• Journal of Korea Multimedia Society
• /
• v.8 no.2
• /
• pp.258-268
• /
• 2005

The efficient provision of multicast service to moving hosts in mobile computing environments is not so easy task. Bi-directional tunneling scheme causes overhead about encapsulation and triangular routing. On the other hand, remote subscription scheme need freDuent tree reconstruction, which is inefficient for rapid moving hosts. In this paper we propose Mobility Based Mobile Multicast(MBMOM) scheme which is based on host's mobility information. Ultimately MBMOM try to find the strong points of remote subscription scheme and hi-directional tunneling scheme. If host's mobility speed is considered to be high, multicast packets are forwarded using hi-directional tunneling scheme from home agent continuously. If host's mobility speed is considered to be slow, remote subscription scheme is applied for foreign agent and it try to join multicast tree. We developed analytical models to analyze the performance of proposed scheme and simulated our scheme compared with MOM(Mobile Multicast), RBMOM(Range Based MOM), and TBMOM(Timer Based MOM) schemes. Simulation results show that our scheme has shorter transmission delay than above 3 schemes in the aspect of host's mobility speed and multicast group size.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.959-970
• /
• 2004

It has become more difficult to correspond an cyber attack quickly as patterns of attack become various and complex. However, current so curity mechanisms just have passive defense functionalities. In this paper, we propose new network suity architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture makes it possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service), by using active packet technology including a mobile code on active network. Also, it is designed to have more active correspondent than that of existing mechanisms. We im-plemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.6B
• /
• pp.605-614
• /
• 2009

Existing Internet services were almost supported by the best effort service such as the data transmission service and were allowed the transmission delay and packet loss. However, recent Internet multimedia services such as Internet phone, Internet broadcasting are required a real-time processing and high bandwidth. Therefore, many studies for providing Internet QoS are performed at IETF (Internet Engineering Task Force). As the buffer management mechanism among IP QoS methods, active queue management method such as RED (Random Early Detection) algorithm has proposed. However, RED algorithm has a limitation of usage of an average buffer length and unfairness. So, many algorithms proposed as the modified algorithm of RED. But these modified algorithms also have difficulties to satisfy the requirements of various Internet user QoS. Therefore, in this paper we propose the QoS adaptive AQM (Active Queue Management) algorithm for the multimedia services that request various QoS requirements and present a performance evaluation by the simulations using the ns-2.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.85-96
• /
• 2008

An authentication procedure on wired and wireless network will be done based on the registration and management process storing both the user's IP address and client device's MAC address information. However, existent MAC address registration/administration mechanisms were weak in MAC Spoofing attack as the attacker can change his/her own MAC address to client's MAC address. Therefore, an advanced mechanism should be proposed to protect the MAC address spoofing attack. But, existing techniques sequentially compare a sequence number on packet with previous one to distinguish the alteration and modification of MAC address. However, they are not sufficient to actively detect and protect the wireless MAC spoofing attack. In this paper, both AirSensor and AP are used in wireless network for collecting the MAC address on wireless packets. And then proposed module is used for detecting and protecting MAC spoofing attack in real time based on MAC Address Lookup table. The proposed mechanism provides enhanced detection/protection performance and it also provides a real time correspondence mechanism on wireless MAC spoofing attack with minimum delay.

• Journal of KIISE:Information Networking
• /
• v.32 no.6
• /
• pp.676-686
• /
• 2005

The Internet users as well as network providers are eager to have different qualities of service among users beyond the best-effort. In this paper, we propose a scheduling algorithm that provides a differentiated service in the granularity of user sessions. The proposed algorithm is a Hierarchical Deficit Round-Robin (H-DRR) algorithm that is an extension of an existing DRR algorithm. A main advantage is that H-DRR provides service differentiation for throughput-intensive applications such as FTP as well as delay-sensitive applications such as telnet or VoIP without distinguishing the types of applications. The most importance in providing a service differentiation in term of network providers is to have controllability and predictability. We show that H-DRR is superior to DRR in terms of controllability and predictability through both mathematical analysis and simulation experiments. Nevertheless, H-DRR requires O(1) complexity for implementation.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.9 no.3
• /
• pp.101-108
• /
• 2009

