• Journal of Internet Computing and Services
• /
• v.8 no.4
• /
• pp.11-16
• /
• 2007

Since the problem of IP address shortage is caused by the explosive increases of demand for internet service, the IETF has defined the NAT and NAPT that users are able to designate and utilize a private IP address area for their own purposes. In this paper, we have designed and implemented a network module for integration of ADSL-IP Sharer using ATMOS, which uses a global IP address to work through ADSL and NAPT for simultaneous PC accesses to a broadband line. we have tested and analyzed the performance of the proposed network module for integration of ADSL-IP Sharer using ATMOS

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.12
• /
• pp.42-53
• /
• 2011

As IT industry using networks have been developed explosively, online operations that were conducted in offline are increasing rapidly, and even relationship with other people made online. As online crimes are increasing accordingly, building security networks is getting very important. As a result, network separation between business and organization network has been performed recently, but this causes network user inconvenience and efficiency reduction. In this paper, we propose reassociation methods for already separated networks for many public organizations. We implement two reassociation methods using NAT device and shared storage and show their experimental results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.3-11
• /
• 2005

This paper presents a performance analysis model based on an M/M/1 queue and Poisson distribution of input data traffic. The simulation on a pipelined AES system with processing rate of 10 rounds per clock shows $4.0\%$ higher performance than a non-pipelined version consuming 10 clocks per transaction. Physical implementation of pipelined AES with FPGA takes 3.5 times bigger gate counts than the non-pipelined version whereas the pipelined version yields only $3.5\%$ performance enhancement. The proposed analysis model can be used to optimize cost-performance of AES hardware designs.

• The KIPS Transactions:PartA
• /
• v.15A no.5
• /
• pp.249-258
• /
• 2008

DCDN(Distributed Contents Delivery Network) as known the next generation of CDN is to exploit the resource of client PCs based on P2P technology to provide low cost, high scalability and high speed services when contents are delivered. This DCDN has two problems. One is that DCDN can't provide a sustainable service because client PCs are on/off irregularly and their on times tend to focus on specific time zone, and the other is that client PCs can not be accessed outside in DCDN if they are behind NAT or Firewall. In this paper, we present a distributed contents delivery network based on home gateway for a sustainable service. If home gateway is used in DCDN instead of client PC, it can solve the two existing problems of DCDN. That is, home gateway can provide a sustainable service because it is on during all day and it is not behind NAT and Firewall. The proposed method is implemented with ASUS WL-500GP, a wired/wireless router. Experimental results show the effectiveness of the proposed method compared to the existing method of DCDN.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.394-396
• /
• 2002

최근 다양한 무선 인터넷 기술 중에서도 무선랜을 이용한 서비스는 기존의 유선랜 기반의 서비스들을 그대로 적용 할 수 있다는 큰 장점 때문에 상당한 관심이 집중되고 있다. 무선랜 기술의 핵심 중 하나는 기능적으로 유무선의 호스트들 간의 서비스 연동을 담당하는 장비인 무선 액세스 포인트에 있다. 현재 국내외에서 상용화 된 대부분의 액세스 포인트 장비는 단순한 브리지 및 게이트웨이 기능과 인터넷 주소의 부족에 의한 해결책으로 기본적인 NAT(Network Address Translation) 기능만을 지원한다. 그러므로 다양한 응용에 따른 서비스의 연동을 가능하게 하는 기술에 대한 지원이 미비하다 할 수 있다. 사설망과 공인망 사이의 서비스 연동을 NAT 기반의 네트워크에서 동작하도록 하기 위한 연구가 바로PAT(Port Address Translation) 기술이다. 본 논문에서는 기존의 NAT 기반의 모듈들과 효과적으로 연동할 수 있는 최적화된 PAT 기능을 설계 및 구현하였다. 그리고 이를 통합한NAPT 액세스 포인트를 개발하여 그 기능을 시험하고 검증하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06d
• /
• pp.503-507
• /
• 2007

