liberate, (n): A library for exposing (traffic-classification) rules and avoiding them efficiently
|
|
- Eric Harrell
- 6 years ago
- Views:
Transcription
1 liberate, (n): A library for exposing (traffic-classification) rules and avoiding them efficiently Fangfan Li, Abbas Razaghpanah, Arash Molavi Kakhki, Arian Akhavan Niaki, David Choffnes, Phillipa Gill, Alan Mislove 1
2 Traffic management 2
3 Traffic management Internet Service Provider Throttling 2
4 Traffic management Internet Service Provider Throttling Blocking 2
5 Traffic management Internet Service Provider Throttling Blocking 2
6 Traffic management Internet Service Provider Throttling Blocking Zero rating 2
7 Traffic management Internet Service Provider Throttling Blocking Zero rating 2
8 Example policy 3
9 Example policy 3
10 Example policy 3
11 Example policy 3
12 Lack of user control Throttling 4
13 Lack of user control Policies are implemented by DPI (Deep Packet Inspection) devices [IMC 16] Throttling 4
14 Lack of user control Policies are implemented by DPI (Deep Packet Inspection) devices [IMC 16] Youtube Throttling 4
15 Lack of user control Policies are implemented by DPI (Deep Packet Inspection) devices [IMC 16] Differentiation policy can be harmful or unwanted to users/content providers Youtube Throttling 4
16 Lack of user control Policies are implemented by DPI (Deep Packet Inspection) devices [IMC 16] Differentiation policy can be harmful or unwanted to users/content providers Users/content providers have no control over these policies Youtube Throttling 4
17 Previous work
18 Previous work Approaches: VPNs and proxies Covert channels Obfuscating traffic Domain fronting
19 Previous work Approaches: Limitations: VPNs and proxies Covert channels Obfuscating traffic Domain fronting
20 Previous work Approaches: VPNs and proxies Limitations: Brittle Covert channels Obfuscating traffic Domain fronting
21 Previous work Approaches: VPNs and proxies Covert channels Limitations: Brittle Development effort Obfuscating traffic Domain fronting
22 Previous work Approaches: VPNs and proxies Covert channels Obfuscating traffic Limitations: Brittle Development effort Performance Domain fronting
23 Previous work Approaches: VPNs and proxies Covert channels Obfuscating traffic Domain fronting Limitations: Brittle Development effort Performance Manual inspection
24 Goals of liberate Evade throttling liberate 6
25 Goals of liberate A technical solution for detecting and evading unwanted policies Evade throttling liberate 6
26 Goals of liberate A technical solution for detecting and evading unwanted policies Enables unmodified applications to evade Evade throttling liberate 6
27 Goals of liberate A technical solution for detecting and evading unwanted policies Enables unmodified applications to evade Automatically Evade throttling liberate 6
28 Goals of liberate A technical solution for detecting and evading unwanted policies Enables unmodified applications to evade Automatically Adaptively Evade throttling liberate 6
29 Goals of liberate A technical solution for detecting and evading unwanted policies Enables unmodified applications to evade Automatically Adaptively Unilaterally Evade throttling liberate 6
30 Goals of liberate A technical solution for detecting and evading unwanted policies Enables unmodified applications to evade Automatically Adaptively Unilaterally With low overhead Evade throttling liberate 6
31 Goals of liberate A technical solution for detecting and evading unwanted policies Enables unmodified applications to evade Automatically Adaptively Unilaterally With low overhead Unknown Evade throttling liberate 6
32 Outline Design and implementation Traffic-classification rules detection Evasion techniques Implementation Evaluation Effectiveness across multiple networks 7
33 Overview of liberate 8
34 Overview of liberate 8
35 Overview of liberate 8
36 Overview of liberate 8
37 Overview of liberate 8
38 Overview of liberate 8
39 Outline Design and implementation Traffic-classification rules detection Evasion techniques Implementation Evaluation Effectiveness across multiple networks 9
40 Design Traffic-classification rules detection 10
41 Design Traffic-classification rules detection Recorded traffic VPN Channel Client VPN server How to detect differentiation? Record and Replay [IMC 15] 10
42 Design Traffic-classification rules detection Recorded traffic VPN Channel Client VPN server Replay Client Recorded traffic Recorded traffic Replay server How to detect differentiation? Record and Replay [IMC 15] 10
43 Design Traffic-classification rules detection Recorded traffic VPN Channel Client VPN server Replay Client Recorded traffic Recorded traffic Replay server How to detect differentiation? Record and Replay [IMC 15] 10
44 Design Traffic-classification rules detection Recorded traffic VPN Channel Client VPN server Replay Client Recorded traffic Recorded traffic Replay server How to detect differentiation? Record and Replay [IMC 15] How to evade differentiation efficiently? 10
45 Design Traffic-classification rules detection Recorded traffic VPN Channel Client VPN server Replay Client Recorded traffic Recorded traffic Replay server How to detect differentiation? Record and Replay [IMC 15] How to evade differentiation efficiently? Understand classification rules [IMC 16] 10
