Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
The KIPS Transactions:PartC
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 12C, Issue 7 - Dec 2005
Volume 12C, Issue 6 - Oct 2005
Volume 12C, Issue 5 - Oct 2005
Volume 12C, Issue 4 - Aug 2005
Volume 12C, Issue 3 - Jun 2005
Volume 12C, Issue 2 - Apr 2005
Volume 12C, Issue 1 - Feb 2005
Selecting the target year
A Secure and Efficient Method for Detecting Malicious Nodes in MANET
Lee KangSeok ; Choi JongOh ; Ji JongBok ; Song JooSeok ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 617~622
DOI : 10.3745/KIPSTC.2005.12C.5.617
Lately, the MANET research has focused on providing routing services with security and previous schemes have been proposed for detecting malicious nodes in a MANET. However, they still include some problems which malicious nodes cannot be found when they falsely report other nodes as malicious. Accordingly, we propose a novel and efficient scheme for detecting malicious nodes using report messages and a report table which is consisted of node ID both for suspecting and reporting when the malicious nodes behave normally during the route discovery, but the other hand they drop and modify packets, or falsely report other nodes as malicious during the data transmission. Our proposed scheme is applicable to not only DSR but aiso AODV. And we provide some simulation results of our proposed scheme by comparing general AODV with our proposed scheme. Simulation results show that our Proposed scheme outperforms general AODV in terms of average packet loss ratio and packet delivery ratio.
Secure Routing Mechanism using one-time digital signature in Ad-hoc Networks
Pyeon, Hye-Jin ; Doh, In-Shil ; Chae, Ki-Joon ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 623~632
DOI : 10.3745/KIPSTC.2005.12C.5.623
In ad-hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. The security of ad-hoc network is more vulnerable than traditional networks because of the basic characteristics of ad-hoc network, and current muting protocols for ad-hoc networks allow many different types of attacks by malicious nodes. Malicious nodes can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information and by impersonating other nodes. We propose a routing suity mechanism based on one-time digital signature. In our proposal, we use one-time digital signatures based on one-way hash functions in order to limit or prevent attacks of malicious nodes. For the purpose of generating and keeping a large number of public key sets, we derive multiple sets of the keys from hash chains by repeated hashing of the public key elements in the first set. After that, each node publishes its own public keys, broadcasts routing message including one-time digital signature during route discovery and route setup. This mechanism provides authentication and message integrity and prevents attacks from malicious nodes. Simulation results indicate that our mechanism increases the routing overhead in a highly mobile environment, but provides great security in the route discovery process and increases the network efficiency.
A Quantitative Assessment Modeling Technique for Survivality Improvement of Ubiquitous Computing System
Choi, Chang-Yeol ; Kim, Sung-Soo ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 633~642
DOI : 10.3745/KIPSTC.2005.12C.5.633
Ubiquitous computing system is about networked processors, which is constructed with one or more computers interconnected by the networks. However, traditional security solution lacks a Proactive maintenance technique because of its focusing on developing the qualitative detection and countermeasure after attack. Thus, in this paper, we propose a quantitative assessment modeling technique, by which the general infrastructure can be improved and the attacks on a specific infrastructure be detected and protected. First of all, we develop the definition of survivality and modeling technique for quantitative assessment modeling with the static information on the system random information, and attack-type modeling. in addition, the survivality analysis on TCP-SYN attack and code-Red worm attack is performed for validating the proposed technique.
Design and Implementation of ACM-based Web Security Access Control System for Intranet Security
Cho Nam-Deok ; Park Hyun-Gun ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 643~648
DOI : 10.3745/KIPSTC.2005.12C.5.643
Intranet system for use within an organization, usually a corporation, is to basically pass through user authentication, but information can be leaked, modified, and deleted by malevolent users who disguise an authorized user or due to user's mistakes in using various functions of web browser. Thus, there is a need for measures to protect the information from illegal use, transformation through partial modification, and illegal leakage such as fraudulent use. This paper presents a flexible Web Security Access Control system based ACM which Provide efficient suity Policy to Protect information in intranet. This Web Security Access Control system not only enhances security by Performing encryption/decryption of information in intranet but also, for sharing confidential information among departments, performs effective and useful access control by assigning different authority to the secured web page. And, by controlling the functions of client PC in various ways, information leakage on malicious purpose or by mistake can be prevented.
