-
公开(公告)号:KR1020140074635A
公开(公告)日:2014-06-18
申请号:KR1020120142815
申请日:2012-12-10
Applicant: 한국전자통신연구원
IPC: H04L12/803 , H04L9/08
CPC classification number: H04L63/1458
Abstract: The present invention provides a network device and an operation method for the same. The network device easily defends an attack of a distributed denial of a service (DDoS) by using a pseudo state of a service procedure. In accordance with an embodiment of the present invention, the network device includes a security authentication module authorizing a security on the attack of the DDoS when a predetermined packet which is inputted requests connection to a predetermined server to which the security authentication is applied and a communication module transmitting the predetermined packet in which the security is authorized to a transmission path of the predetermined server.
Abstract translation: 本发明提供一种网络设备及其操作方法。 网络设备通过使用服务过程的伪状态容易地防御分布式拒绝服务(DDoS)的攻击。 根据本发明的实施例,网络设备包括安全认证模块,当输入的预定分组请求与应用安全认证的预定服务器连接时,授权对DDoS攻击的安全性,以及通信 模块将安全性被授权的预定分组发送到预定服务器的传输路径。
-
公开(公告)号:KR1020140066926A
公开(公告)日:2014-06-03
申请号:KR1020120133971
申请日:2012-11-23
Applicant: 한국전자통신연구원
CPC classification number: H04N7/152 , H04L65/4038 , H04L65/80 , H04L12/18 , H04N7/15
Abstract: A system to provide a video conference service is provided. The system includes: a multipoint processor configured to process media occurring during a video conference so as to allow the processed media to be transmitted and received between the user terminals; and one or more multipoint controllers configured to control a session of a user terminal participating in a multi-participant video conference, wherein the multipoint processor and the multipoint controllers are separate from each other.
Abstract translation: 提供了一种提供视频会议服务的系统。 该系统包括:多点处理器,被配置为处理在视频会议期间发生的媒体,以便允许在用户终端之间发送和接收经处理的媒体; 以及配置成控制参与多参与者视频会议的用户终端的会话的一个或多个多点控制器,其中所述多点处理器和所述多点控制器彼此分离。
-
公开(公告)号:KR1020140006221A
公开(公告)日:2014-01-16
申请号:KR1020120069450
申请日:2012-06-27
Applicant: 한국전자통신연구원
CPC classification number: H04N7/152 , H04L12/1818 , H04L12/1827
Abstract: In order for a video conferencing system to select a conference processing device to host a video conference among the conference participation devices, conference processing devices which are individually the closest to conference participation devices participating in the video conference are selected as a candidate conference processing device. A network topology is formed based on the candidate conference processing devices and the conference participation devices, and the candidate conference processing devices are arranged based on predetermined arrangement standard information. One conference processing device is selected among the arranged candidate conference processing devices as the optimal conference processing device for hosting the video conference. [Reference numerals] (S100) Receiving a request to hold a conference; (S110) Selecting a candidate MP for each device participating in the conference; (S120) Forming a network topology based on the candidate MP and the conference participation devices; (S130) Arranging nodes based on arrangement standard information; (S140) Selecting final MP among arranged nodes; (S150) Notifying about the MP selected by each conference participation device
Abstract translation: 为了使视频会议系统在会议参与设备中选择会议处理设备来主办视频会议,选择最接近参加视频会议的会议参与设备的会议处理设备作为候选会议处理设备。 基于候选会议处理装置和会议参与装置形成网络拓扑,并且基于预定排列标准信息来排列候选会议处理装置。 在安排的候选会议处理装置中选择一个会议处理装置作为用于托管视频会议的最佳会议处理装置。 (附图标记)(S100)接收保持会议的请求; (S110)为参与会议的每个设备选择候选MP; (S120)基于候选MP和会议参与设备形成网络拓扑; (S130)根据安排标准信息排列节点; (S140)选择布置节点中的最终MP; (S150)通知每个会议参与装置选择的MP
-
公开(公告)号:KR101344473B1
公开(公告)日:2014-01-16
申请号:KR1020100040152
申请日:2010-04-29
Applicant: 한국전자통신연구원
IPC: H04L12/28
Abstract: 본 발명은 지오캐스트 시스템 및 패킷 라우팅 방법에 관한 것으로, 지오캐스트 시스템은 제1 라우터 및 제2 라우터를 포함한다.
