• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2004.04a
• /
• pp.43-48
• /
• 2004

RTP that is proposed supplement of real-time services on internet environment, as Real-time Transport Protocol, is the protocol that for the purpose of sending data of stream type. RTP and RTCP(Real-time Transport Control Protocol) basically work at the same time, RTCP serves with state information of network at present. RTP has important properties of a transport protocol that runs on end-to-end systems and provides demultiplexing. It also offer reliability and protocol-defined flow／congestion control that transport protocol like TCP can not provides. In this paper, we look around concept and construction of Differentiated sen1ice tint run on RTP and by setting parameters of packet transfer method be used CBQ(Class-Based Queuing) for packet transfer on Differentiated service, each service queue controls properly through packet scheduling method, such as WRR(Weighted Round Robin) and PRR(Packet-by-packet Round Robin) all service classes do not experience the starvation and confirm the performance through computer simulation to achieve fairly scheduling.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.6 s.324
• /
• pp.17-24
• /
• 2004

This paper proposes an efficient technique to protect e-mail server from DDoS attack using the CBQ (Class Based Queuing) algorithm The proposed method classifies incoming trafic to an e-mail server into three classes: 'more important mail traffic', 'less important traffic' and 'unknown traffic' and assigns bandwidths differently to the traffics. By differentiating the bandwidths of classes, normal mail traffic may flow even under DDoS attack in the proposed technique. The proposed technique is implemented on an embedded system which hires a switching processor with the WFHBD(Weighted Fair Hashed Bandwidth Distribution) engine that has been known as an efficient algorithm to distribute a given bandwidth to multiple sources, and it is verified that it can be an efficient way to protect e-mail server from DDoS attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.129-140
• /
• 2003

Recently viruses and various hacking tools that threat hosts on a network becomes more intelligent and cleverer, and so the various security mechanisms against them have ken developed during last decades. To detect these network attacks, many NIPSs(Network-based Intrusion Prevention Systems) that are more functional than traditional NIDSs are developed by several companies and organizations. But, many previous NIPSS are hewn to have some weakness in protecting important hosts from network attacks because of its incorrectness and post-management aspects. The aspect of incorrectness means that many NIPSs incorrectly discriminate between normal and attack network traffic in real time. The aspect of post-management means that they generally respond to attacks after the intrusions are already performed to a large extent. Therefore, to detect network attacks in realtime and to increase the capability of analyzing packets, faster and more active responding capabilities are required for NIPS frameworks. In this paper, we propose a framework for real-time intrusion prevention. This framework consists of packet filtering component that works on netfilter in Linux kernel and traffic control component that have a capability of step-by-step control over abnormal network traffic with the CBQ mechanism.