• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.7-12
• /
• 2009

The advanced computer network and Internet technology enables connectivity of computers through an open network environment. Despite the growing numbers of security threats to networks, most intrusion detection identifies security attacks mainly by detecting misuse using a set of rules based on past hacking patterns. This pattern matching has a high rate of false positives and can not detect new hacking patterns, making it vulnerable to previously unidentified attack patterns and variations in attack and increasing false negatives. Intrusion detection and prevention technologies are thus required. We proposed a network based hybrid Probe Intrusion Detection model using Fuzzy cognitive maps (PIDuF) that detects intrusion by DoS (DDoS and PDoS) attack detection using packet analysis. A DoS attack typically appears as a probe and SYN flooding attack. SYN flooding using FCM model captures and analyzes packet information to detect SYN flooding attacks. Using the result of decision module analysis, which used FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. For the performance evaluation, the "IDS Evaluation Data Set" created by MIT was used. From the simulation we obtained the max-average true positive rate of 97.064% and the max-average false negative rate of 2.936%. The true positive error rate of the PIDuF is similar to that of Bernhard's true positive error rate.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.5A
• /
• pp.469-474
• /
• 2006

In this paper, we develop a method that derive the average sector throughput of HSDPA system. This proposed method reflects the effects of AMC, scheduling and multi-code transmission, and is performed by simple calculation procedures such as link budget analysis. Link budget table is used to estimate a cell coverage in general. We modify the link budget table in order to calculate C/I of the user according to the location of the user in CDMA packet system employing AMC. Furthermore, we utilize the proposed method to analyze the effects of scheduling and multi-code transmission.

• Journal of Computing Science and Engineering
• /
• v.5 no.4
• /
• pp.316-323
• /
• 2011

Recently, Proxy Mobile IPv6 (PMIPv6) has received much attention as a mobility management protocol in next-generation all-IP mobile networks. While the current research related to PMIPv6 mainly focuses on providing efficient handovers for unicast-based applications, there has been relatively little interest in supporting multicast services with PMIPv6. To provide support for multicast services with PMIPv6, there are two alternative approaches called Mobile Access Gateway (MAG)-based subscription and Local Mobility Anchor (LMA)-based subscription. However, MAG-based subscription causes a large overhead for multicast joining and LMA-based subscription provides non-optimal multicast routing paths. The two approaches may also cause a high packet loss rate. In this paper, we propose an efficient PMIPv6-based multicast protocol that aims to provide an optimal delivery path for multicast data and to reduce handover delay and packet loss rate. Through simulation studies, we found that the proposed protocol outperforms existing multicast solutions for PMIPv6 in terms of end-to-end delay, service disruption period, and the number of lost packets during handovers.

• The KIPS Transactions:PartC
• /
• v.13C no.2 s.105
• /
• pp.235-240
• /
• 2006

Stream Control Transmission Protocol (SCTP) provides the multi-homing feature, which allows each SCTP endpoint to use two or more IP addresses for data transmission. In this paper, the SCTP multi-homing feature is experimented and analyzed in terms of throughput over Linux platforms based on the NISTNET network emulator. We perform the experimental analysis of SCTP throughputs by SCTP multi-homing for the various network conditions: different packet loss rates, network bandwidths, and transmission delays. From the experimental results, it is shown that the SCTP multi-homing gives much better throughout gun over the SCTP single-homing case in the networks with a high packet loss rate. In the meantime, the other factors including network bandwidth and transmission delay do not seem to give a significant impact on the performance of the SCTP multi-homing.

