• The Journal of the Korea Contents Association
• /
• v.5 no.2
• /
• pp.115-121
• /
• 2005

In the present internet environment, various traffic flooding attacks and worm attacks cause economical loss. If IPv4 is substituted by IPv6 because of the lack of IP address, it will be more serious. Therefore, we design and implement the traffic analysis tool which can detect attacks by expecting them encountered in the IPv6 environment. Proposed tool is composed of packet generation module, packet gathering module, discrimination module, and display module in X-windows. As a simulation result, it is proved that it can effectively detect DAD-NA message attack, TCP SYN flooding attack, UDP flooding attack and ICMP flooding attack in the IPv6 environment.

• Journal of Internet Computing and Services
• /
• v.12 no.6
• /
• pp.19-33
• /
• 2011

The need for application traffic classification becomes important for the effective use of network resources. The header-based identification method uses the header signature {IP address, port number, transport layer protocol TCP/UDP)}extracted from Internet application server to overcome some limitations overhead, payload encryption, etc.) of previous methods. A lots signature is extracted because this method uses header information of server. So, we need a maintenance method to keep essential signatures. In this paper, we represent the signature maintenance method using properties of identified traffic and history of the signature. Also, we prove the feasibility and applicability of our proposed method by an acceptable experimental result.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2004.10a
• /
• pp.619-622
• /
• 2004

For recent years, hacking is in the trends of making excessive traffic unnecessarily to obstruct the service by getting a system's performance down. And we can also see systems paralyzed in service ability due to the flash crowds of normal traffic to a popular website. This is an important problem certainly solved in the point of QoS guarantee for the clients. It is known that the former is DDoS(Distributed Denial of Service) attack and the latter is FE(Flash Event). These two are samely anomalous traffic because these make excessive congestion on the network or system and downgrade the system's service ability. In this paper, we propose a scheme for protecting the system against anomalous traffic and for guaranteeing the QoS. For this, a server records and maintains the information of clients accessed more than one time before when it is in normal condition. When it falls into the congestion, the records are used for filtering the spoofed IP. We send and receive the ICMP request/reply packet to know whether the IP is spoofed. And we also propose for applying the object spliting of CDN to guarantee the QoS in the initial FE situation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.848-851
• /
• 2005

The BcN is applying from public networks to local networks and each terminal step by step until 2007. By IPv6 network introduction, IP address lack problem can be solved. However, the threats that network attacks of another method can be caused with new problem of network security in IPv6 networks. In this paper, we suggest the traffic analysis tool which analyze IPv6 traffic efficiently to detect/response network attack in IPv6 environment. The implemented IPv6 traffic analysis tool uses IPv6 header to analyze traffic and detect network attacks. Also, we also propose detection algorithm to detect network attacks in IPv6 networks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.10B
• /
• pp.857-865
• /
• 2006

In order to test and evaluate the various functions and services of NGN would be promised, a specified methodology is needed and a development for the identification of testing object, configuration and test traffic are required. Simulation and analytical modeling methodshave used for IP performance testing, but further study issue still remains. This paper proposes new evaluation methodology to achieve an objective approach rather than a subjective and isolated, based on the real-field environment, for NGN network. For this purpose, background traffic pattern to interfere test traffic was specified and it was tested in actual NGN testbed with systems having NGN technology, such as per bandwidth and packet size. The results shows the suggested methodology is appropriate, comparing with parameters which are Delay, Jitter and Loss the current approach for the end-to-end performance evaluation on NGN.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.6 s.38
• /
• pp.261-268
• /
• 2005

Recently, Many People have studied in Mobile Ipv6 to provide seamless service. FMIPv6 is designed to reduce the procedure of handover and will be used SIP, VoIP and Mobile Internet moving picture service. But, If mobile node moves fast, it will happen to packet loss and interruption problem in handover procedure. So, In this paper, designed and evaluated traffic control mechanism using WFQ scheduling to reduce the packet loss that occurred to handover procedure.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.95-104
• /
• 2007

Mobile multimedia services such as TV-call or video streaming are gradually becoming popular in the 3rd or more generation mobile network (IMT-2000). Multimedia traffic is expected to continue increasing into the coming years, and IP technology is considered to be the efficient way of transporting such huge volumes of multimedia traffic. IP-based IMT network platform represents an evolution from IMT-2000. The structure of IP-based IMT network as ubiquitous platform is three-layered model : Middleware including Network Control PlatForm (NCPF) and Service Support PlatForm (SSPF), IP-BackBone (IP-BB), access network including sensor network. Mobility Management (MM) architecture in NCPF is proposed for IP-based IMT network in order to manage routing information and location information separately. The generous existing method of multicast control in IP-based IMT network is Remote Subscription. But Remote Subscription has problem that should be reconstructed whole multicast tree when sender in multicast tree moves to another area. To solve this problem, we propose the way to put Multicast-manager in NCPF.

• The KIPS Transactions:PartC
• /
• v.12C no.6 s.102
• /
• pp.827-838
• /
• 2005

DDoS (Distributed Denial of Service) attack is a critical threat to current Internet. To solve the detection and response of DDoS attack on BcN, we have investigated detection algorithms of DDoS and Implemented anomaly detection modules. Recently too many technologies of the detection and prevention have developed, but it is difficult that the IDS distinguishes normal traffic from the DDoS attack Therefore, when the DDoS attack is detected by the IDS, the firewall just discards all over-bounded traffic for a victim or absolutely decreases the threshold of the router. That is just only a method for preventing the DDoS attack. This paper proposed the mechanism of response for the legitimated clients to be protected Then, we have designed and implemented the statistic based system that has the automated detection and response functionality against DDoS on Linux Zebra router environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.11B
• /
• pp.1007-1015
• /
• 2003

In this Paper, we propose a method of determining the price for the elastic traffic in the current or future Internet services. First, we investigate the behavior in the consumption of bandwidth of elastic traffic in IP network. Next, we propose a new method to relate the bandwidth usage with the pricing for the elastic traffic, which is based partially or fully on the usage rate of the network bandwidth. Next, we propose an optimal charging function for elastic traffic, which is applicable to any Internet services. Finally, we will illustrate the implication of the work via simple numerical experiments.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.595-602
• /
• 2003

In this paper, we proposed new buffer management and cell scheduling scheme of GFR service for improving fairness of TCP/IP traffic in ATM networks. The proposed algorithm used untagged cell, which came to ATM switch, to decide the policy for discard of frame and what kind of VC cell it would serve. Performance analysis through the simulation present that proposed scheme can meet fairness 2 (MCR Plus equal share), which are not met by conventional scheduling mechanism such as WRR. Also, proposed scheme is superior to WRR about 30% in throughput and more efficiency in fairness criteria.