• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.10
• /
• pp.491-498
• /
• 2005

The Denial of Service(DoS) attacks, which are done by consuming all of the computing or communication resources necessary for the services, are known very difficult to be protected from. TCP has drawbacks in its connection establishment for possible DoS attacks. TCP maintains the state of each partly established connection in the connection queue until it is established completely and accepted by the application. The attackers can make the queue full by sending connection requests repeatedly and not completing the connection establishment steps for those requests. In this paper, we have designed and implemented the extended TCP for preventing from SYN Flood DoS attacks. In the extended TCP, the state of each partly established connection is not maintained in the queue until the connection is established completely. For the extended TCP, we have modified the 3-way handshake procedure of TCP and implemented the extended TCP in the Linux operating system. The test result shows $0.05\%$ delay more than original TCP, but it shows that the extended TCP is strong for SYN Flood attacks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.1
• /
• pp.45-57
• /
• 2005

In this paper, we extend the performance of bidirectional TCP connection over end-to-end network that uses transfer rate-based flow and congestion control. The sharing of a common buffer by TCP packets and acknowledgement has been known to result in an effect called ack compression, where acks of a connection arrive at the source bunched together, resulting in unfairness and degraded throughput. The degradation in throughput due to bidirectional traffic can be significant. Even in the simple case of symmetrical connections with adequate window size, the connection efficiency is improved about 20% for three levels of background traffic 2.5Mbps, 5.0Mbps and 7.5Mbps. Otherwise, the throughput of jitter is reduced about 50% because round trip delay time is smaller between source node and destination node. Also, we show that throughput curve is improved with connection rate algorithm which is proposed for TCP congetion avoidance as a function of aggressiveness threshold for three levels of background traffic 2.5Mbps, 5Mbps and 7.5Mbps. By analyzing the periodic bursty behavior of the source IP queue, we derive estimated for the maximum queue size and arrive at a simple predictor for the degraded throughput, applicable for relatively general situations.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2151-2154
• /
• 2003

Internet is deeply rooted in everyday life and many things are performed using internet in real-world, therefore internet users increased because of convenience. Also internet accident is on the increase rapidly. The security vendor developed security system to protect network and system from intruder. Many hackings can be prevented and detected by using these security solutions. However, the new hacking methods and tools that can detour or defeat these solutions have been emerging and even script kids using these methods and tools can easily hack the systems. In consequence, system has gone through various difficulties. So, Necessity of intruder trace-back technology is increased gradually. Trace-back technology is tracing back a malicious hacker to his real location. trace-back technology is largely divided into TCP connection trace-back and IP packet trace-back to trace spoofed IP of form denial-of-service attacks. TCP connection trace-back technology that autonomously traces back the real location of hacker who attacks system using stepping stone at real time. In this paper, We will describe watermark trace-back system using TCP hijacking technique to supplement difficult problem of connection maintenance happened at watermark insertion. Through proposed result, we may search attacker's real location which attempt attack through multiple connection by real time.

• International Journal of Contents
• /
• v.14 no.4
• /
• pp.30-38
• /
• 2018

Recently, HTTP Adaptive Streaming(HAS), a video streaming service over the HTTP based web platform has become common. The use of HAS service in mobile communication devices such as mobile phones and tablet PCs is rapidly expanding. This paper addresses ways to improve the quality of HAS service by enhancing the terms of viewer satisfaction. HAS systems have several internal operational processes, which can affect viewer satisfaction. Such processes include, the quality determination for the next video chunk, the TCP connections-setup procedure and the congestion control operation of the TCP. This paper proposes a transmission scheme to improve the HAS quality services over mobile web. The proposed scheme takes into consideration the past implicit communication state of the receiver's playback buffer occupancy. The results of these experiments indicate that the proposed scheme can improve the quality of HAS service from the mobile viewer's point of view.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.

