Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.6.1571

Design of a Reliable Data Diode System  

Kim, Dongwook (The Attached Institute of ETRI)
Min, Byunggil (The Attached Institute of ETRI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.6, 2016 , pp. 1571-1582 More about this Journal
Abstract
One of the issues, which is dealed with in undirectional data transmission technology, is reducing the packet loss in TCP based data transfer. We can decrease the packet loss by using several well known error correction approaches. Although we utilize those previous approaches, the packet loss by both link errror and buffer overflow could be occurred. In this paper, we propose the RED(REliable Data diode). RED also uses the TCP proxy approach for supporting the TCP based data transfer which is similar with the existing unidirectional data transmission technologies. The RED transmission system could alleviate the packet loss caused by buffer overflow by exploiting the delaying transmission of TCP packets. Furthermore, in order to reduce the packett loss caused by link error in the unidirectional transmission link, the RED transmission system transmits one or more duplicated packets to the RED reception system by considering both the remaining resources and packet importance.
Keywords
Unidirectional Data Transmission System; Data Diode; packet loss; link error; buffer overflow;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 B. Constantine, G. Forget, R. Geib, and R. Schrage, "Framework for TCP Throughput," RFC 6349, 2011
2 Wiki: Unidirectional Network, http://en. wikipedia.org/wiki/Unidirectional_network
3 M.H. Kang, I. Moskowitz, and S.Chincheck. "The pump: A Decade of Covert Fun," Proceedings of 21st Annual Computer Security Applications Conference, pp. 352-360, Dec. 2005
4 David M. Goldechlag, "Several Secure Store and Forward Devices," Proceedings of the Third ACM Conference on Computer and Communications security, pp. 129-137, 1996
5 D. G. Gomez, "Receive-only UTP cables and Network Taps," http://www.infosecwriters.com, 2004
6 Waterfall One-Way. [Online]. Available: http://www.waterfallsecurity.com
7 Dual diode. [Online]. Available: http://www.owlcti.com
8 H. Okhravi and F. T. Sheldon, "Data diodes in support of trustworthy cyber infrastructure," in Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW), pp. 231-234, Apr. 2010
9 R. Mraz and J. Hope, "Concurrent Data Transfer Involving Two or More Transport Protocols Over a Single One-Way Data Link," US Patent No. 8,139,581, Mar. 21, 2012
10 C. A. Nilsen, "Method for Transferring Data from an Unsecured Computer to a Secured Computer," US Patent No. 5,703,562, Dec. 30, 1997
11 Lin Honggang, "Research on Packet Loss Issues in Unidirectional Transmission," Journal of Computers, vol. 8, no. 10, pp. 2664-2671, Oct. 2013
12 J. Menoher, "All Data Diodes Are Not Equal", White Paper, Sep. 2013
13 Fox-IT, "Fox DataDiode: A Pereferred Solution for high-security real-time electronic unidirectional data transfer between networks," White paper, Jan. 2008
14 Y. Heo, B. Kim, D. Kang, S. Shon, and J. Na, "A Design of Unidirectional Security Gateway for Enforcement Security and Reliability for Transfer Data," The Korean Institute of Communications and Information Sciences, pp827-828, Jan. 2016
15 K. Kim, J. Yun, H. Kim, M. Jung, W. Kim, E. Park, and S. Park, "Physical One Direction Communication Device and Method Thereof," Korea Patent No. 10-1593168, Feb. 02, 2016
16 IEEE 802.3-2012. The Standard for Ethernet, Dec. 2012
17 M. Elaoud and P. Ramanathan, "Adaptive Use of Error-Correcting Codes for Real-time Communication in Wireless Networks," Proceedings of IEEE Infocom'98, pp. 548-555, Mar. 1998
18 IEEE 802.11-2007. IEEE Standard-part 11: wireless LAN medium access control and physical layer specifications, Jun. 2007
19 Jon Postel, "Transmission Control Protocol," RFC 793, 1981
20 M. Allman, V. Paxson, and W. Stevens, "TCP Congestion Control," RFC 2581, 1999
21 J.S. Ahn and J. Heidemann, "An adaptive FEC algorithm for mobile wireless networks," The KIPS Transactions, vol9C, no. 4 pp. 563-572, Aug. 2002   DOI
22 S. Choi, Y. Choi, and I. Lee, "IEEE 802.11 MAC-level FEC scheme with retransmission combining," IEEE Transactions on Wireless Communications, vol. 5, no. 1, pp. 203-211, Jan. 2006   DOI
23 S. S. Chakraborty, E. Yli-Juuti, and M. Liinaharja, "An ARQ scheme with packet combining," IEEE Communications Letters, vol. 2, no. 7, pp. 200-202, Jul. 1998   DOI
24 S. S. Chakraborty, M. Liinaharja, and E. Yli-Juuti, "An adaptive ARQ scheme with packet combining," IEEE Communications Letters, vol.3, no.2, pp. 52-53, Feb. 1999   DOI
25 H. Dubois-Ferriere, D. Estrin, and M. Vetterli, "Packet combining in sensor networks," Proceedings of ACM SenSys, pp. 102-115, Nov. 2005
26 P. S. Sindhu, "Retransmission error control with memory," IEEE Transactions on Communications, vol. COM-25, no.5, pp.473-479, May. 1977
27 H. Jiang and C. Dovrolis, "Passive Estimation of TCP Round-Trip Times," ACM Computer Communication Review, vol. 32, no. 3, pp. 75-88, Aug. 2002
28 A. Bakre and B. Badrinath, "I-TCP: Indirect TCP for mobile hosts," Proceedings of 15th International Conference on Distributed Computing Systems (ICDCS), pp. 136-143, May. 1995
29 R. Cohen and S. Ramanathn, "Using proxies to enhance TCP performance over hybrid fiber coaxial networks," Elsevier Computer Communications, vol. 20, pp. 1502-1518, Jan. 1998   DOI