• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.228-230
• /
• 2022

딥러닝 기반의 인공지능 기술이 발달함에 따라 이상 탐지 방법에도 딥러닝이 적용되었다. 네트워크 트래픽으로부터 요약 및 집계된 Feature 를 학습하는 방법과 Packet 자체를 학습하는 등의 방법이 있었다. 그러나 모두 정보의 제한적으로 사용한다는 단점이 있었다. 본 연구에서는 Http Request에 대한 사전학습 기반의 효과적인 이상 탐지 방법을 제안한다. 사전학습에 고려되는 토큰화 방법, Padding 방법, Feature 결합 방법, Feature 선택 방법과 전이학습 시 Numerical 정보를 추가하는 방법을 소개하고 각 실험을 통해 최적의 방법을 제안한다.

• The Journal of the Acoustical Society of Korea
• /
• v.29 no.1
• /
• pp.48-55
• /
• 2010

It has a falling off in speech quality, especially when consecutive packet loss occurs, even if a vocoder implemented in the packet network has its own packet loss concealment (PLC) algorithm. PLC algorithm is divided into transmitter and receiver algorithm. Algorithm in the transmitter gives superior quality by additional information. however it is impossible to provide mutual compatibility and it occurs extra delay and transmission rate. The method applied in the receiver does not require additional delay. However, it sets limits to improve the speech quality. In this paper, we propose a new method that puts extra information for PLC in a part of Extension Header Data which is not used in RTP Header. It can solve the problem and obtain enhanced speech quality. There is no extra delay occurred by the proposed algorithm because there is a jitter buffer to adjust network delay in a receiver. Extra information, 16 bits each frame for G.729 PLC, is allocated for MA filter index in LP synthesis, excitation signal, excitation signal gain and residual gain reconstruction. It is because a transmitter sends speech data each 20 ms when it transfers RTP payload. As a result, the proposed method shows superior performance about 13.5%.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.05c
• /
• pp.2257-2260
• /
• 2003

기존의 네트워크 기반의 IDS 는 쉘코드를 단순 매칭 함으로써 침입여부를 판별한다 이러한 방식은 알려진 공격에 대해서만 탐지할 수 있으며, 다형 쉘코드 및 IDS 우회 방법을 사용할 경우 탐지하지 못하는 문제점을 가진다. 따라서 본 논문에서는 Hidden Markov Model을 이용하여 자동화되고 효율적인 패킷 내용 기반의 침입 탐지기법을 제안한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.7
• /
• pp.1339-1346
• /
• 2015

The traffic identification is a preliminary and essential step for stable network service provision and efficient network resource management. While a number of identification methods have been introduced in literature, the payload signature-based identification method shows the highest performance in terms of accuracy, completeness, and practicality. However, the payload signature-based method's processing speed is much slower than other identification method such as header-based and statistical methods. In this paper, we first classifies signatures by matching type based on range, order, and direction of packet in a flow which was automatically extracted. By using this classification, we suggest a novel method to improve processing speed of payload signature-based identification by reducing searching space.

• Journal of Communications and Networks
• /
• v.14 no.5
• /
• pp.510-517
• /
• 2012

This paper analyzes the performance of voice-over-Internet protocol (VoIP) services in terms of the system throughput, the packet delay, and the signaling overhead in a mobile WiMAX system with a hybrid automatic repeat request (HARQ) mechanism. Furthermore, a queueing analytical model is developed with due consideration of adaptive modulation and coding, the signaling overhead, and the retransmissions of erroneous packets. The arrival process is modeled as the sum of the arrival rate at the initial transmission queue and the retransmission queue, respectively. The service rate is calculated by taking the HARQ retransmissions into consideration. This paper also evaluates the performance of VoIP services in a mobile WiMAX system with and without persistent allocation; persistent allocation is a technique used to reduce the signaling overhead for connections with a periodic traffic pattern and a relatively fixed payload. As shown in the simulation results, the HARQ mechanism increases the system throughput as well as the signaling overhead and the packet delay.

