• Journal of Advanced Information Technology and Convergence
• /
• v.9 no.1
• /
• pp.1-10
• /
• 2019

In recent years, information collection of attacks through stealth port scanning technology has become more sophisticated. The most commonly used Nmap port scanner supports a variety of stealth scanning technologies along with the existing scanning techniques. Nmap also supports Idle scan that is different from conventional stealth scans. This is a more sophisticated stealth scan technique by applying the SYN scan and ACK scan techniques. In previous studies, the detection of Idle scanning was on zombie system, but was not on victim system. In this paper, we propose an effective detection method of Idle scan on victim system. The Idle scanning is composed of two stages; they are probing the zombie and victim system and scanning the victim system. We analyzed the characteristics of the two stages. The characteristics, we captured, are that SYN and RST packets are different from normal packet. We applied them to detection method, then Idle scanning is detected effectively.

• Journal of Korea Multimedia Society
• /
• v.16 no.8
• /
• pp.954-961
• /
• 2013

To enhance the efficiency of network, content-centric networking (CCN), one of future Internet architectures, allows network nodes to temporally cache transmitted contents and then to directly respond to request messages which are relevant to previously cached contents. Also, since CCN uses a hierarchical content-name, not a host identity like source/destination IP address, for request/response packet routing and CCN request message does not include requester's information for privacy protection, contents-providers/ network nodes can not identify practical requesters sending request messages. So to send back relevant contents, network nodes in CCN records both a request message and its incoming interfaces on Pending Interest Table (PIT). Then the devices refer PIT to return back a response message. If PIT is exhausted, the device can not normally handle request/response messages anymore. Hence, it is needed to detect/react attack to exhaust PIT. Hence, in this paper, we propose improved detection/reaction schemes against attacks to exhaust PIT. In practice, for fine-grained control, this proposal is applied to each incoming interface. Also, we propose the message framework to control attack traffic and evaluate the performance of our proposal.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.233-241
• /
• 2004

In this paper, we propose a packet-lossless fast rerouting scheme at a link/node fault in MPLS (Multiprotocol Label Switching) network with minimized accumulated buffer delay problem at ingress node. The proposed scheme uses a predefined, alternative LSP (Label Switched Path) In order to restore user traffic. We propose two restoration approaches. In the first approach, an alternative LSP is initially allocated with more bandwidth than the protected working LSP during the failure recovery phase. After the failure recovery, the excessively allocated bandwidth of the alternative LSP is readjusted to the bandwidth of the working LSP. In the second approach, we reduce the length of protected working LSP by using segment-based restoration. The proposed approaches have merits of (ⅰ) no buffer delay problem after failure recovery at ingress node, and (ⅱ) the smaller required buffer size at the ingress node than the previous approach.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.4
• /
• pp.155-162
• /
• 2013

Routing protocol in ad hoc mobile networking has been an active research area in recent years. However, the environments of ad hoc network tend to have vulnerable points from attacks, because ad hoc mobile network is a kind of wireless network without centralized authentication or fixed network infrastructure such as base stations. Also, existing routing protocols that are effective in a wired network become inapplicable in ad hoc mobile networks. To address these issues, several secure routing protocols have been proposed: SAODV and SRPTES. Even though our protocols are intensified security of networks than existing protocols, they can not deal fluidly with frequent changing of wireless environment. Moreover, demerits in energy efficiency are detected because they concentrated only safety routing. In this paper, we propose an energy efficient secure routing protocol for various ad hoc mobile environment. First of all, we provide that the nodes distribute security information to reliable nodes for secure routing. The nodes constitute tree-structured with around nodes for token escrow, this action will protect invasion of malicious node through hiding security information. Next, we propose multi-path routing based security level for protection from dropping attack of malicious node, then networks will prevent data from unexpected packet loss. As a result, this algorithm enhances packet delivery ratio in network environment which has some malicious nodes, and a life time of entire network is extended through consuming energy evenly.

