Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
The KIPS Transactions:PartC
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 12C, Issue 7 - Dec 2005
Volume 12C, Issue 6 - Oct 2005
Volume 12C, Issue 5 - Oct 2005
Volume 12C, Issue 4 - Aug 2005
Volume 12C, Issue 3 - Jun 2005
Volume 12C, Issue 2 - Apr 2005
Volume 12C, Issue 1 - Feb 2005
Selecting the target year
Interface of EDI System and VPN with IPSec and L2TP for Speed efficiency and Security Level
Choi Byung-Hun ; Lee Gun-Ho ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 1~10
DOI : 10.3745/KIPSTC.2005.12C.1.001
Electronic Data Interchange(EDI) between a number of companies goes on increasing on the internet. Although a conventional EDI system reduces business process efforts, time, resources, etc., important information is easily and frequently exposed by well trained hackers and crackers, which inflict a severe loss on the company and even put the company under a crisis. This study integrates the conventional EDI system and Virtual Private Tet(VPN) to maximize an overall efficiency of speed and security in data transferring by the level of importance. The EDI system interfaced to IPSec and L2TP of VPN allows us to select two modes : the one focuses on a high speed with a low or a medium level security or the other does on a high level security with a low or a medium level speed. Both the company and the end users get a lot of tangible and intangible advantages by integrating the EDI system and VPN.
A Gigabit Rate Packet Header Collector using Network Processor
Choi Pan-an ; Choi Kyung-hee ; Jung Gi-hyun ; Sim Jae-hong ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 11~18
DOI : 10.3745/KIPSTC.2005.12C.1.011
This paper proposes a packet header collector, based on a network processor with multi-processor and multi-threads, that shows a high throughput on gigabit network. The proposed collector has an architecture to separate packets coming from gigabit network into headers and payloads, and distribute them to multiple 100Mbit MAC ports. The architecture hiring a unique buffer management method and load distribution strategy among multiple processors is evaluated empirically in depth.
A Real-Time Network Traffic Anomaly Detection Scheme Using NetFlow Data
Kang Koo-Hong ; Jang Jong-Soo ; Kim Ki-Young ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 19~28
DOI : 10.3745/KIPSTC.2005.12C.1.019
Recently, it has been sharply increased the interests to detect the network traffic anomalies to help protect the computer network from unknown attacks. In this paper, we propose a new anomaly detection scheme using the simple linear regression analysis for the exported LetFlow data, such as bits per second and flows per second, from a border router at a campus network. In order to verify the proposed scheme, we apply it to a real campus network and compare the results with the Holt-Winters seasonal algorithm. In particular, we integrate it into the RRDtooi for detecting the anomalies in real time.
Efficient Key Agreement Protocols using Proxy Server
Yang Hyung-Kyu ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 29~36
DOI : 10.3745/KIPSTC.2005.12C.1.029
A key agreement protocol is the most important part to establish a secure cryptographic system and the effort to standardize the key agreement protocols is in rapid progress. Several efficient and secure key agreement protocols have been proposed so far since Diffie-Hellman proposed a public key agreement system in 1976. But, since Diffie-Hellman based key agreement protocols need a lot of computation to establish the session key, they are not suitable for wireless Internet environment. In this paper, we propose the efficient key agreement protocol using Proxy server. The Proposed Protocol gives the security equivalent to that the Diffie-Hellman based Protocol and the computation work of mobile user can be decreased using proxy server.
System based on Java Card Using XML Digital Signature on Wireless Internet
Jang Chang-Bok ; Choi Eui-In ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 37~44
DOI : 10.3745/KIPSTC.2005.12C.1.037
As wireless network was developed and Capability of Wireless Phone was increased, M-Commerce was activates In Wireless network environment. User Authentication and Security in E-Commerce Environment is very important, so Authentication Technology, such as WPKI and Hermes System, XML Digital Signature in Wire Network is studying. But if authentication systems was implemented heterogeneous, WPKI is difficult to implement the system, it's not interoperate with authentication system on wire internet, not support XML digital Signature. Hermes system also not interoperate with XML digital signature system. So our paper designed System that can interoperate among digital signature systems and XML document to apply XML digital signature technology on wire network to wireless network, and then implemented system that can XML digital signature to use Java Card.