46 Design Traffic-classification rules detection Recorded traffic VPN Channel Client VPN server Replay Client Recorded traffic GET /url Host: Recorded traffic Replay server How to detect differentiation? Record and Replay [IMC 15] How to evade differentiation efficiently? Understand classification rules [IMC 16] 10
47 Design Traffic-classification rules detection Recorded traffic VPN Channel Header Client VPN server Example matching content URI Replay Client Host Recorded traffic GET /url Host: site.js{ }-nbcsports-com Recorded traffic Host: Replay server How User-Agent to detect differentiation? User-Agent: Pandora 5.0{ } Content-Type Record and Replay [IMC 15] Content-Type: video How to SNI evade differentiation efficiently? googlevideo.com Understand classification rules [IMC 16] 10
48 Outline Design and implementation Traffic-classification rules detection Evasion techniques Implementation Evaluation Effectiveness across multiple networks 11
49 Design Example classification How does classifier classify application B? 12
50 Design Example classification How does classifier classify application B? 12
51 Design Example classification How does classifier classify application B? 12
52 Design Example classification How does classifier classify application B? 12
53 Design Example classification How does classifier classify application B? 12
54 Design Example classification How does classifier classify application B? 12
55 Design Example classification How does classifier classify application B? Matching contents : GET /B 12
56 Design Evasion techniques Using a small TTL value * Christian Kreibich et al Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. 13
57 Design Observation: Evasion techniques Match and forget behavior Using a small TTL value * Christian Kreibich et al Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. 13
58 Design Observation: Evasion techniques Match and forget behavior Incomplete views of the connection Using a small TTL value * Christian Kreibich et al Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. 13
59 Design Observation: Evasion techniques Match and forget behavior Incomplete views of the connection Inert packet insertion* : Traffic processed only by a classifier but not endpoint Using a small TTL value * Christian Kreibich et al Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. 13
60 Design Observation: Evasion techniques Match and forget behavior Incomplete views of the connection Inert packet insertion* : Traffic processed only by a classifier but not endpoint Using a small TTL value * Christian Kreibich et al Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. 13
61 Design Observation: Evasion techniques Match and forget behavior Incomplete views of the connection Inert packet insertion* : Traffic processed only by a classifier but not endpoint Using a small TTL value * Christian Kreibich et al Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. 13
62 Design Observation: Evasion techniques Match and forget behavior Incomplete views of the connection Inert packet insertion* : Traffic processed only by a classifier but not endpoint App B is classified as App A Using a small TTL value * Christian Kreibich et al Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics. 13
63 Design Evasion techniques SYN SYN, ACK TCP 80 TCP 80 ACK IPID 1 OFF 0 GE IPID 1 OFF 2 T IPID 1 OFF 4 /A IPID 1 OFF 6 \r\n TCP 80 TCP 80 TCP 80 TCP 80 TCP 80 Fragmenting the IP packet 14
64 Design Evasion techniques Observation: Each packet is searched independently for matching contents SYN SYN, ACK TCP 80 TCP 80 ACK IPID 1 OFF 0 GE IPID 1 OFF 2 T IPID 1 OFF 4 /A IPID 1 OFF 6 \r\n TCP 80 TCP 80 TCP 80 TCP 80 TCP 80 Fragmenting the IP packet 14
65 Design Evasion techniques Observation: Each packet is searched independently for matching contents Splitting/Reordering: splitting the matching contents across multiple packets SYN SYN, ACK TCP 80 TCP 80 ACK IPID 1 OFF 0 GE IPID 1 OFF 2 T IPID 1 OFF 4 /A IPID 1 OFF 6 \r\n TCP 80 TCP 80 TCP 80 TCP 80 TCP 80 Fragmenting the IP packet 14
66 Design Evasion techniques Observation: Each packet is searched independently for matching contents Splitting/Reordering: splitting the matching contents across multiple packets SYN SYN, ACK TCP 80 TCP 80 ACK IPID 1 OFF 0 GE IPID 1 OFF 2 T IPID 1 OFF 4 /A IPID 1 OFF 6 \r\n TCP 80 TCP 80 TCP 80 TCP 80 TCP 80 Fragmenting the IP packet 14
67 Design Evasion techniques Observation: Each packet is searched independently for matching contents Splitting/Reordering: splitting the matching contents across multiple packets SYN SYN, ACK TCP 80 TCP 80 App A is unclassified ACK IPID 1 OFF 0 GE IPID 1 OFF 2 T IPID 1 OFF 4 /A IPID 1 OFF 6 \r\n TCP 80 TCP 80 TCP 80 TCP 80 TCP 80 Fragmenting the IP packet 14
68 Design Evasion techniques SYN SYN, ACK ACK TCP 80 TCP 80 TCP 80 SEQ 1 GET /B TCP 80 Inserting large delays 15
69 Design Evasion techniques Observation: Classifiers do no retain classification results indefinitely SYN SYN, ACK ACK TCP 80 TCP 80 TCP 80 SEQ 1 GET /B TCP 80 Inserting large delays 15
70 Design Evasion techniques Observation: Classifiers do no retain classification results indefinitely Flushing: causing the classifier to remove the classification state for the flow SYN SYN, ACK ACK TCP 80 TCP 80 TCP 80 SEQ 1 GET /B TCP 80 Inserting large delays 15
