• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.747-749
• /
• 2005

The popularity of web services within the IT industry continues to grow as the next generation web technologies. Web services are self-contained, self-describing, modular applications that can be published, located, and invoked across the Web. Web services will be core technology for e-business in the Web. IPv6 is sometimes also called the Next Generation Internet Protocol and is a new version of IP which is designed to be an evolutionary step from IPv4. In this paper, we define problems for adapting web services to IPv6 Environment. This paper survey and explain consideration issues that include standards, components, coexistence of IPv6 and IPv4, etc.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.10
• /
• pp.2521-2532
• /
• 1997

The next generation internet protocol, IPv6, have been developed by the IETF according to the requirements of enhancement of classic IP protocols to satisfy the lack of Internet address space as well as the support of multimedia applications. This paper presents an implementation of IPv6 protocols on the Windows NT kernel environment. In this work, we developed and also tested the basic functions, required for operating as an IPv6 host, such as IPv6 header processing, IPv6 address handling, control message processing, group membership processing and neighbor discovery functions. The implemented IPv6 protocol driver module is connected to the lower network interface card through NDIS, a standard network interface. And this driver module that operates within kernel, is implemented as it is connected to upper user applications and lower NDIS using dispatch and lower-edge functions. The developed IPv6 protocol driver can provide not only enhanced performance because it is implemented in kernel mode, but also convenience of usage to the application developers because it gives user interface as a dynamic link library.

• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.370-381
• /
• 2005

Mobile IP provides an efficient and scalable mechanism for host mobility within the Internet. Using Mobile If, mobile nodes may change their point of attachment to the Internet without changing their If address. However, it would result in a high signaling cost. To reduce the signaling cost, we factor in the fact that mobile users will not be actively communicating much of the time. In fact, there Is no necessity to send a binding update message to the home agent when an mobile node does not communicates with others while moving. From this point of view, we propose a lazy update strategy for minimizing signaling cost using the forwarding pointer in hierarchical Mobile IPv6. In our proposal, binding updates are sent only when a mobile node is in a busy mode. If an mobile node is in a dormant mode, binding update messages are delayed until busy mode using the forwarding pointer. As a result, our proposal can reduce the total signaling cost by eliminating unnecessary binding update messages when a mobile node Is in a dormant mode. In addition to, our proposal reduces unnecessary location update cost resulting from ping-pong effect under mobile node's dormant mode. Analysis results using the discrete analytic model presented in this paper shows that our proposal can has superior performance than hierarchical Mobile nv6 when the call-to-mobility ratio is low and the length of the forwarding pointer chain K is low.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.04a
• /
• pp.736-738
• /
• 2001

