• Journal of the Institute of Convergence Signal Processing
• /
• v.8 no.1
• /
• pp.51-57
• /
• 2007

In this paper we introduce the concept of MPLS-based VPN and propose a scheme for providing VPN services in MPLS networks. Furthermore, we design the control components and the operational procedures and evaluated the performance of traditional VPN implementation methods and MPLS-based VPN. In this scheme it is possible to solve several problems that IP-based VPN pertains via the allocation of VPN ID and virtual space without tunneling, thereby providing effective VPN services. In other words, the MPLS-based VPN scheme uses MPLS networking technology together with the PSTN which can achieve a perfect segregation of user traffic on per-customer basis in a physical link and can guarantee high reliability and security levels. Specially, in the perspective of customers, it can save networking facilities installation and maintenance costs considerably. On the contrary, it possesses some shortcomings in that its deployment tends to be restricted within an ISP's network boundary and it is vulnerable to external security break-ins when going through public networks such as the Internet due to its lack of data encryption capability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.2
• /
• pp.634-645
• /
• 2014

VoIP (Voice over Internet Protocol) is a technology of transmitting and receiving voice and data over the Internet network. As the telecommunication industry is moving toward All-IP environment with growth of broadband Internet, the technology is becoming more important. Although the early VoIP services failed to gain popularity because of problems such as low QoS (Quality of Service) and inability to receive calls as the phone number could not be assigned, they are currently established as the alternative service to the conventional wired telephone due to low costs and active marketing by carriers. However, VoIP is vulnerable to eavesdropping and DDoS (Distributed Denial of Service) attack due to its nature of using the Internet. To counter the VoIP security threats efficiently, it is necessary to develop the criterion or the model for estimating the information security level of VoIP service providers. In this study, we developed reasonable security indicators through questionnaire study and statistical approach. To achieve this, we made use of 50 items from VoIP security checklists and verified the suitability and validity of the assessed items through Multiple Regression Analysis (MRA) using SPSS 18.0. As a result, we drew 23 indicators and calculate the weight of each indicators using Analytic Hierarchy Process (AHP). The proposed indicators in this study will provide feasible and reliable data to the individual and enterprise VoIP users as well as the reference data for VoIP service providers to establish the information security policy.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.235-244
• /
• 2004

TCP Vegas version provides better performance and more stable services than TCP Tahoe and Reno versions, which are widely used in the current Internet. However, in the situation where TCP Vegas and Reno share the bottleneck link, the performance of TCP Vegas is much smaller than that of TCP Reno. This unfairness is due to the difference of congestion control mechanisms of each TCP use. Several studies have been executed in order to solve this unfairness problem. In this paper, we analyze the minimum window size to maintain the maximum TCP performance of link bandwidth. In addition, we propose an algorithm which maintains the TCP performance and improves fairness by selective packet drops in order to allocate proper window size of each TCP connections. To evaluate the performance of the proposed algorithm, we have measured the number of data bytes transmitted between end-to-end systems by each TCP connections. The simulation results show that the proposed algorithm maintains the maximum TCP performance and improves the fairness.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.723-731
• /
• 2005

Wide spread deployment of infrastructure WLANs has made Wi Fi an integral part of today's Internet access technology. Despite its crucial role in affecting end to end performance, past research has focused on MAC protocol enhancement, analysis and simulation based performance evaluation without sufficient consideration for modeling inaccuracies stemming from inter layer dependencies, including physical layer diversity, that significantly impact performance. We take a fresh look at IEEE 802.11 WLANs, and using experiment, simulation, and analysis demonstrate its surprisingly agile performance traits. Contention based MAC throughput degrades gracefully under congested conditions, enabled by physical layer channel diversity that reduces the effective level of MAC contention. In contrast, fairness and jitter significantly degrade at a critical offered load. This duality obviates the need for link layer flow control for throughput improvement but necessitates traffic control for fairness and QoS. We use experimentation and simulation in a complementary fashion, pointing out performance characteristics where they agree and differ.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.11S
• /
• pp.3684-3693
• /
• 2000

In this paper, performance of a nonblocking high speed packet switch with switching capacity m which adopts a dynamic priority control function (DPCF) of a threshold- based Bernoulli priority jump (TBPJ) scheme is considered. Each input queue has two separate buffers with different sizes for two classes of traffics, delay-sensitive and loss-sensitive traffics, and adopts a TBPJ scheme that is a general state-dependent Bernoulli scheduling scheme. Under the TBP] scheme, a head packet of the delay-sensitive traffic buffer goes into the loss -sensitive traffic buffer with Hernoulli probability p according to systems states that represent the buffer thresholds and the number of packets waiting for scheduling. Performance analysis shows that TBPJ scheme obtains large performance build-up for the delay-sensitive traffic without performance degradation for the loss-sensitive traffic. In addition to, TBP] scheme shows better performance than that of HOL scheme.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10a
• /
• pp.480-482
• /
• 1998

