• Journal of information and communication convergence engineering
• /
• v.7 no.2
• /
• pp.157-163
• /
• 2009

With the wide usage of internet in many fields, networks are being exposed to many security threats, such as DDoS attack and worm/virus. For enterprise network, prevention failure of network security causes the revealing of commercial information or interruption of network services. In this paper, we propose a method of prevention of DDoS attacks for enterprise network based on traceback and network traffic analysis. The model of traceback implements the detection of IP spoofing attacks by the cooperation of trusted adjacent host, and the method of network traffic analysis implements the detection of DDoS attacks by analyzing the traffic characteristic. Moreover, we present the result of the experiments, and compare the method with other methods. The result demonstrates that the method can effectively detect and block DDoS attacks and IP spoofing attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.414-416
• /
• 2010

WiBro network technologies developed mainly by Korea are one of very promising 4G technologies. WiBro has been standardized as international standard called Mobile WiMAX, and has been deployed in many countries. Emergency Services are infrastructural servicesa and very essential to induce subscribers from other types of networks. This paper propose a network architecture for supporting emergency services for mobile VoIP services in WiBro networks. The proposed architecture is based on WMF's architecture for internationa compatibilities, and reflects national considerations on interfacing PSAP for domestic compatibilities.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.22 no.5
• /
• pp.654-666
• /
• 2019

The tactical network has several different characteristics compared with commercial internet network such as hierarchical topology, dynamic topology changing and wireless link based connectivity. For considering IP mobility management in the tactical network, current mobility management using Mobile IP(MIP) is not suitable with some reasons such as non-optimal routing paths and single point of failure. Proxy Mobile IP(PMIP) which supporting network-based mobility in hierarchical manner can provide optimal routing path in the tactical network environment, but centralized anchor is still remained a threat to the stability of the tactical network which changes its topology dynamically. In this paper, we propose PMIP-based distributed mobility management for the tactical network environment. From our design, routing paths are always configured in optimized way, as well as path is recovered quickly when the mobility anchor of user is failed. From numerical analysis, comparing to other mobility scheme, result shows that the proposed scheme can reduce packet transmission cost and latency in tactical network model.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.223-228
• /
• 2012

There are many algorithms to improve the network traffic and to avoid losing packets in the network. This paper proposed determining the shortest paths for hops, which are in the middle of the source and destination. The shortest path in this paper means the fastest path between them. Recently, dynamic routing algorithm is currently used now but this paper suggests the fastest paths between the source and the destination is by using the record of the network traffic history. People are using the networking and the network traffic is always corresponding to how many people use the networking in specific time. Therefore, I can predict the network condition by referring to the history of network traffic record, and then the shortest path can be produced without using RIP too much. It will be helpful to improve the network traffic.

• Journal of information and communication convergence engineering
• /
• v.7 no.2
• /
• pp.135-140
• /
• 2009

The wide deployment of wireless access technologies and the integration of various access network interfaces into a single terminal, allows mobile end-users to be always connected to the IP network, and to use those interface simultaneously. In this paper the CTE provides various access network interfaces capabilities, allowing reception of data over multiple service providers with different characteristics. Considerations for multiple network and service provider environments are regarded as essential for the successful deployment of convergence services in Next Generation Network (NGN). Event Driven Service (EDS) is regarded as a typical convergence service converging different functions of multiple service providers. This paper first describes the deployment model of NGN convergence services for multiple service provider environments. It also covers the service scenario of EDS, a convergence service for multiple service provider environments in NGN. Multiple provider environments stimulates the unified identifier management, namely ubiquitous identification (U-ID), to enable users to be provided convergence services without awareness of multiple provides. Then the designed structure and procedures of U-ID based EDS are given. Finally, the implementation results tested on Korea Advanced Research Network (KOREN) are described.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.5
• /
• pp.477-486
• /
• 2010

This Study suggests security directions to reconstruct separate network of Smart Grid and information communication network as one communications system and implement Smart Grid integrated information communication network. In addition, it suggests prevention directions to prevent future cyber attacks by reorganizing network as the key three-stage network and separating TCP/IP four layers that consist of existing information communication network from Smart Grid. Moreover, it suggests the foundation for the study and the test by providing current problems of Smart Grid, weak points, and three security models. This study is meaningful to suggest development directions and situations as a technology of future-oriented electric industries, integrate attacks and preventions of TCP/IP Layers with Smart Grid, and seek for a new technology of Smart Grid and future tasks for Smart Grid information security.

