• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1151-1160
• /
• 2016

A TrustZone-based rootkit detecting solution using a secure timer ensures the integrity of monitoring system, because ARM TrustZone technology provides isolated environments from a monitored OS against intercepting and modifying invoke commands. However, it is vulnerable to transient attack due to periodic monitoring. Also, Address Translation Redirection Attack (ATRA) cannot be detected, because the monitoring is operated by using the physical address of memory. To ameliorate this problem, we propose a snoop-based kernel introspection system. The proposed system can monitor a kernel memory in real-time by using a snooper, and detect memory-bound ATRA by introspecting kernel pages every context switch of processes. Experimental results show that the proposed system successfully protects the kernel memory without incurring any significant performance penalty in run-time.

• The KIPS Transactions:PartA
• /
• v.13A no.7 s.104
• /
• pp.573-580
• /
• 2006

The conventional transport layer protocol TCP is designed to work under condition of packet loss is due to the network congestion, so that it's suitable in the traditional wired network with fixed hosts but it's inefficient on the wireless network where the environment of fading, noise, and transmission error comes from interference. This result from the needless transmission control of the bit error is due to treats the packet loss as a packet congestion control in the wireless network. In this paper, we propose the advanced SNOOP protocol with the consecutive packet loss and TCP window control to avoid the needless congestion management algorithm in wireless network for the wireless TCP packet transmission enhancement. We verify the performance of the advanced module from the simulation experiment result.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.1151-1154
• /
• 2006

다양한 무선 네트워킹의 출현은 유무선 혼합형태의 네트워크 망으로 변화되면서 기존의 유선 중심의 네트워크 기반으로 구현된 TCP에 많은 문제점을 가져왔다. 높은 비트오류율, 낮은 대역폭 그리고 높은 지연 등은 TCP/IP 통신을 효율적으로 지원하지 못하는 원인이 된다. 또한 BS(Base Station:기지국)에서 보낸 패킷이 MH(Mobile Node : 이동성을 갖는 노드)가 수신범위 밖으로 벗어나면서 손실로 이어질 경우 성능 저하의 원인이 되기도 한다. 본 논문에서는 MN의 ACK에 수신신호 관련 flag bit를 추가하면서 BS에서 추가된 ACK의 flag bit를 이용해서 패킷손실을 최소화하는 기법을 제안한다.

• Journal of KIISE:Information Networking
• /
• v.30 no.2
• /
• pp.233-243
• /
• 2003

With the original Transmission Control Protocol(TCP) design, which is particularly targeted at the wired networks, a packet loss is assumed to be caused by the network congestion. In the wireless environment where the chances to lose packets due to transmission bit errors are not negligible, though, this assumption may result in unnecessary TCP performance degradation. In this paper, we propose three schemes that improve the ability to conceal the packet losses in the wireless network while limiting the degree of violating TCP end-to-end semantics to a temporary incidents. If there happens a packet loss at the wireless link and there is a chance that the loss is noticed by the sending TCP, the proposed schemes send an indirect acknowledgement. Each of the proposed schemes uses different criteria to decide whether there is a chance that the packet loss occurred in the wireless part is noticed by the sender. In order to limit the buffer overhead in the base, the indirect acknowledgements are issued only when the length of buffer is less than a certain threshold. We use simulation to compare the overhead and the performance of the proposed schemes, and to show that the proposed schemes improve the TCP performance compared to Snoop with a limited amount of buffer at the base station.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10c
• /
• pp.307-309
• /
• 2001

In this paper, we present a scheme for the improving reliable transport and the efficient multicast support in mobile environment. The proposed scheme solves a problem of TCP layer resulted from mobility by using a Representative FA. RFA has a mechanism like a snoop module which has a cache and can provide retransmission of a multicast packet lost and solve the rock implosion problem. Also, we present an additional IGMP message. By using it, We can remove a delay for IGMP query cycle and serve a multicast service more promptly.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.11
• /
• pp.1305-1317
• /
• 1999

