Qu O O & & A P P O O D
|
|
- Regina Cameron
- 5 years ago
- Views:
Transcription
1 Defense Enabling Using QuO: Experience in uilding Survivable CORA Applications Chris Jones, Partha Pal, Franklin Webber N Technologies QuO & APOD 1 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
2 APOD Overview APOD is toolkit of mechanism wrappers and adaptation strategies that allows an application to use security mechanisms to dynamically adapt to a changing environment We believe that adaptation increases an application s resiliency to certain kinds of attacks APOD uses QuO, which provides an application with adaptation. 2 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
3 Quo Overview QuO is a middleware system that offers an application the ability to adapt to the changing environment in which it is running. Host resources (CPU and memory) usage Network resource availability Intrusion status The adaptive code is separated into a QuO qosket for reuse. A qosket is a set of specifications and implementations that define a quality of service module. It can be added into a distributed object application with minimum impact on the application 3 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
4 QuO Overview (cont.) Quality Description Languages (QDL) Contract description language, adaptive behavior description language Code generators that generate Java and C++ code for contracts, delegates, creation, and initialization System Condition Objects Provide interfaces to resources, managers, and mechanisms QuO Runtime Kernel Contract evaluator Factory object which instantiates contract and system condition objects 4 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
5 CORA DOC MODEL QUO/CORA DOC MODEL CLIENT IDL STUS CLIENT Delegate IDL STUS OJ REF QuO Architecture in args operation() out args + return value Network OJECT (SERVANT) IDL SKELETON OR IIOP IIOP OR OJ REF SysCond Contract SysCond in args operation() out args + return value MECHANISM/PROPERTY MANAGER Network SysCond Contract SysCond OJECT (SERVANT) IDL SKELETON Delegate OR IIOP IIOP OR OJECT ADAPTER OJECT ADAPTER Application Developer Mechanism Developer Application Developer QuO Developer Mechanism Developer 5 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
6 APOD Description We believe that by adapting to and trying to control its environment, an application can increase its chances of survival under attack Use QuO to integrate multiple security mechanisms into a coherent strategy for adaptation Use mechanisms where they exist to harden or protect an application, a resource, or a service Tie security information to the adaptation of an application through the QuO system condition objects QuO s contract language is used to define defensive strategies that a Example strategies include» containment, which uses snort and iptables to detect and limits the extent of attacks» outrun, uses dependability with replication to move away from attacks 6 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
7 Defense-Enabled Application Competes With Attacker for Control of Resources Attacker C r y p t o Application QoS Management OSs and Network IDSs Firewalls Raw Resources CPU, bandwidth, files... 7 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
8 APOD Mechanisms Network and Host Sensors Snort is a lightweight network intrusion detection system Tripwire for detecting file systems integrity violations Actuators Network traffic filters - Iptables File systems recovery secure backup Dependability management using replication Aqua replication system from University of Illinois, Urbana- Champaign APOD us mechanism for publishing data about application s status and for maintaining replicas of application processes andwidth Management Intserv (RSVP, SecureRSVP) and Diffserv Access Control NAI s OO-DTE at the interceptor layer 8 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
9 APOD Strategies QuO s contract language is used to define defensive strategies Example strategies include containment, which uses snort and iptables to detect and limits the extent of attacks outrun, uses dependability with replication to move away from attacks. 9 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