71 Design Evasion techniques Observation: Classifiers do no retain classification results indefinitely Flushing: causing the classifier to remove the classification state for the flow SYN SYN, ACK ACK TCP 80 TCP 80 TCP 80 SEQ 1 GET /B TCP 80 Inserting large delays 15
72 Design Evasion techniques Observation: Classifiers do no retain classification results indefinitely Flushing: causing the classifier to remove the classification state for the flow SYN SYN, ACK ACK TCP 80 TCP 80 TCP 80 App B is unclassified SEQ 1 GET /B TCP 80 Inserting large delays 15
73 Outline Design and implementation Traffic-classification rules detection Evasion techniques Implementation Evaluation Effectiveness across multiple networks 16
74 Implementation App liberate Proxy Server 17 Replay Server
75 Implementation Phase 1: liberate does the analysis using a replay server App liberate Proxy Server Phase 1 17 Replay Server
76 Implementation Phase 1 Phase 1: liberate does the analysis using a replay server App liberate Proxy Server Phase 1 17 Replay Server
77 Implementation Phase 1: liberate does the analysis using a replay server Phase 2: liberate applies evasion technique to traffic in-flight App Phase 2 liberate Proxy Phase 2 Server Phase 1 17 Replay Server
78 Implementation Phase 1 Phase 2 Phase 1: liberate does the analysis using a replay server Phase 2: liberate applies evasion technique to traffic in-flight App Phase 2 liberate Proxy App Phase 2 liberate Proxy Phase 2 Phase 1 Phase 2 Server Server Phase 1 17 Replay Server Replay Server
79 Outline Design and implementation Traffic-classification rules detection Evasion techniques Implementation Evaluation Effectiveness across multiple networks 18
80 Evaluation Testbed and in the wild liberate Client Server 19
81 Evaluation Testbed and in the wild Testbed evaluation liberate Client Server 19
82 Evaluation Testbed and in the wild Testbed evaluation liberate Client Server Evaluation in the wild Client liberate 19 Server
83 Evaluation Testbed and in the wild Testbed evaluation liberate Client Server Evaluation in the wild Client liberate 19 Server
84 Evaluation Testbed and in the wild Testbed evaluation liberate Client Server Evaluation in the wild Client liberate 19 Server
85 Evaluation Results 20
86 Evaluation Example result table Technique Test case 1 Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Reverse the transmission of first two fragments Classification flushing 21
87 Evaluation Example result table Technique Test case 1 Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Reverse the transmission of first two fragments Classification flushing 21
88 Evaluation Example result table Technique Test case 1 Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Reverse the transmission of first two fragments Classification flushing 21
89 Evaluation Example result table Technique Test case 1 Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Reverse the transmission of first two fragments Classification flushing 21
90 Evaluation Testbed results Technique Testbed Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Classification flushing Break packet into two IP fragments Reverse the transmission of first two fragments TTL-limited RST packet before classification 22
91 Evaluation Testbed results Technique Testbed Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Classification flushing Break packet into two IP fragments Reverse the transmission of first two fragments TTL-limited RST packet before classification Efficiency: One-time overhead (phase 1) : 13 minutes 22
92 Evaluation Testbed results Technique Testbed Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Classification flushing Break packet into two IP fragments Reverse the transmission of first two fragments TTL-limited RST packet before classification Efficiency: One-time overhead (phase 1) : 13 minutes 22
93 Evaluation Testbed results Technique Testbed Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Classification flushing Break packet into two IP fragments Reverse the transmission of first two fragments TTL-limited RST packet before classification Efficiency: One-time overhead (phase 1) : 13 minutes Run-time overhead (phase 2) : tens of bytes per flow 22
94 Evaluation Testbed results Technique Testbed Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong sequence number Wrong checksum Payload Splitting Payload Reordering Classification flushing Break packet into two IP fragments Reverse the transmission of first two fragments TTL-limited RST packet before classification Efficiency: One-time overhead (phase 1) : 13 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: All types of techniques were effective in testbed 22
95 Evaluation T mobile Binge On Technique Testbed T mobile Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Payload Splitting Payload Reordering Classification flushing Break packet into five TCP segments Reverse the transmission of first two segments TTL-limited RST packet before classification 23
