Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
The KIPS Transactions:PartC
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 10C, Issue 7 - Dec 2003
Volume 10C, Issue 6 - Oct 2003
Volume 10C, Issue 5 - Oct 2003
Volume 10C, Issue 4 - Aug 2003
Volume 10C, Issue 3 - Jun 2003
Volume 10C, Issue 2 - Apr 2003
Volume 10C, Issue 1 - Feb 2003
Volume 10, Issue 7 - 00 2003
Volume 10, Issue 5 - 00 2003
Volume 10, Issue 4 - 00 2003
Volume 10, Issue 3 - 00 2003
Volume 10, Issue 2 - 00 2003
Volume 10, Issue 1 - 00 2003
Selecting the target year
A Study of Security Rule Management for Misuse Intrusion Detection Systems using Mobile Agent
김태경 ; 이동영 ; 정태명 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 525~525
This paper describes intrusion detection rule management using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed approach, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2 (Network Simulator) with respect to time.
An One-time Proxy Signature Scheme Suitable for Mobile Communications
김소진 ; 박지환 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 533~533
According to the development of mobile communications, many people have been offered high qualify of the application services using portable terminals. But those works nay have many vulnerabilities and have the limit of excutaions. Because the application services are provided in mobile network and the performance of portable terminals is lower than that of base stations. To improve these problems, in this paper, we propose one-time proxy signature scheme that can reduce the computational ctsost on a user and prevent a proxy agent's dishonesty. The proposed scheme is based on the KBLK scheme  which applied the fail-stop signature scheme . It is constructed that a proxy signer can sign only one message with a proxy key and we add anonimity to it for the user's identity protection in mobile communication like a M-commerce.
How to Exchange Secrets by OT
이용주 ; 최영일 ; 이병선 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 541~541
A fair exchange protocol enable two parties to exchange secrets with fairness, so that neither can gain any information advantage by quitting prematurely or otherwise misbehaving. Therefore a fair exchange is the most important for electronic transactions between untrusted parties. To design new fair exchange, after describing basic concepts, definitions and existing protocols and designing a non-interactive OT protocol using ELGamal's public key system, I will design new protocol to support fair exchange. In my designed new protocol, untrusted parties exchange secrets obliviously and verify that their received secrets are true by using transformed Zero Knowledge Interactive Proof extended to duplex. At this time, concerned two parties can't decrypt the other's ciphertext. After all of the steps, two parties can do it. It is the most important to provide perfect fairness and anonymity to untrusted parties in this protocol.
Extended Security Policy Protocol that considers NAT-PT
현정식 ; 황윤철 ; 엄남경 ; 이상호 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 549~549
In this paper, we describe security policy protocol to provide end-to-end IPSec security service that considers characteristics of NAT-PT. NAT-PT is describing IP address translation and protocol translation for communication on heterogeneous IP network by one of the technology that is proposed by IETF to provide communication between IPv4 and IPv6 network in transitional step to evolve by IPv6 network to IPv4 network. But NAT-PT has the limitation on security one of the essential requirement of Internet. Therefore, we propose the extended security protocol that offers a security policy negotiation that should be achieved for the first time to provide end-to-end IPSec security service that considers NAT-PT in this paper.
A Study on Smartcard Security Evaluation Criteria for Side-Channel Attacks
이훈재 ; 이상곤 ; 최희봉 ; 김춘수 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 557~557
This paper analyzes the side channel attacks for smartcard devices, and proposes the smartcard suity evaluation criteria for side-channel attacks. To setup the smartcard security evaluation criteria for side-channel attacks, we analyze similar security evaluation criteria for cryptographic algorithms, cryptographic modules, and smartcard protection profiles based on the common criterion. Futhermore, we propose the smartcard security evaluation criteria for side-channel attacks. It can be useful to evaluate a cryptosystem related with information security technology and in addition, it can be applied to building smartcard protection profile.
Implementing an Intrusion Detection Message Exchange Library for Realtime Interaction between SDMS-RTIR and Heterogeneous Systems
유일선 ; 이동련 ; 오은숙 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 565~565
This paper implements an intrusion detection message exchange protocol library (IDMEPL) for SDMS-RTIR, which Korea Information Security Agency (KISA) has developed to hierarchically detect and respond to network vulnerability scan attacks. The IDMEPL, based on the IDMEF and the IAP of the IDWG, enables SDMS-RTIR to interact with other intrusion detection systems (IDS) in realtime, and supports the TLS protocol to prevent security threats in exchanging messages between its server and its agents. Especially, with the protocol selection stage, the IDMEPL can support various protocols such as the IDXP besides the IAP. Furthermore, it can allow for agents to choose an appropriate security protocol for their own network, achieving security stronger than mutual authentication. With the IDMEPL, SDMS-RTIR can receive massive intrusion detection messages from heterogeneous IDSes in large-scale networks and analyze them.