10 APOD Red-teaming Experimentation Sandia labs redteam attacks an APOD enabled application Test the added value of APOD to an application Also, analyzing the overhead of APOD Application has three pieces; client, image server, and broker. The broker is responsible for hooking clients requesting images to the server that can provide those images Two broker components are maintained by the APOD bus on a set hosts. Each of these hosts is running a qosket implementing a containment strategy Using snort and tripwire as sensors and iptables and the bus to react to attack detections. 10 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
11 APOD Redteam Example Client 1 Subscribe/ Unsubscribe APOD bus Publish/ Unpublish Server 1 Client 2 Server ready/ Server gone Subscribe/ Unsubscribe Server ready/ Server gone roker 1 roker 2 Publish/ Unpublish Publish/ Unpublish Server 2 Server 3 11 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
12 Experimentation Configuration Testing environment of 14 hosts on 4 subnets. client2 broker2_1 broker2_2 C broker1_1 broker1_2 server S autobot Experiment Control, external waypoint VPN/ Internet optimus (IPNET3) (IPNET2).1 router_ipnet_2 router_ipnet_ router_ipnet_1 router_ipnet_ (IPNET1) (IPNET4) C S badguy S client3 broker3_1 broker3_2 server3 broker4_1 broker4_2 server4 12 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
13 Red-teaming Attack and Preliminary Results With APOD and the configuration, the redteam was forced to combine three different attacks to cause a denial of service of the broker The three attack are: ARP cache poisoning, Spoofing, connection flooding The combined attacks took 5 minutes and we have implemented counter defenses APOD has added value and the method call latency overhead of QuO and APOD to application is very small (~.3 msec.) note: encryption at interceptor layer not included, but measured by APOD team as roughly 500 msec per method call using symmetric encryption can improve this number. Ipsec overhead compared to interceptor layer is very small 13 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
14 What APOD would like from DOC security etter elimination of software flaws in OR implementations Standardized support across CORA implementations for pluggable transports interceptors Knobs and Dials at OR and service level to adjust security Easy configuration of OR s port selection dynamically under middleware control.» Specific ports or range of ports» How to select the next port to use Configuration of timeouts and how to deal with them. 14 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
15 Conclusion The red teaming has been extremely useful for APOD Validated our work and stress test our defenses CORA support needs to as secure and uniform as possible Found lack of uniformity in implementations Trusting the OR is secure Websites: QuO: APOD: 15 APOD 12/1/2002 DOCSEC 2002 Christopher Jones
Using Quality Objects (QuO) Middleware for QoS Control of Video Streams
Using Quality Objects (QuO) Middleware for QoS Control of Streams BBN Technologies Cambridge, MA http://www.dist-systems.bbn.com/tech/quo/ Craig Rodrigues crodrigu@bbn.com OMG s Third Workshop on Real-Time
More informationQuality Objects (QuO): Adaptive Management and Control Middleware for End-to-End QoS
Quality Objects (QuO): Adaptive Management and Control Middleware for End-to-End QoS Craig Rodrigues, Joseph P. Loyall, Richard E. Schantz BBN Technologies/GTE Technology Organization Cambridge, Massachusetts,
More informationA QoS-aware CORBA Component Model for Distributed Real-time and Embedded System Development
A -aware CORBA Model for Distributed Real-time and Embedded System Development Nanbor Wang and Chris Gill {nanbor,cdgill}@cse.wustl.edu Department of Computer Science and Engineering Washington University
More informationCpt. S 464/564 Lecture Auxiliary Material (not from text) January 29-31, Middleware in Context: 2016 David E. Bakken
Middleware in Context Prof. Dave Bakken Cpt. S 464/564 Lecture Auxiliary Material (not from text) January 29-31, 2017 1 Sources of Info D. Bakken, Middleware, unpublished article (from an Encyclopedia
More informationAdaptive Middleware. Self-Healing Systems. Guest Lecture. Prof. Priya Narasimhan. Assistant Professor of ECE and ISRI Carnegie Mellon University
Adaptive Middleware Self-Healing Systems Guest Lecture Prof. Priya Narasimhan Assistant Professor of ECE and ISRI Carnegie Mellon University Recommended readings and these lecture slides are available
More informationReflections On Evaluating Survivability: The APOD 1 Experiments
