A Functional Reference Model of Passive Network Origin Identification
|
|
- Claud Watts
- 5 years ago
- Views:
Transcription
1 DIGITAL FORENSIC RESEARCH CONFERENCE A Functional Reference Model of Passive Network Origin Identification By Thomas Daniels Presented At The Digital Forensic Research Conference DFRWS 2003 USA Cleveland, OH (Aug 6 th - 8 th ) DFRWS is dedicated to the sharing of knowledge and ideas about digital forensics research. Ever since it organized the first open workshop devoted to digital forensics in 2001, DFRWS continues to bring academics and practitioners together in an informal environment. As a non-profit, volunteer organization, DFRWS sponsors technical working groups, annual conferences and challenges to help drive the direction of research and development.
2 A Reference Model of Passive Network Origin Identification Thomas E. Daniels Fall 2002 Information Assurance Center Department of Electrical and Computer Engineering Iowa State University A Reference Model of Passive Network Origin Identification p.1/15
3 What am I talking about?! Origin Identification Systems Where did that network traffic come from? Not just IP spoofing and island hopping We re concerned with causality here. Active Mark or redirect traffic to assist in finding its origin Passive Just listen to collect evidence of the origin Passive is what we re talking about here A Reference Model of Passive Network Origin Identification p.2/15
4 Outline Some introductory material Reference Models Our Reference Model Implications of the model What does this mean for network forenics? A Reference Model of Passive Network Origin Identification p.3/15
5 Past Work in NOIS Passive Host-based (CISIE, Carrier s STOP) Network-based (Traffic Thumbprinting, IDIP, DoSTracker) Active Traffic Marking (Authentication, Probabilistic Packet Marking, embedding watermarks) Route Modifying (Centertrack, Deciduous) A Reference Model of Passive Network Origin Identification p.4/15
6 Some Intro Material Network Assumptions G = (V, E, IM, XM) where IM V and XM E Messages follow an unbounded path through G to some destination Observables Content Headers Timing and Location Signal Characteristics A Reference Model of Passive Network Origin Identification p.5/15
7 Reference Models Structured construct that defines a class of mechanisms Describes the member s of the class in a structured way Defines the interaction Compare to the ISO OSI 7 layer reference model Why are reference models important? Assists understanding components, their interactions, education, generalizations about systems, and build terminology. A Reference Model of Passive Network Origin Identification p.6/15
8 Our Reference Model Network Monitors Collect and process data for online or later use Internal External Analysis Program(s) Collect data from Monitors Make/suppport decisions about tracing traffic to origin Direct tracing procedure A Reference Model of Passive Network Origin Identification p.7/15
9 Network Monitors The Relay N The Relay N N.in {m1... mi} T() N.out {m 1... m j} N.in {m1... mi} T() N.out {m 1... m j} O1 External Monitors O2 O1 {(m1,m1.time, m1.loc), {(m1,m1.time, m1.loc), (m2,m2.time, m2.loc),...} (m2,m2.time, m2.loc),...} {(mi,mi.time,mi.loc) >(m j, m j.time, m j.loc),...} {Dropped NDE s} {Generated NDE s} External Monitors are arguably less powerful than internal Capabilities of Internal monitors are optimistic A Reference Model of Passive Network Origin Identification p.8/15
10 Edge Observed Networks Observer An abstraction of one or more monitors Merges observations of many distinct monitors Edge Observed Networks Reduce a network topology to a simplified one such that all edges in new network are monitored. A A M1 N1+N3 M2 N2 B M1 N1 M2 N2 B M3 M3 C M4 D C M4 N3 D A Reference Model of Passive Network Origin Identification p.9/15
11 What are EOG s good for? Allow merging internal and external monitors in one NOI System Abstracts away enough detail that general statements can be made. A Reference Model of Passive Network Origin Identification p.10/15
12 Components of a Passive NOIS Data Available Selection Data Reduction Control Commands Analysis Program Storage Reporting Query Responses A Reference Model of Passive Network Origin Identification p.11/15