Design and Implementation of Digital Contract System on the Mobile Environment : M-XContract
황기태 ; 김남윤 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 575~575
Due to hardware resource limit and system incompatibility of the mobile device, and low bandwidth of wireless communication, there are a few difficulties in introducing the digital contract system based on wired communication to M-Commerce. To get over the difficulties, this paper defines a digital contract based upon XML and then addresses the design and implementation of M-XContract, a digital contract system for the mobile environment. M-XContract system has been constructed with the digital contract server, M-ESign module which contracts with the customer on the PDA and transfers the contract digitally signed to the server, M-EDecoder module which shows the contract to the customer from the server, and X-Auth which is a contract authoring tool. To evaluate the run-time performance of the M-XContract, we measured the digital signature generation time and transfer time to the server. The evaluation results show that the M-Xcontract is an efficient model for the mobile contract system.
Design and Implementation of User Authentication Protocol for Wireless Devices based on Java Card
이주화 ; 설경수 ; 정민수 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 585~585
Java card is one of promising smart card platform with java technology. Java card defines necessary packages and classes for Embedded device that have small memory such as smart card Java card is compatible with EMV that is Industry specification standard and ISO-7816 that is international standard. However, Java card is not offers user authentication protocol. In this paper, We design and implement an user authentication protocol applicable wireless devices based on Java Card using standard 3GPP Specification (SMS), Java Card Specification (APDU), Cryptography and so on. Our Java Card user authentication techniques can possibly be applied to the area of M-Commerce, Wireless Security, E-Payment System, Mobile Internet, Global Position Service, Ubiquitous Computing and so on.
A buffer management scheme of GFR Service for fairness improvement of TCP/IP traffic
곽현민 ; 김남희 ; 이상태 ; 전병실 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 595~595
In this paper, we proposed new buffer management and cell scheduling scheme of GFR service for improving fairness of TCP/IP traffic in ATM networks. The proposed algorithm used untagged cell, which came to ATM switch, to decide the policy for discard of frame and what kind of VC cell it would serve. Performance analysis through the simulation present that proposed scheme can meet fairness 2 (MCR Plus equal share), which are not met by conventional scheduling mechanism such as WRR. Also, proposed scheme is superior to WRR about 30% in throughput and more efficiency in fairness criteria.
Backup path restoration scheme and delay time analysis in GMPLS network
조평동 ; 김상하 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 603~603
On the optical network, it is important to build restoration scheme capable to network survivability in preparation of potential failure on communication route. This paper analyze the existing schemes on restoration of failure on the optical network, and propose deferred commit scheme to improve resource utilization and management efficiency. Also, the transfer flow of messages needed for transferring restoration signal are presented in a concrete way and delay time required by shared mesh restoration scheme is explained in a substantial way. Simulation-based comparative analysis of various schemes is performed.
Study on Dynamic Priority Collision Resolution Algorithm in HFC-CATV Network
이수연 ; 정진욱 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 611~611
Recently, the HFC-CATV network stand in a substructure of superhighway information network. Because of sharing up to 500 of subscribes, the Collision Resolution Algorithm needs in the upstream channel of HFC-CATV network. In order to provide Quality of Service (QoS) to users with real-time data such as voice, video and interactive service, the research of Collision Resolution Algorithm must include an effective priority scheme. In IEEE 802.14, the Collision Resolution Algorithm has high request delay because of static PNA(Priority New Access) slots structure and different priority traffics with the same probability. In order to resolve this problem, this paper proposed dynamic priority collision resolution algorithm with ternary tree algorithm. It has low request delay according to an increase of traffic load because high priority traffic first resolve and new traffic content with different probability. In the result of the simulation, it demonstrated that the proposed algorithm needs lower request delay than that of ternary tree algorithm with static PNA slots structure.