Reflections On Evaluating Survivability: The APOD 1 Experiments Partha Pal, Michael Atighetchi, Franklin Webber, Richard Schantz and Christopher Jones BBN Technologies 10 Moulton Street Cambridge, MA 02138,
More informationMiddleware in Context: 2016 David E. Bakken. Cpt. S 464/564 Lecture Auxiliary Material (not from text) January 30, 2019
Middleware in Context Prof. Dave Bakken Cpt. S 464/564 Lecture Auxiliary Material (not from text) January 30, 2019 Sources of Info D. Bakken, Middleware, unpublished article (from an Encyclopedia of Distributed
More informationPROTECTING APPLICATIONS AGAINST MALICE USING ADAPTIVE MIDDLEWARE
PROTECTING APPLICATIONS AGAINST MALICE USING ADAPTIVE MIDDLEWARE Richard E. Schantz, Franklin Webber, Partha Pal, Joseph Loyall BBN Technologies, 10 Moulton Street, Cambridge, MA 02138, USA {schantz, fwebber,
More informationSwitching & ARP Week 3
Switching & ARP Week 3 Module : Computer Networks Lecturer: Lucy White lbwhite@wit.ie Office : 324 Many Slides courtesy of Tony Chen 1 Ethernet Using Switches In the last few years, switches have quickly
More informationDesigning Windows Server 2008 Network and Applications Infrastructure
Designing Windows Server 2008 Network and Applications Infrastructure Course No. 6435B - 5 Days Instructor-led, Hands-on Introduction This five-day course will provide students with an understanding of
More informationFundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,
Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure
More informationMiddleware Support for. Voting and Data Fusion. Chris Jones David Karr. Zhiyuan Troy Zhan. Dave Bakken. Cambridge, Mass.
Middleware Support for Voting and Data Fusion Dave Bakken Zhiyuan Troy Zhan School of Electrical Engineering and Computer Science Washington State University Pullman, Wash. USA www.eecs.wsu.edu Chris Jones
More informationAQUILA. Project Defense. Sandeep Misra. (IST ) Development of C++ Client for a Java QoS API based on CORBA
AQUILA (IST-1999-10077) Adaptive Resource Control for QoS Using an IP-based Layered Architecture Project Defense Development of C++ Client for a Java QoS API based on CORBA http://www-st st.inf..inf.tu-dresden.de/aquila/
More informationIntegrating Fragmented Objects into a CORBA Environment
Integrating ed Objects into a CORBA Environment Hans P. Reiser 1, Franz J. Hauck 2, Rüdiger Kapitza 1, and Andreas I. Schmied 2 1 Dept. of Distributed Systems and Operating System, University of Erlangen-
More informationIT443 Network Security Administration Spring Gabriel Ghinita University of Massachusetts at Boston
IT443 Network Security Administration Spring 2018 Gabriel Ghinita University of Massachusetts at Boston Contact Information Instructor: Dr. Gabriel Ghinita Email: Gabriel.Ghinita@umb.edu (preferred contact)
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Intrusion Detection Systems Intrusion Actions aimed at compromising the security of the target (confidentiality, integrity, availability of computing/networking
More informationAQuA: An Adaptive Architecture that Provides Dependable Distributed Objects 1
AQuA: An Adaptive Architecture that Provides Dependable Distributed Objects 1 Michel Cukier, Jennifer Ren, Chetan Sabnis, David Henke, Jessica Pistole, and William H. Sanders Center for Reliable and High-Performance
More information2. INTRUDER DETECTION SYSTEMS
1. INTRODUCTION It is apparent that information technology is the backbone of many organizations, small or big. Since they depend on information technology to drive their business forward, issues regarding
More informationConfiguring and Administering Hyper-V in Windows Server 2012
Configuring and Administering Hyper-V in Windows Server 2012 About this course Students will learn the history of Virtualization as it pertains to Microsoft technologies. Students will learn the new features
More informationNetwork Security Terms. Based on slides from gursimrandhillon.files.wordpress.com
Network Security Terms Based on slides from gursimrandhillon.files.wordpress.com Network Security Terms Perimeter is the fortified boundary of the network that might include the following aspects: 1. Border
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationChapter 8 roadmap. Network Security
Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing
More information: Course 55021A : Configuring and Administering Hyper-V in Windows Server 2012
