Patent application number | Description | Published |
20100095370 | SELECTIVE PACKET CAPTURING METHOD AND APPARATUS USING KERNEL PROBE - The present invention discloses a packet capturing method using a kernel probe, which is for capturing traffic generated only by a specific application. The packet capturing method using a kernel probe comprises the steps of: acquiring the 5-tuple information of a packet associated with the application to capture by intercepting a specific set of operating system networking kernel functions using a kernel probe which intercepts calls to the functions; capturing packets inputted and outputted through a network device; and identifying traffic generated by the application by comparing the 5-tuple information with 5-tuple information of the captured packets. | 04-15-2010 |
20100260203 | TUNNELING IPv6 PACKET THROUGH IPv4 NETWORK USING A TUNNEL ENTRY BASED ON IPv6 PREFIX AND TUNNELING IPv4 PACKET USING A TUNNEL ENTRY BASED ON IPv4 PREFIX - The present invention relates to tunneling an IPv6 packet through an IPv4 network. In using a tunneling method upon transmitting an IPv6 packet in an IP network, when destination nodes desired to be communicated are located within the same IPv6 prefix network, IPv6 prefix information is added for the management of a tunnel entry. Hence, tunneling information on terminals located within the same IPv6 prefix network can be managed as one tunnel entry. Accordingly, the time consumed when retrieving a tunnel entry can be reduced. | 10-14-2010 |
20110023088 | FLOW-BASED DYNAMIC ACCESS CONTROL SYSTEM AND METHOD - A traffic analysis and flow-based dynamic access control system and method. The flow-based dynamic access control system for controlling a user's access to an internal communication network through an external communication network includes an access control unit operating in an access control mode in which traffic received from a user is basically blocked, generating state management information of a flow, which is received from the user, based on a specified packet of the flow, and verifying whether access of the flow to the internal communication network is a normal access. As a proactive defense concept of allowing only normal users to access an internal network, a method of blocking attacks from a system contaminated by a worm virus, detecting a cyber attack on a certain system in advance and automatically avoiding the cyber attack, and guaranteeing the quality of normal traffic even under cyber attacks without performance degradation of the internal network is provided. | 01-27-2011 |
20110080830 | DEVICE AND METHOD FOR PROVIDING FORWARDING INFORMATION AND QOS INFORMATION IN FLOW BASED NETWORK ENVIRONMENT - A device for providing forwarding and QoS information in a flow based network environment acquires first information and second information from a flow table therein on the basis of status information of a predetermined flow in order to provide dynamically updated information in a flow based network environment. When it is determined that first information and second information acquired based on a route ID of a series of information are updated, the flow table is updated and the updated information is provided. | 04-07-2011 |
20110082941 | METHOD OF PROVIDING DIRECT COMMUNICATION IN INTERNET PROTOCOL NETWORK - In order for a peer node to perform direct communication with a correspondent peer node in an Internet protocol network, the peer node receives a virtual address of the correspondent peer node from a server, and then when the peer node can directly set a tunnel with the correspondent peer node, the peer node sets a tunnel with the correspondent peer node, and when the peer node cannot directly set a tunnel with the correspondent peer node, the peer node sets a tunnel with a tunnel repeater. Thereafter, the peer node connects a virtual address of the correspondent peer node as route information to the tunnel. Thereby, a packet using a virtual address of the correspondent peer node as a destination is transmitted to the correspondent peer node through a predetermined tunnel. | 04-07-2011 |
20110085552 | SYSTEM AND METHOD FOR FORMING VIRTUAL PRIVATE NETWORK - Technology for forming a virtual private network (VPN) is provided. A VPN gateway that supports mobility with a connection node having a virtual home address (HoA) and a care of address (CoA) includes a mobility support unit, a data security unit, and a virtual address converter. When a packet is transferred from the connection node, the mobility support unit sustains a binding relationship between a home address (HoA) of the connection node and the changed CoA, and processes a mobility tunnel for the packet, thereby generating a first conversion packet. The data security unit performs a security test of the first conversion packet. The virtual address converter converts the HoA of the connection node, which is a source address of the first conversion packet in which the security test is complete, to a private network internal address that can be used in the VPN, thereby generating a second conversion packet. | 04-14-2011 |
20120014350 | APPARATUS AND METHOD OF CONTROLLING SEAMLESS HANDOVER BETWEEN HETEROGENEOUS NETWORKS BASED ON IPV6 OVER IPV4 TUNNELING MECHANISM - The invention relates to a method and an apparatus for controlling seamless handover between heterogeneous networks based on IPv6 over IPv4 tunneling. When IPv6 service is provided using tunneling in an IPv4 based network environment, handover of a mobile terminal between different networks is achieved through switching of an active tunnel and a standby tunnel, and thus handover between different networks is facilitated and data loss is prevented to secure continuity of service provided to the mobile terminal even when the mobile terminal hands over to a heterogeneous network. | 01-19-2012 |
