Patent application number | Description | Published |
20100260203 | TUNNELING IPv6 PACKET THROUGH IPv4 NETWORK USING A TUNNEL ENTRY BASED ON IPv6 PREFIX AND TUNNELING IPv4 PACKET USING A TUNNEL ENTRY BASED ON IPv4 PREFIX - The present invention relates to tunneling an IPv6 packet through an IPv4 network. In using a tunneling method upon transmitting an IPv6 packet in an IP network, when destination nodes desired to be communicated are located within the same IPv6 prefix network, IPv6 prefix information is added for the management of a tunnel entry. Hence, tunneling information on terminals located within the same IPv6 prefix network can be managed as one tunnel entry. Accordingly, the time consumed when retrieving a tunnel entry can be reduced. | 10-14-2010 |
20110013647 | IPV6 OVER IPV4 TRANSITION METHOD AND APPARATUS FOR IMPROVING PERFORMANCE OF CONTROL SERVER - The present invention relates to a method and apparatus for performing IPv6 over IPv4 transition to improve performance of a control server. When an edge router selected by the control server according to a tunnel creation request of an IPv6 terminal receives a tunnel creation request message from the control server, the edge router transmits a tunnel creation response message for the received tunnel creation request message to the IPv6 terminal through the control server, and the edge router performs IPv6 over IPv4 transition through a tunnel created by the IPv6 terminal that received the tunnel creation response message so as to improve the performance of the control server. Therefore, loads of the control server occurred because all terminals set control tunnels to the control server can be prevented, and service extensibility due to the increase in the number of subscribers can be guaranteed. | 01-20-2011 |
20110023088 | FLOW-BASED DYNAMIC ACCESS CONTROL SYSTEM AND METHOD - A traffic analysis and flow-based dynamic access control system and method. The flow-based dynamic access control system for controlling a user's access to an internal communication network through an external communication network includes an access control unit operating in an access control mode in which traffic received from a user is basically blocked, generating state management information of a flow, which is received from the user, based on a specified packet of the flow, and verifying whether access of the flow to the internal communication network is a normal access. As a proactive defense concept of allowing only normal users to access an internal network, a method of blocking attacks from a system contaminated by a worm virus, detecting a cyber attack on a certain system in advance and automatically avoiding the cyber attack, and guaranteeing the quality of normal traffic even under cyber attacks without performance degradation of the internal network is provided. | 01-27-2011 |
20110044337 | SYSTEM AND METHOD FOR PROVIDING IPTV SERVICE - In a system for providing an IPTV service, if a multicast address of an IPTV channel received from a head-end is a multicast address requested by a mobile node through a tunnel, an end router confirms a care of address (CoA) of the mobile node corresponding to the multicast address of the IPTV channel, sets the multicast address in the first header of broadcasting traffic, sets the CoA of the mobile node in the second header of the broadcasting traffic, and then sends the broadcasting traffic. | 02-24-2011 |
20110072515 | METHOD AND APPARATUS FOR COLLABORATIVELY PROTECTING AGAINST DISTRIBUTED DENIAL OF SERVICE ATTACK - A method and apparatus for collaboratively protecting against a Distributed Denial of Service (DDoS) attack are provided. The method performed by a network apparatus includes detecting data suspected as being used in the DDoS attack by monitoring traffic forwarded to a service server, notifying a security apparatus that the detected data is suspected as being used in the DDoS attack, and performing at least one of a first operation and a second operation, the first operation being receiving an analysis result for the detected data from the security apparatus and controlling the traffic based on the analysis result, and the second operation being controlling, prior to the first operation, the traffic based on a rule set in advance. | 03-24-2011 |
20110085552 | SYSTEM AND METHOD FOR FORMING VIRTUAL PRIVATE NETWORK - Technology for forming a virtual private network (VPN) is provided. A VPN gateway that supports mobility with a connection node having a virtual home address (HoA) and a care of address (CoA) includes a mobility support unit, a data security unit, and a virtual address converter. When a packet is transferred from the connection node, the mobility support unit sustains a binding relationship between a home address (HoA) of the connection node and the changed CoA, and processes a mobility tunnel for the packet, thereby generating a first conversion packet. The data security unit performs a security test of the first conversion packet. The virtual address converter converts the HoA of the connection node, which is a source address of the first conversion packet in which the security test is complete, to a private network internal address that can be used in the VPN, thereby generating a second conversion packet. | 04-14-2011 |
20110200005 | METHOD OF SUPPORTING MOBILITY USING SECURITY TUNNEL - Enclosed is a method of supporting mobility using a security tunnel. For the movement of a terminal in a local network and the movement of a terminal to an external network, an active tunnel and a standby tunnel are set to provide mobility to the terminal. When the local network moves, mobility for the local network is provided. The stability of a network is guaranteed using security connection. | 08-18-2011 |
