• Journal of the Korea Institute of Military Science and Technology
• /
• v.2 no.1
• /
• pp.159-169
• /
• 1999

Recently a firewall is being employed to protect hacking by controlling the traffics. The security services in the firewall include authentication, access control, confidentiality, integrity, and audit trail. A token is adapted for authentication to the firewall. A token has a small battery within which has restricted power capacity, This paper proposes a novel cost-effective firewall token for hacking protecting on transmission control protocol/internet protocol (TCP/IP) based network. This paper proposes a fast exponentiation method with a sparse prime that take a major operation for a public-key crypto-system and a major power consumption in the token. The proposed method uses much less amount of modular operations in exponentiation that is reduced of battery's capacity or CPU's price in the token.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2001.10a
• /
• pp.560-563
• /
• 2001

We made a HTTP server using 8 bit microprocessor. It was TMP84C015 which applied a 180 core and RTL8019AS was installed for an ethernet physical layer. Assembly language was used to optimize a performance of the MPU, to overcome an restriction of memory size and to maximize the throughput of packet using TCP, UDP, IP, ICMP and ARP protocol. We used LabVIEW to verified the each protocol on the client side.

• KSCI Review
• /
• v.15 no.1
• /
• pp.53-64
• /
• 2007

Avoid at damage systems in order to avoid own IP address exposure, and an invader does not attack directly a system in recent hacking accidents at these papers, and use Stepping stone and carry out a roundabout attack. Use network audit Policy and use a CIS, AIAA technique and algorithm, the Sleep Watermark Tracking technique that used Thumbprints Algorithm, Timing based Algorithm, TCP Sequence number at network bases, and Presented a traceback system at TCP bases at log bases, and be at these papers Use the existing algorithm that is not one module in a system one harm for responding to invasion technology develop day by day in order to supplement the disadvantage where is physical logical complexity of configuration of present Internet network is large, and to have a fast technology development speed, and presentation will do an effective traceback system.

• The KIPS Transactions:PartC
• /
• v.8C no.3
• /
• pp.345-350
• /
• 2001

IP 네트워크 상에 TCP 데이터 트래픽의 제공은 처리율과 공정성을 향상시키기 위해 특별한 기법이 필요하다. 여기에는 DT와 RED와 같은 많은 기법들이 제안되었다. RED 알고리즘은 폭주를 회피하고 적은 지연과 높은 처리율을 유지하기 위한 목적으로 제안되었다. 현재의 TCP/IP 환경에서 TCP 근원지는 Slow-Start 단계에 들어감으로써 드롭된 패킷에 반응하지만, 네트워크 이용률은 급속히 떨어진다. 폭주를 탐지하고, 이를 무작위로 선택된 연결에 통보하므로써 RED는 글로벌 동기화 및 공정성 문제를 유발한다. 본 논문에서는 성능을 향상시키기 위해 공정성을 유지하고, 글로벌 동기화 문제를 해결할 수 있는 능동적인 큐 관리 알고리즘을 제안한다. 제안된 알고리즘은 버퍼크기와 임계치 변화에 따른 goodput, 처리율, 공정성의 평가인자를 이용하여 기존의 기법인 DT, RED와 비교 분석을 수행하고, 제안된 기법의 타당성을 보인다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.6
• /
• pp.625-630
• /
• 2010

With regard to the examples of establishing various sorts of information security, it can be seen that there are gradual, developmental procedures including Firewall and VPN (Virtual Private Network), IDS (Intrusion Detection System), or ESM(Enterprise Security Management). Each of the security solutions and equipments analyzes both defense and attack for information security with the criteria of classifying the problems of security policies by TCP/IP layers or resulted from attack patterns, attack types, or invasion through specialized security technology. The direction of this study is to examine latency time vulnerable to invasion which occurs when L2-stratum or lower grade equipments or policies are applied to the existing network through TCP/IP layer's L3-stratum or higher grade security policies or equipments and analyze security holes which may generate due to the IP preoccupation in the process of establishing policies to limit particular IP area regarding the policies for security equipments to figure out technological problems lying in it.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.153-167
• /
• 2010

