• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.83-92
• /
• 2007

In connectionless packet network, if a sender encrypts packets by block chaining mode and send it to receiver, the receiver should decrypt packets in encrypted order that is not received order. Therefore, the performance and efficiency are lowered for crypto communication system. To solve this problem, we propose packet encryption scheme for connectionless packet network that can decrypt the packets independently, even if the received order of packets are changed or packets are missed. The scheme makes new IV(Initial Vector) using IV that created by key exchange process and salt that made by random number. We propose extended Cryptoki API that added packet encryption/decryption functions and mechanism for improving convenience and performance. We implement the scheme and get result that the performance increased about $1.5{\sim}l5.6$ times compare with in case of implementing using Cryptoki API in the test environment.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.35-42
• /
• 2012

Increase of data traffic and the advent of new real-time services require to change from the traditional TDM-based (Time Division Multiplexing) networks to the optical networks that soft and dynamic configuration. Voice and lease line services are main service area of the traditional TDM-based networks. This optical network became main infrastructure that offer many channel that can convey data, video, and voice. To provide high resilience against failures, Packet-optical networks must have an ability to maintain an acceptable level of service during network failures. Fast and resource optimized lightpath restoration strategies are urgent requirements for the near future Packet-optical networks with a Generalized Multi-Protocol Label Switching(GMPLS) control plane. The goal of this paper is to provide packet-optical network with a hierarchical multi-layer recovery in order to fast and coordinated restoration in packet-optical network/GMPLS, focusing on new implementation information. The proposed schemes do not need an extension of optical network signaling (routing) protocols for support.

• Journal of the Korean Institute of Telematics and Electronics
• /
• v.22 no.6
• /
• pp.114-123
• /
• 1985

This is the second part of the four-part paper describing the development of a packet-switched computer network named the cORNET In this paper, following the first par paper that describes the concepts of the KORNET and the development of the network management center (NMC), wc present the design of the KORNET and the development of the network node processor (NNP) The initial configuration of the KORNET consists of three NNP's and one NMC. We have developed each NNP as a microprocessor-based (Mc68000) multiprocessor system, and implemented the NMC using a super-mini computer (Mv/8000) For the KORNET we use the virtual circuit (VC) method as the packet service strategy and the distributed adaptive routing algorithm to adapt efficiently the variation of node and link status. Also, we use a dynamic buffer management algorithm for efficient storage management. Thc hardware of the NNP system has been designed with emphasis on modularity so that it may be expanded esily . Also, the software of the NNP system has been developed according to the CCITT recommendations X.25, X.3, X.28 and X.29.

• Proceedings of the KIEE Conference
• /
• 2008.11a
• /
• pp.379-381
• /
• 2008

TETRA(Terrestrial Trunked Radio) is a digital trunked radio standard developed by the ETSI(European Telecommunications Standards Institute). Currently, TETRA was set Digital TRS in electric power If wireless backbone network. In this time, we use many company's TETRA modem. So, TETRA modem performance evaluation is very important. TETRA modem use two type of Data transfer mode. One is Packet Data using UDP/IP. and the other is SDS(Short Data Service). In this paper, We generate Packet Data using Traffic Generator module. Packet Data transfer 1000 times each 10 bytes to 400 bytes. We analyze transmission delay time, success rate and standard deviation.

• Journal of Communications and Networks
• /
• v.16 no.6
• /
• pp.656-666
• /
• 2014

In delay tolerant networks (DTNs), delay is inevitable; thus, making better use of buffer space to maximize the packet delivery rate is more important than delay reduction. In DTNs, epidemic routing is a well-known routing protocol. However, epidemic routing is very sensitive to buffer size. Once the buffer size in nodes is insufficient, the performance of epidemic routing will be drastically reduced. In this paper, we propose a buffer scheme to optimize the performance of epidemic routing on the basis of the Lagrangian and dual problem models. By using the proposed optimal buffer scheme, the packet delivery rate in epidemic routing is considerably improved. Our simulation results show that epidemic routing with the proposed optimal buffer scheme outperforms the original epidemic routing in terms of packet delivery rate and average end-to-end delay. It is worth noting that the improved epidemic routing needs much less buffer size compared to that of the original epidemic routing for ensuring the same packet delivery rate. In particular, even though the buffer size is very small (e.g., 50), the packet delivery rate in epidemic routing with the proposed optimal buffer scheme is still 95.8%, which can satisfy general communication demand.