20120106559 | METHOD OF NETWORK-BASED COMMUNICATION IN VIRTUAL NETWORK ENVIRONMENT - In a plurality of virtual tunnel routers including a first virtual tunnel router and a second virtual tunnel router, the first virtual tunnel router and the second virtual tunnel router request virtual network prefix information from a tunnel mapping controller. When the tunnel mapping controller generates virtual network prefix information of the first virtual tunnel router and the second virtual tunnel router, respectively, and transmits the same along with information of a list of adjacent virtual tunnel routers, the first virtual tunnel router and the second virtual tunnel router create a tunnel. With the tunnel established, the virtual network prefix information received by the first virtual tunnel router and second virtual tunnel router, respectively, is linked so that direct communication can be performed between the first virtual tunnel router and the second virtual tunnel router. | 05-03-2012 |
20120163267 | METHOD AND SYSTEM FOR RECEIVING MULTICAST DATA IN TUNNELLING-BASED MOBILITY NETWORK ARCHITECTURE, AND MOBILE TERMINAL THEREOF - Disclosed are a method and a system for receiving multicast data without using a tunnel in a tunneling-based mobility network architecture, and a mobile terminal thereof. By providing a method for receiving multicast data in a tunneling-based mobility network architecture receiving multicast data over a multicast-enabled Internet protocol (IP) network by switching a path before tunneling and thereby transmitting a corresponding channel reception request message to a corresponding visit network when a transmission packet of a mobile terminal is a channel reception request message in a heterogeneous visit network, and at the same time, guaranteeing mobility of the mobile terminal by tunneling a corresponding transmission packet to a care-of-address of a visit network being currently visited when the transmission packet is not the channel reception request message, there are provided a method and a system for receiving multicast data via a visit network without using an existing tunnel. | 06-28-2012 |
20130128741 | FLOW BASED QOS ROUTER CAPABLE OF REPORTING REAL-TIME STATISTICS - Disclosed is a flow-based QoS router capable of reporting real-time statistics, including: a line card configured to collect flow information by analyzing a flow, classify the collected flow information into flow information not requesting filtering and flow information requesting filtering, and transmit each of the flow information not requesting filtering and the flow information requesting filtering; a system supervisor controller configured to receive the flow information not requesting filtering and the flow information requesting filtering from the line card and store the flow information not requesting filtering and the flow information requesting filtering, and accessed by a manager terminal to monitor the flow information not requesting filtering and the flow information requesting filtering to perform filtering of and QoS application to a predetermined flow; and an application processor configured to command QoS application to the predetermined flow according to a request from the system supervisor controller. | 05-23-2013 |
20130133057 | SYSTEM FOR MANAGING VIRTUAL PRIVATE NETWORK AND METHOD THEREOF - Disclosed are a system for managing virtual private networks (VPNs) includes: terminals configured to transmit user data; a manager configured to transmit information for concealing networks and managing the VPNs; border gateways configured to decrypt the user data and perform a network address translation (NAT) procedure and a filtering procedure on the decrypted user data based on the information; and servers configured to receive the user data subjected to the NAT procedure and the filtering procedure, wherein the filtering procedure is a procedure discarding the user data to be transferred to the servers that are not allowed so as to allow the terminals to access only the allowed servers, the NAT procedure is a procedure changing an Internet protocol (IP) address used in a first network to an IP address used in a second network, and the first network and the second network are different networks. | 05-23-2013 |
20140002584 | METHOD OF SELECTING CONFERENCE PROCESSING DEVICE AND VIDEO CONFERENCE SYSTEM USING THE METHOD | 01-02-2014 |
20140306967 | APPARATUS AND METHOD FOR DISPLAYING IMAGES - Disclosed herein are an apparatus and method for displaying images. The apparatus includes a first image output unit, a second image output unit, an image signal selection unit, and an image display unit. The first image output unit is set to master operation mode, and outputs an image signal to be displayed. The second image output unit is set to slave operation mode, and, if the first image output unit has failed, is switched to master operation mode and then continuously outputs the image signal or a new image signal. The image signal selection unit compares the IP source address of a received master message with previously stored address information, and then selects the image signal that is received from the first image output unit or the second image output unit that has a matching address. The image display unit displays the selected image signal. | 10-16-2014 |
20140317402 | METHOD OF PROCESSING PACKET IN BELOW BINARY STACK STRUCTURE - Disclosed is a packet processing method in a below binary stack (BBS) structure. A transmission packet processing method includes receiving a packet from a network layer, reassembling a packet for which a first fragmentation has been performed when the received packet is the packet for which the first fragmentation has been performed, encrypting the reassembled packet, performing a second fragmentation for the encrypted packet when the second fragmentation is necessary for the encrypted packet, adding a header to the packet for which the second fragmentation has been performed, and transmitting the packet with the header added thereto through a physical layer. Accordingly, an encryption function can be provided in the BBS structure. | 10-23-2014 |