• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.6C
• /
• pp.471-479
• /
• 2008

In this paper, we propose a novel algorithm to automatically generate an RTP timestamp value that is required for the RTP packetization in order to transmit SVC video over various If networks such as Internet. Unlike the conventional single layer coding algorithms such as H.263, MPEG-4 and H.264, SVC generates a multi-layered single bitstream which is composed of a base layer and one or more enhancement layers in order to simultaneously provide temporal, spatial, and SNR scalability. Especially, in order to provide temporal scalability based on hierarchical B-picture prediction structure, the encoding (or transmission) and display order of pictures in SVC coding is completely decoupled. Thus, the timestamp value to be specified at the header of each RTP packet in video transmission does not increase monotonically according to the display time instant of each picture. Until now, no method for automatically generating an RTP timestamp when SVC video is loaded in a RTP packet has teen introduced. In this paper, a novel automatic RTP timestamp generation method exploiting the TID (temporal ID) field of the SVC NAL unit header is proposed to accommodate the SVC video transmission.

• Journal of the Korea Society for Simulation
• /
• v.15 no.1
• /
• pp.87-95
• /
• 2006

We need to check into when a security system is newly developed, we against cyber attack which is expected in real network. However it is impossible to check it under the environment of a large-scale distributive network. So it is need to simulate it under the virtual network environment. SSFNet is a event-driven simulator which can be represent a large-scale network. Unfortunately, it doesn't have the module to simulate security functions. In this paper, we added the IDS module to SSFNet. We implement the IDS module by modeling a key functions of Snort. In addition, we developed some useful functions using Java language which can manipulate easily a packet for network simulation. Finally, we performed the simulation to verify the function if our developed IDS and Packets Manipulation. The simulation shows that our expanded SSFNet can be used to further large-scale security system simulator.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.3
• /
• pp.69-75
• /
• 2021

Limitation of the TCP/IP network technology included in the vehicle communication is due to the frequent mobility of the vehicle, the increase in intermittent connection requirements, and the constant presence of the possibility of vehicle hacking. VNDN technology enables the transfer of the name you are looking for using textual information without the need for vehicle identifiers like IP/ID. In addition, intermittent connectivity communication is possible rather than end-to-end connection communication. The data itself is the subject of communication based on name-based forwarding using two types of packets: Interest packet and Data packet. One of the issues to be solved for the realization of infotainment services under the VNDN environment is the traffic explosion caused by data broadcasting. In this paper, we analyze and compare the existing technologies to reduce the data broadcast storm. Through this, we derive and analyze the requirements for presenting the best data mitigation technique for solving the data explosion phenomenon in the VNDN environment. We expect this paper can be utilized as prior knowledge in researching improved forwarding techniques to resolve the data broadcast explosion in connected vehicles over NDN.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.1
• /
• pp.61-71
• /
• 2017

ARP Spoofing is a basic and core hacking technology for almost all sniffing. It makes change the flow of packets by faking the 2nd layer MAC address. In this paper we suggested an efficient hacking technology for sniffing remote servers in the switched network environment. The suggested 'Faked ARP Reply Unicast Spoofing' makes the bidirectional packets sniffing possible between the client and server, and it makes simplify the procedures for ARP sniffing and hacking program. In this paper we researched the network hacking and implementation technologies based on the suggested ARP spoofing. And we researched various types of servers hacking such as Root ID and PW of Telnet/FTP server, Root ID and PW of MySQL DB server, ID and PW of Web Portal Server, and account information and transaction history of Web Banking Server. And also we researched the implementation techniques of core hacking programs for the ARP Spoofing.

• The KIPS Transactions:PartC
• /
• v.19C no.1
• /
• pp.29-38
• /
• 2012

Due to rapid spread of smart phones and SNS(Social Network Service), using of Internet applications has increased and taking up bandwidth more than 3G network's capacity recently. This caused reduction of speed and service quality, and occurred strong needs that backbone network company to increasing investment costs. Also a great rise of mobile network users causing identity management problems on mobile service provider through mobile network. This paper proposes advanced IDM3G[1] - to solve user ID management and security problems on mobile internet application services over 3G network and more - authentication management protocol. $I^2DM$ protocol breakup loads which made by existing IDM3G protocol's mutual authentication via mobile operator, via sending some parts to internet application service provider, enhancing mobile and ID management of service provider and network load and process load from information handling and numbers of transmitting packets, to suggest more optimized protocol against further demanding of 3G mobile network.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.11a
• /
• pp.27-30
• /
• 2008