Module Title Duration : Course 55021A : Configuring and Administering Hyper-V in Windows Server 2012 : 3 days Course Description This three-day instructor-led course provides students with the knowledge
More informationTelecommunication Services Engineering Lab. Roch H. Glitho
1 Quality of Services 1. Terminology 2. Technologies 2 Terminology Quality of service Ability to control network performance in order to meet application and/or end-user requirements Examples of parameters
More informationConfiguring & Administering Hyper-V in Windows Server 2012
Configuring & Administering Hyper-V in Windows Server 2012 Course 55021A - Three days - Instructor-led - Hands-on Introduction This three-day instructor-led course provides students with the knowledge
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 20: Intrusion Prevention Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Firewalls purpose types locations Network perimeter
More informationAn Object-level Gateway Supporting Integrated-Property Quality of Service
An Object-level Gateway Supporting Integrated-Property Quality of Service Richard Schantz, John Zinky, David Karr, David Bakken, James Megquier, Joseph Loyall BBN Technologies/GTE Internetworking 10 Moulton
More informationSecuring MQTT. #javaland
Securing MQTT #javaland 2017 www.bestppt.com INTRODUCTION Dominik Obermaier @dobermai Disclaimer Obligatory Disclaimer: All security suggestions and guidelines in this talk are collected from real-world
More informationTable 3-1 Joint Staff IPv6 Operational Criteria
Table 3-1 Joint Staff Joint Staff Final TE Report Criterion 1 security of unclassified network operations, classified network operations, black backbone operations, integration of HAIPE, integration of
More informationMultiprocessor Support
CSC 256/456: Operating Systems Multiprocessor Support John Criswell University of Rochester 1 Outline Multiprocessor hardware Types of multi-processor workloads Operating system issues Where to run the
More informationCS System Security 2nd-Half Semester Review
CS 356 - System Security 2nd-Half Semester Review Fall 2013 Final Exam Wednesday, 2 PM to 4 PM you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks
Security+ Guide to Network Security Fundamentals, Fourth Edition Network Attacks Denial of service Attacks Introduction: What is DoS? DoS attack is an attempt (malicious or selfish) by an attacker to cause
More informationCloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com
Cloud Computing Faculty of Information Systems Duc.NHM nhmduc.wordpress.com Evaluating Cloud Security: An Information Security Framework Chapter 6 Cloud Computing Duc.NHM 2 1 Evaluating Cloud Security
More informationThe Design and Performance of a Pluggable Protocols Framework for Real-time Distributed Object Computing Middleware
The Design and Performance of a Pluggable Protocols Framework for Real-time Distributed Object Computing Middleware, Fred Kuhns, Douglas C. Schmidt, Ossama Othman and Jeff Parsons coryan@uci.edu http://www.ece.uci.edu/coryan/
More informationCisco IPS AIM Deployment, Benefits, and Capabilities
Cisco IPS AIM Abstract The Cisco IPS Advanced Integration Module (AIM) for Cisco modular integrated services routers integrates a high-performance, feature-rich intrusion prevention system (IPS) into the
More informationCIS 21 Final Study Guide. Final covers ch. 1-20, except for 17. Need to know:
CIS 21 Final Study Guide Final covers ch. 1-20, except for 17. Need to know: I. Amdahl's Law II. Moore s Law III. Processes and Threading A. What is a process? B. What is a thread? C. Modes (kernel mode,
More informationUser s Manual. How to configure and use FortGuard Professional Anti-DDoS Firewall
Anti-DDoS Firewall User s Manual How to configure and use FortGuard Professional Anti-DDoS Firewall Copyright 2003-2009 FortGuard Software Technology Co., Ltd. http://www.fortguard.com Regarding Installation
More informationImplementing Cisco Network Security (IINS) 3.0
Implementing Cisco Network Security (IINS) 3.0 COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationAnalysis of Passive CORBA Fault Tolerance Options for Real-Time Applications Robert A. Kukura, Raytheon IDS Paul V. Werme, NSWCDD
Analysis of Passive CORBA Fault Tolerance Options for Real-Time Applications Robert A. Kukura, Raytheon IDS Paul V. Werme, NSWCDD PASSIVE CORBA FAULT TOLERANCE All clients send method invocations only
