• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2006.11a
• /
• pp.383-387
• /
• 2006

자기유사(self-similar)과정은 인터넷 트래픽을 보다 정확하게 분석하는데 꼭 필요한 확률과정이다. 본 연구는 계산이 간편하고 다양한 시간범위의 종속성을 반영할 수 있는 M/G/${\infty}$에 모형을 기반으로 하여 자기유사과정을 생성하는 방법을 채택하고 G를 파레토 분포로 표준화하여 적용 가능성을 다양하게 실험한다. 시뮬레이션에서 이산화를 매 단위시점으로 설정하지 않고 대기열에서의 도착, 이탈시점으로 설정하여 시뮬레이션의 속도를 높이고 보다 정확한 성능측정이 이루어지도록 시도한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 1999.11a
• /
• pp.326-330
• /
• 1999

인터넷의 민감한 트래픽 특성으로 인해 기존의 트래픽 모델링 분석법으로 최적화된 네트워크 환경을 구성하기에는 부족한 점이 많다. 본 논문에서는 트래픽의 버스트 특성을 정확히 예측하고 모델링 하기 위한 방법으로 자기 유사 특성에 대해 분석하고자 한다. 실제 인터넷 네트워크에서의 RTT(Round-Trip Time)를 측정함으로써 계층, 거리별 링크간의 LRD(Long-Range Dependence) 와 노드 큐의 특성, 자기유사성 정도를 구하고 측정된 데이터의 확률 분포를 통해 실제 트래픽의 특성에 대해 분석하였다

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.649-658
• /
• 2005

Since the Network based attack Is extensive in the real state of damage, It is very important to detect intrusion quickly at the beginning. But the intrusion detection using supervised learning needs either the preprocessing enormous data or the manager's analysis. Also it has two difficulties to detect abnormal traffic that the manager's analysis might be incorrect and would miss the real time detection. In this paper, we propose a traffic attributes correlation analysis mechanism based on self-organizing maps(SOM) for the real-time intrusion detection. The proposed mechanism has three steps. First, with unsupervised learning build a map cluster composed of similar traffic. Second, label each map cluster to divide the map into normal traffic and abnormal traffic. In this step there is a rule which is created through the correlation analysis with SOM. At last, the mechanism would the process real-time detecting and updating gradually. During a lot of experiments the proposed mechanism has good performance in real-time intrusion to combine of unsupervised learning and supervised learning than that of supervised learning.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.73-75
• /
• 2007

The Ad Hoc Network Interfaces has been tremendously useful in doing capacity planning and performance prediction. However, in many real-world cases. it has found that the predicted results form a queuing analysis differ substantially from the actual observed performance. Specially, in recent years, a number of studies have demonstrated that for some environments, the traffic pattern is self-similar rather than Poisson. In this paper, we study these Clustering characteristics and the definition of standadization processes.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.9B
• /
• pp.589-597
• /
• 2007

In this paper, a WDM metro ring consisting of access nodes with $FT-FR^n$ (Fixed Transmitter - n Fixed Receivers) is considered. A trade-off exists between node throughput and transmission fairness because the access nodes share wavelength channels. In order to eliminate the transmission unfairness and to increase throughput, the p-persistent medium access control (MAC) protocol is proposed: each node uses an empty optical slot to transmit a packet and make it available with the extraction of a transferred packet at the source access node, called source-stripping. The local empty slot can be used to transfer a head-of-line packet in the local buffer with probability p or it is used for the next downstream nodes with 1-p. The proposed MAC protocol provides better node throughput than the non-persistent protocol and exhibits better fairness index than the 1-persistent protocol in WDM ring networks. In addition, numerical analysis shows that the proposed MAC protocol maximizes the node throughput under uniform traffic conditions. For more detailed results, we use the network simulation under Poisson and self-similar traffic. Furthermore, unpredictable traffic constructed by the combination of the former and the latter is also considered. The reasonable probability of the p-persistent protocol for a given architecture can be determined through simulation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.8B
• /
• pp.667-680
• /
• 2008

