• Proceedings of the Korean Information Science Society Conference
• /
• 2008.06d
• /
• pp.77-80
• /
• 2008

IP 네트워크(공중망)에 새로운 네트워크 기술들의 결합, 예를 들면 IP-USN, IP-Mesh, IP-PLC 등의 이종 네트워크가 생겨나면서 이러한 네트워크를 안전하게 관리하기 위한 보안 기술의 개발이 요구되고 있다. 기존 IP 네트워크가 가지는 다양하고 견고한 보안 기술들이 이종 네트워크에 그대로 사용될 수 없으면서 생겨나는 문제 중 PKI 기반 인프라를 적용할 수 없다는 것이 가장 현실적이고 중요한 문제로 여겨지고 있다. 이러한 문제로 인해, 새로운 네트워크 기술들은 주로 내부에서 사용하는 대칭키 방식의 암호화, 복호화만을 정의하고 있다. 공개키 방식을 사용할 수 없는 가장 큰 이유는 인증기관에서 발급되는 인증서 중심의 인프라를 사용할 수 없기 때문이다. 본 논문에서는 이러한 문제를 해결하기 위해서, 이종 네트워크 환경에서 비인증서 기반의 공개키를 활용하는 보안키 관리 메커니즘을 제안한다. 제안하는 방식은 신원기반 공개키 개념을 도입하여 적용하였으며, 디바이스간 인증을 위한 인증 티켓 방식 및 보안키의 유효범위를 정하고 이를 활용하여 보다 안전한 네트워크 환경을 구축할 수 있는 방안들을 제시하였다.

• Journal of Korea Multimedia Society
• /
• v.13 no.5
• /
• pp.740-753
• /
• 2010

Performance of TCP can be severely degraded in WLP-based Mobile IP wireless networks where packet loss not related to network congestion occurs frequently during WLP-based inter-subnetwork handoff by user mobility. To resolve such a problem in the networks using WLP-based Mobile IP, the packet buffering method recovering seamlessly the packets dropped due to user mobility has been proposed. The packet buffering method at a bridge station recovers those packets dropped during handoff by forwarding buffered packets at the old bridge station to the WLP device. But, when the WLP device moves to a congested bridge station in a new WLP foreign subnetwork, those buffered packets forwarded by the old bridge station are dropped and TCP transmission performance of a WLP device in the congested bridge station degrades due to increased congestion by those forwarded burst packets. In this paper, a PBM(Packet Bridge Marker) is proposed for preventing buffered out-of-profile(OUT) packets from reducing the throughput of in-profile(IN) packets of an Assured Service WLP device. From this operation, the packet losses of buffered OUT packets are avoided and the throughput of IN and Total packets of an AS WLP device are increased.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.267-280
• /
• 2023

With development of computing and communications technologies, IoT environments based on high-speed networks have been extending rapidly. Especially, from home to an office or a factory, applications of IoT devices with sensing environment and performing computations are increasing. Unfortunately, IoT devices which have limited hardware resources can be vulnerable to cyber attacks. Hence, there is a concern that an IoT botnet can give rise to information leakage as a national cyber security crisis arising from abuse as a malicious waypoint or propagation through connected networks. In order to response in advance from unknown cyber threats in IoT networks, in this paper, We firstly define four types of We firstly define four types of characteristics by analyzing darknet traffic accessed from an IoT botnet. Using the characteristic, a suspicious IP address is filtered quickly. Secondly, the filtered address is identified by Cyber Threat Intelligence (CTI) or Open Source INTelligence (OSINT) in terms of an unknown suspicious host. The identified IP address is finally fingerprinted to determine whether the IP is a malicious host or not. To verify a validation of the proposed method, we apply to a Darknet on real-world SOC. As a result, about 1,000 hosts who are detected and blocked preemptively by the proposed method are confirmed as real IoT botnets.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.6
• /
• pp.1306-1311
• /
• 2013

Driver for safety always check the status of their vehicle, and it is essential to understand. When driver know vehicle driving status, there is know vehicle driving status to use vehicle realtime control data by OBD-II of vehicle network and connected OBD-II connector. But, connector to receive OBD-II data differ each communication connection method to connect smart device.(such as smartphone, blackbox, EDR) if vehicle driver change another smart device from smart device(such as android -> iphone, iphone -> android), vehicle driver exist the inconvenience that purchase new OBD-II connector. in this paper, As make up for the fault, there is to implement one OBD-II connector that integrate Bluetooth, Wifi, WCDMA module. as result, anything smart device was notified realtime vehicle control data through implemented one OBD-II connector in this paper

