• Title/Summary/Keyword: The Number of Router

Search Result 112, Processing Time 0.025 seconds

Design and Performance Evaluation for VPNs based (MPLS 기반 VPN 제공을 위한 설계 및 성능 분석)

  • Yu, Young-Eel;Chon, Byoung-Sil
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.39 no.7
    • /
    • pp.1-11
    • /
    • 2002
  • This paper proposes that an efficient routing entry sending method between routing controller FE. based on this method, we organize IP VPN support method based on MPLS network and design MPLS-VPN service control module, MPLS-VPN processing, VPN group configuration and LSP setup processing. We evaluate the performance about the VPN based on proposed MPLS, at the result of evaluation. We figure out that based on proposed IPC method, lost packets number reduces and delay increases more slowly in case of VPN based on MPLS comparing with the VPN based on ATM which has rapid delay increasement. Therefore we confirm that the VPN based on MPLS has high speed of packet processing and high utilization of buffers through the performance evaluation.

An Improved Model Design for Traceback Analysis Time Based on Euclidean Distance to IP Spoofing Attack (IP 스푸핑 공격 발생 시 유클리드 거리 기반의 트레이스 백 분석시간 개선 모델)

  • Liu, Yang;Baek, Hyun Chul;Park, Jae Heung;Kim, Sang Bok
    • Convergence Security Journal
    • /
    • v.17 no.5
    • /
    • pp.11-18
    • /
    • 2017
  • Now the ways in which information is exchanged by computers are changing, a variety of this information exchange method also requires corresponding change of responding to an illegal attack. Among these illegal attacks, the IP spoofing attack refers to the attack whose process are accompanied by DDoS attack and resource exhaustion attack. The way to detect an IP spoofing attack is by using traceback information. The basic traceback information analysis method is implemented by comparing and analyzing the normal router information from client with routing information existing in routing path on the server. There fore, Such an attack detection method use all routing IP information on the path in a sequential comparison. It's difficulty to responding with rapidly changing attacks in time. In this paper, all IP addresses on the path to compute in a coordinate manner. Based on this, it was possible to analyze the traceback information to improve the number of traceback required for attack detection.

Study of Mobile Code Security Service in Active Network Environment (액티브 네트워크 환경에서의 이동코드 보안서비스 제공에 관한 연구)

  • 한인성;김진묵;유황빈
    • Proceedings of the Korea Information Assurance Society Conference
    • /
    • 2004.05a
    • /
    • pp.29-34
    • /
    • 2004
  • As the number of internet users grows rapidly, the services which users required becomes various. However, for fulfilling these various user requirements, the existing passive network should be standardized for a long time. To resolve the delay on providing services, active network as a new technology was suggested. Its router or switch with DARPA as center has the program running ability, so user oriented network can be composed. However, active network's architecture can resolve the user required service using mobile code on the network node, but it is more complex, easy-to-attack, various than the passive network. Many researchers have tried to resolve this problem. So, this paper studied the mobile code security service in active network environment to provide user's convenience and accommodation, and introduced ANASP system as an alternative.

  • PDF

High Performance SoC On-chip-bus Architecture with Multiple Channels and Simultaneous Routing (다중 채널과 동시 라우팅 기능을 갖는 고성능 SoC 온 칩 버스 구조)

  • Lee, Sang-Hun;Lee, Chan-Ho
    • Journal of the Institute of Electronics Engineers of Korea SD
    • /
    • v.44 no.4
    • /
    • pp.24-31
    • /
    • 2007
  • Up to date, a lot of bus protocol and bus architecture are released though most of them are based on the shared bus architecture and inherit the limitation of performance. SNP (SoC Network Protocol), and hence, SNA (SoC Network Architecture) which are high performance on-chip-bus protocol and architecture, respectively, have been proposed to solve the problems of the conventional shared bus. We refine the SNA specification and improve the performance and functionality. The performance of the SNA is improved by supporting simultaneous routing for bus request of multiple masters. The internal routing logic is also improved so that the gate count is decreased. The proposed SNA employs XSNP (extended SNP) that supports almost perfect compatibility with AMBA AHB protocol without performance degradation. The hardware complexity of the improved SNA is not increased much by optimizing the current routing logic. The improved SNA works for IPs with the original SNP at its best performance. In addition, it can also replace the AMBA AHB or interconnect matrix of a system, and it guarantees simultaneous multiple channels. That is, the existing AMBA system can show much improved performance by replacing the AHB or the interconnect matrix with the SNA. Thanks to the small number of interconnection wires, the SNA can be used for the off-chip bus system, too. We verify the performance and function of the proposed SNA and XSNP simulation and emulation.