최근, 멀티캐스트 기법을 사용하는 멀티미디어 응용 프로그램들이 인터넷에 등장하고 있다. 이들 응용 프로그램들의 성공 여부는 수신자들에게 전송되는 음성/영상의 품질에 의해 좌우된다. 인터넷은 응용프로그램의 QoS(Quality of Service) 에 대한 요구를 보장할 수 없기 때문에 멀티케스트 트래픽(multicast traffic)을 위하여 인터넷의 성능을 최대한 효율적으로 이용할 수 있도록 흐름제어에 대한 많은 연구가 진행되고 있다. 그 중 IVS(INRIA Video conferencing System)에서 제안한 멀티캐스트 트래픽 흐름제어 알고리즘은 수신자가 주기적으로 전달하는 RTCP 의 패킷손실 정보에 의해 송신자가 전송율을 조절하는 것이다. 그러나 이 알고리즘은 네트워크 상태가 무부하(unload)임에도 불구하고 느린 피드백으로 인하여 가용 네트워크 대역폭을 빠르게 파악하지 못하기 때문에, TCP트래픽과 경쟁 상태에서 네트워크 대역폭을 불공정(unfairness)하게 사용하게 되고 네트워크 상태에 알맞는 전송율을 결정하지 못한다. 본 논문에서는 더욱 공정하게 대역폭을 공유할 수 있고 전체 링크 이용율을 높이는 두 가지 기법을 제안한다. 첫째, 측정된 네트워크 혼잡상태에 따라 RTCP 피드백의 전송 빈도를 동적으로 조절하는 것이다. 둘째, TCP와 같이 전송율을 증가/감소시킴으로써 공정하게 네트워크를 공유하도록 하는 것이다. 본 논문에서는 이 두 가지 기법들이 TCP 트래픽에 영향을 주지 않고 또한 RTCP피드백의 양을 증가시키지 않으면서도 공정하게 네트워크 대역폭을 공유함으로써 링크의 이용율을 높일 수 있다는 것을 시뮬레이션을 통하여 보여준다.안 모니터링 기 능 등으로 조사되었다.도 멜-켑스트럼을 사용한 경우 67.5%, K-L계수를 사용한 경우 75.3%로 7.8%의 향상된 인식률을 보였으며 K-L계수와 회귀계수를 결합한 경우에서도 비교적 높은 인식률을 보여 숫자음에 대해서도 K-L계수의 유효성을 확인할 수 있었다..rc$ 구입할 때 중점적으로 살펴보는 사항은 신선도와 순수재래종 여부, 위생상태였다. 한편 소비자가 언제나 구입할 수 없다는 의견이 85.2%나 되어 원활한 공급과 시장조성이 아직 정착되지 않고 있었다. $\bigcirc$ 현재 유통되고 있는 재래종닭은 소비자 대부분이 잡종으로 인식하고 있었으며, 재래종과 일반육계와의 구별은 깃털색, 피부색, 정강이색등 외관상으로 구별하고 있었다. 체중에 대한 반응은 너무 작다는 의견이었고, 식품으로의 인식도는 비교적 고급식품으로 인식하고 있다. $\bigcirc$ 재래종닭고기의 브랜드화에 대한 견해는 젊고 소득이 높은 계층에서 브랜드화의 필요성을 강조하고 있다. $\bigcirc$ 재래종달걀의 소비형태는 대부분의 소비자가 좋아하였으나 아직 먹어보지 못한 응답자가 많았다. 재래종달걀의 맛에 대해서는 고소하고 독특하여 차별성을 느끼고 있었다. $\bigcirc$ 재래종달걀의 구입장소는 계란판매점(축협.농협), 슈퍼, 백화점, 재래닭 사육 농장등 다양하였으며 포장단위는 10개를 가장 선호하였고, 포장재료는 종이, 플라스틱, 짚의 순으로 좋아하였다. $\bigcirc$ 달걀의 가격은 200원정도를 적정하다고 하였으며, 크기는 (평균 52g)는 가장 적당하다고

• Journal of Information Technology and Architecture
• /
• v.10 no.1
• /
• pp.101-111
• /
• 2013

