• Journal of Scientific & Technological Knowledge Infrastructure
• /
• s.7
• /
• pp.128-133
• /
• 2001

본 논문에서는 DiffServ망의 EF PHB를 이용해 구현한 프리미엄 서비스를 UDP및 TCP 플로우에 적용하였을 때 나타나는 특성을 측정 및 분석함으로써, DiffServ망을 이용하여 고품질의 서비스를 제공받고자 하는 서비스 사용자에게 미치는 영향을 제시하였다.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.55-64
• /
• 2007

Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.

• Journal of KIISE:Information Networking
• /
• v.31 no.5
• /
• pp.469-481
• /
• 2004

Previous works for the AF(Assured Forwarding) service in the Diffserv network have no sufficient consideration on the fairness of bandwidth share based on RTTs, the target rates, and the impact of UDP against TCP. In this paper, in order to solve these problems, we propose a FDSA(Fair Differentiated Service Architecture) composed of TRA3CM(Target rate and RTT Aware 3 Color Marking) and TRBD(Target Rate Based Dropping) mechanisms. The TRA3CM and TRBD mechanisms provide three color marking and fair transmission rates among aggregate flows by considering RTT, target rate, and UDP flows simultaneously. In the results of comparing the performance among existing mechanisms and the TRA3CM-TRBD, the TRA3CM-TRBD mechanism was able to mitigate the RTT and UDP effect better than the former. The TRA3CM-TRBD is shown to provide good performance for transmission rates proportional to various target rates.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.423-432
• /
• 2011

Recently, OpenFlow has been paid attention to as a fundamental technology which provides a function of virtualization and programmability in network. In Korea, deployment of OpenFlow networks in campuses and the interconnection between them through tunneling in layer 3 has been performed. However, the performance of the interconnected networks is decreased due to delay in IP layer. In this paper, we design and deploy nation-wide, not local, OpenFlow networks in a pure layer 2 environment over KREONET. After that, we do end-to-end Round-trip Time measurements and TCP/UDP performance tests in OpenFlow and normal networks, and do comparison and analysis on the test results. The results show that the nation-wide OpenFlow networks provide equal performance to normal networks except for the initial packet loss for UDP streaming. In regards to the performance decrease due to early UDP packet loss, we can mitigate it by implementing exceptional procedures in a controller which deal with the same continuous "Packet_in" events.

• Proceedings of the Korean Institute of Communication Sciences Conference
• /
• 1996.06a
• /
• pp.862-865
• /
• 1996

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.1B
• /
• pp.86-100
• /
• 2004

To provide the end-to-end service differentiation for assured services, the random early demotion and promotion (REDP) marker in the edge router at each domain boundary monitors the aggregate flow of the incoming in-profile packets and demotes in-profile packets or promotes the previously demoted in-profile packets at the aggregate flow level according to the negotiated interdomain service level agreement (SLA). The REDP marker achieves UDP fairness in demoting and promoting packets through random and early marking decisions on packets. But, TCP fairness of the REDP marker is not obvious as for UDP sources. In this paper, to improve TCP fairness of the REDP marker, we propose a modified REDP marker where we combine a dropper, meters and a token filling rate configuration component with the REDP marker. To make packet transmission rates of TCP flows more fair, at the aggregate flow level the combined dropper drops incoming excessive in-profile packets randomly with a constant probability when the token level in the leaky bucket stays in demotion region without incoming demoted in-profile packets. Considering the case where the token level cannot stay in demotion region without the prior demotion, we propose a token filling rate configuration method using traffic meters. By using the token filling rate configuration method, the modified REDP marker newly configures a token filling rate which is less than the negotiated rate determined by interdomain SLA and larger than the current input aggregate in-profile traffic rate. Then, with the newly configured token filling rate, the token level in the modified REDP marker can stay in demotion region pertinently fir the operation of the dropper to improve TCP fairness. We experiment with the modified REDP marker using ns2 simulator fur TCP sources at the general case where the token level cannot stay in demotion region without the prior demotion at the negotiated rate set as the bottleneck link bandwidth. The simulation results demonstrate that through the combined dropper with the newly configured token filling rate, the modified REDP marker also increases both aggregate in-profile throughput and link utilization in addition to TCP fairness improvement compared to the REDP marker.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7B
• /
• pp.711-721
• /
• 2004

