• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.5
• /
• pp.127-134
• /
• 2014

In DRDoS(Distributed Reflective Denial of Service) attacks, the victim is bombarded by packets from legitimate reflector unlike DDoS(Distributed Denial of Service) attacks through zombie, which is more dangerous than DDoS attack because it is in stronger disguise. Therefore, the method of filtering packet method on router are useless. Moreover SCTP(Stream Control Transmission Protocol) multi-homing feature, such as with an improved transmission protocol allows detecting attacks is more difficult and the effect of the attack can be maximized. In this paper we propose a DRDoS detection mechanism based on DRDoS utilizing attention to the characteristics of stateful protocols. The proposed scheme is backed by stateful firewall, and detect DRDoS attacks through a rules table and perform a defense treatment against DRDoS attack. Rules table with a simple structure is possible to easily adapt for any kind of stateful protocol can used by DRDoS attack. The experimental result confirm that our proposed scheme well detect DRDoS attacks using SCTP, the next-generation transmission protocol which not known by victim, and reduce the attacking packets rapidly.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.2 no.2 s.3
• /
• pp.43-54
• /
• 2003

As the demand for ubiquitous mobile wireless Internet grows, vehicles are receiving a lot of attention as new networking platforms. The demand for 4G all-IP networks encourages vehicle networks to be connected using IPv6. By means of network mobility (NEMO) support, we can connect sensors, controllers, local ,servers as well as passengers' devices of a vehicle to the Internet through a mobile router. The mobile router provides the connectivity to the Internet and mobility transparency for the rest of the mobile nodes of an in-vehicle nv6 network. So, it is .important for the mobile router to assure reliable connection and a sufficient data rate for the group of nodes behind it. To provide reliability, this paper proposes an adaptive multihoming architecture of multiple mobile routers. Proposed architecture makes use of different mobility characteristics of different vehicles. Simulation results with different configurations show that the proposed architecture increases session preservation thus increases reliability and reduces packet loss. We also show that the proposed architecture is adaptive to heterogeneous access environment which provide different access coverage areas and data rates. The result shows that our architecture achieves sufficient data rates as well as session preservation.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.1
• /
• pp.15-20
• /
• 2010

This paper proposes a multihoming-based vertical handover scheme using Proxy binding update to minimize handover delay and packet loss while a mobile node moves to a heterogeneous access network. When a mobile node moves to a heterogeneous access network, the proposed scheme can provide a mobile node with fast and seamless handover by performing layer-3 handover using its new interface while the other interface is still communicating in the old access network. The proposed Proxy binding update is different from the Mobile IP binding update in that it includes home addres (HoA) of the old interface instead of the new interface. The performance analysis shows that the proposed scheme can efficiently reduce vertical handover delay and packet loss.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.210-214
• /
• 2007

이동 통신망의 다양화와 단말 기술의 발전에 따라 사용자는 여러 망에 동시에 접근할 수 있게 되었다. 그래서 사용자는 데이터 통신을 위하여 상황과 필요에 따라 망을 선택할 수 있다. 또한 지역적으로 다르게 커버하고 있는 다른 망으로의 이동도 지원받을 수 있다. 최근 3GPP, WiMAX같은 이동 통신망 표준화 단체들에서 IP 이동성 제어 기술로 IETF NetLMM WG의 PMIPv6로 채택하고 표준화를 진행하고 있다. PMIPv6는 단말에 독립적인 네트워크 기반 IP 이동성 제어 기술이다. PMIPv6에서는 IP만을 가진 단말이 자신의 이동에 대한 인식 없이 핸드오버를 제공받을 수 있다. 현재 PMIPv6에서 멀티호밍 이슈들을 반영한 라우팅 방안에 대한 연구가 미흡하다. 그러므로 이러한 PMIPv6가 지원되는 도메인에 멀티호밍 될 수 있는 상황에서 이를 네트워크 기반적으로 라우팅하는 방안에 대한 연구가 필요하다. 본 논문에서는 PMIPv6 도메인 간 멀티호밍을 위한 망 기반 지원 방안을 제시한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.177-182
• /
• 2011

