Myung-Sup Kim

Learn More
Traditionally, Internet applications have been identified by using predefined well-known ports with questionable accuracy. An alternative approach, application-layer signature mapping, involves the exhaustive search of reliable signatures but with more promising accuracy. With a prior protocol knowledge, the signature generation can guarantee a high(More)
One recent trend in network security attacks is an increasing number of indirect attacks which influence network traffic negatively, instead of directly entering a system and damaging it. In future, damages from this type of attack are expected to become more serious. In addition, the bandwidth consumption by these attacks influences the entire network(More)
As the Internet evolves into an all-IP communication infrastructure, a key issue to consider is that of creating and managing IP-based services with efficient resource utilization in a scalable, flexible, and automatic way. In this paper, we present the Autonomic Service Architecture (ASA), a uniform framework for automated management of both Internet(More)
As network traffic is dramatically increasing due to the popularization of Internet, the need for application traffic classification becomes important for the effective use of network resources. In this paper, we present an application traffic classification method based on fixed IP-port information. A fixed IP-port is a {IP, protocol, port} triple(More)
Machine to Machine (M2M) technology has the potential to increase the revenue, decrease the costs and improve the customer services of an organization. We have analyzed the management requirements of M2M systems, which are based on existing M2M network use cases and services. The most important characteristics including sleeping devices, low power lossy(More)
Recently, as network flooding attacks such as DoS/DDoS and Internet Worm have posed devastating threats to network services, rapid detection and proper response mechanisms are the major concern for secure and reliable network services. However, most of the current Intrusion Detection Systems (IDSs) focus on detail analysis of packet data, which results in(More)
The necessity of network traffic monitoring and analysis is growing dramatically with increasing network usage demands from individual users as well as business communities. Most network traffic monitoring and analysis systems are based on flows. One key asset with these systems is to compress a significant amount of packet data into flows. However, the(More)
This paper presents the design of a next generation network traffic monitoring and analysis system, called NG-MON (Next Generation MONitoring), for high-speed networks such as 10 Gbps and above. Packet capturing and analysis on such high-speed networks is very difficult using traditional approaches. Using distributed, pipelining and parallel processing(More)
The increase in Smart-phone users and expansion of market value creates traffic complexity and causes network saturation. Network technology lags development compared to the growth of traditional internet applications and Smart-phone based applications. Thus, the need for interest in network traffic monitoring increase. Traffic monitoring becomes an(More)
The traffic dynamics of the Internet’s dominant applications, such as peer-to-peer and multimedia, worsen the accuracy of the existing application traffic identification. There is a strong need for both practical and reliable identification methods with proof of accuracy. This paper proposes a hybrid approach of signature matching and session behavior(More)