• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.45-50
• /
• 2003

Guaranteed Frame Rate (GFR) service category is one of the most recent ATM service categories. The GFR specification was recently finalized by the ATM Forum and is expected to become an important service category which can efficiently support TCP/IP traffic in ATM network. In GFR switch implementation, it is important to guarantee MCR (minimum cell rate) and improve fairness. In this paper, we propose a new scheduling algorithm for the GFR service. Proposed algorithm provides priority to VC (virtual circuit)s and high Priority given to a VC which has fewer untagged cells in buffer. High priority VCs are serviced before low priority VCs. Proposed algorithm can guarantee MCR and improve fair sharing of the remaining bandwidth between GFR VCs. From computer simulation results, we demonstrate the proposed scheduling algorithm provide much better performance in TCP goodput and fairness than previous schemes.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11S
• /
• pp.3269-3277
• /
• 1999

To promote the inclusion of end-to-end congestion control in the design of future protocols using best-effort traffic, we propose a router mechanism, Extended FRED(ex-FRED). In this paper, we catagorize the TCP controlled traffics into robust and fragile traffic and discuss several unfairness conditions between them caused by the diverse applications. For example, fragile traffic from bursty application cannot use its fair share due to their slow adaptation. Ex-FRED modifies the FRED(Fair Random Early Drop), which can show wrong information due to the narrow view of actual buffer. Therefore, Ex-FRED uses per-flow accounting in larger virtual buffer to impose an each flow a loss rate that depends on the virtual buffer use of a flow. The simulation results show that Ex-FRED uses fair share and has good throughput.

• Journal of information and communication convergence engineering
• /
• v.6 no.1
• /
• pp.19-23
• /
• 2008

The AQM (Active Queue Management) starts dropping packets earlier to notify traffic sources about the incipient stage of congestion. The AQM improves fairness between response flow (like TCP) and non-response flow (like UDP), and it can provide high throughput and link efficiency. In this paper, we suggest the QVARED (Queue Variation Adaptive RED) algorithm to respond to bursty traffic more actively. It is possible to provide more smoothness of average queue length and the maximum packet drop probability compared to RED and ARED (Adaptive RED). Therefore, it is highly adaptable to new congestion condition. Our simulation results show that the drop rate of QVARED is decreased by 80% and 40% compare to those of RED and ARED, respectively. This results in shorter end-to-end delay by decreasing the number of retransmitted packets. Also, the QVARED reduces a bias effect over 18% than that of drop-tail method; therefore packets are transmitted stably in the bursty traffic condition.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.652-657
• /
• 2004

As the real-time multimedia applications through Internet increase, the bandwidth available to TCP connections is oppressed by the UDP traffic, result in the performance of overall system is extremely deteriorated. Therefore, developing a new transmission protocol is necessary. The TCP-friendly algorithm is an example meeting this necessity. The TCP-friendly (TFRC) is an UDP-based protocol that controls the transmission rate based on the available round transmission time (RTT) and the packet loss rate (PLR). In the data transmission processing, transmission rate is determined based on the conditions of the previous transmission period. If the one-step ahead predicted values of the control factors are available, the performance will be improved significantly. This paper proposes a prediction model of transmission rate control factors that will be used for the transmission rate control, which improves the performance of the networks. The model developed through this research is predicting one-step ahead variables of RTT and PLR. A multiplayer perceptron neural network is used as the prediction model and Levenberg-Marquardt algorithm is used for the training. The values of RTT and PLR were collected using TFRC protocol in the real system. The obtained prediction model is validated using new data set and the results show that the obtained model predicts the factors accurately.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.5C
• /
• pp.435-444
• /
• 2002

In this paper, a novel packet scheduling algorithm, so-called the CSL algorithm is discussed, whereby the firewall property as well as the deterministic delay bound guarantee are supported in session level. Lots of simulation studies validate those properties of the CSL algorithm. The CSL algorithm is distingushable from the well- known EDD scheme in terms of the firewall property. Regarding the implementation complexity, the CSL algorithm turns out to be of 0(1) besides the sorting overhead. Owing to the maintained generic fair queueing structure in the CSL algorithm, a various fair queueing schemes can be applied with minor modification. For the TCP/IP network which is vulnerable to the misbehaving traffic sources, the firewall property of the CSL algorithm is quite useful for the advanced quality of services.