Since the use of wireless communication instruments was standardized, users expect to be provided with seamless information whenever and wherever they use the instruments. Also, some technology is required to satisfy the users' needs which will cover their mobility. To support the mobility of host, the Internet Engineering Task Force (lETF) Mobile IP Working Group proposed a protocol called MIPv6 (Mobile IPv6). But in the case of the existing MIPv6, sometimes Mobile Node cannot receive data packet if Handover occurs although it is a temporal phenomenon. For solving these Handover problems, there are many methods like FMIPv6 (Fast Handover for Mobile IPv6) and HMIPv6 (Hierarchical Mobile IPv6) have been suggested. This paper suggested the use of Dual Buffer of Access Point and an effective way of registration as a way of reducing delayed time caused by Handover. Also, it analyzed and compare the existing MIPv6 with a proposed scheme concerning delayed time of Handover. Finally, the main objective of this paper is to proposed scheme that can reduce the delayed time of Handover compare to the existing MIPv6.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.703-713
• /
• 2015

The linking system between the control system and the field devices in the existing EMS/SCADA, in order to increase the reliability of the data, and access control through the separation of external network. Currently, There is a tendency that the need for connection to an external network that takes into account the economic aspect, systematic management and efficiency of operations is increasing. Such is evolved linkage section, is to have more security vulnerabilities than in the past, Eventually communication EMS/SCADA linkage section requires special management method. In this paper, taking into account the domestic environment, were presented the security Certification and Accreditation technology that was applied to serial DNP3 and TCP/IP based DNP3 that are mainly used in EMS/SCADA linkage section. Presented to security of Certification and Accreditation technology, divided into Resource Robustness Test and Malicious Packet Test for evaluate the safety. Each of the security requirements and evaluation method in proposed technology, is an attempt to present the differentiation of the existing Certification and Accreditation technology.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.559-569
• /
• 2004

It has become more difficult to correspond an cyber attack quickly as a pattern of attack becomes various and complex. And, current security mechanisms just have passive defense functionalities. In this paper, we propose new network security architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture make possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service) using active packet technology including a mobile sensor on active network. Active Security Management System based on proposed security architecture consists of active security node and active security server in a security zone, and is designed to have more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of Active Security Management System. The experimentation results are analyzed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39C no.11
• /
• pp.1139-1145
• /
• 2014

In shipyard site, a ship is constructed by integrating lots of modules that are made in several sites with different capabilities and specifications. Recently, it needs to make a shipyard to be smart communicating various multimedia information with wired and wireless broadband networks between hierarchical shipyards. In this paper, we propose an additional function of an LTE femtocell local gateway at a remote shipyard, an information exchange method between hierarchical shipyards, and an offload method to separate the general traffic. To reduce traffic of duplicated requests in shipyard, we apply a D2D communication scheme for supporting communication between shipyard equipments without IP service network. Hence, it is expected to increase the productivity of shipyard industry with mobile communications, D2D and broadband Internet technologies.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.5 no.4
• /
• pp.706-715
• /
• 2001

TCP typically offers reasonable end-to-end performance to users regardless of the bandwidth and error characteristics of particular network technology, The robustness of TCP has contributed to its success in the internet environment. The role of communications is already well established in the office environment. With the advent of cheap, affordable broadband communications and the increasing complexity of consumer goods, it seems natural to extend the network into homes. In-home networking means a high-speed communication among the digital appliances within a home. Introduction of application over high-speed home network using TCP/IP protocol is increasing. The integrated environment of internet and home network is demanding as well. We have validated TCP model over high speed home network environment, investigated the throughput behavior of TCP over IEEE 1399 home networks, and evaluated a potential solution for high performance of TCP over IEEE 139t home networks. The simulation model has produced several interesting results in the performance of TCP over IEEE 1394 home network.