Distributed Power Control with Reference Model in the CDMA cellular system
이무영 ; 오도창 ; 권우현 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 617~617
This paper proposes a modified DCPC (Distributed Constrained Power Control, M-DCPC) algorithm that can improve the performance of a CDMA power control system. The control performance of the proposed method is verified using two performance measures : the SIR response of each mobile and the outage probability in a cell. As regards the SIR response, in simulations, the M-DCPC algorithm has shown a faster convergence and lower overshoot in transient time than the other power control algorithms when the desired SIR value was varying. For the outage probability. M-DCPC converged to a fixed outage rate faster than CSOPC while also maintaining the system capacity to make as high a connection as CSOPC. In particular, when the desired SIR was varying, CSOPC showed an abrupt outage probability increase during the desired SIR Increase, yet M-DCPC was unaffected.
Fast Join Mechanism that considers the switching of the tree in Overlay Multicast
조성연 ; 노경택 ; 박명순 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 625~625
More than a decade after its initial proposal, deployment of IP Multicast has been limited due to the problem of traffic control in multicast routing, multicast address allocation in global internet, reliable multicast transport techniques etc. Lately, according to increase of multicast application service such as internet broadcast, real time security information service etc., overlay multicast is developed as a new internet multicast technology. In this paper, we describe an overlay multicast protocol and propose fast join mechanism that considers switching of the tree. To find a potential parent, an existing search algorithm descends the tree from the root by one level at a time, and it causes long joining latency. Also, it is try to select the nearest node as a potential parent. However, it can't select the nearest node by the degree limit of the node. As a result, the generated tree has low efficiency. To reduce long joining latency and improve the efficiency of the tree, we propose searching two levels of the tree at a time. This method forwards joining request message to own children node. So, at ordinary times, there is no overhead to keep the tree. But the joining request came, the increasing number of searching messages will reduce a long joining latency. Also searching more nodes will be helpful to construct more efficient trees. In order to evaluate the performance of our fast join mechanism, we measure the metrics such as the search latency and the number of searched node and the number of switching by the number of members and degree limit. The simulation results show that the performance of our mechanism is superior to that of the existing mechanism.
A Study of Efficient Spare Capacity Planning Scheme in Mesh-Based Survivable Fiber-Optic Networks
방형빈 ; 김병기 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 635~635
Due to the development of information technology and widespread use of telecommunications networks, the design of mesh-survivable net works has received considerable attention in recent years. This paper deals with spare capacity planning scheme in mesh-based fiber-optic networks. In this study, a new spare capacity planning scheme is proposed utilizing path restoration with maximal sharing of share capacity that is traced by the spare capacity incremental factor (after this, we called “SCIF”). We compare it with three other spare capacity planning scheme : link capacity of IP (Integer Programming), SLPA(Spare Link Placement Algorithm) and GA(Genetic Algorithm). The approach shows better performance with heuristics algorithm for determining the spare capacity assignment and the computational time is easily controlled allowing the approach to scale to large networks. The major advantages of the new approach are reduction of spare capacity and a polynomial time complexity.
A Partitioned Compressed-Trie for Speeding up IP Address Lookups
박재형 ; 장익현 ; 정민영 ; 원용관 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 641~641
Packet processing speed of routers as well as transmission speed of physical links gives a great effect on IP packet transfer rate in Internet. The router forwards a packet after determining the next hop to the packet's destination. IP address lookup is a main design issue for high performance routers. In this paper, we propose a partitioned compressed-trie for speeding-up IP address lookup algorithms based on tie data structure by exploiting path compression. In the proposed scheme, IP prefixes are divided into several compressed-tries and lookup is performed on only one partitioned compressed-trie. Memory access time for IP address lookup is lessen due to compression technique and memory required for maintaining partition does not increased.
Dynamic Link Recommendation Based on Anonymous Weblog Mining
윤선희 ; 오해석 ;
The KIPS Transactions:PartC, volume 10, issue 5, 2003, Pages 647~647
In Webspace, mining traversal patterns is to understand user's path traversal patterns. On this mining, it has a unique characteristic which objects (for example, URLs) may be visited due to their positions rather than contents, because users move to other objects according to providing information services. As a consequence, it becomes very complex to extract meaningful information from these data. Recently discovering traversal patterns has been an important problem in data mining because there has been an increasing amount of research activity on various aspects of improving the quality of information services. This paper presents a Dynamic Link Recommendation (DLR) algorithm that recommends link sets on a Web site through mining frequent traversal patterns. It can be employed to any Web site with massive amounts of data. Our experimentation with two real Weblog data clearly validate that our method outperforms traditional method.