• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.3
• /
• pp.449-455
• /
• 2021

This paper proposes an encryption web transaction attack detection system based on the existing web application monitoring system. Although there was difficulty in detecting attacks on the encrypted web traffic because the existing web traffic security systems detect and defend attacks based on encrypted packets in the network area of the encryption section between the client and server, by utilizing the technology of the web application monitoring system, it is possible to detect various intelligent cyber-attacks based on information that is already decrypted in the memory of the web application server. In addition, since user identification is possible through the application session ID, statistical detection of attacks such as IP tampering attacks, mass web transaction call users, and DDoS attacks are also possible. Thus, it can be considered that it is possible to respond to various intelligent cyber attacks hidden in the encrypted traffic by collecting and detecting information in the non-encrypted section of the encrypted web traffic.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.127-128
• /
• 2016

오픈플로우 네트워크에서 컨트롤과 데이터 플레인은 스위치나 라우터로 분리되어있다. 이 중 인밴드(in-band) 오픈플로우 네트워크에서 컨트롤 트래픽은 데이터 트래픽과 같은 채널을 사용한다. 그러므로 데이터 트래픽 경로의 오류 발생은 컨트롤과 데이터 트래픽에 영향을 미친다. 기존의 오픈플로우 네트워크에서 오류 복구는 컨트롤러와 스위치 간 모니터링을 필요로 한다. 하지만 수백만 개 이상의 플로우가 흐르는 네트워크에서 이는 오버헤드를 발생시킨다. 이 논문은 기존 모니터링 오버헤드를 줄이기 위해 개미 행동양식을 활용한 인밴드 오픈플로우 네트워크에서 오류 복구 기법을 제안한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2008.06a
• /
• pp.131-135
• /
• 2008

데이터스트림 환경에서 무한히 연속적으로 생성되는 데이터를 처리하고 분석하 는방법에 관한 많은 연구가진행중이다. 본 논문은 데이터스트림의 한 예인 네트워크 트래픽을 모니터링하기 위한 OLAP 구현에 대하여 기술한다. 제안하는 OLAP 시스템은 기존의 네트워크 모니터링 툴이 제공하지 못했던 다양한 연산을 지원하여 유연한 분석을 가능하게 하며, 정적인 데이터를 처리하는 데이터웨어하우스에서만 적용되던 OLAP을 데이터스트림 환경에 적용할 수 있게 한다.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.41-50
• /
• 2008

Recently amount of traffic into the network rapidly increase since multimedia streaming services is generally adopted for application. In addition, various network management systems have been suggested for providing a stable service and QoS guarantee. It is necessary for such systems to have QoS monitoring module in order to evaluate acceptance or violation of QoS requirements by analogizing a state information of each node within network. In this paper, we suggest a network management system to evaluate QoS level between end-to-end agents and analysis traffics transmitted between them. The proposed system is implemented for the purpose of collecting network traffic information and monitoring of the view. The proposed system makes user easily understand information of QoS parameters such as throughput, delay and jitter by adopting a method of visual and numerical representation. To achieve this, we purportedly generate test packet into network for confirming acceptance or violation of QoS requirements from point of view of multimedia application service.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.8
• /
• pp.106-113
• /
• 2008

In this paper, we will design and substantiate the Network Traffic management system(MAGI), which makes up for the weak points of existing Network Monitoring tools and realize dynamic firewall; MRTG, ntop, ethereal, and nettest. The Network Traffic Monitoring and analyzing system differs from existing software-based Network Monitoring tools as MAGI is a combination of software and hardware. Not only the innovative web user interface applied to the software makes analyzing traffic simpler, but it also has a function for monitoring and managing conditions of the hardware. The web user interface implemented with PHP and MySQL helps to use the database and as a result, analyzing data becomes easier. On the hardware part, the appliance is configured as a bridge in a network. As a result, managed system does not have overload.

• Journal of KIISE
• /
• v.43 no.11
• /
• pp.1223-1232
• /
• 2016

A virtual network technology can provide a network reflecting the requirements of various services. The virtual network can distribute resources of the physical network to each virtual slice. An efficient resource distribution technique is needed to reflect the requirements of various services. Existing bandwidth distribution techniques can only control downlink traffic without taking traffic conditions on the network into account. Downlink and uplink share the same resources in a wireless network. The existing bandwidth distribution techniques assumed that all stations generate saturated traffic. Therefore, the existing bandwidth distribution technique cannot make traffic isolation in a virtual wireless network. In this paper, we proposed a traffic-based bandwidth control techniques to solve these problems. We applied Software-Defined Networking(SDN) to the virtual wireless network, monitored the traffic at each station, and searched for stations that generated unsaturated traffic. We also controlled both uplink and downlink traffics dynamically based on monitoring information. Our system can be implemented with legasy 802.11 clients and SDN-enabled APs. After the actual test bed configuration, it was compared to existing techniques. As a result, the distribution performance of the proposed technique was improved by 14% in maximum.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.394-395
• /
• 2022

스마트쉽 솔루션 SEES는 선박의 정보를 육상으로 전달하며, 실제 적용된 프로젝트 사례를 보며 무선통신망에서 생기는 지연에 대한 문제를 연구하고자 한다.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.7
• /
• pp.157-164
• /
• 2008

In this paper we suggest a scheduling algorithm that transmits periodic traffics efficiently in tree-structured wireless sensor networks (WSNs). The related research[l] showed the problems such as increasing the energy consumption and decreasing the data throughput as the depth of tree increases. To solve these problems. we use idle time slots and avoid the redundancy at data transmission. Also we suggest the algorithm that transmits the control packet when it is similar to a previously measured data. And if emergency data is occurred, our proposed algorithm transits that data in EDP(Emergency Data Period) for reducing the wait time. The proposed algorithm shows more data throughput and less energy consumption than that of the related research.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2006.05a
• /
• pp.1060-1065
• /
• 2006

본 논문에서는 차세대 네트워크에서 통합적이고 품질을 보장해주는 라우팅 알고리즘을 제안한다. 이 알고리즘은 모니터링 하는 에이전트에 의해 네트워크의 상태를 정보로 전달하여 좀 더 네트워크 상황에 적응력이 높은 것이 특징이다. 우리는 트래픽의 지연이나 손실을 피하기 위해 에이전트를 이용해 네트워크 상황을 모니터링 하게 된다. 이 에이전트들은 시간에 따라 변화하는 네트워크의 트래픽의 수요를 관찰하여 네트워크 상태를 이후 트래픽의 경로를 설정해 주는데 정보로 제공해 준다. 이 알고리즘은 기존에 제안된 다품종 최소비용 문제를 이용한 라우팅 알고리즘을 에이전트를 이용해 개선한 것이다. 우리는 실험을 통해 알고리즘의 성능을 실험해 보았다.

• Proceedings of the Korea Contents Association Conference
• /
• 2005.05a
• /
• pp.97-100
• /
• 2005

Recently, Internet user grows larger every year. So, It brought about lack of IP address. Because of it, IPv4 is being substituted to IPv6. In this thesis, proposed attack tool in IPv6 base, attack detection tool have algorithm which is consist of 2 steps attack confrontation with analysis packet header data using packet capture. and automatic attack isolation tool against attack using tool.