• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.37-48
• /
• 2008

VoIP service is a transmission of voice data using SIP protocol on IP based network, The SIP protocol has many advantages such as providing IP based voice communication and multimedia service with cheap communication cost and so on. Therefore the SIP protocol spread out very quickly. But, SIP protocol exposes new forms of vulnerabilities on malicious attacks such as Message Flooding attack and protocol parsing attack. And it also suffers threats from many existing vulnerabilities like on IP based protocol. In this paper, we propose a new Virtual Proxy Server system in front of the existed Proxy Server for anomaly detection of SIP attack and stateful management of SIP session with enhanced security. Based on stateful virtual proxy server, out solution shows promising SIP Message Flooding attack verification and detection performance with minimized latency on SIP packet transmission.

• Journal of Communications and Networks
• /
• v.12 no.1
• /
• pp.52-66
• /
• 2010

Since large objects consume substantial resources, web proxy caching incurs a fundamental trade-off between performance (i.e., hit-ratio and latency) and overhead (i.e., resource usage), in terms of caching and relaying large objects to users. This paper investigates how and to what extent the current dedicated-server based web proxy caching scheme is affected by large file transfers in a high bandwidth campus network environment. We use a series of trace-based performance analyses and profiling of various resource components in our experimental squid proxy cache server. Large file transfers often overwhelm our cache server. This causes a bottleneck in a web network, by saturating the network bandwidth of the cache server. Due to the requests for large objects, response times required for delivery of concurrently requested small objects increase, by a factor as high as a few million, in the worst cases. We argue that this cache bandwidth bottleneck problem is due to the fundamental limitations of the current centralized web proxy caching model that scales poorly when there are a limited amount of dedicated resources. This is a serious threat to the viability of the current web proxy caching model, particularly in a high bandwidth access network, since it leads to sporadic disconnections of the downstream access network from the global web network. We propose a peer-to-peer cooperative web caching scheme to address the cache bandwidth bottleneck problem. We show that it performs the task of caching and delivery of large objects in an efficient and cost-effective manner, without generating significant overheads for participating peers.

• Journal of Internet Computing and Services
• /
• v.10 no.2
• /
• pp.15-28
• /
• 2009

This paper proposes HWbF(Hit and WLC based Firewall) design which consists of an PFS(Packet Filter Station) and APS(Application Proxy Station). PFS is designed to reduce bottleneck and to prevent the transmission delay of them by distributing packets with PLB(Packet Load Balancing) module, and APS is designed to manage a proxy cash server by using PCSLB(Proxy Cash Server Load Balancing) module and to detect a DoS attack with packet traffic quantity. Therefore, the proposed HWbF in this paper prevents packet transmission delay that was a drawback in an existing Firewall, diminishes bottleneck, and then increases the processing speed of the packet. Also, as HWbF reduce the 50% and 25% of the respective DoS attack error detection rate(TCP) about average value and the fixed critical value to 38% and 17%. with the proposed expression by manipulating the critical value according to the packet traffic quantity, it not only improve the detection of DoS attack traffic but also diminishes the overload of a proxy cash server.

• Proceedings of the IEEK Conference
• /
• 2002.07a
• /
• pp.121-124
• /
• 2002

The proxy mechanism widely used in WWW systems offers low-delay data delivery by means of "proxy server". By applying the proxy mechanisms to the video streaming system, we expect that high-quality and low-delay video distribution can be accomplished without introducing extra load on the system. In addition, it is effective to adapt the quality of cached video data appropriately in the proxy if user requests are diverse due to heterogeneity in terms of the available bandwidth, end-system performance, and user′s preferences on the perceived video quality. We have proposed proxy caching mechanisms to accomplish the high-quality and highly-interactive video streaming services. In our proposed system, a video stream is divided into blocks for efficient use of the cache buffer. The proxy server is assumed to be able to adjust the quality of a cached or retrieved video block to the request through video filters. In this paper, to verify the practicality of our mechanisms, we implemented them on a real system and conducted experiments. Through evaluations from several performance aspects, it was shown that our proposed mechanisms can provide users with a low-latency and high-quality video streaming service in a heterogeneous environment.

