• Journal of the Korean Geophysical Society
• /
• v.4 no.4
• /
• pp.239-249
• /
• 2001

NAT (Network Address Translation) is an IP address modification protocol that translates private IP addresses into authentic Internet addresses. The main features of NAT are to improve network security and to save IP addresses. Generally speaking, in order to perform its functionality. NAT uses the address informaiton in the packet header. Certain application protocols, however, use the information in the packet data as well as the imformation in the packet header to perform end-to-end communication. Therefor, to support these types of application protocols, NAT should be able to perform appropriate translation of protocol information in the packet data. In this thesis, we design and implement a method which translates virtual IP information in the packet data into real IP information by using port proxy server.

• International journal of advanced smart convergence
• /
• v.6 no.4
• /
• pp.56-59
• /
• 2017

In this paper, we design a covert channel based on instruction gadgets in smart sensing devices. Unlike the existing convert channels that usually utilize diverse physical characteristics or user behaviors or sensory data of smart sensing devices, we show that instruction gadgets could be exploited for covert channel establishment in smart sensing devices. In our devised covert channels, trojan smart sensing devices exchange attack packets in such a way that they encode an attack bit in attack packet to a series of addresses of instruction gadgets and decode an attack bit from a series of addresses of instruction gadgets.

• International journal of advanced smart convergence
• /
• v.5 no.4
• /
• pp.54-56
• /
• 2016

Code-reuse attacks are very dangerous in various systems. This is because they do not inject malicious codes into target systems, but reuse the instruction sequences in executable files or libraries of target systems. Moreover, code-reuse attacks could be more harmful to IoT systems in the sense that it may not be easy to devise efficient and effective mechanism for code-reuse attack detection in resource-restricted IoT devices. In this paper, we propose a detection scheme with using Kullback-Leibler (KL) divergence to combat against code-reuse attacks in IoT. Specifically, we detect code-reuse attacks by calculating KL divergence between the probability distributions of the packets that generate from IoT devices and contain code region addresses in memory system and the probability distributions of the packets that come to IoT devices and contain code region addresses in memory system, checking if the computed KL divergence is abnormal.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.169-175
• /
• 2011

This paper addresses mobile IP router which communicate between nodes in Ad Hoc network as well as supply attachment to outer Internet. Ad Hoc network is one which exchanges information through cooperations among nodes without wire infrastructure, mobile IP router considers the network as one mobile unit, and supports Internet connection in mobile as well as fixed spaces. Therefore, this router can accommodate the routing of Ad Hoc network, and provide nodes in Ad Hoc network with Internet connection. So mobile IP router can provide Ad-Hoc terminals with the diverse wireless services, such as Internet connection service, routing, mobility, and so on.

• Journal of Communications and Networks
• /
• v.13 no.6
• /
• pp.602-611
• /
• 2011

The inter-domain routing scalability issue is a major challenge facing the Internet. Recent wide deployments of multihoming and traffic engineering urge for solutions to this issue. So far, tunnel-based proposals and compact routing schemes have been suggested. An implicit assumption in the routing community is that structured address labels are crucial for routing scalability. This paper first systematically examines the properties of identifiers and address labels and their functional differences. It develops a simple Internet routing model and shows that a binary relation T defined on the address label set A determines the cardinality of the compact label set L. Furthermore, it is shown that routing schemes based on flat address labels are not scalable. This implies that routing scalability and routing stability are inherently related and must be considered together when a routing scheme is evaluated. Furthermore, a metric is defined to measure the efficiency of the address label coding. Simulations show that given a 3000-autonomous system (AS) topology, the required length of address labels in compact routing schemes is only 9.12 bits while the required length is 10.64 bits for the Internet protocol (IP) upper bound case. Simulations also show that the ${\alpha}$ values of the compact routing and IP routing schemes are 0.80 and 0.95, respectively, for a 3000-AS topology. This indicates that a compact routing scheme with necessary routing stability is desirable. It is also seen that using provider allocated IP addresses in multihomed stub ASs does not significantly reduce the global routing size of an IP routing system.

• Journal of Internet of Things and Convergence
• /
• v.2 no.4
• /
• pp.41-47
• /
• 2016

The IP address used in the Internet has the role of both identifier and locator to bind a host and the application, however, this binding restricts some functions such as mobility and multi-homing. As a result, we suggested a host ID-LOC separation protocol using DHT with SDN features. The proposed scheme is a network-based scheme, and uses IPv6 addresses. The underlying network is partitioned into Host Identity domain and IP domain for identifiers and locators. In this paper, we present a simple cost model for analyzing both the proposed scheme and one of the previous works, the MOFI. The result of cost analysis shows better performance of the proposed scheme.

• Proceedings of the KIEE Conference
• /
• 2002.11c
• /
• pp.443-449
• /
• 2002

In this paper, we propose a programmable method that can connect the control network with the Internet by using an ordinary PC, which is operated by GNU/LINUX. We make a physical connection between an ordinary PC and control network. Then, a PC can be bound with a particular control network. Moreover, numerous PCs that are bound with particular control networks have addresses of there own on the Internet. So, these PCs are connected each other very well. Consequently, all control networks can be observed and controlled with data transfer between these PCs.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.69-77
• /
• 2008

I propose adding users’Media Access Control (MAC) addresses to standard X.509 certificates to provide more secure authentication. The MAC address can be added by the issuing Certification Authority (CA) to the "extensions" section of the X.509 certificate. I demonstrate that when two users with MAC address information on their digital certificates communicate, the MAC address on the first user’s certificate can be easily verified by the second user. In this way, security can be improved without markedly degrading system performance and the level of initial trust between participants in virtual communities will be improved.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.3
• /
• pp.137-142
• /
• 2001

Electronic Commerce are facing on social upheavals by a rapidly advanced Open Network such as Internet, and the crest of a digital boom in the economic side for the 21th century. As the Internet develops into a robust delivery channel for commerce, it will be important to understand the characteristics of on-line markets. This paper addresses price competition in Internet Electronic Commerce by reviewing current academic research, discussing the implications of price competition, and proposing areas for future study.

• Journal of Contemporary Eastern Asia
• /
• v.14 no.1
• /
• pp.23-43
• /
• 2015

In most of the world, the current trend in information technology is for open data movement that promotes transparency and equal access. An opposite trend is observed in China, which has the world's largest Internet population. The country has implemented sophisticated cyber-infrastructure and practices under the name of The Golden Shield Project (commonly referred to as the Great Firewall) to limit access to popular international web services and to filter traffic containing 'undesirable' political content. Increasingly, tech-savvy Chinese bypass this firewall and use Twitter to share knowledge on censorship circumvention and encryption to collectively troubleshoot firewall evasion methods, and even mobilize actions that border on activism. Using a mixed mythological approach, the current study addresses such networked knowledge sharing among citizens in a restricted web ecosystem. On the theoretical front, this study uses webometric approaches to understand change agents and positive deviant in the diffusion of censorship circumvention technology. On policy-level, the study provides insights for Internet regulators and digital rights groups to help best utilize communication networks of positive deviants to counter Internet control.