• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.127-134
• /
• 2011

Malicious botnet has been used for more malicious activities, such as DDoS attacks, sending spam messages, steal personal information, etc. To prevent this, many studies have been preceded. But malicious botnets have evolved and evaded detection systems. In particular, HTTP GET Request attack that exploits the vulnerability of the application layer is used. ALAB of ALADDIN proposed by ETRI is DDoS attack detection system that HTTP GET, Incomplete GET request flooding attack detection algorithm is applied. In this paper, we extend Incomplete GET detection algorithm of ALAB and derive the optimal configuration parameters to verify the validity of the algorithm ALAB by the study of the normal and attack packets.

• Journal of KIISE
• /
• v.41 no.10
• /
• pp.824-831
• /
• 2014

HTTP (Hypertext Transfer Protocol) Adaptive Streaming is gaining attention because it changes bitrates to adapt changing network conditions. Since HAS (HTTP Adaptive Streaming) client downloads the video data based on TCP (Transmission Control Protocol), it estimates incorrectly the available bandwidth and leads to an unnecessary video quality change in long-delay networks. In this paper, we propose a buffer-based quality control scheme in order to improve the service quality and smooth playback in the HAS. The proposed scheme estimates accurately the available bandwidth based on a modified streaming model that considers network delay. It also calculates the sustainability of the video quality to prevent an unnecessary quality change and determines the inter-request time on the basis of the buffer status. Through the simulation, we prove that our scheme improves the QoS (Quality of Service) of the HAS service and controls the video quality smoothly in long-delay networks.

• The Journal of the Korea Contents Association
• /
• v.8 no.6
• /
• pp.43-53
• /
• 2008

Hyper text transfer protocol (HTTP) over transmission control protocol (TCP) is currently used to transfer objects in the Internet. Stream control transmission protocol (SCTP), an alternative to TCP, which allows for independent delivery among streams, and can thus reduce the mean response delay of web object. We present an analytical model to find the mean response delay for HTTP over SCTP, therefore, estimate the effectiveness of SCTP over TCP. Typical TCP delay models assume the wired environment. On the contrary, the proposed model in this paper assumes the multiple packet losses and wireless environment where fast retransmission is not possible due to small window. The estimated mean response time can be used the benchmark to meet quality of service (QoS) at end-user. We validate the accuracy of our model using experiments. It is shown that the differences between the results from model and those from experimental are very small below 6 % on average. We also find that the mean response delay for HTTP over SCTP is less than that for HTTP over TCP.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.718-721
• /
• 2011

웹 서비스를 대상으로 하는 DDoS(Distributed Denial-of-Service) 공격 또는 유해 트래픽 유입을 탐지 또는 차단하기 위한 목적으로 HTTP(Hypertext Transfer Protocol) 트래픽을 실시간으로 분석하는 기능은 거의 모든 네트워크 트래픽 보안 솔루션들이 탑재하고 있는 필수적인 요소이다. 하지만, HTTP 트래픽의 실시간 데이터 측정 양이 시간이 지날수록 기하급수적으로 증가함에 따라, HTTP 트래픽을 실시간 패킷 단위로 분석한다는 것에 대한 성능 부담감은 날로 커지고 있는 실정이다. 이제는 응용 어플리케이션 차원에서는 성능에 대한 부담감을 해소할 수 없기 때문에 고비용의 소프트웨어 가속기나 하드웨어에 의존적인 전용 장비를 탑재하여 해결하려는 시도가 대부분이다. 본 논문에서는 현재 대부분의 PC 에 탑재되어 있는 그래픽 카드의 GPU(Graphics Processing Units)를 범용적으로 활용하고자 하는 GPGPU(General-Purpose computation on Graphics Processing Units)의 연구에 힘입어, NVIDIA사의 CUDA(Compute Unified Device Architecture)를 사용하여 네트워크 트래픽에서 HTTP 패킷 추출성능을 응용 어플리케이션 차원에서 향상시켜 보고자 하였다. HTTP 패킷 추출 연산만을 기준으로 GPU 의 연산속도는 CPU 에 비해 10 배 이상의 높은 성능을 얻을 수 있었다.

