2,026 Hits in 5.8 sec

A Novel Approach to Manage Asymmetric Traffic Flows for Secure Network Proxies [chapter]

Qing Li
2008 Lecture Notes in Computer Science  
A transparent secure network proxy intercepts web traffic such as HTTP requests and applies access policies to the intercepted traffic.  ...  This proxy cluster can cover a network that spans a large geographical area, and collaboratively discover and redirect asymmetrically routed traffic flows towards the appropriate member proxy.  ...  I would like to thank Blue Coat Systems for sponsoring this research work and granting me the permissions for publication.  ... 
doi:10.1007/978-3-540-88140-7_18 fatcat:bxz3qvzrdvge7mfjzfyw3wft2y

Secure store and forward proxy for dynamic IoT applications over M2M networks

Daniel Díaz-Sánchez, R. Simon Sherratt, Florina Almenarez, Patricia Arias, Andrés Marín
2016 IEEE transactions on consumer electronics  
This article proposes a novel opportunistic flexible secure store and forward proxy for M2M networks and its mapping to asynchronous protocols that guarantees data confidentiality.  ...  Internet of Things (IoT) applications are expected to generate a huge unforeseen amount of traffic flowing from Consumer Electronics devices to the network.  ...  Moreover, unlike the traffic generated by traditional Internet services, which flows from the network to user devices, M2M traffic will flow from devices to the network.  ... 
doi:10.1109/tce.2016.7838091 fatcat:svsqjagusjcvroig6pvt5jm7ue

Session Initiation Protocol Security: A Brief Review

2012 Journal of Computer Science  
An in-depth investigation related to SIP with the intention to categorize the wide variety of SIP security issues. Approach: Related papers to the infrastructure of SIP security were analyzed.  ...  Results and Conclusion: A useful categorization of SIP security issues has been done. The vulnerabilities of existing SIP infrastructure and possible remedies are discussed.  ...  ACKNOWLEDGEMENT We would like to express our gratitude to Prof. Dr. Sureswaran Ramadass, Director of National Advanced IPv6 Centre, Universiti Sains Malaysia for his kind support.  ... 
doi:10.3844/jcssp.2012.348.357 fatcat:eamzyd6u3jbjxjkwh35p2uzram

Secure and Anonymous Multicast Framework [chapter]

Nathalie Weiler, Bernhard Plattner
2001 IFIP Advances in Information and Communication Technology  
This paper presents a novel approach to secure and anonymous group communication.  ...  First, we propose a solution for anonymity in a local environment based on state-of-the art approaches such as pseudonym servers and anonymizers combined with encryption techniques on different protocol  ...  Acknowledgments The authors would like to thank Andri Kramer who implemented parts of the first SNAP prototype. Part of this work was funded by the Swiss National Science Foundation (SPP-ICS).  ... 
doi:10.1007/978-0-387-35413-2_4 fatcat:ttc7pkpu5jd3zb46o7rjywlhme

SIP over an Identifier/Locator Splitted Next Generation Internet Architecture

Christian Esteve Rothenberg, Walter Wong, Fabio L. Verdi, Mauricio F. Magalhaes
2008 International Conference on Advanced Communication Technology, ICACT  
One promising approach is the identifier/locator split, which opens a new paradigm of network communications by using static node identifiers uncoupled from the actual network location.  ...  Legacy packets interceptor and handling mechanisms were implemented using the Iptables tool to capture legacy packets  ...  a separated secure channel for each TCP flow.  ... 
doi:10.1109/icact.2008.4493839 fatcat:rg7tiy7cq5hodaggqcros4rdry

Design of a high-performance ATM firewall

Jun Xu, Mukesh Singhal
1999 ACM Transactions on Privacy and Security  
We propose a novel firewall design philosophy, called Quality of Firewalling (QoF), that applies security measures of different strength to traffic with different risk levels and show how it can be implemented  ...  It is also easy to manage and flexible to use.  ...  , which helped to improve the quality of this paper.  ... 
doi:10.1145/322510.322520 fatcat:leyg4uucs5cm5og32fl3ia55qu

SATSIX: A Network Architecture for Next-Generation DVB-RCS Systems [chapter]

L. Fan, C. Baudoin, F. Rodriguez, A. Ramos, J. A. Guerra, B. de La Cuesta, G. Fairhurst, A. Sathiaseelan, P. Berthou, T. Gayraud, L. Liang, A. Yun (+5 others)
2008 IP Networking over Next-Generation Satellite Systems  
Based on the studies on the requirements and design constraints, in this paper, a novel network architecture has been proposed as a potential solution to the above problems.  ...  UDP is also used for many signaling applications (e.g. SIP, routing protocols, network management) and for IP multicast (e.g. IPTV).  ...  However, in both the BE and DS approaches, several traffic flows can share common capacity, and it is highly desirable to provide a method to fairly distribute the available capacity between the various  ... 
doi:10.1007/978-0-387-75428-4_8 fatcat:llhk7zijxfhwpoktegts6qs3oy

Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics

Krzysztof Cabaj, Marcin Gregorczyk, Wojciech Mazurczyk
2018 Computers & electrical engineering  
In this paper we present a novel Software-Defined Networking (SDN) based detection approach that utilizes characteristics of ransomware communication.  ...  Especially dangerous is crypto ransomware that encrypts important user data and it is only possible to recover it once a ransom has been paid.  ...  Therefore the network can be managed in a logically centralized way.  ... 
doi:10.1016/j.compeleceng.2017.10.012 fatcat:ms6lbsdc2fhj3ojdhdxv3pg52i

