• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.3B
• /
• pp.152-158
• /
• 2008

Recently, DDoS (Distributed Denial of Service) attack has emerged as one of the major threats and it's main characteristic is to send flood of data packets toward a specific victim. Thus, several attack detection schemes which monitor the destination IP address of packets have been suggested. The existing Bloom Filter based attack detection scheme is simple and can support real-time monitoring. However, since this scheme monitors the separate fields of destination IP address independently, wrong detection is comparatively high. In this paper, in order to solve this drawback, an efficient Bloom Filter based destination address monitoring scheme is proposed, which monitors not only separate fields but also relationship among separate fields. In the results of simulation, the proposed monitoring scheme outperforms the existing Bloom Filter based detection scheme. Also, to improve the correctness of detection, multi-layerd structure is proposed and the correctness of result is improved according to the number of layers and extra tables.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.41-49
• /
• 2008

VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

• Journal of Digital Contents Society
• /
• v.8 no.4
• /
• pp.483-489
• /
• 2007

The high availability of information security system shall be primarily studied in relation to the Next Generation Network(NGN) Information Security infrastructure, because it is very important to maintain availability at each moment as a variety of intrusions occur continuously. The high availability of the security system can be realized with the topology and configuration properly defined to fully utilize the recovery function of the security system in the thoroughly planned optimized method. The active-active high availability on the NGN information security infrastructure system in is assured by letting the failover mechanism operate upon the entire structure through the structural design and the implementation of functions. The proposed method reduces the system overload rating due to trouble packets and improves the status of connection by SNMP polling trap and the ICMP transport factor by ping packet.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.1
• /
• pp.193-197
• /
• 2015

Recently, the new issues for the safety and the information delivery system in the ship are raised. The deployment and the efficient algorithms of deploying the wireless sensor networks instead of using the built-in wired networks or the setup of the new wired networks is more desirable than the deployment of the wired networks in a ship after its final production since it can reduce the cost and the time of the brand new wired networks by reshaping some of the internal structure of the ship. In this paper, the shipboard signal propagation measurement system based on the signature sequence-three way slave mode are designed and its measureed data are analysed after measuring the signal propagation characteristics. Consequently, it is expected that the reliable and cost-effective signal measurement system with the three way algorithm for the deployment of the shipboard wireless networks can be achieved.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.1
• /
• pp.183-186
• /
• 2015

Recently, the demand for the safety and the information delivery system in the ship increases. The deployment of the wireless sensor networks instead of using the built-in wired networks or the setup of the new wired networks is more desirable than the deployment of the wired networks in a ship after its final production since it can reduce the cost and the time of the brand new wired networks by deforming some of the internal structure of the ship. In this paper, the shipboard signal propagation measurement system based on the signature sequence-two way slave mode are designed and its measurement data are analysed after measuring the signal propagation characteristics. Consequently, it is expected that the reliable and cost-effective signal measurement system for the deployment of the shipboard wireless networks can be built.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.3
• /
• pp.482-488
• /
• 2009

Mobile Ad-hoc Networks provide communication without a centralized infrastructure, which makes them suitable for communication in disaster areas or when quick deployment is needed. On the other hand, they are susceptible to malicious exploitation and have to face different challenges at different layers due to its open Ad-hoc network structure which lacks previous security measures. Denial of service (DoS) attack is one that interferes with the radio transmission channel causing a jamming attack. In this kind of attack, an attacker emits a signal that interrupts the energy of the packets causing many errors in the packet currently being transmitted. In harsh environments where there is constant traffic, a jamming attack causes serious problems; therefore measures to prevent these types of attacks are required. The objective of this paper is to carry out the simulation of the jamming attack on the nodes and determine the DoS attacks in OPNET so as to obtain better results. We have used effective anomaly detection system to detect the malicious behaviour of the jammer node and analyzed the results that deny channel access by jamming in the mobile Ad-hoc networks.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.2
• /
• pp.296-304
• /
• 2010

MoIP is technology to transmit a variety of multimedia over IP, but compared to traditional voice services require greater bandwidth and radio resources in a wireless environment has already reached the limits. Therefore, as a way to resolve this issue for header compression is a lot of research. SCTP protocol header compression using ROHC-SCTP has been research, ROHC-SCTP packet structure of the ROHC algorithm with different types and, SCTP header compression to apply the characteristics of the poor performance of many of these have drawbacks. Therefore, in this paper to solve these problems better header compression algorithm was designed. In this paper, the proposed algorithm to evaluate the NS-2 simulation environment was modeled on the header compression operation. Evaluation results, the algorithm designed in this paper compared to ROHC-SCTP algorithms determine the overhead rate was low, the data types vary a lot better when the total header size was small.

• The KIPS Transactions:PartC
• /
• v.9C no.1
• /
• pp.65-72
• /
• 2002

In this paper, we implement a high-speed swatch tilth the function for label integration to enhance the expansion of networks using the label space of routers efficiently on MPLS over ATM networks. We propose an appropriate hardware structure to support the VC-merge function and differentiated services simultaneously. In this paper, we use the adaptive congestion control method such as EPD algorithm in carte that there is a possibility of network congestion in output buffers of each core LSR. In addition, we justify the validity of the proposed VC-merge method through simulation and comparison to conventional Non VC-merge methods. The proposed VC-merge capable switch is modeled in VHDL. synthesized, and fabricated using the SAMSUNG 0.5um SOG process.

• Journal of Broadcast Engineering
• /
• v.13 no.1
• /
• pp.34-42
• /
• 2008

This paper proposes the mechanism which improves the qualify of video on a limited network bandwidth by applying the ROI technique to an H.264 Scalable Extension technique. The network environment assumed in this parer is the next generation network convergence environment in which the mobile device has one or more network interfaces. Therefore, we allocate the priority to video packets as the hierarchy structure of H.264 SVC-encoded video stream and ROI information, and transmit those packets over appropriate network channel for using those multiple network interfaces. This paper shows two experiments first one is extracting and allocating the video stream on an appropriate network channel, second one is unequal packet transmission by allocated priorities (e.g. ROI). Performance evaluations show that this approach delivers an improved decoded video quality when compared with conventional transmission schemes, especially on device which has multiple network interfaces.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.235-242
• /
• 2005

As the demands in a wireless network are recently increasing, it is necessary to promote the power efficiency of a wireless terminal, and to reduce the overhead of a network. To resolve such problems, we propose the paging technology and the structure of paging area with the joint access point in HPi (High-speed Portable Internet) network, which is being studied as the domestic next-generation IP packet data network. The application of the paging technology to the HPi network possesses the advantage of reducing the registration cost while a terminal in dormant state moves around, and the reporting cost of the terminal's location by the joint access point. The technology suggested in this paper causes the advantages that it promotes the power efficiency in user's point of view while it reduces the network overhead and makes the easy rearrangement of joint APs according to the changes of users' moving pattern in the network manager's point of view.