In this work, we present the results of our empirical study on 802.11 wireless LAN network traffic. We collect the packet trace from existing campus wireless LAN infra-structure. We analyzed four different data sets: aggregate traffic, upstream traffic, downstream traffic, tcp only packet trace from aggregate traffic. We analyze the time series aspect of underlying traffic (byte count process and packet count process), marginal distribution of time series, and packet size distribution. We found that in all four data sets there exist long-range dependent property in byte count and packet count process. Inter-arrival distribution is well fitted with Pareto distribution. Upstream traffic, i.e. from the user to Internet, exhibits significant difference in its packet size distribution from the rests. Average packet size of upstream traffic is 151.7 byte while average packet size of the rest of the data sets are all greater than 260 bytes. Packets with full data payloads constitutes 3% and 10% in upstream traffic and the downstream traffic, respectively. Despite the significant difference in packet size distribution, all four data sets have similar Hurst values. The Hurst alone does not properly explain the stochastic characteristics of the underlying traffic. We model the underlying traffic using fractional-ARIMA (FARIMA) and fractional Gaussian Noise (FGN). While the fractional Gaussian Noise based method is computationally more efficient, FARIMA exhibits superior performance in accurately modeling the underlying traffic.

• Journal of Digital Contents Society
• /
• v.10 no.2
• /
• pp.357-365
• /
• 2009

To effectively exploit the underlying network bandwidth while maximizing user perceivable QoS, mandatory to make proper estimation on packet loss and queuing delay of the underling network. This issue is further emphasized in wireless network environment where network bandwidth is scarce resource. In this work, we focus our effort on developing performance model for wireless network. We collect packet trace from actually wireless network environment. We find that packet count process and bandwidth process in wireless environment exhibits long range property. We extract key performance parameters of the underlying network traffic. We develop an analytical model for buffer overflow probability and waiting time. We obtain the tail probability of the queueing system using Fractional Brown Motion (FBM). We represent average queuing delay from queue length model. Through our study based upon empirical data, it is found that our performance model well represent the physical characteristics of the IEEE 802.11b network traffic.

• ETRI Journal
• /
• v.24 no.4
• /
• pp.311-322
• /
• 2002

Presently, optical burst switching (OBS) technology is under study as a promising solution for the backbone of the optical Internet in the near future because OBS eliminates the optical buffer problem at the switching node with the help of no optical/electro/optical conversion and guarantees class of service without any buffering. To implement the OBS network, there are a lot of challenging issues to be solved. The edge router, burst offset time management, and burst assembly mechanism are critical issues. In addition, the core router needs data burst and control header packet scheduling, a protection and restoration mechanism, and a contention resolution scheme. In this paper, we focus on the burst assembly mechanism. We present a novel data burst generation algorithm that uses hysteresis characteristics in the queueing model for the ingress edge node in optical burst switching networks. Simulation with Poisson and self-similar traffic models shows that this algorithm adaptively changes the data burst size according to the offered load and offers high average data burst utilization with a lower timer operation. It also reduces the possibility of a continuous blocking problem in the bandwidth reservation request, limits the maximum queueing delay, and minimizes the required burst size by lifting up data burst utilization for bursty input IP traffic.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.10
• /
• pp.8-15
• /
• 2003

In this paper, we address how to provide absolute differentiated services for optical burst switching (OBS) networks based on dynamic wavelength assignment. Unlike existing quality of service (QoS), such as buffer-based and offset-time based scheme, our proposed dynamicvirtual lambda partitioning (DVLP) scheme does not mandate any buffer or extra offset time, but can achieve absolute service differentiation between classes. This new DVLP scheme shares wavelength resources based on several different priority of classes in an efficient and QoS guaranteed manner. The performance results show that the proposed scheme effectively guarantees a target blocking probability of each traffic classes both in Poisson and Self-similar traffic environment.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.3 s.357
• /
• pp.41-50
• /
• 2007

In this paper, a new Dual Round-Robin (DRR) based iterative SLIP (iSLIP) scheduling scheme, called DiSLIP is proposed for IP switching systems. By using DRR followed by iSLIP, DiSLIP can exploit desynchronization effect of DRR and high performance of iSLIP, while the drawbacks of two schemes are minimized. 'Through computer simulation, we verify the switch throughput and total waiting time of the proposed scheme under nonuniform and correlated self-similar traffic. Moreover, the proposed scheme can considerably reduce the complexity of parallel matching logics compared to iSLIP. From the result, we observe that the proposed scheme outperforms DRR on throughput as well as iSLIP schemes on complextiy.