• The KIPS Transactions:PartD
• /
• v.10D no.1
• /
• pp.153-160
• /
• 2003

Recently, deployments of firewalls and NATs ire increasing to provide network security features or to solve the problem of public IP shortage. But, in these environments, peers in different firewall or NAT environments may get limited services because they cannot open direct communicate channels. This can be a significant problem in pure P2P environments where the peers should get or provide services by opening direct channels among themselves. In this paper, we propose a scheme for dynamically selecting a peer that fan be used as a proxy server. The proxy server supports the communication between the peers in different firewall or NAT environments. The proposed scheme is operating system independent and supports bidirectional communication among the peers in P2P environments. Additionally, the proposed scheme can distribute network traffic by dynamically allocating proxy servers to the peers that is not located in the firewall or NAT environments.

• Journal of Internet Computing and Services
• /
• v.8 no.6
• /
• pp.21-28
• /
• 2007

Hierarchical Mobile IPv6 improves performance of Mobile IPv6 by managing Binding Update in terms of location, With improved handover delay, realization of delay-sensitive services (e,g, VoIP or video streaming) has become more persuadable, Comparing with Mobile IPv6, however, Hierarchical Mobile IPv6 brings security threats related to Local Binding Update to mobile network, In the RFC 4140, specific methods to authenticate Local Binding Update message are not explicitly presented. It is essential that design secure architecture to address problems related to authenticating Local Binding Update, Many secure suggestions for Local Binding Update, however, concentrate on infrastructure-based solutions such as AAA PKI. These approaches may cause scalability problem when the suggested solutions are applied to real network. Therefore we suggest authentication method that doesn't require infrastructure, In addition to authentication of Local Binding Update, our method also provides mobile node with power saving ability.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.143-148
• /
• 2016

There is increasing concern about security as a need for increased safety in the information industry society. However, it does not meet the needs for safety including CCTV. Therefore, in this paper, we link the processing technology using the image information to the IPS system consisting of GPS and Beacon. It designed a conventional RFID tag attached discomfort and image tracking system is limited to complement the disadvantages identifiable area. To this end, we designed a smart device and the Internet of Things convergence system and a research to ensure the accuracy and reliability of the IPS of the access control system. Finally, by leveraging intelligent video information using a PTZ camera, and set the entrant management policies it was carried out to control the situation and control. Also, by designing the integrated video tracking system, an authentication server, visualization systems were designed to establish an efficient technique for analyzing the IPS entrant behavior patterns.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.1055-1057
• /
• 2013

Routers currently used in homes and institutions have a function of multiple computers to connect to the Internet with a single IP address. It is possible only through setting or establishing a separate operation in a used PC or server to function as a web/printer server, web hard, and P2P. In this paper, by utilizing the OpenWRT Linux-based through the construction of the Web server through a router OpenWRT of (Open Wireless Router) base, to build a server simple compact, low power consumption, low cost, to operate by reliability to provide Internet telephony and multimedia services high securely over the server security, which is based on the setting of policy and various firewall at the same time the configuration of the network utilizing OpenWRT router that can be enhanced, to construct a Web server through a router multi functional can receive the provision of services using the program PC and mobile APP.

• Journal of Convergence Society for SMB
• /
• v.1 no.1
• /
• pp.67-73
• /
• 2011

Handover in high speed mobile communication service, in particulary mobile WiMAX is supported efficiency mobility to 120km/h speed. But, in order to accommodate number of user increment in a cell, wireless network is increment to microcell and picocell by allocate bandwidth and by decrease cell size. handover is occurrent and increment connection failure ratio In this result. IEEE 802.16 standard is support seamless connection through handover optimization scheme. But because authentication process is abbreviate, network weakness is exposure. In this paper, we propose handover scheme for support realtime service as VoIP, Picure communication, Streaming Data Service in order to support partially encryption method. In experiment, proposed scheme is proof which process time is increment 20% more than previous scheme.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.638-640
• /
• 2016

