The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With the growth of network scale, network administrators dissipate large amounts of time and costs to manage network addresses (IP/MACs). However, the current state of IP address management can be said to be extremely inefficient. Therefore, through real time platform technology research on important apparatus that can protect network addresses, a ground breaking measure that can improve the reliability...
As protection against the current privacy weaknesses of StateLess Address Auto Configuration (SLAAC) in the Internet Protocol version 6 (IPv6), network administrators may choose to deploy the new Dynamic Host Configuration Protocol for IPv6 (DHCPv6). Similar to the Dynamic Host Configuration Protocol (DHCP) for Internet Protocol version 4 (IPv4), DHCPv6 uses a clientserver model to manage addresses...
The cloud has not kept pace with the enormous volume of user identities that network administrators must manage and secure. An identity fabric that links multiple applications to a single identity would address this problem, enabling full-scale cloud adoption.
Recently, the variety and vastness of computer networks have increased rapidly. To keep networks stable and reliable, network administrators have to understand the nature of network traffic flows. We have developed a cardinality-analysis method that analyzes cardinalities in TCP/IP headers. The cardinalities can be used to detect abnormal traffic such as DDoS attacks and Internet worms. However there...
Over the last decade, IPv6 has established itself as the most mature network protocol for the future Internet. Its recent deployment in core networks of operators, its availability to end customers of multiple ISPs together with the availability of native access to large services like Google assess the increasing penetration of IPv6. While its deployment from the inside of the network leading to the...
In July 2008, the Kaminsky attack showed that DNS is sensitive to cache poisoning, and DNSSEC is considered the long term solution to mitigate this attack. A lot of technical documents provide configuration and security guide lines to deploy DNSSEC on organization's servers. However, such documents do not provide ISP or network administrators inputs to plan or evaluate the cost of the migration. This...
To reduce the work load of network administrators, e.g., fault detection/recovery, performance analysis and security maintenance etc., knowledge-based intelligent support system for network administrator based on active information resource (AIR-NMS) have been proposed. In this paper, we describe some design pattern and some implemented examples of activated information resource (AIR) on network administration...
The media often reports shocking stories regarding attacks to the networks of well-known companies and organisations with headlines announcing either millions of pounds worth of financial loss or exposing public security issues. The most common attacking methods take advantage of the weakness of operating systems, the bugs found in certain applications such as Internet Explorer or Adobe Reader, or...
To reduce the loads imposed on network administrators, we have proposed AIR-NMS, which is a network management support system (NMS) based on Active Information Resource (AIR). In AIR-NMS, various information resources (e.g., state information of a network, practical knowledge of network management) are combined with software agents which have the knowledge and functions for supporting the utilization...
Firewalls are one of the most deployed mechanisms to protect the network from unauthorized access and security threats. However, maintenance of firewall policy is an error-prone and complicated task for a dynamic network environment. Conflict is a misconfiguration that happens when a packet matches two or more filters resulting in shadowing and redundancy of the filters. Network administrators reconfigure...
Intrusion aggregation techniques fundamentally focus on how to reduce redundant alerts to lessen the workload of human analysts. Consequently, the clarity and inherent meanings of the entire alerts are completely suppressed. These mostly occur whenever attackers overload intrusion detectors with closely related digression packets that subsequently flood human analysts with lots of redundant alerts...
Computer networks have become a ubiquitous part of modern society. As the spread of networks continues to increase, so do the various applications for the underlying technology. Thus traffic classification has become and remains important to network administrators. In this paper, preliminary results using multi-dimensional piecewise polynomials to model network traffic are shown. Different types of...
Increasing malicious network traffic has been serious threats to the network security and network administrators have difficulty to detect the network attacks from vast network traffic. Because an image can contain the much traffic information and intuitively display the network status, it is helpful to reduce the processing time for detecting the anomalies. Therefore we proposed a hierarchical approach...
Wireless sensor network are deployed today to monitor the environment, but their own health status is relatively opaque to network administrators, in most cases. In bridge diagnosis system, we develop a wireless sensor network to gather the vibration data of bridge. In past field bridge diagnosis experiment, node failure and data packets loss always occurred in the WSN and can not be detected. It...
A lightpath route management system with parallel processing capabilities and a flexible upgradability, allowing new functions to be added to the system without any system program changes, has been designed and implemented for IP-over-CWDM networks with ROADMs. The system can process route management functions composed of some sub applications in parallel in multi machines for high speed performance...
Network Address Translation (NAT) and Network Address and Port Translation (NAPT) are widely used to separate networks and share IPv4 addresses. They're valuable tools for network administrators and help with the imminent exhaustion of IPv4 address space and the transition to IPv6. This article surveys recent standardization efforts in this area.
Recent phenomenal growth in broadband technology, coupled with the need for organizations to stay competitive, requires a corresponding comprehensive understanding of new and advanced technologies. In this regard, new challenges have arisen with respect to mastering the intricacies related to acquisition, design, systems development and methodologies needed to manage these complex technologies. More...
Lightpath reconfiguration management system has been designed and implemented for IP-over-CWDM networks with ROADMs. The system can search possible lightpaths made by ROADMs with specified switch states. The function is based on an equivalent graph method proposed for representing the ROADMs, and can output lightpaths in the network together with the total loss values. The system enables the network...
The paper presents an extension of NetPy, a network traffic visualization tool using NetFlow records. NetPy offers traffic visualization as well as a traffic analysis, which is very useful for the network administrators. NetPy has been re-designed to include a better graphical user interface to make the application easier to use and to present the information in the best way possible. The new version...
To keep the network secure, it is necessary to monitor network traffic timely and effectively. The traditional methods for detecting network anomalies were mainly based on such ways as sampling, counting and aggregating, but they can not solve the problem of getting accurate and effective results well. In this paper we propose a new method that is based on the basic properties of frequent pattern...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.