• Journal of Communications and Networks
• /
• 제16권5호
• /
• pp.548-558
• /
• 2014

Load distribution is vital to the performance of multipath transport. The task becomes more challenging in real-time multimedia applications (RTMA), which impose stringent delay requirements. Two key issues to be addressed are: 1) How to minimize end-to-end delay and 2) how to alleviate packet reordering that incurs additional recovery time at the receiver. In this paper, we propose sub-packet based multipath load distribution (SPMLD), a new model that splits traffic at the granularity of sub-packet. Our SPMLD model aims to minimize total packet delay by effectively aggregating multiple parallel paths as a single virtual path. First, we formulate the packet splitting over multiple paths as a constrained optimization problem and derive its solution based on progressive approximation method. Second, in the solution, we analyze queuing delay by introducing D/M/1 model and obtain the expression of dynamic packet splitting ratio for each path. Third, in order to describe SPMLD's scheduling policy, we propose two distributed algorithms respectively implemented in the source and destination nodes. We evaluate the performance of SPMLD through extensive simulations in QualNet using real-time H.264 video streaming. Experimental results demonstrate that: SPMLD outperforms previous flow and packet based load distribution models in terms of video peak signal-to-noise ratio, total packet delay, end-to-end delay, and risk of packet reordering. Besides, SPMLD's extra overhead is tiny compared to the input video streaming.

• ETRI Journal
• /
• 제35권4호
• /
• pp.726-729
• /
• 2013

For secure multimedia communications, existing encryption techniques use an online session key for the key exchange, for which key size is limited to less than 10 digits to accommodate the latency condition caused by user devices only being able to handle low computational loads. This condition results in poor security of recorded encrypted data. In this letter, we propose a packet key scheme that encrypts real-time packets using a different key per packet for multimedia applications. Therefore, a key of a relatively small size can provide after-transmission confidentiality to data of a real-time session.

• 정보보호학회논문지
• /
• 제13권2호
• /
• pp.107-114
• /
• 2003

본 논문에서는 DIAMETER AAA(Authentication, Authorization and Accounting) 하부 구조를 가지고 Mobile IP 액세스 기법을 사용하는 cdma2000 패킷 데이터 서비스에서 W(mobile node)와 AAAH(home AAA server)간의 상호 인증과 Mobile IP 개체들간에 안전한 세션키 분배를 위한 방법을 제안한다. 제안된 프로토콜은 DIAMETER AAA 하부 구조를 가정하며 c의 비효율성을 개선하고, 인증과 키 분배 프로토콜의 안전성 요구 사항들을 모두 만족한다. 또한 1xEV-DO에 대한 패킷 데이터 세션 하이재킹 공격을 방지하기 위해 제안된 기법에 의해 분배된 키를 1xEV-DO 무선 인터페이스 패킷 데이터 보안을 위한 키 생성에 적용한다.

• ETRI Journal
• /
• 제27권4호
• /
• pp.469-472
• /
• 2005

To enhance the scalability of high performance packet switches, a two-stage load-balanced switch has recently been introduced, in which each stage uses a deterministic sequence of configurations. The switch is simple to make scalable and has been proven to provide 100% throughput. However, the load-balanced switch may mis-sequence the packets. In this paper, we propose an algorithm called full frame stuff (FFS), which maintains packet order in the two-stage load-balanced switch and has excellent switching performance. This algorithm is distributed and each port can operate independently.

• International Journal of Control, Automation, and Systems
• /
• 제6권6호
• /
• pp.915-927
• /
• 2008

Networked control systems(NCSs) have gained increasing attention in recent years due to their advantages and potential applications. The network Quality-of-Service(QoS) in NCSs always fluctuates due to changes of the traffic load and available network resources. To handle the network QoS variations problem, this paper presents an intelligent scheduling control method for NCSs, where the sampling period and the control parameters are simultaneously scheduled to compensate the effect of QoS variation on NCSs performance. For NCSs with network-induced delays and packet dropouts, a discrete-time switch model is proposed. By defining a sampling-period-dependent Lyapunov function and a common quadratic Lyapunov function, the stability conditions are derived for NCSs in terms of linear matrix inequalities(LMIs). Based on the obtained stability conditions, the corresponding controller design problem is solved and the performance optimization problem is also investigated. Simulation results are given to demonstrate the effectiveness of the proposed approaches.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권10호
• /
• pp.2620-2631
• /
• 2012

In this paper, a rerouting-controlled ISL (Inter-Satellite link) handover protocol for LEO satellite networks (RCIHP) is proposed. Through topological dynamics and periodic characterization of LEO satellite constellation, the protocol firstly derives the ISL related information such as the moments of ISL handovers and the intervals during which ISLs are closed and cannot be used to forward packet. The information, combined with satellite link load status, is then been utilized during packet forwarding process. The protocol makes a forwarding decision on a per packet basis and only routes packets to living and non-congested satellite links. Thus RCIHP avoids periodic rerouting that occurs in traditional routing protocols and makes it totally unnecessary. Simulation studies show that RCIHP has a good performance in terms of packet dropped possibility and end-to-end delay.

