• Journal of Korea Multimedia Society
• /
• v.9 no.8
• /
• pp.1037-1044
• /
• 2006

It's difficult to check cyber attacks and the performance of a security system in a real large-scale network. Generally, a new security system or the effect of a new security attack are checked by simulation. We use SSFNet to simulate our security system and cyber attack. SSFNet is an event-driven simulation tools based on process, which has a strength to be capable of expressing a large-scale network. But it doesn't offer any API's which can manipulate not only the related function of security but also the packet. In this paper, we developed a firewall and IPS class, used for a security system, and added to them components of SSFNet. The firewall is modelled a security system based on packet filtering. We checked the function of the firewall and the IPS with network modelled as using our SSFNet. The firewall blocks packets through rules of an address and port of packets. The result of this simulation shows that we can check a status of packets through a log screen of IPS installed in a router and confirm abnormal packet to be dropped.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.4
• /
• pp.980-992
• /
• 2011

WSN gateway which runs transmission between WSN (Wireless Sensor Network) based on IEEE 802.15.4 and PN (Public Network) based on TCP/IP belongs to core technology of application based on two network. Because WSN Gateway receives various kinds of packet from many sensor nodes in an uncertain time as well as uses hardware's performance enough, it has high level of complexity about software and it is hard to be implemented. To solve these problems, this paper suggests both efficient event detection scheme for identify packet and implementation unit of protocol called 'Transaction'. The results of applying the proposed network framework, complexity of software reduces. And we provide software development environments of reflect various performance requirements.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.3
• /
• pp.117-124
• /
• 2013

In this paper we propose a TFRC(TCP Friendly Rate Control) which guarantees a minimum rate in order to improve the efficiency of the previous TFRC which cannot distinguish congestion losses and wireless losses and decreases throughput both in wired and wireless networks. This TFRC technique is able to guarantee a minimum rate for video by restricting a loss event rate with packet loss probability about existing TFRC and constraining a rate reduction from the feedback timeout. When we experimented both the existing TFRC and the new one with TCP in the same network, we found that the latter is better than the former. Consequently, it shows that the proposed TFRC can improve video streaming quality using a guaranteed minimum transmission rate.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1170-1181
• /
• 2012

Wireless Sensor Networks(WSNs) are used in diverse applications. In general, sensor nodes that are easily deployed on specific areas have many resource constrains such as battery power, memory sizes, MCUs, RFs and so on. Hence, first of all, the efficient energy consumption is strongly required in WSNs. In terms of event states, event-driven deliverly model (i.e. surveillance and reconnaissance applications) has several characteristics. On the basis of such a model, clustering algorithms can be mostly used to manage sensor nodes' energy efficiently owing to the advantages of data aggregations. Since a specific node collects packets from its child nodes in a network topology and aggregates them into one packet to relay them once, amount of transmitted packets to a sink node can be reduced. However, most clustering algorithms have been designed without considering can be reduced. However, most clustering algorithms have been designed without considering characteristics of event-driven deliverly model, which results in some problems. In this paper, we propose enhanced clustering algorithms regarding with both targets' movement and energy efficiency in order for applications of surveillance and reconnaissance. These algorithms form some clusters to contend locally between nodes, which have already detected certain targets, by using a method which called CHEW (Cluster Head Election Window). Therefore, our proposed algorithms enable to reduce not only the cost of cluster maintenance, but also energy consumption. In conclusion, we analyze traces of the clusters' movements according to targets' locations, evaluate the traces' results and we compare our algorithms with others through simulations. Finally, we verify our algorithms use power energy efficiently.

• Journal of the Korean Institute of Telematics and Electronics A
• /
• v.33A no.2
• /
• pp.50-58
• /
• 1996

This paper proposes the channel-access protocol suitable to a very high speed photonic WDM network with star configuration, which can provide a high channel utilization and insensitivity to the propagation delay. The proposed protocol employs a control channel and a simple status table to deal with the propagation delay which has been a major limiting factor in the performance of the very high speed optical communication networks. The control channel transmits control information in order to reserve access on data channels, and each node constitutes a status table after the reception of control pckets which holds information about the availbility of destination node and data channel. The proposed protocol is insensitive to the propagation delay time by removing necessity of the retransmission and by allowing parallel transmission of control packet and data packets. It is proved in analysis and discrete event simulation that the proposed protocol is superior in throughput and mean delay, especially at the high load conditions compared to the existing high speed channel-access protocols.