• Journal of Institute of Control, Robotics and Systems
• /
• v.11 no.4
• /
• pp.385-391
• /
• 2005

As the Internet real-time multimedia applications increases, the bandwidth available to TCP connections is oppressed by the UDP traffic, result in the performance of overall system is extremely deteriorated. Therefore, developing a new transmission protocol is necessary. The TCP-friendly algorithm is an example satisfying this necessity. The TCP-Friendly Rate Control (TFRC) is an UDP-based protocol that controls the transmission rate that is based on the available round trip time (RTT) and the packet loss rate (PLR). In the data transmission processing, transmission rate is determined based on the conditions of the previous transmission period. If the one-step ahead predicted values of the control factors are available, the performance will be improved significantly. This paper proposes a prediction model of transmission rate control factors that will be used in the transmission rate control, which improves the performance of the networks. The model developed through this research is predicting one-step ahead variables of RTT and PLR. A multiplayer perceptron neural network is used as the prediction model and Levenberg-Marquardt algorithm is used for the training. The values of RTT and PLR were collected using TFRC protocol in the real system. The obtained prediction model is validated using new data set and the results show that the obtained model predicts the factors accurately.

• Journal of Convergence Society for SMB
• /
• v.5 no.4
• /
• pp.5-10
• /
• 2015

With the advance of ICT, understanding the condition of network and analysing network monitoring have become an important issue. On the TCP/IP network, SNMP is the typical protocol that catches the condition of network by using polling method. If polling method is implemented for a long period, to catch the change of the condition of the network is not easy. On the other hand, in case of short-term polling, even if it could catch the condition of the network in real time, responsive messages to results of the polling cause the increase of traffic and therefore burden the network. There have been studies to control the overhead of responsive messages by controlling the polling period. However, not considering the characteristics of an agent, and running randomly, they cannot decrease the overhead although they would have an instant effect. This paper suggests an efficient polling method that decreases the traffic overhead of polling and catches the condition of the network in real time. Proposed method an polling for a short period and gave weight based on the characteristics of agents to catch the network condition, and a manager decided polling differentially based on the weight so that it decreased the overhead of polling traffic.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.15-28
• /
• 2009

This paper proposes HWbF(Hit and WLC based Firewall) design which consists of an PFS(Packet Filter Station) and APS(Application Proxy Station). PFS is designed to reduce bottleneck and to prevent the transmission delay of them by distributing packets with PLB(Packet Load Balancing) module, and APS is designed to manage a proxy cash server by using PCSLB(Proxy Cash Server Load Balancing) module and to detect a DoS attack with packet traffic quantity. Therefore, the proposed HWbF in this paper prevents packet transmission delay that was a drawback in an existing Firewall, diminishes bottleneck, and then increases the processing speed of the packet. Also, as HWbF reduce the 50% and 25% of the respective DoS attack error detection rate(TCP) about average value and the fixed critical value to 38% and 17%. with the proposed expression by manipulating the critical value according to the packet traffic quantity, it not only improve the detection of DoS attack traffic but also diminishes the overload of a proxy cash server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.809-817
• /
• 2012

One of the OSI 7 Layer DDoS Attack, HTTP POST DDoS can deny legitimate service by web server resource depletion. This Attack can be executed with less network traffic and legitimate TCP connections. Therefore, It is difficult to distinguish DDoS traffic from legitimate users. In this paper, I propose an anomaly HTTP POST traffic detection algorithm and http each page Content-Length field size limit with defense method for HTTP POST DDoS attack. Proposed method showed the result of detection and countermeasure without false negative and positive to use the r-u-dead-yet of HTTP POST DDoS attack tool and the self-developed attack tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.39-52
• /
• 2011

An application-layer attack can effectively achieve its objective with a small amount of traffic, and detection is difficult because the traffic type is very similar to that of legitimate users. We have discovered a unique characteristic that is produced by a difference in client intention: Both a legitimate user and DDoS attacker establish a session through a 3-way handshake over the TCP/IP layer. After a connection is established, they request at least one HTTP service by a Get request packet. The legitimate HTTP user waits for the server's response. However, an attacker tries to terminate the existing session right after the Get request. These different actions can be interpreted as a difference in client intention. In this paper, we propose a detection algorithm for application layer DDoS attacks based on this difference. The proposed algorithm was simulated using traffic dump files that were taken from normal user networks and Botnet-based attack tools. The test results showed that the algorithm can detect an HTTP-Get flooding attack with almost zero false alarms.