• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.11
• /
• pp.5479-5486
• /
• 2012

In this paper, we have measured PRR, RSSI and LQI of ZigBee channels under Wi-Fi environment and have assessed channel characteristic and link quality. To confirm any relationship among RSSI, LQI values and PRR under Wi-Fi interference in overlapping and non-overlapping channels of Wi-Fi and ZigBee, the experiments were performed without Wi-Fi, with Wi-Fi and file download through Wi-Fi. Under Wi-Fi interference, We perfomed experiments to ensure channel characteristics and link quality by fixing Wi-Fi and ZigBee receiver and varying the distance between ZigBee receiver and transmitter. ZigBee transmitter sends packet of 256 bits every second to ZigBee receiver. PRR was measured from ZigBee with variance of distance between fixed Wi-Fi and ZigBee. RSSI, LQI, PRR were measured from ZigBee with fixed Wi-Fi, fixed ZigBee receiver and variance of distance of ZigBee transmitter. As a result, we confirmed decrease of PRR under Wi-Fi interference but RSSI, LQI values similar regardless of overlapped or non-overlapped channel and Wi-Fi interference. Therefore, PRR should be used for interference detection in ZigBee communication under Wi-Fi environment but RSSI and LQI are not appreciate.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.5
• /
• pp.127-134
• /
• 2014

In DRDoS(Distributed Reflective Denial of Service) attacks, the victim is bombarded by packets from legitimate reflector unlike DDoS(Distributed Denial of Service) attacks through zombie, which is more dangerous than DDoS attack because it is in stronger disguise. Therefore, the method of filtering packet method on router are useless. Moreover SCTP(Stream Control Transmission Protocol) multi-homing feature, such as with an improved transmission protocol allows detecting attacks is more difficult and the effect of the attack can be maximized. In this paper we propose a DRDoS detection mechanism based on DRDoS utilizing attention to the characteristics of stateful protocols. The proposed scheme is backed by stateful firewall, and detect DRDoS attacks through a rules table and perform a defense treatment against DRDoS attack. Rules table with a simple structure is possible to easily adapt for any kind of stateful protocol can used by DRDoS attack. The experimental result confirm that our proposed scheme well detect DRDoS attacks using SCTP, the next-generation transmission protocol which not known by victim, and reduce the attacking packets rapidly.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.513-522
• /
• 2002

Current end-to-end congestion control depends only on the information of end points (using three duplicate ACK packets) and generally responds slowly to the network congestion. This mechanism can't avoid TCP global synchronization which TCP congestion window size is fluctuated during congestion occurred and if RTT (Round Trip Time) is increased, three duplicate ACK packets is not a correct congestion signal because congestion maybe already disappeared and the host may send more packets until receive the three duplicate ACK packets. Recently there is increasing interest in solving end-to-end congestion control using active network frameworks to improve the performance of TCP protocols. ACC (Active congestion control) is a variation of TCP-based congestion control with queue management In addition traffic modifications nay begin at the congested router (active router) so that ACC will respond more quickly to congestion than TCP variants. The advantage of this method is that the host uses the information provided by the active routers as well as the end points in order to relieve congestion and improve throughput. In this paper, we model enhanced ACC, provide its algorithm which control the congestion by using information in core networks and communications between active routers, and finally demonstrate enhanced performance by simulation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.666-677
• /
• 2015

The importance of application traffic analysis for efficient network management has been emphasized continuously. Snort is a popular traffic analysis system which detects traffic matched to pre-defined signatures and perform various actions based on the rules. However, it is very difficult to get highly accurate signatures to meet various analysis purpose because it is very tedious and time-consuming work to search the entire traffic data manually or semi-automatically. In this paper, we propose a novel method to generate signatures in a fully automatic manner in the form of sort rule from raw packet data captured from network link or end-host. We use a sequence pattern algorithm to generate common substring satisfying the minimum support from traffic flow data. Also, we extract the location and header information of the signature which are the components of snort content rule. When we analyzed the proposed method to several application traffic data, the generated rule could detect more than 97 percentage of the traffic data.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.93-103
• /
• 2006

Network solutions for protecting against worm attacks that complement partial end system patch deployment is a pressing problem. In the content-based worm filtering, the challenges focus on the detection accuracy and its performance enhancement problem. We present a worm filter architecture using the bloom filter for deployment at high-speed transit points on the Internet, including firewalls and gateways. Content-based packet filtering at multi-gigabit line rates, in general, is a challenging problem due to the signature explosion problem that curtails performance. We show that for worm malware, in particular, buffer overflow worms which comprise a large segment of recent outbreaks, scalable -- accurate, cut-through, and extensible -- filtering performance is feasible. We demonstrate the efficacy of the design by implementing it on an Intel IXP network processor platform with gigabit interfaces. We benchmark the worm filter network appliance on a suite of current/past worms, showing multi-gigabit line speed filtering prowess with minimal footprint on end-to-end network performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.7
• /
• pp.1951-1975
• /
• 2023

Recent advances in Cognitive Radio Networks (CRN) have elevated them to the status of a critical instrument for overcoming spectrum limits and achieving severe future wireless communication requirements. Collaborative spectrum sensing is presented for efficient channel selection because spectrum sensing is an essential part of CRNs. This study presents an innovative cooperative spectrum sensing (CSS) model that is built on the Firefly Algorithm (FA), as well as machine learning artificial neural networks (ANN). This system makes use of user grouping strategies to improve detection performance dramatically while lowering collaboration costs. Cooperative sensing wasn't used until after cognitive radio users had been correctly identified using energy data samples and an ANN model. Cooperative sensing strategies produce a user base that is either secure, requires less effort, or is faultless. The suggested method's purpose is to choose the best transmission channel. Clustering is utilized by the suggested ANN-FA model to reduce spectrum sensing inaccuracy. The transmission channel that has the highest weight is chosen by employing the method that has been provided for computing channel weight. The proposed ANN-FA model computes channel weight based on three sets of input parameters: PU utilization, CR count, and channel capacity. Using an improved evolutionary algorithm, the key principles of the ANN-FA scheme are optimized to boost the overall efficiency of the CRN channel selection technique. This study proposes the Artificial Neural Network with Firefly Algorithm (ANN-FA) for cognitive radio networks to overcome the obstacles. This proposed work focuses primarily on sensing the optimal secondary user channel and reducing the spectrum handoff delay in wireless networks. Several benchmark functions are utilized We analyze the efficacy of this innovative strategy by evaluating its performance. The performance of ANN-FA is 22.72 percent more robust and effective than that of the other metaheuristic algorithm, according to experimental findings. The proposed ANN-FA model is simulated using the NS2 simulator, The results are evaluated in terms of average interference ratio, spectrum opportunity utilization, three metrics are measured: packet delivery ratio (PDR), end-to-end delay, and end-to-average throughput for a variety of different CRs found in the network.