• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.173-186
• /
• 2003

Distributed Denial-of-Service(DDoS) attack prevent users from accessing services on the target network by spoofing its origin source address with a large volume of traffic. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Existing IP Traceback methods can be categorized as proactive or reactive dating. Proactive tracing(such as packet marking and messaging) prepares information for tracing when packets are in transit. Reactive tracing starts tracing after an attack is detected. In this paper, we propose a 'advanced ICW Traceback' mechanism, which is based on the modified pushback system with secure router mechanism. Proposed mechanism can detect and control DDoS traffic on router and can generate ICMP Traceback message for reconstructing origin attack source, by which we can diminish network overload and enhance Traceback performance.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.3
• /
• pp.261-265
• /
• 2008

As increasing the user of VoIP service using ITSP(Internet Telephony Service Provider), the VoIP spam becomes a big problem. The spam used in the existing public telephone is detected by using the pattern inspection of call behavior because it is difficult to filter contents for the characteristic of real-time voice communication. However there is a false-positive problem. The threat on spam remains where spam with low threshold can't be detected or users share one number. In this paper, we propose anti-spam for VoIP based on luring test. The proposed method gives a user luring test and he/she can connect to a receiver if passing turing test. A ticket is given to a user that pass luring test and it reduces overhead of luring test in re-dial. The proposed method is implemented on ASUS WL-500G wireless router and Asterisk IP-PBX. Experimental results show the effectiveness of the proposed method.

• Journal of Korean Institute of Industrial Engineers
• /
• v.27 no.4
• /
• pp.406-412
• /
• 2001

IP address lookup is to determine the next hop destination of an incoming packet in the router. The address lookup is a major bottleneck in high performance router due to the increased routing table sizes, increased traffic, higher speed links, and the migration to 128 bits IPv6 addresses. IP lookup time is dependent on data structure of lookup table and search scheme. In this paper, we propose a new approach to build a lookup table that satisfies the memory constraint. The design of lookup table is formulated as an optimization problem. The objective is to minimize average depth from the root node for lookup. We assume that the frequencies with which prefixes are accessed are known and the data structure is level compressed trie with branching factor $\kappa$ at the root and binary at all other nodes. Thus, the problem is to determine the branching factor k at the root node such that the average depth is minimized. A heuristic procedure is proposed to solve the problem. Experimental results show that the lookup table based on the proposed heuristic has better average and the worst-case depth for lookup.

• Journal of Satellite, Information and Communications
• /
• v.7 no.3
• /
• pp.130-134
• /
• 2012

This paper introduces a home network service system using a low-cost wireless router on OpenWrt which can be remotely controled by Android devices. The proposed system consists of an embedded system development platform for home network service control based on OpemWrt embedded Linux, an embedded system development platform, a remote control on Android, and a home linghting device made by an interface board with LEDs. The prototype system is made of a wireless router of Buffalo, WZR-HP-G450H, Arduino Uno interface board with LEDs, and an Android development kit of HBE-SM5-S421. The operation was performed by TCP/IP programming for Android remote control, socket programming between Android development kit and wireless router, and UART communication programming between the interface board and wireless router. The implementation result shows that a low cost home network systme could be implemented with a wireless router.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.4
• /
• pp.833-838
• /
• 2014

Recently the use router is to allow multiple computers by one IP can be connect to the Internet. Also, the PC or server in order to use a Web server or a print server, Web Hard, P2P should be settings. In this paper, we are building a multi-functional Web server that using a router supported OpenWRT based on network settings and firewall settings and a variety of services. A web server can be provided the Internet phone and secure multimedia service Web server router based OpenWRT may be provided through a mobile app and the PC application service.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.1
• /
• pp.74-81
• /
• 2001

In this paper. the architecture of a high-speed ATM router using ATM switch is studied and the performance of the high-speed ATM router is analyzed through simulation. The high-speed ATM router using ATM switch is able to reduce the load of router and the processing time of a packet in the router. The size of router buffers has been studied through simulation processes for the analysis of performance capacity in due course of making changes in routing time(RT), which is the performance capacity parameters of high-speed ATM routers, flow table size(FS), flow live time(FT) and input circuit efficiencies. The result of this study can be used as the source material for analyzing the suitability of equipment in upgrading networks and applying high-speed ATM routers by using ATM switches.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.10
• /
• pp.2733-2740
• /
• 2009

