• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.11
• /
• pp.35-43
• /
• 2011

In this paper, we propose a novel architecture for seamless mobility management to provide users with seamless Internet connection when users roam between diverse wireless local area networks (WLANS) controlled by different management entities. There have been many researches in IETF, i.e., MIPv6, HMIPv6, and PMIPv6, to provide the mobility management. However, practically since wireless access points or access routers, which are managed by an individual manager or ISP managers, have different authentication scheme and the supported mobility management, the previous mobility management protocol developed by IETF can not guarantee the quality of service of application services as the mobile node performs the handover. To solve this drawback, we propose the mobility management scheme to provide QoS-guaranteed Internet services during the handover by configurating the wireless networks which is defined by users. More specifically, we present a model, the architecture and an algorithm for user-defined network (UDN) to provide the seamless Internet service. Finally, the performance of the proposed algorithm is evaluated by the network simulation tool.

• The Journal of Society for e-Business Studies
• /
• v.22 no.2
• /
• pp.169-185
• /
• 2017

Juliano Rizzo and Thai Duong, the authors of the BEAST attack [11, 12] on SSL, have proposed a new attack named CRIME [13] which is Compression Ratio Info-leak Made Easy. The CRIME exploits how data compression and encryption interact to discover secret information about the underlying encrypted data. Repeating this method allows an attacker to eventually decrypt the data and recover HTTP session cookies. This security weakness targets in SPDY and SSL/TLS compression. The attack becomes effective because the attacker is enable to choose different input data and observe the length of the encrypted data that comes out. Since Transport Layer Security (TLS) ensures integrity of data transmitted between two parties (server and client) and provides strong authentication for both parties, in the last few years, it has a wide range of attacks on SSL/TLS which have exploited various features in the TLS mechanism. In this paper, we will discuss about the CRIME and other versions of SSL/TLS attacks along with countermeasures, implementations. We also present direction for SSL/TLS attacks resistance in practice.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.211-217
• /
• 2008

Recently, there are many efforts to support seamless mobility in 802.11 WLANs using IP Layer mobility protocols. The IP layer mobility protocols are the most efficient mechanism to guarantee the service session continuity when IP subnet is changed during handover. Even if the IP layer mobility protocols are quite efficient, the feature of the protocols that had been designed to consider only L3 layer makes it difficult to improve the performance of hand over more and more. Nowadays, to overcome this limitation of IP mobility protocols, many researchers have worked on the mobility protocols integration of different layers (e.g., L2 layer). In this paper, we propose the enhanced Proxy MIPv4 to minimize the latency of handover using MIH protocol in 802.11 WLANs. The proposed mechanism minimizes the latency of authentication by exchanging security keys between Access Routers during handover. Moreover, it also minimizes packet losses by Inter-AP Tunneling and data forwarding.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.12
• /
• pp.2293-2300
• /
• 2008

In ad-hoc sensor network, AODV routing information is disclosed to other nodes because AODV protocol doesn't have any security mechanisms. The problem of AODV is that an attacker can falsify the routing information in RREQ packet. If an attacker broadcasts the falsified packet, other nodes will update routing table based on the falsified one so that the path passing through the attacker itself can be considered as a shortest path. In this paper, we design the routing-information-spoofing attack such as falsifying source sequence number and hop count fields in RREQ packet. And we suggest an efficient scheme for detecting the attackers and isolating those nodes from the network without extra security modules. The proposed scheme doesn't employ cryptographic algorithm and authentication to reduce network overhead. We used NS-2 simulation to evaluate the network performance. And we analyzed the simulation results on three cases such as an existing normal AODV, AODV under the attack and proposed AODV. Simulation results using NS2 show that the AODV using proposed scheme can protect the routing-information-spoofing attack and the total n umber of received packets for destination node is almost same as the existing norm at AODV.