• Journal of Korea Multimedia Society
• /
• v.8 no.11
• /
• pp.1472-1482
• /
• 2005

In this paper, we propose a socket interface layer for large-scale multimedia servers that adopt TCP/IP Offload Engines (TOE). In order to provide legacy network applications with binary level compatibility, the socket interface layer intercepts all socket-related system calls to forward to either TOE or legacy TCP/IP Protocol stack. The layer is designed and implemented as a kernel module in Linux. The layer is located between BSD socket layer and INET socket layer, and passes the application's socket requests to INET socket layer or TOE. The layer provides multimedia servers and web servers with the following features: (1) All standard socket APIs and file I/O APIs that are supported (2) Support for binary level compatibility of existing socket programs (3) Support for TOE and legacy Ethernet NICs at the same time.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.524-532
• /
• 2002

With the recent rapid progress of Internet, the higher speed network is needed to support the exploration of ambient information from text-based to multimedia-based information. Also, demands for additional Layer 3 routing technique, such as Network Address Translator (NAT) and Firewall, are required to solve a limitation of a current Internet address space and to protect the interior network from the exterior network. However, current router-based algorithms do not provide mechanisms to solve the congestion and fairness problems, while supporting the multimedia services and satisfying the user requirements. In this paper, to solve these problems, a new active queue management, called MFRED (Multiple Fairness RED) algorithm, is proposed. This algorithm can efficiently reduce the congestion in a router or gateway based on the Layer 3 routing technique, such as NAT. This algorithm can improve the fairness among TCP-like flows and unresponsive flows. It also works well in fairly protecting congestion-sensitive flows, i.e. fragile TCP, from congestion-insensitive or congestion-causing flows, i.e. robust TCP.

• Journal of KIISE:Information Networking
• /
• v.30 no.2
• /
• pp.233-243
• /
• 2003

With the original Transmission Control Protocol(TCP) design, which is particularly targeted at the wired networks, a packet loss is assumed to be caused by the network congestion. In the wireless environment where the chances to lose packets due to transmission bit errors are not negligible, though, this assumption may result in unnecessary TCP performance degradation. In this paper, we propose three schemes that improve the ability to conceal the packet losses in the wireless network while limiting the degree of violating TCP end-to-end semantics to a temporary incidents. If there happens a packet loss at the wireless link and there is a chance that the loss is noticed by the sending TCP, the proposed schemes send an indirect acknowledgement. Each of the proposed schemes uses different criteria to decide whether there is a chance that the packet loss occurred in the wireless part is noticed by the sender. In order to limit the buffer overhead in the base, the indirect acknowledgements are issued only when the length of buffer is less than a certain threshold. We use simulation to compare the overhead and the performance of the proposed schemes, and to show that the proposed schemes improve the TCP performance compared to Snoop with a limited amount of buffer at the base station.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.5 no.3
• /
• pp.475-482
• /
• 2001

In this paper, I describe the implementation of the distributed lists based on socket and on RMI(Remote Method Invocation). First, I describe and implement an interface of distributed list based on socket using object stream in a distributed environment, when encapsulating the message in the distributed list. Second, the major purpose to implement a distributed list in RMI is to compare advantages and disadvantages with other networking mechanisms by implementing complicated applications. The major advantage in using RMI is to implement simply the programs without using application-level protocol. In terms of program efficiency, the applications using HMI can degrade the performance due to many TCP/IP connections generated every update. TCP/IP connection requires much less cost than RMI. Even though RMI has the mechanism processing many method calls using a sing]e network connection, RMI is less efficient than the direct use of socket. However, RMI makes it possible to communicate beyond firewall using HTTP proxying mechanism. Consequently, I present a modeling of networking mechanism in finding out optimization solution by comparing and analyzing the two systems.