13 Condtions for Passive NOI Necessary Conditions Network Separation Enough Storage history > storage obsf req obssize Mutually Sufficient Conditions (in addition to above) Analysis Program Trusted Communication Paths Correlation of an input to any given output across all nodes in EOG Sufficient because these together allow a step by step trace to succeed. A Reference Model of Passive Network Origin Identification p.12/15
14 Forensic Implications Passive NOIS s will be limited to initial investigation Data reduction is key to success of NOI, but at odds with corroborating evidence or integrity. Future research needs to consider this tradeoff Current NOIS proposals utility for investigation is limited Most non-host-based NOISs trace a single type of network traffic Hence, complex attacks can only be traced so far by these systems. Host-based solutions (e.g. Carrier s STOP) are useful, but require widespread deployment Future research should address the problem of deployable systems that trace multiple types of traffic and how to take advantage of different types of A Reference Model of Passive Network Origin Identification p.13/15 NOISs
15 Conclusions We hope this model and future refinements will prove useful in education, research, and development of network forensics tools. There are forensics objectives that conflict with objectives of current passive NOISs. This reference model has motivated our current work in Divide and Trace methods for tracing traffic. A Reference Model of Passive Network Origin Identification p.14/15
16 Questions? Thanks for the wonderful workshop experience! Rock Out, Jam Out More info can be found in my dissertation at A Reference Model of Passive Network Origin Identification p.15/15
Categories of Digital Investigation Analysis Techniques Based On The Computer History Model
DIGITAL FORENSIC RESEARCH CONFERENCE Categories of Digital Investigation Analysis Techniques Based On The Computer History Model By Brian Carrier, Eugene Spafford Presented At The Digital Forensic Research
More informationA Correlation Method for Establishing Provenance of Timestamps in Digital Evidence
DIGITAL FORENSIC RESEARCH CONFERENCE A Correlation Method for Establishing Provenance of Timestamps in Digital Evidence By Bradley Schatz, George Mohay, Andrew Clark Presented At The Digital Forensic Research
More informationExtracting Hidden Messages in Steganographic Images
DIGITAL FORENSIC RESEARCH CONFERENCE Extracting Hidden Messages in Steganographic Images By Tu-Thach Quach Presented At The Digital Forensic Research Conference DFRWS 2014 USA Denver, CO (Aug 3 rd - 6
More informationDeveloping a New Digital Forensics Curriculum
DIGITAL FORENSIC RESEARCH CONFERENCE Developing a New Digital Forensics Curriculum By Anthony Lang, Masooda Bashir, Roy Campbell and Lizanne Destefano Presented At The Digital Forensic Research Conference
More informationMultidimensional Investigation of Source Port 0 Probing
DIGITAL FORENSIC RESEARCH CONFERENCE Multidimensional Investigation of Source Port 0 Probing By Elias Bou-Harb, Nour-Eddine Lakhdari, Hamad Binsalleeh and Mourad Debbabi Presented At The Digital Forensic
More informationUnification of Digital Evidence from Disparate Sources
DIGITAL FORENSIC RESEARCH CONFERENCE Unification of Digital Evidence from Disparate Sources By Philip Turner Presented At The Digital Forensic Research Conference DFRWS 2005 USA New Orleans, LA (Aug 17
More informationSystem for the Proactive, Continuous, and Efficient Collection of Digital Forensic Evidence
DIGITAL FORENSIC RESEARCH CONFERENCE System for the Proactive, Continuous, and Efficient Collection of Digital Forensic Evidence By Clay Shields, Ophir Frieder and Mark Maloof Presented At The Digital
More informationAn Evaluation Platform for Forensic Memory Acquisition Software
DIGITAL FORENSIC RESEARCH CONFERENCE An Evaluation Platform for Forensic Memory Acquisition Software By Stefan Voemel and Johannes Stuttgen Presented At The Digital Forensic Research Conference DFRWS 2013
More informationMonitoring Access to Shared Memory-Mapped Files
DIGITAL FORENSIC RESEARCH CONFERENCE Monitoring Access to Shared Memory-Mapped Files By Christian Sarmoria, Steve Chapin Presented At The Digital Forensic Research Conference DFRWS 2005 USA New Orleans,
More informationRapid Forensic Imaging of Large Disks with Sifting Collectors