• Journal of Information Technology and Architecture
• /
• v.10 no.1
• /
• pp.101-111
• /
• 2013

Internet traffic volume has been increasing rapidly due to popularization of various smart devices and Internet development. In particular, HTTP-based traffic volume of smart devices is increasing rapidly in addition to desktop traffic volume. The increased mobile traffic can cause serious problems such as network overload, web security, and QoS. In order to solve these problems of the Internet overload and security, it is necessary to accurately detect applications. Traditionally, well-known port based method is utilized in traffic classification. However, this method shows low accuracy since P2P applications exploit a TCP/80 port, which is used for the HTTP protocol; to avoid firewall or IDS. Signature-based method is proposed to solve the lower accuracy problem. This method shows higher analysis rate but it has overhead of signature generation. Also, previous signature-based study only analyzes applications in HTTP protocol-level not application-level. That is, it is difficult to identify application name. Therefore, previous study only performs protocol-level analysis. In this paper, we propose a signature generation method to classify HTTP-based traffics in application-level using the characteristics of typical semi HTTP header. By applying our proposed method to campus network traffic, we validate feasibility of our method.

• Information and Communications Magazine
• /
• v.16 no.11
• /
• pp.64-70
• /
• 1999

최근 인터넷을 기반으로 한 각종 전자상거래가 활성화되면서 안전한 웹 기반 프로토콜들에 대한 요구가 급증하고 있다. 인터넷 온라인 증권 트레이딩, 인터넷 온라인 뱅킹 등 많은 응용들이 고도의 보안을 필요로 하며 이를 위해 웹 보안 프로토콜들이 널리 사용되고 있다. 본 고에서는 최근 사용이 급증하고 있는 보안프로토콜인 SSL(Secure Socket Layer) 프로토콜에 대하여 분석하며, 아울러 1995년에 제안된 S-HTTP에 대하여도 함께 고찰하고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.355-357
• /
• 2001

HTTP/1.1 standard reduces latencies and overhead from closing and re-establishing connections by supporting persistent connections as a default, which encourage multiple transfers of objects over one connection. HTTP/1.1, however, does not define explicitly connection-closing time but specifies a certain fixed holding time model. This model may induce wasting server’s resource when server maintains connection with the idle-state client that requests no data for a certain time. This paper proposes the mechanism of a heuristic connection management supported by the client-side under persistent HTTP, in addition to HTTP/1.1’s fixed holding time model on server-side. The client exploits the tag information within transferred HTML page so that decides connection-closing time. As a result, the mechanism allows server to use server’s resource more efficiently without server’s efforts.

• The Journal of Korean Association of Computer Education
• /
• v.6 no.2
• /
• pp.41-51
• /
• 2003

In the distance education systems, there are limited things while performing educational activities because there are to be problems in structural features of the Web. HTTP, a connection-less protocol, performs requests of client, however, does not hold on the status. Thus, by features of the Web, it is difficult to hold on the connection of learners and trace information asked by learners. Moreover, these problems make impossible not only a learner's connection continuity but also on-line interaction among the learners in the distance education. This thesis developed CHTP, an connection-based hypertext transfer protocol, based on HTTP and a new platform of distance education in order to track activities of learners. The developed web extension platform will make it easy to build up system for being helpful in a distance education because this thesis proposes a standardized way in the protocol.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.9
• /
• pp.1527-1537
• /
• 2006

The server system of digital contents has to how the context information about client devices to provide the appropriate contents for each device effectively. CC/PP standard specification is an agreement for describing and transmission of the information related with a client device. In this case, the information on device hardware and software, networks and user's preference is included here. In the mean time, WAP forum defined W-HTTP protocol to transmit the CC/PP profile information of a client device to a server system. However, the client devices which use existing HTTP protocol to transmit their information cannot provide the CC/PP profile information to a server. In this paper, we propose an effective method to create and provide the CC/PP profile in the clients which use not only HTTP protocol but also W-HTTP protocol to transmit device information.

• Journal of Digital Convergence
• /
• v.13 no.11
• /
• pp.141-148
• /
• 2015

In this paper, for developing and implementing the HLS(Http Live Streaming) transmitter based embedded linux which is operated easily and cheap and lower power, portable in all networks and client environments compared to exist video live streaming transmitters. We design the developed HLS transmitter hardware using the Arm11 core and then porting the Embedded Linux OS(Operating System) and implementing the HLS protocol using the open source FFmpeg and Segmenter. For proving the performance of developed HLS transmitter, we make the testing environment for testing the performance of HLS transmitter including the notebook, iPhone, android Phone, Notebook and then analysis the received video in the client displayer. In this paper, we suggest the developed HLS transmitter performance data values higher than the Apple company's HLS recommended specification values and the picture of developed HLS transmitter operation in the testing environment. The application field of this paper result is that the man who works in the emergency situation take HLS and transmit the live emergency situation to the head quarter using this portable HLS.