• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.1
• /
• pp.50-63
• /
• 2017

In the wireless sensor networks, a sensor node has limited resources such as battery or memory. Hence, the routing protocol used in the wireless sensor networks is required efficient use of resources. In this paper, the VAP(Virtual Address Protocol), ensures the shortest transmission path for data transmission between the sink node and sensor node, is proposed. The VAP is assigned each node virtual address and sub address related with its neighboring nodes. The shortest transmission path to the destination node will be choose by comparing to each other address of its neighboring node. The comparison with other existing routing protocol shows that transmission path and usage of memory resource are minimized. Also transmission delay time of data was reduced.

• Electronics and Telecommunications Trends
• /
• v.32 no.6
• /
• pp.73-82
• /
• 2017

Moving Target Defense(MTD) is a novel security technology concept in which the IT infrastructure changes its form actively and prevents various types of cyber attacks. Network address moving technology is the field that has been most actively researched in terms of MTD. A number of studies on network address moving published over the last decade have suggested a virtual address-based network address moving technology for efficiency in the implementation. However, virtual address-based network address moving technology has serious vulnerabilities in terms of security and availability. This paper examines the technological characteristics of the existing studies and analyzes their limitations. It suggests security requirements to be considered when designing the network address moving technology through a technological analysis.

• Proceedings of the KIEE Conference
• /
• 2004.11c
• /
• pp.243-245
• /
• 2004

This paper proposes design and implementation for Seamless Handoff method between adapters in a system environment where both wired and wireless adapters are present First of all, by settingLayer 2 address of wired adapter to Layer 2address of wireless adapter, then generate virtual adapter on the above layer to make these two adapters operate on an IP address. Under the condition, when wired communication via the wired adapter gets disconnected while in service, wireless handoff occurs by mapping information on the wireless adapter to the virtual adapter. According to the method proposed in this paper, continuous session can be obtained even when handoff between wired and wireless adapters occurs at lower level in an application where both IP address and Port address are used to maintain session since If address does not change.

• The Journal of Engineering Research
• /
• v.5 no.1
• /
• pp.45-55
• /
• 2004

NAT (Network Address Translation) is an IP address modification protocol that translates private IP address into authentic Internet address. The main features of NAT are to improve network security and to save IP address. Generally speaking, in order to perform its functionality, NAT uses the address information in the packet header. Certain application protocols, however, use the information in the packet data as well as the information in the packet header to perform end-to-end communication. Therefore, to support these types of application protocols, NAT should be able to perform appropriate translation of protocol information in the packet data. In this thesis, we design and implement a method which translates virtual IP information in the packet date into real IP information by using port proxy server.

• Journal of KIISE
• /
• v.43 no.12
• /
• pp.1404-1411
• /
• 2016

Network virtualization is a technique that abstracts the physical network to provide multiple virtual networks to users. Virtualized network has the advantage to offer flexible services and improve resource utilization. In SDN architecture, network hypervisor serves to virtualize the network through address virtualization, topology virtualization and policy virtualization. Among them, address virtualization refers to the technique that provides an independent address space for each virtual network. Previous work divided the physical address space, and assigned an individual division to each virtual network. Each virtual address is then mapped one-to-one to a physical address. However, this approach requires a lot of flow entries, thus making it disadvantageous. Since SDN switches use TCAM (Ternary Contents Addressable Memory) for the flow table, it is very important to reduce the number of flow entries in the aspect of cost and scalability. In this paper, we propose a LISP based address virtualization, which separates address spaces for the physical and virtual addresses and transmits packet through tunneling, in order to resolve the limitation of the previous studies. By implementing a prototype, we show that the proposed scheme provides better scalability.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.10a
• /
• pp.84-88
• /
• 2001

Security and degradation by broadcast is the most important part that must handle in LAN. Virtual LAN can improve LAN's degradation by method to form and manages network group logically. MAC Address VLAN algorithm that propose in this research give overlap special qualify to VLAN adding extension VID field and VID connection extent table to FDB, manage overlap extent dynamically. VLAN that apply this proposal algorithm can share information and resource in network without additional equipment. Application is possible switch or Bridge that this algorithm achieves Layer 2 functions.

