• Journal of KIISE:Information Networking
• /
• v.36 no.1
• /
• pp.43-49
• /
• 2009

The Mobile IPv6(MIPv6) has a well-known time gap of packet loss between link down and binding update. To minimize such packet loss, this paper proposes a MIPv6-based dual tunneling mechanism, which keeps exploiting the old tunnel while creating a new tunnel. Superiority of the proposed mechanism is evaluated by quantitative analysis on the lost packets and computer simulation, based on two overlay heterogeneous access networks, such as the UMTS and a WLAN.

• Journal of KIISE:Computing Practices and Letters
• /
• v.9 no.5
• /
• pp.578-587
• /
• 2003

The DSTM (Dual Stack Transition Mechanism), one of tunneling mechanism, is considered as the best solution in IPv4/IPv6 transition recently. The DSTM provides a method to assure IPv4/v6 connectivity based on 4over6 (IPv4-over-IPv6) tunneling and temporal allocation of a global IPv4 address to a host requiring such communication. A TEP (Tunnel End Point) operates as a border router between IPv6 domain and IPv4 Internet, which performs encapsulation and decapsulation of 4over6 tunneling packets to assure hi-directional forwarding between both networks. In this paper, we analyze basic standards of the IPv6 protocol. And, we design and implement a DSTM TEP daemon block. The TEP daemon analyzes a fevers tunneling packet that is forwarded by the DSTM node, establishes the TEP's 4over6 interface, and supplies communication between a DSTM and a IPv4-only node. Finally, we construct a DSTM testbed and measure performance of the DSTM TEP. Our observation results show that performance of TEP supports the DSTM service.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.2 no.4
• /
• pp.215-221
• /
• 2007

IPv6 is a protocol to solve the address space limitation of IPv4 by IETF. Many transition mechanism to communicate between IPv4 and IPv6 in mixed IPv4/IPv6 network are proposed. DSTM tunneling is a mechanism that dual stack in IPv6 network is able to communicate with node in IPv4 network by dynamic allocating the IPv4 address. This mechanism supports the execution of IPv4 dependent application without modification at IPv6 network. In this paper, we explain the security vulnerability at DSTM network for DHCP attack, TEP attack, and source spoofing attack then describe the result of attacks.

• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.3
• /
• pp.47-59
• /
• 2007

IPv4 NAT, which often used in households or under SOHO environments, is one of the factors that delays IPv6 propagation. As IPv4 NAT does not operate properly under the transition mechanism like ISATAP or 6to4 that acts as IPv6-in-IPv4 tunneling type, Microsoft proposed Teredo in order to resolve this issue. However, tunneling transition mechanism like Teredo has a security problem. That is, being tunneled packets have dual IP headers; general firewall systems apply the filtering rules only to the outer header but not inner header when these packets pass the firewall. Furthermore, attacks using unregistered server and relay can take place in Teredo. To resolve these problems, we propose a new packet filtering mechanism exclusively for Teredo. The proposed packet filtering mechanism was designed and implemented by using Linux Netfilter and ip6tables. Through functional and experimental performance tests, this packet filtering system was found operating properly and solving the Teredo packet filtering problems without serious performance degradation.

• Proceedings of the Korean Information Science Society Conference
• /
• 2008.06a
• /
• pp.255-256
• /
• 2008

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.7 no.1
• /
• pp.75-83
• /
• 2008

In this paper, we propose an efficient algorithm that assigns single temporary IPv4 address and port number to improve efficiency of IPv4 address that is allocated in DSTM service. And, we have analyzed the elementary functions for DSTM and have designed the functional modules. Also, we have implemented the DTI interface for encapsulation and decapsulation of IPv6 packets. The performance analysis and comparison are investigated whether the appropriate interworking service is possible or not. Our observation results show that the performance of IPv4 over IPv6 tunneling is suitable to DSTM service due to the reduction of delay by eliminating checksum calculations in the header of IPv6 tunneling.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10c
• /
• pp.535-537
• /
• 2001

IPv6 초기 도입단계에서는 IPv4와 IPv6 (Internet protocol version 6)의 혼용이 예상됨에 따라 초기 IPv6 네트워크는 기존 IPv4와의 연동 및 호환을 위해 트랜지션 (transition) 메커니즘과 상호공존 (coexistence mechanism) 메커니즘을 필요로 한다. 이를 위해 다양한 트랜지션 메커니즘들이 제안되고 있는데 크게 터널링 (tunneling)과 변환 (translation) 방식으로 구분할 수 있다. 본 논문은 이러한 메커니즘 중에서 터널링을 이용한 DSTM (dual stack transition mechanism)을 분석한 후 제안된 DSTM의 각 연결별 임시 IPv4 주소할당에 대한 비합리적인 문제점을 개선한 모델을 제시하였다. 본 논문예서 제안한 모델은 기존의 NAT (network address translation) 방식과 유사하게 단일 IPv4 주소와 포트 넘버를 이용하여 각 연결을 식별할 수 있도록 한다. 그리고 DSTM 시스템 구현을 위한 효율적인 알고리즘 설계를 통해 IPv4 패킷을 IPv6 패킷으로 캡슐화 (encapsulation)하여 전송할 수 있는 인터페이스를 구현하여 결과를 분석하였다.

• Convergence Security Journal
• /
• v.3 no.1
• /
• pp.73-84
• /
• 2003

The IPv4 that used to be generally used as a medium of computer communications in 1980s has reached its limits now. IPv6 (IP Version 6) is being prepared to solve the limitations of the IPv4. However, the biggest problem of IPv6 is that it is not compatible with the IPv4. To resolve the compatibility issue, Dual Stack, Tunneling and Header Converting methods have been proposed. The Header Converting method allows communications between the IPv4 and IPv6 networks with the converter. This method's strength is that it is easy to embody and the procedures for embodiment is simple. However, this method still contains the weaknesses that the existing IPv4 has. On the current document, the Header Converting method among the three methods is discussed to resolve the problems this method has. To solve the Header Converting method's weakness, the security problem between sections, the IP Header field values are converted to the relative field values and IPSec (IP Security) and ESP (Encapsulation Security Payload) are applied. The proposed "Encrypted Header Converting Method" that is encrypted in packet units has solved the weakness that the pre-existing Header Converting method used to have.d to have.

• Bulletin of the Korean Chemical Society
• /
• v.32 no.4
• /
• pp.1187-1194
• /
• 2011

The hydrogen abstraction reaction of $CF_3CH_2CHO$ + OH has been studied theoretically by dual-level direct dynamics method. Two stable conformers, trans- and cis-$CF_3CH_2CHO$, have been located, and there are four distinct OH hydrogen-abstraction channels from t-$CF_3CH_2CHO$ and two channels from c-$CF_3CH_2CHO$. The required potential energy surface information for the kinetic calculation was obtained at the MCG3-MPWB//M06-2X/aug-cc-pVDZ level. The rate constants, which were calculated using improved canonical transitionstate theory with small-curvature tunneling correction (ICVT/SCT) were fitted by a four-parameter Arrhenius equation. It is shown that the reaction proceeds predominantly via the H-abstraction from the -CHO group over the temperature range 200-2000 K. The calculated rate constants were in good agreement with the experimental data between 263 and 358 K.