HDMM: deploying client and network-based distributed mobility management

Fabio Giust, Carlos J. Bernardos, Antonio de la Oliva
2015 Telecommunications Systems  
In this article, we review existing DMM proposals and describe a hybrid solution which benefits from combining a network-based and a client-based approaches.  ...  We argue that the proposed hybrid DMM solution provides additional flexibility to the mobile network operators, which can decide when and how to combine these two approaches.  ...  The research leading to these results has received funding from the European Commu-  ... 
doi:10.1007/s11235-014-9959-3 fatcat:p2zntvjz4rdojjhbbkdro775fu

Measurement and analysis of IP network usage and behavior

R. Caceres, N. Duffield, A. Feldmann, J.D. Friedmann, A. Greenberg, R. Greer, T. Johnson, C.R. Kalmanek, B. Krishnamurthy, D. Lavelle, P.P. Mishra, J. Rexford (+3 others)
2000 IEEE Communications Magazine  
Traffic, usage, and performance measurements are crucial to the design, operation and control of Internet Protocol (IP) networks.  ...  This paper describes a prototype infrastructure for the measurement, storage and correlation of network data of different types and origins from AT&T's commercial IP network.  ...  Web Flow Management We used our PacketScope traces to evaluate policies for carrying Web traffic over a flow-switched network infrastructure.  ... 
doi:10.1109/35.841839 fatcat:vajdycaknfbq5obpso2ex5v43e

Securing 5G-IoT Device Connectivity and Coverage Using Boltzmann Machine Keys Generation

Anand Singh Rajawat, Pradeep Bedi, S. B. Goyal, Piyush Kumar Shukla, Sajjad Shaukat Jamal, Adel R. Alharbi, Amer Aljaedi, Vijay Kumar
2021 Mathematical Problems in Engineering  
Extended network life, coverage, and connectivity are all required for securing IoT-based 5G network devices. As a result of these failures, there are flaws that lead to security breaches.  ...  In this research, we proposed a Boltzmann machine (BMKG)-based encryption algorithm for securing 5G-enabled IoT device network environment and compared various asymmetric algorithms for key exchange.  ...  plane for payload (actual-) traffic, and the managed plane for administrative traffic.  ... 
doi:10.1155/2021/2330049 fatcat:zhebkqqixfapzlmzi3gkupyxju

Protocol Scrubbing: Network Security Through Transparent Flow Modification

D. Watson, M. Smart, G.R. Malan, F. Jahanian
2004 IEEE/ACM Transactions on Networking  
The TCP scrubber is based on a novel, simplified state machine that performs in a fast and scalable manner.  ...  Protocol scrubbers are transparent, interposed mechanisms for explicitly removing network scans and attacks at various protocol layers.  ...  This was to take into account our asymmetric filtering of the traffic.  ... 
doi:10.1109/tnet.2003.822645 fatcat:b7yzm7viejfbrfjg2tvuusam7e

Moving Target Defense-Based Denial-of-Service Mitigation in Cloud Environments: A Survey

Minh Nguyen, Saptarshi Debroy, AnMin Fu
2022 Security and Communication Networks  
However, the existing surveys that seek to explore this space either focus more on MTD for generic cyberattack mitigation or on DoS attack defense on cloud systems.  ...  We also discuss the non-MTD-based DoS defense strategies for both cloud and non-cloud infrastructures in order to highlight the pros and cons of MTD-based strategies.  ...  of the network and manages flow control to data plane via southbound APIs (e.g., OpenFlow [8, 9] ).  ... 
doi:10.1155/2022/2223050 fatcat:3figtl7ju5ezjbn3gwvzhjxj4e

Dynamic Deployment and Configuration of Differentiated Services Using Active Networks [chapter]

Toshiaki Suzuki, Chiho Kitahara, Spyros Denazis, Lawrence Cheng, Walter Eaves, Alex Galis, Thomas Becker, Dusan Gabrijelcic, Antonis Lazanakis, George Karetsos
2004 Lecture Notes in Computer Science  
We tested the FAIN active network by developing and dynamically deploying a control EE, which was designed and tested for the QoS configuration of the Diffserv-enabled pan-European FAIN testbed [4] .  ...  This paper presents the detailed components of the Future Active IP Networks (FAIN) [1] [2] [3] active node framework based on the novel Virtual Environment (VE) concept.  ...  Then the user assigns DSCP-0 to a video flow from the Cambridge test-bed and DSCP-8 is assigned to a jam flow in Berlin test-bed in the beginning. In this case, the jam traffic has a high priority.  ... 
doi:10.1007/978-3-540-24715-9_17 fatcat:kcio5ikvifgy5doocbnphbodfy

Message Authentication and Network Anomalies Detection in Vehicular Ad Hoc Networks

Leonid Legashev, Irina Bolodurina, Lubov Zabrodina, Yuri Ushakov, Alexander Shukhman, Denis Parfenov, Yong Zhou, Yan Xu, Mamoun Alazab
2022 Security and Communication Networks  
Integration of vehicles into a unified intelligent network leads to all kinds of security issues and cyber threats common to conventional networks.  ...  We also conduct experiments on vehicular ad hoc network segment traffic generation in OMNeT++ tool and apply up-to-date machine learning methods to detect malicious behavior in a given simulated environment  ...  [30] described a novel approach to detect intrusion attacks on the CAN bus using convolutional neural network and attention-based gated recurrent unit. Jhaveri R. et al.  ... 
doi:10.1155/2022/9440886 fatcat:ju3odjzvcjdkdpnpywil4o2x6u
« Previous Showing results 1 — 15 out of 2,026 results