• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.11B
• /
• pp.730-735
• /
• 2005

While the E-mail is a important way of fast communication in these days. it is real that the E-mail is often misused as a commercial advertisement method and creates many social problems. Even though various filtering techniques for blocking spam mails have been developed, reliability of mail systems is decreased by misreading normal mails as spam mails, i.e. false-positive errors. In this paper, the SMBC(Spam Mail Blocking Center) platform employing spam mail recovery method based on privacy information is proposed and designed. The SMBC is designed in frame layer based on spam blocking system of proxy sewer and can be physically implemented in various topology so that flexible development with layered module is possible. Using privacy information makes the proposed SMBC platform minimize processing load and false-positive error rates so that it can improve mail system reliabilities.

• The KIPS Transactions:PartA
• /
• v.8A no.3
• /
• pp.235-244
• /
• 2001

Development of network and computer technology results in many studies to use physically distributed computers as a single resource. Generally, these studies have focused on developing environments based on message passing. These environments are mainly used to solve problems for scientific computation and process in parallel suing inside parallelism of the given problems. Therefore, these environments provide high parallelism generally, while it is difficult to program and use as well as it is required to have user accounts in the distributed computers. If a given problem is divided into completely independent subproblems, more efficient environment can be provided. We can find these problems in bio-informatics, 3D animatin, graphics, and etc., so the development of new environment for these problems can be considered to be very important. Therefore, we suggest new environment called InterCom based on a proxy computing, which can solve these problems efficiently, and explain the implementation of this environment. This environment consists of agent, server, and client. Merits of this environment are easy programing, no need of user accounts in the distributed computers, and easiness by compiling distributed code automatically.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.7
• /
• pp.293-302
• /
• 2013

Home network providers have many worries about providing home network services with an expandable, reliable, flexible and low-cost structure according to the expanding market environment. The existing client-server system has various problems such as complexity and high costs in providing home network services. In this paper we propose the P2P-SIP structure. P2P communication terminal supporting access of distributed resources provides functions which the existing SIP-based network devices have. Because diverse terminals in a home network access through networks, also, partitioning network domains with home gateways to manage, and applying the network-based PMIPv6(Proxy Mobile IPv6) technology considering mobility of terminals would help to have a more efficient home network structure. Especially, the proposed P2P-SIP structure proves itself as a very efficient structure to have an outstanding expandability among different home networks in a region, and to reduce maintenance costs.

• The Journal of the Korea Contents Association
• /
• v.10 no.1
• /
• pp.46-58
• /
• 2010

The user valence of VoIP services with SIP protocol is increasing rapidly because of cheap communication cost and its conveniency. But attacker can easily modify the packet contents of SIP protocol as SIP header is transmitted by using UDP methods in text form. The reason is that SIP protocols does not provide an authentication function on the transmission session. Therefore, existing SIP protocol is very weak on SIP Packet Flooding attack etc. In order to solve like this kinds of SIP vulnerabilities, we used SIP status codes under the monitoring module for detecting SIP Flooding attacks and additionally proposed an advanced protocol where the authentication and security function is strengthened about SIP packet. We managed SIP session spontaneously in order to strengthen security with SIP authentication function and to solve the vulnerability of SIP protocol. The proposed mechanism can securely send SIP packet to solves the security vulnerability with minimum traffic transmission. Also service delay in SIP proxy servers will be minimized to solve the overload problem on SIP proxy server.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.235-247
• /
• 2021

Today, the cloud computing has become a major demand of many organizations. The major reason behind this expansion is due to its cloud's sharing infrastructure with higher computing efficiency, lower cost and higher fle3xibility. But, still the security is being a hurdle that blocks the success of the cloud computing platform. Therefore, a novel Multi-tenant Decentralized Information Flow Control (MT-DIFC) model is introduced in this research work. The proposed system will encapsulate four types of entities: (1) The central authority (CA), (2) The encryption proxy (EP), (3) Cloud server CS and (4) Multi-tenant Cloud virtual machines. Our contribution resides within the encryption proxy (EP). Initially, the trust level of all the users within each of the cloud is computed using the proposed two-stage trust computational model, wherein the user is categorized bas primary and secondary users. The primary and secondary users vary based on the application and data owner's preference. Based on the computed trust level, the access privilege is provided to the cloud users. In EP, the cipher text information flow security strategy is implemented using the blowfish encryption model. For the data encryption as well as decryption, the key generation is the crucial as well as the challenging part. In this research work, a new optimal key generation is carried out within the blowfish encryption Algorithm. In the blowfish encryption Algorithm, both the data encryption as well as decryption is accomplishment using the newly proposed optimal key. The proposed optimal key has been selected using a new Self Improved Cat and Mouse Based Optimizer (SI-CMBO), which has been an advanced version of the standard Cat and Mouse Based Optimizer. The proposed model is validated in terms of encryption time, decryption time, KPA attacks as well.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.2
• /
• pp.119-129
• /
• 2011

