The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Flexibility and extendibility of Software Defined Networks allows development of diverse network management and flow monitoring techniques. Yet, there are inherent tradeoffs between the quality of flow monitoring and the required network resources. In particular, collecting flow statistics, at the level of specific source-destination addresses (and, moreover, specific protocols and ports), requires...
In this paper, we propose two simple and practically feasible countermeasures to address the Route Spoofing and Resource Exhaustion attacks in Software Defined Networking (SDN) scenarios. For Route Spoofing attack, we introduce a new technique called “selective blocking” which blocks an adversary node to use a genuine user's active routes, and for Resource Exhaustion attack, we propose a “periodic...
The reports from last years outline the fact that the web crawlers (robots, bots) activities generate more than a half of web traffic on Internet. Web robots can be good (used for example by search engines) or bad (for bypassing security solutions, scraping, spamming or hacking), but usually all take up the internet bandwidth and can cause damage to businesses that rely on web traffic or content....
Internet scale continues to expand, the IPv6 protocol standard is implemented in the network gradually, make the behavior characteristic of the network become more changeful and more unstable, so it can be more detailed to carry on network situation perception system according to network data stream to become the next research direction. The support of IPv6 Network Situation Awareness system is realized...
While many DDoS mitigation approaches utilize the flexibility of software-defined infrastructures in a decentralized fashion, most of them assume that the infrastructure as a whole is willing and capable of mitigating all incoming packets of an attack. Those approaches cannot be used out of the box, if the attack overburdens the infrastructure or the monetary budget for mitigation is limited. Therefore...
A distributed system is presented for the monitoring and control of the primary variables: pressure, level and flow; for this, a wireless system is implemented at the level of sensor-actuators and at the level of controllers an Ethernet / IP network, the mentioned industrial networks are implemented based on the OSI model and TCP / IP respectively, for the visualization an HMI is realized in the software...
Threats within the network are a security risk with which you deal daily. Due to this, the use of more complex means of security than the Firewall should be considered to perform the analysis of the traffic behavior of the network by means of devices of next generation such as Systems of Detection and Prevention of Intrusions (IDPS). This article presents a comparison of commercial systems and open...
Software Defined Networking (SDN) enables a centralised entity - the controller - to monitor the network’s status by collecting traffic statistics such as packets, bytes, etc. Each statistic is associated with a forwarding table entry (FTE) in a switch whose structure and format is specified by the OpenFlow standard (de-facto SDN standard). For a flow with a FTE, its statistic is easily...
This paper sketches a service-oriented and hierarchical queuing mechanism designed to manage radio buffers while delivering web services. The goal is avoid buffer overflow implementing a three-level queuing mechanism. The first level is the message queue which stores messages from user-facing services. At the second level, the messages are fragmented into IP packets which are stored in the packet...
Over the years the number of elements in a corporate network, the services and the amount of traffic have grown significantly. For this reason, it is increasingly important to analyze the traffic. Packet-based analysis is the traditional option but entails a high resources consumption. In order to palliate this, flow-based analysis arises. It usually implies to deploy a flow exporter, responsible...
Current approaches to Information-Centric Networking (ICN) facilitate the publication and retrieval of content in a network through a variety of discovery, caching and forwarding approaches, thus defining an equivalent of the data plane in the current Internet infrastructure. However, in contrast to the current Internet, ICN lacks a definition of the control plane for the management of the operation...
During the last years, the use of Domain Generation Algorithms (DGAs) has increased with the aim of improving the resiliency of communication between bots and Command and Control (C&C) infrastructure. In this paper, we report on an effective DGA-detection algorithm based on a single network monitoring. The first step of the proposed method is the detection of a bot looking for the C&C and...
Cyber-attacks have become more threatening as Internet evolves, particularly for Internet Service Providers (ISPs) that play a rule of carrying them to their subscribers. In order to protect themselves and their subscribers, ISPs invest in typical protection systems like IDS, IPS, or Firewalls, that are designed for perimeter-based operation. Even though these expensive systems are efficient to protect...
The problem of the early detection of forest fires in isolated areas is studied, as is the case of Torres del Paine National Park, as an area of very high tourist interest, an economic engine of the Magallanes region, and currently a world reserve of The Biosphere according to UNESCO. No communication connectivity, and presents important logistical challenges to deploy and install equipment, with...
The Locator/Identifier Separation Protocol (LISP) separates classical IP addresses into two categories: one for identifying terminals, the other for routing. To associate identifiers and locators LISP needs a specific mechanism, called mapping system. This technology is still at an early stage but two experimental platforms have already been deployed in the Internet: LISP Beta Network and LISP-Lab...
Software-Defined Networks (SDN) is an emerging area that promises to change the way we design, build, and operate network architecture. It tends to shift from traditional network architecture of proprietary based to open and programmable network architecture. However, this new innovative and improved technology also brings another security burden into the network architecture, with existing and emerging...
Much of smart phone time is spent in using apps that connect to the Internet. Android, out of the box, does not provide network filtering or monitoring facilities. Security exploits and privacy leaks makes it necessary that we track network usage that could be happening behind our backs. We have built a “network ombudsman” framework service and an app that continuously monitors and logs the network...
The Network Functions Virtualization (NFV) is an emerging solution that improves the flexibility, efficiency, and manageability of networks by leveraging virtualization and cloud computing technologies to run network appliances in software. The implementation of NFV presents issues such as the introduction of new software components, bottleneck performance, and monitoring hidden traffic. A considerable...
The proposed model of a multi-agent environment for e-learning due to increase in the cybercrime was found to be susceptible to DOS attacks and personification attacks that is dealt by embedding the mitigation mechanism of IP filtering with the proposed model. Developing the e-learning environment in which an algorithm has been implemented to filter the spoofed IPs from the legitimate IPs. The multi-agent...
The optical network management system is very important for optical equipment monitoring and managing, the timeliness and accuracy are very critical parameters. Automatic discovery of network nodes is the embodiment of automation of network management system. However, most of the traditional automatic discovery method is based on the ICMP protocol, which is to ping all the IP addresses in local area...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.