• The Transactions of the Korea Information Processing Society
• /
• v.5 no.4
• /
• pp.984-994
• /
• 1998

In the information society, all the information is transferred through the network, so it becomes an issue to protect the data on network. One of the fundamental cryptographic tools to protect the data on network, is digital signatures, and in many countries, cryptographers have been trying to make their own digital signature standard. Also, at Crypto'89 meeting, D.Chaum suggested an undeniable signature scheme. Undeniable signatures are verified via a protocol between the signer and the verifier, so the cooperation of the signer is necessary, So far, there have been several variants of undeniable signatures to obtain a signature scheme, which can control the abuse of ordinary digital signatures.

• Journal of Korea Multimedia Society
• /
• v.14 no.12
• /
• pp.1572-1582
• /
• 2011

The rapid growth of UnderWater Acoustic Sensor Networks (UW-ASNs) has led researchers to enhance underwater MAC protocols against limitations existing in underwater environment. We propose the customized robust real-time packet inspection mechanism with addressing the problem of the search for the data packet loss and network performance quality analysis in UW-ASNs, and describe our experiences using this approach. The goal of this work is to provide a framework to assess the network real-time performance quality. We propose a customized and adaptive mechanism to detect, monitor and analyze the data packets according to the MAC protocol standards in UW-ASNs. The packet analyzing method and software we propose is easy to implement, maintain, update and enhance. We take input stream as real data packets from sniffer node in capture mode and perform fully analysis. We were interested in developing software and hardware designed tool with the same capabilities which almost all terrestrial network packet sniffers have. Experimental results confirm that the best way to achieve maximum performance requires the most adaptive algorithm. In this paper, we present and offer the proposed packet analyzer, which can be effectively used for implementing underwater MAC protocols.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.1
• /
• pp.49-56
• /
• 2004

With the growing usage of the networks, the users in the Internet uses some kinds of web server. They confused that each web server uses the different user ID and passwords. To solve these problems, SSO (Single Sign-On) solution is introduced. We presents the modeling methods which are efficiently constructed the network management models. We constructed the intrusion detection systems and firewalls using the SSO. This architecture is efficient to manage the network usage and control. SSO solution designed on the small scale Intranet. CA server in the 550 that depends on PKI (Public Key Infrastructure) is used to issue the certificates. SHTTP based on SSL (Secure Socket Layer) is used to protect the data between certificate server and the intranet users.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7B
• /
• pp.650-659
• /
• 2004

Domestic wireless network environment is changing rapidly while adapting to meet service requirements of users and growth of market. As a result, reliable data transmission using TCP is also expected to increase. Since TCP assumes that it is used in wired networt TCP suffers significant performance degradation over wireless network where packet losses are not always result of network congestion. Especially RTO imposes a great performance degradation of TCP. In this paper, we propose DAC$^{＋}$ and EFR in order to prevent performance degradation by quickly detecting and recovering loss without RTO during fast recovery. Compared with TCP NewReno, proposed scheme shows improvements in steady-state in terms of higher fast recovery Probability and reduced response time.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.895-904
• /
• 2004

Due to the frequent and unpredictable topology changes, multicast still remains as challenge and no one-size-fits-all protocol could serve all kinds of needs in mobile ad hoc network. In this paper, we propose a novel scheme of Hierarchical Eulerian Ring Oriented Multicast Architecture (HEROMA) over mobile ad hoc network. It has features that concentrate on efficiency and robustness simultaneously. It is also an application-driven proposal for hazard detection. Architectures including Eulerian ring, hierarchy and multicast agent are investigated in detail Simulation results different level of improvements on control traffic, end-to-end delay and packet delivery ratio by comparing with tree-based and mesh-based multicast protocols.