Traffic Attributes Correlation Mechanism based on Self-Organizing Maps for Real-Time Intrusion Detection
Hwang, Kyoung-Ae ; Oh, Ha-Young ; Lim, Ji-Young ; Chae, Ki-Joon ; Nah, Jung-Chan ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 649~658
DOI : 10.3745/KIPSTC.2005.12C.5.649
Since the Network based attack Is extensive in the real state of damage, It is very important to detect intrusion quickly at the beginning. But the intrusion detection using supervised learning needs either the preprocessing enormous data or the manager's analysis. Also it has two difficulties to detect abnormal traffic that the manager's analysis might be incorrect and would miss the real time detection. In this paper, we propose a traffic attributes correlation analysis mechanism based on self-organizing maps(SOM) for the real-time intrusion detection. The proposed mechanism has three steps. First, with unsupervised learning build a map cluster composed of similar traffic. Second, label each map cluster to divide the map into normal traffic and abnormal traffic. In this step there is a rule which is created through the correlation analysis with SOM. At last, the mechanism would the process real-time detecting and updating gradually. During a lot of experiments the proposed mechanism has good performance in real-time intrusion to combine of unsupervised learning and supervised learning than that of supervised learning.
A Comparative Study on the Information Security Strategy of Korean I-Government with Defense-in-Depth Strategy of DoD
Song Woon-ho ; Jeong Wook-jae ; Kim Joon-bum ; Kang Han-seung ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 659~664
DOI : 10.3745/KIPSTC.2005.12C.5.659
Advanced countries overhaul government workflows using IT, which not only enhances efficiency and productivity, but paves the way to a 'e-Government' offering prompt, quality service for citizens. This research analyzes the DiD(Defense-in-Depth Strategy) and compares the information protection strategy of Korean e-Government with DiD for reliable and safe e-Government's build.
Pilot-Aided Channel Estimation for OFDM System Using Wavelet Transform and Interpolation
Kong Hyung-Yun ; Khuong Ho Van ; Nam Doo-Hee ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 665~672
DOI : 10.3745/KIPSTC.2005.12C.5.665
We present a novel pilot-aided channel estimation method for OFDM (Orthogonal Frequency Division Muitiplexing) system using WT(Wavelet transform) and interpolation. Due to excellent AWGN (Additive White Gaussian Noise) cancellation capability of n, pilot channels are estimated quite exactly and then, Dey are used in 2-degree polynomial interpolating the other remaining data symbol channels. The simulation results for Short WATM (Wireless Asynchronous Transfer Mode) channel show that the degradation in BER (Bit Error Ratio) performance of OFDM system iか this estimator is negligible compared to the case of perfect knowledge of CSI (Channel State Information).
Closed-form BER expressions for performance of Alamouti STC
Kong Hyung-Yun ; Khuong Ho Van ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 673~678
DOI : 10.3745/KIPSTC.2005.12C.5.673
Alamouti STC (Space-Time Code) is a part of the UMTS-WCDMA standard. However, up to the best of our knowledge no closed-form BER formula for this famous code exists. Evaluating its performance through simulations is time-consuming and therefore, there should be analytical BER graphs to serve as a reference which are derived in this paper for coherently BPSK-modulated data.
Service Class Priority Controlled DBA Scheduling Method and Performance Evaluation in Ethernet PONs
Nam Yoon-Seok ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 679~686
DOI : 10.3745/KIPSTC.2005.12C.5.679
Because EPON access network shares a medium and aggregates the traffic from EPON subscribers, scheduling media access control on EPON bandwidth allocation is very important. Furthermore DBA mechanism of EPON based on TDMA is out of specification and up to implementation. This paper deals with a DBA method to guarantee the QoS of the delay sensitive traffic on the base of best-effort service and delay priority queue management. The proposed method performs virtual scheduling algorithm for the integrated traffic. It uses the same MAC messages and tries to guarantee the QoS of higher priority traffic first with a simple DBA architecture. We evaluate the algorithm for traffic delay according to polling interval and traffic load of upstream and downstream. The results show that the proposed method can guarantee the QoS of the delay sensitive traffic with priority of the service classes.
Performance Analysis of a WCSFQ (Weighted Core-Stateless Fair Queueing)-like Space Priority Policy for ATM nodes
Kang, Koo-Hong ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 687~694
DOI : 10.3745/KIPSTC.2005.12C.5.687
In ATM and W networks, high Priority Packets should be selectively favored over low Priority Packets in case of congestion. For this purpose, we introduce a space priority policy for ATM nodes in this paper which is very similar to the weighted core-stateless fair queueing(WCSFQ) in IP nodes. We also analyze the loss probabilities for different classes of cells for MMPP/D/1/K with a threshold level, and discuss the numerical results. The numerical results illustrate that the WCSFQ scheme can be used to support the differentiated services in ATM or IP nodes.
