The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Advanced computer security systems rely on a host of detectors that examine anomalies, or known signatures, to qualify network traffic. Anomaly detectors usually come at greater cost in resources over signature detectors spurring the desire to translate anomalies into identifiable signatures. Automatic Signature Generation (ASG) attempts to automate the process of creating signatures to describe newly...
Regular expressions have become a fixture in network security systems such as Network Intrusion Detection, Spam email filtering, and Antivirus. Unfortunately, regular expressions require considerably more resources in matching over fixed binary or character strings. Much research has focused on improving matching architectures or hardware support to create more efficient regular expression matching...
To support scalable, flexible software-defined networking, OpenFlow is designed to provide granular traffic control across multiple vendor's network devices for efficient flow processing. Decision-tree packet classification algorithms do not scale to the number of flow table fields while decomposition algorithms such as RFC fail to provide necessary incremental update and determinism. Since searching...
In modern network devices the query performance for a hashing method degrades sharply due to non-determinism incurred by hash collision. Although previous collision resolution mechanisms have made remarkable progress, there is still much room to improve deterministic performance by resolving hash collisions more effectively. Further, the use of probabilistic, on-chip, summaries such as Bloom filters...
Longest Prefix Matching in IP Address lookup remains a bottleneck for high-speed routers where large volumes of traffic at multi-gigabyte link speeds require extremely fast lookup time. By taking advantage of bitmap and hashing techniques effectively used in Tree Bitmap algorithm and Binary hash searching on prefix length algorithm we propose a hierarchical hashing scheme based on observations about...
The performance of Network Intrusion Detection Systems (NIDS) depends heavily on the inputs to the system (rules and network traffic). A common trend in the evaluation of NIDS is to use a narrow selection of publicly or privately available rule-sets and traffic. Private rule-sets and traffic make the repeatability of experiments difficult while publicly available rule-sets and traffic often lack the...
Ternary Content-Addressable Memory (TCAM) is the de facto industrial standard to perform packet classification. However inefficient representation of port ranges results in the range expansion problem which sharply degrades TCAM storage performance. A range has to be converted into a set of prefixes with each stored in a separate TCAM entry. The range expansion problem occurs when a rule with multiple...
Network Intrusion Detection Systems (NIDS) examine millions of network packets searching for malicious traffic. Multi-gigabit line-speeds combined with growing databases of rules lead to dropped packets as the load exceeds the capacity of the device. Several areas of research have attempted to mitigate this problem through improving packet inspection efficiency, increasing resources, or reducing the...
Due the significant need for real-time anonymization we propose Real-time Netshuffle [1]; a complete graph distortion technique designed to mitigate risk to inference attacks in traffic anonymization. Real-time Netshuffle provides an additional layer of security, in concert with other on-line traffic anonymization techniques, while imposing only minimal damage to the empirical value of the data.
Many network security applications in today's networks a0re based on deep packet inspection, checking not only the header portion but also the payload portion of a packet. For example, traffic monitoring, layer-7 filtering, and network intrusion detection all require an accurate analysis of packet content in search for predefined patterns to identify specific classes of applications, viruses, attack...
Traffic traces provide valuable data to researchers and organizations alike. However, organizations that provide this information do not wish to expose the internal workings of their networks to potential attack. Traffic trace anonymization attempts to mitigate this concern by hiding sensitive information while preserving most of the empirical value of the trace. Unfortunately, many attacks such as...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.