웹을 사용하는 사용자들의 급속도로 증가하는 서비스 요청을 신속하고 저렴한 비용으로 처리하기 위한 대응책으로, LAN 환경의 웹 서버 클러스터 구조가 각광을 받고 있다. 높은 가용성 및 확장성을 보장하는 웹 서비스를 제공하기 위해 많은 부하의 서비스 요구를 여러 서버에게 효과적으로 나누어 처리할 수 있어야 하며, 따라서 서비스 요청 패킷을 고르게 분배할 수 있는 합리적인 스케줄링 기법을 필요로 한다. ONE-IP 스케줄링 기법은 이더넷의 브로드케스트 메시지에 의해 스케줄링이 분산되도록 하는 전략을 사용함으로써, 클러스터에 유입되는 패킷의 집중화로 인해 발생할 수 있는 병목 현상(bottleneck)과 치명적인 오류(Single-point of Failure) 문제를 효과적으로 해결하였다. 그러나, 서비스를 요청하는 패킷의 발신지 주소만을 이용하는 단순한 패킷 스케줄링을 사용하기 때문에 클러스터를 구성하는 서버들 간의 부하 불균형을 가중시키며, 결과적으로 클러스터의 효율성을 저하시키는 문제점을 가지고 있다. 본 논문에서는 이러한 문제점을 해결하기 위하여 RR ONE-IP 기법을 제안하였다. 제안한 기법은 서버에 할당되는 부하간에 불균형이 발생하는 문제점을 해결하기 위해 TCP 연결 단위의 스케줄링 전략을 사용하였으며, 서버의 부하 정보를 이용하지 않는 RR 스케줄링 기법을 도입함으로써, ONE-IP 기법의 장점을 그대로 유지하면서 보다 나은 부하의 균등한 분배로 시스템의 처리 능력을 향상시키도록 하였다. 또한, 실험을 수행한 결과 제안한 기법이 기존의 기법에 비해 평균 3.84%의 시스템의 성능 향상을 보였으며, 과부하 발생율에서는 평균 23.5%의 감소를 가져왔음을 보였다.우 단어 인식률이 43.21%인 반면 표제어간 음운변화 현상을 반영한 1-Best 사전의 경우 48.99%, Multi 사전의 경우 50.19%로 인식률이 5~6%정도 향상되었음을 볼 수 있었고, 수작업에 의한 표준발음사전의 단어 인식률 45.90% 보다도 약 3~4% 좋은 성능을 보였다.으로서 hemicellulose구조가 polyuronic acid의 형태인 것으로 사료된다. 추출획분의 구성단당은 여러 곡물연구의 보고와 유사하게 glucose, arabinose, xylose 함량이 대체로 높게 나타났다. 점미가 수가용성분에서 goucose대비 용출함량이 고르게 나타나는 경향을 보였고 흑미는 알칼리가용분에서 glucose가 상당량(0.68%) 포함되고 있음을 보여주었고 arabinose(0.68%), xylose(0.05%)도 다른 종류에 비해서 다량 함유한 것으로 나타났다. 흑미는 총식이섬유 함량이 높고 pectic substances, hemicellulose, uronic acid 함량이 높아서 콜레스테롤 저하 등의 효과가 기대되며 고섬유식품으로서 조리 특성 연구가 필요한 것으로 사료된다.리하였다. 얻어진 소견(所見)은 다음과 같았다. 1. 모년령(母年齡), 임신회수(姙娠回數), 임신기간(姙娠其間), 출산시체중등(出産時體重等)의 제요인(諸要因)은 주산기사망(周産基死亡)에 대(對)하여 통계적(統計的)으로 유의(有意)한 영향을 미치고 있어 $25{\sim}29$세(歲)의 연령군에서, 2번째 임신과 2번째의 출산에서 그리고 만삭의 임신 기간에, 출산시체중(出産時體重) $3.50{\sim}3.99kg$사이의 아이에서 그 주산기사망률(周産基死亡率)

• Journal of Korea Multimedia Society
• /
• v.16 no.8
• /
• pp.954-961
• /
• 2013

To enhance the efficiency of network, content-centric networking (CCN), one of future Internet architectures, allows network nodes to temporally cache transmitted contents and then to directly respond to request messages which are relevant to previously cached contents. Also, since CCN uses a hierarchical content-name, not a host identity like source/destination IP address, for request/response packet routing and CCN request message does not include requester's information for privacy protection, contents-providers/ network nodes can not identify practical requesters sending request messages. So to send back relevant contents, network nodes in CCN records both a request message and its incoming interfaces on Pending Interest Table (PIT). Then the devices refer PIT to return back a response message. If PIT is exhausted, the device can not normally handle request/response messages anymore. Hence, it is needed to detect/react attack to exhaust PIT. Hence, in this paper, we propose improved detection/reaction schemes against attacks to exhaust PIT. In practice, for fine-grained control, this proposal is applied to each incoming interface. Also, we propose the message framework to control attack traffic and evaluate the performance of our proposal.