여기서, 제1 라우터는 하나 이상일 수 있고, 목적지 아이피 주소 및 목적지 위치 정보가 포함된 패킷을 수신하면, 미리 정의된 라우팅 경로 중에서 패킷의 목적지 아이피 주소에 대응하는 라우팅 경로를 검색하여 패킷을 유니캐스트 전송한다. 또한, 제2 라우터는 하나 이상의 제1 라우터로부터 유니캐스트 전송된 패킷을 수신하며, 수신한 패킷에 포함된 목적지 위치 정보를 가진 모든 수신 단말기에게 패킷을 멀티캐스트 전송한다.-
公开(公告)号:KR1020130085854A
公开(公告)日:2013-07-30
申请号:KR1020120006971
申请日:2012-01-20
Applicant: 한국전자통신연구원
CPC classification number: H04W12/06 , H04L63/0272 , H04W12/02 , H04W76/12 , H04W8/02 , H04W8/26 , H04W88/18
Abstract: PURPOSE: A portable mobile virtual private network (VPN) service support device and a method thereof are provided to support a VPN service for a mobile terminal in a tunnel based mobility support environment. CONSTITUTION: A routing table control unit (106) maps a generated security channel and a VPN address. An authentication unit (108) authenticates a mobile terminal to support the access to a VPN if there is the mobile terminal to access the VPN after the routing table control unit maps the generated security channel and the VPN address. A portable mobile VPN service is provided to the mobile terminal in a tunnel based mobility support environment. A VPN service control unit (102) manages the portable mobile VPN service. [Reference numerals] (100) Network interface; (102) VPN service control unit; (104) Security tunnel control unit; (106) Routing table control unit; (108) Authentication unit; (110) Power management unit
Abstract translation: 目的:提供便携式移动虚拟专用网(VPN)服务支持设备及其方法,以支持基于隧道的移动性支持环境中的移动终端的VPN服务。 构成:路由表控制单元(106)映射生成的安全信道和VPN地址。 如果在路由表控制单元映射生成的安全信道和VPN地址之后存在移动终端访问VPN,认证单元(108)认证移动终端来支持对VPN的接入。 在基于隧道的移动性支持环境中,向移动终端提供便携式移动VPN服务。 VPN服务控制单元(102)管理便携式移动VPN服务。 (附图标记)(100)网络接口; (102)VPN业务控制单元; (104)安全隧道控制单元; (106)路由表控制单元; (108)认证单元; (110)电源管理单元
-
Patent Agency Ranking
公开(公告)号:KR1020130056648A
公开(公告)日:2013-05-30
申请号:KR1020110122367
申请日:2011-11-22
Applicant: 한국전자통신연구원
CPC classification number: G06F21/00 , H04L12/4633 , H04L12/4641 , H04L61/2514 , H04L61/2539 , H04L61/2592 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/0263 , H04L63/0272 , H04L63/104
Abstract: PURPOSE: A VPN(Virtual Private Network) management system and a method thereof are provided to hide a specific network from an external network. CONSTITUTION: A manager transmits information for hiding a network and for managing a VPN. A boundary gateway(103) decodes user data. The boundary gateway executes a filtering procedure and an NAT(Network Address Translation) procedure for the decoded user data based on the information. A server(105) receives user data in which the NAT procedure and the filtering procedure are executed. [Reference numerals] (150) Server 1; (AA) Server 2; (BB) Server 3; (CC) Private network; (DD) Public network
Abstract translation: 目的:提供VPN(虚拟专用网络)管理系统及其方法,以从外部网络隐藏特定网络。 规定:管理员传输隐藏网络和管理VPN的信息。 边界网关(103)解码用户数据。 边界网关根据该信息对解码的用户数据执行滤波过程和NAT(网络地址转换)过程。 服务器(105)接收执行NAT过程和过滤过程的用户数据。 (附图标记)(150)服务器1; (AA)服务器2; (BB)服务器3; (CC)专网; (DD)公共网络
-
公开(公告)号:KR1020110066840A
公开(公告)日:2011-06-17
申请号:KR1020100093953
申请日:2010-09-28
Applicant: 한국전자통신연구원
Abstract: PURPOSE: A method and apparatus for flow mobility are provided to support flow mobility without exchanging an additional signaling by interlinking flow information with a binding cache entry. CONSTITUTION: A storage unit(110) stores a flow table, a binding cache entry, and a forwarding table. The flow information of a packet and a flow identifier are mapped and stored on the flow table. The flow identifier and a binding information of the access gateway is mapped and stored on the binding cache entry. The binding information and the output information are mapped and stored on the forwarding table. If the packet is received, a processor(150) transmits the received packet with reference to the flow table, the binding cache entry, and the forwarding table.