Traffic conditions, in particular number of active TCP flows, change dramatically over time. The main goal of this paper is an adaptive queue management algorithm that can maintain network state of high-throughput and low-delay under changing traffic conditions In this paper, we devise Probability Adaptive RED(PARED) that combines the more effective elements of recent algorithms with a RED core. It automatically adjusts its adaptive marking function to account for changes in traffic load and to keep queue length within the desired target queue length. We simulate that PARED algorithm results in under changes in traffic load and mixed traffic load. The simulation test confirm this stability, and indicate that overall performances of PARED are substantially better than the RED and ARED algorithms.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.9
• /
• pp.691-698
• /
• 2006

TCP/IP Offload Engine (TOE) is a technology that processes TCP/IP on a network adapter instead of a host CPU to reduce protocol processing overhead from the host CPU. There have been some approaches to implementing TOE: software TOE based on an embedded processor; hardware TOE based on ASIC implementation; and hybrid TOE in which software and hardware functions are combined. In this paper, we designed software modules and hardware modules for a hybrid TOE on an FPGA that had two processor cores. Software modules are based on the embedded Linux. Hardware modules are for data transmission (TX) and reception (RX). One core controls the TX path and the other controls the RX path of the Linux. This TX/RX path separation mechanism can reduce task switching overheads between processes and overcome poor performance of single embedded processor. Hardware modules deal with creating headers for outgoing packets, processing headers of incoming packets, and fetching or storing data from or to the host memory by DMA. These can make it possible to improve the performance of data transmission and reception. We proved performance of the TOE with separated transmission and reception paths by performing experiments with a TOE network adapter that was equipped with the FPGA having processor cores.

• Journal of Navigation and Port Research
• /
• v.27 no.3
• /
• pp.283-288
• /
• 2003

Recently, the growth of applications and services over high-speed Internet increases, ATM networks as wide area back-bone has been a major solution. As the conventional TCP/IP suite is still the standard protocol used to support upper application on current. Internet, the issues regarding whether TCP/IP will operate efficiently on top of an ATM infrastructure and how to control its QoS still remain for studies. TCP uses a window-based protocol for flow control in the transport layer. When TCP uses the UBR service in ATM layer, the control method is only buffer management. If a cell is discarded in ATM layer, one whole packet of TCP will be lost; this fact occur the most TCP performance degradation. Several dropping strategies, such as Tail Drop, EPD, PPD, SPD, FBA, have been proposed to improve the TCP performance over ATM. In this paper, to improve the TCP performance, we propose a packet dropping scheme that is based on comparison with EPD, SPD and FBA. Our proposed scheme is applied to schemes discussed in the previous technology. Our proposed scheme does not need to know each connection's mean packet size. When the buffer exceeds the given threshold, it is based on comparison between the number of dropped packet and the approved packet. Our results are reported and discussed for comparing these discarding schemes under similar conditions. Although the number of virtual channel (VC) is increased, the simulation results showed that the proposed scheme can allocate more fairly each VC than other scheme.

• Journal of Korea Multimedia Society
• /
• v.6 no.3
• /
• pp.481-487
• /
• 2003

Because XML is a W3C standard and has characteristics like platform-independent, it has a critical role in e-commerce. Business rules and Procedures should be standardized for efficient B2B integration. But a lot of companies are its own XML documents instead of standard documents. Therefore many organizations try to make standards for e-commerce based on framework. In this paper, we designed and implemented XML Messaging System based on TCP/IP protocols. This system are designed by module. Because, it is easy to extensibility of system. So we can more easily and efficiently build e-commerce system based on this XML messaging system.

• The Journal of the Korea Contents Association
• /
• v.10 no.8
• /
• pp.73-83
• /
• 2010

This paper investigates protocol architecture of a Web-ZigBee gateway for interconnecting TCP/IP-based networks and ZigBee/IEEE802.15.4-based wireless sensor networks. The Web-ZigBee gateway delivers data between the TCP/IP network and the ZigBee network. Since those two networks have different communication protocols, a protocol translation mechanism is needed. Herein, we propose a method to deliver query messages from the Internet to the sensor network and receive data from sensors. The protocol translation is performed in the translation layer that is placed above the two application layers, i.e., the Internet application layer and ZigBee application layer. Among various interfaces, we use CGI programming to take care of translation functions efficiently. The CGI manages query information from a client on the Internet and data from the ZigBee sensor network. Whereas the TCP/IP enabled sensor network overlays two heterogeneous communication protocols, overlaying layers increase the complexity and cost of implementing the sensor network. On the contrary, the sensors in our gateway-based system are not only light (because each communication protocol works independently without overlaying), but also efficient because the translation layer mostly alleviates header overloading.