• Journal of the Korea Convergence Society
• /
• v.7 no.4
• /
• pp.33-38
• /
• 2016

DDoS attack has been continuously utilized that caused the excessively large amount of traffic that network bandwidth or server was unable to deal with paralyzing the service. Most of the people regard NTP as the biggest cause of DDoS. However, according to recently executed DDoS attack, there have been many SSDP attack in the use of amplified technique. According to characteristics of SSDP, there is no connection for making a forgery of source IP address and amplified resources feasible. Therefore, it is frequently used for attack. Especially, as it is mostly used as a protocol for causing DDoS attack on IoT devices that constitute smart home including a wireless router, media server, webcam, smart TV, and network printer. Hereupon, it is anticipated for servers of attacks to gradually increase. This might cause a serious threat to major information of human lives, major government bodies, and company system as well as on IoT devices. This study is intended to identify DDoS attack techniques in the use of weakness of SSDP protocol occurring in IoT devices and attacking scenario and counter-measures on them.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1179-1195
• /
• 2018

Recently, a variety of attacks on web services have been occurring through a multiple access environment such as PC, tablet, and smartphone. These attacks are causing various subsequent damages such as online fraud transactions, takeovers and theft of accounts, fraudulent logins, and information leakage through web service vulnerabilities. Creating a new fake account for Fraud attacks, hijacking accounts, and bypassing IP while using other usernames or email addresses is a relatively easy attack method, but it is not easy to detect and block these attacks. In this paper, we have studied a method to detect online fraud transaction and obsession by identifying and managing devices accessing web service using web-based device fingerprinting. In particular, it has been proposed to identify devices and to manage them by scoring process. In order to secure the validity of the proposed scheme, we analyzed the application cases and proved that they can effectively defend against various attacks because they actively cope with online fraud and obtain visibility of user accounts.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.6
• /
• pp.261-270
• /
• 2017

With the development of smart on-devices and communication technology, demand for non-stop services is increasing. Therefore, the high availability for continuously providing services in the event of system failure has been spotlighted. Meanwhile, because most internet-based services are provided by using TCP, an efficient TCP session recovery technique for providing non-stop services is required. However, the existing TCP session recovery techniques are inefficient because it has a high recovery cost or does not support failover operation, To solve these problems, in this paper, we propose a TCP session recovery technique for high availability in smart on-devices. For this, we first recover the TCP session without re-establish the TCP session by correcting a sequence number and a acknowledgment number. Second, we synchronize the TCP session recovery data between the master and the server, and then we operate the failover operation when master server fails. Finally, we provide the non-stop service to peer by using the virtual IP number and the transmission of GARP (Gratuitous ARP) packet.

• The Journal of Korean Association of Computer Education
• /
• v.13 no.5
• /
• pp.103-110
• /
• 2010

If an exterior computer wants to join the Grid/cloud computing platform for a while, all of the related firewalls' filtering rule should be immediately updated. As the platform of Internet application is gradually evolving into the Grid/Cloud environment, the R&D requirement for the dynamic traversing of the multiple firewalls by a single try is also increasing. In this paper, we introduce the new mechanism for the dynamic traversing of the multiple firewalls using the concept of the one-time master key that can dynamically unlock the tiers of firewalls simultaneously instead of the existed filtering rule based method like a lock management at each firewall. The proposed master keys are like one-time password, consisted of IP addresses, port numbers, and TCP's initial sequence numbers, and generated by end users not administrators. They're exchanged mutually in advance and used to make a hole at local-side firewalls for the other's packet incoming. Therefore, the proposed mechanism can function regardless of the number or type of firewalls.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.7
• /
• pp.1855-1862
• /
• 1998

An Internet user obtains an IP address from DNS to access the host. But, Korean users must use English word order Domain that is not convenient for them. All existing systems have the reverse of the Korean word order and that is the obstacle to the spreading of Internet. So, the necessity of a Korean name system that well suited for Korean Internet user is increasing. In order to operate the proposed Korean Domain System with existing Domain Name Systems, we build a Korean to English transformation rule and Korean Domain Name composition rule. Also, we designed a STHOP for Korean word order processing. In a STROP, a SLDF transform a Korean SLD into English SLD, and a NFDNG makes this as an English word order. By using Korean Domain Name System proposed here, users could understand the embedded meaning of Domain Name with ease, and reluctance of Domain registration caused by similarity of organization names would be solved, Consequently. it could devote to the popularization of the Internet.