• Proceedings of the IEEK Conference
• /
• 1999.11a
• /
• pp.1061-1064
• /
• 1999

UDP has likely been used for real-time applications, such as video and audio. UDP supplies minimized transmission delay by omitting the connection setup process, flow control, and retransmission In general, more than 80 percent of the WAN resources are occupied by Transmission Control Protocol(TCP) traffic as opposed to UDP's simplicity, TCP adopts a unique flow control in this paper, I report new methods to minimize a udp packet loss considering TCP flow control on the real-time application the better performance of real time application can be obtained when they reduce a packet size and FIFO buffer scheduling method competing with TCP bandwidth for the bandwidth and buffering.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.11
• /
• pp.4068-4086
• /
• 2014

Due to the prevalence of powerful mobile terminals and the rapid advancements in wireless communication technologies, the wireless video streaming service has become increasingly more popular. Recent studies show that video streaming services via Transmission Control Protocol (TCP) are becoming more practical. TCP has more advantages than User Diagram Protocol (UDP), including firewall traversal, bandwidth fairness, and reliability. However, each video service shares an equal portion of the limited bandwidth because of the fair sharing characteristics inherent in TCP and this bandwidth fair sharing cannot always guarantee the video quality for each user. To solve this challenging problem, an Adaptive Multiple TCP (AM-TCP) scheme is proposed in this paper to guarantee the video quality for mobile devices in wireless networks. AM-TCP adaptively controls the number of TCP connections according to the video Rate Distortion (RD) characteristics of each stream and network status. The proposed scheme can minimize the total distortion of all participating video streams and maximize the service quality by guaranteeing the quality of each video streaming session. The simulation results show that the proposed scheme can significantly improve the quality of video streaming in wireless networks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.12B
• /
• pp.800-808
• /
• 2007

With the development of wireless data communication technology, all IP-based network will become compositions of wired and wireless networks. TCP is a connection-oriented, reliable transport protocol and has been used as de facto standard in most wired networks. Because TCP's congestion control algorithm could not distinguish congestion from BER, link failure and frequent route changes, TCP shows a poor performance over mobile ad-hoc networks. In this paper, the theoretical feature of TCP was studied and the performance of TCP over mobile ad-hoc networks was analyzed with ns2.

• Journal of Communications and Networks
• /
• v.10 no.3
• /
• pp.338-350
• /
• 2008

The differentiated services (DiffServ) is proposed to provide packet level service differentiations in a scalable manner. To provide an end-to-end service differentiation to users having a connection over multiple domains, as well as a flow marker, an intermediate marker is necessary at the edge routers, and it should not be operated at a flow level due to a scalability problem. Due to this operation requirement, the intermediate marker has a fairness problem among the transmission control protocol (TCP) flows since TCP flows have intrinsically unfair throughputs due to the TCP's congestion control algorithm. Moreover, it is very difficult to resolve this problem without individual flow state information such as round trip time (RTT) and sending rate of each flow. In this paper, to resolve this TCP fairness problem of an intermediate marker, we propose a fair scalable marker (FSM) as an intermediate marker which works with a source flow three color marker (sf-TCM) operating as a host source marker. The proposed fair scalable marker improves the fairness among the TCP flows with different RTTs without per-flow management. Through the simulations, we show that the FSM can improve TCP fairness as well as link utilization in multiple domain DiffServ networks.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.9
• /
• pp.459-466
• /
• 2007

TCP/IP processing imposes a heavy load on the host CPU when it is processed by the host CPU on a very high-speed network. Recently the TCP/IP Offload Engine (TOE), which processes TCP/IP on a network adapter instead of the host CPU, has become an attractive solution to reduce the load in the host CPU. There have been two approaches to implement TOE. One is the software TOE in which TCP/IP is processed by an embedded processor and the other is the hardware TOE in which TCP/IP is processed by a dedicated ASIC. The software TOE has poor performance and the hardware TOE is neither flexible nor expandable enough to add new features. In this paper we designed and implemented a hybrid TOE architecture, in which TCP/IP is processed by cooperation of hardware and software, based on an FPGA that has two embedded processor cores. The hybrid TOE can have high performance by processing time-critical operations such as making and processing data packets in hardware. The software based on the embedded Linux performs operations that are not time-critical such as connection establishment, flow control and congestions, thus the hybrid TOE can have enough flexibility and expandability. To improve the performance of the hybrid TOE, we developed a hardware-based transmission/reception accelerator that processes important operations such as creating data packets. In the experiments the hybrid TOE shows the minimum latency of about $19{\mu}s$. The CPU utilization of the hybrid TOE is below 6 % and the maximum bandwidth of the hybrid TOE is about 675 Mbps.