• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.3
• /
• pp.602-608
• /
• 2014

Smartphones have become commonplace to use smart, BYOD (Bring Your Own Device) spread the trend of domestic WLAN use is intensifying as a result, the security threat will be greatly increased. Even though WLAN vendors such as Cisco Systems Inc,. Aruba networks released WIPS, MDM, DLP etc, however, these solutions can not be easily introduced for small business due to high cost or administrative reasons. In this paper, without the introduction of expensive H/W equipment, in WLAN environments, packet analysis, AP, Station management, security vulnerabilities can be analyzed by the proposed intrusion detection system.

• Nuclear Engineering and Technology
• /
• v.52 no.12
• /
• pp.2687-2698
• /
• 2020

Most of the machine learning-based intrusion detection tools developed for Industrial Control Systems (ICS) are trained on network packet captures, and they rely on monitoring network layer traffic alone for intrusion detection. This approach produces weak intrusion detection systems, as ICS cyber-attacks have a real and significant impact on the process variables. A limited number of researchers consider integrating process measurements. However, in complex systems, process variable changes could result from different combinations of abnormal occurrences. This paper examines recent advances in intrusion detection algorithms, their limitations, challenges and the status of their application in critical infrastructures. We also introduce the discussion on the similarities and conflicts observed in the development of machine learning tools and techniques for fault diagnosis and cybersecurity in the protection of complex systems and the need to establish a clear difference between them. As a case study, we discuss special characteristics in nuclear power control systems and the factors that constraint the direct integration of security algorithms. Moreover, we discuss data reliability issues and present references and direct URL to recent open-source data repositories to aid researchers in developing data-driven ICS intrusion detection systems.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.2
• /
• pp.95-101
• /
• 2019

Sensor application systems for remote monitoring and control are required, such as the establishment of databases and IoT service servers, to process data being transmitted and received through radio communication modules, controllers and gateways. This paper designs and implements database server, IoT service server, data processing middleware and IoT management system for IoT based services based on the controllers, communication modules and gateway middleware platform developed. For this, we firstly define the specification of the data packet and control code for the information classification of the sensor application system, and also design and implement the database as a separate server for data protection and efficient management. In addition, we design and implement the IoT management system so that functions such as status information verification, control and modification of operating environment information of remote sensor application systems are carried out. The implemented system can lead to efficient operation and reduced management costs of sensor application systems through site status analysis, setting operational information, and remote control and management.

• Journal of Broadcast Engineering
• /
• v.14 no.5
• /
• pp.561-572
• /
• 2009

In this paper, we propose an efficient layer-separable PES packetization and processing scheme for DVB-S2 satellite broadcasting service based on SVC video. Unlike the conventional single layer-based video coding such as MPEG-2, MPEG-4 and H.264, SVC can combine numerous number of video layers, which are aggregated to a single bitstream. Therefore, it is necessary to devise a new PES packetization scheme that can efficiently separate multiple video layers of SVC. In order to combine the layered characteristics of the SVC video and the robust channel coding capability of LDPC (Low Density Parity Check) of DVB-S2 for unequal error protection, we propose an efficient PES packetization in the transmitter side and PES packet processing scheme in the receiver side of DVB-S2. We prove the effectiveness of the proposed scheme in terms of processing speed and time delay required for processing of the separated layers of SVC video in the satellite broadcasting service.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.17 no.10 s.113
• /
• pp.943-952
• /
• 2006

The OFDM system is very good for the high data rate communication system. However, OFDM system has a high PAPR problem. This makes the OFDM signal distorted through the nonlinear HPA(High Power Amplifier). To solve this problem, generally, simple PAPR reduction methods have been considered. However, in this paper, we introduce IMD reduction method instead of PAPR. PAPR is the signal property and the IMD is signal component of the HPA output, which degrades the communication quality. So, instead of PAPR we want to use the IMD reduction method. This is to transmit a signal with the smallest distortion by considering the third order nonlinearity when the data is recovered. We use the TR method that was proposed for the PAPR reduction and we find out the BER performance of two methods. As results, we show that the IMD reduction method improves better BER performance than the PAPR reduction.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.47 no.1
• /
• pp.171-184
• /
• 2010