Internet traffic volume has been increasing rapidly due to popularization of various smart devices and Internet development. In particular, HTTP-based traffic volume of smart devices is increasing rapidly in addition to desktop traffic volume. The increased mobile traffic can cause serious problems such as network overload, web security, and QoS. In order to solve these problems of the Internet overload and security, it is necessary to accurately detect applications. Traditionally, well-known port based method is utilized in traffic classification. However, this method shows low accuracy since P2P applications exploit a TCP/80 port, which is used for the HTTP protocol; to avoid firewall or IDS. Signature-based method is proposed to solve the lower accuracy problem. This method shows higher analysis rate but it has overhead of signature generation. Also, previous signature-based study only analyzes applications in HTTP protocol-level not application-level. That is, it is difficult to identify application name. Therefore, previous study only performs protocol-level analysis. In this paper, we propose a signature generation method to classify HTTP-based traffics in application-level using the characteristics of typical semi HTTP header. By applying our proposed method to campus network traffic, we validate feasibility of our method.

• Journal of KIISE:Computing Practices and Letters
• /
• v.6 no.4
• /
• pp.430-440
• /
• 2000

To support Integrated Services in the Internet, the Internet Engineering Task Force(IETF) has developed new mechanisms. These new mechanisms include Resource Reservation Protocol(RSVP) and Integrated Services model. RSVP and Integrated Services are independent of the underlying link layer technologies and it is necessary to define the mapping of RSVP and Integrated Services specifications onto specific link layer technologies. IETF proposed a Subnet Bandwidth Manager(SBM) providing a method for mapping RSVP onto IEEE802 style networks. However, the SBM has several constraints and problems. For solving these constraints and problems, we design and implement a new Ethernet Bandwidth Manager(EBM). This paper discusses (1) new bandwidth management mechanism independent of RSVP, (2) simulation of Ethernet bandwidth to analyze the characteristics of Ethernet and accomplish Ethernet bandwidth management, (3) design and implemetation of EBM that allows Controlled-Load Service, and (4) results of our experiments on EBM.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.2
• /
• pp.57-64
• /
• 2011

The NGN (Next Generation Network) means the kernel infrastructure technology to provide information and communication services which are able to be used at present and future when a ubiquitous computing era has been realized. In other words, NGN can be the frame providing the same information and communication services anytime and anywhere regardless of wire and wireless. The broadband convergence network that has been built in the public institution has established a broadband multimedia communication network supporting voice telephone, task net, internet network, video conference network, voice over IP (VoIP) network and etc. It is possible for a requested bandwidth and services to be served, only if a broadband convergence network provide the interoperability between the various classes which include a transport network layer, network control layer, service control layer and other layers. In this paper, we analyzed the interoperability issues of the present broadband convergence network and propose a guideline for the future one.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.6
• /
• pp.2595-2618
• /
• 2018

In this paper, we investigate secure communication with the presence of multiple eavesdroppers (Eves) in a two-tier downlink dense heterogeneous network, wherein there is a macrocell base station (MBS) and multiple femtocell base stations (FBSs). Each base station (BS) has multiple users. And Eves attempt to wiretap a macrocell user (MU). To keep Eves ignorant of the confidential message, we propose a physical-layer security scheme based on cross-layer cooperation to exploit interference in the considered network. Under the constraints on the quality of service (QoS) of other legitimate users and transmit power, the secrecy rate of system can be maximized through jointly optimizing the beamforming vectors of MBS and cooperative FBSs. We explore the problem of maximizing secrecy rate in both non-colluding and colluding Eves scenarios, respectively. Firstly, in non-colluding Eves scenario, we approximate the original non-convex problem into a few semi-definite programs (SDPs) by employing the semi-definite relaxation (SDR) technique and conservative convex approximation under perfect channel state information (CSI) case. Furthermore, we extend the frame to imperfect CSI case and use the Lagrangian dual theory to cope with uncertain constraints on CSI. Secondly, in colluding Eves scenario, we transform the original problem into a two-tier optimization problem equivalently. Among them, the outer layer problem is a single variable optimization problem and can be solved by one-dimensional linear search. While the inner-layer optimization problem is transformed into a convex SDP problem with SDR technique and Charnes-Cooper transformation. In the perfect CSI case of both non-colluding and colluding Eves scenarios, we prove that the relaxation of SDR is tight and analyze the complexity of proposed algorithms. Finally, simulation results validate the effectiveness and robustness of proposed scheme.