These days as there are growing the number of vessel sailing, diverse aquaculture industries, fishing works, and leisure activities in coastal area, the diverse communication services have been required for secure voyage information. This paper addresses the scheme for costal area service using mobile IP router with multiple interfaces. For this, this system has the wireless interfaces, such as WiBro, HSDPA, and WLAN that can provides vessels with divers communication services, and can provide the vessels with the diverse information communication services in real-time through wireless communication network installed in costal area. So this can provide the infrastructure that supplies the authorized seamless information communication services.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.6
• /
• pp.169-175
• /
• 2011

This paper addresses mobile IP router which communicate between nodes in Ad Hoc network as well as supply attachment to outer Internet. Ad Hoc network is one which exchanges information through cooperations among nodes without wire infrastructure, mobile IP router considers the network as one mobile unit, and supports Internet connection in mobile as well as fixed spaces. Therefore, this router can accommodate the routing of Ad Hoc network, and provide nodes in Ad Hoc network with Internet connection. So mobile IP router can provide Ad-Hoc terminals with the diverse wireless services, such as Internet connection service, routing, mobility, and so on.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.882-885
• /
• 2008

Recently, various types of wireless networks have been proliferated. Bluetooth, IEEE 802.11 WLAN, 802.16e Mobile WiMAX (or Wibro) and 3G celluar networks are some examples. Accordingly, research on seamless mobility support mechanisms among homogeneous or heterogeneous networks has drawn significant interests. This paper examines recent research efforts on seamless mobility support mechanisms from link to transport layer. Yet, no single solution meets all the requirements for supporting the seamless mobility and it seems hard to tell which layer is the most appropriate one for supporting mobility. This area is still wide open and needs further research.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.5
• /
• pp.2267-2285
• /
• 2016

Information Centric Networking that uses content name instead of IP address as routing identifier can handle challenges such as traffic explosion and user mobility, but it also suffers from scalability and incompatibility problems. In this paper by combining the concept of software defined networking and Internet end to end arguments, we propose a wide area deployable software defined information centric networking service model named SD-ICN. SD-ICN employs a dual space structure that separates edge service network and core transmission network. The enhanced SDN techniques are used in edge service network in order to implement intelligent data routing and caching, while traditional IP technique is reserved in core transmission network so as to provide wide area high speed data transmission. Besides, a distributed name resolution system based on the cooperation of different controllers is also presented. The prototype experiments in our campus network show that SD-ICN can be deployed in a scalable and incremental way with no modification of the core network, and can support typical communication modes such as multicast, mobility, multihoming, load balancing, and multipath data transmission effectively.

• Convergence Security Journal
• /
• v.8 no.4
• /
• pp.51-56
• /
• 2008

A combination of VPNs and dial-up access, such as DSL and Cable, usually provides the cost-effective solution as the substitution of private networks on high-cost leased line. The business demand for high availability has increased with VPN spreading. This paper presents the schemes for a high availability of network access and a load balancing of network traffic in VPN gateways by using multiple links or multihoming capability based on active-active approach. The high availability and load balancing of network links can be achieved by duplicating external network access into multiple independent links. This can provide a continuous network connection to internal users even if one of the links is failed. Moreover, it can provide twice network bandwidth by distributing the traffic into the links. Static and dynamic algorithms are proposed as the load balancing algorithms.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.245-252
• /
• 2004

Stream Control Transmission Protocol(SCTP) is a new connection-oriented, reliable delivery transport protocol operating on top of an unreliable connectionless packet service such as IP. It inherits many of the functions developed for TCP, including flow control and packet loss recovery functions. In addition, it also supports transport layer multihoming and multistreaming In this paper, we study the impact of multi-homing on the performance of SCTP. We first compare performance of single-homed SCTP. multi-homed SCTP, TCP Reno and TCP SACK. We, then describe potential flaw in the current SCTP retransmission policy, when SCTP host is multihomed. Our Results show that SCTP performs better than TCP Reno and TCP SACK due to several changes from TCP in its congestion control mechanism. In particular. multi-homed SCTP shows the best result among the compared schemes. Through experimentation for multi-homed SCTP, we found that the current SCTP retransmission policy nay deteriorate the perfomance when the retransmission path it worse than the original path. Therefore, the condition of retransmission path is a very important factor In SCTP performance and a proper mechanism would be required to measure the condition of the retransmission path.