• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.5
• /
• pp.447-453
• /
• 2004

In this paper, we propose a new system to block harmful Internet information based on IP spoofing. The proposed system is located on a organization's internal network and monitors all outgoing traffic and lets all this traffic go outside. Once the proposed system detects a host's access to a harmful site, it sends the host a pseudo RST packet that pretends to be the response from the harmful site, and prevents the connection between the host and the harmful site. The proposed software system is installed on only a server, and need not be installed on user hosts at all. Thus we can maintain and upgrade the blocking system easily. The performance evaluation of the proposed system shows that it effectively blocks the access to the harmful sites. Since the proposed system is based on IP spoofing, it can be used badly as a hacking tool. Finally we propose some methods to eliminate this possibility.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.311-316
• /
• 2003

To deploy multicast protocols, fairness to current Internet traffic, particularly TCP, is an important requirement. PGMCC is one of the most promising multicast congestion control proposals but it suffers from degradation of fairness by fixed timeout and uncertain acker selection. In this paper, we suggest addition of an adaptive timeout mechanism and NAK suppression in router using throughput comparison to improve fairness. Our simulation show improved fairness.

• Annual Conference of KIPS
• /
• 2006.05a
• /
• pp.1109-1112
• /
• 2006

DDoS(Distributed Denial-of-Service) 공격은 인터넷 침해가운데 가장 위협적인 공격들 중 하나이며 이러한 공격을 실시간으로 탐지하기 위한 연구는 활발히 이루어져 왔다. 하지만 기존의 탐지 메커니즘이 가지고 있는 높은 오탐지율은 여전히 보완해야할 과제로 남아 있다. 따라서 본 논문에서는 DDoS공격 탐지의 근거로 사용된 기존의 트래픽 볼륨(traffic volume), 엔트로피(entropy), 그리고 카이제곱(chi-square)을 이용한 비정상 행위탐지(Anomaly detection)방식의 침임탐지시스템이 가지는 오탐지율(false alarm rate)을 개선할 수 있는 방안을 제안한다. 또한 공격 탐지 시 프로토콜, TCP 플래그(flag), 그리고 포트 번호를 이용하여 네트워크 관리자에게 보다 자세한 공격 정보를 제공함으로써 효율적으로 공격에 대처할 수 있는 시스템을 설계한다.

• The Journal of the Korea Contents Association
• /
• v.6 no.5
• /
• pp.14-19
• /
• 2006

In this paper, we describe an arrival time guidance system of circular vehicles using GPS, CDMA and TCP/IP technology. The on-board equipment consists of a GPS receiver and a PDA phone. The on-board equipment sends the current position data of the vehicle to the positioning server via CDMA and Internet. The server predicts the arrival time to the next bus-stop. Any user can lookup the current position and the predicted arrival time of the vehicle utilizing his mobile phone, PDA phone, or Web.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.556-558
• /
• 2002

본 연구에서는 인터넷 상 원격진료(Telemedicine)에서 가장 중요한 실시간 데이터공유를 원활히 하기 위해 과도한 지연을 방지할 수 있는 실시간 전송 프로토콜RTP(Real-time Transport Protocol)즉 사용하였다. 또한 자바 애플릿(Applet) 프로그램 구현을 통해 강력한 확장성과 멀티 플랫폼(multi-platform)을 갖으며, JMF를 사용하여 RTP 지원과 멀티미디어 데이터를 보다 쉽고 효율적으로 처리하였다. 이러한 방법을 통해 기존TCP／IP 기반의 응용 프로그램에서 거의 불가능하였던 네트워크 트래픽 제어(Network Traffic control)를 효율적으로 개선하였으며, 영상압축 데이터는 RTP로 전송함으로써 자바가 가지는 확장성을 손상시키지 않으면서 최적화 ,문제를 해결하였다. 또한, 웹 서버 측 데몬(demon)을 제외 한 모든 프로그램을 애플릿으로 구현함으로써 기존의 응용 프로그램 원격진료 시스템 설치 및 제거의 어려움을 없애 누구나 쉽고 빠르게 시스템을 이용할 수 있다. 마지막으로 모든 플랫폼에 걸쳐 15frames／sec 이상의 원활한 데이터 전송과 2초 이내의 지연방지가 가능하도록 개선하였다.