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationAccessEnforcer Version 4.0 Features List
AccessEnforcer Version 4.0 Features List AccessEnforcer UTM Firewall is the simple way to secure and manage your small business network. You can choose from six hardware models, each designed to protect
More informationDistributed Systems. Overview. Distributed Systems September A distributed system is a piece of software that ensures that:
Distributed Systems Overview Distributed Systems September 2002 1 Distributed System: Definition A distributed system is a piece of software that ensures that: A collection of independent computers that
More information"Charting the Course... MOC 6435 B Designing a Windows Server 2008 Network Infrastructure Course Summary
MOC 6435 B Designing a Windows Network Infrastructure Course Summary Description This five-day course will provide students with an understanding of how to design a Windows Network Infrastructure that
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 19: Intrusion Detection Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Intruders Intrusion detection host-based network-based
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationDistributed Object-Based Systems The WWW Architecture Web Services Handout 11 Part(a) EECS 591 Farnam Jahanian University of Michigan.
Distributed Object-Based Systems The WWW Architecture Web Services Handout 11 Part(a) EECS 591 Farnam Jahanian University of Michigan Reading List Remote Object Invocation -- Tanenbaum Chapter 2.3 CORBA
More informationCND Exam Blueprint v2.0
EC-Council C ND Certified Network Defende r CND Exam Blueprint v2.0 CND Exam Blueprint v2.0 1 Domains Objectives Weightage Number of Questions 1. Computer Network and Defense Fundamentals Understanding
More informationA senior design project on network security
Michigan Technological University Digital Commons @ Michigan Tech School of Business and Economics Publications School of Business and Economics Fall 2007 A senior design project on network security Yu
More informationA Grid-Enabled Component Container for CORBA Lightweight Components
A Grid-Enabled Component Container for CORBA Lightweight Components Diego Sevilla 1, José M. García 1, Antonio F. Gómez 2 1 Department of Computer Engineering 2 Department of Information and Communications
More informationNETWORK INTRUSION. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
NETWORK INTRUSION Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Recognize different
More informationDistributed Objects. Object-Oriented Application Development
Distributed s -Oriented Application Development Procedural (non-object oriented) development Data: variables Behavior: procedures, subroutines, functions Languages: C, COBOL, Pascal Structured Programming
More informationIntelligent Event Processing in Quality of Service (QoS) Enabled Publish/Subscribe (Pub/Sub) Middleware
Intelligent Event Processing in Quality of Service (QoS) Enabled Publish/Subscribe (Pub/Sub) Middleware Joe Hoffert jhoffert@dre.vanderbilt.edu http://www.dre.vanderbilt.edu/~jhoffert/ CS PhD Student Vanderbilt
More informationCisco Exam Questions & Answers
Cisco 648-385 Exam Questions & Answers Number: 648-385 Passing Score: 800 Time Limit: 120 min File Version: 34.4 http://www.gratisexam.com/ Cisco 648-385 Exam Questions & Answers Exam Name: CXFF - Cisco
More informationAvi Networks Technical Reference (16.3)
Page 1 of 7 view online A TCP/UDP profile determines the type and settings of the network protocol that a subscribing virtual service will use. It sets a number of parameters, such as whether the virtual
More informationCampus Network Design
Design Principles Campus Network Design 2003, Cisco Systems, Inc. All rights reserved. 2-1 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-2 Design Principles Task in Network Design Plan phase
More informationDocument Sub Title. Yotpo. Technical Overview 07/18/ Yotpo
Document Sub Title Yotpo Technical Overview 07/18/2016 2015 Yotpo Contents Introduction... 3 Yotpo Architecture... 4 Yotpo Back Office (or B2B)... 4 Yotpo On-Site Presence... 4 Technologies... 5 Real-Time
More informationWeb Security. Outline
Security CS 161/194-1 Anthony D. Joseph November 21, 2005 s Outline Static and Dynamic Content Firewall review Adding a DMZ Secure Topologies 2 1 Polls How many people have set up a personal web server?
