• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.11a
• /
• pp.128-131
• /
• 2003

최근 인터넷을 대상으로 한 네트워크 공격의 공격 경향은 분산 환경에서 다수 공격자의 대규모 분산 서비스 거부 공격(DoS)의 출현 및 해외 해커들의 국내 전산망을 우회 루트로 활용한 사례의 증가 등 고도화된 불법 행위가 점차 벙죄의 강력한 수단으로 이용되는 추세에 있다. 본 논문은 기존 네트워크 노드기반의 침입탐지시스템에서 효율성과 사용자 편의성을 보완하기 위하여 자기 복제가 가능한 이동 에이전트를 적용하여 호스트 간 자율적인 이동을 통해 관리자에게 네트워크 모니터링을 제공하고 침입을 탐지하는 침입탐지시스템을 제안하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10c
• /
• pp.334-336
• /
• 2004

If Network에서 mobility의 보장은 효과적인 network 동작을 위해 중요하다. Mobile IP와 SIP를 사용할 경우 MH가 위치변경 시 마다 MH로부터 먼 곳에 위치할 가능성이 있는 MH의 Home network내 Home Agent나 Redirect Server에 registration을 수행해야 하는데 이 경우 이전 subnet에서 새로운 subnet으로의 registration이 완료되기 전까지는 correspondent node에 대한 연결성을 잃어 버리게 되어 이로 인해 발생되는 Packet 손실과 delay 생기게 된다. 이런 Registration Problem을 효과적으로 해결하기 위해 Presence System을 이용한 효율적인 network architecture를 제안한다.

• Annual Conference of KIPS
• /
• 2000.10b
• /
• pp.1079-1082
• /
• 2000

인터넷에서 호스트의 이동성을 지원해주기 위한 프로토콜인 Mobile IP 의 가장 근 문제점의 하나는 Triangle Routing Problem이며 이를 해결하기 위한 방안으로서 Route Optimization이 있다. 그러나, 이 방식은 Route Optimization 을 위해서 기존의 인터넷 호스트, 즉 Correspondent Node 가 Binding Cache를 유지하고, Encapsulation의 기능을 가져야 하고, Home Agent와 Security Association을 갖도록 변경이 불가피하다. 본 논문에서는 기존 인터넷 호스트에서의 변경을 필요로 하지 않는 새로운 Route Optimization 방안인 Backward-Compatible Route Optimization을 제시한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.12C
• /
• pp.225-232
• /
• 2001

In this paper, we describe a mechanism that supports the mobility service for VPN(Virtual Private Network) users on MPLS(Multiprotocol Label Switching) network. The MPLS VPN considered in this study is controlled by CE(Customer Edge) routers. In such a VPN, CE routers have additional functions to support mobile VPN users, i.e., Home Agent function, foreign Agent function, Correspondent Agent function. This mechanism is applied when a VPN node moves to other site of the saute VPN, or when it moves to other site of a different VPN, or to a non-VPN site. We perform a simulation study to compare the performance of CE based MPLS VPN with that of PE(Provider Edge) based MPLS VPN with mobility support.

• Journal of KIISE:Information Networking
• /
• v.34 no.2
• /
• pp.110-119
• /
• 2007

Mobile IPv6 (MIPv6) enables a mobile node (MN) to maintain its connectivity with a correspondent node (CN) while changing its point of attachment. In MIPv6, packets sent from a CN to a MN during handover are lost. Several mechanisms including FMIPv6 and HMIPv6 have been proposed in order to minimize packet loss. However, such mechanisms still suffer from performance degradation due to not only packet loss but also out-of-sequence packets. In this paper, we propose I-FHMIPv6 to resolve packet loss as well as the out-of-sequence packet problem. In I-FHMIPv6, the flush message is newly defined in order to notify a home agent (HA) or CN of the fact that the binding cache entry of a MN is about to be updated. A MN receiving the flush message can know that there is no more packets transmitted via the previous route, which resolve the out-of-sequence packet problem. Moreover, with the proposed mechanism, we can minimize packet loss by integrating FMIPv6 and HMIPv6 efficiently. I-FHMIPv6 is evaluated by performing simulations, and the simulation results show that I-FHMIPv6 outperforms FMIPv6 and HMIPv6.