An Optimum-adaptive Intrusion Detection System Using a Mobile Code
Pang Se-chung ; Kim Yang-woo ; Kim Yoon-hee ; Lee Phil-Woo ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 45~52
DOI : 10.3745/KIPSTC.2005.12C.1.045
A damage scale of information property has been increasing rapidly by various illegal actions of information systems, which result from dysfunction of a knowledge society. Reinforcement in criminal investigation requests of network security has accelerated research and development of Intrusion Detection Systems(IDSs), which report intrusion-detection about these illegal actions. Due to limited designs of early IDSs, it is hard for the IDSs to cope with tricks to go around IDS as well as false-positive and false-negative trials in various network environments. In this paper, we showed that this kind of problems can be solved by using a Virtual Protocol Stack(VPS) that possesses automatic learning ability through an optimum-adaptive mobile code. Therefore, the enhanced IDS adapts dynamically to various network environments in consideration of monitored and self-learned network status. Moreover, it is shown that Insertion/Evasion attacks can be actively detected. Finally, we discussed that this method can be expanded to an intrusion detection technique that possesses adaptability in the various mixed network environments.
A Study on the Synchronization of GFP Signal in NG-SDH System
Lee Chang-Ki ; Ko Je-Soo ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 53~62
DOI : 10.3745/KIPSTC.2005.12C.1.053
The NG-SDH system requires signal synchronization to synchronize incoming ethernet signal with GFP frame. The foreign nation research completes a chipset development until now and it secures a relation technique, but it does not secure a relation technique from domestic. Therefore, in this paper, we presented with signal synchronization method of Ethernet signal through GFP frame. We knew that the synchronized method of Ethernet signal through GFP-F must apply ingress & egress buffer and GFP Idle. We understood that the synchronized method of Ethernet signal through GFP-T must apply GFP Idle and
, and require maximum 3-bit addition & deletion of idle. Also we showed signal synchronization realization through simulation and obtained MTIE/TDEV characteristics and peak to peak jitter in egress output.
Performance of an ML Modulation Classification of QAM Signals with Single-Sample Observation
Kang Seog Geun ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 63~68
DOI : 10.3745/KIPSTC.2005.12C.1.063
In this paper, performance of a maximum-likelihood modulation classification for quadrature amplitude modulation (QAM) is studied. Unlike previous works, the relative classification performance with respect to the available modulations and performance limit with single-sample observation are presented. For those purposes, all constellations are set to have the same minimum Euclidean distance between symbols so that a smaller constellation is a subset of the larger ones. And only one sample of received waveform is used for multiple hypothesis test. As a result, classification performance is improved with increase in signal-to-noise ratio in all the experiments. Especially, when the true modulation format used in the transmitter is 4 QAM, almost perfect classification can be achieved without any additional information or observation samples. Though the possibility of false classification due to the symbols shared by subset constellations always exists, correct classification ratio of
can be obtained with the single-sample observation when the true modulation formats are 16 and 64 QAM.
A Performance Improvement of Resource Prediction Method Based on Wiener Model in Wireless Cellular Networks
Lee Jin-Yi ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 69~76
DOI : 10.3745/KIPSTC.2005.12C.1.069
To effectively use limited resources in wireless cellular networks it is necessary to predict exactly the amount of resources required by handoff calls at a future time. In this paper we propose a method which predicts the amount of resources needed by handoff calls more accurately than the existing method based on Wiener processes. The existing method uses the current demands to predict future demands. Although this method is much simpler than using traffic information from neighbor cells, its prediction error increases as time elapses, leading to waste of wireless resources. By using an exponential parameter to decrease the magnitude of error over time, we show in simulation how to outperform the existing method in resource utilization as well as in prediction of resource demands.
Efficient Protection/Restoration by Separation of Domains in Optical Networks
Yim Soon-Bin ; An Hyun-Ki ; Lee Tae-Jin ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 77~82
DOI : 10.3745/KIPSTC.2005.12C.1.077
Protection of user service becomes increasingly important since even very short interruption of service due to link or node failure will cause huge data loss and incur tremendous restoration cost in high speed network environment. Thus fast and efficient protection and restoration is one of the most important issues to be addressed. Protection methods have been proposed to provide efficiency and stability in optical networks. In this paper, an original network is separated into several domains using Hamiltonian cycle. and link protection is performed on the cycles of the domains. We have shown that protection path length can be decreased up to
with marginal increase of backup capacity. Our proposed method can provide high-speed protection with marginal increase of protection capacity.
