• Journal of Korea Multimedia Society
• /
• v.14 no.12
• /
• pp.1572-1582
• /
• 2011

The rapid growth of UnderWater Acoustic Sensor Networks (UW-ASNs) has led researchers to enhance underwater MAC protocols against limitations existing in underwater environment. We propose the customized robust real-time packet inspection mechanism with addressing the problem of the search for the data packet loss and network performance quality analysis in UW-ASNs, and describe our experiences using this approach. The goal of this work is to provide a framework to assess the network real-time performance quality. We propose a customized and adaptive mechanism to detect, monitor and analyze the data packets according to the MAC protocol standards in UW-ASNs. The packet analyzing method and software we propose is easy to implement, maintain, update and enhance. We take input stream as real data packets from sniffer node in capture mode and perform fully analysis. We were interested in developing software and hardware designed tool with the same capabilities which almost all terrestrial network packet sniffers have. Experimental results confirm that the best way to achieve maximum performance requires the most adaptive algorithm. In this paper, we present and offer the proposed packet analyzer, which can be effectively used for implementing underwater MAC protocols.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.12
• /
• pp.2857-2863
• /
• 2014

IR-UWB has been developed as a standard of indoor ranging technology, because it has robust and good transmission characteristics in indoor environments and it can be operated with low power. In this paper, a IR-UWB packet analyzer is designed and implemented based on IEEE 802.15.4a, which is useful in developing IR-UWB real time location system with resolution of a few ten centimeters. A sniffer device of the packet analyzer monitors IR-UWB wireless networks, captures MAC packet frames, and transmits packet frames to the packet analyzing computer. The packet analyzing program in a computer analyzes received MAC packet frames and displays parsed packet information for developing engineers. Developed packet analyzer is used to analyze IEEE 802.15.4a MAC protocol, and also it can be used in other IEEE 802 series MAC protocol by modifying some functions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.10a
• /
• pp.177-180
• /
• 2015

As network technology advances hacking techniques are also evolving. This paper proposes design of a packet analyzer to monitor and analyze data packets in networks. The proposed packet analyzer offers functions such as packet sniffing, filtering and statistics. We implemented a prototype packet analyzer in C# .NET development environment using SharPcap.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.

• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.6
• /
• pp.484-498
• /
• 2004

In this paper. we propose a novel performance monitoring scheme for heterogeneous SOAP nodes. The scheme is basically based on two-level (kernel-level and user-level) packet filtering of TCP flows. By TCP flow, we mean a sequence of raw packet streams on a TCP transaction. In this scheme, we detect and extract SOAP operations embedded in SOAP messages from TCP flows. Therefore, it becomes possible to monitor heterogeneous SOAP nodes deployed on diverse SOAP-based middlewares such as .Net and Apache AXIS. We present two implementation mechanisms for the proposed scheme. The first mechanism tries to identify SOAP operations by analyzing all fragmented SOAP messages on TCP flows. However, a naive policy would incur untolerable overhead since it needs to copy all packets from kernel to user space. The second mechanism overcomes this problem by selectively copying packets from kernel to user space. For selective copying, we use a kernel-level packet filtering method that makes use of some representative TCP flags.(e.g. SIN, FIN and PSH). In this mechanism, we can detect SOAP operations only from the last fragment of SOAP messages in most cases. Finally, we implement a SOAP monitoring system using a component ca]led SOAP Sniffer that realizes our proposed scheme, and show experimental results. We strongly believe that our system will play a vital role as a tool for various services such as transaction monitoring and load balancing among heterogeneous SOAP nodes.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2097-2100
• /
• 2003

Many studies have been done on secure operating system using secure kernel that has various access control policies for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policies like DAC(Discretionary Access Control), MAC(Mandatory Access Control), RBAC(Role Based Access Control), and so on. But, even if secure operating system is running under various access control policies, network traffic among these secure operating systems can be captured and exposed easily by network monitoring tools like packet sniffer if there is no protection policy for network traffic among secure operating systems. For this reason, protection for data within network traffic is as important as protection for data within local system. In this paper, we propose a secure operating system trusted channel, SOSTC, as a prototype of a simple secure network protocol that can protect network traffic among secure operating systems and can transfer security information of the subject. It is significant that SOSTC can be used to extend a security range of secure operating system to the network environment.

• The KIPS Transactions:PartC
• /
• v.9C no.3
• /
• pp.367-374
• /
• 2002

IPsec offers not odd Internet security service such as Internet secure communication and authentication but also the safe key exchange and anti-replay attack mechanism. Recently IPsec is implemented on the various operating systems. But there is no existing tool that checks the servers, which provide IPsec services, work properly and provide their network security services well. In this paper, we design and implement the rule based security evaluation system for IPsec engine. This system operated on Windows and UNX platform. We developed the system using Java and C language.

• The KIPS Transactions:PartC
• /
• v.13C no.4 s.107
• /
• pp.471-480
• /
• 2006

Recently, multimedia communication services, such as video conferencing and voice over IP, have been rapidly spread. H.323 is an international standard that specifies the components, protocols and procedures that provide multimedia communication services of real-time audio, video, and data communications over packet networks, including IP based networks. H.323 is applied to many commercial services because it supports various network environments and has a good performance. But communication services based on H.323 may have some problem because of current network trouble or mis-implementation of H.323. The understanding of this problem is a critical issue because it improves the quality of service and is easy to service maintenance. In this paper, we implement the analysis system for H.323 protocol wihch includes H.245, H.225.0, RTP, RTCP, and so on. Tills system is able to capture, parse, and present the H.323 protocol in real-time. Through the operation test and performance evaluation, we prove that our system is a useful to analyze and understand the problems for communication services based on H.323.