20120014350 | APPARATUS AND METHOD OF CONTROLLING SEAMLESS HANDOVER BETWEEN HETEROGENEOUS NETWORKS BASED ON IPV6 OVER IPV4 TUNNELING MECHANISM - The invention relates to a method and an apparatus for controlling seamless handover between heterogeneous networks based on IPv6 over IPv4 tunneling. When IPv6 service is provided using tunneling in an IPv4 based network environment, handover of a mobile terminal between different networks is achieved through switching of an active tunnel and a standby tunnel, and thus handover between different networks is facilitated and data loss is prevented to secure continuity of service provided to the mobile terminal even when the mobile terminal hands over to a heterogeneous network. | 01-19-2012 |
20120163267 | METHOD AND SYSTEM FOR RECEIVING MULTICAST DATA IN TUNNELLING-BASED MOBILITY NETWORK ARCHITECTURE, AND MOBILE TERMINAL THEREOF - Disclosed are a method and a system for receiving multicast data without using a tunnel in a tunneling-based mobility network architecture, and a mobile terminal thereof. By providing a method for receiving multicast data in a tunneling-based mobility network architecture receiving multicast data over a multicast-enabled Internet protocol (IP) network by switching a path before tunneling and thereby transmitting a corresponding channel reception request message to a corresponding visit network when a transmission packet of a mobile terminal is a channel reception request message in a heterogeneous visit network, and at the same time, guaranteeing mobility of the mobile terminal by tunneling a corresponding transmission packet to a care-of-address of a visit network being currently visited when the transmission packet is not the channel reception request message, there are provided a method and a system for receiving multicast data via a visit network without using an existing tunnel. | 06-28-2012 |
20130128741 | FLOW BASED QOS ROUTER CAPABLE OF REPORTING REAL-TIME STATISTICS - Disclosed is a flow-based QoS router capable of reporting real-time statistics, including: a line card configured to collect flow information by analyzing a flow, classify the collected flow information into flow information not requesting filtering and flow information requesting filtering, and transmit each of the flow information not requesting filtering and the flow information requesting filtering; a system supervisor controller configured to receive the flow information not requesting filtering and the flow information requesting filtering from the line card and store the flow information not requesting filtering and the flow information requesting filtering, and accessed by a manager terminal to monitor the flow information not requesting filtering and the flow information requesting filtering to perform filtering of and QoS application to a predetermined flow; and an application processor configured to command QoS application to the predetermined flow according to a request from the system supervisor controller. | 05-23-2013 |
20130133057 | SYSTEM FOR MANAGING VIRTUAL PRIVATE NETWORK AND METHOD THEREOF - Disclosed are a system for managing virtual private networks (VPNs) includes: terminals configured to transmit user data; a manager configured to transmit information for concealing networks and managing the VPNs; border gateways configured to decrypt the user data and perform a network address translation (NAT) procedure and a filtering procedure on the decrypted user data based on the information; and servers configured to receive the user data subjected to the NAT procedure and the filtering procedure, wherein the filtering procedure is a procedure discarding the user data to be transferred to the servers that are not allowed so as to allow the terminals to access only the allowed servers, the NAT procedure is a procedure changing an Internet protocol (IP) address used in a first network to an IP address used in a second network, and the first network and the second network are different networks. | 05-23-2013 |
20140002584 | METHOD OF SELECTING CONFERENCE PROCESSING DEVICE AND VIDEO CONFERENCE SYSTEM USING THE METHOD | 01-02-2014 |
20140003340 | HOME CLOUD GATEWAY APPARATUS FOR MULTI-SERVICE AND METHOD OF PROVIDING SERVICE USING THE SAME | 01-02-2014 |
20140165181 | NETWORK APPARATUS AND OPERATING METHOD THEREOF - Disclosed are a network apparatus and an operating method thereof. The network apparatus includes: a security authentication module that executes security authentication of a distributed denial of service (DDoS) attack when a predetermined packet requests access to a particular service server to which the security authentication is applied, at the time of inputting the predetermined packet; and a communication module that transmits the predetermined packet security-authenticated by the security authentication module through a transmission route of the particular service server, so as to easily defend the DDoS attack by using a pseudo state of a service procedure. | 06-12-2014 |
20140304504 | LOGICAL NETWORK SEPARATION METHOD AND APPARATUS - Disclosed are a logical network separation method and apparatus. The logical network separation method includes generating a first hash key on the basis of address information included in a service request packet, generating hash information on the basis of a transmission property of the service request packet corresponding to the first hash key when the same hash key as the first hash key is not in the hash table, and generating the policy about the reception of the service response packet corresponding to the service request packet on the basis of a destination of the service request packet. Accordingly, it is possible to block a cyber attack such as hacking, a malicious program, etc. | 10-09-2014 |