DIGITAL FORENSIC RESEARCH CONFERENCE Rapid Forensic Imaging of Large Disks with Sifting Collectors By Jonathan Grier and Golden Richard Presented At The Digital Forensic Research Conference DFRWS 2015
More informationFile Classification Using Sub-Sequence Kernels
DIGITAL FORENSIC RESEARCH CONFERENCE File Classification Using Sub-Sequence Kernels By Olivier DeVel Presented At The Digital Forensic Research Conference DFRWS 2003 USA Cleveland, OH (Aug 6 th - 8 th
More informationLeveraging CybOX to Standardize Representation and Exchange of Digital Forensic Information
DIGITAL FORENSIC RESEARCH CONFERENCE Leveraging CybOX to Standardize Representation and Exchange of Digital Forensic Information By Eoghan Casey, Greg Back, and Sean Barnum Presented At The Digital Forensic
More informationDesign Tradeoffs for Developing Fragmented Video Carving Tools
DIGITAL FORENSIC RESEARCH CONFERENCE Design Tradeoffs for Developing Fragmented Video Carving Tools By Eoghan Casey and Rikkert Zoun Presented At The Digital Forensic Research Conference DFRWS 2014 USA
More informationHoneynets and Digital Forensics
DIGITAL FORENSIC RESEARCH CONFERENCE Honeynets and Digital Forensics By Lance Spitzner Presented At The Digital Forensic Research Conference DFRWS 2004 USA Baltimore, MD (Aug 11 th - 13 th ) DFRWS is dedicated
More informationFast Indexing Strategies for Robust Image Hashes
DIGITAL FORENSIC RESEARCH CONFERENCE Fast Indexing Strategies for Robust Image Hashes By Christian Winter, Martin Steinebach and York Yannikos Presented At The Digital Forensic Research Conference DFRWS
More informationCan Digital Evidence Endure the Test of Time?
DIGITAL FORENSIC RESEARCH CONFERENCE By Michael Duren, Chet Hosmer Presented At The Digital Forensic Research Conference DFRWS 2002 USA Syracuse, NY (Aug 6 th - 9 th ) DFRWS is dedicated to the sharing
More informationCAT Detect: A Tool for Detecting Inconsistency in Computer Activity Timelines
DIGITAL FORENSIC RESEARCH CONFERENCE CAT Detect: A Tool for Detecting Inconsistency in Computer Activity Timelines By Andrew Marrington, Ibrahim Baggili, George Mohay and Andrew Clark Presented At The
More informationA Framework for Attack Patterns Discovery in Honeynet Data
DIGITAL FORENSIC RESEARCH CONFERENCE A Framework for Attack Patterns Discovery in Honeynet Data By Olivier Thonnard, Marc Dacier Presented At The Digital Forensic Research Conference DFRWS 2008 USA Baltimore,
More informationFile Fragment Encoding Classification: An Empirical Approach
DIGITAL FORENSIC RESEARCH CONFERENCE File Fragment Encoding Classification: An Empirical Approach By Vassil Roussev and Candice Quates Presented At The Digital Forensic Research Conference DFRWS 2013 USA
More informationPrivacy-Preserving Forensics
DIGITAL FORENSIC RESEARCH CONFERENCE Privacy-Preserving Email Forensics By Frederik Armknecht, Andreas Dewald and Michael Gruhn Presented At The Digital Forensic Research Conference DFRWS 2015 USA Philadelphia,
More informationMobile ad hoc networks Various problems and some solutions
Mobile ad hoc networks Various problems and some solutions Humayun Bakht School of Computingand Mathematical Sciences Liverpool John Mores University Email:humayunbakht@yahoo.co.uk Main Focus Problems
More informationThe Normalized Compression Distance as a File Fragment Classifier
DIGITAL FORENSIC RESEARCH CONFERENCE The Normalized Compression Distance as a File Fragment Classifier By Stefan Axelsson Presented At The Digital Forensic Research Conference DFRWS 2010 USA Portland,
More informationHash Based Disk Imaging Using AFF4
DIGITAL FORENSIC RESEARCH CONFERENCE Hash Based Disk Imaging Using AFF4 By Michael Cohen and Bradley Schatz Presented At The Digital Forensic Research Conference DFRWS 2010 USA Portland, OR (Aug 2 nd -
More informationAndroid Forensics: Automated Data Collection And Reporting From A Mobile Device
DIGITAL FORENSIC RESEARCH CONFERENCE Android Forensics: Automated Data Collection And Reporting From A Mobile Device By Justin Grover Presented At The Digital Forensic Research Conference DFRWS 2013 USA
More informationArchival Science, Digital Forensics and New Media Art
DIGITAL FORENSIC RESEARCH CONFERENCE Archival Science, Digital Forensics and New Media Art By Dianne Dietrich and Frank Adelstein Presented At The Digital Forensic Research Conference DFRWS 2015 USA Philadelphia,