NUMA 구조는 원격 메모리에 대한 접근이 불가피한 구조적 특성 때문에 상호 연결망이 성능을 좌우하는 큰 변수가 된다. 기존에 대중적으로 사용되던 버스는 물리적 확장성 및 대역폭에서 대규모 시스템을 구성하는 데 한계를 보인다. 이를 대체하는 고속의 지점간 링크를 사용한 링 구조는 버스가 가지는 확장성 및 대역폭의 한계라는 단점을 개선하였으나, 많은 클러스터가 연결되는 경우에는 전송 지연시간이 증가하는 문제점을 가지고 있다. 본 논문에서는 스누핑 프로토콜이 적용된 링 구조에서 클러스터 개수 증가에 따른 지연시간 증가의 문제점을 보완하기 위해 계층적 링 구조로의 확장을 제안하고, 이 구조에 효과적인 캐쉬 일관성 프로토콜을 설계하였다. 전역 링과 지역 링을 연결하는 브리지는 캐쉬 프로토콜을 관리하며 이 프로토콜에 의해 지역 링의 부하를 줄일 수 있도록 트랜잭션을 필터링하는 역할도 담당함으로써 시스템의 성능을 향상시킨다. probability-driven 시뮬레이터를 통해 계층적 링 구조가 시스템의 성능 및 링 이용률에 미치는 영향을 알아본다. Abstract Since NUMA architecture has to access remote memory, interconnection network performance determines performance of NUMA architecture. Bus, which has been used as popular interconnection network of NUMA, has a limit to build a large-scale system because of limited physical scalability and bandwidth. Ring interconnection network, composed of high-speed point-to-point link, made up for bus's defects of scalability and bandwidth. But, it also has problem of increasing delay as the number of clusters is increased. In this paper, we propose a hierarchical expansion of snoop-based ring architecture in order to overcome ring's defects of increasing delay. And we also design an efficient cache coherence protocol adopted to this architecture. Bridge, which connects local ring and global ring, maintains cache coherence protocol and does snoop-filtering which reduces local ring and cluster bus utilization. Therefore bridge can improve performance of this system. We analyze effects of hierarchical architecture on the performance of system and utilization of point-to-point links using probability-driven simulator.

• Journal of IKEEE
• /
• v.5 no.1 s.8
• /
• pp.111-120
• /
• 2001

VC merging involves distinguishing cells from an identical merged VC label. Various approaches have been proposed to help this identification process. However, most of them incur additional buffering, protocol overhead and/or variable delay. They make the provision of QoS difficult to achieve. So it was proposed a merge capable scheduler to support VC-merging (VCMS). However, in situations where all VCs are to be merged or the incoming traffic load is very low, it could happen that there are not enough non-merging cells to snoop. In this situation the scheduler uses special control cells to fill the empty time slots out. Too many control cells can cause high cell loss ratio and an additional packet transfer delay. To overcome the drawbacks, we propose a Sequence Skipping(SS) method where the sequencers skip the empty queues and insert SS cells. We show SS method is suitable for VC-merging and can reduce the cell loss ratio and the mean packet transfer delay through simulations.

• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.345-352
• /
• 2006

In the integrated wired/wireless network which consists of the Internet and moving networks, multiple wireless links are used to connect a fixed host(FH) in the Internet to a mobile host(MH) in the moving network. For use in such an environment, we propose a scheme to overcome the TCP performance degradation due to the packet losses over the wireless links without losing the end-to-end TCP semantics. The proposed scheme in each mobile router(MR) allows to obtain the information regarding packet losses over the upstream wireless links based on the received packet sequence number and the ACK number. This information is delivered to the upstream router, which enables the upstream access router(AR) or MR to quickly retransmit the lost packets. The proposed scheme has the feature to quickly recover the packet losses incurred over the upstream wireless links and the performance of the proposed scheme is evaluated through simulation. It is shown that the significant performance gain can be obtained using the proposed scheme compared with the snoop mechanism which maintains end-to-end TCP semantics and does not require any additional features at the source and/or destination nodes.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.6B
• /
• pp.420-429
• /
• 2008

Currently, IEEE 802.11 Network could not support optimized tunneling scheme and buffering scheme based on movement detection to reduce multimedia data packet loss when an MN move from current subnet to new subnet during handover. It is because IEEE 802.11 did not transfer information of movement detection to AP. In this paper, we proposed new fast handover scheme by using advanced access point and optimized snoop protocol for network based Proxy Mobile IPv6 in IEEE 802.11 Networks. During handover, the proposed scheme reduces both the multimedia data packet loss rate and the packet reordering problems without changing MN's mobility stack in IEEE 802.11 Networks.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06d
• /
• pp.13-15
• /
• 2006

유선망에 최적화되도록 진화해온 TCP는 무선망이 가지는 링크의 불안정함으로 인한 손실을 네트워크의 혼잡으로 인한 손실로 오해한다. 그 결과 혼잡 제어 메커니즘이 수행되어 불필요하게 전송율을 줄이므로써 전송 성능을 저하시키는 문제점을 초래한다. 이러한 이유로 최근 유 무선 혼합망에서 TCP의 성능을 향상시키기 위한 연구가 활발히 이루어지고 있다. 본 논문에서는 기존에 제안된 성능향상 기법들 중 상대적으로 뛰어난 성능을 보이는 Snoop 프로토콜이 유 무선 혼합망 특히 IEEE 802.11 MAC 프로토콜을 사용하는 무선망에서 가지는 문제점을 분석하고, Cross-layering 기법을 통하여 이를 보완하는 기법을 제안한다.