The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Cashless electronic transaction is getting immense popularity nowadays due to its procedural and bureaucratic simplicity. Almost each and every organization and financial institutes prefers electronic transaction in lieu of pen-paper based banking approach, which depends on high speed internet technology. However, this online monetary transaction is a long cherished blessing for the developed countries...
As the core infrastructure of the VoIP, IMS and IPTV, SIP based network is now increasingly been deployed throughout the world. Due mainly to the relatively high flow rate and the exorbitant session maintenance, SIP servers are similarly susceptible to the Denial-of-Service (DoS) Attacks above the IP stack, especially when the Distributed spoofing URI is considered. A hybrid SIP DoS detection method...
The wide scale deployment of Internet combined with several advancements in hardware and software technologies created opportunities for several Internet based applications such as Voice Over IP (VoIP) that involves the delivery of voice, video and data to the end user. SIP, the Session Initiation Protocol, is a signaling protocol for Internet conferencing, telephony, presence, events notification...
As a current main end-to-end communication protocol there are a few vulnerabilities in TCP specification. The paper discusses the theory and vulnerability of TCP persist timer and analyzes the implementation of it in Linux. The vulnerability can lead to the infamous DOS attack. In the end of the paper we give two solutions to defense this type of DOS attack through modifying Linux kernel codes or...
Botnet has become a prevalent platform for malicious attacks, which poses a significant threat to Internet security. Recently, botnets are inclined to utilize HTTP to route their command and control (C&C) communication instead of using the protocol Internet Relay Chat (IRC). And these web-based C&C bots try to blend into normal HTTP traffic, which makes them more difficult to be identified...
In order to improve the efficiency of transmission for anti-virus gateway, this paper presents a new HTTP anti-virus gateway, which is called semi-proxy and based on protocol analysis. Based on the analysis of the principle of the current anti-virus gateway, this paper introduces the design principles and the key implementation techniques in detail, and finally verifies them by experiments. Experimental...
This paper explores a fast and effective method to detect TCP SYN flooding attack. The Generalized autoregressive conditional heteroskedastic (GARCH) model which is the most commonly used statistical modeling technique for financial time series is proposed as a new technique for Denial of service attack detection. The exponential backoff and retransmission property of TCP during timeouts is exploited...
Malicious botnet is evolving very quickly and using the many ways to evade detection system. The change of protocol is the most important part of the malicious botnet's evolution and evasion techniques. The initial malicious botnet was using the IRC protocol for communication between the command and contorl server and the zombie system. After that they use the HTTP protocol on the firewall-friendly...
We present an original approach to detect SYN flooding attacks from the victim's side, by monitoring unusual handshake sequences. Detection is done in real-time to allow quick protection and help guarantee a proper defence. Our detection system uses an entropy measure to detect changes in the balance of TCP handshakes. Experiment results show that our method can detect SYN flooding attacks with better...
HTTP-related vulnerabilities are being more commonly exploited as HTTP applications becoming the number one application across the Internet. Several HTTP specific anomaly methods have been proposed, among which grammar-based methods tend more likely to reflect the underlying structure of HTTP communications, therefore showed a promising classifying capability between benign and malicious accesses...
The stream control transmission protocol (SCTP) uses a cookie mechanism to tackle the security and traditional attack scenario. Unfortunately, SCTP is not secured against redirection attacks, bombing attacks and towards verification-tag guessing attacks which lead to association-hijacking and may force the victim client to starve out of service from the server. Therefore, we propose a secure SCTP...
A defense system against UDP flooding attack with artificial immune detection was put forward, and four sections detection with weight was proposed based on considering the uncontinuity of IP address. Eigenvalue matching was introduced based on analyzing the r-continuous bits matching rule. Using the new matching rule the negative selection algorithm was improved both in detector generation and "black...
SYN flood attacks still dominate distributed denial of service attacks. It is a great challenge to accurately detect the SYN flood attacks in high speed networks. An intelligent attacker would evade the public detection methods by suitably spoofing the attack to pretend to be benign. Keeping per-flow or per-connection state could eliminate such a spoofing, but meanwhile, it also consumes extremely...
There is a growing interest in designing high-speed network devices to process packet at flow level above the network layer. A basic operation inherent to such systems is the task of maintaining per-flow state in order to correctly perform their higher-level processing. In this paper, we present an efficient TCP flow state management algorithm in high-speed network. First we devise all flow states...
We present an original approach to detect sources that participate in a SYN flooding attacks by monitoring unusual handshake sequences. To protect the victim, it is better to detect the attacker early and as closely to the source as possible. Such a solution prevents waste of resources by restricting harmful- and useless-traffic across the network. Our source detection system uses an entropy measure...
The malicious botnets are evaluated as the serious threat of the Internet society in future. As the botnets are more clever and artful, the detection of botnets is not easy. Recently malicious botnets evolve into HTTP botnets out of typical IRC botnets and it is difficult to response effectively with existing methods which are using DNS traffic. In this paper, we show the relations of HTTP clients...
Biometric technology has been adopted in important elements of the national infrastructure, such as electronic passports and immigration control systems. However, the threats of invasion of privacy and of the illegal appropriation of information both increase with the expansion of the biometrics service environment to open systems. We introduce nine telebiometrics authentication models and a biometric...
IP multimedia subsystem (IMS) is a new next generation networking architecture that will provide better quality of service, charging infrastructure and security. The basic idea behind IMS is convergence; providing a single interface to different traditional or modern networking architectures allowing better working environment for the end users. IMS is still not commercially adopted and used but research...
Network management is one of the important areas in todaypsilas computing world. A basic requirement for the management of a complex network is the definition of high-level and flexible models to coordinate the accesses to the resources data and services provided by the network nodes. Most of the network management platforms are based on polling-based centralized SNMP management model which has the...
Naming and addressing are important issues for next generation Internet (NGI). In this paper, we discuss a new mobility and multihoming supporting identifier locator split architecture (MILSA). There are three main contributions of our solution. First, we separate trust relationships (realms) from connectivity (zones). A hierarchical identifier system for the realms and a Realm Zone Bridging Server...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.