• Journal of Communications and Networks
• /
• v.18 no.6
• /
• pp.948-961
• /
• 2016

Internet protocol (IP) spoofing is a serious problem on the Internet. It is an attractive technique for adversaries who wish to amplify their network attacks and retain anonymity. Many approaches have been proposed to prevent IP spoofing attacks; however, they do not address a significant deployment issue, i.e., filtering inefficiency caused by a lack of deployment incentives for adopters. To defeat attacks effectively, one mechanism must be widely deployed on the network; however, the majority of the anti-spoofing mechanisms are unsuitable to solve the deployment issue by themselves. Each mechanism can work separately; however, their defensive power is considerably weak when insufficiently deployed. If we coordinate partially deployed mechanisms such that they work together, they demonstrate considerably superior performance by creating a synergy effect that overcomes their limited deployment. Therefore, we propose a universal anti-spoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that can ascertain if a packet is spoofed and records this decision in the packet header. The edge routers of a victim network can estimate the forgery of a packet based on this information sent by the upstream routers. The results of experiments conducted with real Internet topologies indicate that UAS reduces false alarms up to 84.5% compared to the case where each mechanism operates individually.

• The KIPS Transactions:PartC
• /
• v.10C no.7
• /
• pp.937-942
• /
• 2003

In this paper, we measured and examined RTT delays and packet losses according to the changes of stationary loads for two typical stream-type traffics, a DV and a MPGE2 on the R＆D Gigabit Network testbed, JGN. As the result of our actual measurements, we realized that the packet size of stationary load have no effects on a DV and a MPGE2 stream on the very high-speed network(50Mbps, IP over ATM). When its bandwidth and stationary load exceeds 95％ of network bandwidth, packet losses appeared and RTT delay increased rapidly. Also we realized that the number and size of Receive ＆ Transmit buffer on the end systems have no effects on packet losses and RTT delays.

• The Journal of Engineering Research
• /
• v.5 no.1
• /
• pp.45-55
• /
• 2004

NAT (Network Address Translation) is an IP address modification protocol that translates private IP address into authentic Internet address. The main features of NAT are to improve network security and to save IP address. Generally speaking, in order to perform its functionality, NAT uses the address information in the packet header. Certain application protocols, however, use the information in the packet data as well as the information in the packet header to perform end-to-end communication. Therefore, to support these types of application protocols, NAT should be able to perform appropriate translation of protocol information in the packet data. In this thesis, we design and implement a method which translates virtual IP information in the packet date into real IP information by using port proxy server.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.1-8
• /
• 2021

With the rapid growth of intelligent devices and communication technologies, 5G network environment has become more heterogeneous and complex in terms of service management and orchestration. 5G architecture requires supportive technologies to handle the existing challenges for improving the Quality of Service (QoS) and the Quality of Experience (QoE) performances. Among many challenges, traffic steering is one of the key elements which requires critically developing an optimal solution for smart guidance, control, and reliable system. Mobile edge computing (MEC), software-defined networking (SDN), network functions virtualization (NFV), and deep learning (DL) play essential roles to complementary develop a flexible computation and extensible flow rules management in this potential aspect. In this proposed system, an accurate flow recommendation, a centralized control, and a reliable distributed connectivity based on the inspection of packet condition are provided. With the system deployment, the packet is classified separately and recommended to request from the optimal destination with matched preferences and conditions. To evaluate the proposed scheme outperformance, a network simulator software was used to conduct and capture the end-to-end QoS performance metrics. SDN flow rules installation was experimented to illustrate the post control function corresponding to DL-based output. The intelligent steering for network communication traffic is cooperatively configured in SDN controller and NFV-orchestrator to lead a variety of beneficial factors for improving massive real-time Internet of Things (IoT) performance.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.6
• /
• pp.1949-1955
• /
• 2000

This paper proposes a multistage interconnection ATM switching network without internal blocking. The first is recirculating shuffle-exchange network improved on hardware complexity. The next is connected to Rank network with tree structure. In this network, after the packets transferred to the same output ports are given each priority, only a packet with highest priority is sent to the next, an the others are recirculated to the first. Rearrangeability through decomposition and composition algorithm is applied for the transferred packets in hanyan network and all they arrive at a final destinations. To analyze throughput, waiting time and packet loss ratio according tothe size of buffer, the probabilities are modeled by a binomial distribution of packet arrival.