• 전자공학회논문지 IE
• /
• v.48 no.3
• /
• pp.16-19
• /
• 2011

Differentiated Service is an IP QoS ensuring method based on packet marking that allows packets to be prioritized according to user requirements. During the time of congestion, more low priority packets are dropped than high priority packets. Different policy models are used to determine how to mark the packet. This paper investigated the performance of Differentiated Service using time sliding window with 3 color marking (TSW3CM). Simulation results using NS-2 showed that Differentiated Service can provide the quality of service requirements.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.977-980
• /
• 2005

The motivation of IP traceback is to identify the true source of an IP datagram in internet. These techniques now emerging as effective deterrent for current cyber threats, especially (D)DoS. Deterministic Packet Marking (DPM) is one of the algorithm used for IP traceback. This paper elucidates the implementation of deterministic packet marking scheme on IPv6 networks. The proposed scheme is capable of single packet traceback. We also examined the issues regarding IPv6 header and show that this scheme is practical, scalable, efficient and can be implemented on existing IPv6 networks easily.

• The Journal of the Korea Contents Association
• /
• v.3 no.1
• /
• pp.21-30
• /
• 2003

Retracing schemes using packet marking are currently being studied to protect network resources by isolating DDoS attack. One promising solution is the probabilistic packet marking (PPM). However, PPM can't use ICMP by encoding a mark into the IP identification field. Likewise, it can't identify the original source through a hash function used to encode trace information and reduce the mark size. In addition, the retracing problem overlaps with the result from the XOR operation. An algorithm is therefore proposed to pursue the attacker's source efficiently. The source is marked in a packet using a router ID, with marking information abstracted.

• Journal of Internet Computing and Services
• /
• v.6 no.1
• /
• pp.13-25
• /
• 2005

Distributed Denial-of-Service(DDoS) attack prevent users from accessing services on the target network by spoofing its origin source address with a large volume of traffic. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Existing IP Traceback methods can be categorized as proactive or reactive tracing. Existing PPM based tracing scheme(such as router node appending, sampling and edge sampling) insert traceback information in IP packet header for IP Traceback. But, these schemes did not provide enhanced performance in DDoS attack. In this paper, we propose a 'TTL based advanced Packet Marking' mechanism for IP Traceback. Proposed mechanism can detect and control DDoS traffic on router and can generate marked packet for reconstructing origin DDoS attack source, by which we can diminish network overload and enhance traceback performance.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2137-2140
• /
• 2003

최근 IP 역추적을 위한 다양한 연구가 진행되고 있다. 피 중 주목할 만한 역추적 시스템인 확률적 패킷 마킹 기법은 대량의 패킷을 필요로 하는 분산 서비스 거부 공격의 특징을 이용한 매우 효율적이고 실용적인 접근 방식이다. 그러나 이 방식은 모든 라우터의 수정이 불가피하다는 점과 공격을 당한 피해 시스템에서 완벽한 공격 경로를 재구성하기 위해 엄청난 부담을 짊어지게 되는 문제점을 드러냈다. 이러한 문제점에 대한 해결책으로 본 논문에서는 네트워크에 유입되는 패킷에 출발지 라우터의 주소만을 마킹하는 Admission Packet Marking 기법을 제안하고 기존 연구와의 비친 분석을 통해 기존 인터넷에의 적용 가능성을 판단한다.

• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.89-96
• /
• 2002

Handoff is one of the most important factors that ma? degrade the performance of TCP connections in wireless data networks. In this paper, we present a lossless and duplication free handoff scheme called LPM (Last Packet Marking) for improving Cellular If semisoft handoff. LPM signals the safe handoff cue by sending a specially marked packet to mobile hosts. SPM (Semisoft rePly Message) is the only newly introduced control packet. Our performance study shows that LPM achieves lossless packet delivery without duplication and increases TCP throughput significantly.

• The Journal of the Korea Contents Association
• /
• v.7 no.1
• /
• pp.103-115
• /
• 2007

The vulnerability issue on IEEE 802.1x wireless LAN has been permits the malicious attack such as Auth/Deauth flooding more serious rather than we expected. Attacker can generate huge volume of malicious traffic as the same methods on existing wired network. The objective of wireless IP Traceback is to determine the real attack sources, as well as the full path taken by the wireless attack packets. Existing IP Traceback methods can be categorized as proactive or reactive tracing. But, these existing schemes did not provide enhanced performance against DoS attack on wireless traffic. In this paper, we propose a 'TTL based advanced Packet Marking' mechanism for wireless IP Packet Traceback with wireless Classification function. Proposed mechanism can detect and control DoS traffic on AP and can generate marked packet for reconstructing on the real path from the non-spoofed wireless attack source, by which we can construct secure wireless network based on AP with enhance traceback performance.

• Proceedings of the Korea Contents Association Conference
• /
• 2003.05a
• /
• pp.223-226
• /
• 2003

The best way in order to protect the system resource front Distributed Denial of Service(DDoS) attack is cut off the source of DDoS attack with path retracing the packet which transferred by attacker. Packet marking method can not use ICMP cause by using IP identifier field as marking field. And in case of increasing the number of router, retracing method using router ID has the size of marking field's increasing problem. In this paper, we propose that retracing method can be available the ICMP using marking field for option field in IP header and the size of making Held do not change even though the number of router is increased using the mark information which value obtained through XOR operation on IP address.

• The Journal of Korean Association of Computer Education
• /
• v.11 no.2
• /
• pp.99-106
• /
• 2008

In this paper, we have proposed a novel re-marking strategy at tbe ingressive edge router to improve TCP fairness of DiffServ Assured Services. Our re-marking strategy introduces a configuration method of the Temporary Permitted Rate (TPR). By using this new configuration method of TPR, IN packets of greedy TCP flows are re-marked to OUT packets pertinently and constantly whenever the network traffic changes. Simulation Results show that this novel re-marking strategy can regulate the packet transmission rate of each TCP flow to the contract rate without a decrease in the link utilization.

• Journal of Korea Multimedia Society
• /
• v.7 no.8
• /
• pp.1120-1130
• /
• 2004

Distributed Denial-of-Service(DDoS) attack prevent users from accessing services on the target network by spoofing its origin source address with a large volume of traffic. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Existing IP Traceback methods can be categorized as proactive or reactive tracing. Existing proactive tracing scheme(such as packet marking and messaging) prepares information for tracing when packets are in transit. But, these scheme require additional network overhead. In this paper, we propose a "advanced Traceback" mechanism, which is based on the modified Pushback system with secure router mechanism. Proposed mechanism can detect and control DDoS traffic on router and can generate marked packet for reconstructing origin DDoS attack source, by which we can diminish network overload and enhance Traceback performance.