• Journal of Communications and Networks
• /
• v.17 no.3
• /
• pp.256-264
• /
• 2015

Energy harvesting devices have been proposed for sensor networking applications where batteries cannot be replaced, and cooperative communication schemes have been used to increase energy efficiency for wireless systems. Here, we develop transmission scheduling schemes for multi-terminal cooperative energy harvesting networks that maximize the packet delivery ratio, i.e., the probability that an event is reported successfully. We see that the proposed scheme provides virtually the same performance as the state-of-the-art threshold-based scheme, but does not require auxiliary parameter optimization. The proposed scheme also permits extensions to multiple cooperating nodes and sources, and it can be modified to accommodate fairness constraints.

• Information and Communications Magazine
• /
• v.31 no.3
• /
• pp.103-116
• /
• 2014

This paper proposes the design of Vehicular Cyber-Physical Systems (called VCPS) based on vehicular cloud for smart road networks. Our VCPS realizes mobile cloud computing services where vehicles themselves or mobile devices (e.g., smartphones and tablets of drivers or passengers in vehicles) play a role of both cloud server and cloud client in the vehicular cloud. First, this paper describes the architecture of vehicular networks for VCPS and the delay modeling for the event prediction and data delivery, such as a mobile node's travel delay along its navigation path and the packet delivery delay in vehicular networks. Second, the paper explains two VCPS applications as smart road services for the driving efficiency and safety through the vehicular cloud, such as interactive navigation and pedestrian protection. Last, the paper discusses further research issues for VCPS for smart road networks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.25-38
• /
• 2017

Many security threats are occurring around the world due to the characteristics of industrial control systems that can cause serious damage in the event of a security incident including major national infrastructure. Therefore, the industrial control system network traffic should be analyzed so that it can identify the attack in advance or perform incident response after the accident. In this paper, we research the visualization technique as network forensics to enable reasonable suspicion of all possible attacks on DNP3 control system protocol, and define normal action based rules and derive visualization requirements. As a result, we developed a visualization tool that can detect sudden network traffic changes such as DDoS and attacks that contain anormal behavior from captured packet files on industrial control system network. The suspicious behavior in the industrial control system network can be found using visualization tool with Digital Bond packet.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.8
• /
• pp.261-270
• /
• 2014

As Internet traffic increases recently, much effort has been put on improving the performance of a web server. In addition to hardware side solutions such as replacement by high-end hardware or expansion of the number of servers, there are software side solutions to improve performance. Recent studies on these software side solutions have been actively performed. In this paper, we identify performance degradation problems occurring in a conventional TCP networking reception process and propose a way to solve them. We improve performance by combining three kinds of existing methods for Linux Networking Performance Improvement and two kinds of newly proposed methods in this paper. The three existing methods include 1) an allocation method of a packet flow to a core in a multi-core environment, 2) ITR(Interrupt Throttle Rate) method to control excessive interrupt requests, and 3) sk_buff data structure recycling. The two newly proposed methods are fd data structure recycling and epoll_event data structure recycling. Through experiments in a web server environment, we verify the effect of our two proposed methods and its combination with the three existing methods for performance improvement, respectively. We use three kinds of web servers: a simple web server, Lighttpd generally used in Linux, and Apache. In a simple web server environment, fd data structure recycling and epoll_event data structure recycling bring out performance improvement by about 7 % and 6%, respectively. If they are combined with the three existing methods, performance is improved by up to 40% in total. In a Lighttpd and an Apache web server environment, the combination of five methods brings out performance improvement by up to 36% and 20% in total, respectively.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1181-1190
• /
• 2013

The GOOSE(Generic Object Oriented Substation Event) is used as a network protocol to communicate between IEDs(Intelligent Electronic Devices) in international standard IEC 61850 of substation automation system. Nevertheless, the GOOSE protocol is facing many similar threats used in TCP/IP protocol due to ethernet-based operation. In this paper, we develop a IDS(Intrusion Detection System) for secure GOOSE Protocol using open software-based IDS Snort. In this IDS, two security functions for keyword search and DoS attack detection are implemented through improvement of decoding and preprocessing component modules. And we also implement the GOOSE IDS and verify its accuracy using GOOSE packet generation and communication experiment.