• The KIPS Transactions:PartC
• /
• v.10C no.3
• /
• pp.253-264
• /
• 2003

This paper presents the analytic model of Distributed Denial-of-Service (DDoS) attacks in two settings: the normal Web server without any attack and the Web server with DDoS attacks. In these settings, we measure TCP flag rate, which is expressed in terms of the ratio of the number of TCP flags, i.e., SYN, ACK, RST, etc., packets over the total number of TCP packets, and Protocol rate, which is defined by the ratio of the number of TCP (UDP or ICMP) packets over the total number of W packets. The experimental results show a distinctive and predictive pattern of DDoS attacks. We wish our approach can be used to detect and prevent DDoS attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.8
• /
• pp.3900-3916
• /
• 2019

The modern mobile devices are typically equipped with multiple network interfaces, e.g., 4G LTE, Wi-Fi, Bluetooth, but the current implementation of TCP can support only a single path at the same time. The Multipath TCP (MPTCP) leverages the multipath feature and provides (i) robust connection by utilizing another interface if the current connection is lost and (ii) higher throughput than single path TCP by simultaneously leveraging multiple network paths. However, if the performance between the multiple paths are significantly diverse, the receiver may have to wait for packets from the slower path, causing reordering and buffering problems. To solve this problem, previous MPTCP schedulers mainly focused on predicting the latency of the path beforehand. Recent studies, however, have shown that the path latency varies by a large margin over time, thus the MPTCP scheduler may wrongly predict the path latency, causing performance degradation. In this paper, we propose a new MPTCP scheduler called, choose fastest subflow (CFS) scheduler to solve this problem. Rather than predicting the path latency, CFS utilizes the characteristics of these paths to reduce the overall flow completion time by redundantly sending the last part of the flow to both paths. We compare the performance through real testbed experiments that implements CFS. The experimental results on both synthetic packet generation and actual Web page requests, show that CFS consistently outperforms the previous proposals in all cases.

• 연구논문집
• /
• s.27
• /
• pp.167-174
• /
• 1997

Point of Production/Manufacturing Execution Systems are an essential component of operations in today's competitive business environments, which require greater production efficiency and effectiveness. POP/MES focuses on the valuing-adding processes, helping to reduce manufacturing cycle time, improve product quality, reduce WIP, reduce or eliminate paperwork between shifts, reduce lead time and empowering plant operations staff. In this paper, we implement POP/MES to manage real-time plant floor data which is gathered by I/O server into database management system. I/O server is a software allows data exchange between factory real-time database and several hardware devices such as PLC, DCS, robot and sensor through ethernet TCP/IP protocol.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.45 no.6
• /
• pp.60-67
• /
• 2008

At present, RFID system is highly welcomed as a substitute system with its bar code recognition system and self recognition equipment. Consequently, the system has multi applications and can be complementing to its security. In particular, RFID system is significantly related with electronic transaction equipments : transportation card, ID card in check point, attendance sheet. Based upon these characteristic, the system is becoming extremely popular in the field of logistics, harbor and stock management, animal control and product circulation & distribution. In this dissertation, I would like to present a more efficient and stable remote entry control system with the network-based TCP/IP. It is a simple example of ubiquitous computing function. Above all, approved protocol system should be applied to the remote entry control function. Its efficient function with the applied approval protocol based-remote entry control system should be confirmed. Therefore, a preliminary test should be prerequisite in automatic entrance function with the embedded and TCP/IP-based RFID system.

• Journal of the Korean Society of Manufacturing Process Engineers
• /
• v.11 no.6
• /
• pp.130-138
• /
• 2012

There are increasing demands from the industry for intelligent robot-calibration solutions, which can be tightly integrated to the manufacturing process. A proposed solution can simplify conventional robot-calibration and teaching methods without tedious procedures and lengthy training time. iGPS(Indoor GPS) system is a laser based real-time dynamic tracking/measurement system. The key element is acquiring and reporting three-dimensional(3D) information, which can be accomplished as an integrated system or as manual contact based measurements by a user. A 3D probe is introduced as the user holds the probe in his hand and moves the probe tip over the object. The X, Y, and Z coordinates of the probe tip are measured in real-time with high accuracy. In this paper, a new approach of robot-calibration and teaching system is introduced by implementing a 3D measurement system for measuring and tracking an object with motions in up to six degrees of freedom. The general concept and kinematics of the metrology system as well as the derivations of an error budget for the general device are described. Several experimental results of geometry and its related error identification for an easy compensation / teaching method on an industrial robot will also be included.