• Journal of Communications and Networks
• /
• v.16 no.5
• /
• pp.548-558
• /
• 2014

Load distribution is vital to the performance of multipath transport. The task becomes more challenging in real-time multimedia applications (RTMA), which impose stringent delay requirements. Two key issues to be addressed are: 1) How to minimize end-to-end delay and 2) how to alleviate packet reordering that incurs additional recovery time at the receiver. In this paper, we propose sub-packet based multipath load distribution (SPMLD), a new model that splits traffic at the granularity of sub-packet. Our SPMLD model aims to minimize total packet delay by effectively aggregating multiple parallel paths as a single virtual path. First, we formulate the packet splitting over multiple paths as a constrained optimization problem and derive its solution based on progressive approximation method. Second, in the solution, we analyze queuing delay by introducing D/M/1 model and obtain the expression of dynamic packet splitting ratio for each path. Third, in order to describe SPMLD's scheduling policy, we propose two distributed algorithms respectively implemented in the source and destination nodes. We evaluate the performance of SPMLD through extensive simulations in QualNet using real-time H.264 video streaming. Experimental results demonstrate that: SPMLD outperforms previous flow and packet based load distribution models in terms of video peak signal-to-noise ratio, total packet delay, end-to-end delay, and risk of packet reordering. Besides, SPMLD's extra overhead is tiny compared to the input video streaming.

• ETRI Journal
• /
• v.35 no.4
• /
• pp.726-729
• /
• 2013

For secure multimedia communications, existing encryption techniques use an online session key for the key exchange, for which key size is limited to less than 10 digits to accommodate the latency condition caused by user devices only being able to handle low computational loads. This condition results in poor security of recorded encrypted data. In this letter, we propose a packet key scheme that encrypts real-time packets using a different key per packet for multimedia applications. Therefore, a key of a relatively small size can provide after-transmission confidentiality to data of a real-time session.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.107-114
• /
• 2003

In this paper, we propose an efficient mutual authentication and key distribution protocol for cdma2000 packet data service which uses Mobile U access method with DIAMETER AAA(Authentication, Authorization and Accounting) infrastructure. The proposed scheme provides an efficient mutual authentication between MN(Mobile Node) and AAAH(home AAA server), and a secure session-key distribution among Mobile If entities. The proposed protocol improves the efficiency of DIAMETER AAA and satisfies the security requirements for authentication and key distribution protocol. Also, the key distributed by the proposed scheme can be used to generate keys for packet data security over 1xEV-DO wireless interface, in order to avoid a session hijacking attack for 1xEV-DO packet data service.

• ETRI Journal
• /
• v.27 no.4
• /
• pp.469-472
• /
• 2005

To enhance the scalability of high performance packet switches, a two-stage load-balanced switch has recently been introduced, in which each stage uses a deterministic sequence of configurations. The switch is simple to make scalable and has been proven to provide 100% throughput. However, the load-balanced switch may mis-sequence the packets. In this paper, we propose an algorithm called full frame stuff (FFS), which maintains packet order in the two-stage load-balanced switch and has excellent switching performance. This algorithm is distributed and each port can operate independently.

• International Journal of Control, Automation, and Systems
• /
• v.6 no.6
• /
• pp.915-927
• /
• 2008

Networked control systems(NCSs) have gained increasing attention in recent years due to their advantages and potential applications. The network Quality-of-Service(QoS) in NCSs always fluctuates due to changes of the traffic load and available network resources. To handle the network QoS variations problem, this paper presents an intelligent scheduling control method for NCSs, where the sampling period and the control parameters are simultaneously scheduled to compensate the effect of QoS variation on NCSs performance. For NCSs with network-induced delays and packet dropouts, a discrete-time switch model is proposed. By defining a sampling-period-dependent Lyapunov function and a common quadratic Lyapunov function, the stability conditions are derived for NCSs in terms of linear matrix inequalities(LMIs). Based on the obtained stability conditions, the corresponding controller design problem is solved and the performance optimization problem is also investigated. Simulation results are given to demonstrate the effectiveness of the proposed approaches.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.10
• /
• pp.2620-2631
• /
• 2012

