• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.9
• /
• pp.1374-1381
• /
• 2022

Existing research on security technology related to network attack response has focused on research using hardware network security technology, network attacks that wiretap and wiretap network packets, denial of service attack that consumes server resources to bring down the system, and network by identifying vulnerabilities before attack. It is classified as a scanning attack. In addition, methods for increasing network security, antivirus vaccines and antivirus systems have been mainly proposed and designed. In particular, many users do not fully utilize the security function of the router. In order to overcome this problem, it is classified according to the network security level to block external attacks through layered security management through layer-by-layer experiments. The scope of the study was presented by examining the security technology trends of edge routers, and suggested methods and implementation examples to protect from threats related to edge router-based network attacks.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04d
• /
• pp.638-640
• /
• 2003

급변하는 네트워크 서비스에 대한 요구에 신속히 대응하고 새로운 특징에 대한 시스템의 수정과 보완이 용이하도록 고안된 것이 네트워크 프로세서이다. 본 논문은 네트워크 관련 응용에 특화된 인텔의 IXP1200 네트워크 프로세서를 이용하여 Differentiated Service를 위한 간단한 DiffServ Ingress Boundary Node로서의 Edge Router를 설계한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.2B
• /
• pp.130-137
• /
• 2012

In this paper, we propose core and edge router architectures with LPI(Low Power Idle) for reducing energy consumption in OBS networks. The proposed core router architecture is comprised of a BCP switch, a burst switch, line cards and sleep/wake controller for LPI. When the offered load of network is low, sleep/wake controller can change the state of the core router line card from active to sleep state for saving the energy after receiving network control packet. The edge router consists of a switch for access line card, a SCU and OBS edge router line cards. The LPI function in edge router line card is performed through network level control by network control packet, individually. Additionally, PHY/transceiver modules can transition active state to sleep state when burst assemble engine generates new bursts. To evaluate the energy saving performance of proposed architecture with LPI, the power consumption of each router is analyzed by using data sheet of commercial router and optical device. And, simulation is also performed in terms of sleep time of PHY/Transceiver through OPNET.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.903-910
• /
• 2002

As the edge router provides the facility that it is capable of interworking with various kinds of networks, the forwarding engine should have the flexibility processing the corresponding types of frames from such network interfaces. In order to support the flexibility, we design and implement a prototype of edge router with ATM and Ethernet interfaces based on the programmable Ethernet packet processor Our forwarding engine handles and forwards the frames from ATM interfaces by using loop-back functionality of Ethernet packet processor. The performance of our edge router is evaluated by experiments throughout its performance of forwarding engine and tested by interworking with another kinds of routers.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.05a
• /
• pp.546-549
• /
• 2001

IPOW 기술은 파장이 갖는 특성으로 인하여 여러 가지 제약 사항을 갖고 있어 기존에 개발된 MPLS 기술을 효과적으로 적용하기 위해서는 WDM의 특성을 잘 분석하여 적용하여야 한다. 본 논문에서는 현재 IETF를 중심으로 연구중인 MPLamdaS 개념을 기초로 하여 광 인터넷의 진화를 고려한 구조적인 접근 방법을 연구한다 MPLS 도메인과 MPLambdaS 도메인간에 연동을 고려하여 전자적인 다수의 LSP를 광 LSP로 모으는 레이블 스택 개념을 이용한 Lambda LSP Tunneling 기술을 적용하여 전자적인 MPLS와 광 MPLambdas 간의 연동 방안을 제안하고 이를 지원하는 Edge Optical LSR의 구조를 제안한다.

• Journal of Communications and Networks
• /
• v.13 no.6
• /
• pp.612-620
• /
• 2011

Recently, one of the problems with the Internet is the issue of scalability. To this end, locator/identifier separation protocol (LISP), which separates end-system identifiers and routing locators, has been proposed as a solution. In the LISP deployed network, the ingress and egress nodes of inter-AS traffic is determined by edge router selection (ERS) and endpoint identifier-routing locator mapping assignment (ERMA). In this paper, joint optimizations of ERS and ERMA for stub networks with and without predetermined link weights are studied and the mixed integer linear programming (MILP) formulations for the problems are given. To make the problem with optimizable link weights tractable, a revised local search algorithm is also proposed. Simulation results show that joint optimization of ERS and ERMA enables better network performance.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.706-711
• /
• 2002

In this paper, we implement a diffserv-capable router on the linux system and evaluate its performance. The router supports the packet marking for the input finks that is different from the previous implementation. The edge diffserv-capable router can guarantee the performance of each class, even in a congested condition. We compare the performance of the diffserv-capable router with that of the normal router in terms of PDBs (per domain behaviors), which are defined with traffic conditioning rules and PHBs (per hop behaviors).

• Journal of KIISE:Information Networking
• /
• v.28 no.4
• /
• pp.602-610
• /
• 2001

In the MPLS(Multiprotocol Label Switching) forwarding paradigm, once a packet is assigned to a FEC(Forwarding Equivalence Class), no further header analysis is done by subsequent routers; all forwarding is driven by the labels. This has a number of advantages over conventional network layer forwarding. The MPLS LER(Label Edge Router) is located at the boundary of MPLS domain and plays a role in connecting with the existing Internet as an ingress or an egress router. That is, the MPLS LER as an ingress router assigns a label to a packet which enters the MPLS network from the Internet by analyzing its header and forwards to a corresponding next router in MPLS domain. As an egress router, the MPLS LER turns the packets out of the MPLS network by performing the reverse operation. In this paper, we analyze the traffic performance of an MPLS LER system and estimate the IP(Internet Protocol) packet processing capacity of the system using queueing model and simulation. It is found that the maximum IP packet processing capacity of the system is estimated by 420,000 through 460,000 packets/sec.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.1023-1026
• /
• 2005

지난 몇 년간 DDoS 공격의 기법들은 더욱 복잡해지고 효과적으로 변하였으며, 공격자를 추적하기는 더욱 힘들어지고 있다. 이러한 문제들에 대응하기 위해 다양한 패킷 필터링 기법과 공격자 추적 기법등 많은 연구들이 진행되어 왔다. 하지만 이러한 노력에도 불구하고 DDoS 공격은 여전히 인터넷의 안정성을 위협하는 요소로 작용하고 있다. 따라서 본 논문에서는 이러한 위협에 대응하기 위하여 Active Edge 라우터 기반의 분산 서비스 거부공격대응 기법을 제안하고자 한다. 제안된 방법의 경우 기존의 중간 라우터(intermediate-router)의 오버헤더, 공격경로 재구성에 필요한 오버헤더, 재구성된 공격경로의 부정확성과 같은 기존의 기법들이 지니고 있던 단점들을 보완하고 있다. 또한 제안된 방법의 경우 공격 패킷을 공격대상 네트워크가 아닌 공격자가 위치하고 있는 네트워크에서 제거함으로서 공격패킷의 필터링 효과를 더욱 향상 시켰다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.5 no.7
• /
• pp.1257-1262
• /
• 2001

In recent years there has been a lot of interest in carrying IP over WDM networks in an efficient manner. The benefits here include larger bandwidth capacities, better network scalability, and more efficient operation. W based approach, termed "lambda-labeling" is presented for direct If over WDM integration. In this paper, we study on architecture approach method consider of optical Internet evolution that based on MPLamdaS conception of IETF. Label stack conception collect electronic LSP of optical LSP. This paper is proposed method of co-operation between MPLS domain and MPLambdaS domain. Additionally, proposed architecture of Edge Optical LSR.tical LSR.