More informationRanking Algorithms For Digital Forensic String Search Hits
DIGITAL FORENSIC RESEARCH CONFERENCE Ranking Algorithms For Digital Forensic String Search Hits By Nicole Beebe and Lishu Liu Presented At The Digital Forensic Research Conference DFRWS 2014 USA Denver,
More informationAutomated Identification of Installed Malicious Android Applications
DIGITAL FORENSIC RESEARCH CONFERENCE Automated Identification of Installed Malicious Android Applications By Mark Guido, Justin Grover, Jared Ondricek, Dave Wilburn, Drew Hunt and Thanh Nguyen Presented
More informationA Strategy for Testing Hardware Write Block Devices
DIGITAL FORENSIC RESEARCH CONFERENCE A Strategy for Testing Hardware Write Block Devices By James Lyle Presented At The Digital Forensic Research Conference DFRWS 2006 USA Lafayette, IN (Aug 14 th - 16
More informationDesigning Robustness and Resilience in Digital Investigation Laboratories
DIGITAL FORENSIC RESEARCH CONFERENCE Designing Robustness and Resilience in Digital Investigation Laboratories By Philipp Amann and Joshua James Presented At The Digital Forensic Research Conference DFRWS
More informationA Novel Approach of Mining Write-Prints for Authorship Attribution in Forensics
DIGITAL FORENSIC RESEARCH CONFERENCE A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics By Farkhund Iqbal, Rachid Hadjidj, Benjamin Fung, Mourad Debbabi Presented At
More informationINTERNETWORKING: CONCEPTS, ARCHITECTURE AND PROTOCOL
Lecture Handout Computer Networks Lecture No. 23 CHAPTER 17 INTERNETWORKING: CONCEPTS, ARCHITECTURE AND PROTOCOL THE MOTIVATION FOR INTERNETWORKING: There is no single networking technology that is best
More informationMAC Protocols and Packet Switching
MAC Protocols and Packet Switching 6.02 Fall 2013 Lecture 19 Today s Plan MAC Protocols: Randomized Access (Aloha) Stabilization Algorithms Packet Switching: Multi-Hop Networks Delays, Queues, and the
More informationBreaking the Performance Wall: The Case for Distributed Digital Forensics
DIGITAL FORENSIC RESEARCH CONFERENCE Breaking the Performance Wall: The Case for Distributed Digital Forensics By Vassil Roussev, Golden Richard Presented At The Digital Forensic Research Conference DFRWS
More informationOSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1
OSI Network Layer Network Fundamentals Chapter 5 Version 4.0 1 Objectives Identify the role of the Network Layer, as it describes communication from one end device to another end device. Examine the most
More informationSUMMERY, CONCLUSIONS AND FUTURE WORK
Chapter - 6 SUMMERY, CONCLUSIONS AND FUTURE WORK The entire Research Work on On-Demand Routing in Multi-Hop Wireless Mobile Ad hoc Networks has been presented in simplified and easy-to-read form in six
More informationDenial of Service, Traceback and Anonymity
Purdue University Center for Education and Research in Information Assurance and Security Denial of Service, Traceback and Anonymity Clay Shields Assistant Professor of Computer Sciences CERIAS Network
More informationA Study of User Data Integrity During Acquisition of Android Devices
DIGITAL FORENSIC RESEARCH CONFERENCE By Namheun Son, Yunho Lee, Dohyun Kim, Joshua I. James, Sangjin Lee and Kyungho Lee Presented At The Digital Forensic Research Conference DFRWS 2013 USA Monterey, CA
More informationOn Criteria for Evaluating Similarity Digest Schemes
DIGITAL FORENSIC RESEARCH CONFERENCE On Criteria for Evaluating Similarity Digest Schemes By Jonathan Oliver Presented At The Digital Forensic Research Conference DFRWS 2015 EU Dublin, Ireland (Mar 23
More informationBinComp: A Stratified Approach to Compiler Provenance Attribution
DIGITAL FORENSIC RESEARCH CONFERENCE BinComp: A Stratified Approach to Compiler Provenance Attribution By Saed Alrabaee, Paria Shirani, Mourad Debbabi, Ashkan Rahimian and Lingyu Wang Presented At The
More informationNETWORK INTRUSION. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
NETWORK INTRUSION Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Recognize different
More informationComputer Networks Security: intro. CS Computer Systems Security
Computer Networks Security: intro CS 166 - Computer Systems Security A very easy network 3/14/16 Computer Networks: Intro 2 Two philosophers example Translator Language Translator Engineer Communication
