• Journal of KIISE:Information Networking
• /
• v.33 no.6
• /
• pp.407-419
• /
• 2006

As substituting IPv6 network for all IPv4 network in a short time seems unattainable due to high cost and technical limitation, IPv4 and IPv6 are expected to coexist for a certain period of time. Under the co]existing environment of IPv4 and IPv6, interworking brings a number of extra security considerations even if it may have no security problem for each protocol respectively. Thus, the analysis and solutions for those various attacks toward IPv4/IPv6 interworking-related security are inevitably required for the sake of effective transition and settlement to IPv6. In this paper we carried out a proper rule of packet filtering for IPv6-in-IPv4 tunneling interworking environment to protect the IPv4/IPv6 interworking-related security attacks. Design and implementation of the packet filtering system suitable for IPv4/IPv6 tunneling environment in the form of Linux netfilter and ip6tables are also shown. Thru this study, the packet filtering system was found operating correctly ill the tunneling mechanism.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.5A
• /
• pp.517-525
• /
• 2006

In this paper, we present a high-speed RFID data filtering engine designed to carry out filtering under the conditions of massive data and massive filters. We discovered that the high-speed RFID data filtering technique is very similar to the high-speed packet classification technique which is used in high-speed routers and firewall systems. Actually, our filtering engine is designed based on existing packet classification algorithms, Bit Parallelism and Aggregated Bit Vector(ABV). In addition, we also discovered that there are strong temporal relations and redundancy in the RFID data filtering operations. We incorporated two kinds of caches, tag and filter caches, to make use of this characteristic to improve the efficiency of the filtering engine. The performance of the proposed engine has been examined by implementing a prototype system and testing it. Compared to the basic sequential filter comparison approach, our engine shows much better performance, and it gets better as the number of filters increases.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.434-437
• /
• 2010

NIPS(Network Intrusion Prevention System) is in line at the end of the external and internal networks which performed two kinds of action: Signature-based filtering and anomaly detection and prevention-based on self-learning. Among them, a signature-based filtering is well known to defend against attacks. By using signature-based filtering, intrusion prevention system passing a payload of packets is compared with attack patterns which are signature. If match, the packet is discard. However, when there is packet delay, it will increase the required pattern matching time as the number of signature is increasing whenever there is delay occur. Therefore, to ensure the performance of IPS, we needed more efficient pattern matching algorithm for high-performance ISP. To improve the performance of pattern matching the most important part is to reduce the number of comparisons signature rules and the packet whenever the packets arrive. In this paper, we propose an improve signature hashing-based pattern matching method. We use tuple pruning algorithm with Bloom filters, which effectively remove unnecessary tuples. Unlike other existing signature hashing-based IPS, our proposed method to improve the performance of IPS.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11b
• /
• pp.1077-1080
• /
• 2003

본 연구는 룰들의 각 필드들을 index하여 곱한 cross-product 테이블을 이용한 packet classification 알고리즘에 대해 연구하고 그 것의 성능을 평가하고 분석한다. 현재 Packet Classification은 Packet Filtering, Policy Routing, Accounting & Billing, Traffic Rate Limiting, Traffic Shaping, 등등의 서비스를 위한 가장 핵심적인 작업이다. 그러나 이들을 빠르게 서비스하는 알고리즘은 아직 존재하지 않는다. 단지 하드웨어 TCAM 을 이용해서 작은 룰들에 대한 처리만이 어느 정도 가능한 실정이다. 이에 본 연구는 소프트웨어를 이용한 cross-product 알고리즘의 효용성을 가늠하고자 연구하고 이를 실제 구현해 평가하고자 한다.

• Proceedings of the KIEE Conference
• /
• 2002.11c
• /
• pp.23-26
• /
• 2002

In this paper, we modelize several scheduling algorithms for real-time packet filtering tasks based on the multi-threaded multi-processor architecture for the network security system like the firewall and compare the performance of the algorithms by implementing the algorithms and doing a number of empirical tasks. As the matrices of the performance we use the idle factor and the packet transfer rate. We get the idle factors and the packet transfer rates according to the transfers of the packet sizes from 64 bytes to 1500 bytes.

• The Journal of Society for e-Business Studies
• /
• v.7 no.3
• /
• pp.203-218
• /
• 2002

According as development of networks and increasing on Internet service, For the performance increase of K4 Firewall require that hardware be installed of 2 CPU or 4 CPU instead of 1 CPU. Output of performance test among 1CPU, 2CPU, and 4CPU of K4 Firewall system has not any efficient about increasing multiple CPUs. K4 Firewall put performance on setting on demon of packet filtering rules and Network Address Translate and Authentication and Proxy services. Performance results that setting after security rules are less 2％ Packet Filtering, 8％-11％ NAT, 18％-20％ Proxy and Authentication services than setting before security rules on K4 Firewall System. NAT and Proxy service have decrease of performance. This performance result comes in useful for research and development on K4 Firewall System.

• Journal of the Korea Computer Industry Society
• /
• v.6 no.5
• /
• pp.775-782
• /
• 2005

The service of wireless network has problems due to low bandwidth, frequent disconnection, low packet transport and user' mobility. In this paper, we proposed the cooperative methods of update to perform efficiently wireless network services. The proposed method performs the updates by cooperative filtering and streaming by $mbuffer_{in}$ and $mbuffer_{out}$. The simulation results show performance improvement of the proposed method compared to others.

• Convergence Security Journal
• /
• v.9 no.2
• /
• pp.41-48
• /
• 2009

Distributed denial of service attack detection for more development and research is underway. The method of using statistical techniques, the normal packets and abnormal packets to identify efficient. In this paper several statistical techniques, using a mix of various offers a way to detect the attack. To verify the effectiveness of the proposed technique, it set packet filtering on router and the proposed DDoS attacks detection method on a Linux router. In result, the proposed technique was detect various attacks and provide normal service mostly.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1993-1996
• /
• 2003

본 논문에서는 고속 네트워킹 환경을 위한 패킷 필터링 시스템 설계 기법을 제안한다. 제안하는 기법은 기존 리눅스 운영체제에서 동작하는 패킷 필터링 구조의 단점을 개선하기 위하여, 패킷 필터링 규칙 저장 시 특정 커널 메모리 영역을 할당하여 패킷 검사와 관련된 모든 규칙을 취합하여 저장하고, 패킷 검사 시에 할당된 메모리 영역에서 규칙을 한꺼번에 접근하여 검사하는 방법이다. 또한 규칙의 크기를 고정화하여 규칙 검색 시 규칙 저장 위치를 간단하게 계산할 수 있도록 하였다. 이로 인해 기존의 테이블 구조에서 지니고 있던 다단계 테이블 검색으로 인한 메모리 참조 시간을 줄이고, 가변 규칙으로 인한 계산의 번거로움을 해소할 수 있다. 이를 통하여 고속 네트워크 노드 환경에서의 패킷 필터링 기능을 효율적으로 지원할 수 있다.

• Journal of Service Research and Studies
• /
• v.5 no.1
• /
• pp.57-70
• /
• 2015

This paper develop curnel based high speed packet filtering imbedded gateway and firewall using cloud database. This study develop equipment include of predict function through bigdata analysis using cloud system. This equipment include intrusion prevention for network attack, and include system security function of L7 switch based contents. This study can improve security level of little company and general family. This study can pioneer a new market. This study can develop high perfomance switch and replacement of existing security equipment. This study proposed new next generation algorithm for constuction of high performance system from low specifications.