• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.35-45
• /
• 2004

In explosively increasing internet environments, information security is one of the most important consideration. Nowadays, various security solutions are used as such problems countermeasure; IDS, Firewall and VPN. However, basically internet has much vulnerability of protocol itself. Specially, it is possible to establish a covert channel using TCP/IP header fields such as identification, sequence number, acknowledge number, timestamp and so on. In this Paper, we focus cm the covert channels using identification field of IP header and the sequence number field of TCP header. To detect such covert channels, we used Support Vector Machine which has excellent performance in pattern classification problems. Our experiments showed that proposed method could discern the abnormal cases(including covert channels) from normal TCP/IP traffic using Support Vector Machine.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.3
• /
• pp.182-191
• /
• 2012

This paper proposes a high performance QoS (Quality of Service) traffic transmission scheme to provide real-time multimedia services in wireless networks. This scheme is based on both a traffic estimation of the mean rate and a header compression method by dividing this network model into two parts, core RTP/UDP/IP network and wireless access parts, using the IEEE 802.11 WLAN. The improvement achieved by the scheme means that it can be designed to include a means of provisioning the high performance QoS strategy according to the requirements of each particular traffic flow by adapting the header compression for real-time multimedia data. A performance evaluation was carried out to show the effectiveness of the proposed traffic transmission scheme.

• Journal of the Korean Institute of Telematics and Electronics A
• /
• v.33A no.6
• /
• pp.11-22
• /
• 1996

We address an issue of channel sharing among users by using a random assignment-transmitter-based (RA-T) spread-spectrum transmission scheme which permits the contention mode only in the transmission of a header while avoiding collision during the data packet transmission. Once the header being successfully received, the data packet is ready for reception by switching to one of programmable matched-filters. But the receoption may be blocked due to limited number of matched-filters so that this effect is taken into account in our analysis. For realistic analysis, we integrate detection performance at the physical level with channel activity at the link level through a markov chain model. We also consider an acknowledgement scheme to notify whether the header is correctly detcted and the data packet can be processed continuously, which aims at reducing the interference caused unwanted data transmission. It is shown that receiver complexity can be greatly reduced by choosing a proper number of RA codes at the cost of only a little throughput degradation.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1087-1090
• /
• 2007

The security issues related to IPv6 protocol have been focused on by many researchers and engineers. Especially, extension headers of IPv6 protocol provide various functionalities such as IP security, mobile IP, and in principle, it is said to give much more effective network services than the previous protocol, IPv4. In this paper, the cases are surveyed in which fragment header, that is one of many extension headers in IPv6 protocol, is abused and made to be the sources of threats. Prevention mechanisms are also surveyed to countermeasure the threats.

• Korean Journal of Digital Imaging in Medicine
• /
• v.15 no.1
• /
• pp.9-20
• /
• 2013

PACS is one of the most used medical information system and share information from other hospitals through the PACS. Data integrity means zero defects data and this is a prerequisite of information system performance. but I wonder if I can trust these informations that Incorrect information from radiotechnologist's mistakes, anonymous in emergency department, Newborn baby department, modified informations at later. And Modified informations causes defect in integrity of the data. When we import, we use DICOM header not DB data. so error occurs that DB data is deferent with DICOM Header information. This paper discusses to resolve as above problem using DICOM object such as DICOM PR, SR. And propose quality management system that can guarantee the patient information and can manage exam history.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1276-1278
• /
• 2007

무선 네트워크 기술의 발전과 이동성 지원에 대한 사용자의 요구가 증대됨에 따라 모바일 IPv6와 이를 확장한 NEMO (NEtwork Mobility) Basic Support 프로토콜이 등장하였다. 이동네트워크들이 중첩되어 구성될 경우 NBS (NEMO Basic Support) 프로토콜을 사용하는 네트워크에서는 패킷이 네트워크를 구성하는 이동라우터(MR, Mobile Router)의 홈에이전트(HA, Home Agent)를 모두 거치면서 중첩 터널링이 수행되는 핀볼라우팅 문제가 발생한다. 본 논문에서는 이러한 문제점을 해결하기 위해 중첩된 이동네트워크에서 새로운 라우팅 헤더를 사용한 경로최적화 기법을 제안한다. 제안하는 기법은 새로운 IPv6 라우팅 헤더 DH (Destination-information Header)를 정의하고 이를 라우팅 헤더 타입 2를 대신하여 사용함으로써 중첩된 이동네트워크에서의 경로최적화를 구현한다. 이 기법은 기존 기법에 비하여 최적화된 경로로 통신하여 최소 32% 뛰어난 성능향상을 확인할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.187-189
• /
• 2014

