Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
The KIPS Transactions:PartC
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 10C, Issue 7 - Dec 2003
Volume 10C, Issue 6 - Oct 2003
Volume 10C, Issue 5 - Oct 2003
Volume 10C, Issue 4 - Aug 2003
Volume 10C, Issue 3 - Jun 2003
Volume 10C, Issue 2 - Apr 2003
Volume 10C, Issue 1 - Feb 2003
Volume 10, Issue 7 - 00 2003
Volume 10, Issue 5 - 00 2003
Volume 10, Issue 4 - 00 2003
Volume 10, Issue 3 - 00 2003
Volume 10, Issue 2 - 00 2003
Volume 10, Issue 1 - 00 2003
Selecting the target year
A Secure Communication Framework for the Detection System of Network Vulnerability Scan Attacks
유일선 ; 김종은 ; 조경산 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 1~1
In this paper, we propose a secure communication from interaction and information sharing between a server and agents in DS NVSA (Detection System of Network Vulnerability Scan Attacks) proposed in . For the scalability and interoperability with other detection systems, we design the proposed framework based on IDMEF and LAP that have been drafted by IDWG. We adapt IDMEF and LAP to the proposed framework and provide SKTLS (Symmetric Key based Transport Layer Security Protocol) for the network environment that cannot afford to support public-key infrastructure. Our framework provides the reusability of heterogeneous intrusion detection systems and enables the scope of intrusion detection to be extended. Also it can be used as a framework for ESM(Enterprise Security Management) system.
Multiple User Authentication based on SecuROS/FreeBSD
두소영 ; 김정녀 ; 공은배 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 11~11
This paper implements Multiple User Authentication System to which the system authenticating with password only has been upgraded. The 4-staged authentication including user ID password, smart card and access control information, etc. is used at the suggested Multiple User Authentication System. The user authentication systems that this paper suggest has been developed based on SecuROS/FreeBSD with the function of access control added to FreeBSD kernel. It provides both the function to limit access range to the system to each user and the function to check that when inputting important information the demand is the one of the system; thus, the reliability becomes increased. In the SecuROS/FreeBSD system, MAC and RBAC are being used. So, in the case of users accessing to the system, the information about the policies of MAC and RBAC to which users would access is used in the authentication. At the time, the access to system is permitted only when the access control information that users demanded satisfies all the access control rules which have been defined in the system.
A Design of Secure Mobile Agent Systems Employing ID based Digital Multi-Signature Scheme
유성진 ; 김성열 ; 이옥빈 ; 정일용 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 17~17
Mobile agent comes into the spotlight since it contributes largely to mobile computing on distributed network environment. However, this system has a number of significant security problems. In this paper, we analyze security attacks to mobile agent system presented by NIST. In order to protect this system from them, we suggest a security protocol for mobile agent system by employing ID based key distribution and digital multi-signature scheme. To solve these problems described in NIST, securities for mobile agent and agent platform should be accomplished. Comparing with other protocols, our protocol performs both of these securities, while other protocols mentioned only on of them. Proposed protocol satisfies simplicity of key management, providing security service such as confidentiality, integrity, authentication and preventing reputation, liveness guarantee, protection of execution-result data and preventing replay attack. Furthermore, it is design to detect message modification immediately by verifying each step of agent execution at a corresponding server.
An Efficient Algorithm for Soft-Decision Decoding of Linear Block Codes
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 27~27
An efficient soft-decision decoding algorithm for binary block codes it proposed. The proposed soft-decision decoding algorithm is implemented by a series of hard-decision decoding process. By the hard-decision decoding result, the candidate codewords are efficiently searched for A new decoding method, which prevents the missing of the candidate codeword, is proposed. Also, the method fir reducing complexity is developed. This method removes the practical complexity increase caused by the improved algorithm. There facts are confirmed by the simulation results for binary (63, 36) BCH code.
Evaluating and Distributing Algorithms based on Capacities of Duplicated Servers for Traffic Management
한정혜 ; 이경희 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 33~33
Most of the existing algorithms try to disseminate the multimedia contents of internet service provider (ISP), without taking into account characteristics and capacities of duplicated servers. However, they are less reliable without prior information on capacities of duplicated servers. In this paper we propose two algorithms, performance rating algorithm of hardware and capacity algorithm, inspired by the need of improving QoS of delivering multimedia contents without incurring long access delays when the capacities of duplicated servers are significantly different and clients locate in a fixed geographical domain Our simulation results show that they are better than HTTP response time algorithm when the multimedia contents are large and quite different from performances between duplicated servers.
