• Journal of the Korea Society of Computer and Information
• /
• v.12 no.3
• /
• pp.177-183
• /
• 2007

Active queue management (AQM) refers to a family of packet dropping mechanisms for router queues that has been proposed to support end-to-end congestion control mechanisms in the Internet. The proposed AQM algorithm by the IETF is Random Early Detection (RED). The RED algorithm allows network operators simultaneously to achieve high throughput and low average delay. However. the resulting average queue length is quite sensitive to the level of congestion. In this paper, we propose the Refined Adaptive RED(RARED), as a solution for reducing the sensitivity to parameters that affect RED performance. Based on simulations, we observe that the RARED scheme improves overall performance of the network. In particular, the RARED scheme reduces packet drop rate and improves goodput.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.123-130
• /
• 2008

To avoid some protection systems such as firewall, P2P applications have recently used to apply dynamic port numbers. Reliable estimates of P2P traffic require examination of packet payload, a methodological land mine from legal, privacy technical, logistic, and fiscal perspectives. Indeed, access to user payload is often rendered impossible by one of these factors, inhibiting trustworthy estimation of P2P growth and dynamics. Despite various methods such as port-based and signature-based techniques, it still dose not satisfy the method which uses both qualitative and quantitative aspects. In this paper, a method using SVM mechanism which discriminate the P2P traffic from non-P2P traffics using differences between P2P and other application traffics is suggested. This is a systematic methodology to identify P2P networks, and without relying on packet payload.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.9C
• /
• pp.836-841
• /
• 2002

Packet scheduling is an essential function to guarantee a quality of service by differentiating services in the Internet. Scheduling algorithms that have been suggested so far can be devided into Round-Robin methods and Fair Queueing methods Round-Robin methods have the advantage of high-speed processing through simple implementations, while Fair Queueing methods offer accurate services. Fair queueing algorithms, however, have problems of computational overheads and implementation complexity as their schedulers manage the states of every flow. This paper suggests a new method in which each flow performs the calculation in a distributed way to decide the service order. Our algorithm significantly reduces the scheduler's computational overheads while providing the same level of accuracy with the previous Fair Queueing algorithms.

• Journal of KIISE:Information Networking
• /
• v.37 no.4
• /
• pp.263-271
• /
• 2010

SIP/RTP-based VoIP services are being popular. Recently, however, VoIP anomaly traffic such as delay, interference and termination of call establishment, and degradation of voice quality has been reported. An attacker could intercept a packet, and obtain user and header information so as to generate an anomaly traffic, because most Korean VoIP applications do not use standard security protocols. In this paper, we propose three VoIP anomaly traffic generation methods for CANCEL;BYE DoS and RTP flooding, and a detection method through flow-based traffic measurement. From our experiments, we showed that 97% of anomaly traffic could be detected in real commercial VoIP networks in Korea.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.7
• /
• pp.1-8
• /
• 2016

Nowadays, distributed denial of service (DDoS) attacks on web sites reward attackers financially or politically because our daily lifes tightly depends on web services such as on-line banking, e-mail, and e-commerce. One of DDoS attacks to web servers is called HTTP-GET flood attack which is becoming more serious. Most existing techniques are running on the application layer because these attack packets use legitimate network protocols and HTTP payloads; that is, network-level intrusion detection systems cannot distinguish legitimate HTTP-GET requests and malicious requests. In this paper, we propose a practical detection technique against HTTP-GET flood attacks, based on the access behavior of inline objects in a webpage using NetFlow data. In particular, our proposed scheme is working on the network layer without any application-specific deep packet inspections. We implement the proposed detection technique and evaluate the ability of attack detection on a simple test environment using NetBot attacker. Moreover, we also show that our approach must be applicable to real field by showing the test profile captured on a well-known e-commerce site. The results show that our technique can detect the HTTP-GET flood attack effectively.

