• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.55-62
• /
• 2006

It is growing to use the E-Commerce, recently However, if a cracking tool that detects e keyboard input is set up, users' input values and personal information could be taken away. This paper shows the design and implementation of security system that prevent the keyboard input information leaking. The ideas of thus paper are encrypting the keyboard input values with using the keyboard interrupt hooking, the browser embedding program's decrypting the values in case of need and decrypting all values in the web server. The own input control was developed for direct attacks to the browser, and that the values of password fields which are showed as *(asterisk character) won't be decrypted in the client PC is different from other commercial keyboard input security systems. Consequently, this paper shows the chance of realizing a lot safer customer information protective system than before.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.9
• /
• pp.17-28
• /
• 2004

Since the Internet has grown into a large communication infrastructure, the network management system to systematically manage the large number of network components has become an essential part of the Internet. The rapid growth of network size has brought into question the scalability of the existing centralized model, such as SNMP (Simple Network Management Protocol) and CMIP (Common Management Information Protocol). Thus, for efficient network management, researches about mobile agent have also been performed recently. This paper presents analytical models of centralized approach based on SNMP protocol, distributed approach based on mobile agent, and mixed mode to make up for shortcomings of SNMP and mobile agent. We compare the performance of these analytical models based on network management response time. Experiment results show that performance of mobile agent and the mixed mode is less sensitive to the delay in WAN network environment. However, SNMP is more efficient for the simple network environment like LAN.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.2
• /
• pp.67-78
• /
• 2008

The purpose of this paper is to discuss the design and implementation of a WCBT(Web and Computer based Test). The WCBT combines the strengths of both a WBT(Web-based test) and a CBT(Computer-based test) on the basis of efficiency and stability. The current assessment system, considered an important management tool in the construction and operation of a total management system for the national technical qualification, has some unstable elements with regard to system load and stability. The proposed system's technological aspects have been tested through a basic simulation pilot program. The pilot program will be expanded to include the local Chamber of Commerce and Industry because the stability of the system was proved through its application to the real-time national technical examination of KCCI (Korea Chamber of Commerce and Industry). The WCBT system has shown great efficiency in terms of system load, and has solved frequent communication problems which have occurred through the use of foreign qualifying examinations. The server and client systems of the WCBT have been given good evaluations with regard to the convenience of their use and the management system for operators and supervisors.

• Journal of Communications and Networks
• /
• v.10 no.4
• /
• pp.455-464
• /
• 2008

To provide network services consistently under various network failures, enterprise networks increasingly utilize path diversity through multi-homing. As a result, multi-homed non-transit autonomous systems become to surpass single-homed networks in number. In this paper, we address an inevitable problem that occurs when networks with multiple entry points deploy firewalls in their borders. The majority of today's firewalls use stateful inspection that exploits connection state for fine-grained control. However, stateful inspection has a topological restriction such that outgoing and incoming traffic of a connection should pass through a single firewall to execute desired packet filtering operation. Multi-homed networking environments suffer from this restriction and BGP policies provide only coarse control over communication paths. Due to these features and the characteristics of datagram routing, there exists a real possibility of asymmetric routing. This mismatch between the exit and entry firewalls for a connection causes connection establishment failures. In this paper, we formulate this phenomenon into a state-sharing problem among multiple fire walls under asymmetric routing condition. To solve this problem, we propose a stateful inspection protocol that requires very low processing and messaging overhead. Our protocol consists of the following two phases: 1) Generation of a TCP SYN cookie marked with the firewall identification number upon a SYN packet arrival, and 2) state sharing triggered by a SYN/ACK packet arrival in the absence of the trail of its initial SYN packet. We demonstrate that our protocol is scalable, robust, and simple enough to be deployed for high speed networks. It also transparently works under any client-server configurations. Last but not least, we present experimental results through a prototype implementation.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.3
• /
• pp.595-603
• /
• 2017

We propose a scheme to reduce the time for the SSL/TLS handshake by embedding it into the TCP 3-way handshake. The scheme can be selectively applied on the standard TCP for making the SSL/TCP handshake happen within the TCP handshake, rather than performing the TCP handshake and SSL/TLS handshake in sequence. We implemented a prototype of the scheme and did some experiments on its performance. Experimental results showed that, compared to the sequential handshakes of the TCP and the SSL/TLS, the time reduction achieved by the scheme varied in the range of 3.2% and 14%(when the elapsed time by the ping program from the client to the server was 11.6ms). The longer the time measured by the ping program, which would grow as the propagation and queuing delays do, the larger the reduction rate. It accords with the supposition that the reduced time due to the scheme will increase in proportion to the amount of the elapsed time measured by the ping program.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.5-14
• /
• 2018

