The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
An important problem in current operational environments is the large quantity of monitoring data that has to be processed online. This paper introduces a new metric that leverages spatially and temporally aggregated IP-flow related information. The metric is based on a new kernel function that captures both IP address space distribution as well as volume related traffic information. We assess several...
Attacking anonymous communication networks is very tempting and many attacks have already been observed. We consider the case of Tor, a widely-used anonymous overlay network. Despite the deployment of several protection mechanisms, we propose an attack originated from only one rogue exit node. Our attack is composed of two elements. The first is an active tag injection scheme. The malicious exit node...
Today, honeypot operators are strongly relying on network analysis tools to examine network traces collected in their honeynet environment. The accuracy of such analysis depends on the ability of the tools to properly reassemble streams especially TCP sessions. Network forensics analysis quality is tight to those tools and we evaluated widely used network analysis tools. We pinpoint TCP reassembly...
Reverse engineering is often the last resort for analyzing unknown or closed source software. Such an investigation is motivated by a risk evaluation of closed source programs or by evaluating consequences and countermeasures against infections by malicious programs that are often closed source. This article presents a success story where we used and modified free software serving as environment for...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.