• Journal of the Korea Society for Simulation
• /
• v.27 no.4
• /
• pp.27-45
• /
• 2018

The terrestrial communication network and the underwater acoustic communication network have very different communication characteristics each other in operational environments, communication media, propagation delay, frequency bandwidth, transmission speed, bit error rate, and so on. These different characteristics cause some different address schemes and different maximum transmission units and, as a result, these differences must form certainly obstacles to the intercommunication between a terrestrial communication network and an underwater acoustic communication network. In this paper, we presents a method to use the virtual addresses to resolve the interconnection problem caused by different address schemes between a terrestrial communication network and an underwater acoustic communication network, and, through a mathematical modeling, we analyze the performance on the message transceiving delay time in the underwater environment.

• International Journal of Computer Science & Network Security
• /
• v.22 no.11
• /
• pp.241-247
• /
• 2022

Ad hoc network is self-organized network powered by battery. The reliability of virtual user identification and channel security are reduced when SNR is low due to limited user energy. In order to solve this problem, a joint virtual user identification and channel security en/decoding method is proposed in this paper. Transmitter-receiver-based virtual user identification code is generated by executing XOR operation between orthogonal address code of transmitter and pseudo random address code of receiver and encrypted by channel security code to acquire orthogonal random security sequence so as to improve channel security. In order to spread spectrum as well as improve transmission efficiency, data packet is divided into 6-bit symbols, each symbol is mapped with an orthogonal random security sequence. Subspace-based method is adopted by receiver to process received signal firstly, and then a judgment model is established to identify virtual users according to the previous processing results. Simulation results indicate that the proposed method obtains 1.6dB E_b/N₀ gains compared with reference methods when miss alarm rate reaches 10^-3.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.6
• /
• pp.526-532
• /
• 2004

The insufficiency on IP address cause to develope a new internet protocol, IPv6 that the length of address field is expanded. But there are actually many problems on applying and operating this standard for internet. Though NAT(Network Address Translation) is instead of it, NAT has the characteristics that is not allowed to access from outside. This is a big merit in security but a week point because the access from outside should be allowed when a small organization operate web sever or mail server. Therefore, this paper proposes the expanded NAT which can solve such problems as modifying the table of NAT. Furthermore, the function of existing VPN(Virtual Private Network) will be acceptable partly through such a method that provide the linkage among VPNs.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.12
• /
• pp.5375-5400
• /
• 2016

IOMMU is a hardware unit that is indispensable for DMA. Besides address translation and remapping, it also provides I/O virtual address space isolation among devices and memory access control on DMA transactions. However, currently commodity virtualization platforms lack of IOMMU virtualization, so that the virtual machines are vulnerable to DMA security threats. Previous works focus only on DMA security problem of directly assigned devices. Moreover, these solutions either introduce significant overhead or require modifications on the guest OS to optimize performance, and none can achieve high I/O efficiency and good compatibility with the guest OS simultaneously, which are both necessary for production environments. However, for simulated virtual devices the DMA security problem also exists, and previous works cannot solve this problem. The reason behind that is IOMMU circuits on the host do not work for this kind of devices as DMA operations of which are simulated by memory copy of CPU. Motivated by the above observations, we propose an IOMMU para-virtualization solution called PVIOMMU, which provides general functionalities especially DMA security guarantees for both directly assigned devices and simulated devices. The prototype of PVIOMMU is implemented in Qemu/KVM based on the virtio framework and can be dynamically loaded into guest kernel as a module, As a result, modifying and rebuilding guest kernel are not required. In addition, the device model of Qemu is revised to implement DMA access control by separating the device simulator from the address space of the guest virtual machine. Experimental evaluations on three kinds of network devices including Intel I210 (1Gbps), simulated E1000 (1Gbps) and IB ConnectX-3 (40Gbps) show that, PVIOMMU introduces little overhead on DMA transactions, and in general the network I/O performance is close to that in the native KVM implementation without IOMMU virtualization.