• ETRI Journal
• /
• v.38 no.1
• /
• pp.18-29
• /
• 2016

In this paper, we discuss the issues of providing protection for point-to-multipoint connections in both Ethernet and MPLS-TP-based packet transport networks. We introduce two types of per-leaf protection-linear and ring. Neither of the two types requires that modifications to existing standards be made. Their performances can be improved by a collective signal fail mechanism proposed in this paper. In addition, two schemes - tree protection and hybrid protection - are newly proposed to reduce the service recovery time when a single failure leads to multiple signal fail events, which in turn places a significant amount of processing burden upon a root node. The behavior of the tree protection protocol is designed with minimal modifications to existing standards. The hybrid protection scheme is devised to maximize the benefits of per-leaf protection and tree protection. To observe how well each scheme achieves an efficient traffic recovery, we evaluate their performances using a test bed as well as computer simulation based on the formulae found in this paper.

• Journal of information and communication convergence engineering
• /
• v.14 no.4
• /
• pp.240-245
• /
• 2016

Scalable video streaming over wireless networks has many challenges. The most significant challenge is related to packet loss. To overcome this problem, in this paper, we propose an unequal loss protection (ULP) method using a new forward error correction (FEC) mechanism for robust scalable video streaming over wireless networks. For an efficient FEC assignment considering video quality, we first introduce a simple and efficient performance metric, the layer-based recovery rate (LRR), for quantifying the unequal error propagation effects of the temporal and quality layers on the basis of packet losses. LRR is based on the unequal importance in both the temporal and the quality layers of a hierarchical scalable video coding structure. Then, the proposed ULP-LRR method assigns an appropriate number of FEC packets on the basis of the LRR to protect the video layers against packet lossy network environments. Compared with conventional ULP algorithms, the proposed ULP-LRR algorithm demonstrates a higher performance for various error-prone wireless channel statuses.

• Journal of Korea Multimedia Society
• /
• v.18 no.1
• /
• pp.35-41
• /
• 2015

SDN(Software Defined Networking) has been considered as a new future computer network architecture and DDoS(Distributed Denial of Service) is the biggest threat in the network security. In SDN architecture, we present the technique to defend the DDoS SYN Flooding attack that is one of the DDoS attack method. First, we monitor the Backlog queue in order to reduce the unnecessary monitoring resources. If the Backlog queue of the certain server is occupied over 70%, the sFlow performs packet sampling with the server address as the destination address. To distinguish between the attacker and the normal user, we use the source address. We decide the SYN packet threshold using the remaining Backlog queue that possible to allow the number of connections. If certain sources address send the SYN packet over the threshold, we judge that this address is attacker. The controller will modify the flow table entry to block attack traffics. By using this method, we reduce the resource consumption about the unnecessary monitoring and the protection range is expanded to all switches. The result achieved from our experiment show that we can prevent the SYN Flooding attack before the Backlog queue is fully occupied.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.3-8
• /
• 2023

Multi-domain optical transport networks are not fundamentally interoperable and require an integrated orchestration mechanism and path provision mechanism at the entire network level. In addition, ensuring network survivability is one of the important issues. MPLS-TP (Multi-Protocol Label Switching-Transport Profile) defines various protection/recovery methods as standards, but does not mention how to calculate and select protection/recovery paths. Therefore, an algorithm that minimizes protection/recovery collisions at the optical circuit packet integrated network level and calculates and sets a path that can be rapidly protected/recovered over the entire integrated network area is required. In this paper, we proposed an algorithm that calculates and sets up a path that can be rapidly protected and restored in a T-SDN network composed of multiple ring-mesh topology.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2097-2100
• /
• 2003

Many studies have been done on secure operating system using secure kernel that has various access control policies for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policies like DAC(Discretionary Access Control), MAC(Mandatory Access Control), RBAC(Role Based Access Control), and so on. But, even if secure operating system is running under various access control policies, network traffic among these secure operating systems can be captured and exposed easily by network monitoring tools like packet sniffer if there is no protection policy for network traffic among secure operating systems. For this reason, protection for data within network traffic is as important as protection for data within local system. In this paper, we propose a secure operating system trusted channel, SOSTC, as a prototype of a simple secure network protocol that can protect network traffic among secure operating systems and can transfer security information of the subject. It is significant that SOSTC can be used to extend a security range of secure operating system to the network environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.11B
• /
• pp.1151-1168
• /
• 2009

