The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
SINET5 is a new 100-Gbps-based academic backbone network, which started full-scale operations in April 2016. It uses multi-protocol label switching-transport profile (MPLS-TP) systems and reconfigurable optical add-drop multiplexers (ROADMs) to create a nationwide network and has more than 50 backbone IP routers to provide a wide range of services, such as several virtual private network (VPN) services...
Recent cyber attacks are sophisticated so that it is difficult to prevent malware infection. Therefore, early malware infection detection becomes more important. Moreover, latest malware connects to C&C server by utilizing HTTP which is widely used on daily business. Furthermore, some of them utilizes HTTPS to hide its content from analyzer. Thus, it further makes malware infection detection harder...
Network-based malware classification plays an important role in improving system security than system-based malware classification. The vast majority of malware needs a network activity in order to accomplish its purpose (e.g., downloading malware, connecting to a C&C server, etc.). Many malware classification approaches based on network behavior have thus been proposed. Nevertheless, they merely...
This paper gives a brief report on a new 100-Gbps academic backbone network, called SINET5, which started full-scale operations in April 2016. SINET5 has more than 50 backbone routers and forms a fully meshed topology by using MPLS-TP systems to provide researchers in every Japanese prefecture with 100-Gbps access, minimized-latency, and SDN-friendly environments. SINET5 gives a multi-layer, dynamically...
Recently, targeted cyber attacks have been sophisticated. In case of such attacks, attackers use dedicated malwares against target organizations. Dedicated malwares slip through the conventional countermeasures, e.g., firewall, intrusion detection systems, and so on, which focus on preventing intrusion of malwares. Against such situation, recent countermeasures focus on the mitigation of damages like...
Recently, cyber attacks become so sophisticated that conventional countermeasures that focus on preventing intrusion are becoming less effective. Thus, recent countermeasures are focusing on after intrusion such as an incident response. We previously proposed a system in order to support network administrators performing incident responses. However, our previous system uses only anomaly detection...
Web attacks that exploit vulnerabilities of web applications are still major problems. The number of attacks that maliciously manipulate parameters of web applications such as SQL injections and command injections is increasing nowadays. Anomaly detection is effective for detecting these attacks, particularly in the case of unknown attacks. However, existing anomaly detection methods often raise false...
PALSAR full polarimetry data were used to detect thaw/freeze conditions on the ground to try to determine the cause of a spring flood on a northern river in Russia. Full polarimetric data was used to identify the forest area, and the radar backscattering coefficient, a0HV, was examined. The a0HV over a frozen forest area was −19.9 dB, while that of a thawing forest area was −11.9 dB, and freeze/thaw...
Recently, the sophistication of targeted cyber attacks makes conventional countermeasures useless to defend our network. Proper network design, i.e., Moderate segmentation and adequate access control, is one of the most effective countermeasures to prevent stealth activities of the attacks inside the network. By paying attention to the violation of the control, we can be aware of the existence of...
In contrast to conventional cyber attacks such as mass infection malware, targeted attacks take a long time to complete their mission. By using a dedicated malware for evading detection at the initial attack, an attacker quietly succeeds in setting up a front-line base in the target organization. Communication between the attacker and the base adopts popular protocols to hide its existence. Because...
It is required in the first step of malware analysis to determine whether a given malware program is a variant of known ones. If it is surely not a variant, manual analysis against it is required. However, it is impossible to perform manual analysis, the cost of which is very high, over all the enormous number of newly found malware programs. An automatic and accurate malware program classification...
The vastness of IPv6 address space and rapid spread of its deployment attract us to usage of IPv6 network. Various types of devices, including embedded systems, are ready to use IPv6 addresses and some of them have already been connected directly to the Internet. Such situation entices attackers to change their strategies and choose the embedded systems as their targets. We have to deploy various...
Tempfailing is widely used in many organizations as anti-spam technology. However, this technology causes a serious problem: it imposes long delays in mail delivery. To solve this problem, another technique called 5-Way Handshake was proposed, but its conventional implementation has a serious drawback. Based on the MX fallback mechanism defined by RFC5321, a legitimate sender must access MX hosts...
Malicious software (Malware) in form of Internet worms, computer viruses, and trojan horses poses a major threat to the security of network systems. Identification of malware variants provides great benefit in early detection. Taking into account that variants of malware families share similar functions reflecting its origin and purpose, we propose a method focusing on the features of functions that...
Intrusion Detection Systems (IDSs) play an important role detecting various kinds of attacks and defend our computer systems from them. There are basically two main types of detection techniques: signature-based and anomaly-based. A signature-based IDS cannot detect unknown attacks because a signature has not been written. To overcome this shortcoming, many researchers have been developing anomaly-based...
To defend a network system from security risks, intrusion detection systems (IDSs) have been playing an important role in recent years. There are two types of detection algorithms of IDSs: misuse detection and anomaly detection. Because misuse detection is based on a signature which is created from the features of attack traffic by security experts, it can achieve accurate and stable detection. However,...
Intrusion detection systems (IDSs) play an important role to defend networks from cyber attacks. Among them, anomaly-based IDSs can detect unknown attacks like 0-day attacks that are hard to detect by using signature-based system. However, they have problems that their performance depends on a learning dataset. It is very hard to prepare an appropriate learning dataset in a static fashion, because...
This research aims to construct a high-performance anomaly based intrusion detection system. Most of past studies of anomaly based IDS adopt k-means based clustering, this paper points out that the following reasons cause performance degradation of k-means based clustering when it is deployed in real traffic environment. First, k-means based algorithms have weakness for high dimensional data. Second,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.