The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
When a device on network communicates with copious other devices during a time window, this device is called a super point. Super points play important roles in network because they are usually servers, hosts running P2P applications, worms, DDos victims. Super points may change with the time. How to locating these super points from core network efficiently is a hard task. This paper proposed an algorithm...
The aim of Cloud Computing environment is to provide low cost, reliable, rapid, on-demand services to the users anywhere and anytime. But with its rapid development the security challenges are numerous. The capability of the malicious users to compromise cloud security from outside and inside has increased many folds. Hence organizations and users are skeptical about the security of cloud based services...
This paper describes a new approach for the representation of profiles of cognitive functions. The profiles are used in introspective monitoring to keep updated the meta-level about the most relevant attributes of each cognitive function that is executed in the object-level. The profiles are called algorithmic knowledge profiles. Declarative meta-knowledge, procedural meta-knowledge and strategic...
The increased number of cyber attacks makes the availability of services a major security concern. One common type of cyber threat is distributed denial of service (DDoS). A DDoS attack is aimed at disrupting the legitimate users from accessing the services. It is easier for an insider having legitimate access to the system to deceive any security controls resulting in insider attack. This paper proposes...
Software-Defined Networking (SDN) allows for fast reactions to security threats by dynamically enforcing simple forwarding rules as counter-measures. However, in classic SDN all the intelligence resides at the controller, with the switches only capable of performing stateless forwarding as ruled by the controller. It follows that the controller, in addition to network management and control duties,...
Information-Centric Networking (ICN) has emerged as an interesting approach to overcome many of the limitations of legacy IP-based networks. However, the drastic changes to legacy infrastructure required to realise an ICN have significantly hindered its adoption by network operators. As a result, alternative deployment strategies are investigated, with Software-Defined Networking (SDN) arising as...
In this work, we propose a system-on-chip (SoC) design tool for the automatic generation of hardware sandboxes for securing untrusted IP to be integrated into trusted systems. The Component Authentication Process for Sandboxed Layouts (CAPSL) is a design flow that incorporates behavioral specifications of IP interfaces in order to generate sandboxes purposed for detecting trojan activation and isolating...
With the rapid development of Internet of Things(IoT) ,varieties of applications based on it have been emerged quickly. One of the most prominent applications is the IoT monitoring equipment developed by many small and medium enterprises. Generally,the characteristics of such kind of equipment include:wide distribution, low data value density, high communication frequency, extremely limited computing...
NFV together with SDN promises to provide more flexible and efficient service provision methods by decoupling the network functions (NFs) from the physical network topology and devices, but requires the real-time and automatic composition and verification for service function chain (SFC). However, most of SFCs today are still typically built through manual configuration processes, which are slow and...
Network load-balancers generally either do not take application state into account, or do so at the cost of a centralized monitoring system. This paper introduces a load-balancer running exclusively within the IP forwarding plane, i.e. in an application protocol agnostic fashion - yet which still provides application-awareness and makes real-time, decentralized decisions. To that end, IPv6 Segment...
The efficient management of radio resources in today's home or residential Wi-Fi networks is still an open research question. Due to the chaotic and unplanned deployment of Wi-Fi Access Points (APs) and the fact that all APs are managed individually by their owners, home Wi-Fi networks suffer from performance degradation due to contention and interference. In this paper we present and showcase a distributed...
Heavy hitter detection is an important task in many network security and traffic measurement applications. In this work, we implement a heavy hitter detection accelerator based on the Count-Min sketch algorithm inside the NetFPGA-10G OpenFlow switch. By using only a small amount of extra memory and logic resources, the OpenFlow switch is capable of detecting the heavy hitter flows accurately without...
In this paper, we explored what could be achieved by a potential attacker on the I2P Network in terms of application and user profiling. In both cases, the effect of bandwidth sharing and participation have been analyzed. To explore this, we used a machine learning based approach to analyze the flows extracted from the traffic generated by the applications and the users. Our results show that profiling...
Software-Defined Networking (SDN) emerges as a recent paradigm that grants a holistic network visibility and flexible network programmability, facilitating rapid innovation of protocol and services. Although SDN provides greater control over traffic flow than ever before, it also introduced new challenges and issues to be addressed with its management. In that light, the security and reliability of...
Software Defined Network (SDN) is an emerging networking paradigm that has gained enormous attention from the industries as well as the research community. SDN decouples data plane and control plane. The direct programmability of the control plane allows us to develop routing algorithms, which can accommodate versatile requirements of diverse network applications. On another side, Quality-of-Service...
Distributed Denial of Service (DDoS) attacks targeting the application layer are becoming more prevalent due to a lack of suitable defence solutions. Existing research treats the web server environment as a black box, by only monitoring the edge network traffic; however, we believe that this approach limits the accuracy of the detection system as it does not protect the back-end database servers....
Large network operators have thousands or tens of thousands of access aggregation links that they need to manage and dimension properly. Measuring and understanding the traffic characteristics on these type of links are therefore essential. What do the traffic intensity characteristics look like on different timescales from days down to milliseconds? How do the characteristics differ if we compare...
Honeypots are used as a security measure both to divert the attention of a potential attackers intentions and to reveal the attacker since the only reason someone would interact with honeypots is if they are looking for a vulnerable target. Honeypots emulate only a part of the machine they are supposed to represent and contain no valuable data. ICS (Industrial Control System) is a term that is used...
In this paper, we describe a network defence strategy testbed, which could be utilized for testing the strategy decision logic against simulated attacks or real attackers. The testbed relies on a network of honeypots and the high level of logging and monitoring the honeypots provide. Its main advantage is that only the decision logic implementation is needed in order to test the strategy. The testbed...
Voice services has been for a very long time the primary source of income for mobile network operators. Even with the increasing importance of the data traffic, voice services will keep playing a key role and will not disappear with the transition to a networking model based on the IP protocol. Moreover, the key industry players diagnosed years ago that mobile subscribers wouldn't accept a significant...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.