• Journal of the Korean Society of Systems Engineering
• /
• v.12 no.2
• /
• pp.101-114
• /
• 2016

A model-based systems engineering (MBSE) approach to implementing hardware-based network cybersecurity controls for APR1400 non-safety data network is presented in this work. The proposed design was developed by implementing packet filtering and deep packet inspection functions to control the unauthorized traffic and malicious contents. Denial-of-Service (DoS) attack was considered as a potential cybersecurity issue that may threaten the data availability and integrity of DCS gateway servers. Logical design architecture was developed to simulate the behavior of functions flow. HDL-based physical architecture was modelled and simulated using Xilinx ISE software to verify the design functionality. For effective modelling process, enhanced function flow block diagrams (EFFBDs) and schematic design based on FPGA technology were together developed and simulated to verify the performance and functional requirements of network security controls. Both logical and physical design architectures verified that hardware-based cybersecurity controls are capable to maintain the data availability and integrity. Further works focus on implementing the schematic design to an FPGA platform to accomplish the design verification and validation processes.

• Proceedings of the IEEK Conference
• /
• 2000.11a
• /
• pp.307-310
• /
• 2000

ATM is the switching and multiplexing technology chosen by the ITU-T for the operation of B-lSDN. Basically, ATM technology is designed to combine the reliability of circuit switching with the efficiency and flexibility of packet switching technology. For servicing QoS in IPOA(IP over ATM) when the larger effort is given, it will be the good method that the original QoS benefits having ATM switching have in ATM layer underlying layer. The IETF has recently proposed Differentiated Services framework for provision of QoS. In this paper we analyse performance of two Diffserv mechanism. Threshold Dropping and Priority Scheduling. Threshold Dropping and Priority Scheduling can be regarded as basic mechanisms from which the other mechanisms have been derived. Hence comparative performance of these two mechanisms in providing required QoS is an important issue. In this Paper we carry out a performance comparison of the TD and PS mechanisms with the aim of providing the same level of packet loss to the preferred flow. Our comparison of the TD and PS allows us to determine resultant packet loss for the non-preferred flows as a function of various parameters of the two mechanisms.

• Proceedings of the Korean Vacuum Society Conference
• /
• 2016.02a
• /
• pp.207-207
• /
• 2016

plasma group velocities of neon with oxygen admixture (ug) are obtained by intensified charge coupled device (ICCD) camera images at fixed gate width time of 5 ns. The propagation velocities outside interelectrode region are in the order of 104 m/s.The plasma ambipolar diffusion velocities are calculated to be in the order of 102 m/s. Plasma jet is generated by all fixed sinusoidal power supply, total gas flow and repetition frequency at 3 kV, 800 sccm and 40 kHz, respectively. The amount of oxygen admixture is varied from 0 to 2.75 %. By employing one dimensional convective wave packet model, the electron temperatures in non-thermal atmospheric-pressure plasma jet are estimated to be in a range from 1.65 to 1.95 eV.

• Journal of Power Electronics
• /
• v.16 no.4
• /
• pp.1526-1540
• /
• 2016

This work mainly discusses an accurate and fast islanding detection based on fractional wavelet packet transform (FRWPT)for multibus microgrid systems. The proposed protection scheme uses combined desirable features retrieved from discrete fractional Fourier transform (FRFT) and wavelet packet transform (WPT) techniques, which provides precise time-frequency information on minute perturbation signals introduced in the system. Moreover, this study focuses on the design of decoupling control with a distributed controller based on state feedback for the efficient operation of microgrid systems that are transitioning from the grid-connected mode to the islanded mode. An IEEE 9-bus test system with inverter based distributed generation (DG) units is considered for islanding assessment and smooth operation. Finally, tracking errors are greatly reduced with stability improvement based on the proposed controller. FRWPT based islanding detection is demonstrated via a time domain simulation of the system. Simulated results show an improvement in system stability with the application of the proposed controller and accurate islanding detection based on the FRWPT technique in comparison with the results obtained by applying the wavelet transform (WT) and WPT.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.16 no.6
• /
• pp.1161-1174
• /
• 2021

UDP is an unreliable data transmission protocol, in contrast to TCP, which implements reliable data delivery based on flow control and retransmission methods. However, the TCP operation algorithm for guaranteeing reliability is inefficient in improving transmission performance, and above all, there is no need to transmit data using the TCP method for fields that do not require perfect integrity. In this paper, we intend to discuss ways to improve the stability while maintaining the existing performance of UDP. To this end, a program applied with packet buffering and relaying techniques was developed, and the performance and stability of the experiment were verified.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.10
• /
• pp.4787-4807
• /
• 2016