Fair Bandwidth Allocation in Core-Stateless Networks
Kim Mun-Kyung ; Park Seung-Seob ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 695~700
DOI : 10.3745/KIPSTC.2005.12C.5.695
To provide the fair rate and achieve the fair bandwidth allocation, many per-flow scheduling algorithms have been proposed such as fair queueing algorithm for congestion control. But these algorithms need to maintain the state, manage buffer and schedule packets on a per-flow basis; the complexity of these functions may prevent them from being cost-effectively implemented. In this paper, therefore, to acquire cost-effectively for implementation, we propose a CS-FNE(Core Stateless FNE) algorithm that is based on FM(Flow Number Estimation), and evaluated CS-FNE scheme together with CSFQ(Core Stateless Fair Queueing), FRED(Fair Random Early Detection), RED(Random Early Detection), and DRR(Dynamic Round Robin) in several different configurations and traffic sources. Through the simulation results, we showed that CS-FNE algorithm can allocate fair bandwidth approximately than other algorithms, and CS-FNE is simpler than many per-flow basis queueing mechanisms and it can be easily implemented.
A New Channel Reservation Scheme for Soft Handoff Algorithms in Wireless Networks
Kwon Se-Dong ; Park Hyun-Min ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 701~708
DOI : 10.3745/KIPSTC.2005.12C.5.701
The mobility prediction algorithm and the channel reservation scheme have been reported as an effective means to provide QoS guarantees and the efficient resource reservation in wireless networks. Among these prediction algorithms, the recently proposed Detailed-ZMHB algorithm makes use of the history of the user's positions within the current cell to predict the next cell, which provides the better prediction accuracy than the others. The handoff prioritizing schemes are proposed to provide improved performance at the expense of an increase in the blocking probability of new calls. In the soft handoff of the CDMA systems, a mobile can communicate via two adjacent cells simultaneously for a while before the actual handoff takes place. In this paper, we propose a new channel reservation scheme making use of the user mobility pattern information in order to reduce the call dropping probability. Our results show that the proposed scheme gives about 67.5-71.1
lower call dropping probability, compared to the existing scheme.
A Study on a Bandwidth Guarantee Method of Subscriber-based DiffServ in Access Networks
Park, Hea-Sook ; Kim, Hae-Sook ; Youn, Cheong ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 709~716
DOI : 10.3745/KIPSTC.2005.12C.5.709
QoS is an important requirement of the FTTH (Fiber To The Home) subscriber in access network using E-PON (Ethernet Passive Optical Network). In this research, we describe the structure of the access network and propose a bandwidth guarantee scheme for subscriber and service according to the requirements of the subscriber, service and system. This scheme uses two kinds of the classification table, which are called 'service classification table' and 'subscriber classification table.' Using the classification table, we can identify the flow of the subscriber and service. Also, we compute the number of hash table entry to minimize the loss ratio of flows using the M/G/k/k queueing model. Finally, we apply the DRR scheduling through virtual queueing per subscriber instead of the aggregated class.
A Design of DiffServ Supporting Scheduler for uplink traffics in TDD/CDMA Networks
Zang, Seog-Ku ; Kim, Young-Han ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 717~724
DOI : 10.3745/KIPSTC.2005.12C.5.717
In this paper, we Propose an efficient scheduler well suited for the next-generation wireless networks that can support multimedia traffic having various requirements. The scheduler is designed to provide each of multimedia classes with differentiated services. In particular, the scheduler is intended to maximize throughput and minimize packet loss ratio. To apply the scheduler, we suppose that the wireless network is based on TDD/CDMA system The scheduler assigns a packet in a dedicated uplink-slot to the user within a frame to operate scheduling of packets transmitted by the users belonging to the specific class in an efficient manner. Such a manner also enables the scheduler to meet different QoS requirements. The paper also includes performance comparison with other schemes and analysis of the proposed scheduling algorithm by using simulation. We also analyze the proposed scheme by using simulation. The simulation compares the proposed scheduling algerian with previously proposed schemes in terms of the performance.
A class-based rate limiting method applicable to the network processor
Noh, Jin-Taek ; Lee, Jin-Sun ; Choi, Kyung-Hee ; Jung, Gi-Hyun ; Yim, Kang-Bin ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 725~732
DOI : 10.3745/KIPSTC.2005.12C.5.725
This paper proposes an implementation methodology of the rate limiting method and the class-based bandwidth management for the gigabit-powered network processor, which are used on general purpose or ASIC systems in order to efficiently manage network bandwidth. Implementation and experiments are done on Intel's IXP1200 network processor. The result shows the accuracy of limited bandwidth and settling time of the estimator against the dynamic traffic rate. Through the results, this paper proves the proposed method and implementation properly work as expected.
