• Review of KIISC
• /
• v.7 no.4
• /
• pp.13-28
• /
• 1997

본 논문에서는 해커의 불법적인 공격으로부터 전산망을 안전하게 보호하기 위하여 Trusted Information System에서 발표한 공개 버전인 TIS Firewall Toolkit의 방화벽 시스템 구조와 구성요소를 분석하였고 그리고 구축방법에 대하여 기술하였다. 또한 툴킷에서 제공하는 관리 지원 도구인 Port scanner, network subnet ping manager, reporting도구 등을 분석하였다. 본 논문에서 기술한 TIS 툴킷을 이용한다면, 상용 방화벽 시스템을 구축하기 전에 , 보다 쉽게 기관의 보안 정책 개발과 전산망 보호 기술을 확보할 수 있다.

• Proceedings of the IEEK Conference
• /
• 1998.10a
• /
• pp.11-14
• /
• 1998

Recently, the users of internet are increasing yearly with the rapid spread of internet. So, the shortage of IPv4 address is important issue to ISP. Many ISP is searching for efficient method to use IP address in ATM Network. Korea Telecom has constructed ATM Network test-bed to verify available technologies necessary for ATM Network. This paper, concerning with the configuration of subscribers in ATM Network test bed, analyze the available usage of IP address.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10c
• /
• pp.346-348
• /
• 2001

최근에 등장한 Gigabit Ethernet은 LAN 에서 MAN 가지 영역을 확장하고 있다. 그리고, 품질 보장 서비스를 위해 RFC 2205에 정의된 RSVP(Resource Reservation Protocol)는 확장성 등의 내부적인 문제로 사용이 적다. 좀더 나은 품질 보장 서비스를 하기 위한 노력 중 하나로 RFC2814 에서는 SBM(Subnet Bandwidth Manager) 이라 하여 RSVP를 IEEE 802형태의 LAN에서 구현하자고 노력하고 있다. 이에 본 논문에서는 기존의 RSVP 의 문제점 중 하나인 killer problem 을 해결하기 위만 Two-pass RSVP 개념을 SBM에서 적용할 방안을 제시하고자 한다.

• Proceedings of the IEEK Conference
• /
• 2000.07b
• /
• pp.665-668
• /
• 2000

In this paper, we are focused on the analysis of Petri nets model using the subnet. Specially, we are proposes a divide-conquer method of Petri nets under the condition of one-boundedness for all the Petri nets. The usefulness of the approach is shown by applying the proposed techniques to a illustration model.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.539-546
• /
• 2008

In this paper, we propose an address autoconfiguration mechanism and a route establishment mechanism appropriate for the modified MANET architecture which overcomes the multi-link subnet problem. For the delivery of Router Advertisement (RA) messages without causing the duplicate packet reception problem in the multi-hop wireless network environment, the Scope-Extended RA (Scope-Extended Router Advertisement) message is defined. Also, by defining the MANET Prefix option, a MANET node is allowed to send packets destined to a host not in the MANET directly to the gateway. This can prevent the performance degradation caused by broadcasting control messages of the reactive routing protocol for route establishment. The performance of the proposed mechanism is analyzed through NS-2 based simulations and, according to the simulation results, it is shown that the proposed mechanism performs well in terms of the control message overhead.

• Journal of KIISE:Information Networking
• /
• v.31 no.1
• /
• pp.27-36
• /
• 2004

Frequent occurrence of binding update messages may incur high overhead in Mobile IP supporting users mobility. Thus, it needs to develop algorithms to deal with the situation. In this paper, we propose new lifetime assignment schemes for dynamic binding update considering the locality property related with mobile node's movement. Each mobile node maintains a profile which is based on log containing useful information about its visiting subnets. That is, it determines dynamic binding update lifetime for currently visiting subnet by computing past mean resident time recorded in the profile. In addition, we note that the resident time depends on the time when each node enters a subnet and thus, we devise another lifetime assignment algorithm. Extensive experiments are made to compare our schemes with existing Mobile IPv6 where major facts for performance comparison are both the number of binding update messages and the number of binding request messages. From the results, we come to know that our schemes obtain highly considerable performance improvements in terms of communication cost by decreasing the number of those messages.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.93-106
• /
• 2011

In this paper we describe an efficient and easy to use internet stopper, which is called AINS (Automatic Internet Stopper), which uses ARP spoofing scheme. Instead of forwarding packets to router for the case of hacking, in ARP spoofing, the AINS ignores all the packets so that internet stopping operates. The AINS program needs to be installed only in manager computer that does not require additional agent program. In addition to setting manually the stopping computer list, it is able to indentify network nodes automatically by analyzing broadcasting packets. The experimental results show that less than 4 secs for spoofing interval is enough for blocking internet usage regardless the number of computers and therefore network overhead is negligible. The AINS can indentify and control network nodes not only on same subnet but also on different subnet only if they are connected onto same ethernet switch physically. It is being used for an efficient tool for controling internet usage of university computer laboratory and also for an efficient network management.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.2 s.34
• /
• pp.187-197
• /
• 2005

All sensors in Ubiquitous sensor network have to communicate with limited battery If we adopt current authentication, there are difficulties to keep sensor network because heavy calculation in each sensor needs more power and lifetime of sensor could be short relatively because of the effect. This paper suggests network structure which is using RM(RegisterManarer) and AM(AuthenticationManager) to solve power Problem on authentication, and su99ests mutual-authentication protocol with low Power which supports a session key by mutual-authentication. RM and AM manage algorithm with fast calculation to keep the safety by doing key generation. encryption/decryption. authentication instead of each sensor node . Processing time to authenticate sensor node is 2.96$\%$ fast in the same subnet, and 12.91$\%$ fast in different subnet. Therefore. the suggested way Provides expanded lifetime of censor node and is more effective as sensor network size is bigger and bigger.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.6B
• /
• pp.420-429
• /
• 2008

Currently, IEEE 802.11 Network could not support optimized tunneling scheme and buffering scheme based on movement detection to reduce multimedia data packet loss when an MN move from current subnet to new subnet during handover. It is because IEEE 802.11 did not transfer information of movement detection to AP. In this paper, we proposed new fast handover scheme by using advanced access point and optimized snoop protocol for network based Proxy Mobile IPv6 in IEEE 802.11 Networks. During handover, the proposed scheme reduces both the multimedia data packet loss rate and the packet reordering problems without changing MN's mobility stack in IEEE 802.11 Networks.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.12 s.354
• /
• pp.89-94
• /
• 2006

In the Mobile IP, the movement of Mobile Host(MH) causes packets to be transmitted through a long route. A Correspond Node(CN) first communicate with a Home Agent(HA) when a Mobile Host moved from one subnet to another subnet. The HH-MIP algorithm reduces an inefficient transmission of packets by regarding a Foreign Agent(FA) near a mobile host as a Temporary Home Agent(THA). However, The algorithm costs the unnecessary signaling by measuring the distance of route between a FA and a THA for handover in the case that a Mobile host comes from a THA which a current FA never communicated. To solve this problem, we propose a scheme called Hierarchical Home Agent Handover in Mobile IP(HHH-MIP) algorithm. Our HHH-MIP algorithm only searches tables in a router by using the hierarchical structure between a FA and a THA. The simulation results show that the HHH-MIP algorithm reduces the additional signaling cost.