라우터는 여러 곳에서 들어오는 패킷들을 빠르게 전달하는 기능을 담당하는 네트워크 장비로서, 들어오는 패킷들이 공평하게 서비스 받을 수 있도록 큐 관리 알고리즘을 사용한다. 그런데 대부분의 라우터들은 HOL 블록킹 문제 때문에 버퍼를 입력 포트 쪽이 아닌 가상적으로 출력 포트 쪽에 정의하는 VOQ로 구현을 하였고, 패킷들이 공평하게 서비스 받기 위해 DRR 알고리즘으로 구현하는 경향이 있다. 이 논문에서는 기존의 DRR 알고리즘에서 패킷 서비스를 위한 경직된 조건에 유연성을 주어 기존의 DRR 알고리즘의 복잡도와 공평성을 유지하는 한편 패킷 서비스 성능을 높여주는 NDRR 알고리즘을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.05a
• /
• pp.1077-1079
• /
• 2008

본 논문에서는 침해사고 발생시 신속하고 정확한 대응을 위하여 컴퓨터 포렌식을 이해하고 이 기법을 활용하여 침해사고 발생시 침해정보와 흔적을 수집, 분석할 수 있는 클라이언트/서버 환경에서의 실시간 침해사고 대응 시스템 구조의 설계 제안하였다. 제안된 시스템의 하드웨어 적용 범위는 특별한 제약을 주지 않고, 구내망이 구축된 시설, 즉 기업이나 기관에 모두 적용될 수 있도록 하였다. 또한 소프트웨어 환경은 윈도우를 기반으로 하고, 통신 환경으로는 인터넷 환경을 지원하기 위하여 TCP/IP Winsock 프로토콜을 채택하였다. 이상과 같은 조건을 만족하고, LAN 상의 서버에 이 시스템을 설치 하여 네트워크 내에 있는 모든 컴퓨터를 감시, 제어하고 효율적으로 관리할 수 있도록 하여 기업내 침해사고에 빠르게 대처할 수 있게 하였다.

• Transactions of the Korean Society of Mechanical Engineers A
• /
• v.38 no.8
• /
• pp.893-898
• /
• 2014

A direct pulsed laser process for welding and networking silver nanowires was developed. The welded nanowire network demonstrated modified electrical properties in a transparent substance. In particular, the welding points on the nanowires were investigated to measure the resistance at the connections. The level of networking in nanowires was explored with respect to various laser pulse widths and average power densities. In particular, the influence of laser beam density was investigated in detail. Selective laser treatment can be advantageous in imparting customized local property changes in transparent conducting materials. Various applications of the process are also discussed in this paper.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.10
• /
• pp.25-32
• /
• 2019

In this paper, we propose a method to apply the attack surface expansion through decoy traps to a protected server network. The network consists of a large number of decoys and protected servers. In the network, each protected server dynamically mutates its IP address and port numbers based on Hidden Tunnel Networking that is a network-based moving target defense scheme. The moving target defense is a new approach to cyber security and continuously changes system's attack surface to prevent attacks. And, the attack surface expansion is an approach that uses decoys and decoy groups to protect attacks. The proposed method modifies the NAT table of the protected server with a custom chain and a RETURN target in order to make attackers waste all their time and effort in the decoy traps. We theoretically analyze the attacker success rate for the protected server network before and after applying the proposed method. The proposed method is expected to significantly reduce the probability that a protected server will be identified and compromised by attackers.

• Journal of KIISE:Computing Practices and Letters
• /
• v.11 no.1
• /
• pp.92-99
• /
• 2005

In this paper, we present a high-level design methodology applied on a network system-on-a-chip(SOC) using SystemC. The main target of our approach is to get optimum performance parameters for high network address translation(NAT) throughput. The Fast Ethernet media access controller(MAC) and its direct memory access(DMA) controller are modeled with SystemC in transaction level. They are calibrated through the cycle-based measurement of the operation of the real Verilog register transfer language(RTL). The NAT throughput of the model is within $\pm$10% error compared to the output of the real evaluation board. Simulation speed of the model is more than 100 times laster than the RTL. The validated models are used for intensive architecture exploration to find the performance bottleneck in the NAT router.