96 Evaluation T mobile Binge On Technique Testbed T mobile Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Payload Splitting Payload Reordering Break packet into five TCP segments Reverse the transmission of first two segments Classification flushing TTL-limited RST packet before classification Classified video (HTTP/S) was throttled to 1.5 Mbps and zero-rated Efficiency: One-time overhead (phase 1) : 30 minutes Run-time overhead (phase 2) : tens of bytes per flow 23
97 Evaluation T mobile Binge On Technique Testbed T mobile Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Payload Splitting Payload Reordering Break packet into five TCP segments Reverse the transmission of first two segments Classification flushing TTL-limited RST packet before classification Classified video (HTTP/S) was throttled to 1.5 Mbps and zero-rated Efficiency: One-time overhead (phase 1) : 30 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: UDP traffic (e.g., Youtube video in QUIC) was not classified 23
98 Evaluation T mobile Binge On Technique Testbed T mobile Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Payload Splitting Payload Reordering Break packet into five TCP segments Reverse the transmission of first two segments Classification flushing TTL-limited RST packet before classification Classified video (HTTP/S) was throttled to 1.5 Mbps and zero-rated Efficiency: One-time overhead (phase 1) : 30 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: UDP traffic (e.g., Youtube video in QUIC) was not classified Breaking packet into 5 TCP segments evaded classification 23
99 Evaluation T mobile Binge On Technique Testbed T mobile Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Payload Splitting Payload Reordering Break packet into five TCP segments Reverse the transmission of first two segments Classification flushing 23 TTL-limited RST packet before classification Classified video (HTTP/S) was throttled to 1.5 Mbps and zero-rated Efficiency: One-time overhead (phase 1) : 30 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: UDP traffic (e.g., Youtube video in QUIC) was not classified Breaking packet into 5 TCP segments evaded classification Reversing the order of initial packets was effective
100 Evaluation T mobile Binge On Technique Testbed T mobile Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Payload Splitting Payload Reordering Break packet into five TCP segments Reverse the transmission of first two segments Classification flushing 23 TTL-limited RST packet before classification Classified video (HTTP/S) was throttled to 1.5 Mbps and zero-rated Efficiency: One-time overhead (phase 1) : 30 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: UDP traffic (e.g., Youtube video in QUIC) was not classified Breaking packet into 5 TCP segments evaded classification Reversing the order of initial packets was effective
101 Evaluation The Great Firewall of China Technique Testbed T mobile GFC Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong Checksum Payload Splitting Payload Reordering Classification flushing Pause for t seconds before classification 24
102 Evaluation The Great Firewall of China Technique Testbed T mobile GFC Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong Checksum Payload Splitting Payload Reordering Classification flushing Pause for t seconds before classification Classified HTTP content was blocked by 3-5 RST packets Efficiency: One-time overhead (phase 1) : 20 minutes Run-time overhead (phase 2) : tens of bytes per flow 24
103 Evaluation The Great Firewall of China Technique Testbed T mobile GFC Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong Checksum Payload Splitting Payload Reordering Classification flushing Pause for t seconds before classification Classified HTTP content was blocked by 3-5 RST packets Efficiency: One-time overhead (phase 1) : 20 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: Both IP/ TCP inert insertion succeeded 24
104 Evaluation The Great Firewall of China Technique Testbed T mobile GFC Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong Checksum Payload Splitting Payload Reordering Classification flushing 24 Pause for t seconds before classification Classified HTTP content was blocked by 3-5 RST packets Efficiency: One-time overhead (phase 1) : 20 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: Both IP/ TCP inert insertion succeeded Flushing classification by pausing succeeded
105 Evaluation The Great Firewall of China Technique Testbed T mobile GFC Example technique Inert packet insertion IP TCP UDP Lower TTL to only reach classifier Wrong Checksum Payload Splitting Payload Reordering Classification flushing 24 Pause for t seconds before classification Classified HTTP content was blocked by 3-5 RST packets Efficiency: One-time overhead (phase 1) : 20 minutes Run-time overhead (phase 2) : tens of bytes per flow Effectiveness: Both IP/ TCP inert insertion succeeded Flushing classification by pausing succeeded
106 Evaluation The Great Firewall of China Time-of-day effects when flushing classification 25
107 Evaluation The Great Firewall of China Time-of-day effects when flushing classification 25
108 Evaluation The Great Firewall of China Time-of-day effects when flushing classification 25
109 Evaluation The Great Firewall of China Time-of-day effects when flushing classification 60 seconds successfully evaded 2:30 AM 25
110 Evaluation The Great Firewall of China Time-of-day effects when flushing classification 240 seconds failed to evade 60 seconds successfully evaded 2:30 AM 4:00 AM 25