TCP-related Flooding attacks still dominate Distributed Denial of Service Attack. It is a great challenge to accurately detect the TCP flood attack in hish speed network. In this paper, we propose the NIC_Cookie logic implementation, which is a kind of security offload engine against TCP-related DDoS attacks, on network interface card. NIC_Cookie has robustness against DDoS attack itself and it is independent on server OS and external network configuration. It supports not IP-based response method but packet-level response, therefore it can handle attacks of NAT-based user group. We evaluate that the latency time of NIC_Cookie logics is $7{\times}10^{-6}$ seconds and we show 2Gbps wire-speed performance through a benchmark test.

• Journal of Korea Multimedia Society
• /
• v.7 no.8
• /
• pp.1066-1077
• /
• 2004

Dramatic increase in the number of Internet users want highly qualified service of continuous media contents on the web. To solve these problems, we present two network caching schemes(PPC, PPCwP) which consider the characteristics of continuous media objects and user access pattern in this paper. While there are plenty of reasons to create rich media contents, delivering this high bandwidth contents over the internet presents problems such as server overload, network congestion and client-perceived latency. PPC scheme periodically calculates the popularity of objects based on the playback quantity and determines the optimal size of the initial fraction of a continuous media object to be cached in proportion to the calculated popularity. PPCwP scheme calculates the expected popularity using the series information and prefetches the expected initial fraction of newly created continuous media objects. Under the PPCwP scheme, the initial client-perceived latency and the data transferred from a remote server can be reduced and limited cache storage space can be utilized efficiently. Trace-driven simulation have been performed to evaluate the presented caching schemes using the log-files of iMBC. Through these simulations, PPC and PPCwP outperforms LRU and LFU in terms of BHR and DSR.

• Journal of Broadcast Engineering
• /
• v.18 no.5
• /
• pp.758-770
• /
• 2013

In a Broadcast Encryption System, a sender sends an encrypted message to a large set of receivers at once over an insecure channel and it enables only users in a target set to decrypt the message with their private keys. In 2005, Boneh et al. proposed a fully collusion-resistant public key broadcast encryption in which the ciphertext and the privatekey sizes are constant. In general, pairing-based broadcast encryption system is efficient in bandwidth and storing aspects than non-pairing based broadcast encryption system, however, it requires many computational costs that resource-constrained devices is not suit to be applied. In this paper, we propose a Broadcast Encryption scheme(called BEWD) that user can decrypt a ciphertext more efficiently. The scheme is based on Boneh et al.scheme. More precisely, it reduces receiver's computational costs by delegating pairing computation to a proxy server which computation is required to receiver in Boneh et al.scheme. Furthermore, the scheme enables a user to check if the proxy server compute correctly. We show that our scheme is secure against selective IND-RCCA adversaries under l-BDHE assumption.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.2
• /
• pp.95-105
• /
• 2005

This paper proposes a new dynamic video adaptation scheme that could generate an adapted video stream customized to the requesting mobile device and current network status without repeated decode-encode cycles. In the proposed adaptation scheme, the characteristics of the video codec such as MPEG-1/-2/-4 are analyzed in advance focused on the relationships between the size and Quality of the encoded video stream, and they are stored in the proxy as a codec-dependent characteristic table. When a mobile device requests a video stream, it is dynamically decoded-encoded in the proxy with the highest quality to extract the contents-dependent attributes of the requested video stream. By comparing these attributes with codec-dependent characteristic table, the size and Quality of the requested video stream when being adapted to the target mobile device could be predicted. With this prediction, a version of adapted video stream, that meets the size constraints of mobile device while keeping the quality of encoded video stream as high as possible, could be selected without repeated decode-encode cycles. Experimental results show that the errors in our proposed scheme are less than 5% and produce an appropriate adapted video stream very quickly. It could be used t(1 build a proxy server for mobile devices that could quickly transcode the video streams widely spread in Internet which are encoded with various video codecs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.90-99
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients' browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, and annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.