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1594-1597
• /
• 2005

A rapid development and a wide use of the Internet have expanded a network environment. Further, the network environment has become more complex due to a simple and convenient network connection and various services of the Internet. However, the Internet has been constantly exposed to the danger of various network attacks such as a virus, a hacking, a system intrusion, a system manager authority acquisition, an intrusion cover-up and the like. As a result, a network security technology such as a virus vaccine, a firewall, an integrated security management, an intrusion detection system, and the like are required in order to handle the security problems of Internet. Accordingly, a router, which is a key component of the Internet, controls a data packet flow in a network and determines an optimal path thereof so as to reach an appropriate destination. An error of the router or an attack against the router can damage an entire network. This paper relates to a method for RSMS (router security management system) for secure networking based on a security policy. Security router provides functions of a packet filtering, an authentication, an access control, an intrusion analysis and an audit trail in a kernel region. Security policy has the definition of security function against a network intrusion.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.41 no.11
• /
• pp.79-85
• /
• 2004

A digitally-controlled analog-block inevitably undergoes the bang-bang oscillations which may cause a big amplitudes of the glitches if the oscillation occurs at the MSB transition points of a binary counter. The glitch results into the jitter noise for the case of the DLL. In this paper, we devise a new counter code that has the hysteresis in the bit transitions in order to prevent the transitions of the significant counter-bits at the locking state. The maximum clock jitter is simulated to considerably reduce over the voltage-temperature range guaranteed by specifications. The counter is employed to implement the high speed packet-base DRAM and contributes to the maximized valid data-window.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.126-129
• /
• 2015

Device-to-device (D2D) communications, a subset of Proximity-based Services that enables direct communication between LTE network subscribers, is gaining popularity. It is well underway to be adopted in cellular communication systems for pedestrian and connected-vehicles alike. In this paper, we briefly present our model of an Evolved Packet Core Network-assisted device discovery simulator and show the applicability of Proximity-based Services for Vehicular Ad-hoc Networks. Through the performance evaluation based on the developed simulation environment, it is shown that in case when users gather in the same vicinity, as in public transportation, LTE network data can be efficiently offloaded and multicasted through Wi-Fi for e.g. delivering traffic-related information and for the benefit of infotainment service consumers.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.17-22
• /
• 2014

Wireless Ad hoc Network is threatened from many types of attacks because of its open structure, dynamic topology and the absence of infrastructure. Attacks by malicious nodes inside the network destroy communication path and discard packet. The damage is quite large and detecting attacks are difficult. In this paper, we proposed attack detection technique using secure authentication infrastructure for efficient detection and prevention of internal attack nodes. Cluster structure is used in the proposed method so that each nodes act as a certificate authority and the public key is issued in cluster head through trust evaluation of nodes. Symmetric Key is shared for integrity of data between the nodes and the structure which adds authentication message to the RREQ packet is used. ns-2 simulator is used to evaluate performance of proposed method and excellent performance can be performed through the experiment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1330-1347
• /
• 2018

Mobile Ad hoc Network (MANET) is a collection of nodes or communication devices that wish to communicate without any fixed infrastructure and predetermined organization of available links. The effort has been made by proposing a scheme to overcome the critical security issue in MANET. The insufficiency of security considerations in the design of Ad hoc On-Demand Distance Vector protocol makes it vulnerable to the threats of collaborative black hole attacks, where hacker nodes attack the data packets and drop them instead of forwarding. To secure mobile ad hoc networks from collaborative black hole attacks, we implement our scheme and considered sensor's energy as a key feature with a better packet delivery ratio, less delay time and high throughput. The proposed scheme has offered an improved solution to diminish collaborative black hole attacks with high performance and benchmark results as compared to the existing schemes EDRIAODV and DRIAODV respectively. This paper has shown that throughput and packet delivery ratio increase while the end to end delay decreases as compared to existing schemes. It also reduces the overall energy consumption and network traffic by maintaining accuracy and high detection rate which is more safe and reliable for future work.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.5
• /
• pp.1-9
• /
• 2004

In this paper, we propose a multicast routing protocol for the seamless delivery of multicast data to mobile hosts through the optimal route in IPv6-Based mobile networks. The proposed multicast routing protocol reduces the tree reconstruction overhead by limiting the tunneling length according to the mobility of mobile hosts. In this way, our protocol satisfies the bound of the end-to-end delay and supports the seamless handoff. Analytical and simulation results show that the proposed protocol has better performance in terms of the tree reconstruction, tunneling service and multicast packet loss than the previous protocols does.