Go to the main menu
Skip to content
Go to bottom
REFERENCE LINKING PLATFORM OF KOREA S&T JOURNALS
> Journal Vol & Issue
The KIPS Transactions:PartC
Journal Basic Information
Journal DOI :
Korea Information Processing Society
Editor in Chief :
Volume & Issues
Volume 14C, Issue 7 - Dec 2007
Volume 14C, Issue 6 - Oct 2007
Volume 14C, Issue 5 - Aug 2007
Volume 14C, Issue 4 - Aug 2007
Volume 14C, Issue 3 - Jun 2007
Volume 14C, Issue 2 - Apr 2007
Volume 14C, Issue 1 - Feb 2007
Selecting the target year
The Hybrid Model using SVM and Decision Tree for Intrusion Detection
Um, Nam-Kyoung ; Woo, Sung-Hee ; Lee, Sang-Ho ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 1~6
DOI : 10.3745/KIPSTC.2007.14-C.1.001
In order to operate a secure network, it is very important for the network to raise positive detection as well as lower negative detection for reducing the damage from network intrusion. By using SVM on the intrusion detection field, we expect to improve real-time detection of intrusion data. However, due to classification based on calculating values after having expressed input data in vector space by SVM, continuous data type can not be used as any input data. Therefore, we present the hybrid model between SVM and decision tree method to make up for the weak point. Accordingly, we see that intrusion detection rate, F-P error rate, F-N error rate are improved as 5.6%, 0.16%, 0.82%, respectively.
Key Management for Wireless Interworking
Cho, Tae-Nam ; Han, Jin-Hee ; Jun, Sung-Ik ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 7~16
DOI : 10.3745/KIPSTC.2007.14-C.1.007
3G telecommunication and wireless LAN provide various wireless communication services with their own native advantages and disadvantages. Currently WiBro service was developed to make up for the disadvantages of those services, and 3G-WLAN-WiBro underworking system which enables a user who uses triple-mode terminals to use those three networks was proposed. Even though each network adopts mutual authentication process between users and networks to provide security and accounting, they use different authentication protocols. In this paper, integrated authentication and key management protocol is proposed which makes use of previously used authentication information and supports safe roaming when a user moves from one network to another one under a same service provider on the 3G-WLAN-WiBro interworking network.
Lightweight IP Traceback Mechanism
Heo, Joon ; Hong, Choong-Seon ; Lee, Ho-Jae ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 17~26
DOI : 10.3745/KIPSTC.2007.14-C.1.017
A serious problem to fight attacks through network is that attackers use incorrect or spoofed IP addresses in attack packets. Due to the stateless nature of the internet structure, it is a difficult problem to determine the source of these spoofed IP packets. While many IP traceback techniques have been proposed, they all have shortcomings that limit their usability in practice. In this paper we propose new IP marking techniques to solve the IP traceback problem. We have measured the performance of this mechanism and at the same time meeting the efficient marking for traceback and low system overhead.
Integrated Security Management with MCGA in IPv6 Network
Oh, Ha-Young ; Chae, Ki-Joon ; Bang, Hyo-Chan ; Na, Jung-Chan ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 27~38
DOI : 10.3745/KIPSTC.2007.14-C.1.027
IPv6 has appeared for solving the address exhaustion of IPv4 and for guaranteeing the problems of security and QoS. It occurs the unexpected new attacks of IPv6 as well as the existing attacks of IPv4 because of the increasing address space to 128bits and the address hierarchies for efficient network management and additions of the new messages between nodes and routers like neighbor discovery and auto address configuration for the various comfortable services. For the successful transition from IPv4 to IPv6, we should get the secure compatibility between IPv4 hosts or routers working based on secure and systematic policy and IPv6. Network manager should design security technologies for efficient management in IPv4/IPv6 co-existence network and IPv6 network and security management framework designation. In this paper, we inspected the characteristics of IPv4 and IPv6, study on security requirement for efficient security management of various attacks, protocol, service in IPv4/IPv6 co-existence and IPv6 network, and finally suggest integrated solution about security vulnerability of IPv6 network in considering of analysis of IPv6 system, host and application, IPv6 characteristics, modified CGA(MCGA).
