The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Pharming attacks - a sophisticated version of phishing attacks - aim to steal users' credentials by redirecting them to a fraudulent website using DNS-based techniques. Pharming attacks can be performed at the client-side or into the Internet, using complex and well designed techniques that make the attack often imperceptible to the user. With the deployment of broadband connections for Internet access,...
In response to the emerging deployment of IPv6 on network devices, this paper proposes the integration of IPv6 on Lock-Keeper, an implementation of a high level security system for preventing online attacks. It is designed to permit the secure data exchange over physically separated networks in an IPv4-based environment. A new intercommunication module is added to manage IPv4/IPv6 handoff inside the...
Botnets, networks of malware-infected machines (bots) that are controlled by an adversary, are the root cause of a large number of security problems on the Internet. A particularly sophisticated and insidious type of bot is Torpig, a malware program designed to harvest sensitive information (such as bank account and credit-card data) from its victims. In this article, the authors report on their efforts...
Mobile IPv6 has been developed for quite a few years now, but it has yet to bring its constant connectivity and global reachability benefits to mobile devices in real world scenarios, mainly due to lack of trouble-free and secure network access and data transmission for devices as they roam. In this paper we propose a Unified Architecture that combines the strengths of Mobile IPv6 and AAA services...
Information exchange and convert is an important part of Internet of Things. The establishment of information sharing platform is necessary. In this article, DNS service principle and existing registration-mechanism are being imitated, in order to present a new data sharing platform-IIEDNS which based on the Internet of Things. Platform used the DNS service principle to achieve the link among platform...
We use the probabilistic model checker PRISM to formally model and analyze the highly publicized Kaminsky DNS cache-poisoning attack. DNS (Domain Name System) is an internet-wide, hierarchical naming system used to translate domain names such as google.com into physical IP addresses such as 208.77.188.166. The Kaminsky DNS attack is a recently discovered vulnerability in DNS that allows an intruder...
Recently, the variety and vastness of computer networks have increased rapidly. To keep networks stable and reliable, network administrators have to understand the nature of network traffic flows. We have developed a cardinality-analysis method that analyzes cardinalities in TCP/IP headers. The cardinalities can be used to detect abnormal traffic such as DDoS attacks and Internet worms. However there...
We performed statistical analysis on the total PTR resource record (RR) based DNS query packet traffic from a university campus network to the top domain DNS server through March 14th, 2009, when the network servers in the campus network were under inbound SSH dictionary attack. The interesting results are obtained, as follows: (1) the network servers, especially, they have a function of SSH services,...
Recently, femtocells, which cover a cell area of several tens of meters, have been attracting considerable attention in the field of mobile data communications. In the standard method, when a femtocell for data communication is connected through a public network such as a broadband access network or the Internet, an IPSec tunnel is established between the femtocell and the security gateway located...
This paper describes a new botnet that we have discovered at the beginning of December 2009. Our Net Flow-based network monitoring system reported an increasing amount of Telnet scanning probes. Tracing back to a source we have identified world wide infected DSL modems and home routers. Nowadays, various vendors use Linux in this kind of devices. A further investigation has shown that most of deployed...
This work investigates the use of Fast Flux Service Networks as an element of the host infrastructure for illegal scam transaction servers referenced in spam email. The goal of the research is to better understand the dynamics, distinguishing features, and potential vulnerabilities of these networks in order to blacklist, block, or otherwise mitigate their effectiveness. This approach consists of...
Monitoring large chunks of unused IP address space yields interesting observations and useful results. However, the volume and diversity of the collected data makes the extraction of information a challenging task. Additionally, the maintenance of the monitoring infrastructure is another demanding and time-consuming effort. To overcome these problems, we present several visualization techniques that...
The presence of IPv4/IPv6 translation gateway provides transparent routing mechanism to IPv4-only nodes and IPv6-only nodes which trying to establish communication from disparate address realms. However, the mechanism breaks TCP/IP intrinsic functionalities that results in IPSec cannot be applied in this environment. The existing solutions to address the compatibility issues between translation gateway...
This paper discusses the often overlooked issues and key vulnerabilities evident in Web facing technologies. The process of uncovering these issues and vulnerabilities is known as footprinting. We describe how organisations leak key information from their Web facing systems. Essentially the paper describes how individuals may target an organisation's Internet systems using general purpose tools and...
IP spoofing has been exploited by Distributed Denial of Service (DDoS) attacks to conceal flooding sources and localities in flooding traffic, and prevent legitimate hosts into becoming reflectors, redirecting and amplifying flooding traffic. Thus, the ability to filter spoofed IP packets near victims is essential to their own protection as well as to their avoidance of becoming congestion and involuntary...
Distributed Denial of Service (DDoS) attacks have become one of the most serious threats to the Internet. In this paper, we propose Mantlet, an overlay-based approach to detect and mitigate DDoS attacks. Mantlet combines three innovative mechanisms for anti-spooflng, attack detection and mitigation, respectively. To circumvent IP spoofing, we first propose a probing mechanism named Bypass Check to...
As more and more organizations rely on the Internet for their daily operation, Internet security becomes increasingly critical. Unfortunately, the vast resources available on the Internet are attracting many malicious users and organizations, including organized crime syndicates. With such organizations disguising their activity by operating from the machines owned and operated by legitimate organizations,...
Peer-to-Peer (P2P) overlays provide a framework for building distributed applications consisting of few to many resources with features including self-configuration, scalability, and resilience to node failures. Such systems have been successfully adopted in large-scale Internet services for content delivery networks, file sharing, and data storage. In small-scale systems, they can be useful to address...
A Honeypot is a system that aims to detect and analyze malicious attacks attempted on a network in an interactive manner. Because the primary objective of a honeypot is to detect enemies without being known to them, it is important to hide its existence. However, as several studies have reported, exploiting the unique characteristics of hosts working on a consecutive IP addresses range easily reveals...
With the widespread use of broadband network, the firewall, as a filter installed on the border of network, can easily cause congestion and becomes the bottleneck of network transmission. The Web Monitoring System Based on the URL Analysis introduced in this paper replicates the user Web request by the use of the monitoring technology, extracts and analyzes the URL of user request. Then the URL will...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.