More informationProtecting Network Quality of Service Against Denial of Service Attacks
Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves Peter Wurman NC State University S. Felix Wu U.C. Davis Dan Stevenson Xiaoyong Wu MCNC DARPA FTN PI Meeting January
More informationSmart Grid Information Management
Smart Grid Information Management Applying Advanced Communication and Distributed System Technologies Partha Pal, Rick Schantz, Kurt Rohloff BBN Technologies CMU Electricity Conference Outline Introduction
More informationASPECTIX: A QUALITY-AWARE, OBJECT-BASED MIDDLEWARE ARCHITECTURE
ASPECTIX: A QUALITY-AWARE, OBJECT-BASED MIDDLEWARE ARCHITECTURE Franz J. Hauck, Ulrich Becker, Martin Geier, Erich Meier, Uwe Rastofer, Martin Steckermeier Informatik 4, University of Erlangen-Nürnberg,
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationTestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified
TestOut Network Pro - English 5.0.x COURSE OUTLINE Modified 2018-03-06 TestOut Network Pro Outline - English 5.0.x Videos: 130 (17:10:31) Demonstrations: 78 (8:46:15) Simulations: 88 Fact Sheets: 136 Exams:
More informationComputer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition. Chapter 2 Investigating Network Traffic
Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition Chapter 2 Investigating Network Traffic Objectives After completing this chapter, you should be able to: Understand network
More information10 Defense Mechanisms
SE 4C03 Winter 2006 10 Defense Mechanisms Instructor: W. M. Farmer Revised: 23 March 2006 1 Defensive Services Authentication (subject, source) Access control (network, host, file) Data protection (privacy
More informationDISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN. Chapter 1. Introduction
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN Chapter 1 Introduction Definition of a Distributed System (1) A distributed system is: A collection of
More informationDeployment Scenarios
This chapter describes and shows some typical deployment scenarios for the Cisco 860, Cisco 880, and Cisco 890 series Intergrated Services Routers (ISRs): About the, page 1 Enterprise Small Branch, page
More informationComputer Security Exam 3 Review. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 2017 Exam 3 Review Paul Krzyzanowski Rutgers University Spring 2017 April 18, 2018 CS 419 2017 Paul Krzyzanowski 1 Exam 3: Grade vs. Completion Time 5 Question 1 A high False Reject Rate
More informationAbstract. Avaya Solution & Interoperability Test Lab
Avaya Solution & Interoperability Test Lab Application Notes for Radware LinkProof Multi-WAN Switch connected to an Avaya Communication Manager and Avaya SIP Enablement Services in a Converged VoIP and
More informationPresented by: B. Dasarathy OMG Real-Time and Embedded Systems Workshop, Reston, VA, July 2004
* This work is supported by DARPA Contract NBCH-C-03-0132. Network QoS Assurance through Admission Control* by B. Coan, B. Dasarathy, S. Gadgil, K. Parmeswaran, I. Sebuktekin and R. Vaidyanathan, Telcordia
More informationTable of Contents. Computer Networks and the Internet
Table of Contents Chapter 1 Computer Networks and the Internet 1.1 What Is the Internet? 1.1.1 A Nuts-and-Bolts Description 1.1.2 A Services Description 1.1.3 What Is a Protocol? 1.2 The Network Edge 1.2.1
More informationARP Inspection and the MAC Address Table for Transparent Firewall Mode
ARP Inspection and the MAC Address Table for Transparent Firewall Mode This chapter describes how to customize the MAC address table and configure ARP Inspection for bridge groups. About ARP Inspection
More informationNetwork security session 9-2 Router Security. Network II
Network security session 9-2 Router Security Network II Router security First line of defense of the network Compromise of a router can lead to many issues: Denial of network services Degrading of network
More information01234567890123456789012345678901234567890123456789012345678901234567890123456789 1. Introduction 1.1. Project/Component Working Name: Group Management Service 1.2. Name(s) and e-mail address of Document
More informationDistributed Systems Principles and Paradigms
Distributed Systems Principles and Paradigms Chapter 01 (version September 5, 2007) Maarten van Steen Vrije Universiteit Amsterdam, Faculty of Science Dept. Mathematics and Computer Science Room R4.20.
