The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With the rapid development of the Internet, people are not satisfied with sharing information only on the local network; instead, they intend to maximize the use of various types of network resources in different regions in the world. Intelligent network increasingly strong demand, put forward new demands on intelligent routing protocol. Intelligent routing protocol model not only need to have self...
Enterprises today are facing an increasing number of criminal threats ranging from financially motivated and opportunistic malware to more advanced targeted attacks organized by nation-state actors. To protect against these threats, enterprises deploy a number of perimeter defenses, including traditional controls (antivirus software, intrusion detection systems, firewalls) and more advanced techniques...
The number of revealed and analyzed attacks that use sophisticated and complex methods increased lately. Through the usage of such methods the attackers are able to evade existing security systems and prevent a comprehensive detection of the malicious activities. Therefore, it is often necessary to perform a manual investigation of complex attacks, to identify all steps and malicious activities that...
Named Data Networking is a network layer protocol that aims to replace the IP layer in its current internet architecture. NDN comes under the Information Centric Networking. The main difference between NDN and the current IP based internet architecture is the absence of IP addresses in the former. NDN uses interest packets and data packets for communication between computers. Though these two networking...
With the rising popularity of Web applications and cloud computing technology, a secure cloud computing environment is one of the main concerns. Currently, enterprise cloud platforms often rely on their maintenance and operation, and medium and small companies cannot effectively save manpower information security costs, and thus has affected the willingness of enterprises to use cloud services. In...
An IP darkspace is an unused IP address range. Addresses are announced by routing, but no hosts are attached. Therefore all traffic directed to IP darkspace addresses is unsolicited and usually originates from attacks, attack preparation activities or misconfigurations. Most of the observed traffic belongs to known phenomena (e.g. horizontal scanning targeting a specific port) and is of limited interest...
Intrusion detection Systems(IDS) can produce large amount of alert data which usually possesses the characteristics of high redundancy and high repetition. Such kind of data makes the event processing for network security significantly difficult. Current cluster algorithms use cluster center to calculate the distance which leads to fairly big calculation errors. In order to aggregate the massive alert...
Intrusion Detection System (IDS) is the process of monitoring the events that occur in a system or network and process them for possible intrusions where as Intrusion Prevention System (IPS) has the capability to attempt to stop such possible intrusions. Combining the two systems will result in IDPS which not only detects the attacks but also prevent such attacks to occur in the networks. Distributed...
Tor is a worldwide publicly deployed low-latency anonymity system. In order to prevent observers from telling where the data came from and where it's going, data packets on the Tor network take a pathway through several intermediate relays. However, nodes selection to build such a pathway is oblivious to Internet routing, so anonymity guarantees can break down in cases where an attacker can correlate...
Collecting network traffic traces from deployed networks is one of the basic steps in understanding communication networks. Traffic traces are used for network management, traffic engineering, packet classification, and analyzing user behavior to ensure adequate quality of service. Monitored traffic traces should be anonymized for privacy and security reasons. The goal of anonymization is to preserve...
10Gbps Ethernet Security Processor is very important in future network telecommunication. In order to meet the performance of ultra high throughput of 10Gbps ESP, An architecture of multiple SHA-1 IP cores paralleled based crossbar switch are proposed in this paper. Firstly, An ultra high throughput, low power consumption SHA-1 algorithm IP-core are designed, then, an effective scheduling architecture...
Business processes, the next-generation workflows, have attracted considerable interest in recent years. Several XML-based languages have been proposed for specifying and orchestrating business processes. WS-BPEL (Web Services Business Process Execution Language), which is widely used in business process specification, cannot support authorization policies on the execution of activities. In this paper,...
In this paper we consider the problem of routing traffic between k source-destination pairs. Using game theoretic modeling we provide randomized strategies to minimize the threat of attacks on links by an adversary. The adversary is assumed to have a choice of c edges for attack. We propose iterative methods to find the Nash Equilibrium of the zero-sum game. The proposed schemes have been implemented...
The number of smart phone-users is rapidly growing due to the recent increase in wireless Internet usage, the development of a variety of applications, the activation of social networks, and so on. The smart phone has the benefits of mobility and convenience, but has the serious security problems. To utilize social network services in the smart phone, a flexible integrated authentication and access...
A heuristic approximation algorithm that can optimise the order of firewall rules to minimise packet matching is presented. It has been noted that firewall operators tend to make use of the fact that some firewall rules match most of the traffic, and conversely that others match little of the traffic. Consequently, ordering the rules such that the highest matched rules are as high in the table as...
Recent works [1], [2] have shown the benefits of a systematic approach to designing enterprise networks. However, these works are limited to the design of greenfield (newly deployed) networks, or to incremental evolution of existing networks without altering prior design decisions. In this paper, we focus on redesigning existing networks, allowing for changes to existing decisions. Such redesign (migration)...
Many of the network data visualization tools or applications are designed and being applied in network data visualization system which are particularly for users with advanced network knowledge even though the tools are indispensable by diverse computer users. In this paper, we proposed and presented an adaptive statistical analysis learning approach that is able to adapt to the user feedback after...
With the growing diverse demands for Internet applications, network security issues become more acute. To address the appropriate network security from network intrusion detection event has become an important research in network security. In this paper, user behavior features are extracted to create the model for the user transmission behavior. The demands for anomaly detection and the specific characteristics...
In order to effectively detect the scan attack on high-speed links, this paper improves the commonly used scan detection algorithm TRW (Threshold Random Walk) based on honeypot, and makes a detailed analysis on its performance. The analysis shows that the improved algorithm has better performance on the speed of identifying the scan source and can finish the real-time detection of high-speed link...
The vulnerability analysis based on rule is playing an important role in the internet security. Many security devices such as firewalls and intrusion detection systems work on the packet filtering system of which rules are the bases. The consistency of the rules and security policies as well as the validity of the regulation configure are of importance. Thus we must check and find out the rule’s anomaly...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.