• The KIPS Transactions:PartC
• /
• v.11C no.1
• /
• pp.115-122
• /
• 2004

Diff-Serv is a mechanism by which network service providers can offer differing levels of network service to different traffic, in so providing quality of service (QoS) to their customers. Because this mechanism has been deployed just for fixed hosts with the Token Bucket mechanism, DiffServ have been suggested can not satisfy the mobility service or the differential serrlce for Individual traffics. In this paper, we suggest WFQ mechanism for traffic conditioner and scheduling method for monitoring the AggF(Aggregate Flow) which will be controlled in edge nodes and border routers. So it will control traffic rate dynamically and suggest efficient usability of bandwidth.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.8
• /
• pp.1404-1422
• /
• 2011

In this paper, a new clear channel assessment (CCA) method: cascaded-CCA, is proposed. The primary motivation for the proposed approach is to integrate the respective advantages of two standard CCA mechanisms, energy detect and preamble detect, to arrive at a new dual threshold CCA family that can provide greater flexibility towards tuning MAC performance. Cascaded-CCA integrates energy efficiency of the energy detector (ED) and the reliability of the preamble detector (PD). The probability of detection/false alarm and power consumption of cascaded-CCA in the CCA modules of IEEE 802.11b are analyzed and compared with ED and PD as an example. The performance of cascaded-CCA is explored via MATLAB simulations that implement the CCA modules and medium access control (MAC) protocol for IEEE 802.11 and IEEE 802.15.4. Simulation results showed that cascaded-CCA improves the energy efficiency significantly compared to ED-only or PD-only CCA. In addition, ED, PD, and cascaded CCA are applied to a cognitive network scenario to validate the effectiveness of the proposed cascaded-CCA.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.2
• /
• pp.846-864
• /
• 2017

Software Defined Network (SDN) realizes management and control over the underlying forwarding device, along with acquisition and analysis of network topology and flow characters through south bridge protocol. Data path Identification (DPID) is the unique identity for managing the underlying device, so forged DPID can be used to attack the link of underlying forwarding devices, as well as carry out DoS over the upper-level controller. This paper proposes a dynamic defense method based on Client-Puzzle model, in which the controller achieves dynamic management over requests from forwarding devices through generating questions with multi-level difficulty. This method can rapidly reduce network load, and at the same time separate attack flow from legal flow, enabling the controller to provide continuous service for legal visit. We conduct experiments on open-source SDN controllers like Fluid and Ryu, the result of which verifies feasibility of this defense method. The experimental result also shows that when cost of controller and forwarding device increases by about 2%-5%, the cost of attacker's CPU increases by near 90%, which greatly raises the attack difficulty for attackers.

• ETRI Journal
• /
• v.34 no.3
• /
• pp.352-360
• /
• 2012

This paper proposes a low-cost, low-power, and high-capacity optical-electrical-optical-type reach extender that can provide 3R frame regeneration and remote management to increase the reach and split ratio with no change to a legacy time division multiple access passive optical network. To provide remote management, the extender gathers information regarding optical transceivers and link status per port and then transmits to a service provider using a simple network management protocol agent. The extender can also apply to an Ethernet passive optical network (E-PON) or a gigabit-capable PON (G-PON) by remote control. In a G-PON, in particular, it can provide burst mode signal retiming and burst-to-continuous mode conversion at the upstream path through a G-PON transmission convergence frame adaptor. Our proposed reach extender is based on the quad-port architecture for cost-effective design and can accommodate both the physical reach of 60 km and the 512 split ratios in a G-PON and the physical reach of 80 km and the 256 split ratios in an E-PON.

• Journal of Korea Multimedia Society
• /
• v.25 no.2
• /
• pp.221-236
• /
• 2022

BLE protocol prevents MITM attacks with user interaction through some input/output devices such as keyboard or display. Therefore, If it use a device which has no input/output facility, it can be vulnerable to MITM attack. If messages to be sent to a control device is forged by MITM attack, the device can be abnormally operated by malicious attack from attacker. Therefore, we describes a scenario which has the vulnerabilities of the BLE network in this paper and propose countermeasure method against MITM attacks integrity violations. Its mechanism provides data confidentiality and integrity with MD5 and security key distribution of Diffie Helman's method. In order to verify the effectiveness of the countermeasure method proposed in this paper, we have conducted the experiments. ​As experiments, the message was sent 200 times and all of them successfully detected whether there was MITM attack or not. In addition, it took at most about 4.2ms delay time with proposed countermeasure method between devices even attacking was going on. It is expected that more secure data transmission can be achieved between IoT devices on a BLE network through the method proposed.