• Journal of the Institute of Electronics and Information Engineers
• /
• v.54 no.2
• /
• pp.61-67
• /
• 2017

In this paper, an adaptive MAC technique for various underwater environment with narrow-bandwidth and low transmission speed was proposed. In previously published Underwater Packet Flow Control (UPFC) technique, three transmission types (normal, block and parallel transmission) had been proposed using the number of transmission and transmission time. In addition to the UPFC, the proposed technique is an improved version of UPFC having more effective queuing technique for merge transmission. A mathematical model of the proposed queuing theory was constructed and its increased efficiency per unit transmission number was also verified based on simulations.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.203-205
• /
• 2022

As digital transformation and remote work environment advanced by Covid-19 become more common, the scale of leakage damage to industrial secrets and personal information caused by information leakage attacks is increasing. Recently, advanced and persistent information leakage attacks have become a serious security threat because they do not quickly leak large amounts of information, but continuously leak small amounts of information over a long period of time. In this study, we propose a framework for detecting advanced and persistent information leakage attacks based on traffic characteristics. The proposed method can effectively detect advanced and persistent information leakage attacks using traffic patterns, packet sizes, and metadata, even if the payload is encrypted.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.2
• /
• pp.254-259
• /
• 2008

Mesh WLANs, which consist of wireless mesh routers connecting each other in a mesh topology and self-operate after their autoconfiguration, have several advantages in convenience, swiftness and flexibility of deployment and operation over existing WLANs the expansions of which are done by connecting the APs with wires. However, many technical issues still remain to be solved. Among them, network performance degradations due to the interference between the adjacent hops in multi-hop mesh WLANs, and the reusability of the existing wireless network protocols are critical problems to be answered. This work evaluates the VoIP support performance of IEEE 802.11a/g-based mesh WLANs with multiple wireless interfaces with simulations. The results show that there exit an unfairness in VoIP packet delay performances among mobile routers located at different hops, and that although the capacity of the admitted calls can be increased by increasing the size of voice packet payload it is far less than the expected one. This suggests that the existing 802.11 MAC protocols have their limitation when applied in mesh networks and their enhancement or even a newer one nay be required.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.5B
• /
• pp.413-420
• /
• 2006

HMIPv6 is designed to reduce the signaling load to external network and improve handover speed of MN by including Mobility Anchor Point(MAP) in local handover. However in this case of macro handover, it's just used pervious MIPv6 handover algorithm. So, it occurs packet loss and transmission delay problem. In this paper, we propose the mechanism applying the HMIPv6 for Fast Handover to choose suitable to the condition buffering handover. The condition for the selection is result distance measurement between MN and CN, between MN and NAR. Furthermore, using F-SNOOP protocol, it is possible to improve wireless network performance. Wireless network has high Bit Error Rate(BER) characteristic because of path loss, fading, noise and interference. TCP regards such errors as congestion and starts congestion control. This congestion control makes packet transmission rate low. However, F-SNOOP improves TCP performance based on SNOOP and Freeze TCP that use Zero Window Advertisement(ZWA) message when handoff occurs in wireless network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1613-1621
• /
• 2015

This paper analyzes the rate adaptation scheme and suggests applicable strategy of the MCS(Modulation and Coding Scheme) for improving DCF throughput in the IEEE 802.11ad and 802.11ad wireless LAN. IEEE 802.11ac and 802.11ad wireless LAN provide MCS technique that dynamically adjusts modulation level and code rate to the time-varying channel conditions in order to obtain considerably high data rates. But these standards did not provide rate adaptation algorithm, so this paper surveyes rate adaptation algorithm and suggests MCS scheme applied to IEEE 802.11ac and 802.11ad wireless LAN. Specially A MAC(Medium Access Control) layer throughput is evaluated over error-prone channel in the IEEE 802.11ac-based wireless LAN. In this evaluation, DCF (Distributed Coordination Function) protocol and A-MPDU (MAC Protocol Data Unit Aggregation) scheme are used. Using theoretical analysis method, the MAC saturation throughput is evaluated with the PER (Packet Error Rate) on the condition that the number of station, transmission probability, the number of parallel beams and the number of frames in each A-MPDU are variables.

• The KIPS Transactions:PartC
• /
• v.18C no.4
• /
• pp.243-250
• /
• 2011

Nowadays, the traffic type and behavior are extremely diverse due to the appearance of various services on Internet, which makes the need of traffic identification important for efficient operation and management of network. In recent years traffic identification methodology using statistical features of flow has been broadly studied. We also proposed a traffic identification methodology using payload size distribution in our previous work, which has a problem of low completeness. In this paper, we improved the completeness by solving the PSD conflict using IP and port. And we improved the accuracy by changing the distance measurement between flow and statistic signature from vector distance to per-packet distance. The feasibility of our methodology was proved via experimental evaluation on our campus network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.97-105
• /
• 2008

The various mutations of the malicious codes are fast generated on the network. Also the behaviors of them become intelligent and the damage becomes larger step by step. In this paper, we suggest the method to select the useful measures for the detection of the codes. The method has the advantage of shortening the detection time by using header data without payloads and uses connection data that are composed of TCP/IP packets, and much information of each connection makes use of the measures. A naive estimator is applied to the probability distribution that are calculated by the histogram estimator to select the specific measures among 80 measures for the useful detection. The useful measures are then selected by using relative entropy. This method solves the problem that is to misclassify the measure values. We present the usefulness of the proposed method through the result of the detection experiment using the detection patterns based on the selected measures.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.4
• /
• pp.3-11
• /
• 2016

In the environment of Internet of Things (IoT), IoT devices are limited by physical components such as power supply and memory, and also limited to their network performance in bandwidth, wireless channel, throughput, payload, etc. Despite these limitations, resources of IoT devices are shared with other IoT devices. Especially, remote management of the information of devices and patients are very important for the IoT healthcare service, moreover, providing the interoperability between the healthcare device and healthcare platform is essential. To meet these requirements, format of the message and the expressions for the data information and data transmission need to comply with suitable international standards for the IoT environment. However, the ISO/IEEE 11073 PHD (Personal Healthcare Device) standards, the existing international standards for the transmission of health informatics, does not consider the IoT environment, and therefore it is difficult to be applied for the IoT healthcare service. For this matter, we have designed and implemented the IoT healthcare system by applying the oneM2M, standards for the Internet of Things, and ISO/IEEE 11073 DIM (Domain Information Model), standards for the transmission of health informatics. For the implementation, the OM2M platform, which is based on the oneM2M standards, has been used. To evaluate the efficiency of transfer syntaxes between the healthcare device and OM2M platform, we have implemented comparative performance evaluation between HTTP and CoAP, and also between XML and JSON by comparing the packet size and number of packets in one transaction.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.