• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.4
• /
• pp.87-94
• /
• 2016

This paper proposes an energy transmission method to maximize energy efficiency of a based station. This method makes use of classification of service type to solve an inefficient use of transmission power, which is from exponential relationship between the legacy data throughput and transmission power. The proposed one is a way to find the most energy-efficiency points with the transmitted optimal amount of data on users in a base station of wireless network environment. For this, we propose EETA (Energy-Efficient Transmission Algorithm) which can control the amount of data and the holding time at the base station. As a result, the proposed method can improve the energy efficiency of about 10% compared to the legacy base station.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.2
• /
• pp.95-101
• /
• 2019

Sensor application systems for remote monitoring and control are required, such as the establishment of databases and IoT service servers, to process data being transmitted and received through radio communication modules, controllers and gateways. This paper designs and implements database server, IoT service server, data processing middleware and IoT management system for IoT based services based on the controllers, communication modules and gateway middleware platform developed. For this, we firstly define the specification of the data packet and control code for the information classification of the sensor application system, and also design and implement the database as a separate server for data protection and efficient management. In addition, we design and implement the IoT management system so that functions such as status information verification, control and modification of operating environment information of remote sensor application systems are carried out. The implemented system can lead to efficient operation and reduced management costs of sensor application systems through site status analysis, setting operational information, and remote control and management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.259-266
• /
• 2012

Malicious rogue AP has been used for variety attacks such as packet sniffing and Man-In-The-Middle Attack. It is used for the purpose of data leakage via 3G network within companies, and the unauthorized AP could be a reason of security incidents even though it is not intended. In this paper, we propose the method for detecting unauthorized access point over 3G networks throughout the RTT (Round Trip Time) value for classification. Through the experiments, we show that the method can classify the AP which is installed by normal way and the AP over 3G networks successfully.

• Journal of KIISE:Information Networking
• /
• v.28 no.2
• /
• pp.251-261
• /
• 2001

The traffic on the Internet has been growing exponentially for some time. This growth is beginning to stress the current-day routers. However, switching technology offers much higher performance. So the label switching network which combines IP routing with switching technology, is emerged. EspeciaJJy in the data driven label switching, flow classification and cache table management are needed. Flow classification is to classify packets into switching and non-switching packets, and cache table management is to maintain the cache table which contains information for flow classification and label switching. However, the cache table management affects the performance of label switching network considerably as well as flowclassification because the bigger cache table makes more packet switched and maintains setup cost lower, but cache is restricted by local router resources. For that reason, there is need to study the cache replacement scheme for the efficient cache table management with the Internet traffic characterized by user. So in this paper, we propose several cache replacement schemes for label switching network. First, without the limitation at switching capacity in the router. we introduce FIFO(First In First Out). LFC(Least Flow Count), LRU(Least Recently Used! scheme and propose priority LRU, weighted priority LRU scheme. Second, with the limitation at switching capacity in the router, we introduce LFC-LFC, LFC-LRU, LRU-LFC, LRU-LRU scheme and propose LRU-weighted LRU scheme. Without limitation, weighted priority LRU scheme and with limitation, LRU-weighted LRU scheme showed best performance in this paper.

• The KIPS Transactions:PartC
• /
• v.15C no.5
• /
• pp.351-358
• /
• 2008

Recently, as network flooding attacks such as DoS/DDoS and Internet Worm have posed devastating threats to network services, rapid detection and proper response mechanisms are the major concern for secure and reliable network services. However, most of the current Intrusion Detection Systems(IDSs) focus on detail analysis of packet data, which results in late detection and a high system burden to cope with high-speed network environment. In this paper we propose a lightweight and fast detection mechanism for traffic flooding attacks. Firstly, we use SNMP MIB statistical data gathered from SNMP agents, instead of raw packet data from network links. Secondly, we use a machine learning approach based on a Support Vector Machine(SVM) for attack classification. Using MIB and SVM, we achieved fast detection with high accuracy, the minimization of the system burden, and extendibility for system deployment. The proposed mechanism is constructed in a hierarchical structure, which first distinguishes attack traffic from normal traffic and then determines the type of attacks in detail. Using MIB data sets collected from real experiments involving a DDoS attack, we validate the possibility of our approaches. It is shown that network attacks are detected with high efficiency, and classified with low false alarms.