• Journal of Internet Computing and Services
• /
• v.5 no.1
• /
• pp.25-32
• /
• 2004

Mobile computing environment makes it possible for computing activities to be maintained during movement even if a user changes its network point of attachment. Mobile IP is a standard protocol designed to be used in such mobile computing environment. However, Mobile IP has a drawback to incur a lot of handoff delays and waste network resources, since CoA(Care of Address) registration packets need to go through a HA(Home Agent) first whenever a mobile node moves. To solve this long-standing problem, this paper proposes a new scheme that, for infra-domain movement, efficiently performs local handoff without notifying the HA Specifically, based on the notion of load balance, the proposed scheme allows every FA(Foreign Agent) in a domain to become the root FA(also known as domain FA) dynamically, thus distributing the registration task into many other foreign agents. The dynamic root assignment through load balancing ultimately leads to fast network response due to less frequent transmission of registration packets.

• Journal of Internet Computing and Services
• /
• v.2 no.4
• /
• pp.41-53
• /
• 2001

Multi-distributed web cluster model built for high availability E-Business model exposes internal system nodes on its structural characteristics and has a potential that normal job performance is impossible due to the intentional prevention and attack by an illegal third party. Therefore, the security system which protects the structured system nodes and can correspond to the outflow of information from illegal users and unfair service requirements effectively is needed. Therefore the suggested distributed invasion detection system is the technology which detects the illegal requirement or resource access of system node distributed on open network through organic control between SC-Agents based on the shared memory of SC-Server. Distributed invasion detection system performs the examination of job requirement packet using Detection Agent primarily for detecting illegal invasion, observes the job process through monitoring agent when job is progressed and then judges the invasion through close cooperative works with other system nodes when there is access or demand of resource not permitted.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.2
• /
• pp.75-82
• /
• 2008

Mobile IP was proposed to overcome identity problem of original IP address system caused by mobility of wireless mobile host. To complete its network handoff procedure, it must receive a mobile advertisement broadcasted by mobile agent. Generally, in a mobile IP system, mean time delay, 500ms, in a network handoff procedure is a critical problem of wireless service such as Voip, multimedia streaming. A caching agent caches a latest mobile advertisement, and replays it by receiving solicitation message from a mobile node finishing link layer detection. But, during the procedure of mobile registration, many packets from service provider to the mobile host would be lost and handoff time delay would be increased. In this thesis, we propose an unproved caching agent technique which can forward data packets while handoff procedure, and CoA pool for fast mobile IP registration.

• Journal of Korea Multimedia Society
• /
• v.8 no.3
• /
• pp.372-378
• /
• 2005

When a mobile node changes a sub network using Mobile IP, it must register its current location to the home agent. If a mobile node is far from its home network, the Binding Update (BU) time delay is longer and affects its connection state. To solve such a BU delay problem, a new component in HMIPv6, called MAP, supports the mobility of mobile node to reduce the signaling delay in handover However, in hierarchical MAP architecture, the register concentration to a specific MAP may be occurred, which affects the network management wholly. In this paper, we propose a MAP selection scheme based on ioad balancing by the mobility factor and the traffic property. By the mobility factor and the traffic property, a mobile node can select a adequate MAP on its mobility factor and traffic characteristic.

• The KIPS Transactions:PartC
• /
• v.15C no.5
• /
• pp.391-398
• /
• 2008

To provide IPTV service over mobile networks, the mechanism that reduce packet loss and interrupt of multimedia service during the handover should be supported. Especially, buffering based mechanism is preferable for supporting IPTV services in the way of preserving streaming service using stored data and recovering non-received data after handover. But previous research doesn't consider the buffer allocation for applying various environments which can change handover time or end to end delay of relay node. This paper propose DBAHAJ mechanism that optimize buffer size of mobile nodes and relay node for supporting seamless IPTV service over mobile environments. Mobile node determines buffer size by checking handover time and maximum difference of sequence to keep playing video data. And multicast agent recovers packet loss during the handover by sending buffered data. By these two procedure, node supports seamless IPTV service on mobile networks. We confirm performance of this mechanism on NS-2 simulator.