The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This demonstration shows an innovative concept that introduces PKI for mobile operators. A commercial 3G dongle is equipped with an USIM module used for subscriber's authentication. The USIM embeds a tiny SSL stack written for java cards. The 3G modem delivers internet connectivity and realizes strong mutual SSL authentication providing, in the presented use case, seamless access to real OPENID services.
This paper reports put forward a research about secure access gateway based on moving the control terminal down to the layer 2 switches through the analysis of the actual network condition in university, and design a 24 ports hardware product by using embedded NAT processing unit. After a year of online testing, this product achieves in the function of address translation, access control, user binding,...
DPI identification technology is a main technique of P2P data stream identification technology; the advantages of it are higher accuracy and the ability of distinguishing accurately which type of P2P applications. But it is difficult to apply in highspeed networks due to its slow execution speed. To solve this problem, this paper suggests six sampling strategies: invariable random sampling, invariable...
Voice over Internet protocol is the ability of transmitting voice using the Internet protocol. This paper addresses an introduction to VoIP, threats of VoIP and studies previous works of secure VoIP. We also propose practical implementations for securing VoIP by using Java and Android. Finally we give security analysis of our implementation and analyze different protocols involved in making VoIP more...
The most common method of system administration is accessing the remote system through the network by means of some client-server protocol, giving access to a privileged service always listening on the target system. There are important security and flexibility limitations deriving from the usage of a predictable access port for such a critical application, which can be summarized as the impossibility...
IPv6 provides a platform for new Internet functionality. It includes support for real-time flows, provider selection, and host mobility, end-to-end security, auto-configuration, and auto-reconfiguration. It solves the Internet scaling problem, provides a flexible transition mechanism for the current Internet, and was designed to meet the needs of new markets such as nomadic personal computing devices,...
Today, peer-to-peer service has become a very member of the network traffics. Thus, it broke the normal communication of the other important services through taking up their networkpsilas resource. This paper will put forward a method of P2P traffics identification on Internet based on the deep flow inspection through an analysis of the P2P protocols and models. This method can restrain the P2P bandwidth...
Internet architecture is facing at least three major challenges. First, it is running out of IPv4 addresses. IPv6 offers a long-term solution to the problem by offering a vast amount of addresses but is neither supported widely by networking software nor has been deployed widely in different networks. Second, end-to-end connectivity is broken by the introduction of NATs, originally invented to circumvent...
Smart cards have provided security services in many domains over the past two decades. They should be able to offer security services to the Internet and prevent online identity theft as well. Having developed a smart-card-based solution for preventing identity theft, we have found that it is very difficult to push it to the consumer market. A common critical requirement from both users and service...
Biological systems exhibit remarkable adaptation and robustness in the face of widely changing environments. Currently speaking, we often imitate the properties of biological systems. Based on this thought, it also exists the analogous situation in the WSNs (wireless sensor networks). Survivability is the ability to provide essential services in the presence of attacks and failures, and recover full...
Traditional subjective logic provides a specific belief calculus that uses opinion to express beliefs, but it does not support the time property. In the heterogeneous, dynamic, and open networks such as the Internet, we propose a time-related trust model based on subjective logic theory. The proposed model consists of two additional factors compared with the traditional one: a time-related attenuation...
The vulnerability of home routers has been widely discussed, but there has been significant skepticism in many quarters about the viability of using them to perform damaging attacks. Others have argued that traditional malware prevention technologies will function for routers. In this paper we show how easily and effectively a home router can be repurposed to perform a mid-stream script injection...
In this paper, we present a method for providing quality of service using bandwidth limitation. In practical demonstration of the idea, we have used an algorithm for packet queuing, a technique applicable in a setup where the systems are connected to the Internet through a server and the server receives and distributes all the packets requested from the all the users in the network. The idea basically...
We have implemented Multi-Session based Network Security Event Detector: ROOK to detect botnet activity and P2P file sharing traffic and our results show that our method is less false positives than existing network security event detectors (e.g. IDS). We proposed a network security event detection method by analyzing correlation among multiple sessions. Our method can recognize hosts behaviors by...
As Instant Messaging (IM) becomes the favorite means of personal and work-related communications, the attacks exploiting vulnerabilities in IM will increase in frequency. Although some attacks employ well known strategies used in attacks on other communication systems, many are newly developed to exploit the properties unique to IM. In this paper, we present a new enhancement in controlling virus...
Isolation execution is an effective mechanism that has been applied to protect the computers against the unknown attacks from the Internet. However, previous isolation solutions cannot achieve both the OS isolation and the reusage of existing software environment. In this paper, we present a new isolated execution approach called Aquarius for accessing the Internet safely. Besides fulfilling the OS...
Ensuring that IP Security (IPSec) gateway meets its performance expectations is one of the most important objectives that IPSec gateway development team must face with. Only suitable validation approach may prove that IPSec gateway throughput is correct, Security Associationspsila adding/removing time is acceptable, IPSec gateway is capable of processing huge number of flows and IPSec rekeying works...
Hardware security tokens are gradually gaining popularity as tools for strong online authentication and secure storage of personal information. The security services they offer protect online service providers as well as consumers. These tokens are small embedded systems that typically have little or no human interface themselves. They work with software on the host computer for human interface and...
TCP-SYN attack is one of the commonly used DDoS attacks aimed at bringing down a computer system connected to Internet. There has been an increased targeting of Windows end-users and servers. The attackers and intruders are leveraging easily identifiable network blocks to target and exploit Windows end-user servers and computer systems. In order to provide some level of security and protection against...
Network security for computing platforms connected to corporate networks has been of paramount importance for decades and many hardware and software solutions have evolved to service these needs. Historically, the networks used in process control systems have relied on physical isolation or separation from outside influence to protect their security domain. Several technology driven forces have given...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.