Fault Management in Crossbar ATM Switches
Oh Minseok ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 83~96
DOI : 10.3745/KIPSTC.2005.12C.1.083
The multichannel switch is an architecture widely used for ATM (Asynchronous Transfer Mode). It is known that the fault tolerant characteristic can be incorporated into the multichannel crossbar switching fabric. For example, if a link belonging to a multichannel group fails, the remaining links can assume responsibility for some of the traffic on the failed link. On the other hand, if a fault occurs in a switching element, it can lead to erroneous routing and sequencing in the multichannel switch. We investigate several fault localization algorithm in multichannel crossbar ATM switches with a view to early fault recovery. The optimal algorithm gives the best performance in terms of time to localization but it is computationally complex which makes it difficult to implement. We develop an on-line algorithm which is computationally more efficient than the optimal one. We evaluate its performance through simulation. The simulation results show that the Performance of the on-line algorithm is only slightly sub-optimal for both random and bursty traffic. There are cases where the proposed on-line algorithm cannot pinpoint down to a single fault. We enumerate those cases and investigate the causes. Finally, a fault recovery algorithm is described which utilizes the information provided by the fault localization algorithm The fault recovery algorithm providesadditionalrowsandcolumnstoallowcellstodetourthefaultyelement.
An IP Subnet Address Calculation and Management method on VLSM
Cheon SeongKwon ; Jin DongXue ; Kim YoungRag ; Kim ChongGun ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 97~104
DOI : 10.3745/KIPSTC.2005.12C.1.097
One of the problems of the currently used IPv4 addressing-structure is the fact that there is a shortage of IP addresses and many addresses are being wasted, especially on sub-netting design. The variable subnet masking is a resolution to reduce IP address wasting. We propose an effective subnet W address calculation and management method on VLSM. Also, with the proposed subnet IP address management method, a web based subnet allocation and management system is introduced.
Efficient Multicast Tree Algorithm for Acceptable Delay and Minimum Delay Variation
Kim Moon-Seong ; Choo Hyun-Seung ; Lee Young-Ro ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 105~110
DOI : 10.3745/KIPSTC.2005.12C.1.105
With the proliferation of multimedia group applications, the construction of multicast trees satisfying QoS requirements is becoming a problem of prime importance. In this paper, we study the delay- and delay variation-bounded multicast tree (DVBMT) problem which is NP-complete. The problem is to construct a spanning tree for destination node, which has the minimized multicast delay variation, and the delay on the path from the source to each destination is bounded. A solution to this problem is required to provide decent real-time communication services such as on-line games, shopping, and teleconferencing. Performance comparison shows that the proposed scheme outperforms DDVCA which is known to be effective so far in any network topology. The enhancement is up to about
in terms of normalized surcharge for DUVCA. The time complexity of our algorithm is
A Multi-path Dynamic Source Routing Protocol for Mobile Ad-Hoc Networks
Lim Hwa-Jung ; Tscha Yeong-hwan ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 111~120
DOI : 10.3745/KIPSTC.2005.12C.1.111
A mobile ad-hoc network is an autonomous system of mobile nodes which are free to move around randomly and organize themselves arbitrarily, hence a routing protocol that handles the dynamic network topology changes is required for the network. In this paper we present a multi -Path on-demand routing protocol called R-DSR (Robust Dynamic Source Routing), an extension to the existing IETF protocol DSR. The proposed protocol has it that every pair of 2-hop away nodes on the single route is additionally connected via an alternative node. Throughout mathematical analysis we show the proposed protocol reveals higher message delivery rate than that of the Das's multi-path protocol, currently known as one of the most typical approaches related to DSR.