More informationFirewalls. IT443 Network Security Administration Slides courtesy of Bo Sheng
Firewalls IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Internet Security Mechanisms Prevent: Firewall, IPsec, SSL Detect: Intrusion Detection Survive/ Response: Recovery, Forensics
More informationDistributed Systems Principles and Paradigms. Chapter 01: Introduction
Distributed Systems Principles and Paradigms Maarten van Steen VU Amsterdam, Dept. Computer Science Room R4.20, steen@cs.vu.nl Chapter 01: Introduction Version: October 25, 2009 2 / 26 Contents Chapter
More informationDistributed Systems Principles and Paradigms. Chapter 01: Introduction. Contents. Distributed System: Definition.
Distributed Systems Principles and Paradigms Maarten van Steen VU Amsterdam, Dept. Computer Science Room R4.20, steen@cs.vu.nl Chapter 01: Version: February 21, 2011 1 / 26 Contents Chapter 01: 02: Architectures
More informationCAS CS 556. What to expect? Background? Abraham Matta. Advanced Computer Networks. Increase understanding of fundamentals and design tradeoffs
CAS CS 556 Abraham Matta Advanced Computer Networks What to expect? Increase understanding of fundamentals and design tradeoffs Discuss latest developments and research issues Naming & addressing, routing,
More informationIntroduction and Statement of the Problem
Chapter 1 Introduction and Statement of the Problem 1.1 Introduction Unlike conventional cellular wireless mobile networks that rely on centralized infrastructure to support mobility. An Adhoc network
More informationLecture 12. Application Layer. Application Layer 1
Lecture 12 Application Layer Application Layer 1 Agenda The Application Layer (continue) Web and HTTP HTTP Cookies Web Caches Simple Introduction to Network Security Various actions by network attackers
More informationApplication Security Using Runtime Protection
Application Security Using Runtime Protection How RASP can secure your web applications with point & click protection Waratek Solves the Application Security Problems That No One Else Can Application Security
More informationAN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM
1 AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM 2 Introduction (1/2) TCP provides a full duplex reliable stream connection between two end points A connection is uniquely defined by the quadruple
More informationCS 498 Cloud Networking
Syllabus subject to change CS 498 Cloud Networking Course Description Computer communication networks are among the most important and influential global infrastructures that humanity has created. The
More information19.1. Security must consider external environment of the system, and protect it from:
Module 19: Security The Security Problem Authentication Program Threats System Threats Securing Systems Intrusion Detection Encryption Windows NT 19.1 The Security Problem Security must consider external
More informationThe Y-Comm Framework. A new way
The Y-Comm Framework A new way Mobility within Domains Mobile IP is good for moving between large defined domains But we also have to consider mobility issues within a domain which may have a number of
More informationDependable Pervasive Computing. Roy H. Campbell Systems Research Group University of Illinois at Urbana- Champaign
Dependable Pervasive Computing Roy H. Campbell http://choices.cs.uiuc.edu/gaia Systems Research Group University of Illinois at Urbana- Champaign Active Spaces Application Logic Display Controller Outline!
More information2. Firewall Management Tools used to monitor and control the Firewall Environment.