Implementation Of DDoS Botnet Detection System On Local Area Network (근거리 통신망에서의 DDoS 봇넷 탐지 시스템 구현)

  • Huh, Jun-Ho;Hong, Myeong-Ho;Lee, JeongMin;Seo, Kyungryong
    • Journal of Korea Multimedia Society
    • /
    • v.16 no.6
    • /
    • pp.678-688
    • /
    • 2013
  • Different Different from a single attack, in DDoS Attacks, the botnets that are distributed on network initiate attacks against the target server simultaneously. In such cases, it is difficult to take an action while denying the access of packets that are regarded as DDoS since normal user's convenience should also be considered at the target server. Taking these considerations into account, the DDoS botnet detection system that can reduce the strain on the target server by detecting DDoS attacks on each user network basis, and then lets the network administrator to take actions that reduce overall scale of botnets, has been implemented in this study. The DDoS botnet detection system proposed by this study implemented the program which detects attacks based on the database composed of faults and abnormalities collected through analyzation of hourly attack traffics. The presence of attack was then determined using the threshold of current traffic calculated with the standard deviation and the mean number of packets. By converting botnet-based detection method centering around the servers that become the targets of attacks to the network based detection, it was possible to contemplate aggressive defense concept against DDoS attacks. With such measure, the network administrator can cut large scale traffics of which could be referred as the differences between DDoS and DoS attacks, in advance mitigating the scale of botnets. Furthermore, we expect to have an effect that can considerably reduce the strain imposed on the target servers and the network loads of routers in WAN communications if the traffic attacks can be blocked beforehand in the network communications under the router equipment level.

Experimental Design of AODV Routing Protocol with Maximum Life Time (최대 수명을 갖는 AODV 라우팅 프로토콜 실험 설계)

  • Kim, Yong-Gil;Moon, Kyung-Il
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.17 no.3
    • /
    • pp.29-45
    • /
    • 2017
  • Ad hoc sensor network is characterized by decentralized structure and ad hoc deployment. Sensor networks have all basic features of ad hoc network except different degrees such as lower mobility and more stringent energy requirements. Existing protocols provide different tradeoffs among some desirable characteristics such as fault tolerance, distributed computation, robustness, scalability and reliability. wireless protocols suggested so far are very limited, generally focusing on communication to a single base station or on aggregating sensor data. The main reason having such restrictions is due to maximum lifetime to maintain network activities. The network lifetime is an important design metric in ad hoc networks. Since every node does a router role, it is not possible for other nodes to communicate with each other if some nodes do not work due to energy lack. In this paper, we suggest an experimental ad-hoc on-demand distance vector routing protocol to optimize the communication of energy of the network nodes.The load distribution avoids the choice of exhausted nodes at the route selection phase, thus balances the use of energy among nodes and maximizing the network lifetime. In transmission control phase, there is a balance between the choice of a high transmission power that lead to increase in the range of signal transmission thus reducing the number of hops and lower power levels that reduces the interference on the expense of network connectivity.

Design of Hybrid Parallel Architecture for Fast IP Lookups (고속 IP Lookup을 위한 병렬적인 하이브리드 구조의 설계)

  • 서대식;윤성철;오재석;강성호
    • Journal of the Institute of Electronics Engineers of Korea SD
    • /
    • v.40 no.5
    • /
    • pp.345-353
    • /
    • 2003
  • When designing network processors or implementing network equipments such as routers are implemented, IP lookup operations cause the major impact on their performance. As the organization of the IP address becomes simpler, the speed of the IP lookup operations can go faster. However, since the efficient management of IP address is inevitable due to the increasing number of network users, the address organization should become more complex. Therefore, for both IPv4(IP version 4) and IPv6(IP version 6), it is the essential fact that IP lookup operations are difficult and tedious. Lots of researcher for improving the performance of IP lookups have been presented, but the good solution has not been came out. Software approach alleviates the memory usage, but at the same time it si slow in terms of searching speed when performing an IP lookup. Hardware approach, on the other hand, is fast, however, it has disadvantages of producing hardware overheads and high memory usage. In this paper, conventional researches on IP lookups are shown and their advantages and disadvantages are explained. In addition, by mixing two representative structures, a new hybrid parallel architecture for fast IP lookups is proposed. The performance evaluation result shows that the proposed architecture provides better performance and lesser memory usage.