More informationAPT Incremental Deployment
APT Incremental Deployment Dan Jen, Michael Meisel, Daniel Massey, Lan Wang, Beichuan Zhang, Lixia Zhang http://www.cs.ucla.edu/~meisel/draft-apt-incremental-00.txt 1 Why This Talk Incrememtal deployability
More informationReal-time Communications Security and SDN
Real-time Communications Security and SDN 2016 [Type here] Securing the new generation of communications applications, those delivering real-time services including voice, video and Instant Messaging,
More informationSubliminal Traceroute in TCP/IP
Subliminal Traceroute in TCP/IP Thomas E. Daniels, Eugene H. Spafford {daniels,spaf}@cerias.purdue.edu CERIAS Purdue University West Lafayette, IN 47907 CERIAS Technical Report 2/10 Abstract We introduce
More informationNetwork Forensics Analysis with Evidence Graphs
DIGITAL FORENSIC RESEARCH CONFERENCE Network Forensics Analysis with Evidence Graphs By Wei Wang and Thomas Daniels From the proceedings of The Digital Forensic Research Conference DFRWS 2005 USA New Orleans,
More informationOutline. CS5984 Mobile Computing. Taxonomy of Routing Protocols AODV 1/2. Dr. Ayman Abdel-Hamid. Routing Protocols in MANETs Part I
CS5984 Mobile Computing Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Part I Outline Routing Protocols for Ad hoc Networks Example of a reactive routing protocol AODV: Ad hoc On-demand
More informationEthane: taking control of the enterprise
Ethane: taking control of the enterprise Martin Casado et al Giang Nguyen Motivation Enterprise networks are large, and complex, and management is distributed. Requires substantial manual configuration.
More informationSUPPORTING DOCUMENTATION IST 220: Networking and Telecommunications
SUPPORTING DOCUMENTATION IST 220: Networking and Telecommunications A. UNIVERSITY BULLETIN: 1. Abbreviation: IST 2. Number: 220 3. Title: Networking and Telecommunications 4. Abbreviated title: Network
More informationIntroduction to Network Discovery and Identity
The following topics provide an introduction to network discovery and identity policies and data: Host, Application, and User Detection, on page 1 Uses for Host, Application, and User Discovery and Identity
More informationForensic Analysis for Epidemic Attacks in Federated Networks
Forensic Analysis for Epidemic Attacks in Federated Networks Yinglian Xie, Vyas Sekar, Michael K. Reiter, Hui Zhang Carnegie Mellon University Presented by Gaurav Shah (Based on slides by Yinglian Xie
More informationSingle Packet IP Traceback in AS-level Partial Deployment Scenario
Single Packet IP Traceback in AS-level Partial Deployment Scenario Chao Gong, Trinh Le, Turgay Korkmaz, Kamil Sarac Department of Computer Science, University of Texas at San Antonio 69 North Loop 64 West,
More informationSleep/Wake Aware Local Monitoring (SLAM)
Sleep/Wake Aware Local Monitoring (SLAM) Issa Khalil, Saurabh Bagchi, Ness Shroff Dependable Computing Systems Lab (DCSL) & Center for Wireless Systems and Applications (CWSA) School of Electrical and
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Chapter 7 - Network Measurements Introduction Architecture & Mechanisms
More informationOn Demand secure routing protocol resilient to Byzantine failures
On Demand secure routing protocol resilient to Byzantine failures Primary Reference: B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens, An on-demand secure routing protocol resilient to Byzantine failures,
More informationBLINC: Multilevel Traffic Classification in the Dark
BLINC: Multilevel Traffic Classification in the Dark Thomas Karagiannis, UC Riverside Konstantina Papagiannaki, Intel Research Cambridge Michalis Faloutsos, UC Riverside The problem of workload characterization
More informationICANN and Technical Work: Really? Yes! Steve Crocker DNS Symposium, Madrid, 13 May 2017
ICANN and Technical Work: Really? Yes! Steve Crocker DNS Symposium, Madrid, 13 May 2017 Welcome, everyone. I appreciate the invitation to say a few words here. This is an important meeting and I think
More informationInferring the Source of Encrypted HTTP Connections
Inferring the Source of Encrypted HTTP Connections Marc Liberatore Brian Neil Levine 1 Private Communications? Does link encryption provide privacy? VPNs, SSH tunnels, WEP/WPA, etc. 2 Anonymous Communication?