111 Evaluation The Great Firewall of China Time-of-day effects when flushing classification 25
112 Evaluation The Great Firewall of China Time-of-day effects when flushing classification quiet hours (4:00 AM to 9:00 AM) using long delays did not evade 25
113 Evaluation The Great Firewall of China Time-of-day effects when flushing classification quiet hours (4:00 AM to 9:00 AM) using long delays did not evade busy hours (3:00 PM to 10:00 PM) using short delays evaded 25
114 Conclusion A tool that automatically and efficiently evades differentiation A taxonomy of evasion techniques An empirical measurement of traffic classifiers liberate evaded classifiers with low run-time overhead Public, open-source tools and datasets Future work: more resilient evasion techniques 26
115 Thanks For more details about liberate, code, and data : 27
Identifying Traffic Differentiation in Mobile Networks
Identifying Traffic Differentiation in Mobile Networks Arash Molavi Kakhki, Abbas Razaghpanah, Anke Li, Hyungjoon Koo, Rajesh Golani, David Choffnes, Phillipa Gill, Alan Mislove Northeastern University,
More informationYour State is Not Mine: A Closer Look at Evading Stateful Internet Censorship
Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship Zhongjie Wang, Yue Cao, Zhiyun Qian, Chengyu Song, Srikanth V Krishnamurthy University of California, Riverside 1 Internet
More informationAuthors: Mark Handley, Vern Paxson, Christian Kreibich
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics Authors: Mark Handley, Vern Paxson, Christian Kreibich Exploitable Ambiguities NIDS does not have full range
More informationNetwork Intrusion Detection Systems. Beyond packet filtering
Network Intrusion Detection Systems Beyond packet filtering Goal of NIDS Detect attacks as they happen: Real-time monitoring of networks Provide information about attacks that have succeeded: Forensic
More informationCCNA 1 Chapter 7 v5.0 Exam Answers 2013
CCNA 1 Chapter 7 v5.0 Exam Answers 2013 1 A PC is downloading a large file from a server. The TCP window is 1000 bytes. The server is sending the file using 100-byte segments. How many segments will the
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Networking Transport Layer Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) TCP/IP Model 2 Transport Layer Problem solved:
More informationInvestigating Transparent Web Proxies in Cellular Networks
Investigating Transparent Web Proxies in Cellular Networks Xing Xu, Yurong Jiang, Tobias Flach, Ethan Katz-Bassett, David Choffnes, Ramesh Govindan USC & Northeastern University March 20, 2015 Introduction
More informationCLASSIFICATION OF ARTIFICIAL INTELLIGENCE IDS FOR SMURF ATTACK
CLASSIFICATION OF ARTIFICIAL INTELLIGENCE IDS FOR SMURF ATTACK N.Ugtakhbayar, D.Battulga and Sh.Sodbileg Department of Communication technology, School of Information Technology, National University of
More informationInternet Protocol and Transmission Control Protocol
Internet Protocol and Transmission Control Protocol CMSC 414 November 13, 2017 Internet Protcol Recall: 4-bit version 4-bit hdr len 8-bit type of service 16-bit total length (bytes) 8-bit TTL 16-bit identification
More informationCS4700/CS5700 Fundamentals of Computer Networks
CS4700/CS5700 Fundamentals of Computer Networks Lecture 14: TCP Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang Alan Mislove amislove at ccs.neu.edu Northeastern
More informationLecture 11: Middleboxes and NAT (Duct tape for IPv4)
CSCI-351 Data communication and Networks Lecture 11: Middleboxes and NAT (Duct tape for IPv4) The slide is built with the help of Prof. Alan Mislove, Christo Wilson, and David Choffnes's class Middleboxes
More informationTransport Layer Review
Transport Layer Review Mahalingam Mississippi State University, MS October 1, 2014 Transport Layer Functions Distinguish between different application instances through port numbers Make it easy for applications
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationTransport: How Applications Communicate
Transport: How Applications Communicate Week 2 Philip Levis 1 7 Layers (or 4) 7. 6. 5. 4. 3. 2. 1. Application Presentation Session Transport Network Link Physical segments packets frames bits/bytes Application
More informationIntroduction to TCP/IP networking
Introduction to TCP/IP networking TCP/IP protocol family IP : Internet Protocol UDP : User Datagram Protocol RTP, traceroute TCP : Transmission Control Protocol HTTP, FTP, ssh What is an internet? A set
More informationProtocol Compliance Statements for the CSG2
APPENDIXC This appendix provides protocol compliance statements for the CSG2. Any RFCs that are not explicitly listed are not supported. Layer 4 Inspection (parse protocol=other) The Cisco Content Services
More informationComputer Security Spring Firewalls. Aggelos Kiayias University of Connecticut
Computer Security Spring 2008 Firewalls Aggelos Kiayias University of Connecticut Idea: Monitor inbound/ outbound traffic at a communication point Firewall firewall Internet LAN A firewall can run on any
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationOverview of TCP/IP Overview of TCP/IP protocol: TCP/IP architectural models TCP protocol layers.
