• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.234-237
• /
• 2016

Address Resolution Protocol (ARP) is used for mapping a network address to physical address in many network technologies. However, since ARP protocol has no security feature, it always abused by attackers for performing ARP-based attacks. Researchers presented many technologies to improve ARP protocol, but most of them require a high implementation cost or scarify the network performance for using ARP protocol securely. In this paper, we present an ARP-disabled network system to neutralize the ARP-based attacks. "ARP-disabled" means suppress the ARP messages like request, response and broadcast messages, but not the ARP table. In our system, ARP tables are used for managing static ARP entries without prior knowledge (e.g. IP, MAC list of client devices). This is possible because the MAC address was designed to be derived from IP address. In general, our system is safe from the ARP-based attacks even the attacker has a strong power. Moreover, we saved network bandwidth by disabling the ARP messages.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.40 no.5
• /
• pp.345-353
• /
• 2003

When designing network processors or implementing network equipments such as routers are implemented, IP lookup operations cause the major impact on their performance. As the organization of the IP address becomes simpler, the speed of the IP lookup operations can go faster. However, since the efficient management of IP address is inevitable due to the increasing number of network users, the address organization should become more complex. Therefore, for both IPv4(IP version 4) and IPv6(IP version 6), it is the essential fact that IP lookup operations are difficult and tedious. Lots of researcher for improving the performance of IP lookups have been presented, but the good solution has not been came out. Software approach alleviates the memory usage, but at the same time it si slow in terms of searching speed when performing an IP lookup. Hardware approach, on the other hand, is fast, however, it has disadvantages of producing hardware overheads and high memory usage. In this paper, conventional researches on IP lookups are shown and their advantages and disadvantages are explained. In addition, by mixing two representative structures, a new hybrid parallel architecture for fast IP lookups is proposed. The performance evaluation result shows that the proposed architecture provides better performance and lesser memory usage.

• Proceedings of the Korea Contents Association Conference
• /
• 2003.05a
• /
• pp.223-226
• /
• 2003

The best way in order to protect the system resource front Distributed Denial of Service(DDoS) attack is cut off the source of DDoS attack with path retracing the packet which transferred by attacker. Packet marking method can not use ICMP cause by using IP identifier field as marking field. And in case of increasing the number of router, retracing method using router ID has the size of marking field's increasing problem. In this paper, we propose that retracing method can be available the ICMP using marking field for option field in IP header and the size of making Held do not change even though the number of router is increased using the mark information which value obtained through XOR operation on IP address.

• 한국IT서비스학회:학술대회논문집
• /
• 2009.11a
• /
• pp.443-449
• /
• 2009

최근 USN과 소형 임베디드 장치에 IP 스택을 구현한 결과들이 활발히 소개되고 있으며 Non-IP 기반의 USN이나 임베디드 장치와는 차별화된 요소에 대한 논의도 함께 진행되고 있다. 집중화 되어 있던 자원이 IP기반 기술을 통해 컴퓨팅 환경, 서비스 환경이 분산되어 가고 있듯이 제한된 자원을 갖는 센서 노드에 IP가 부여 되었을 때 호스트 중심의 형태와는 다른 형태의 구성이 가능하게 되고 이를 통한 새로운 서비스 패러다임으로의 전환을 기대하고 있다. 이에 본 논문은 IP가 부여된 센서노드, 소형 임베디드 장치로 구성 가능한 서비스 구조를 제안하고자 한다.

• 한국정보통신설비학회:학술대회논문집
• /
• 2005.08a
• /
• pp.313-317
• /
• 2005

The network ingress filtering is a simple and efficient method for preventing IP source spoofing of fixed nodes. Since mobile hosts cannot communicate with its correspondent nodes if the network ingress filtering is configured in mobile IPv4 network, reverse tunneling was considered as a method for avoiding network ingress filtering. But, unfortunately this method does not solve IP source spoofing of mobile nodes. In this paper, we propose a simple and efficient method for preventing IP source spoofing of mobile nodes assuming that only the mobile hosts connected to foreign agents and the network that foreign agent manages is small.

• Journal of the Korea Society for Simulation
• /
• v.18 no.4
• /
• pp.207-217
• /
• 2009

We propose a two-stage Distributed Denial of Service (DDoS) defense system, which can protect a given subnet by serving existing flows and new flows with a different priority based on IP history information. Denial of Service (DoS) usually occurs when the resource of a network node or link is limited and the demand of the users for that resource exceeds the capacity. The objective of the proposed defense system is to provide continued service to existing flows even in the presence of DDoS attacks. The proposed scheme can protect existing connections effectively with a smaller memory size by reducing the monitored IP address set through sampling and per-prefix history management. We evaluate the performance of the proposed scheme through simulation.

• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.205-214
• /
• 2010

As network traffic is dramatically increasing due to the popularization of Internet, the need for application traffic classification becomes important for the effective use of network resources. In this paper, we present an application traffic classification method based on fixed IP-port information. A fixed IP-port is a {IP address, port number, transport protocol}triple dedicated to only one application, which is automatically collected from the behavior analysis of individual applications. We can classify the Internet traffic more accurately and quickly by simple packet header matching to the collected fixed IP-port information. Therefore, we can construct a lightweight, fast, and accurate real-time traffic classification system than other classification method. In this paper we propose a novel algorithm to extract the fixed IP-port information and the system architecture. Also we prove the feasibility and applicability of our proposed method by an acceptable experimental result.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.403-418
• /
• 2009

IP version 6 (IPv6) is a new If addressing scheme that has 128-bit address space. IPv6 is proposed to solve the address space problem of IP version 4 (IPv4) which has 32-bit address space. For a given IPv6 routing set, if a forwarding table is built using a trio structure, the trio has a lot more levels than that for IPv4. Hence, for IPv6 address lookup, the binary search on trio levels would be more appropriate and give better search performance than linear search on trio levels. This paper proposes a new IPv6 address lookup algorithm performing binary search on trio levels. The proposed algorithm uses a Bloom filter in pre-filtering levels which do not have matching nodes, and hence it reduces the number of off-chip memory accesses. Simulation has been performed using actual IPv6 routing sets, and the result shows that an IPv6 address lookup can be performed with 1-3 memory accesses in average for a routing data set with 1096 prefixes.

• Proceedings of the IEEK Conference
• /
• 2000.11a
• /
• pp.213-216
• /
• 2000

In this paper, we propose a new scheme which improves the IP address lookup time. The new scheme is composed of two core technologies, named the prefix alignment and the prefix distance ordering. Now, as the Internet is being used commonly by improving the data transmission capacity, the need for enlarging the bandwidth of the Internet is on the rise. IP address lookup performance problem is an important obstacle in the router executing high speed packet forwarding. This results from the fact that the prefixes routing table is composed of and the traffic being processed in unit time are largely on the increase. The proposed lookup scheme is divided into two parts in technology, the one is the algorithm forming a routing database(routing table), the other is the lookup procedure in the actual packet processing.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.15 no.4
• /
• pp.300-304
• /
• 2015

A low bit rate speech coder based on the non-uniform sampling technique is proposed. The non-uniform sampling technique is based on the detection of inflection points (IP). A speech block is processed by the IP detector, and the detected IP pattern is compared with entries of the IP database. The address of the closest member of the database is transmitted with the energy of the speech block. In the receiver, the decoder reconstructs the speech block using the received address and the energy information of the block. As results, the coder shows fixed data rate contrary to the existing speech coders based on the non-uniform sampling. Through computer simulation, the usefulness of the proposed technique is shown. The SNR performance of the proposed method is approximately 5.27 dB with the data rate of 1.5 kbps.