An Efficient TCP Buffer Tuning Algorithm based on Packet Loss Ratio(TBT-PLR)
Yoo Gi-Chul ; Kim Dong-kyun ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 121~128
DOI : 10.3745/KIPSTC.2005.12C.1.121
Tho existing TCP(Transmission Control Protocol) is known to be unsuitable for a network with the characteristics of high RDP(Bandwidth-Delay Product) because of the fixed small or large buffer size at the TCP sender and receiver. Thus, some trial cases of adjusting the buffer sizes automatically with respect to network condition have been proposed to improve the end-to-end TCP throughput. ATBT(Automatic TCP fluffer Tuning) attempts to assure the buffer size of TCP sender according to its current congestion window size but the ATBT assumes that the buffer size of TCP receiver is maximum value that operating system defines. In DRS(Dynamic Right Sizing), by estimating the TCP arrival data of two times the amount TCP data received previously, the TCP receiver simply reserves the buffer size for the next arrival, accordingly. However, we do not need to reserve exactly two times of buffer size because of the possibility of TCP segment loss. We propose an efficient TCP buffer tuning technique(called TBT-PLR: TCP buffer tuning algorithm based on packet loss ratio) since we adopt the ATBT mechanism and the TBT-PLR mechanism for the TCP sender and the TCP receiver, respectively. For the purpose of testing the actual TCP performance, we implemented our TBT-PLR by modifying the linux kernel version 2.4.18 and evaluated the TCP performance by comparing TBT-PLR with the TCP schemes of the fixed buffer size. As a result, more balanced usage among TCP connections was obtained.
DavSUDP: A Simple Protocol for Utilizing WebDAV User-defined Properties
Jung Hye-Young ; Ahn Geon-Tae ; Yu Yang-Woo ; Park Yang-Soo ; Lee Myung-Joon ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 129~136
DOI : 10.3745/KIPSTC.2005.12C.1.129
WebDAV extends the web communication protocol HTTP/1.1 to provide a distributed authoring and versioning across the Internet. A property management, the principal ability of WebDAV, has many advantages for managing and utilizing additional information of server resources as well as supports a role of storage. Most WebDAV Application systems currently available are using WebDAV for providing simple storage space, not for the functionality of property management. However, to develop an advanced application such as a collaborative system based on WebDAV, it is very important to design and utilize user-defined WebDAV properties. In this paper, we propose DavSUDP(WebDAV Simple User-defined Property Definition Protocol) that describes XML-based configurations representing WebDAV user-defined properties and their processing steps. DavSUDP enables WebDAV servers to effectively manage user-defined properties in developing WebDAV-based applications. To show this, we extended the Apache mod_dav module to support DavSVDP and developed the OpenSpace in the iPlace collaborative system using the extended Apache web server.
A spam mail blocking method using collection and frequency analysis
Baek Ki-Young ; Kim Seung-Hae ; Choi Jang-Won ; Ryou Jae-Cheol ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 137~146
DOI : 10.3745/KIPSTC.2005.12C.1.137
The email using internet is situated by means of basic communication method that ordinardy people use. Thereby damage scale of the spam mail becomes wider. The many blocking methods of the spam mail are proposed and archived. Hut they are insufficient to block various types of spam mail The blocking method of spam mail proposed by this paper is consisted of 3 steps (collection, frequency analysis and blocking). It can effectively block various types of spam mail using collected spam mail and various forms of spam mail that changes.
The Effect of C Language Output Method to the Performance of CGI Gateway in the UNIX Systems
Lee Hyung-Bong ; Jeong Yeon-Chul ; Kweon Ki-Hyeon ;
The KIPS Transactions:PartC, volume 12C, issue 1, 2005, Pages 147~156
DOI : 10.3745/KIPSTC.2005.12C.1.147
CGI is a standard interface rule between web server and gateway devised for the gateway's standard output to replace a static web document in UNIX environment. So, it is common to use standard I/O statements provided by the programming language for the CGI gateway. But the standard I/O mechanism is one of buffer strategies that are designed transparently to operating system and optimized for generic cases. This means that it nay be useful to apply another optimization to the standard I/O environment in CGI gateway. In this paper, we introduced standard output method and file output method as the two output optimization areas for CGI gateways written in C language in the UNIX/LINUX systems, and applied the proposed methods of each area to Debian LINUX, IBM AIX, SUN Solaris, Digital UNIX respectively. Then we analyzed the effect of them focused on execution time. The results were different from operating system to operating system. Compared to normal situation, the best case of standard output area showed about
improvement and the worst case showed
degradation in file output area where some performance improvements were expected.