Overview of TCP/IP 3 Overview of TCP/IP protocol: TCP/IP architectural models TCP protocol layers. 4 2 5 6 3 7 8 4 9 10 5 11 12 6 13 14 7 15 16 8 17 18 9 19 20 10 21 Why TCP/IP? Packet based Provides decentralized
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 19: Intrusion Detection Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Intruders Intrusion detection host-based network-based
More informationCMPE 80N: Introduction to Networking and the Internet
CMPE 80N: Introduction to Networking and the Internet Katia Obraczka Computer Engineering UCSC Baskin Engineering Lecture 11 CMPE 80N Fall'10 1 Announcements Forum #2 due on 11.05. CMPE 80N Fall'10 2 Last
More informationCPSC156a: The Internet Co-Evolution of Technology and Society. Lecture 4: September 16, 2003 Internet Layers and the Web
CPSC156a: The Internet Co-Evolution of Technology and Society Lecture 4: September 16, 2003 Internet Layers and the Web Layering in the IP Protocols HTTP (Web) Telnet Domain Name Service Simple Network
More informationTable of Contents 1 TCP Proxy Configuration 1-1
Table of Contents 1 TCP Proxy Configuration 1-1 Overview 1-1 Introduction to SYN Flood Attack 1-1 Introduction to TCP Proxy 1-1 How TCP Proxy Works 1-2 Configuring TCP Proxy 1-3 Configuration Task List
More informationLink download full: Test Bank for Business Data Networks and Security 9th Edition by Panko https://digitalcontentmarket.org/download/business-data-networks-and-security-9thedition-by-panko/ Business Data
More informationLECTURE 8. Mobile IP
1 LECTURE 8 Mobile IP What is Mobile IP? The Internet protocol as it exists does not support mobility Mobile IP tries to address this issue by creating an anchor for a mobile host that takes care of packet
More informationHP High-End Firewalls
HP High-End Firewalls Attack Protection Configuration Guide Part number: 5998-2650 Software version: F1000-A-EI&F1000-S-EI: R3721 F5000: F3210 F1000-E: F3171 Firewall module: F3171 Document version: 6PW101-20120719
More informationAn In-depth Study of LTE: Effect of Network Protocol and Application Behavior on Performance
An In-depth Study of LTE: Effect of Network Protocol and Application Behavior on Performance Authors: Junxian Huang, Feng Qian, Yihua Guo, Yuanyuan Zhou, Qiang Xu, Z. Morley Mao, Subhabrata Sen, Oliver
More informationProtocol Compliance Statements for the CSG2
APPENDIXJ This appendix provides protocol compliance statements for the CSG2. Any RFCs that are not explicitly listed are not supported. Layer 4 Inspection (parse protocol=other) The Cisco Content Services
More informationCOSC 301 Network Management
COSC 301 Network Management Lecture 21: Firewalls & NAT Zhiyi Huang Computer Science, University of Otago COSC301 Lecture 21: Firewalls & NAT 1 Today s Focus How to protect an intranet? -- Firewall --
More informationSOCKS Protocol Version 6 (update)
SOCKS Protocol Version 6 (update) draft-olteanu-intarea-socks-6-05 Vladimir Olteanu New in -05 Different handling of first bytes of application data Reverse TCP proxy: can now handle concurrent incoming
More informationTransport Layer. Gursharan Singh Tatla. Upendra Sharma. 1
Transport Layer Gursharan Singh Tatla mailme@gursharansingh.in Upendra Sharma 1 Introduction The transport layer is the fourth layer from the bottom in the OSI reference model. It is responsible for message
More information9th Slide Set Computer Networks
Prof. Dr. Christian Baun 9th Slide Set Computer Networks Frankfurt University of Applied Sciences WS1718 1/49 9th Slide Set Computer Networks Prof. Dr. Christian Baun Frankfurt University of Applied Sciences
More informationBIG-IP otse vastu internetti. Kas tulemüüri polegi vaja?
