• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.1989-2009
• /
• 2013

How to discover router vulnerabilities effectively and automatically is a critical problem to ensure network and information security. Previous research on router security is mostly about the technology of exploiting known flaws of routers. Fuzzing is a famous automated vulnerability finding technology; however, traditional Fuzzing tools are designed for testing network applications or other software. These tools are not or partly not suitable for testing routers. This paper designs a framework of discovering router protocol vulnerabilities, and proposes a mathematical model Two-stage Fuzzing Test Cases Generator(TFTCG) that improves previous methods to generate test cases. We have developed a tool called RPFuzzer based on TFTCG. RPFuzzer monitors routers by sending normal packets, keeping watch on CPU utilization and checking system logs, which can detect DoS, router reboot and so on. RPFuzzer' debugger based on modified Dynamips, which can record register values when an exception occurs. Finally, we experiment on the SNMP protocol, find 8 vulnerabilities, of which there are five unreleased vulnerabilities. The experiment has proved the effectiveness of RPFuzzer.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.2
• /
• pp.416-421
• /
• 2007

ZigBee is becoming a promising communication protocol for wireless sensor networks based on low-power consumption. In case of a ZigBee network requesting continuous transmission of sensed data, the required bandwidth can be overwhelm the maximum transmission rate of 150Kbps. However, the ZigBee router which delivers data from source node to destination node can transmit data at most in a half of maximum rate because the router can not send and receive the data simultaneously. In this paper, we propose and implement a dual-channel router which can send and receive data simultaneously. Also, we propose a centralized channel allocation algorithm to allocate different channels to each module. The experiment result by the proposed dual-channel router shows a maximum throughput of 150Kbps as large as twice of normal single-channel router.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.97-107
• /
• 2008

This paper proposes a mutual authentication scheme for mobile router in MANEMO. The NEMO used AAA server in order to authenticate mobile router in nested mobile network. So, this scheme has some problem that increases authentication message overhead and authentication time. The proposed scheme uses temporary certificate that signed by an access router's private key. The temporary certificate authenticates a mobile router when the mobile router entered a MANET domain. The proposed scheme reduces authentication message overhead and authentication time than the scheme to use AAA server when authenticating the mobile router.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.8 s.350
• /
• pp.25-34
• /
• 2006

In this paper DynaMoNET is suggested as a novel IPv6-based multi-homed mobile network architecture which is composed of nested mobile ad hoc networks dynamically coming together through wireless personal area networks. Each ad hoc network has a mobile router which may work as a root mobile router instead of fixed mobile routers in a DynaMoNET. A root mobile router provides the reliable Internet connectivity for the entire mobile network. This paper includes a innovative handover protocol for multi-homed mobile networks, network switchover algorithm considering multiple decision factors, root mobile router election process based on token-based algorithm fast root mobile router discovery algorithm and fault avoidance mechanism to support reliable Internet connectivity. Finally the system architecture of a mobile router is given in detail.

• 한국HCI학회:학술대회논문집
• /
• 2008.02a
• /
• pp.274-279
• /
• 2008

In this paper, we will presents the join procedure for efficient network performance in the ZigBee Sensor Network. In existing network, new devices join procedure is performed base on the participating in the already Coordinator and Router beacon information. However, beacon has insufficient information network. Thus, the concentration of traffic and inefficient use of resources, address the problem that occurs. To solve these problems, the Coordinator and router on the network, depending on their location and the ability to transfer a beacon. This algorithm is proposed in the paper, the transmission time by using the beacon, network configuration control of the network to improve performance.

• Journal of Digital Contents Society
• /
• v.18 no.5
• /
• pp.983-987
• /
• 2017

Multi-homing mobile router separates network for user connection and network for internet access using various interfaces for internet access. This paper proposes a load balancing metric in order that multi-network mobile router distributes its traffic to one of several heterogeneous network interfaces. To evaluate the performance of the load balancing metric, experiments on traffic balancing is performed on real commercial networks were used in Korea and Hong Kong.

• Journal of Information Processing Systems
• /
• v.1 no.1 s.1
• /
• pp.62-69
• /
• 2005

This paper presents a queuing analysis model of a PC-based software router supporting IPv6-IPv4 translation for residential gateway. The proposed models are M/G/1/K or MMPP-2/G/1/K by arrival process of the software PC router. M/G/1/K is a model of normal traffic and MMPP-2/G/1/K is a model of burst traffic. In M/G/1/K, the arriving process is assumed to be a Poisson process, which is independent and identically distributed. In MMPP-2/G/1/K, the arriving process is assumed to be two-state Markov Modulated Poisson Process (MMPP) which is changed from one state to another state with intensity. The service time distribution is general distribution and the service discipline of the server is processor sharing. Also, the total number of packets that can be processed at one time is limited to K. We obtain performance metrics of PC-based software router for residential gateway such as system sojourn time blocking probability and throughput based on the proposed model. Compared to other models, our model is simpler and it is easier to estimate model parameters. Validation results show that the model estimates the performance of the target system.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.11 no.4
• /
• pp.9-17
• /
• 2007

Network Mobility basic support protocol (NEMO Basic) extends the operation of Mobile IPv6 to provide uninterrupted Internet connectivity to the communicating nodes of mobile networks. The protocol uses a mobile router (MR) in the mobile network to perform prefix scope binding updates with its home agent (HA) to establish a bi-directional tunnel between the HA and MR. This solution reduces location-update signaling by making network movements transparent to the mobile nodes (MNs) behind the MR. However, delays in data delivery and higher overheads are likely to occur because of sub-optimal routing and multiple encapsulation of data packets. To manage the mobility of the mobile network, it is important to minimize packet overhead, to optimize routing, and to reduce the volume of handoff signals over the nested mobile network. This paper proposes en aggregate router-assisted route optimization (ARARO) scheme for nested mobile networks support which introduces a local anchor router in order to localize handoff and to optimize routing. With ARARO, a mobile network node (MNN) behind a MR performs route optimization with a correspondent node (CN) as the MR sends a binding update message (BU) to aggregate router (AGR) via root-MR on behalf of all active MNNs when the mobile network moves. This paper describes the new architecture and mechanisms and provides simulation results which indicate that our proposal reduces transmission delay, handoff latency and signaling overhead. To evaluate the scheme, we present the results of simulation.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.9
• /
• pp.1374-1381
• /
• 2022

Existing research on security technology related to network attack response has focused on research using hardware network security technology, network attacks that wiretap and wiretap network packets, denial of service attack that consumes server resources to bring down the system, and network by identifying vulnerabilities before attack. It is classified as a scanning attack. In addition, methods for increasing network security, antivirus vaccines and antivirus systems have been mainly proposed and designed. In particular, many users do not fully utilize the security function of the router. In order to overcome this problem, it is classified according to the network security level to block external attacks through layered security management through layer-by-layer experiments. The scope of the study was presented by examining the security technology trends of edge routers, and suggested methods and implementation examples to protect from threats related to edge router-based network attacks.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.76-78
• /
• 2005

네트워크 인프라가 확대되면서 보안에 대한 중요성도 더불어 커지고 있으며, 또한 보안 게이트웨이에 대한 관심도 증가하고 있다. 본 논문에서는 소프트웨어 라우터인 Click Modular Router를 이용하여 게이트웨이에서 비정상 트래픽을 제거하는 필터링 기능과 내부 네트워크 정보를 은닉하는 기능물 제공하기 위한 트래픽 처리 구조를 제안한다.