An Effective RED Algorithm for Congestion Control in the Internet
정규정 ; 이동호 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 39~39
The network performance gets down during congestion periods to solve the problem effectively. A RED(Random Earl Detection) algorithm of the queue management algorithm is proposed and IETF recommends it as a queue management. A RED algorithm controls a congestion aspect dynamically. In analyzing parameters when static value of parameter is set in the gateway cannot be handled the status of current network traffic properly We propose the Effective RED algorithm to solve with the weakness of RED In this algorithm the maximum drop probability decides to accept or drop the interning packets, is adjusted dynamically on the current queue state for controlling the congestion phase effectively in the gateway. This algorithm is confirmed by computer simulation using the NS(Network Simulator)-2.
A New Scheduling Algorithm for Performance Improvement of GFR Service
조해성 ; 김관웅 ; 배성환 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 45~45
Guaranteed Frame Rate (GFR) service category is one of the most recent ATM service categories. The GFR specification was recently finalized by the ATM Forum and is expected to become an important service category which can efficiently support TCP/IP traffic in ATM network. In GFR switch implementation, it is important to guarantee MCR (minimum cell rate) and improve fairness. In this paper, we propose a new scheduling algorithm for the GFR service. Proposed algorithm provides priority to VC (virtual circuit)s and high Priority given to a VC which has fewer untagged cells in buffer. High priority VCs are serviced before low priority VCs. Proposed algorithm can guarantee MCR and improve fair sharing of the remaining bandwidth between GFR VCs. From computer simulation results, we demonstrate the proposed scheduling algorithm provide much better performance in TCP goodput and fairness than previous schemes.
Performance Analysis for ABR Congestion Control Algorithm of ATM Switch using Self-Similar Traffic
진성호 ; 임재홍 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 51~51
One of the most important matters in designing network and realizing service, is to grip on the traffic characteristics. Conventional traffic prediction and analysis used the models which based on the Poisson or Markovian. Recently, experimental research on the LAN, WAN and VBR traffic properties have been pointed rut that they weren't able to display actual real traffic specificities because the models based on the Poisson assumption had been underestimated the long range dependency of network traffic and self-similar peculiarities, it has been lately presented that the new approach method using self-similarity characteristics as similar as the real traffic models. Therefore, in this paper, we generated self-similar data traffic like real traffic as background load. On the existing ABR congestion control algorithm, we analyzed by classify into ACR, buffer utilization. cell drop rate, transmission throughput with the representative EFCI, ERICA, EPRCA and NIST twitch algorithm to show the efficient reaction about the burst traffic.
Response Time-based Web Service Availability Measurement Method
박상근 ; 최덕재 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 61~61
E-Business providers and customers have chosen the service availability as the most important technical parameter which should be included in their SLA to succeed in their business. This means that web Service availability management is crucial to the web-based service providers. Application availability is originally defined as a measure of the fraction of time during a defined period when the service provided is deemed to be better than user expectation of service performance. But, because most web service availability measurement tools simply monitor disconnected state, they do not satisfy user's expectation of extended availability concept. In this paper, We propose the web service availability measurement method which supports extended availability concept. It takes account of performance degradation of web service based on response time, and determines what is the cause of unavailability of the service. We developed a measurement tool, WebSerAvail.
The software architecture for the internal data processing in Gigabit IP Router
이왕봉 ; 정영식 ; 김태일 ; 방영철 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 71~71
Internet traffic is getting tremendously heavier due to the exponential growth of the Internet users, the spread of the E-commerce and the network games. High-speed routers for fast packet forwarding are commercially available to satisfy the growing bandwidth. A high-speed router, which has the decentralized multiprocessing architecture for IP and routing functions, consists of host processors, line interfaces and switch fabrics. In this paper, we propose a software architecture tuned for high-speed non-forwarding packet manipulation. IPCMP (Inter-Processor Communication Message Protocol), which is a mechanism for IPC (Inter-Processor Communication), is also proposed and implemented as well. Proposed IPC mechanism results in faster packet-processing rate by 10% as compared to the conventional IPC mechanism using UDP/IP.