본 논문에서는 지상파DTV 방송프로그램 보호를 위한 하드웨어 PPI 전송서버를 제안한다. 제안한 하드웨어 PPI 전송서버는 방송환경에서의 안정성을 보장하기 위하여 소프트웨어의 PPI 스케줄러와 하드웨어의 PPI MUX로 구성하였다. PPI 스케줄러는 EPG를 PPI 보호신호와 프로그램 ID와 함께 편성하여 시간순서로 스케줄링하는 기능을 제공하며, PPI MUX는 EPG, PPI 보호신호, 프로그램 ID를 PSIP로 부호화한 후, 이를 MPEG-2 TS로 패킷화하여 실시간 출력하는 기능을 제공한다. 또한 하드웨어 PPI 전송서버는 기존의 방송 송출 시스템의 변경 없이 유연하게 연동시킬 수 있는 장점이 있다. 본 논문에서 제안한 하드웨어 PPI 전송서버는 PPI 보호신호를 방송프로그램에 삽입하여 송출함으로써, 지상파DTV 방송프로그램의 무단복제, 불법배포를 제한하는 기능을 제공한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 1998.11a
• /
• pp.354-357
• /
• 1998

MPLS (Multiprotocol Label Switching)는 인터넷에서 속도, 확장성 그리고 서비스 제공 능력을 향상시키기 위한 백본 네트웍으로 이용하기 위하여 Internet Engineering Task Force (IETF) standard로 급속하게 성장하고 있다. MPLS는 기존의 인터넷 라우팅에서 사용하는 longest prefix match 방식을 이용하는 라우팅 방법 대신에 short label exact match 방식과 L3 forwarding 방법을 사용함으로써 고속 인터넷 서비스 기술을 제공한다. 한편, 기존 인터넷의 IP format을 보면 Host Id, (Address prefix, Host Id), Broadcasting, Multicasting의 네 가지 종류의 구조를 가지고 있다. 그러나 아직 MPLS에서의 멀티캐스트 서비스에 대한 방식이 아직 표준화되고 있지 않고 있는 상황에서, MPLS 서비스 도메인 내에서 멀티캐스트 패킷은 기존의 멀티캐스트 라우팅 프로토콜과 연계되어 MPLS상에서 멀티캐스트 서비스가 이루어져야 한다. 본 논문에서는 기존의 인터넷상에서 제공되어지는 멀티캐스트 IP 플로우들을 MPLS 상에서 수용하기 위한 방식을 제안한다.

• Proceedings of the KAIS Fall Conference
• /
• 2010.05a
• /
• pp.214-217
• /
• 2010

DDoS(distributed denial of service)공격은 1990년 중반에 처음 나타나기 시작하여 1,2세대 네트워크 자체에 대한 트래픽 폭주형태의 공격에서부터 3세대 봇넷을 이용하여 특정 서버와 특정서비스를 마비시키기 위한 공격을 거쳐 4세대의 분산 형식의 C&C를 이용하는 공격의 유형으로 발전 하고 있다. DDoS공격은 점점 지능화 되고 있으며 기존의 IDS(Intrusion Detection System) 시스템을 이용한 탐지방법으로 공격을 탐지하기에는 어려움이 존재한다. 본 논문은 IDS시스템을 보다 더 지능화시키기 위한 논문으로 IDS는 내부시스템으로부터 쿼리를 넘겨받아 업데이트를 수행하고 업데이트를 수행함과 동시에 라우터에게 C&C서버로부터 나오는 패킷을 차단하도록 알려 준다. 즉, IDS에서 일어나는 False Negative문제를 줄여줌으로써 DDoS 공격에 대하여 Zombie시스템을 생성하지 못하도록 하고자 하는데 그 목적이 있으며 점점 지능화되어 가고 있는 DDoS공격에 대하여 차단을 하고자 하는 방향성을 제시하고 있다.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.91-97
• /
• 2003

As increasing of Internet user and fast development of communication, many security problems occur. Because of Internet is design and development for speed not security, it is weak to attack from malicious user. furthermore attack is more developed to have high efficiency and intelligent. We proposed effective traceback system in network and consider that ability of constitution. Traceback by Selected Router system is consists of managed router and manager system. Selected router marks router ID to packet which passing selected router, and use this router ID for traceback and filtering. Consequently this system reduce damage of attack.

• Proceedings of the KAIS Fall Conference
• /
• 2011.05a
• /
• pp.251-254
• /
• 2011

본 논문에서는 예약주소를 사용한 HMIPv6로 각 통신 노드에 따른 그룹 군집화와 MIH 패킷의 Service Specific TLVs의 변형을 통해 기존의 핸드오버에서 좀 더 가볍고 빠른 Searching과 효율적인 인증을 이룰 수 있도록 하였다. 군집(Aggregate) 세션 단위로 자원예약을 하는 경우 종단간 SID(Session ID)와는 별도로 군집 SID를 사용하는데 MIH의 Service Specific TLVs를 통해 터널링을 이루고 변형된 Service Specific 공간을 통한 효율적인 핸드오버를 지원한다.