Although the dense interconnection datacenter networks (DCNs) (e.g. FatTree) provide multiple paths and high bisection bandwidth for each server pair, the single-path TCP (SPT) and ECMP which are widely used currently neither achieve high bandwidth utilization nor have good load balancing. Due to only one available transmission path, SPT cannot make full use of all available bandwidth, while ECMP's random hashing results in many collisions. In this paper, we present OFPT, an OpenFlow based Parallel Transport framework, which integrates precise routing and scheduling for better load balancing and higher network throughput. By adopting OpenFlow based centralized control mechanism, OFPT computes the optimal path and bandwidth provision for each flow according to the global network view. To guarantee high throughput, OFPT dynamically schedules flows with Seamless Flow Migration Mechanism (SFMM), which can avoid packet loss in flow rerouting. Finally, we test OFPT on Mininet and implement it in a real testbed. The experimental results show that the average network throughput in OFPT is up to 97.5% of bisection bandwidth, which is higher than ECMP by 36%. Besides, OFPT decreases the average flow completion time (AFCT) and achieves better scalability.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.120-123
• /
• 2016

최근 국내 기관이나 금융권을 넘어선 사기업에 대한 정통망 법의 망분리에 대한 적용이 이슈화되고 있다. 그러나 현실적인 망분리 적용과 운영에는 비용적인 문제부터 기술적인 문제까지 다양한 어려움이 산재해있다. 이에 본 논문에서는 SDN기반의 'Openflow를 적용한 경로 기반 망분리 구축 방안'을 제안한다. OpenFlow Switch의 Flow Table의 Processing 과정인 Pipeline을 이중화시켜 Packet 통신을 경로기반의 In/External Network로 운영하는 방안이다. 이를 통해 기존 망분리 환경 대비 비용과 자원 운영의 효율성, 보안성 향상의 다각적인 효과를 기대한다.

• Journal of Communications and Networks
• /
• v.15 no.2
• /
• pp.207-216
• /
• 2013

Vehicular ad-hoc networks (VANETs) are self-organizing, self-healing networks which provide wireless communication among vehicular and roadside devices. Applications in such networks can take advantage of the use of simultaneous connections, thereby maximizing the throughput and lowering latency. In order to take advantage of all radio interfaces of the vehicle and to provide good quality of service for vehicular applications, we developed a seamless flow mobility management architecture based on vehicular network application classes with network-based mobility management. Our goal is to minimize the time of flow connection exchange in order to comply with the minimum requirements of vehicular application classes, as well as to maximize their throughput. Network simulator (NS-3) simulations were performed to analyse the behaviour of our architecture by comparing it with other three scenarios. As a result of this work, we observed that the proposed architecture presented a low handover time, with lower packet loss and lower delay.

• Journal of KIISE:Information Networking
• /
• v.37 no.5
• /
• pp.317-326
• /
• 2010

Nowadays, transmission bandwidth for network traffic is increasing and the type is varied such as peer-to-peer (PZP), real-time video, and so on, because distributed computing environment is spread and various network-based applications are developed. However, as PZP traffic occupies much volume among Internet backbone traffics, transmission bandwidth and quality of service(QoS) of other network applications such as web, ftp, and real-time video cannot be guaranteed. In previous research, the port-based technique which checks well-known port number and the Deep Packet Inspection(DPI) technique which checks the payload of packets were suggested for solving the problem of the P2P traffics, however there were difficulties to apply those methods to detection of P2P traffics because P2P applications are not used well-known port number and payload of packets may be encrypted. A proposed algorithm for identifying P2P heavy traffics based on flow transport parameters and behavioral characteristics can solve the problem of the port-based technique and the DPI technique. The focus of this paper is to identify P2P heavy traffic flows rather than all P2P traffics. P2P traffics are consist of two steps i)searching the opposite peer which have some contents ii) downloading the contents from one or more peers. We define P2P flow patterns on these P2P applications' features and then implement the system to classify P2P heavy traffics.

• ETRI Journal
• /
• v.39 no.4
• /
• pp.525-534
• /
• 2017

A hardware-acceleration architecture that separates virtual network functions (VNFs) and network control (called HSN) is proposed to solve the mismatch between the simple flow steering requirements and strong packet processing abilities of software-defined networking (SDN) forwarding elements (FEs) in SDN/network function virtualization (NFV) architecture, while improving the efficiency of NFV infrastructure and the performance of network-intensive functions. HSN makes full use of FEs and accelerates VNFs through two mechanisms: (1) separation of traffic steering and packet processing in the FEs; (2) separation of SDN and NFV control in the FEs. Our HSN prototype, built on NetFPGA-10G, demonstrates that the processing performance can be greatly improved with only a small modification of the traditional SDN/NFV architecture.