• Journal of Convergence Society for SMB
• /
• v.6 no.2
• /
• pp.31-36
• /
• 2016

Sniffing attack is a passive attack which is reassembling packets to collect personal information, bank accounting number, and other important information. Sniffing attack happens in LAN and uses promiscuous mode which is opening filtering by pass all packets in LAN, attackers could catch any packets in LAN, so they can manipulate packets. They are Switch Jamming, Port mirroring, ARP Redirect, and ICMP Redirect attack. To defend these attacks, I proposed to use SSL packet encryption, reconfiguration of switching environment, DNS, and decoy method for defending all kinds of Sniffing attacks.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.42 no.11
• /
• pp.21-26
• /
• 2005

We propose a fully converged Ethernet and TDM transport system. Developed Ethernet and TDM convergence system can support not only L2 VPN service and premium multimedia service based on MPLS protocol but also TDM leased line service, simultaneously. Developed convergence system can provide high reliability for Ethernet packet due to support protection and restoration function of circuit based networks. Evaluation for Ethernet and TDM path was successfully performed to show the typical application of the proposed system in the legacy networks.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.207-216
• /
• 2004

IPsec protocol has been developed to provide security services to Internet. Recently IPsec is implemented on the various operating systems Hence, it is very important to evaluate the stability of the Ipsec protocol as well as other protocols that provide security services. However, there has been little effort to develop the tools that require to evaluate the stability of IPsec protocols. Therefore, in this paper, we develope the security requirements and suggest a security evaluation system for the Internet packet protection protocols that provide security services at the If level that can be used to check if the security protocols Provide the claimed services correctly This system can be used as debugging tool for developing IPsec based security system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5200-5222
• /
• 2017

The separation of control plane and data plane in Software Defined Network (SDN) makes it flexible to control the network behavior, while also causes some inconveniences to the link failure recovery due to the delay between fail point and the controller. To avoid delay and packet loss, pre-defined backup paths are used to reroute the disrupted flows when failure occurs. However, it may introduce large overhead to build and maintain these backup paths and is hard to dynamically construct backup paths according to the network status so as to avoid congestion during rerouting process. In order to realize congestion aware fast link failure recovery, this paper proposes a novel method which installs multi backup paths for every link via source routing and per-hop-tags and spread flows into different paths at fail point to avoid congestion. We carry out experiments and simulations to evaluate the performance of the method and the results demonstrate that our method can achieve congestion aware fast link failure recovery in SDN with a very low overhead.

• The KIPS Transactions:PartB
• /
• v.16B no.2
• /
• pp.101-108
• /
• 2009

As content serviced for IP set-top boxes is streamed over IP network, the existing hacking tools for IP network can be used to capture the streamed content. Until recently, most of the content serviced on IP set-top boxes has been MPEG-2 TS. However, this content will be gradually moved to WMV, MPEG-4 or H.264 because of the relatively low compression efficiency and overhead of the TS packet. In this paper, we propose a DRM scheme other than WMRM for streamed WMV content. Our approach is to design a DRM scheme independent to the existing WMV streaming system. We also design this scheme in order to provide the feature for controlling the DRM processing time considering device performance. We verified it through the experiment.

• ETRI Journal
• /
• v.33 no.2
• /
• pp.155-162
• /
• 2011

The scalable extension of the H.264/AVC video coding standard (SVC) demonstrates superb adaptability in video communications. Joint source and channel coding (JSCC) has been shown to be very effective for such scalable video consisting of parts of different significance. In this paper, a new JSCC scheme for SVC transmission over packet loss channels is proposed which performs two-dimensional optimization on the quality layers of each frame in a rate-distortion (R-D) sense as well as on the temporal hierarchical structure of frames under dependency constraints. To compute the end-to-end R-D points of a frame, a novel reduced trellis algorithm is developed with a significant reduction of complexity from the existing Viterbi-based algorithm. The R-D points of frames are sorted under the hierarchical dependency constraints and optimal JSCC solution is obtained in terms of the best R-D performance. Experimental results show that our scheme outperforms the existing scheme of [13] with average quality gains of 0.26 dB and 0.22 dB for progressive and non-progressive modes respectively.