• KNOM Review
• /
• v.15 no.1
• /
• pp.31-39
• /
• 2012

오늘날 네트워크 환경은 다양한 응용의 등장으로 트래픽이 복잡 다양해지고 있다. 이러한 상황 속에서 정확한 네트워크의 상태 파악을 위한 트래픽의 응용 별 분류에 대한 중요성은 더욱더 증가하고 있다. 최근 트래픽 플로우의 통계 정보를 이용한 트래픽의 응용 별 분류 방법론에 대한 연구가 활발히 진행되고 있다. 하지만 대부분의 연구들은 TCP 세션의 이상 동작에 대한 고려가 없어 분류결과의 오분류 및 미분류가 발생할 수 있다. 따라서 본 논문에서는 TCP 세션의 이상동작의 문제점을 지적하고 이를 개선하는 방법론을 제안한다. 제안된 방법론을 통계적 응용 트래픽 분류방법에 적용함으로써 그 타당성을 증명한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 1998.11a
• /
• pp.358-364
• /
• 1998

본 논문은 CincoNet사의 Netxray 3.0.1을 통해 실시간 운영중인 동의대학교 종합 정보통신망(DEUNET)의 성능을 분석하고 평가한다. 기존의 네트워크 성능분석이 모의실험이나 트래픽 이론을 통해 분석한 경우가 대부분이므로, 실제 운영중인 네트워크의 성능과는 많은 차이가 날 수 있다. 본 연구에서는 수식적인 이론전개를 통한 성능 분석보다는 실제적인 측정을 통해 교내 망의 시간별 이용률과 사용하는 프로토콜의 현황과 트래픽 특성을 정성적으로 접근하였으며, 교내망인 동의대학교 종합정보통신망(DEUNET)을 모델로 삼았다. 이러한 분석방법은 네트워크의 설계와 증설 및 고장수리에 아주 중요한 기초자료로 사용될 것이다.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.8
• /
• pp.35-43
• /
• 2004

An AAL2 transmission scheme is used to deliver voice and data traffic between Node-B and RNC on 3G WCDMA network. To predict performance of AAL2 multiplexing precisely, we derived analytically bandwidth gain and cell packing density using discrete-time Markov chain model for voice service and validated these results with simulation. We also performed detailed simulation for AAL2 multiplexing in a concentrator. Based on the analytical result, we propose the engineering guideline to select the optimal Timer_CU in a Node-B. We found that there is no major benefit of additional AAL2 multiplexing in a concentrator and the benefit of AAL2 switching in tub for data services is much less than that for voice service.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.23 no.6
• /
• pp.1554-1561
• /
• 1998

When the superposition of realtime traffic and non-realtime traffic is applied to the ATM network, the successive cell loss(block loss) is more influential on the quality of service (QoS) of two traffic streams than the single loss in case of bursty traffic. Block loss can be identified as an important performance measure because of delay-oriented policy for realtime traffic. In this paper, we consider the system with the two-level overload control reducing of the recurrence of shut-down periods and develop a recursive algorithm to obtain both block loss and cell loss probabilities of both traffic. We can see that it gives the more precise and diverse investigations on performance analysis of queuing strategy.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.368-376
• /
• 2013

The importance of application traffic identification is emphasized for the efficient network management with recent rapid development of internet. In this paper, we present the application traffic identification method using the behavior based signature to improve the previous limitations. The behavior based signature is made by combining the existing various traffic features, and uses the Inter-Flow unit that is combination of the first request packet of each flow. All signatures have 100% precision when measured the accuracy of 5 applications using at home and abroad to prove the feasibility of the proposed signature.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.11
• /
• pp.6845-6848
• /
• 2014

This paper proposes a system design of IDS for detecting and defending against DDoS attacks on a network. The proposed system has three parts; the Alert, Attack Analyzer and Defense agent. When the server resource was reduced too much by incoming traffic, the Alert Agent sends message and traffic information to the Attack Analyzer. The message and traffic to the Attack analyzer include only the sender & receiver address and packet numbers for minimizing the overload of Attack Analyzer. Message Received Attack Analyzer investigates the Message. If the pattern of traffic is the same as the DDoS Style, the Analyzer sends a message to the Defense Agent to block that traffic. In this system, at the serious state of the server-down, the Attack analyzer uncovers the DDoS Attacker and send a message to the Defense Agent to block that traffic. This works for server reactivation as soon as possible.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.1B
• /
• pp.1-10
• /
• 2007

We propose a new approach to accommodate bidirectional asymmetric traffic demands as well as unexpected dynamic internet traffic variation in the WDM mesh network by using optical networking technologies. In the proposed scheme, an intermediate node determines the optical path based on the switching statistics of IP router of the node which characterizes the Internet traffic variation, which in effect provides a dynamic and distributed traffic control over the network. It is expected to reduce the efficiency deterioration of RWA(Routing and Wavelength Assignment) due to the real-time variation of Internet traffic so that expandability and flexibility of the network can be enhanced. In this paper, we describe a methodology for traffic behavior analysis at a node, and the decision policy of the establishment/release of optical path. In addition, we evaluate the performance of the proposed scheme through the computer simulations.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.8B
• /
• pp.507-513
• /
• 2005

As the rapid increasement of the number of internet users has occured recently, many multimedia application services have been emerging. To improve quality of service, traffic can be suggested to be classified with priority in EPON(Ethernet Passive Optical Network), which is supporting the multimedia application services. In this paper, multimedia application services treat bandwidth classifying device in serving both delay sensitive traffic for real-time audio, video and voice data such as Von(Voice over Internet Protocol), and for real-time traffic such as BE(Best Effort). With looking through existing mechanisms, new mechanism to improve the quality will be suggested. The delay performances and packet losses of traffic achieved by supporting bandwidth allocation of upstream traffic in suggested mechanism will be analized with simulations.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.93-100
• /
• 2013

In 2012, According to 'Cisco Global Cloud Index 2011-2016', the Cisco company forecasted that global data center traffic will nearly quadruple and cloud traffic will nearly sextuple by 2016. Such a rapid growing of traffic is caused by traffic inside the data center and cloud computing workloads. In 2010, the Ministry of National Defense decided to build a Mega Center including the cloud computing technology by 2014, as part of the '2012 Information Service Plan', which is now underway. One of the factors to consider is cloud computing traffic to build a Mega Center. Since the K-defense cloud computing system is built, K-defense cloud computing traffic will increase steadily. This paper, analyzed the availability of K-defense cloud computing service with the K-defense cloud computing traffic increasing using K-Defense cloud computing test system and CloudAnalyst simulation tool. Created 3 scenarios and Simulated with these scenarios, the results are derived that the availability of K-defense cloud computing test system is fulfilled, even cloud workloads are increased as muh as forecasted cloud traffic growth from now until 2016.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.199-208
• /
• 2007

In a ubiquitous network environment, detecting the leakage of personal information is very important. The leakage of personal information might cause severe problem such as impersonation, cyber criminal and personal privacy violation. In this paper, we have proposed a detection method of personal information leakage based on network traffic characteristics. The experimental results indicate that the traffic character of a real campus network shows the self-similarity and Proposed method can detect the anomaly of leakage of personal information by malicious code.