• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.1
• /
• pp.14-26
• /
• 2008

IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.461-471
• /
• 2004

Recently, subscribers have strong desire to get QoS based personalized services in high-speed Internet access. Service providers have been rapidly replacing ADSL, cable broadband access networks with Metro-Ethernet based VDSL. But, it is difficult for Motto-Ethernet based broadband access networks to provide QoS based personalized services, because already deployed network elements cannot distinguish subscribers by specific traffic characteristics. In this paper, when the access network has tree topology, we show that it is possible to provide QoS for each downstream flow with only per flow traffic shaping at the edge node without QoS functions in access networks. In order to show that our suggested scheduling algorithm at the edge node can support the assured service in tree topology access networks, we evaluated its performance by simulation. The suggested scheduling algorithm can shape per-flow traffic based on the maximum bandwidth, and guarantees minimum bandwidth per flow by modifying the DRR scheduler. Simulation results show that congestion and loss in the access network elements are greatly reduced, TCP performance is highly enhanced and loss for assured CBR service flows is reduced by only shaping per-flow traffic at the edge node using our proposed scheduling algorithm.

• Journal of Korea Multimedia Society
• /
• v.10 no.1
• /
• pp.74-82
• /
• 2007

IPv6 is the internet protocol for next generation which can solve the problem of IPv4 protocol. Mobile IPv6 efficiently provides the mobility for mobile devices holding the properties of IPv6. iSCSI(Internet Small Computer System Interface) is a block-oriented storage access protocol that enables a user to recognize a remote storage as their own local block device through general TCP/IP networks. Since iSCSI uses a standard Ethernet switch and router for this kind of access, it can not only be applized to Ethernet technologies, but can also be used to create a storage networking system without any distance restrictions that can equally be applied to a wireless network environment. Accordingly, this paper presents an alternative approach to overcome the limited storage space of mobile devices based on the IPv6 iSCSI initiator driver which was originally designed for wired networks. Also, this paper describes about the implementation and performance analysis of mobile education service system using virtual storage devices in IPv6 wireless networks.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.679-686
• /
• 2005

Because EPON access network shares a medium and aggregates the traffic from EPON subscribers, scheduling media access control on EPON bandwidth allocation is very important. Furthermore DBA mechanism of EPON based on TDMA is out of specification and up to implementation. This paper deals with a DBA method to guarantee the QoS of the delay sensitive traffic on the base of best-effort service and delay priority queue management. The proposed method performs virtual scheduling algorithm for the integrated traffic. It uses the same MAC messages and tries to guarantee the QoS of higher priority traffic first with a simple DBA architecture. We evaluate the algorithm for traffic delay according to polling interval and traffic load of upstream and downstream. The results show that the proposed method can guarantee the QoS of the delay sensitive traffic with priority of the service classes.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.54 no.8
• /
• pp.375-387
• /
• 2005

This paper presents an application of parallel Genetic Algorithm-Tabu Search (GA-TS) algorithm to search an optimal solution of a service restoration in distribution systems. The main objective of service restoration of distribution systems is, when a fault or overload occurs, to restore as much load as possible by transferring the do-energized load in the out of service area via network reconfiguration to the appropriate adjacent feeders at minimum operational cost without violating operating constraints, which is a combinatorial optimization problem. This problem has many constraints with many local minima to solve the optimal switch position. This paper develops parallel GA-TS algorithm for service restoration of distribution systems. In parallel GA-TS, GA operators are executed for each processor. To prevent solutions of low fitness from appearing in the next generation, strings below the average fitness are saved in the tabu list. If best fitness of the GA is not changed for several generations, TS operators are executed for the upper $10\%$ of the population to enhance the local searching capabilities. With migration operation, best string of each node is transferred to the neighboring node after predetermined iterations are executed. For parallel computing, we developed a PC cluster system consists of 8 PCs. Each PC employs the 2 GHz Pentium IV CPU and is connected with others through ethernet switch based fast ethernet. To show the validity of the proposed method, proposed algorithm has been tested with a practical distribution system in Korea. From the simulation results, we can find that the proposed algorithm is efficient for the distribution system service restoration in terms of the solution quality, speedup, efficiency and computation time.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.5B
• /
• pp.771-776
• /
• 2010