Internet Multicast Routing Protocol Model using MPLS Networks
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 77~77
This paper describes the new method for Internet multicast routing protocols using MPLS (Multiprotocol Label Switching) networks. Internet multicast routing protocols are divided into three categories in terms if tree types and tree characteristics : a shortest path tree a shared tree and hybrid tree types. MPLS should support various multicast mechanisms because of extremely different IP multicast architectures, such as uni-/bi-directional link, Flooding/prune tree maintenance mechanism. the existence of different tree types with the same group, etc. There are so many problems over MPLS multicast that the solutions can't be easily figured out. In this Paper, we make a few assumptions on which the solutions of IP multicast routing protocols over MPLS networks are given. A broadcasting label is defined for the shortest path tree types. Cell interleaving problems of the shared tree types is solved by using block-based transmission mechanism. Finally, the existing hybrid-type multicast routing protocol is reasonably modified Shortest Path tree type to support MPLS multicast. It has been shown that these modifications give better performance (transmission delay) than the orignal method.
A Study on Improving SQUID Proxy Server Performance by Arbitral Thread and Delayed Caching
이대성 ; 김유성 ; 김기창 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 87~87
As the number of the Internet users increases explosively, a solution for this problem is web caching. So, many techniques on improving cache server performance have been suggested. In this paper, we analyze the cause of the bottleneck in cache servers, and propose an arbitral thread and delayed caching mechanism as a solution. We use an arbitral thread in order to provide a quick service to user requests through eliminating the ready multi-thread search problem in case of disk writing operation. We also use delayed caching in order to provide stable system operation through avoiding overloaded disk operation and queue threshold. Proposed cache server is implemented through modification on SQUlD cache server, and we compare its performance with the original SQUID cache server.
A Resource Reallocation Scheme Enhancing the Survivability of Essential Services
김성기 ; 민병준 ; 최중섭 ; 김홍근 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 95~95
In order to guarantee the survivability of essential services against attacks based on new methodology, we need a solution to recognize important resources for the services and to adapt the urgent situation properly. In this paper, we present a dynamic resource reallocation scheme which is one of the core technologies for the construction of intrusion tolerant systems. By means of resource reallocation within a host, this scheme enables selected essential services to survive even after the occurrence if a system attack. Experimental result obtained on a test-bed reveals the validity of the proposed scheme for resource reallocation. This scheme may work together with IDS (Intrusion Detection System) to produce more effective responsive mechanisms against attacks.
Performance Analysis of Distance-based Location Registration Scheme Considering Terminating Call
임석구 ; 장희선 ; 조기성 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 103~103
In this paper, we propose and evaluate the performance distance-based registration considering call arrival. We propose the mobility model, which can be used to analyze the performance of proposed registration schemes. Numerical results show that zone-based registration needs less number of registration than distance-based registration. On the other hand, the registration load of the distance-based registration is equally distributed to all cells in a location area. However, the registration load of the distance-based registration considering call arrival is similar to that of zone-based registration and equally distributed to all cells in a location area. Therefore, the proposed scheme can be effectively used restricted radio resources.
An Outage Evaluation Model for Wireless Telecommunication Network
이동훈 ; 정일영 ;
The KIPS Transactions:PartC, volume 10, issue 1, 2003, Pages 111~111
Network reliability means networks ability which perform normal operation of network components within defined time period, on the other hand, networks survivability is the index of normal operation in network failure. In occurrence of network failure, network operator is interested in the measurement of network survivability, but, in a view of subscribers, it is more interested in how many subscribers are out of service proposed, which measures the impacts of subscribers in case of network failure which induces a service outage. The outage evaluation result of "Mobile to Land" service outage which has 30,000 subscribers affected for 30 minutes is 2.5. This value is 5 times larger than that of the same service outage which has 10,000 subscribers affected for 30 minutes, i.e, the impact of subscribers in the former case is 5 times larger than that of the latter case. If 30,000 subscribers have isolated in "Mobile to Land", "Local Mobile to Mobile" service for 30 minutes by the exchange out of order in PCS network, then the evaluation result of this service outage will be 3.75.