More informationNetworked Control Systems for Manufacturing: Parameterization, Differentiation, Evaluation, and Application. Ling Wang
Networked Control Systems for Manufacturing: Parameterization, Differentiation, Evaluation, and Application Ling Wang ling.wang2@wayne.edu Outline Introduction Parameterization Differentiation Evaluation
More informationCSC Network Security
CSC 474 -- Security Topic 9. Firewalls CSC 474 Dr. Peng Ning 1 Outline Overview of Firewalls Filtering Firewalls Proxy Servers CSC 474 Dr. Peng Ning 2 Overview of Firewalls CSC 474 Dr. Peng Ning 3 1 Internet
More informationFormal Methods for Assuring Security of Computer Networks
for Assuring of Computer Networks May 8, 2012 Outline Testing 1 Testing 2 Tools for formal methods Model based software development 3 Principals of security Key security properties Assessing security protocols
More informationKnobs, Levers, Dials and Switches: Now and Then (please sir, may I have some more?)
Knobs, Levers, Dials and Switches: Now and Then (please sir, may I have some more?) Draft-jones-opsec-01.txt opsec@ops.ietf.org (mailing list) October 20, 2003 George M. Jones October
More informationIPv6 integration in operational networks. Jean-Marc Uzé Conference: Where are we with IPv6? Paris, October 29, 2002
Iv6 integration in operational networks Jean-Marc Uzé juze@juniper.net Conference: Where are we with Iv6? aris, October 29, 2002 Motivations for Deploying Iv6 Extending the reach of Internet Iv4 limitation
More informationInformation Assurance In A Distributed Forensic Cluster
DIGITAL FORENSIC RESEARCH CONFERENCE Information Assurance In A Distributed Forensic Cluster By Nicholas Pringle and Mikhaila Burgess Presented At The Digital Forensic Research Conference DFRWS 2014 EU
More informationInformation Systems Security
Information Systems Security Dr. Ayman Abdel-Hamid College of Computing and Information Technology Arab Academy for Science & Technology and Maritime Transport Firewalls ISS Dr. Ayman Abdel Hamid 1 Outline
More informationLecture 1 Overview - Data Communications, Data Networks, and the Internet
DATA AND COMPUTER COMMUNICATIONS Lecture 1 Overview - Data Communications, Data Networks, and the Internet Mei Yang Based on Lecture slides by William Stallings 1 OUTLINE Data Communications and Networking
More informationReminder: Datalink Functions Computer Networking. Datalink Architectures
Reminder: Datalink Functions 15-441 15 441 15-641 Computer Networking Lecture 5 Media Access Control Peter Steenkiste Fall 2015 www.cs.cmu.edu/~prs/15-441-f15 Framing: encapsulating a network layer datagram
More informationDesign of Network-based Connection Traceback System for Current Internet Environment
Design of Network-based Connection Traceback for Current Internet Environment Yang-seo Choi, Hwan-kuk Kim, Byong-cheol Choi, Dong-ho Kang, Seung-wan Han, Dong-il Seo Anti-Cyber Terror Team Electronics
More informationWi-Fi Security for Next Generation Connectivity. Perry Correll Aerohive, Wi-Fi Alliance member October 2018
Perry Correll Aerohive, Wi-Fi Alliance member October 2018 1 Value of Wi-F1 The value Wi-Fi provides to the global economy rivals the combined market value of Apple Inc. and Amazon. The fact that Wi-Fi
More informationA Traceback Attack on Freenet
A Traceback Attack on Freenet Guanyu Tian, Zhenhai Duan Florida State University {tian, duan}@cs.fsu.edu Todd Baumeister, Yingfei Dong University of Hawaii {baumeist, yingfei}@hawaii.edu Abstract Freenet
More informationEnterasys 2B Enterasys Certified Internetworking Engineer(ECIE)
Enterasys 2B0-104 Enterasys Certified Internetworking Engineer(ECIE) http://killexams.com/exam-detail/2b0-104 QUESTION: 62 As defined in NetSight Policy Managers demo.pmd file, the Application Provisioning
More informationNetwork Models. Presentation by Dr.S.Radha HOD / ECE SSN College of Engineering