• 정보보호학회지
• /
• 제17권2호
• /
• pp.9-23
• /
• 2007

The air interface supports a security layer which provides the key exchange protocol, authentication protocol, and encryption protocol. The authentication is performed on the encryption protocol packet. The authentication protocol header or trailer may contain the digital signature that is used to authenticate a portion of the authentication protocol packet that is authenticated. The encryption protocol may add a trailer to hide the actual length of the plaintext of padding to be used by the encryption algorithm. The encryption protocol header may contain variables such as the initialization vector (IV) to be used by the encryption protocol. It is our aim to firstly compute the session key created from the D H key exchange algorithm, and thereof the authenticating key and the encryption key being generated from the session key.

• Nuclear Engineering and Technology
• /
• 제54권10호
• /
• pp.3587-3594
• /
• 2022

A distributed high-speed data acquisition and monitoring system for the RF negative ion source at Huazhong University of Science and Technology (HUST) is developed, which consists of data acquisition, data forwarding and data processing. Firstly, the data acquisition modules sample physical signals at high speed and upload the sampling data with corresponding absolute-time labels over UDP, which builds the time correlation among different signals. And a special data packet format is proposed for the data upload, which is convenient for packing or parsing a fixed-length packet, especially when the span of the time labels in a packet crosses an absolute second. The data forwarding modules then receive the UDP messages and distribute their data packets to the real-time display module and the data storage modules by PUB/SUB-pattern message queue of ZeroMQ. As for the data storage, a scheme combining the file server and MySQL database is adopted to increase the storage rate and facilitate the data query. The test results show that the loss rate of the data packets is within the range of 0-5% and the storage rate is higher than 20 Mbps, both acceptable for the HUST RF negative ion source.

• ETRI Journal
• /
• 제43권3호
• /
• pp.561-570
• /
• 2021

This paper presents master key identifier based protocol steganography (MKIPS), a new approach toward creating a covert channel within the Secure Real-time Transfer Protocol, also known as SRTP. This can be achieved using the ability of the sender of Voice-over-Internet Protocol packets to select a master key from a pre-shared list of available cryptographic keys. This list is handed to the SRTP sender and receiver by an external key management protocol during session initiation. In this work, by intelligent utilization of the master key identifier field in the SRTP packet creation process, a covert channel is created. The proposed covert channel can reach a relatively high transfer rate, and its capacity may vary based on the underlying SRTP channel properties. In comparison to existing data embedding methods in SRTP, MKIPS can convey a secret message without adding to the traffic overhead of the channel and packet loss in the destination. Additionally, the proposed covert channel is as robust as its underlying user datagram protocol channel.

• 한국통신학회논문지
• /
• 제39B권4호
• /
• pp.200-206
• /
• 2014

AIP(Accountable Internet Protocol)는 호스트의 공개키로부터 도출되는 해쉬 값을 호스트 식별자 주소로 이용함으로써 호스트에게 주소에 대한 책임 추구성(Accountability)를 제공하기 위한 미래 인터넷 구조의 하나이다. AIP에서는 하나의 호스트가 패킷을 전송하면, 중간에 있는 라우터는 패킷을 폐기한 후에 소스 주소를 검증함으로써 특히 비대칭 경로가 있는 경우에는 패킷의 폐기로 인한 성능의 저하가 발생하게 된다. 본 논문에서는 소스 호스트로부터 전송되는 첫 번째 패킷에 주소의 검증을 위한 공개키와 이의 위조를 방지하기 위한 시그니처, 그리고 재전송 공격을 방어하기 위한 타임스탬프 정보를 포함하고, 이 정보를 이용하여 패킷을 폐기하지 않고 패킷에 포함되어 있는 소스 주소를 검증할 수 있는 향상된 AIP 메커니즘을 제안한다. 제안 메커니즘의 보안 안정성을 평가하였으며, 제안 메커니즘이 보안에 강하면서도 패킷 폐기로 인한 지연을 줄일 수 있다는 장점을 가진다는 것을 확인하였다.