Firewall Review Section 1 FIREWALL MANAGEMENT & ADMINISTRATION Common management practices with regard to administering the (company) network should be in accordance with company policies and standards.
More informationExam : SCNS_EN. Title : SCNS SCNS Tactical Perimeter Defense. Version : Demo
Exam : SCNS_EN Title : SCNS SCNS Tactical Perimeter Defense Version : Demo 1.The exhibit represents a simple routed network. Node 7 is a Windows 2000 Professional machine that establishes a TCP communication
More informationFT-SOAP: A Fault-tolerant web service
FT-SOAP: A Fault-tolerant web service Deron Liang 1,2, Chen-Liang Fang 3,4, Chyouhwa Chen 4 1 Institute of Information Science, Academia Sinica, Taipei, Taiwan, 11529, R.O.C. 2 Department of Computer and
More informationGrid Computing Security
Anirban Chakrabarti Grid Computing Security With 87 Figures and 12 Tables Sprin g er Contents Preface Organization Acknowledgments v vi vii 1 Introduction 1 1.1 Background 1 1.2 Grid Computing Overview
More informationLogical Method Call. SysCond Contract. Contra ct. SysCond. SysCond. SysCond. Mechanism/Property Manager. ORB Proxy. Specialized ORB.
QoS Aspect Languages and Their Runtime Integration Joseph P. Loyall, David E. Bakken, Richard E. Schantz, John A. Zinky, David A. Karr, Rodrigo Vanegas, and Kenneth R. Anderson BBN Technologies/GTE Internetworking,
More informationYoung-Woo Kwon 1, Eli Tilevich 1, and Taweesup Apiwattanapong 2
DECEMBER 3 rd, 2009 URBANA, ILLINOIS Young-Woo Kwon 1, Eli Tilevich 1, and Taweesup Apiwattanapong 2 1 Software Innovations Lab 2 NECTEC Dept. of Computer Science Virginia Tech Criminal try evidence {
More informationITdumpsFree. Get free valid exam dumps and pass your exam test with confidence
ITdumpsFree http://www.itdumpsfree.com Get free valid exam dumps and pass your exam test with confidence Exam : 312-50v10 Title : Certified Ethical Hacker Exam (CEH v10) Vendor : EC-COUNCIL Version : DEMO
More informationWhat is CORBA? CORBA (Common Object Request Broker Architecture) is a distributed object-oriented client/server platform.
CORBA What is CORBA? CORBA (Common Object Request Broker Architecture) is a distributed object-oriented client/server platform. It includes: an object-oriented Remote Procedure Call (RPC) mechanism object
More informationDenial of Service (DoS)
Flood Denial of Service (DoS) Comp Sci 3600 Security Outline Flood 1 2 3 4 5 Flood 6 7 8 Denial-of-Service (DoS) Attack Flood The NIST Computer Security Incident Handling Guide defines a DoS attack as:
More informationAbstract. Avaya Solution & Interoperability Test Lab
Avaya Solution & Interoperability Test Lab Application Notes for Configuring Sipera Systems UC-Sec Secure Access Proxy with Avaya Aura Session Manager and Avaya Aura Communication Manager to Support Core
More informationAn Overlay Architecture for End-to-End Internet Service Availability
An Overlay Architecture for End-to-End Internet Service Availability Angelos Stavrou Network Security Lab Computer Science Department, Columbia University Overview of the talk Problem Motivation Summary
More informationCA464 Distributed Programming
1 / 25 CA464 Distributed Programming Lecturer: Martin Crane Office: L2.51 Phone: 8974 Email: martin.crane@computing.dcu.ie WWW: http://www.computing.dcu.ie/ mcrane Course Page: "/CA464NewUpdate Textbook
More informationCertified Penetration Testing Consultant
Certified Penetration Testing Consultant Duration: 4 Days Language: English Course Delivery: Classroom COURSE BENEFITS The vendor neutral Certified Penetration Testing Consultant course is designed for
More information