Network Models Presentation by Dr.S.Radha HOD / ECE SSN College of Engineering Objective At the end of this section students will be able to Understand the architecture of the OSI model Understand the
More informationProvenance-aware Secure Networks
Provenance-aware Secure Networks Wenchao Zhou Eric Cronin Boon Thau Loo University of Pennsylvania Motivation Network accountability Real-time monitoring and anomaly detection Identifying and tracing malicious
More informationRule based Forwarding (RBF): improving the Internet s flexibility and security. Lucian Popa, Ion Stoica, Sylvia Ratnasamy UC Berkeley Intel Labs
Rule based Forwarding (RBF): improving the Internet s flexibility and security Lucian Popa, Ion Stoica, Sylvia Ratnasamy UC Berkeley Intel Labs Motivation Improve network s flexibility Middlebox support,
More informationUse of the TCP/IP Protocols and the OSI Model in Packet Tracer
Communication Networks [Netw501] Spring 2018 Tutorial 3 Packet Tracer Activity 3 Use of the TCP/IP Protocols and the OSI Model in Packet Tracer Introduction: In Packet Tracer simulation mode, detailed
More informationA Road Map for Digital Forensic Research
1 Outline of Today s Lecture! A Road Map for Digital Forensic Research o Report from the 1 st Digital Forensic Research Workshop (DFRWS) 2001! Defining Digital Forensic Examination and Analysis Tools o
More information12 WEEK EXAM NAME: ALPHA: SECTION:
12 WEEK EXAM NAME: ALPHA: SECTION: 1. This is individual work. 2. SHOW ALL WORK! 3. Write legibly to receive credit. 4. Turn in your equation sheet. SCORE: /100 SCALE >89.5%: 31337 79.5 89.5%: H@XX0R 69.5
More informationMobile IPv4 Secure Access to Home Networks. Jin Tang
Mobile IPv4 Secure Access to Home Networks A Thesis Presented to The Academic Faculty by Jin Tang In Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy School of Electrical and
More informationSecure Sharing of an ICT Infrastructure Through Vinci
Secure Sharing of an ICT Infrastructure Through Vinci Fabrizio Baiardi 1 Daniele Sgandurra 2 1 Polo G. Marconi - La Spezia, University of Pisa, Italy 2 Department of Computer Science, University of Pisa,
More informationCyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems
Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems Section 1: Command Line Tools Skill 1: Employ commands using command line interface 1.1 Use command line commands to gain situational
More informationRuijie Anti-ARP Spoofing
White Paper Contents Introduction... 3 Technical Principle... 4 ARP...4 ARP Spoofing...5 Anti-ARP Spoofing Solutions... 7 Non-Network Device Solutions...7 Solutions...8 Application Cases of Anti-ARP Spoofing...11
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Christian Grothoff, Ph.D. Dr. Nils
More informationIPv6: An Introduction
Outline IPv6: An Introduction Dheeraj Sanghi Department of Computer Science and Engineering Indian Institute of Technology Kanpur dheeraj@iitk.ac.in http://www.cse.iitk.ac.in/users/dheeraj Problems with
More informationIdentifying Spoofed Packets Origin using Hop Count Filtering and Defence Mechanisms against Spoofing Attacks
Identifying Spoofed Packets Origin using Hop Count Filtering and Defence Mechanisms against Spoofing Attacks Israel Umana 1, Sornalakshmi Krishnan 2 1 M.Tech Student, Information Security and Cyber Forensic,
More informationEnhancement of Feedback Congestion Control Mechanisms by Deploying Active Congestion Control
Enhancement of Feedback Congestion Control Mechanisms by Deploying Active Congestion Control Yoganandhini Janarthanan Aug 30,2001 Committee : Dr.Gary Minden Dr. Joseph Evans Dr.Perry Alexander Introduction
More informationClassification of Log Files with Limited Labeled Data
Classification of Log Files with Limited Labeled Data Stefan Hommes, Radu State, Thomas Engel University of Luxembourg 15.10.2013 1 Motivation Firewall log files store all accepted and dropped connections.