Reversible Watermarking Based On Advanced Histogram Shifting
Hwang, Jin-Ha ; Kim, Jong-Weon ; Choi, Jong-Uk ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 39~44
DOI : 10.3745/KIPSTC.2007.14-C.1.039
In this paper, we propose a reversible watermarking method to recover an original image after the watermark has been extracted. Most watermarking algorithms cause degradation of image quality in original digital content in the process of embedding watermark. In the proposed algorithm, the original image can be obtained when the degradation is removed from the watermarked image after extracting watermark information. In the proposed method, we utilize histogram shifting concept and Location Map structure. We could solve the Filp-Flop problem by using Location Map structure and enlarge the information embedding capacity by embedding recursively. Experimental results demonstrate that the embedding information as large as 120k bits can be realized while the invisibility as high as 41dB can be maintained.
DDoS Attack Tolerant Network using Hierarchical Overlay
Kim, Mi-Hui ; Chae, Ki-Joon ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 45~54
DOI : 10.3745/KIPSTC.2007.14-C.1.045
As one of the most threatening attacks, DDoS attack makes distributed multiple agents consume some critical resources at the target within the short time, thus the extent and scope of damage is serious. Against the problems, the existing defenses focus on detection, traceback (identification), and filtering. Especially, in the hierarchical networks, the traffic congestion of a specific node could incur the normal traffic congestion of overall lower nodes, and also block the control traffic for notifying the attack detection and identifying the attack agents. In this paper, we introduce a DDoS attack tolerant network structure using a hierarchical overlay for hierarchical networks, which can convey the control traffic for defense such as the notification for attack detection and identification, and detour the normal traffic before getting rid of attack agents. Lastly, we analyze the overhead of overlay construction, the possibility of speedy detection notification, and the extent of normal traffic transmission in the attack case through simulation.
Evaluation of Security Protocols for the Session Initiation Protocol
Cha, Eun-Chul ; Choi, Hyoung-Kee ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 55~64
DOI : 10.3745/KIPSTC.2007.14-C.1.055
Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.
Role-Based Delegation Model Using Available Time
Kim, Kyoung-Ja ; Chang, Tae-Mu ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 65~72
DOI : 10.3745/KIPSTC.2007.14-C.1.065
The existing RBAC models are not sufficient for managing delegations or separation of roles. Researches have been done on RBDM(Role Based Delegation Model) that deal with delegating role or permission to other users. In this paper, we divide the delegated roles into two groups: periodic and temporary delegation roles. When a role is delegated, a time period is assigned together, which is used to revoke the permission of delegated role automatically. In our model, the role of monotonic delegation by an original user can be revoked at any time in case of malicious use by the delegated user. The contribution of our model is that the malicious use of delegated role can be prohibited and security vulnerability in the role hierarchy due to role delegations can be alleviated. The proposed model, T RBDM(Time out Based RBDM) is analyzed and compared with the conventional models, such as RBDM0, RBDM1 and PBDM. Our model shows an advantage over other models in terms of security robustness.
The establishment of Proactive Routing Selection and Maintenance Algorithms for Mobile Ad Hoc Networks
Cho, Young-Joo ; Lee, Yeo-Jin ; Chung, Il-Yong ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 73~80
DOI : 10.3745/KIPSTC.2007.14-C.1.073
In conventional on-demand mobile ad hoc routing algorithms, an alternate path is sought only after an active path is broken. It incurs a significant cost in terms of money and time in detecting the disconnection and establishing a new route. In this thesis, we propose proactive route selection and maintenance to conventional mobile ad hoc on-demand routing algorithms. The key idea for this research is to only consider a path break to be likely when the signal power of a received packet drops below an optimal threshold value and to generate a forewarning packet. In other words, if a path is lost with high probability, the neighboring node that may easily be cut off notifies the source node by sending a forewarning packet. Then the source node can initiate route discovery early and switched to a reliable path potentially avoiding the disconnection altogether. For the simulational study, network simulator(NS2) is used. The result of simulation shows that the algorithm significantly improves the performance of networks comparing to conventional on-demand routing protocols based on DSR and AODV in terms of packet delivery ratio, packet latency and routing overhead.