With the advance of the 4th industrial revolution, Internet of Things (IoT) technology is actively being studied. In the era of the IoT, a decentralized operation is required to reduce load on servers and enable autonomous IoT data communication rather than focusing on centralized operation of being server client structures. This paper analyzes the security of a blockchain, a new form of distributed database platform that supports integrity and permanence of data. To achieve this, we divide the blockchain's major operations into a consensus process, network communication process, and key management process, and then describe possible attacks and countermeasures in each process. We also describe the attack occurred in typical cryptocurrency platforms such as Bitcoin and Ethereum.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.1
• /
• pp.62-70
• /
• 2002

The purpose of this paper in that users can use mobile device applications more easily and efficiently through MoDAM (Mobile Device Application Management) system. MoDAM automates the process of web retrieval for obtaining mobile device applications and the process of installing or updating it on mobile devices and then supply users with these automated services in a step form by combining two separated processes. We implement a web agent conforming to OSD (Open Software Description) specification for automating software retrieval and downloading and also a mobile device based software management module conforming to SyncML (Synchronization Markup Language) specification for synchronizing common data between server and client. The method of automated software retrieval and management for mobile devices using these standard specifications minimizes users' interrupts and also can be applied to traditional several different mobile devices, operating systems or downloading web sites without platform dependent considerations.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.6
• /
• pp.179-188
• /
• 2014

Due to the tremendous amount and its rapid increase of network traffic, the performance of network equipments are becoming an important issue. Network filtering is one of primary functions affecting the performance of the network equipment such as a firewall or a load balancer to process the packet. In this paper, we propose a cache based tri method to improve the performance of the existing tri method of searching for network filtering. When several packets are exchanged at a time between a server and a client, the tri method repeats the same search procedure for network filtering. However, the proposed method can avoid unnecessary repetition of search procedure by exploiting cache so that the performance of network filtering can be improved. We performed network filtering experiments for the existing method and the proposed method. Experimental results showed that the proposed method could process more packets up to 790,000 per second than the existing method. When the size of cache list is 11, the proposed method showed the most outstanding performance improvement (18.08%) with respect to memory usage increase (7.75%).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.1
• /
• pp.406-425
• /
• 2012

Deploying advanced home networking technologies and modern home-networked devices in residential environments provides a playground for new home applications and services. Because home multimedia entertainment is among the most essential home applications, this paper presents an appealing home media content sharing scenario: home-networked devices can discover neighboring devices and share local media content, as well as enormous amounts of Internet media content in a convenient and networked manner. This ideal scenario differs from traditional usages that merely offer local media content and require tedious manual operations of connection setup and file transfer among various devices. To achieve this goal, this study proposes a proxy gateway architecture for home multimedia content distribution. The proposed architecture integrates several functional mechanisms, including UPnP-based device discovery, home gateway, Internet media provision, and in-home media content delivery. This design addresses several inherent limitations of device heterogeneity and network interoperability on home and public networks, and allows diverse home-networked devices to play media content in an identical and networked manner. Prototypical implementation of the proposed proxy gateway architecture develops a proof-of-concept software, integrating a BitTorrent peer-to-peer client, a UPnP protocol stack, and a UPnP AV media server, as well as media distribution and management components on the OSGi home gateway platform. Practical demonstration shows the proposed design and scenario realization, offering users an unlimited volume of media content for home multimedia entertainment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.2
• /
• pp.57-62
• /
• 2014

In order to provide real-time multimedia streaming service, a lot of system resources and network bandwidth required. Thus each computer is any computer other equivalent has the ability to act as a client and a server Peer-to-Peer(P2P) architecture with much interest. In this paper, techniques of P2P content that requires a user to efficiently retrieve the desired time in the streaming service have placed the focus of the research techniques. In a number present in the P2P contents, the user requests to find out the desired amount of time the content streaming services in order to provide seamless lookup latency contents search algorithm to minimize the study. P2P based smart network system and the structure of the super-node and the peer node is composed of super-gateway. Smart network system architecture proposed by performing a content search algorithm. The user requests a desired content, the service can be retrieved within the provided the flexibility.