• Journal of Communications and Networks
• /
• v.18 no.3
• /
• pp.460-475
• /
• 2016

The existing Proxy Mobile IPv6 suffers from a long handover latency which in turn causes significant packet loss that is unacceptable for seamless realtime services such as multimedia streaming. This paper proposes an OpenFlow-enabled proxy mobile IPv6 (OF-PMIPv6) in which the control of access gateways is centralized at an OpenFlow controller of a foreign network. The proposed OF-PMIPv6 separates the control path from the data path by performing the mobility control at the controller, whereas the data path remains direct between a mobile access gateway and a local mobility anchor in an IP tunnel form. A group of simple OpenFlow-enabled access gateways performs link-layer control and monitoring activities to support a comprehensive mobility of mobile nodes, and communicates with the controller through the standard OpenFlow protocol. The controller performs network-layer mobility control on behalf of mobile access gateways and communicates with the local mobility anchor in the Proxy Mobile IPv6 domain. Benefiting from the centralized view and information, the controller caches the authentication and configuration information and reuses it to significantly reduce the handover latency. An analytical analysis of the proposed OF-PMIPv6 reactive and proactive handover schemes shows 43% and 121% reduction in the handover latency, respectively, for highly utilized network. The results gathered from the OF-PMIPv6 testbed suggest similar performance improvements.

• Journal of the Korea Convergence Society
• /
• v.9 no.11
• /
• pp.99-105
• /
• 2018

As the Internet of Thing(IoT) technology recently has become a big issue, many researches have been carried out to link the Internet of things with the home network system. Various home network systems are being implemented to connect many devices used in the home with the Internet and to control and operate the devices using a smart phone. However, existing protocols that operate on the Internet are not suitable for a limited environment such as low power, low capacity, and low performance. Therefore, the Internet Engineering Task Force (IETF) Working Group proposed the CoAP/6LoWPAN technology as a suitable protocol for internetworking IoT devices with the Internet in a limited environment and adopting it as a standard. In this paper, a smart home network system is implemented to control and operate various IoT devices in a home using CoAP/6LoWPAN in mobile environment. The performance of HTTP and CoAP such as data transmission time, data transmission rate is analyzed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.3B
• /
• pp.421-430
• /
• 2010

Now a days, as a communications network is being broadband, IPTV(Internet Protocol Television) service which provides various two-way TV service is increasing. But as the data which is transmitted between IPTV set-top box and smart card is almost transmitted to set-top box, the illegal user who gets legal authority by approaching to the context of contents illegally using McComac Hack Attack is not prevented perfectly. In this paper, set-top box access security model is proposed which is for the protection from McComac Hack Attack that tries to get permission for access of IPTV service illegally making data line which is connected from smart card to set-top box by using same kind of other set-top box which illegal user uses. The proposed model reports the result of test which tests the user who wants to get permission illegally by registration the information of a condition of smart card which is usable in set-top box in certification server so that it prevents illegal user. Specially, the proposed model strengthen the security about set-top box by adapting public key which is used for establishing neighbor link and inter-certification process though secret value and random number which is created by Pseudo random function.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.1
• /
• pp.48-59
• /
• 2009

Next generation mobile communication system will have various access networks and provide seamless multimedia data service to mobile nodes. The WiNGS system, one of these access network, has superior RAT(Radio Access Technology) and network connectivity other than previous ones. In this paper, we propose link-layer SR-ARQ between mobile node and WAGW to solve packet re-ordering problem during handover. In the proposed scheme, we apply the adaptive timer at the SR-ARQ sender to reduce unnecessary packet retransmission during handoff and delayed NAK algorithm at the SR-ARQ receiver for delaying NAK response due to temporary out-of-sequenced frames. We evaluate the performance of the proposed scheme by implementing the new SR-ARQ protocol at the link-layer using ns-2 simulator, and show the handover performance is improved greatly by preventing unnecessary retransmission.

• Information and Communications Magazine
• /
• v.15 no.11
• /
• pp.124-142
• /
• 1998