패킷 네트워크에서 음성, 영상 트래픽이 IP, UDP, RTP 를 이용하여 전송 될 때 중복 헤더가 사용되어 통신의 비효율을 초래한다. 이를 방지 하기 위해 ROHC(Robust Header Compression)가 적용된다. 이는 인접 패킷 헤더 간의 차이 값이 규칙적으로 증가하는 영역은 그 차이 값만을 전송한다. 차이 값은 WLSB 인코딩 과정을 거쳐 전송이 되는데 인코팅 시 Sliding Window 값이 사용된다. Sliding Window 크기에 따라 헤더 압축률이 변하고 대역폭에도 영향을 미치게 된다. 본 논문에서는 효과적인 Sliding Window 값을 구하여 기존 ROHC 에 적용 하여 네트워크 통신의 효율성을 향상 시키고자 한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2007.06a
• /
• pp.401-405
• /
• 2007

In sensor network, cluster based routing protocol about efficient energy usage method has researched variously. But existing cluster based routing protocol have problems. one of the problem is sensor nodes's imbalance energy consumption problem at cluster reconstruction. anther is non- connection problem between header node and spc node when they are far from each other, not properly connected. We propose cluster re-division and header node of multihop transmission method in this paper. The cluster re-division method is the method that re-divides existing routing protocol with the small-scale cluster and multihop transmission method is the method regarding the relay transmission between the header nodes. Through the simulation, the proposed routing mechanism shows more excellent than exiting routing protocol in balance energy consumption and energy efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.49-60
• /
• 1999

IC 카드의 하드웨어적인 제약으로 대부분의 IC 카드는 대칭키 알고리즘을 사용하고 있지만 IC 카드 하드웨어 제조 기술의 발전으로 앞으로는 보안성이 우수한 비대 칭키 알고리즘이 많이 사용될 것이다. 그리고 IC 카드의 가장 큰 제약적 중 하나는 메모리 용량의 한계이다. 따라서 보안상 안전하면서도 메모리를 적게 사용하는 IC 카드 운영체제의 구현을 중요한 문제이다. 그래서 본 논문에서는 다양한 종류의 키 알고리즘을 수용할 수 있는 키 파일 탐색 기법을 제안하였다. 또한 데이터 파일 헤더에 잠금 필드를 삽입하여 보안성을 향상시켰으며 메모리 사용량을 줄일 수 있도록 데이터 파일 헤더만을 이용한 파일 탐색 기법과 자유 공간 탐색 기법을 제안하였다. Because of the evolution of IC card hardware fabrication technologies IC card will be able to accept asymmetric key encryption algorithm in the future. One of the most restrictive points of IC card is memory capacity. Therefore it is an important problem to design a secure IC card operating system using memory in small. In this paper we proposed a key file search mechanism using a key length field inserted in a key file header structure. The key file search mechanism makes IC card execute any key-based encryption algorithm. In addition we proposed inserting a lock field in data file header structure. The lock field intensifies the security of a data file. Finally we proposed a data file search mechanism and free space search mechanism using only data file header. The file system using these mechanisms spends smaller memory than that using a file description table and record of unallocated space.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10b
• /
• pp.1457-1460
• /
• 2000

평문과 암호문 쌍에서 일부 예측할 수 있는 평문들을 이용하여 비밀키를 찾는 공격을 예상 평문 공격(Probable Plaintext Attack)(1)이라고 한다. 인터넷 보호 프로토콜은 IP Datagram에 AH(Authentication Header)(2), ESP(Encapsulating Security Payload)(3) 등과 같은 Security Header가 붙여지며, 각 헤더부분에서 예상할 수 있는 영역을 가지고 있으므로 예상 평문 공격의 주요한 대상이되고, 이러한 취약점은 현재 인터넷 보호 프로토콜에서 사용되고 있는 DES(Data Encryption Standard)(4) 알고리즘에서 두드러지게 나타난다. 본 논문에서는 IPv4와 IPv6를 서로 비교하고 각각의 IP version에서 예측할 수 있는 예상 평문영역을 조사한 다음, 일어 날 수 있는 예상 평문 공격의 비율을 서로 비교하여 앞으로 상용화될 IPv6의 문제점과 해결방안을 제시한다.