Improving packet loss does not necessarily coincide with the improvement in user perceivable QoS because each frame carries different degree of importance. We propose Significance-aware packet scheduling (SAPS) to maximize user perceivable QoS. SAPS carries out two fundamental issues of packet scheduling: "What to transmit" and "When to transmit?" To adapt to the available bandwidth, it is necessarily to transmit the subset of the data packets if the entire set of packets can not be transmitted. "Packet Significance" quantifies the importance of the frame by elaborately incorporating frames' dependency. Greedy approach is used in selecting packets and transmission schedule is determined based on the Packet Significance. The proposed scheme is tested using publicly available MPEG-4 video clips. Decoding engine is embedded in the simulation software and user perceivable QoS is exposeed in termstermiSNR. Throughout the simulation based experiment, the performance of the proposed scheme is compared two other schemes: Size-based packet scheduling and Bit-rate based best effort packet scheduling. SAPS successfully incorporates the semantics of a packet and improves user perceivable QoS significantly. It successfully provides unequal protection to more important packets.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.10C
• /
• pp.950-958
• /
• 2007

This paper presents an efficient packet loss resilient scheme for real-time video transmission over the Internet. By analyzing the temporal and spatial dependencies in inter- and intra-frames, we assign forward error correction codes (FEC) across video packets for minimizing the effect of error concealment and error propagation from packet loss. To achieve optimal allocation of FEC codes, we formulate the effect of packet loss on video quality degradation as packet distortion model. Then we propose an unequal FEC assignment scheme with low complexity based on packet correction rate, which uses the packet distortion model and includes channel status information. Simulation results show that the proposed FEC assignment scheme gives substantial improvement for the received video quality in packet lossy networks. Furthermore the proposed scheme achieves relatively smaller degradation of video quality with higher packet loss rates.

• Convergence Security Journal
• /
• v.8 no.2
• /
• pp.57-62
• /
• 2008

In this paper, we suggest new fast recovery mechanism in RPR network, in case of node addition or removing by exterior attack. A RPR network recovery time is consist of two. Failure detecting time and reporting time are that. In this paper we propose fast recovery mechanism that can reduce each time. In a Legacy recovery mechanism, To report node's state, rpr node transmit protection messages. But interval of this protection messages increase exponentially. Thus A transmission failure of protection message cause delay of reporting of network state. Therefore we propose new node state reporting mechanism that put a node state in type b fairness message. And We also suggest fast failure detecting mechanism.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.9A
• /
• pp.1535-1541
• /
• 2001

TCP is the most widely-used transport layer protocol in current Internet, while ATM technology is used to increase the data communication speed at data link layer and network layer. In the TCP-over-ATM architecture, the most significant problems are (i) the partial packet discarding problem, and (ii) the TCP window timeout problem. Several approaches have been proposed to solve the partial packet discard problem and the timeout problem individually, but none of them considered the two problems together. In this paper, we propose an enhanced UBR+ scheme which supports fairness among the TCP connections using UBR+ scheme, and provides protection of damaged VC from the multiple packet losses in the same TCP sliding window. To analyze its performance, we simulate the proposed scheme using OPNET. The simulation results show that the proposed scheme supports fairness, and also increases the throughput by reducing the probability of multiple cell losses in the same TCP window.

• Journal of Communications and Networks
• /
• v.9 no.4
• /
• pp.377-382
• /
• 2007

This paper presents a new enhanced dynamic and multilayer protection(DMP) routing scheme that considers cooperation between packet and wavelength switching domain in order to minimize the resource consumption. The paper describes the architecture of the multilayer network scenario and compares the proposed algorithm with other routing mechanisms applying protection at the IP/multi-protocol label switching(MPLS) layer or at the optical layer. Simulation results show that DMP reduces the number of optical-electrical-optical(o-e-o) operations and makes an efficient use of the network resources compared to non-multilayer proposals.