ETSI BRAN (Broadband Radio Access Network)는 고속 무선 LAN 또는 고정 광대역 무선액세스 네트워크에서의 무선 접촉 계층과 ATM 및 IP(Internet Protocol) 코어 네트워크와의 연동을 위한 일부 기능을 표준화하기 위한 과제이다. 특히, BRAN의 HIPERLAN type-2(HIPERLAN/2)의 경우에는 과제의 범위는 무선 접속면, 무선 부시스템에서의 서비스 인터페이스, 서비스 구현에서 요구되는 연동 및 각종 지원 기능을 표준화하며, 무선 접속면의 경우에는 다수 벤더간의 상호 호환성을 제공할 수 있는 인터페이스를 구현하는 것이다. HIPERLAN/2의 기술 규격은 코어 네트워크와 독립적인 물리계층 및 데이터 링크 제어 (DATA Link Control: DLC) 계층과 서로 상이한 코어 네트워크와의 연동을 위한 네트워크 수렴 부계층을 다루게 될 것이며, 초기 단계에서는 ATM과 IP 코어 네트워크와의 연동 기능을 제시하게 될 것이다. 따라서 HIPERLAN/2기반의 시스템 규격을 제시하기 위해서는 네트워크 계층 및 기타 상위 계층에 대한 규격이 요규되며, 이는 ATM Forum에서의 무선 ATM 신호 방식 규격, IETF(Internet Engineering Task Force)의 IP규격, 그리고 ETSI의 SMG (Special Mobile Group) 프로젝트에서 표준화되고 있는 UMTS (Universal Mobile Telecommunication Service) 규격 등과 접목될 것이다. 결과적으로 무선 ATM 관점에서는 완전한 시스템 규격 작성은 ETSI BRAN과 ATM Forum에서 무선 접속 규격과 이동성 관리 및 신호 방식으로 각각 이원화되어 진행되고 있다. 현재 물리 계층에서의 전송 방식은 OFDM(Orthogonal Frequency Division Multiplexing)으로 확정되었으며, DLC 계층에서는 고정 길이의 TDD (Time Division Duplexing) TDMA 프레임 구조를 기반으로 AP (Access Point)에 의해 동적으로 상향 링크 자원을 예약 할당하는 매체 접근 제어 (Medium Access Control: MAC) 프로토콜이 고려되고 있다. 이와 같은 DLC 계층에서는 기본적으로 짧은 길이의 패킷을 통해 다양한 대역폭의 멀티미디어 트래픽을 효율적으로 수용하면서 ATM 네트워크뿐만 아니라 향후 IP 네트워크에서 요구하는 각 서비스별 QoS (Quality of Service)를 개별적으로 보장할 수 있는 기능을 구현하고자 한다. 향후 이 부문에 대한 표준화가 본격적으로 진행될 것으로 예상되며 HIPERLAN/2의 경우에는 1999년 중반까지 1차 기능 규격을 완료할 예정이며, BRAN 전반에 대한 완전한 규격을 2002년까지 완성하는 것을 목표로 하고 있다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.339-346
• /
• 2013

As the need for security of SCADA systems is increasing, significant progress has been made in research on security of control protocol. However, very few security solutions were adapted to legacy SCADA system. The reasons for non-adoption are latency, cost and key management problem. We propose a low latency, economic security Solution to solve these issues. The proposed solution performs security function in data link layer and has minimum overhead to minimize latency. Furthermore, we try to solve the key management problem by providing systematic security keys and key distribution method.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.5
• /
• pp.41-46
• /
• 2011

Mobile Ad-Hoc networks (MANET) has been getting the spotlight in the area of the wireless networks because of its flexibility and salability, and developing of many applications with it. As a consequence, MANETs are required to process not only simple data traffics, but also multimedia traffics, which has some constraints on the performances. However, unlike wired-networks, the wireless networks have frequent route-disconnections due to some reasons such as channel errors and mobility. Such frequent link disconnections makes the delivery of multimedia traffics difficult. Even though there many researches on multimedia transmissions on various environments, the performances of multimedia transmissions over fading channel and mobility even using various routing protocols have not been evaluated. Therefore, this paper extensively simulates the MPEG-4 video transmission over fading channel environment with node's mobility. In addition, the performances with two routing protocols such as AODV and DSR are compared. Finally, the simulation results shows that DSR protocol has the better performances to deliver MPEG-4 traffic.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.5
• /
• pp.1303-1315
• /
• 2012

In the draft of the IEEE 802.11s standard, a tree topology is established by the proactive tree-building mode of the Hybrid Wireless Mesh Protocol (HWMP). It is used for cases in which the root station (e.g., gateway) is an end point of the majority of the data connections. In the tree topology, the root or central stations (e.g., parent stations) are connected to the other stations (e.g., leaves) that are one level lower than the central station. Such mesh stations are likely to suffer heavily from contention in bottleneck links when the network has a high traffic load. Moreover, the dependence of the network on such stations is a point of vulnerability. A failure of the central station (e.g., a crash or simply going into sleep mode to save energy) can cripple the whole network in the tree topology. This causes performance degradation for end-to-end transmissions. In a connected mesh topology where the stations having two or more radio links between them are connected in such a way that if a failure subsists in any of the links, the other link could provide the redundancy to the network. We propose a scheme to utilize this characteristic by organizing the network into concentric tiers around the root mesh station. The tier structure facilitates path recovery and congestion control. The resulting mode is referred to as Tier-based Proactive Path Selection Mode (TPPSM). The performance of TPPSM is compared with the proactive tree mode of HWMP. Simulation results show that TPPSM has better performance.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.10
• /
• pp.2627-2640
• /
• 1998

In this paper, we analyze the performance of the virtual cell system[1] for the transmission of IP datagrams in mobile computer communications. A virtual cell consistsof a group of physical cells shose base stationsl are implemented b recote bridges and interconnected via high speed datagram packet switched networks. Host mobility is supported at the data link layer using the distributed hierachical location information of mobile hosts. Given mobility and communication ptems among physical cells, the problem of deploying virtual cells is equivalent to the optimization cost for the entire system where interclster communication is more expesive than intracluster communication[2]. Once an iptimal partitionof disjoint clusters is obtained, we deploy the virtual cell system according to the topology of the optimal partition such that each virtual cell correspods to a cluser. To analyze the performance of the virtual cell system, we adopt a BCMP open multipel class queueing network model. In addition to mobility and communication patterns, among physical cells, the topology of the virtual cell system is used to determine service transition probabilities of the queueing network model. With various system parameters, we conduct interesting sensitivity analyses to determine network design tradeoffs. The first application of the proposed model is to determine an adequate network bandwidth for base station networking such that the networks would not become an bottleneck. We also evaluate the network vlilization and system response time due to various types of messages. For instance, when the mobile hosts begin moving fast, the migration rate will be increased. This results of the performance analysis provide a good evidence in demonsratc the sysem effciency under different assumptions of mobility and communication patterns.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.1
• /
• pp.14-26
• /
• 2008

IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.