• Journal of KIISE
• /
• v.43 no.9
• /
• pp.1052-1059
• /
• 2016

A key role in cloud computing systems that is becoming an issue is implementing a database on untrusted cloud servers requiring the complexity of key management. This study proposes a key management system using Self Proxy Servers to minimize key executions and improve the performance of cloud services by generating Self-Creating Algorithms where the data owner is not directly concerned with related keys when a user sends an encrypted database a query. The Self Proxy Server supports active and autonomous key managements as a distributed server if any trouble should arise from a cloud key server and for an efficient cloud key management. Therefore, the key management system provides secure cloud services by supporting confidentiality of a cloud server database.

• Journal of Ubiquitous Convergence Technology
• /
• v.2 no.1
• /
• pp.1-11
• /
• 2008

An effective solution to the problems caused by the explosive growth of World Wide Web is a web caching that employing an additional server, called proxy cache, between the clients and main server for caching the popular web objects near the clients. However, a single proxy cache can easily become the bottleneck. Deploying groups of cooperative caches provides scalability and robustness by eliminating the limitations caused by a single proxy cache. Two common architectures to implement the cooperative caching are hierarchical and distributed caching systems. Unfortunately, both architectures suffer from performance limitations. We propose an efficient hybrid caching architecture eliminating these limitations by using both the hierarchical and same level caches. Our performance evaluation with our investigated simulator shows that the proposed architecture offers the best of both existing architectures in terms of cache hit rate, the number of query messages from clients, and response time.

• Journal of information and communication convergence engineering
• /
• v.13 no.1
• /
• pp.15-20
• /
• 2015

The limited battery power in the mobile environment, lack of sufficient wireless bandwidth, limited resources of mobile terminals, and frequent breakdowns of the wireless network have become major hurdles in the development of mobile cloud computing (MCC). In order to solve the abovementioned problems, This paper propose a proxy-based MCC framework by adding a proxy server between mobile devices and cloud services to optimize the access to cloud services by mobile devices on the network transmission, application support, and service mode levels. Finally, we verify the effectiveness of the developed framework through an experimental analysis. This framework can ensure that mobile users have efficient access to cloud services.

• The KIPS Transactions:PartD
• /
• v.10D no.1
• /
• pp.153-160
• /
• 2003

Recently, deployments of firewalls and NATs ire increasing to provide network security features or to solve the problem of public IP shortage. But, in these environments, peers in different firewall or NAT environments may get limited services because they cannot open direct communicate channels. This can be a significant problem in pure P2P environments where the peers should get or provide services by opening direct channels among themselves. In this paper, we propose a scheme for dynamically selecting a peer that fan be used as a proxy server. The proxy server supports the communication between the peers in different firewall or NAT environments. The proposed scheme is operating system independent and supports bidirectional communication among the peers in P2P environments. Additionally, the proposed scheme can distribute network traffic by dynamically allocating proxy servers to the peers that is not located in the firewall or NAT environments.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.875-879
• /
• 2002

CPL is a technique that serves various additional service in Internet telephony such as call forwarding, call blocking etc. IETF IPTEL working group developed this CPL standard. Users could request various additional services such as call forwarding, call blocking etc. by registering XML scripts to location servers. This paper would describe the design and the implementation skill of SIP proxy server that support these improved functionalities in detail. SIP registrar and SIP proxy server are designed and implemented in Linux platform because this platform serves fast and low cost development environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.10 no.2
• /
• pp.43-54
• /
• 2000

C. Gamage 등은 M. Mambo 의 대리 서명 방시과 Y. Zheng의 signcryption 방식을 이용하여 사용자가 상대 적으로 계산 능력이 뛰어난 서버에 의존하여 암호화 및 서명을 생성할 수 있는 proxy-signcryption 방식을 제안하였다 그러나 그들이 제안한 방식을 실제 응용에 적용할 경우 사용자가 proxy agent를 대신하여 정당한 proxy-signcryption을 생성할 수 있을 뿐만아니라 자신이 전송한 메시지에 대해 부인하는 경우 리를 판단할 수 없으므로 proxy agent를 보호 할 수 없다는 문제점이 있다 따라서 본 논문에서는 대리인 보호형 대리 서명 방식과 N. Asokan 의 S3(Server Supported Signnatures)를 이용하여 proxy agent를 보호할 수 있고 송신자 부인 봉쇄를 제공하여 실제 응용에 적용할 수 있는 proxy-signcryption 방식을 제안하고자 한다. 또한 본 논문에서 제안하는 proxy-signcryption 방식은 한국형 디지털 서명 표준안인 KCDSA(Korean Certificate-based Digital Signature Algorithm)를 이용한다.