To provide the end-to-end service differentiation for assured services, the random early demotion and promotion (REDP) marker in the edge router at each domain boundary monitors the aggregate flow of the incoming in-profile packets and demotes in-profile packets or promotes the previously demoted in-profile packets at the aggregate flow level according to the negotiated interdomain service level agreement (SLA). The REDP marker achieves UDP fairness in demoting and promoting packets through random and early marking decisions on packets. But, TCP fairness of the REDP marker is not obvious as fur UDP sources. In this paper, to improve TCP fairness of the REDP marker, we combine a dropper with the REDP marker. To make packet transmission rates of TCP flows more fair, at the aggregate flow level the combined dropper drops incoming excessive in-profile packets randomly with a constant probability when the token level in the leaky bucket stays In demotion region without incoming demoted in-profile packets. It performs a dropping in the demotion at a domain boundary only if there is no prior demotion. The concatenate dropping at multiple domains is avoided to manifest the effect of a dropping at a domain boundary on TCP fairness. We experiment with the REDP marker with the combined dropper using ns2 simulator for TCP sources. The simulation results show that the REDP marker with the combined dropper improves TCP fairness in demoting and promoting packets by generating fair demoted in-profile traffic compared to the REDP marker. The effectiveness of the selected drop probability is also investigated with showing its impact on the performance of the REDP marker with the combined dropper.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.3 no.6
• /
• pp.575-596
• /
• 2009

Facing limited network resources such as bandwidth and processing capability, the Internet will have congestion from time to time. In this paper, we propose a scheme to maximize the total utility offered by the network to the end user during congested times. We believe the only way to achieve our goal is to make the scheme application-aware, that is, to take advantage of the characteristics of the application. To make our scheme scalable, it is designed to be class-based. Traffic from applications with similar characteristics is classified into the same class. We adopted the RED queue management mechanism to adaptively control the traffic belonging to the same class. To achieve the optimal utility, the traffic belonging to different classes should be controlled differently. By adjusting link bandwidth assignments of different classes, the scheme can achieve the goal and adapt to the changes of dynamical incoming traffic. We use the control theoretical approach to analyze our scheme. In this paper, we focus on optimizing the control on two types of traffic flows: TCP and Simple UDP (SUDP, modeling audio or video applications based on UDP). We derive the differential equations to model the dynamics of SUDP traffic flows and drive stability conditions for the system with both SUDP and TCP traffic flows. In our study, we also find analytical results on the TCP traffic stable point are not accurate, so we derived new formulas on the TCP traffic stable point. We verified the proposed scheme with extensive NS2 simulations.

• Journal of Internet Computing and Services
• /
• v.6 no.1
• /
• pp.1-12
• /
• 2005

Recently, the patterns of cyber attack through internet have been various and have become more complicated and thus it is difficult to detect a network intruder effectively and to response the intrusion quickly. Therefore, It is almost not possible to chase the real location of a network intruder and to isolate the Intruder from network in UDP based DoS or DDoS attacks spoofing source IP address and in TCP based detour connection attacks. In this paper, we propose active security architecture on active network to correspond to various cyber attacks promptly. Security management framework is designed using active technology, and security control mechanism to chase and isolate a network intruder is implemented. We also test the operation of the active security mechanism implemented on test_bed according to several attack scenarios and analyze the experiment results.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.20 no.10
• /
• pp.126-134
• /
• 2006

This paper describes the development of an embedded wireless LAN controller which can be in parallel operated with an existing utility controller. The embedded controller mainly consists of Prism(R) 2.5 chip set and Atmega 128 microcontroller. In order to communicate over the network, the controller including TCP/IP stack (IP, TCP, UDP, and ICMP), telnet, and X/Z modem has been developed. For a specific application, we have proposed an special method to convert data structure between TCP/IP and X/Z modem and a data buffer algorithm to minimize the RAM memory usage. Finally, the correctness and performance of the protocols are tested and verified using $CommView^{(R)}\;and\;DU^{(R)}$. The development is satisfactorily operated only for 3,381 bytes of RAM usage without sacrificing interoperability between hosts.