• Journal of Digital Convergence
• /
• v.15 no.7
• /
• pp.201-211
• /
• 2017

Wireless network using dynamic IP and mobile IP technology provides the user with convenience of access and movement. However, this causes the attacker who disguises normal user(pretending to be a regular user) to have more opportunity in regard to access and acquisition of information. This paper help the network administrator and the service provider quickly to recognize the attacker's intention to access network and service. Therefore network administrator and service provider can specify and respond the location of the attacker appropriately. To achieve above, we define an entity (W_L_M) that manages user information of WiFi and LTE network, and propose messages and procedures for attacker's location identification and alarm. The performance evaluation of this paper is based on qualitative analysis. By using the proposed method, some cost (message creation, processing and transmission) occurred but it was analyzed to be less than the total network operation cost. The proposal of this paper is a management method that utilizes existing network information and structure. This method can be used as a reference material to enhance security.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.10
• /
• pp.34-40
• /
• 2014

With the economical data service delivery, the packet transport network (PTN) technologies have emerged as an important player in the next-generation transport networks. As the PTN continues to make such considerable progress, it is being challenged by network providers who need rapid and reliable recovery capabilities to guarantee the availability of their services. This paper introduces several fault detection mechanisms for a client signal failure in packet transport networks and proposes a reliable transmission method of IP flows from routers using the combination of Ethernet services. Based on the first fault detection methods, client signal fault is detected within tens or hundreds of milliseconds. It enables the client network devices to perform their own recovery processes within one second. The second mechanism enables failed Ethernet services to be bypassed via other Ethernet services over disjoint paths, so as to contribute on reducing packet loss of IP traffic.

• Journal of the Institute of Convergence Signal Processing
• /
• v.8 no.1
• /
• pp.39-43
• /
• 2007

In high speed communication networks, the determination of a transmission rate is critical for the stability of a closed-loop network system with the congestion control scheme. In ATM networks, the available bit rate (ABR) service is based on a feedback mechanism, i.e., the network status is transferred to the ABR source by a resource management (RM) cell. RM cells contain the traffic information of the downstream nodes for the traffic rate control. However, the traffic status of the downstream nodes can not be directly transferred to the source node in the IP based networks. In this paper, a new rate-based congestion control scheme using an exponential weighted moving average algorithm is proposed to build an efficient feedback control law for congestion avoidance in high speed communication networks. The proposed congestion control scheme assures the stability of switch buffers and higher link utilization of the network. Moreover, we note that the proposed congestion scheme can flexibly work along with the increasing number of input sources in the network, which results in an improved scalability.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.7B
• /
• pp.602-607
• /
• 2006

A subscriber-oriented service became necessary for the QoS management due to the development of network. BcN(Broadband convergence Network) which incorporates communication, broadcasting and internet not only improves the quality of the communication and broadcasting service but also. aims at broadband service. Therefore, QoS management for each subscriber becomes more important. Not yet, however, the discussion for the subscriber oriented QoS management is not activated. Although, there are several techniques for subscriber distinction using flow information, IP information or MAC information, but they are only processed in layer 3 network. Actually, it is impossible to manage QoS of all subscriber's in layer 3 network. In this paper, we propose a method for QoS management scheme that does not need additional processes or large hardware in layer 2 network and analyze efficiency and overheads. We propose the first subscriber-oriented service method in layer 2 network that is applicable to either existing network or BcN.