In this paper, we present an efficient centralized dynamic bandwidth allocation scheme with multicasting for asymmetric 10G-Ethernet Passive Optical Networks (10G-EPONs). The proposed scheme is based on multicast-burst polling and provides quality of service (QoS) with class of service (CoS) to different lasses of packets. It is shown that a well-known conventional interleaved polling scheme severely decreases downstream channel capacity for user traffic when the upstream network load is low (avalanche gate frequency). To overcome this problem, we have proposed a multicast burst polling scheme which shows impressively lower downstream bandwidth consumption compare to IPACT and moreover it did not show the light load penalty problem. Simulation results using an OPNET tool show that the multicast burst polling effectively eliminates light-load penalty and minimizes downstream bandwidth consumption under avalanche gate frequencies.

• The KIPS Transactions:PartA
• /
• v.9A no.2
• /
• pp.147-162
• /
• 2002

Multi-processor system with fast I/O devices improves processing performance and reduces the bottleneck by I/O concentration. In the system, the Performance influenced by shared memory used for exchanging data between processors varies with configuration and utilization. This paper suggests a prediction model for buffer and shared memory optimization under interrupt recognition method using mailbox. Ethernet (IEEE 802.3) packets are used as the input of system and the amount of utilized memory is measured for different network bandwidth and burstiness. Some empirical studies show that the amount of buffer and shared memory varies with packet concentration rate as well as I/O bandwidth. And the studies also show the correlation between two memories.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.129-132
• /
• 2003

In this paper, which sees the Strong-ARM SA1110 it used the main CPU and RTP in VoIP system. It will be able to apply the information communication field it embodied. It used the Tynux_box2 with the hardware side and it composed a VOIP system. And it used the RTP which is a real-time protocol in software control portion. The development environment of the paper that used the Target board and a Linux PC for connection used the RS-232C, USB connection, Ethernet LAN. The VoIP the environment for a communication used the wave file in the substitution which changes analog signal with the digital signal. And For the communication of the both sides it used the socket. This paper explained the fact that against a general technique from the operation of VoIP system. Using the Embedded linux development board which explained an operational process of the RTP protocol.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.6
• /
• pp.1096-1101
• /
• 2004

By a tremendous expansion of Internet users, there's a number effects that cause the phenomenon of bottlenecked switching packets from routers. In order to tear down this problem, distributed system is applicable to almost every highly performed router systems. The main processor of distributed system, which manages routing table, commands IPC to delivering the forwarding table line processor that eases functionalities of the router. This makes the system having wired-speed forwarding function based on the hardware so that the performance of the network can be enhanced. Therefore, IPC, which assign a part of router, is necessary to exchange data smoothly and the constitution of IPC using Ethernet is widely adapted as a method for saving investment. In this paper, R-IPC mechanism improve the packet-processing rate over 10% through changed from defect of conventional Ethernet IPC, that is, 2 layer processing to TCP/IP or UDP/ IP into 1 layer processing for efficient packet forwarding.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2663-2669
• /
• 2010

During the past 5 years, domestic VoIP service has grown rapidly absorbing more than 8 million subscribers. More recently, the increase of enterprise or institutional subscribers become more dominant than individual subscribers. Supporting emergency services such as 119 in these scaled up VoIP services is very essential. In current domestic VoIP networks, the VoIP terminal's location information which are provided to the PSAP with the arriving emergency call depends on the information which are entered at the subscription time or updated by the subscribers when the terminal is moved to other place. This manual provision of location information which requires the user's intervention can result in serious failure in saving people in emergency situations, in case that users are negligent in entering the information or users enter the wrong information. In this paper, we propose an enhanced mechanism in which the terminal's location information is automatically offered by the network for emergency services in ethernet-based enterprise VoIP networks.