• Journal of KIISE:Information Networking
• /
• v.41 no.4
• /
• pp.167-176
• /
• 2014

In this paper, we discuss the implementation and experimentations of a new future Internet architecture for mobile-oriented environments, named Mobile Oriented Future Internet (MOFI). The MOFI architecture is featured by the host identifier and local locator for identifier-locator separation, Query-First Data Delivery (QFDD), and Distributed Mapping System (DMS) for identifier-locator mapping control. In the existing study on MOFI, we examined the intra-domain mobility control, the implementation of MOFI over Linux platform, and the performance analysis over the small-scale testbed. In this paper, we describe how to implement the MOFI architecture for inter-domain mobility control by using the OpenFlow and Click Modular Router platform. From the experimentations over the KOREN testbed, we can see that the MOFI scheme can give better performance than the existing Proxy Mobile IP scheme.

• Proceedings of the IEEK Conference
• /
• 1999.06a
• /
• pp.9-12
• /
• 1999

The 6Bone is an environment supporting experimentation with the IPv6 protocols and products implementing it. Several functions of IPv6 remain loosely defined or undefined but the protocols related on IPv6 are being developed continuously. It is clear that ATM(Asynchronous Transfer Mode) technology is playing a important role in the evolution of the Internet as a transmission medium. In this paper, we suggest a design plan for the 6Bone overlayed on the existing ATM network, KOREN(Korea Research and Education Network). The planed 6Bone will become a good testbed to develop new networking technology and new services related on IPv6.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.47 no.7
• /
• pp.118-127
• /
• 2010

Current TCP/IP-based Internet architecture has been used for over 30 years, however it will confront with fundamental problems due to new protocol extension limitation since communication environments will change drastically and various user requirements will be emerging in near future. To solve these problems, major countries have started Future Internet researches based on clean slate approach and they will deploy large-scale testbed to experiment and verify new functions. OpenFlow switch technology has been proposed as a new experimental technology for independent protocol that can utilized the legacy network devices and does not interfere with the production Internet traffic. Korea also started Future Internet testbed project called FIRST and OpenFlow switch with NetFPGA card will be used to deploy this testbed. To interconnect distributed testbed using OpenFlow switches, logical tunnel should be established by encapsulating MAC frame inside a unicast IP packet between OpenFlow switches because OpenFlow switches are not directly connected. In this paper, we have implemented a NetFPGA-based that performs MAC in IP tunneling between various OpenFlow switch sites implemented in domestic research network KOREN. The performance evaluation shows that the NetFPGA-based capsulator reveals better performance than the software-based tunneling and it can be utilized as a testbed for experimentation of Future Internet technologies.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.48 no.7
• /
• pp.17-27
• /
• 2011

In recent years, the interest and research for Future Internet are rapidly increasing. In domestic, MOFI (Mobile Oriented Future Internet) is proposed as one architecture of Future Internet. MOFI is a data transmission architecture which provides a mobility, name-based communication and routing scalability. In this paper we implement a basic MOFI testbed that supports HID-based communication, and verify the feasibility of HID-based communication through experimentation of general service such as PING and WWW service. We used "VirtualBox" as a virtual machine and implement a packet processing and a HCP header addition and translation function using "Click Modular Router".

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.3B
• /
• pp.375-390
• /
• 2004

Domain Name System(DNS), one of the most important Internet services, handles mapping from host names to Internet addresses and vice versa, and precedes many Internet applications such as Web, e-mail, file transfer, etc. In this paper, we propose a structural design of a generic name server system providing name services for a huge domain for the purpose of improving the performance as well as the reliability of the system. We demonstrate the validity of the design by implementing and running a testbed system. Our testbed employs a couple of master name sowers for distributing the service overhead over two, rather than one, servers and for achieving high availability of the system as a whole. We suggest the use of dynamic update to add and delete records from a zone for which the name server has authority. The slave name servers located remotely then get a new, updated copy of the zone via incremental zone transfers(IXFRs). The experiments with the implemented testbed show that the proposed structure would easily manage increasing demands on the server power, and be highly available in the face of transient faults of a module in the system.

• Journal of Communications and Networks
• /
• v.11 no.3
• /
• pp.306-317
• /
• 2009

We consider the problem of architecting a reliable content delivery system across an overlay network using TCP connections as the transport primitive. We first argue that natural designs based on store-and-forward principles that tightly couple TCP connections at intermediate end-systems impose fundamental performance limitations, such as dragging down all transfer rates in the system to the rate of the slowest receiver. In contrast, the ROMA architecture we propose incorporates the use of loosely coupled TCP connections together with fast forward error correction techniques to deliver a scalable solution that better accommodates a set of heterogeneous receivers. The methods we develop establish chains of TCP connections, whose expected performance we analyze through equation-based methods. We validate our analytical findings and evaluate the performance of our ROMA architecture using a prototype implementation via extensive Internet experimentation across the PlanetLab distributed testbed.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.3
• /
• pp.31-38
• /
• 2010

It has become more difficult to correspond an cyber attack quickly as patterns of attack become various and complex. However, current security mechanisms just have passive defense functionalities. In this paper, we propose new network security architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture makes it possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service), by using active packet technology including a mobile code on active network. Also, it is designed to have more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.

• The KIPS Transactions:PartC
• /
• v.11C no.7 s.96
• /
• pp.959-970
• /
• 2004

It has become more difficult to correspond an cyber attack quickly as patterns of attack become various and complex. However, current so curity mechanisms just have passive defense functionalities. In this paper, we propose new network suity architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture makes it possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service), by using active packet technology including a mobile code on active network. Also, it is designed to have more active correspondent than that of existing mechanisms. We im-plemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.69-81
• /
• 2008

It has become more difficult to correspond a cyber attack quickly as patterns of attack become various and complex. However, current security mechanism just have passive defense functionalities. In this paper, we propose new network security mechanism to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed mechanism makes it possible to deal effectively with cyber attacks such as IP spoofing, by using active packet technology including a mobile code on active network. Also, it is designed to hove more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.4C
• /
• pp.559-569
• /
• 2004

It has become more difficult to correspond an cyber attack quickly as a pattern of attack becomes various and complex. And, current security mechanisms just have passive defense functionalities. In this paper, we propose new network security architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture make possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service) using active packet technology including a mobile sensor on active network. Active Security Management System based on proposed security architecture consists of active security node and active security server in a security zone, and is designed to have more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of Active Security Management System. The experimentation results are analyzed.