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationFixed Internetworking Protocols and Networks. IP mobility. Rune Hylsberg Jacobsen Aarhus School of Engineering
Fixed Internetworking Protocols and Networks IP mobility Rune Hylsberg Jacobsen Aarhus School of Engineering rhj@iha.dk 1 2011 ITIFN Mobile computing Vision Seamless, ubiquitous network access for mobile
More informationREFERENCE MODELS FOR THE CONCEALMENT AND OBSERVATION OF ORIGIN IDENTITY IN STORE-AND-FORWARD NETWORKS. A Thesis. Submitted to the Faculty
REFERENCE MODELS FOR THE CONCEALMENT AND OBSERVATION OF ORIGIN IDENTITY IN STORE-AND-FORWARD NETWORKS A Thesis Submitted to the Faculty of Purdue University by Thomas E. Daniels In Partial Fulfillment
More informationA Secure Method to Deliver Access Tokens to End Hosts
A Secure Method to Deliver Access Tokens to End Hosts Dr.V Asha 1, Ashwini M 2, Divyansh 3 1,2,3 Department of Master of Computer Applications, New Horizon College of Engineering, Abstract--IP traceback
More informationCHAPTER 1: VLANS. Routing & Switching
CHAPTER 1: VLANS Routing & Switching CHAPTER 1 1.1 VLAN Segmentation 1.2 VLAN Implementation 1.3 VLAN Security and Design 1.4 Summary CHAPTER 1 : OBJECTIVES Explain the purpose of VLANs in a switched network.
More informationWireless Network Security Spring 2014
Wireless Network Security 14-814 Spring 2014 Patrick Tague Class #16 Network Privacy & Anonymity 2014 Patrick Tague 1 Network Privacy Issues Network layer interactions in wireless networks often expose
More informationAnalysis of Attacks and Defense Mechanisms for QoS Signaling Protocols in MANETs
Analysis of Attacks and Defense Mechanisms for QoS Signaling Protocols in MANETs by Charikleia Zouridaki Charikleia Zouridaki 1, Marek Hejmo 1, Brian L. Mark 1, Roshan K. Thomas 2, and Kris Gaj 1 1 ECE
More informationSingle Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking
1 Review of TCP/IP working Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path Frame Path Chapter 3 Client Host Trunk Link Server Host Panko, Corporate
More informationDoS Attacks. Network Traceback. The Ultimate Goal. The Ultimate Goal. Overview of Traceback Ideas. Easy to launch. Hard to trace.
DoS Attacks Network Traceback Eric Stone Easy to launch Hard to trace Zombie machines Fake header info The Ultimate Goal Stopping attacks at the source To stop an attack at its source, you need to know
More informationChapter 2 Network Models 2.1
Chapter 2 Network Models 2.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 2.2 2-1 LAYERED TASKS We use the concept of layers in our daily life. As an example,
More informationECE 158A: Lecture 13. Fall 2015
ECE 158A: Lecture 13 Fall 2015 Random Access and Ethernet! Random Access! Basic idea: Exploit statistical multiplexing Do not avoid collisions, just recover from them When a node has packet to send Transmit
More informationCRYPTTECH. Cost-effective log management for security and forensic analysis, ensuring compliance with mandates and storage regulations
Cost-effective log management for security and forensic analysis, ensuring compliance with mandates and storage regulations Integration with Numerous Type of Devices Flexible Architectural Configuration
More informationTechniques in placing network monitors
Retrospective Theses and Dissertations Iowa State University Capstones, Theses and Dissertations 2007 Techniques in placing network monitors Yongping Tang Iowa State University Follow this and additional
More informationComputer and Network Security
Computer and Network Security c Copyright 2000 R. E. Newman Computer & Information Sciences & Engineering University Of Florida Gainesville, Florida 32611-6120 nemo@cise.ufl.edu Network Security (Pfleeger
More informationDetecting Denial of Service Attacks in Tor
Norman Danner Danny Krizanc Marc Liberatore Department of Mathematics and Computer Science Wesleyan University Middletown, CT 06459 USA Financial Cryptography and Data Security 2009 Outline 1 Background
More information