• Journal of Korea Multimedia Society
• /
• v.13 no.8
• /
• pp.1212-1220
• /
• 2010

The technologies of domestic user programs are not enough to convert address convert information, which was collected via port redirection server, to user traffic. Generally traffic redirection technology is a special purpose technology for I/O traffic via network device. L4 switch needs various additional costs and devices to achieve this special purpose. To solve this problem, there appears need for a central management of control and monitoring by centralizing traffic at one position regardless of network structure and it is necessary to realize redirection function of switch at network layer. Therefore this study offer development of traffic central control system through protocol redirection of client-side.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.802-804
• /
• 2005

유비쿼터스 환경에 대한 관심과 휴대용 컴퓨팅 기기의 보급으로 가까운 미래의 사람들은 언제 어디서나 네트워크를 통해 데이터 접근이 가능하게 될 것이다. 특히 영화나 음악과 같은 멀티미디어 데이터의 폭발적인 증가로 인해 확장성 있는 네트워크 스토리지 시스템의 필요성이 부각되고 있다. SAN(Storage Area Network)은 높은 확장성과 빠른 속도를 제공하여 엔터프라이즈 환경에 적합한 스토리지 네트워크 시스템이다. 최근에 SAN 환경은 SCSI Architecture Model(SAM)의 표준으로 채택된 iSCSI를 이용한 IP기반의 SAN으로 옳겨가고 있다. 본 논문에서는 iSCSI 기반의 IP SAN환경에서 서비스 클라이언트가 증가함에 따라 스토리지 서버의 부하가 커지는 문제를 해결하기 위해 스토리지 디바이스에서 클라이언트로 데이터를 직접 전송하는 방안을 제안한다.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.1
• /
• pp.14-26
• /
• 2008

IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.1
• /
• pp.95-102
• /
• 2009

In 2006, Haddad, Krishnan and Soliman proposed a Cryptographically Generated Address based protocol as a standard for protecting HMIPv6. Though this protocol can provide both the strong message authentication and binding update key negotiation based on the public-key cryptography, it is still vulnerable to several attacks such as denial of service attacks and redirection attacks. This paper improves the problems caused by the protocol. The improved protocol is analyzed in terms of security and performance, and then is shown to be better than the previous one considering the two factors together.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.11
• /
• pp.173-178
• /
• 2011

In this paper, we propose an efficient seamless handover protocol in NEMO environment. Yokoda et al 4. proposed fast handover method with collaboration of access routers in local network and Teraoka et al. 1 showed fast handover method with collaboration of layers in mobile network. These methods can delay the time of overall binding update and increase packets loss when link of router is unstable because they transport packets through only one path or link of router. And they don't also mention redirection method of packets in their protocol in case of unstable link state of routers. The proposed protocol can execute fast binding update and reduce packets loss with collaboration of routers in mobile network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38A no.8
• /
• pp.688-696
• /
• 2013

In wireless sensor networks, real-time applications have to ensure the timely delivery of real-time data. Recently, OMLRP (On-demand Multi-hop Look-ahead Routing Protocol) has been proposed to improve the timeliness of wireless sensor networks. The protocol needs initialization time to establish multi-hop information based routing path because it performs incremental look-ahead of the information. Consequently, the protocol deteriorates DDSR (Deadline Delivery Success Ratio) as an event moves because it takes little consideration of event mobility. In this paper, we proposed a Real-time Routing for Events Mobility (RREM) which exploits a data redirection in order to improve the DDSR of moving events. Instead of recollecting muti-hop look-ahead information, the RREM redirects the data to a sensor node holding the information collected in a previous round. We verify the timeliness and energy efficiency of RREM using various MatLab simulations.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.2
• /
• pp.239-249
• /
• 2003

A lot many WWW sites are come into the world more and more as Web is considered as the unified Internet information tool. The location of each site or resource is usually specified by a physical URL, which is often too long to remember and tends to raise difficulty to show the aim of the site intuitively by seeing it. Since any person or organization can get his/her own domain name easily, it is more desirable to use a logical URL with the domain name which can be chosen more compact to remember and meaningful to represent the ultimate intention of the site. This paper presents an implementation of a URL forwarding server which forwards a URL to another, so that a WWW site can use a logical URL instead of a physical one. The server consists of a domain mapper which uses the redirection transaction of the HTTP protocol, and a name server based on the HIND. The paper shows how the interaction between the domain mapper and the name sever can make forwarding possible and describes its implementation in detail. Experimental results shows that the overhead incurred by URL forwarding is negligible compared to the typical delay of current Internet traffic condition.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.24 no.4
• /
• pp.25-32
• /
• 2010

The Supervisory Control and Data Acquisition Systems (SCADA) system provides monitoring, data gathering, analysis, and control of the equipment used to manage most infrastructure. The SCADA Network is implemented in a various manner for larger utilities, and multiple types of protocol and communication interfaces are used to network the control center to remote sites. The existing SCADA equipment and protocols were designed and implemented with availability and efficiency, and as a result security was not a consideration. So, performance, reliability, flexibility and safety of SCADA systems are robust, while the security of these systems is often weak. This makes some SCADA networks potentially vulnerable to disruption of service, process redirection, or manipulation of operational data that could result in public safety concerns and/or serious disruptions to the infrastructure. To reduce the risks, therefore, there is a need to have a security device such as cipher devices or cryptographic modules for security solutions. In this paper we develop an embedded cipher device for the SCADA equipment. This paper presents a cipher device designed to improve the security of its networks, especially in the serial communication.

• Convergence Security Journal
• /
• v.13 no.2
• /
• pp.155-163
• /
• 2013

Connection hijacking attack using the vulnerability of the TCP protocol to redirect TCP stream goes through your machine actively (Active Attack). The SKEY such as one-time password protection mechanisms that are provided by a ticket-based authentication system such as Kerberos or redirection, the attacker can bypass.Someone TCP connection if you have access on TCP packet sniffer or packet generator is very vulnerable. Sniffer to defend against attacks such as one-time passwords and token-based authentication and user identification scheme has been used. Active protection, but these methods does not sign or encrypt the data stream from sniffing passwords over insecure networks, they are still vulnerable from attacks. For many people, an active attack is very difficult and so I think the threat is low, but here to help break the illusion successful intrusion on the UNIX host, a very aggressive attack is presented. The tools available on the Internet that attempt to exploit this vulnerability, known as the recent theoretical measures is required. In this paper, we propose analysis techniques on a wireless network intruder detection.