An Algorithm for Efficient use of Label Space over MPLS Network with Multiple Disconnent Timers (MPLS 망에서 복수 연결해제 타이머를 이용한 레이블 공간의 효율적 사용방법)

  • Lee, Sun-Woo;Byun, Tae-Young;Han, Ki-Jun;Jeong, Youn-Kwae
    • Journal of KIISE:Information Networking
    • /
    • v.29 no.1
    • /
    • pp.24-30
    • /
    • 2002
  • Label switching technology is currently emerging as a solution for the rapidly growing of Internet traffic demand. Multiprotocol label switching(MPLS) is one of the standards made by the Internet Engineering Task Force(IETE) intended to enhance speed, scalability, and inter-opearability between label switching technologies. In MPLS, utilization of label space is a very important factor of network performance because labels are basic unit in packet switching. We propose a algorithm to effectively use label space by a multiple disconnect timer at the label switching router. Our algorithm is based on multiple utilization of the connection release timer over the MPLS network with multiple domains. In our algorithm, a relatively linger timeout interval is assigned to the traffic with higher class by the aid of the packet classifier. This reduces delay for making a new connection and also reduces the amount of packets which will be routed to the layer 3. Simulation results shows that reduction of required label number in MPLS network and this indicate our algorithm offers better performance than the existing ones in term of utilization of label space.

A Route Shortening Mechanism for DSR protocol in Mobile Ad-Hoc Networks (이동 애드혹 네트워크에서 DSR 프로토콜을 위한 경로 축소 방법)

  • Ha, Eun-Yong
    • Journal of KIISE:Information Networking
    • /
    • v.34 no.6
    • /
    • pp.475-482
    • /
    • 2007
  • Mobile nodes in ad-hoc wireless networks play roles of router as well as host. Movement of nodes causes network topology changes, which make existing routing information be modified. Therefore many routing protocols for ad-hoc networks were suggested in the literature. In this paper, we suggest an enhanced automatic route shortening method for dynamic source routing(DSR) protocol. DSR is a request/response based protocol which has low routing overhead owing to node movement. The current automatic route shortening is performed on the only nodes which belong to the source route of packets. On the contrary, our suggested method allows all neighbor nodes hearing the packet to participate in automatic route shortening. It makes all possible route shortenings be performed. So we maintain maximal shortened routes of ongoing data connections. Simulation results with ns2 show that our method pays small extra protocol overhead for ARS, but increases the ratio of successful packet transmissions and the number of ARSs performed in our mechanism is from 2 to 5 times higher than in original ARS mechanism and therefore it will improve the network-wide energy consumption in wireless ad-hoc networks.

XSNP: An Extended SaC Network Protocol for High Performance SoC Bus Architecture (XSNP: 고성능 SoC 버스를 위한 확장된 SoC 네트워크 프로토콜)

  • Lee Chan-Ho;Lee Sang-Hun;Kim Eung-Sup;Lee Hyuk-Jae
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.33 no.8
    • /
    • pp.554-561
    • /
    • 2006
  • In recent years, as SoC design research is actively conducted, a large number of IPs are included in a system. Various bus protocols and bus architectures are designed to increase IP reusability. Among them, the AMBA AHB became a de facto standard although it is somewhat inadequate for a large scale SoC. We proposed SNP and SNA, high performance on-chip-bus protocol and architecture, respectively, to solve the problem of the conventional shared buses. However, it seems to be imperative that the new on-chip-bus system support AMBA-compatible IPs for a while since there are a lot of IPs with AMBA interface. In this paper, we propose an extended SNP specification and a corresponding SNA component to support ABMA-compatible IPs used in SNA - based system. We extend the phase of the SNP by 1 bit to add new 8 phases to support communication based on AMBA protocol without penalty of elongated cycle latency. The ARB-to -XSNP converter translates the protocol between AHB and SNP to attach AMBA -compatible IPs to SNA based system. We show that AMBA IPs can communicate through SNP without any degradation of performance using the extended SNP and AHB - to- XSNP converter.