The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The Remote Access Trojan (RAT), whose exposure often lags far behind its widespread infection, plays a part in the growing number of cyber-attacks. In terms of intrusion detection, signature-based methods still occupy the dominant position together with anomaly-based methods that are deployed to be complementary. The anomaly-based methods are efficient and resource saving, however, anomaly-based RAT...
Hash table is one of the most fundamental and critical data structures for membership query and maintenance. However, the performance of a standard hash table degrades greatly when the hash collision is large due to high load factor or unpredictable dynamic membership updates, especially per-packet updates in network processing. In this paper, we shape a hash table from the conventional slim-and-tall...
In its current form, OpenFlow, the de facto implementation of SDN, separates the network's control and data planes allowing a central controller to alter the match-action pipeline using a limited set of fields and actions. To support new protocols, forwarding logic, telemetry, monitoring or even middlebox-like functions the currently available programmability in SDN is insufficient. In this paper,...
Provides an abstract for each of the keynote presentations and a brief professional biography of each presenter. The complete presentations were not made available for publication as part of the conference proceedings.
Circular statistics present a new technique to analyse the time patterns of events in the field of cyber security. We apply this technique to analyse incidents of malware infections detected by network monitoring. In particular we are interested in the daily and weekly variations of these events. Based on "live" data provided by Spamhaus, we examine the hypothesis that attacks on four countries...
Bitmap indexing is a promising approach for indexing. However the huge space consumption hinders the wide adoption of bitmap indexing, especially in memory-critical area such as packet classification. To this end, a variety of compression scheme are proposed to reduce the space consumption and simultaneously maintain the fast calculation which is a focused feature of bitmap indexing. In this paper,...
Creating quick and dirty prototypes is a simple and effective way to demonstrate the feasibility of new ideas in network research. Though, small scale proof-of-concepts may lack the performance needed to apply them to real world test cases. Thanks to powerful packet processing frameworks such as netmap and DPDK, high-performance packet forwarding systems can be implemented in software today.We present...
Internet evolution is driven by a continuous stream of new applications and users driving the demand for services. To keep up with this, a never-stopping research has been transforming the Internet ecosystem over the time. Technological changes on both protocols (the uptake of IPv6) and network architectures (the adoption of Software Defined Networking) introduced new challenges for ASIC designers...
Longest Prefix Match (LPM) is a basic and important function for current network devices. Hash-based approaches appear to be excellent candidate solutions for LPM with the capability of fast lookup speed and low latency. The number of hash table probes, i.e. the search path of a hash-based LPM algorithm, directly determines the lookup performance. In this paper, we propose Ω-LPM to improve the lookup...
Increasingly, communication requires more from the network stack, e.g., seamless handoff and synchronization of state between multiple participants. Due to the lack of support for desired functionality, networking libraries are created to fill the void. This leads to considerable duplication of effort and complicates cross-platform development. Furthermore, the means for extending legacy protocol...
Network research relies on packet generators to assess performance and correctness of new ideas. Software-based generators in particular are widely used by academic researchers because of their flexibility, affordability, and open-source nature. The rise of new frameworks for fast IO on commodity hardware is making them even more attractive. Longstanding performance differences of software generation...
Current frameworks for network programming assume that the network contains a collection of homogenous devices that can be rapidly reconfigured in response to changing policies and network conditions. Unfortunately, these assumptions are incompatible with the realities of modern networks, which contain legacy devices that offer diverse functionality and can only be reconfigured slowly. Additionally,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.