing Internet traffic. It is a significant duty of DNS service providers to protect DNS servers from bandwidth attacks. Data mining techniques may identify different trends in detecting anomalies, but these approaches are insufficient to provide adequate methods for querying traffic data in significant network environments. The patterns can enable the providers of DNS services to find anomalies. Accordingly, this research has used a new approach to find the anomalies using the Neural Network (NN) because intrusion detection techniques or conventional rule-based anomaly are insufficient to detect general DNS anomalies using multi-enterprise network traffic data obtained from network traffic data (from different organizations). NN was developed, and its results were measured to determine the best performance in anomaly detection using DNS query data. Going through the R² results, it was found that NN could satisfactorily perform the DNS anomaly detection process. Based on the results, the security weaknesses and problems related to unpredictable matters could be practically distinguished, and many could be avoided in advance. Based on the R² results, the NN could perform remarkably well in general DNS anomaly detection processing in this study.

• Journal of the military operations research society of Korea
• /
• v.32 no.1
• /
• pp.133-158
• /
• 2006

The change of information and communications technology affects into many parts of military battlefield as the future warfare will be information-oriented warfare, relying on information technology. The more IT-based military systems are deployed the more multimedia data traffic increase. To accommodate such user's requirements the bandwidth capacity of military communications network must be upgraded. The cost of upgrading network capacity is increasing as well. But there has no systematic estimation approach to analyze the amount of data traffic in the military network. In this paper we suggest an efficient data traffic estimation technique using network simulation with the respect of Input and output, scenario, toolset and technique, and experimental environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.11
• /
• pp.4483-4501
• /
• 2020

Recent findings identified the scatter and shape of MFD (macroscopic fundamental diagram) is heavily influenced by the spatial distribution of link density in a road network. This implies that the concept of MFD can be utilized to divide a heterogeneous road network with different degrees of congestion into multiple homogeneous subnetworks. Considering the actual traffic data is usually incomplete and inaccurate while most traffic partition algorithms rely on the completeness of the data, we proposed a three-step partitioned algorithm called Iso-MB (Isoperimetric algorithm - Merging - Boundary adjustment) permitting of incompletely input data in this paper. The proposed algorithm was implemented and verified in a simulated urban transportation network. The existence of well-defined MFD in each subnetwork was revealed and discussed and the selection of stop parameter in the isoperimetric algorithm was explained and dissected. The effectiveness of the approach to the missing input data was also demonstrated and elaborated.

• Proceedings of the IEEK Conference
• /
• 2001.06c
• /
• pp.59-62
• /
• 2001

This paper discusses a data mining technique for time series analysis of traffic data, which provides useful knowledge for network configuration management. Commonly, a network designer must employ a combination of heuristic algorithms and analysis in an interactive manner until satisfactory solutions are obtained. The problem of heuristic algorithms is that it is difficult to deal with large networks and simplification or assumptions have to be made to make them solvable. Various data mining techniques are studied to gain valuable knowledge in large and complex telecommunication networks. In this paper, we propose a traffic pattern association technique among network nodes, which produces association rules of traffic fluctuation patterns among network nodes. Discovered rules can be utilized for improving network topologies and dynamic routing performance.

• The Korean Journal of Applied Statistics
• /
• v.28 no.1
• /
• pp.1-8
• /
• 2015

Security has become an issue due to the rapid increases in internet traffic data network. Especially P2P traffic data poses a great challenge to network systems administrators. Preemptive measures are necessary for network quality of service(QoS) and efficient resource management like blocking suspicious traffic data. Deep packet inspection(DPI) is the most exact way to detect an intrusion but it may pose a private security problem that requires time. We used several machine learning methods to compare the performance in classifying network traffic data accurately over time. The Random Forest method shows an excellent performance in both accuracy and time.

• Journal of Korea Multimedia Society
• /
• v.9 no.5
• /
• pp.635-648
• /
• 2006

As the advances of Internet infra structure and the support of console and mobile for network games, the industry of online game has been growing rapidly, and the online game traffic in the Internet has been increasing steadily. For design and simulation of game network, the analysis of online game traffic have to be preceded. Therefore a number of papers have been proposed for the purpose of analyzing the traffic data of network games and providing the models. We make and use GameNet Analyzer as a dedicated tool for game traffic measurement and analysis in this paper. We measure the traffic of FPS Quake 3, RTS Starcraft and MMORPG World of Warcraft (WoW), and analyze the packet size, packet IAT(inter-arrival time), data rate and packet rate according to the number of players and in-game behaviors. We also present the traffic models using measured traffic data. These analysis and models of game traffic can be used for effective network simulation, performance evaluation of game network and the design of online games.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.3
• /
• pp.107-115
• /
• 2009

Traditionally, simulation method is used to test and evaluate the performance of communication protocol or functional elements for mobile communication service. In this paper, wireless network simulator is implemented using the C++ object-oriented programming language. This simulator can simulate wireless data services, like as ad-hoc networks, by considering the user's mobility. In this paper, the simulator includes network traffic model to reflect wireless data service and traffic source model to represent a user's mobility similar to real service environment and traffic characteristics can be reflected on the simulation, and also more accurate simulation results can be got through that. In addition, by using object-oriented techniques, new service feature or environment can be easily added or changed so that the developed mobile communication simulator can reflect the real service environment all the time. This simulator can be used in adjusting the characteristics of wireless data hosts following the mobility of the user, and also can be used in building new wireless ad-hoc network routing protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.721-728
• /
• 2013

Big data is one of the most spotlighted technological trends in these days, enabling new methods to handle huge volume of complicated data for a broad range of applications. Real-time network traffic analysis essentially deals with big data, which is comprised of different types of log data from various sensors. To tackle this problem, in this paper, we devise a big data based platform, RENTAP, to detect and analyse malicious network traffic. Focused on military network environment such as closed network for C4I systems, leading big data based solutions are evaluated to verify which combination of the solutions is the best design for network traffic analysis platform. Based on the selected solutions, we provide detailed functional design of the suggested platform.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.26 no.7
• /
• pp.759-766
• /
• 2020

In recent years, the maritime traffic environment has been changing in various ways, and the traffic volume has been increasing constantly. Accordingly, the requirements for maritime traffic analysis have become diversified. To this end, traffic characteristics must first be analyzed using vessel trajectory data. However, as the conventional method is mostly manual, it requires a considerable amount of time and effort, and errors may occur during data processing. In addition, ensuring the reliability of the analysis results is difficult, because this method considers the subjective opinion of analysts. Therefore, in this paper, we propose an automated method of traffic network generation for maritime traffic analysis. In the experiment, spatiotemporal features are analyzed using data collected at Mokpo Harbor over six months. The proposed method can automatically generate a traffic network reflecting the traffic characteristics of the experimental area. In addition, it can be applied to a large amount of trajectory data. Finally, as the spatiotemporal characteristics can be analyzed using the traffic network, the proposed method is expected to be used in various maritime traffic analyses.