Recently, Humanity enter the super-connection generation that linking human and things as a result of the development ICT technologies. IoT technology is growing rapidly as a result of IoT technology appearance and development of smart device, technology expansion, the spread of smart sensors, spread diffusion of smart devices, construction of a variety of network. These techniques are applied to those having a mobility is growing importance of network technology. Real-time service and features, such as the accuracy of the data it became important. In order to implement the IoT will need to take into account IP, security, a lot of things such as a service model, but in this paper, want to discuss mobility, for the tracking technology of routing path for efficient service delivery of the host. Therefore, in this paper, the routing path that is currently study examined the tracking technology, we try to refer to routing method of the future of the mobile host.

• The KIPS Transactions:PartC
• /
• v.16C no.1
• /
• pp.21-26
• /
• 2009

Presently, the demand for IPTV, to satisfy a variety of goals, is exploding. IPTV is coming into the spotlight as a killer application in upcoming IP convergence networks such as triple play which is the delivery of voice, internet, and video service to a subscriber. IPTV utilizes CAS, which controls the subscriber access to content for a profit. Although the current CAS scheme provides access control via subscriber authentication, there is no authentication scheme for the content transmitted from service providers. Thus, there is a vulnerability of security, through which an adversary can forge content between the service provider and subscribers and distribute malicious content to subscribers. In this paper, based on a hash tree scheme, we proposed efficient and strong source authentication protocols which remove the vulnerability of the current IPTV system. We also evaluate our protocol from a view of IPTV requirements.

• The Journal of the Convergence on Culture Technology
• /
• v.6 no.1
• /
• pp.455-461
• /
• 2020

Electronic payment system using Internet banking is a very important application for users of e-commerce environment. With rapidly growing use of fintech applications, the risk and damage caused by malicious hacking or identity theft are getting significant. To prevent the damage, fraud detection system (FDS) calculates the risk of the electronic payment transactions using user profiles including types of goods, device status, user location, and so on. In this paper, we propose a new risk calculation method using relative location of users such as SSID of wireless LAN AP and MAC address. Those relative location information are more difficult to imitate or copy compared with conventional physical location information like nation, GPS coordinates, or IP address. The new method using relative location and cumulative user characteristics will enable stronger risk calculation function to FDS and thus give enhanced security to electronic payment systems.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.8
• /
• pp.1741-1748
• /
• 2005

In this paper, we describe VLSI design and performance evaluation of OCB-AES crytographic algorithm that simulataneously provides privacy and authenticity. The OCB-AES crytographic algorithm sovles the problems such as long operation time and large hardware of conventional crytographic system, because the conventional system must implement the privancy and authenticity sequentially with seqarated algorithms and hardware. The OCB-AES processor with area-efficient modular offset generator and tag generator is designed using IDEC Samsung 0.35um standard cell library and consists of about 55,700 gates. Its cipher rate is about 930Mbps and the number of clock cycles needed to generate the 128-bit tags for authenticity and integrity is (m+2)${\times}$(Nr+1), where m and Nr represent the number of block for message and number of rounds for AES encryption, respectively. The OCB-AES processor can be applicable to soft cryptographic IP of IEEE 802.11i wireless LAN and Mobile SoC.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.5
• /
• pp.113-120
• /
• 2020

KISTI(Korea Institute of Science and Technology Information) provides HPC(High Performance Computing) service to users of university, institute, government, affiliated organization, company and so on. The NURION, supercomputer that launched its official service on Jan. 1, 2019, is the fifth supercomputer established by the KISTI. The NURION has 25.7 petaflops computation performance. Understanding how supercomputing services are used and how researchers are using is critical to system operators and managers. It is central to monitor and analysis network traffic. In this paper, we briefly introduce the NURION system and supercomputing service network with security configuration. And we describe the monitoring system that checks the status of supercomputing services in real time. We analyze inbound/outbound traffics and abnormal (attack) IP addresses data that are collected in the NURION supercomputing service network for 11 months (from January to November 1919) using time series and correlation analysis method.