• Journal of Internet Computing and Services
• /
• v.22 no.2
• /
• pp.29-39
• /
• 2021

As damages to individuals, private sectors, and businesses increase due to newly occurring cyber attacks, the underlying network security problem has emerged as a major problem in computer systems. Therefore, NIDS using machine learning and deep learning is being studied to improve the limitations that occur in the existing Network Intrusion Detection System. In this study, a deep learning-based NIDS model study is conducted using the Convolution Neural Network (CNN) algorithm. For the image classification-based CNN algorithm learning, a discrete algorithm for continuity variables was added in the preprocessing stage used previously, and the predicted variables were expressed in a linear relationship and converted into easy-to-interpret data. Finally, the network packet processed through the above process is mapped to a square matrix structure and converted into a pixel image. For the performance evaluation of the proposed model, NSL-KDD, a representative network packet data, was used, and accuracy, precision, recall, and f1-score were used as performance indicators. As a result of the experiment, the proposed model showed the highest performance with an accuracy of 85%, and the harmonic mean (F1-Score) of the R2L class with a small number of training samples was 71%, showing very good performance compared to other models.

• Journal of KIISE:Information Networking
• /
• v.33 no.3
• /
• pp.201-217
• /
• 2006

In this paper, we collected the physical traces from high speed Internet backbone traffic and analyze the various characteristics of the underlying packet traces. Particularly, our work is focused on analyzing the characteristics of an anomalous traffic. It is found that in our data, the anomalous traffic is caused by UDP session traffic and we determined that it was one of the Denial of Service attacks. In this work, we adopted the unsupervised machine learning algorithm to classify the network flows. We apply the k-means clustering algorithm to train the learner. Via the Cramer-Yon-Misses test, we confirmed that the proposed classification method which is able to detect anomalous traffic within 1 second can accurately predict the class of a flow and can be effectively used in determining the anomalous flows.

• Journal of KIISE:Information Networking
• /
• v.34 no.4
• /
• pp.246-255
• /
• 2007

Due to the bandwidth-consuming characteristics of the heavy-hitter P2P applications, it has become critical to have the capability of pinpointing and mitigating P2P traffic. Traditional port-based classification scheme is no more adequate for this purpose because of newer P2P applications, which incorporating port-hopping techniques or disguising themselves as HTTP-based Internet disk services. Alternatively, packet filtering scheme based on payload signatures suggests more practical and accurate solution for this problem. Moreover, it can be easily deployed on existing IDSes. However, it is significantly difficult to maintain up-to-date signatures of P2P applications. Hence, the automatic signature generation method is essential and will be useful for successful signature-based traffic identification. In this paper, we suggest an automatic signature generation method for Internet disk P2P applications and provide an experimental results on CNU campus network.

• Journal of Advanced Navigation Technology
• /
• v.19 no.4
• /
• pp.265-277
• /
• 2015

Automatic dependent surveillance-broadcast (ADS-B) is the core technology of communication, navigation and surveillance/air traffic management (CNS/ATM), automatically broadcasts its own position information using GNSS and has an advantage of lower geological constraints and faster update speed compared with legacy radar systems. EUROCONTROL defined all purpose structured eurocontrol surveillance information exchange (ASTERIX) CAT.021. ASTERIX CAT.021 is modified several times, but it has compatibility issues with previous version of it. In this paper, we have designed an efficient message processing module regardless of the version of ASTERIX CAT.021. This implemented module generates patterns to collect messages received from the network, after that, received messages are processed in the routine that is defined in accordance with the patterns.

• The KIPS Transactions:PartB
• /
• v.10B no.2
• /
• pp.163-168
• /
• 2003

In transmitting compressed video bit-stream over Internet, packet loss causes error propagation in both spatial and temporal domain, which in turn leads to severe degradation in image quality. In this paper, a new approach for the recovery of lost or erroneous Motion Vector(MV)s by classifying the movements of neighboring blocks by their homogeneity is proposed. MVs of neighboring blocks are classified according to the direction of MVs and a representative value for each class is determined to obtain the candidate MV set. By computing the distortion of the candidates, a MV with the minimum distortion is selected. Experimental results show that the proposed algorithm exhibits better performance in many cases than existing methods.