• Journal of Information Processing Systems
• /
• v.12 no.3
• /
• pp.511-524
• /
• 2016

The Virtual Local Area Network (VLAN) has been used for a long time in campus and enterprise networks as the most popular network virtualization solution. Due to the benefits and advantages achieved by using VLAN, network operators and administrators have been using it for constructing their networks up until now and have even extended it to manage the networking in a cloud computing system. However, their configuration is a complex, tedious, time-consuming, and error-prone process. Since Software Defined Networking (SDN) features the centralized network management and network programmability, it is a promising solution for handling the aforementioned challenges in VLAN management. In this paper, we first introduce a new architecture for campus and enterprise networks by leveraging SDN and OpenFlow. Next, we have designed and implemented an application for easily managing and flexibly troubleshooting the VLANs in this architecture. This application supports both static VLAN and dynamic VLAN configurations. In addition, we discuss the hybrid-mode operation where the packet processing is involved by both the OpenFlow control plane and the traditional control plane. By deploying a real test-bed prototype, we illustrate how our system works and then evaluate the network latency in dynamic VLAN operation.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.299-306
• /
• 2009

Followed by the popularity of the Internet, a number of access technologies to the Internet have been developed. EAP is an authentication framework. It is designed to provide the authentication functionality in the access network. Because of its flexibility and extensibility EAP poses a global solution for the authentication supported by many access networks. However, EAP has critical weaknesses in the protocol which may, in turn, decrease the EAP performance. Some of the weaknesses are caused by the "lock-step" flow control which only supports a single packet in flight. Considering the weaknesses, we propose a solution for the flow control. Using simulation we prove that our solutions improve the EAP performance.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.10
• /
• pp.2764-2771
• /
• 1999

ATM has recently received much attention because of its high capacity, its bandwidth scalability, and its ability to support multiservice traffic. However, ATM is connection oriented whereas the vast majority of modern data networking protocols are connectionless. The alternative to support current service on ATM will be a router with attached switching hardware that has the ability to cache routing decisions. In this paper, we described the router using a switch and simulated the performance. From the results of the simulation, the routing delay was decreased as the number of flow channels. Cell-delay was shortest at 30,000 cell-time when the keeping time of a flow channel was. The line utilization was rapidly decrease when a flow-setup time is 20 30 cell-time. The results of this simulation could be applied to predict the performance of the router using ATM switch.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.11
• /
• pp.3680-3693
• /
• 2022

The handover procedure of IEEE 802.11 wireless local area networks (WLANs) introduces significant delay, which can degrade the quality of service (QoS) especially for delay-sensitive applications. Although studies have been conducted to support handover in SDN-based WLAN, there is no research to reduce the channel scanning procedure that takes up the most delay time in the handover process. The channel scanning procedure is essential to determine the appropriate access point (AP). To mitigate this problem, this paper proposes a SWITCH: SDN-WLAN integrated handover scheme for QoS-Guaranteed mobile service. In SWITCH, each AP periodically broadcasts beacon frames through different channels in a predetermined order that includes the operating channel information of the AP. This allows mobile stations (MSs) to receive the beacon frames of nearby APs, and therefore they can determine the appropriate APs for handover without the channel scanning procedure. By reporting the information of the newly moved AP to the SDN controller, a flow rule is installed in advance to provide fast handover, and packet loss is reduced by buffering data destined for MS. In addition, the proposed scheme can adaptively operate SWITCH to consider the user location and QoS requirement of flow to save radio resource overhead. Performance evaluation results demonstrate that SWITCH can reduce the handover delays, flow table utilization ratio and radio resource overhead while improving the network throughput.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.9
• /
• pp.39-48
• /
• 2008

Recently, many multimedia services have emerged in Internet such as real-time and non- real time services. However, in this Internet environment, we have some limitations to satisfy each service feature. To guarantee the service features in Measurement-Based Admission Control(MBAC) based system on the flow-aware network, there is the method applying Dynamic Priority Scheduling(DPS) algorithm that gives a higher priority to an earlier incoming flow in all of the link bandwidth. This paper classifies all flows under several groups according to flow characteristics on per-flow MBAC algorithm based system. In each flow group, DPS algorithm is applied. This paper proposes two methods that are a DPS based bandwidth borrowing method and a bandwidth dynamic allocation method. The former is that if low priority class has available bandwidths, the flow of high priority class borrows the bandwidth of low priority class when high priority flow has insufficient bandwidth to connect a flow call. The later is that the each group has a minimum bandwidth and is allocated the bandwidth dynamically according to the excess rate for available bandwidth. We compare and analyze the characteristics of the two proposed methods through the simulation experiments. As the results of the experiment, the proposed methods are more effective than existing DPS based method on the packet loss and delay characteristics. Consequently the proposed two methods are very useful in various multimedia network environments.