Performance Analysis of Error and Congestion Control Algorithm in Transport Layer Mobility Support Approach
Jang, Moon-Jeong ; Lee, Mee-Jeong ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 733~740
DOI : 10.3745/KIPSTC.2005.12C.5.733
In this paper, we propose an approach to transport layer mobility support leveraging the SCTP extension dubbed dynamic address reconfiguration in IPv6 networks. Timing issues related to the end-to-end address management, and a novel error recovery mechanism associated with a handover are discussed. The proposed error recovery mechanism is analyzed and compared to that of the plain SCTP to show that it reduces the handover latency and error recovery time.
Design and Implementation of a Session Handler Module for SyncML Data Synchronization Clients
Ha Byoung-Hoon ; Park KeeHyun ; Ju HongTaek ; Woo Jongjung ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 741~748
DOI : 10.3745/KIPSTC.2005.12C.5.741
SyncML is an open standard data synchronization protocol proposed by OMA(Open Mobile Alliance). In this paper, a Session Handler module, one of major modules for developing SyncML data synchronization clients, and a client User Setup program are designed and implemented. The Session Handier Module controls communication sessions, generates header parts of messages exchanged, and determines the legitimacy of incoming messages. In order to justify normal operations of the Session Handler module and the client User Setup program implemented In this paper, they are ported to a Zaurus PDA, which runs on LINUX operating system. In addition, data synchronization operations are performed between the PDA and a Synthesis sever, whose SyncML data synchronization operation is certificated by OMA, Wireless Internet International Standard Forum.
Design and Implementation of Development Environment for WIPI Applications
You Yong-Duck ; Park Choong-Bum ; Choi Hoon ; Kim Woo-Sik ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 749~756
DOI : 10.3745/KIPSTC.2005.12C.5.749
We developed the CNU nt emulator which is an development environment for WIPI applications, wireless Internet applications for cellular phones with the WIPI software platform. The CNU WIPI emulator provides stable memory management and ability of installing, executing, deleting or managing WIPI applications. WIPI WAM provides quick execution of applications and convenient debugging function. In this paper, we describe the design, implementation issues of the CNU WIPI emulator and show its correctness of executing and performance improvement over
by comparing it with other WIPI emulators.
Authentication Processing Optimization Model for the EAP-MD5 AAAv6 Operation
Jeong, Yoon-Su ; Woo, Sung-Hee ; Lee, Sang-Ho ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 757~764
DOI : 10.3745/KIPSTC.2005.12C.5.757
With the increasing service Qualify and security in the Mobile Internet Diameter technology based on the AAAv6 is being used in the user authentication. But there are some Problems on the authentication Procedures of the Diameter in which the security falls down from a loaming service or Internet transmission course. We combine it with the cipher algorithm like EAP-MD5 and accomplish a user authentication processing. If we want to supply the user authentication with the mobility among domains by AAAv6-based Diameter, we need the efficient capacity allocation among AAA attendent, AAAv, AhAb, AAAh, HA servers in the AAAv6. Therefore in this paper, we propose to make the authentication capacity index to carry out user authentication ability by analyzing an EAP-MD5S server capacity model of AAAv6 authentication models for users with mobility among domains, and to find the optimized condition for the AAAv6 capacity by the index.
E-mail Sending-Server Authorization Method using a Distance Estimation Algorithm between IP Addresses for Filtering Spam
Yim Hosung ; Shim Jaehong ; Choi Kyunghee ; Jung Gihyun ;
The KIPS Transactions:PartC, volume 12C, issue 5, 2005, Pages 765~772
DOI : 10.3745/KIPSTC.2005.12C.5.765
In this paper, we propose E-mail sending-server authorization method using a distance estimation algorithm between W addresses to check whether the E-mail sending server is registered in the domain of mail sending server or belongs to the domain for filtering spam mail. This method utilizes the distance between the IP address of sending server and IP addresses registered in the DNS to figure out that the E-mail sending server exists in the domain to filter spam mail. The experimental result of applying the proposed algorithm to sample E-mails gathered in a large size laboratory says that 88 percents of legitimate E-mails and only 10 percents of spam mails are sent by servers in the same domains of senders. The algorithm may be effectively used to block spam mails sent by servers outside of the domains of mail senders. It may be also hired as a temporary E-mail protecting system until the standard E-mail authorization protocol is fully deployed.