BIG-IP otse vastu internetti. Kas tulemüüri polegi vaja? Tarmo Mamers Heigo Mansberg Network Firewall Imagery stackexchange.com Network Firewall Functions Network Firewall Traffic OUTSIDE INSIDE INBOUND
More informationFirewalls N E T W O R K ( A N D D ATA ) S E C U R I T Y / P E D R O B R A N D Ã O M A N U E L E D U A R D O C O R R E I A
Firewalls N E T W O R K ( A N D D ATA ) S E C U R I T Y 2 01 6 / 2 017 P E D R O B R A N D Ã O M A N U E L E D U A R D O C O R R E I A Slides are based on slides by Dr Lawrie Brown (UNSW@ADFA) for Computer
More informationActive Measurement of Data-Path Quality in a Non-cooperative Internet
Active Measurement of Data-Path Quality in a Non-cooperative Internet Rocky K. C. Chang Internet Infrastructure and Security Group 7 Oct. 2010 Active Measurement of Data-Path Quality in a Non-cooperative
More informationc. If the sum contains a zero, the receiver knows there has been an error.
ENSC-37 Fall 27 Assignment#3 Due Date 6 Oct. 27 Problem-:[4] UDP and TCP use s complement for their checksums. Suppose you have the following three 8-bit bytes:,, and. a. [6] What is the s complement of
More information4. The transport layer
4.1 The port number One of the most important information contained in the header of a segment are the destination and the source port numbers. The port numbers are necessary to identify the application
More informationtcp-map through type echo Commands
CHAPTER 31 31-1 tcp-map Chapter 31 tcp-map To define a set of TCP normalization actions, use the tcp-map command in global configuration mode. The TCP normalization feature lets you specify criteria that
More informationChapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet
Chapter 2 - Part 1 The TCP/IP Protocol: The Language of the Internet Protocols A protocol is a language or set of rules that two or more computers use to communicate 2 Protocol Analogy: Phone Call Parties
More informationNetworking Technologies and Applications
Networking Technologies and Applications Rolland Vida BME TMIT Transport Protocols UDP User Datagram Protocol TCP Transport Control Protocol and many others UDP One of the core transport protocols Used
More informationNote: This practice midterm only covers a subset of the topics you are required to know.
CS144 Practice Midterm Fall 2010 Note: This practice midterm only covers a subset of the topics you are required to know. Question 1: Suppose you are writing a file copy program in TCP. You send a TCP
More informationConfiguring Service Policy Rules on Firewall Devices
CHAPTER 55 Configuring Service Policy Rules on Firewall Devices This section describes configuring service policy rules. Service policies provide a consistent and flexible way to configure certain security
More informationStatistical based Approach for Packet Classification
Statistical based Approach for Packet Classification Dr. Mrudul Dixit 1, Ankita Sanjay Moholkar 2, Sagarika Satish Limaye 2, Devashree Chandrashekhar Limaye 2 Cummins College of engineering for women,
More informationNWEN 243. Networked Applications. Layer 4 TCP and UDP
NWEN 243 Networked Applications Layer 4 TCP and UDP 1 About the second lecturer Aaron Chen Office: AM405 Phone: 463 5114 Email: aaron.chen@ecs.vuw.ac.nz Transport layer and application layer protocols
More informationBusiness Data Networks and Security 10th Edition by Panko Test Bank
Business Data Networks and Security 10th Edition by Panko Test Bank Chapter 2 Network Standards 1) Internet standards are published as. A) RFCs B) IETFs C) TCP/IPs D) Internet Protocols Question: 1a Objective:
More informationTCP /IP Fundamentals Mr. Cantu
TCP /IP Fundamentals Mr. Cantu OSI Model and TCP/IP Model Comparison TCP / IP Protocols (Application Layer) The TCP/IP subprotocols listed in this layer are services that support a number of network functions:
More informationTransport Layer. <protocol, local-addr,local-port,foreign-addr,foreign-port> ϒ Client uses ephemeral ports /10 Joseph Cordina 2005
Transport Layer For a connection on a host (single IP address), there exist many entry points through which there may be many-to-many connections. These are called ports. A port is a 16-bit number used
More informationInternet Streaming Media. Reji Mathew NICTA & CSE UNSW COMP9519 Multimedia Systems S2 2007
Internet Streaming Media Reji Mathew NICTA & CSE UNSW COMP9519 Multimedia Systems S2 2007 Multimedia Streaming UDP preferred for streaming System Overview Protocol stack Protocols RTP + RTCP SDP RTSP SIP
More informationCS 3516: Computer Networks
Welcome to CS 3516: Computer Networks Prof. Yanhua Li Time: 9:00am 9:50am M, T, R, and F Location: AK 219 Fall 2018 A-term 1 Some slides are originally from the course materials of the textbook Computer