Adaptive Overlay Network Management Algorithms for QoS sensitive Multimedia Services
Kim, Sung-Wook ; Kim, Sung-Chun ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 81~86
DOI : 10.3745/KIPSTC.2007.14-C.1.081
New multimedia services over the cellular/WLAN overlay networks require different Quality of Service (QoS). Therefore, efficient network management system is necessary in order to provide QoS sensitive multimedia services while enhancing network performance. In this paper, we propose a new online network management scheme that implements bandwidth reservation, congestion and transmission control strategies. Our online approach to network management exhibits dynamic adaptability, flexibility, and responsiveness to the current traffic conditions in multimedia overlay networks. Simulation results indicate the superior performance of our proposed scheme to strike the appropriate performance balance between contradictory QoS requirements under widely varying diverse traffic loads.
A Node-disjoint Multipath Discovery Method by Local Route Discovery based on AODV
Jin, Dong-Xue ; Kim, Young-Rag ; Kim, Chong-Gun ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 87~94
DOI : 10.3745/KIPSTC.2007.14-C.1.087
In mobile ad hoc networks the most popular on demand routing protocols are the Dynamic Source Routing (DSR) protocol and the Ad hoc On demand Distance Vector (AODV) routing protocol. These and other representative standard routing protocols are designed to find and maintain only a single path. Whenever there is a link break on the active route, source node has to invoke a route discovery process from the beginning and it causes a lot of overhead. Multipath routing protocols, which can alleviate these problems by establishing multiple alternative paths between a source and a destination, are widely studied. In this paper we propose a node disjoint multipath discovery technique based on AODV local route discovery. This technique can find and build completely separated node disjoint multi paths from a source to a destination as many as possible. It will make routing more robust and stable.
Cost Effective Remote Subscription scheme for Ubiquitous Convergence IP-based Network
Shin, Soo-Young ; Yoon, Young-Muk ; Park, Soo-Hyun ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 95~104
DOI : 10.3745/KIPSTC.2007.14-C.1.095
Mobile multimedia services such as TV-call or video streaming are gradually becoming popular in the 3rd or more generation mobile network (IMT-2000). Multimedia traffic is expected to continue increasing into the coming years, and IP technology is considered to be the efficient way of transporting such huge volumes of multimedia traffic. IP-based IMT network platform represents an evolution from IMT-2000. The structure of IP-based IMT network as ubiquitous platform is three-layered model : Middleware including Network Control PlatForm (NCPF) and Service Support PlatForm (SSPF), IP-BackBone (IP-BB), access network including sensor network. Mobility Management (MM) architecture in NCPF is proposed for IP-based IMT network in order to manage routing information and location information separately. The generous existing method of multicast control in IP-based IMT network is Remote Subscription. But Remote Subscription has problem that should be reconstructed whole multicast tree when sender in multicast tree moves to another area. To solve this problem, we propose the way to put Multicast-manager in NCPF.
Route Tracking of Moving Magnetic Sensor Objects and Data Processing Module in a Wireless Sensor Network
Kim, Hong-Kyu ; Moon, Seung-Jin ;
The KIPS Transactions:PartC, volume 14C, issue 1, 2007, Pages 105~114
DOI : 10.3745/KIPSTC.2007.14-C.1.105
In sensor network processing environments, current location tracking methods have problems in accuracy on receiving the transmitted data and pinpointing the exact locations depending on the applied methods, and also have limitations on decision making and monitoring the situations because of the lack of considering context-awareness. In order to overcome such limitations, we proposed a method which utilized context-awareness in a data processing module which tracks a location of the magnetic object(Magnetic Line Tracer) and controlled introspection data based on magnetic sensor. Also, in order to prove its effectiveness we have built a wireless sensor network test-bed and conducted various location tracking experiments of line tracer using the data and resulted in processing of context-aware data. Using the new data, we have analyzed the effectiveness of the proposed method for locating the information database entries and for controlling the route of line tracer depending on context-awareness.