Abstract translation: 目的:提供用于流动移动性的方法和装置,以支持流动移动性,而不需要通过将流信息与绑定缓存条目相互链接来交换附加信令。 构成:存储单元(110)存储流表,绑定缓存条目和转发表。 分组的流信息和流标识符被映射并存储在流表上。 访问网关的流标识符和绑定信息被映射并存储在绑定高速缓存条目上。 绑定信息和输出信息被映射并存储在转发表上。 如果接收到分组,则处理器(150)参考流表,绑定缓存条目和转发表发送所接收的分组。
-
公开(公告)号:KR1020110010050A
公开(公告)日:2011-01-31
申请号:KR1020100043223
申请日:2010-05-07
Applicant: 한국전자통신연구원
IPC: H04L12/22 , H04L12/911 , H04L9/32
CPC classification number: H04L63/10 , H04L63/08 , H04L63/1441
Abstract: PURPOSE: A dynamic access control system per flow and a method thereof are provided to perform control about an original cyber attach through dynamic access control per flow and traffic usage shape analysis. CONSTITUTION: An access control server generates access permit state information of flow from a specific packet about the flow received from a user. An access control server examine whether an access through a flow is a normal access or not. The access control server is operated in access control mode to be blocked as a rule. The access control server displays the access permit state information to permit access about inner communication network.
Abstract translation: 目的:提供每个流的动态访问控制系统及其方法,以通过每个流动的动态访问控制和流量使用形状分析来执行关于原始网络连接的控制。 规定:访问控制服务器从关于从用户接收的流的特定分组生成流的访问许可状态信息。 访问控制服务器检查通过流的访问是否是正常访问。 访问控制服务器在访问控制模式下操作以被阻止作为规则。 访问控制服务器显示访问许可状态信息,以允许对内部通信网络的访问。
-
公开(公告)号:KR1020100073024A
公开(公告)日:2010-07-01
申请号:KR1020080131602
申请日:2008-12-22
Applicant: 한국전자통신연구원
IPC: H04L12/26
CPC classification number: H04L63/308 , H04L12/4633 , H04L63/06
Abstract: PURPOSE: A server of data wiretapping system, and a wiretapping device and a data wiretapping method thereof are provided to wiretap data although the separate function for the key recovery is not added in a network device which a terminal is connected. CONSTITUTION: A tunnel management unit(33) passes through data transceived between a plurality of terminals. In case that a data recovery is requested from a wiretapping device, a data collecting unit(35) collects data corresponded to data collecting information among the data passing through the tunnel management unit. The tunnel management unit eliminates a server IP address included in the collected data. The tunnel management unit inserts an IP address of the wiretapping device into the data. The tunnel management unit transmits the data to the wiretapping device.
Abstract translation: 目的:提供一种数据窃听系统的服务器,以及窃听设备及其数据窃听方法,用于窃听数据,尽管在连接终端的网络设备中没有添加用于密钥恢复的单独功能。 构成:隧道管理单元(33)通过在多个终端之间收发的数据。 在从窃听设备请求数据恢复的情况下,数据收集单元(35)在通过隧道管理单元的数据中收集与数据收集信息相对应的数据。 隧道管理单元消除了收集的数据中包含的服务器IP地址。 隧道管理单元将窃听设备的IP地址插入到数据中。 隧道管理单元将数据发送到窃听设备。
-
公开(公告)号:KR1020100063407A
公开(公告)日:2010-06-11
申请号:KR1020080121913
申请日:2008-12-03
Applicant: 한국전자통신연구원
CPC classification number: H04L29/06095 , H04L12/4633
Abstract: PURPOSE: A method for processing receiving packet using transferring driver interface in a mobile terminal is provided to receive UDP datagram without intervention of an application layer through TDI interface, thereby improving processing function of a packet encapsulated in an IP-UDP shape. CONSTITUTION: A physical network interface(507) receives frame from IP network(508). The physical network interface transfers processes two layer header to an IP layer(505). After processing outwer IP header in the IP layer, processed packet(552) is transferred to UDP(User Datagram Protocol)(503). After processing UDP header in UDP layer, processed packer is transferred to TDI(Transport Driver Interface) client(502). The TDI client transfers a tunnel network interface to a packet(554). The tunnel network interface transferred a packet(555) to the IP layer.
Abstract translation: 目的:提供一种在移动终端中使用传输驱动程序接口处理接收数据包的方法,用于通过TDI接口接收UDP数据报,无需通过应用层的介入,从而提高封装在IP-UDP形状中的数据包的处理功能。 构成:物理网络接口(507)从IP网络接收帧(508)。 物理网络接口将两层报头传送到IP层(505)。 处理IP层中的IP报头后,处理后的数据包(552)被传送到UDP(用户数据报协议)(503)。 在UDP层处理UDP报头后,处理后的封装器被传送到TDI(传输驱动程序接口)客户端(502)。 TDI客户端将隧道网络接口传输到数据包(554)。 隧道网络接口将一个数据包(555)传送到IP层。
-
-
-
-
-
-
-
-
-
Search Results
195
records
(took 0.03 seconds)