An advanced and proactive response mechanism against diverse attacks on All-IP network should be proposed for enhance its security and reliability on open network. There are two main research works related to this study. First one is the SPIE system with hash function on Bloom filter and second one is the Sinkhole routing mechanism using BGP protocol for verifying its transmission path. In this study, we proposed an advanced IP Tracing mechanism based on Bloom filter and Sinkhole routing mechanism. Proposed mechanism has a Manager module for controlling the regional router with using packet monitoring and filtering mechanism to trace and find the attack packet's real transmission path. Additionally, proposed mechanism provides advanced packet aggregation and monitoring/control module based on existing Sinkhole routing method. Therefore, we can provide an optimized one in All-IP network by combining the strength on existing two mechanisms. And the Tracing performance also can be enhanced compared with previously suggested mechanism.

• Journal of Internet Computing and Services
• /
• v.11 no.2
• /
• pp.85-98
• /
• 2010

An advanced and proactive response mechanism against diverse attacks on All-IP network should be proposed for enhancing its security and reliability on open network. There are two main research works related to this study. First one is the SPIE system with hash function on Bloom filter and second one is the Sinkhole routing mechanism using BGP protocol for verifying its transmission path. Therefore, advanced traceback and network management mechanism also should be necessary on All-IP network environments against DDoS attacks. In this study, we studied and proposed a new IP traceback mechanism on All-IP network environments based on existing SPIE and Sinkhole routing model when diverse DDoS attacks would be happen. Proposed mechanism has a Manager module for controlling the regional router with using packet monitoring and filtering mechanism to trace and find the attack packet's real transmission path. Proposed mechanism uses simplified and optimized memory for storing and memorizing the packet's hash value on bloom filter, with which we can find and determine the attacker's real location on open network. Additionally, proposed mechanism provides advanced packet aggregation and monitoring/control module based on existing Sinkhole routing method. Therefore, we can provide an optimized one in All-IP network by combining the strength on existing two mechanisms. And the traceback performance also can be enhanced compared with previously suggested mechanism.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.177-182
• /
• 2011

These days as there are growing the number of vessel sailing, diverse aquaculture industries, fishing works, and leisure activities in coastal area, the diverse communication services have been required for secure voyage information. This paper addresses the scheme for costal area service using mobile IP router with multiple interfaces. For this, this system has the wireless interfaces, such as WiBro, HSDPA, and WLAN that can provides vessels with divers communication services, and can provide the vessels with the diverse information communication services in real-time through wireless communication network installed in costal area. So this can provide the infrastructure that supplies the authorized seamless information communication services.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.3 no.3
• /
• pp.188-194
• /
• 2008

In this paper, we propose for improving QoS in Hospital wireless network using Cellular-IP/PRC(Paging Route Cache) with Paging Cache and Route Cache in Cellular-IP and propose for performance of realtime and non-real time handoff service using Handoff state machine Paging Route Cache. Although the Cellular-IP/PRC technology is devised for mobile internet communication, it has its vulnerability in frequent handoff environment. This handoff state machine using differentiated handoff improves quality of services in Cellular-IP/PRC Suggested algorithm shows better performance than existing technology in wireless mobile internet communication environment. When speech quality is secured considering increment of interference to receive in case of suppose that proposed acceptance method grooves base radio station capacity of transfer node is plenty, and moat of contiguity cell transfer node was accepted at groove base radio station with a blow, groove base radio station new trench lake acceptance method based on transmission of a message electric power estimate of transfer node be. Do it so that may apply composing PC(Paging Cache) and RC(Routing Cache) that was used to manage paging and router in radio Internet network in integral management and all nodes as one PRC(Paging Router Cache), and add hand off state machine in transfer node so that can manage hand off of transfer node and Roaming state efficiently, and studies so that achieve connection function at node. Analyze benevolent person who influence on telephone traffic in system environment and forecasts each link currency rank and imbalance degree, forecast most close and important lake interception probability and lake falling off probability, GoS(Grade of Service), efficiency of cell capacity in QoS because applies algorithm proposing based on algorithm use gun send-receive electric power that judge by looking downward link whether currency book was limited and accepts or intercept lake and handles and displays QoS performance improvement.