• Journal of Astronomy and Space Sciences
• /
• v.13 no.2
• /
• pp.117-133
• /
• 1996

In this paper, we describe the architecture and protoccl of stored-and-forward packet communication payload of KITSAT 1/2 microsatellites and then analyze this payload in terms of the probabilities of login success and login refusal, and maximum throughput as quality of service parmaeters.

• Proceedings of the IEEK Conference
• /
• 2001.06a
• /
• pp.29-32
• /
• 2001

This paper has simulated the PER(Packet Error Rate), ratio of received packet and payload BER of Bluetooth system with packet types of ACL(Asynchronous Connection Less) and SCO(Synchronous Connection Oriented) link over wireless Ad-hoc environment. AWGN(Additive White Gaussian Noise) and Rayleigh fading are considered as channel model, and the analysis is based on the baseband model of Bluetooth system. In terms of PER and ratio of received packet, performance of DM1 packet is almost same as those of HV1, HV2 and HV3 packets, the performances of the other packets depend on the packet types. In terms of payload BER performance, there is no difference among HV2 packet of SCO link and DM1, DM3, DM5 packets of ACL link. Moreover, there is no difference among HV3 packet of SCO link and DM1, DM3, DM5 packets of ACL link, too.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.5
• /
• pp.794-804
• /
• 2018

Various applications running in computers exchange information in the form of packets through the network. Most packets are formatted into UDP/IP or TCP/IP standard. Network management administrators of enterprises and organizations should be able to monitor and manage packets transmitted over the network for Internet traffic measurement & monitoring, network security, and so on. The goal of this paper is to analyze the performance of several algorithms which closely examine and analyze payloads in a DPI(Deep Packet Inspection) system. The main procedure of packet payload analysis is to quickly search for a specific pattern in a payload. In this paper, we introduce several algorithms which detect a specific pattern in payloads, analyze the performance of them from three perspectives, and suggest an application method suitable for requirements of a given DPI system.

• Journal of Korea Multimedia Society
• /
• v.9 no.2
• /
• pp.197-207
• /
• 2006

When the latency of a flow in a fair packet scheduler, which is determined by its rate, violates its required delay bound, the scheduler should reduce the latency with even raising the rate being reserved for the flow. The excessively reserved rate win enforce some outgoing link bandwidth be lost. This loss can not be, unfortunately, evaluated by the three metrics of latency, fairness and implementation complexity used in previous works. This paper is aimed to first introduce the metric of bandwidth utilization to investigate the bandwidth loss in a scheduler and then evaluate the timestamp based schedulers in terms of the bandwidth and payload utilizations. The results show that the bandwidth utilization increases with loosing the required delay bound and, in particular, schedulers with the latency property of WFQ have much better payload utilization by up to 50% than that in the SCFQ one.

• Journal of Information Technology Services
• /
• v.7 no.2
• /
• pp.137-148
• /
• 2008

This paper measures and compares the traffic of a series of Massively Multi-player On-line Role Playing Game (MMORPG). The purpose of this analysis is to characterize the MMORPG traffic and compare the traffic characteristics of those games caused by the game structure difference between 2D and 3D environment. The target game is 'Lineage I' and 'Lineage II' which represent world's largest MMORPGs in terms of the number of concurrent users. We collect about 280 giga bytes and 1 tera bytes of packet headers, respectively. We compare packet size, packet inter-arrival time and bandwidth usage of these two games. The MMORPG traffic consists of two kinds of packets: client-generated upstream packets and server-generated downstream packets. We observe that the upstream packet size of payload has grown from 9 bytes to 19 bytes, while the average payload size of downstream packets has grown from 37 bytes to 318 bytes. This asymmetry of growing rate is caused by 3D game structure. Packet inter-arrival time becomes shorter from average 2 milliseconds to 58 microseconds. Bandwidth consumption per client has grown from 4 kbps to 20 kbps. We find that there is a linear relationship between the number of users and the bandwidth usage in both case.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3884-3910
• /
• 2016