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.414-426
• /
• 2003

XML is being used to describe components and applications in a vendor and language neutral. Therefore it already has a role in distributed system. XML is also being used as a data interchange format between components and applications in loosely coupled large-scale application. Until now, policy is described for specific applications and devices. Its use has been very limited. In current network management system, we can only invoke predefined operations and actions using policy-based network management. The main motivation for the recent interests in policy-based networks is to support dynamic adaptability of behavior by changing policy without recoding or stopping system. For these reasons we present the use of the XML for describing the policy and PIB(Policy Information Base) in COPS-PR. It improves flexibility and interoperability among heterogeneous network systems. It also can add new functionality into network components. In this paper, we propose a dynamically extensible network management architecture using XML-based PIB.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.2B
• /
• pp.91-97
• /
• 2006

As increasing the network bandwidth, the threat of a network also increases with emerging various new services. For a high-performance network security, It is generally used that high-speed packet classification methods which employ hardware like TCAM. There needs an method using these devices efficiently because they are expensive and their capacity is not sufficient. In this paper, we propose an efficient packet classification using a Ternary-CAM(TCAM) which is widely used device for high-speed packet classification in which we have applied Snort rule set for the well-known intrusion detection system. In order to save the size of an expensive TCAM, we have eliminated duplicated IP addresses and port numbers in the rule according to the partitioning of a table in the TCAM, and we have represented negation and range rules with reduced TCAM size. We also keep advantages of low TCAM capacity consumption and reduce the number of TCAM lookups by decreasing the TCAM partitioning using combining port numbers. According to simulation results on our TCAM partitioning, the size of a TCAM can be reduced by upto 98$\%$ and the performance does not degrade significantly for high-speed packet classification with a large amount of rules.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.275-284
• /
• 2009

Fast development of network technology and digitalization of various kinds of information are accelerating the convergence of between them. Accordingly, an environment for integrated service is needed, where users can be provided with various kinds of information such as voice, video, and text, using even different kinds of devices in heterogeneous networks for communication and broadcasting. In general, enablers integrate several functions to provide with various services in application layer based on IMS in BcN including even different kinds of networks. But in order to receiving convergence services, we must reason the environment of the user through the profiles of the networks and the devices and provide a suitable service to the user. In this paper, we will propose an efficient architecture and functions of a context-aware module which decides the appropriate services based on the profiles in the IMS enabler and its convergence service environments.

• Journal of Broadcast Engineering
• /
• v.17 no.1
• /
• pp.37-48
• /
• 2012

These days many DLNA home media network services start in home network area. DLNA networking softwares included in DLNA media devices contains all of server, renderer and controller functions. But a home media device in home media network environment not uses all of DLNA functions but uses only limited functions. Using all of integrated DLNA functions wastes networking and processing resources especially in home media network, because a home media device uses very limited functions. For example, a smart-TV has a main role of playback and a network attached storage has a main role of media content storage. In this paper, we analyze integrated DLNA networking softwares and design DLNA software models representing each home media device so as to utilize device resources efficiently. And we implement DLNA softwares for smart-TV and smart-phone and test resource efficiency.

• Journal of the Society of Disaster Information
• /
• v.14 no.3
• /
• pp.315-324
• /
• 2018

Purpose: This paper propose a temporary indoor positioning scheme with devices of internet of things (IoT) for disastrous situations in places without the infrastructure of networks. Method: The proposed scheme is based on the weighted centroid localization scheme that can estimate the position of a target with simple computation. Results: It also is implemented with the IoT devices at the underground parking lot, where the network is not installed, of general office building. According to the experiment results, the positioning error was around 10m without a priori calibration process at $82.5m{\times}56.4m$ underground space. Conclusion: The proposed scheme can be deployed many places without the infrastructure of networks, such as parking lots, warehouses, factory, etc.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.11a
• /
• pp.177-180
• /
• 2008

최근 유/무선 통신망과 접속 기술의 발달로 사용자들은 다양한 네트워크로의 접근이 가능하게 되었다. 하지만 이러한 여러 종류의 접속 기술은 접속 기술간 서비스 이동에 따른 이동성 보장이 서로 독립적이기 때문에 핸드오버 시 부가적인 지연이 발생하는 문제가 있다. 또한 다른 접속 서비스로의 비디오 전송 시 QoS 보장이 어려운 문제점이 있다. 따라서 본 논문에서 IEEE 802.21 Media Independent Handover 정보 서비스를 이용하여 네트워크 접속망에서 스케일러블 비디오 코딩 전송 방법을 제안한다. 이는 MIH Function에서 각 단말기에 대한 데이터 전송률과 QoS 정보를 MIH 정보 서버로부터 얻어 비디오 스케일링 레이어를 결정한다. 이렇게 결정된 스케일링 레이어를 이용하여 스케일러블 비디오 코딩을 수행한 후, 각각의 단말기에게 비디오를 전송하게 된다. 이러한 새로운 스케일러블 비디오 전송 모델은 서로 다른 여러 종류의 해상도, 화질, 프레임 전송률을 갖는 영상을 다양한 네트워크의 다양한 디바이스로 적응적인 비디오 전송이 가능하다.