In this work, we develop a novel channel power allocation method for the real-time multimedia over the wireless network environment. Since each frame has different effect on the user perceivable QoS, improving packet loss does not necessarily coincide with perceivable improvements in QoS. A new channel power control scheme is suggested based on the quantified importance of each frame in terms of user perceivable QoS. Dynamic programming formulation is used to obtain optimal transmit power which minimizes power consumption and maximizes user perceivable QoS simultaneously. The experiment is performed by using publicly available video clips. The performance is evaluated using network simulator version 2 (NS 2) and decoding engine is embedded at the client node, and calculated PSNR over the every frame transmitted. Through the semantics aware power allocation (SAPA) scheme, significant improvement on the QoS has been verified, which is the result of unequal protection to more important packets. SAPA scheme reduced the loss of I frame by upto 27% and reduced power consumption by upto 19% without degradation on the user perceivable QoS.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.4
• /
• pp.425-434
• /
• 2010

This study shows a limit to attacks that the prevention system, which is used as the mutual third aggressive packet path between open heterogeneous networks and applies prevention techniques according to the trace like IP tracking and attack methods, can prevent. Therefore, the study aims to learn information of constant attack routing protocol and of the path in network, the target of attack and build a database by encapsulating networks information routing protocol operates in order to prevent source attack paths. In addition, the study is conducted to divide network routing protocols developed from the process of dividing the various attack characters and prevent various attacks. This study is meaningful in that it analyzes attack path network and attacks of each routing protocol and secure exact mechanism for prevention by means of 3D-Puzzle, Path, and Cube of the integrated security system which is an implementation method of integrated information protection for access network defense.

• The KIPS Transactions:PartC
• /
• v.12C no.4 s.100
• /
• pp.503-510
• /
• 2005

With the increasing importance of network protection from cyber threats, it is requested to develop a multi-gigabit rate pattern matching method for protecting against malicious attacks in high-speed network. This paper devises a high-speed pattern matching algorithm with TCAM by using an m-byte jumping window pattern matching scheme. The proposed algorithm significantly reduces the number of TCAM lookups per payload by m times with the marginally enlarged TCAM size which can be implemented by cascading multiple TCAMs. Due to the reduced number of TCAM lookups, we can easily achieve multi-gigabit rate for scanning the packet payload. It is shown by simulation that for the Snort nile with 2,247 patterns, our proposed algorithm supports more than 10 Gbps rate with a 9Mbit TCAM.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.5
• /
• pp.925-933
• /
• 2003

Network is expected to be developed into optical Internet network collected IP layer and optical layer, but GMPLS is risen at the transitional evolution stage because of the present technology level. GMPLS that MPLS is extended and generalized is able to support not only the packet switching device but also the devices which perform switching in time, wavelength, and space domain. To implement the common control plane to these various switching types, GMPLS extends the existing MPLS signaling and routing protocol. In this paper, we describe the overview of GMPLS technology, and then we will refer to the OSPF(Open Shortest Path First), which was used to exchange the status information of link, as the plan of routing extension to exchange the information of various link type, bandwidth, link protection type etc. And also, we describe the definition of new protocol, so called, LMP that is a signaling protocol for solving complex problem which manages hundreds and thousands of links between two nodes. And we will examine and analyze the plan of signaling protocol extension to apply signaling protocol RSVP-TE(Resource Reservation Protocol) for traffic engineering in MPLS to network, and the message objects and formats associated with modified RSVP.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.6A
• /
• pp.484-493
• /
• 2009

For the flexible frequency utilization, cognitive radio technique has been prominently considered. The most important requirement in cognitive radio networks is to protect the communications of primary users. Spectrum sensing task by secondary users should be seriously considered in cognitive radio networks, since the spectrum sensing process makes their current quality of service worse. In this paper, we propose the channel sensing scheduling method that keeps the requirements for protecting the primary and guarantee the secondary user's quality of service as possible. The quality of service of secondary user is analyzed in terms of packet delay and loss while the protection-requirements in terms of sensing interval and sensing time predefined. In numerical analysis, we can get appropriate parameters which guarantee QoS in various environment. And simulation results show that this method can improve the performance, delay and the number of transmitted packets against consecutive sensing method.