• Proceedings of the IEEK Conference
• /
• 2002.06a
• /
• pp.405-408
• /
• 2002

To support Internet traffic efficiently over ATM \networks, Guaranteed Frame Rate(GFR) has been proposed in tile ATM Forum to ensure minimum rate guarantees to VCs. In this paper, we proposed fuzzy logic based buffer management algorithm that provides MCR guarantee and fair sharing to GFR VCs. A key feature of proposed algorithm is its ability to accept or drop a new incoming packet dynamically based on buffer condition and load rate of VCs. This is achieved by using fuzzy logic controller for the production of a drop factor. Simulation result shows that proposed scheme significantly has improved fairness and TCP throughput compared with previous schemes.

• Annual Conference of KIPS
• /
• 2004.05a
• /
• pp.1417-1420
• /
• 2004

The combination of Fast-Handoff and Hierarchical Mobile IPv6 (F-HMIPv6) allows the anticipation of the layer3 handoff such that data traffic can be efficiently redirected to the mobile node's new location before it moves there. However, after moving to the new Access Router (NAR), if the mobile node (MN) sends the Local Binding Update (LBU) to the Mobility Anchor Point (MAP) before receiving all of the buffered packet from the NAR, the MN may receive the general packet from the MAP. That is, the MN may simultaneously receive two types of packet which has different sequence number. These cause the confusion in packet order, and the MN sends the dup ack for the packet retransmission to the CN. It results in the degradation of the TCP performance. Therefore, we propose the scheme for minimizing the out-of-sequence packet in F-HMIPv6.

• The Transactions of the Korea Information Processing Society
• /
• v.2 no.6
• /
• pp.879-890
• /
• 1995

This paper proposes the shuttle protocol that can gather management information from managed systems in an efficient way. In this paper, we implement the protocol and evaluate the performance by simulation. The major feature of the shuttle protocol is a chained logical connection through managed systems, and management informations to be collected are circulated among specified managed systems in circular order on a logical ring connection. The data generated by an managed system are relayed to a neighbor managed system and the system sends its data which has additional management information to received data. Finally, a manager stationman get all of data generated by every managed system. we will show the analysis of management traffic patterns using conventional polling schemes and the shuttle protocol implementation viable to TCP/IP network and improving existing polling mechansims. Additionally, it is performed to evaluate the packet processing time and its distribution of a manager system and a gateway, and the queue length of packet and bit length of gateway against conventional polling schemes by simulation using OPNRT, a simulation-dedicated package.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.4
• /
• pp.720-740
• /
• 2011

Wi-Fi-enabled portable devices have recently been introduced into the consumer electronics market. These devices download or upload content, from or to a host machine, such as a personal computer, a laptop, a home gateway, or a media server. This paper investigates the fairness among multiple Wi-Fi-enabled portable devices in a home network when they are simultaneously communicated with the host machine. First, we present that, a simple IEEE 802.11-based home network suffers from unfairness, and the fairness is exaggerated by the wireless link errors. This unfairness is due to the asymmetric response of the TCP to data-packet loss and to acknowledgment-packet loss, and the wireless link errors that occur in the proximity of any node; the errors affect other wireless devices through the interaction at the interface queue of the home gateway. We propose a QoS-provisioning framework in order to achieve per-device fairness and service differentiation. For this purpose, we introduce the medium access price, which denotes an aggregate value of network-wide traffic load, per-device link usage, and per-device link error rate. We implemented the proposed framework in the ns-2 simulator, and carried out a simulation study to evaluate its performance with respect to fairness, service differentiation, loss and delay. The simulation results indicate that the proposed method enforces the per-device fairness, regardless of the number of devices present and regardless of the level of wireless link errors; furthermore it achieves high link utilization with only a small amount of frame losses.

• Journal of Advanced Navigation Technology
• /
• v.18 no.5
• /
• pp.461-467
• /
• 2014

Active queue management (AQM) algorithms run on routers and detect incipient congestion by typically monitoring the instantaneous or average queue size. When the average queue size exceeds a certain threshold, AQM algorithms infer congestion on the link and notify the end systems to back off by proactively dropping some of the packets arriving at a router or marking the packets to reduce transmission rate at the sender. Among the existing AQM algorithms, random early detection (RED) is well known as the representative queue-based management scheme by randomizing packet dropping. To reduce the number of timeouts in TCP and queuing delay, maintain high link utilization, and remove bursty traffic biases, the RED considers an average queue size as a degree of congestions. However, RED do not well in the specified networks conditions due to the fixed parameters($P_{max}$ and $TH_{min}$) of RED. This paper addresses a extended RED to be adapted in various networks conditions. By sensing network state, $P_{max}$ and $TH_{min}$ can be automatically changed to proper value and then RED do well in various networks conditions.