Intrusion Detection System (IDS) in general considers a big amount of data that are highly redundant and irrelevant. This trait causes slow instruction, assessment procedures, high resource consumption and poor detection rate. Due to their expensive computational requirements during both training and detection, IDSs are mostly ineffective for real-time anomaly detection. This paper proposes a dimensionality reduction technique that is able to enhance the performance of IDSs up to constant time O(1) based on the Principle Component Analysis (PCA). Furthermore, the present study offers a feature selection approach for identifying major components in real time. The PCA algorithm transforms high-dimensional feature vectors into a low-dimensional feature space, which is used to determine the optimum volume of factors. The proposed approach was assessed using HTTP packet payload of ISCX 2012 IDS and DARPA 1999 dataset. The experimental outcome demonstrated that our proposed anomaly detection achieved promising results with 97% detection rate with 1.2% false positive rate for ISCX 2012 dataset and 100% detection rate with 0.06% false positive rate for DARPA 1999 dataset. Our proposed anomaly detection also achieved comparable performance in terms of computational complexity when compared to three state-of-the-art anomaly detection systems.

• Journal of KIISE:Information Networking
• /
• v.31 no.4
• /
• pp.363-374
• /
• 2004

In this paper, we propose an in-line mode NIDS using network processors(NPs) that achieve performance comparable to ASIC and flexibility comparable to general-purpose processors. Even if many networking applications using NPs have been proposed, we cannot find any NP applications to NIDS in the literature. The proposed NIDS supports packet payload inspection detecting attacks, as well as packet filtering and traffic metering. In particular, we separate the filtering and metering functions from the complicated and time-consuming operations of the deep packet inspection function using two-level searching scheme, thus we can improve the performance, stability, and scalability of In-line mode system. We also implement a proto-type based on a PC platform and the Agere PayloadPlus (APP) 2.5G NP solution, and present a payload inspection algorithm to apply APP NP.

• Korean Journal of Remote Sensing
• /
• v.33 no.5_1
• /
• pp.521-535
• /
• 2017

Since satellites, including payloads, are limited in how they can respond to problems after launch, the functionality of the satellite should be verified sufficiently by EGSE (Electrical Ground Support Equipment). In addition, considering the trend that the development period of the satellite is shortening and the development of the EGSE must precede the development of the engineering model of electronic equipment, early securing of EGSE is necessary to comply with the development schedule of the entire satellite. In this paper, we propose a method for early securing highly reliable EGSE by devising a scenario based operating payload packet analyzer, which is a part of the EGSE, through functional modularization and external parameterization, and show the result of applying the implemented payload packet analyzer to real satellite program.

• The KIPS Transactions:PartC
• /
• v.13C no.2 s.105
• /
• pp.203-210
• /
• 2006

Fair packet scheduling algorithms supporting quality-of-services of real-time multimedia applications can be classified into the following two design schemes in terms of the reference time used in calculating the timestamp of arriving packet: Finish-time Design (FD) and Start-time Design (SD) schemes. Since the former can adjust the latency of a flow with raising the flow's reserved rate, it has been applied to a router for the guaranteed service of the IETF (Internet Engineering Task Force) IntServ model. However, the FD scheme may incur severe bandwidth loss for traffic flows requiring low-rate but strong delay bound such as internet phone. In order to verify the usefulness of the SD scheme based router for the IETF guaranteed service, this paper analyzes and compares two design schemes in terms of bandwidth and payload utilizations. It is analytically proved that the SD scheme is better bandwidth utilization than the FD one, and the simulation result shows that the SD scheme gives better payload utilization by up to 20%.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.123-130
• /
• 2008

To avoid some protection systems such as firewall, P2P applications have recently used to apply dynamic port numbers. Reliable estimates of P2P traffic require examination of packet payload, a methodological land mine from legal, privacy technical, logistic, and fiscal perspectives. Indeed, access to user payload is often rendered impossible by one of these factors, inhibiting trustworthy estimation of P2P growth and dynamics. Despite various methods such as port-based and signature-based techniques, it still dose not satisfy the method which uses both qualitative and quantitative aspects. In this paper, a method using SVM mechanism which discriminate the P2P traffic from non-P2P traffics using differences between P2P and other application traffics is suggested. This is a systematic methodology to identify P2P networks, and without relying on packet payload.