In this paper, a rerouting-controlled ISL (Inter-Satellite link) handover protocol for LEO satellite networks (RCIHP) is proposed. Through topological dynamics and periodic characterization of LEO satellite constellation, the protocol firstly derives the ISL related information such as the moments of ISL handovers and the intervals during which ISLs are closed and cannot be used to forward packet. The information, combined with satellite link load status, is then been utilized during packet forwarding process. The protocol makes a forwarding decision on a per packet basis and only routes packets to living and non-congested satellite links. Thus RCIHP avoids periodic rerouting that occurs in traditional routing protocols and makes it totally unnecessary. Simulation studies show that RCIHP has a good performance in terms of packet dropped possibility and end-to-end delay.

• Review of KIISC
• /
• v.17 no.2
• /
• pp.9-23
• /
• 2007

The air interface supports a security layer which provides the key exchange protocol, authentication protocol, and encryption protocol. The authentication is performed on the encryption protocol packet. The authentication protocol header or trailer may contain the digital signature that is used to authenticate a portion of the authentication protocol packet that is authenticated. The encryption protocol may add a trailer to hide the actual length of the plaintext of padding to be used by the encryption algorithm. The encryption protocol header may contain variables such as the initialization vector (IV) to be used by the encryption protocol. It is our aim to firstly compute the session key created from the D H key exchange algorithm, and thereof the authenticating key and the encryption key being generated from the session key.

• Nuclear Engineering and Technology
• /
• v.54 no.10
• /
• pp.3587-3594
• /
• 2022

A distributed high-speed data acquisition and monitoring system for the RF negative ion source at Huazhong University of Science and Technology (HUST) is developed, which consists of data acquisition, data forwarding and data processing. Firstly, the data acquisition modules sample physical signals at high speed and upload the sampling data with corresponding absolute-time labels over UDP, which builds the time correlation among different signals. And a special data packet format is proposed for the data upload, which is convenient for packing or parsing a fixed-length packet, especially when the span of the time labels in a packet crosses an absolute second. The data forwarding modules then receive the UDP messages and distribute their data packets to the real-time display module and the data storage modules by PUB/SUB-pattern message queue of ZeroMQ. As for the data storage, a scheme combining the file server and MySQL database is adopted to increase the storage rate and facilitate the data query. The test results show that the loss rate of the data packets is within the range of 0-5% and the storage rate is higher than 20 Mbps, both acceptable for the HUST RF negative ion source.

• ETRI Journal
• /
• v.43 no.3
• /
• pp.561-570
• /
• 2021

This paper presents master key identifier based protocol steganography (MKIPS), a new approach toward creating a covert channel within the Secure Real-time Transfer Protocol, also known as SRTP. This can be achieved using the ability of the sender of Voice-over-Internet Protocol packets to select a master key from a pre-shared list of available cryptographic keys. This list is handed to the SRTP sender and receiver by an external key management protocol during session initiation. In this work, by intelligent utilization of the master key identifier field in the SRTP packet creation process, a covert channel is created. The proposed covert channel can reach a relatively high transfer rate, and its capacity may vary based on the underlying SRTP channel properties. In comparison to existing data embedding methods in SRTP, MKIPS can convey a secret message without adding to the traffic overhead of the channel and packet loss in the destination. Additionally, the proposed covert channel is as robust as its underlying user datagram protocol channel.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.200-206
• /
• 2014

Accountable Internet Protocol (AIP) is one of the future Internet architectures to provide accountability concept by using the self-certifying address that is derived by the public key of the host. In AIP, when a host sends a packet, a domain that is located between the source and the destination hosts discards the packet in order to verify the source IP address. Therefore, performance degradation can occur due to packet discard especially when there is asymmetric route. In this paper, we propose the improved AIP mechanism to verify the source IP address without discarding the packet by including the timestamp, public key value and the signature for protecting from forfeiting the source address. Security safety of the proposed mechanism is evaluated and the proposed mechanism can provide the more robust security as well as reducing the latency due to discarding packets.