• Journal of Korea Multimedia Society
• /
• v.13 no.12
• /
• pp.1767-1777
• /
• 2010

In digital TV broadcasting, such as terrestrial, cable, satellite, and IPTV, the head-end of digital TV broadcasting has a more complicated transmission structure than that of analog TV broadcasting. Furthermore, digital TV broadcasting has a feature that supports multiplex models, such as Multiple Program Transport Stream (MPTS). Therefore, the purpose of our work was to design and examine a more efficient new system of emergency alert message transmission to support the digital TV broadcasting environments. Digital TV broadcasting is the IP generation or RF transmission of 8-VSB, QAM, and QPSK modulated through a multiplexer or re-multiplexer multiplexed stream as a MPEG-2 Transport Stream after content encoding. The new system proposed in this paper transmits an emergency alert message without scrambling after replacing the PID and payload of the -packet with the message prototype in the TS stream from the multiplexer. If we need to transmit an emergency alert message under digital TV broadcasting services, then the receiver first checks the PID of each packet in the TS stream for the emergency alert message. Next, if a packet is determined to be an emergency alert message, then the set-top box displays the message on the TV screen using its function of On Screen Display, or the PC based software displays the message on the monitor screen using its function of overlay with user interface if the packet is found to be an emergency alert message. We have designed an emergency alert message protocol and a system model. By experiments and analysis of the system, we concluded that the system achieved efficiency and the ability to send and receive emergency alert messages using the system under different digital TV broadcasting service environments.

• Journal of Advanced Navigation Technology
• /
• v.6 no.1
• /
• pp.77-83
• /
• 2002

The emergence of Bluetooth as a radio interface scheme has allowed electronic devices to be instantly interconnected as ad-hoc networks. These short range ad-hoc wireless networks are called piconets, operated in the unlicensed 2.45 GHz ISM(Industrial, Scientific, Medical) band where up to eight devices may be used to configure single or overlapping piconets. In this paper, we have simulated the PER(Packet Error Rate), the ratio of received packet and payload BER(Bit Error Rate) of piconet with packet types of Bluetooth ACL/SCO(Asynchronous Connection Less/Synchronous Connection Oriented) link over wireless ad-hoc environment. The Rayleigh fading effects are considered as channel model, and the simulation results are based on the baseband model of Bluetooth specification. From the simulation results, the PER and the throughput of Bluetooth piconet are sensibly affected by the packet type of ACL/SCO link.

• ETRI Journal
• /
• v.30 no.2
• /
• pp.183-193
• /
• 2008

In this paper, we propose quality of service mechanisms for flow-based routers which have to handle several million flows at wire speed in high-speed networks. Traffic management mechanisms are proposed for guaranteed traffic and non-guaranteed traffic separately, and then the effective harmonization of the two mechanisms is introduced for real networks in which both traffic types are mixed together. A simple non-work-conserving fair queuing algorithm is proposed for guaranteed traffic, and an adaptive flow-based random early drop algorithm is proposed for non-guaranteed traffic. Based on that basic architecture, we propose a dynamic traffic identification method to dynamically prioritize traffic according to the traffic characteristics of applications. In a high-speed router system, the dynamic traffic identification method could be a good alternative to deep packet inspection, which requires handling of the IP packet header and payload. Through numerical analysis, simulation, and a real system experiment, we demonstrate the performance of the proposed mechanisms.

• Proceedings of the KIEE Conference
• /
• 2005.10b
• /
• pp.41-43
• /
• 2005

PDA-based monitoring is used to acquire continuously the patient's vital signs, including electrocardiography, activity, heart rate and $SpO_2$. In this paper, A biomedical signal acquisition device was designed using 3-axial MEMS accelerometer and 1-ch ECG amplifier, to have the function of monitoring activity and electrocardiography. The proposed system is composed of transmitter and receiver. Through the Zigbee communication, subject's biosignals can be transmitted in real-time to receiver, and transmitted data confirmed using PDA. The packet size used in this device was set not to exceed a maximum payload size of 116 byte. One packet consists of two segments. The transmission speed was 21 packet per second, 420 ECG samples per second, and 42 acceleration samples per second. The proposed method can be used to develop Activities of Daily Living(ADL} monitoring devices for the elderly or movement impaired people and enables patients to be monitored without any constraints. Also, this method will reduce medical costs in the aged society.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.12
• /
• pp.95-102
• /
• 2005

This paper is purpose for improvement performance wireless lan of IEEE802.11a/b/g. Access point utilized a single server, multi-queuing system, FIFS system model to adapted priority multi-bufferto be alteration packet type. The main purpose of the paper improve the transmission rate and the performance of access point to settle transmission delay for load in MAC, has priority multi-buffer. We use experimentation to obtain our model of the access point and buffer-related parameters. Using our test design, we are able to extract the parameters of an analytic equation giving the average service time of a packet as a function of packer IP payload.