More informationSquare Pegs in a Round Pipe: Wire-Compatible Unordered Delivery In TCP and TLS
Square Pegs in a Round Pipe: Wire-Compatible Unordered Delivery In TCP and TLS Jana Iyengar*, Bryan Ford + Syed Obaid Amin* +, Michael F. Nowlan +, Nabin Tiwari* *Franklin & Marshall College + Yale University
More informationIPSec. Overview. Overview. Levente Buttyán
IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet
More informationHistory Page. Barracuda NextGen Firewall F
The Firewall > History page is very useful for troubleshooting. It provides information for all traffic that has passed through the Barracuda NG Firewall. It also provides messages that state why traffic
More informationICS 451: Today's plan
ICS 451: Today's plan ICMP ping traceroute ARP DHCP summary of IP processing ICMP Internet Control Message Protocol, 2 functions: error reporting (never sent in response to ICMP error packets) network
More informationOutline. What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack
Attacks on TCP Outline What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack TCP Protocol Transmission Control Protocol (TCP) is a core protocol
More informationAN exam March
AN exam March 29 2018 Dear student This exam consists of 7 questions. The total number of points is 100. Read the questions carefully. Be precise and concise. Write in a readable way. Q1. UDP and TCP (25
More informationCS 3516: Advanced Computer Networks
Welcome to CS 3516: Advanced Computer Networks Prof. Yanhua Li Time: 9:00am 9:50am M, T, R, and F Location: Fuller 320 Fall 2017 A-term 1 Some slides are originally from the course materials of the textbook
More information4. What is the sequence number of the SYNACK segment sent by spinlab.wpi.edu to the client computer in reply to the SYN? Also Seq=0 (relative
1. What is the IP address and TCP port number used by your client computer (source) to transfer the file to spinlab.wpi.edu? My computer is at 10.211.55.3. The source port is 49247. See screenshot below.
More informationChoosing The Best Firewall Gerhard Cronje April 10, 2001
Choosing The Best Firewall Gerhard Cronje April 10, 2001 1. Introduction Due to the phenomenal growth of the Internet in the last couple of year s companies find it hard to operate without a presence on
More informationASA Access Control. Section 3
[ 39 ] CCNP Security Firewall 642-617 Quick Reference Section 3 ASA Access Control Now that you have connectivity to the ASA and have configured basic networking settings on the ASA, you can start to look
More informationModule : ServerIron ADX Packet Capture
Module : ServerIron ADX Packet Capture Objectives Upon completion of this module, you will be able to: Describe Brocade ServerIron ADX (ADX) Packet Capture feature Configure and verify the Packet Capture
More informationAlcatel-Lucent 4A Alcatel-Lucent Scalable IP Networks. Download Full Version :
Alcatel-Lucent 4A0-100 Alcatel-Lucent Scalable IP Networks Download Full Version : https://killexams.com/pass4sure/exam-detail/4a0-100 Answer: B QUESTION: 216 Which of the following statements best characterize
More informationActivating Intrusion Prevention Service
Activating Intrusion Prevention Service Intrusion Prevention Service Overview Configuring Intrusion Prevention Service Intrusion Prevention Service Overview Intrusion Prevention Service (IPS) delivers
More informationDeveloping the Sensor Capability in Cyber Security
Developing the Sensor Capability in Cyber Security Tero Kokkonen, Ph.D. +358504385317 tero.kokkonen@jamk.fi JYVSECTEC JYVSECTEC - Jyväskylä Security Technology - is the cyber security research, development
More informationTable of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1
Table of Contents 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1 i 1 Intrusion Detection Statistics Overview Intrusion detection is an important network
More informationInternet Traffic Classification using Machine Learning
Internet Traffic Classification using Machine Learning by Alina Lapina 2018, UiO, INF5050 Alina Lapina, Master student at IFI, Full stack developer at Ciber Experis 2 Based on Thuy T. T. Nguyen, Grenville
More informationQUIZ: Longest Matching Prefix
QUIZ: Longest Matching Prefix A router has the following routing table: 10.50.42.0 /24 Send out on interface Z 10.50.20.0 /24 Send out on interface A 10.50.24.0 /22 Send out on interface B 10.50.20.0 /22
More informationCSCI 680: Computer & Network Security
CSCI 680: Computer & Network Security Lecture 21 Prof. Adwait Nadkarni Fall 2017 Derived from slides by William Enck, Micah Sherr and Patrick McDaniel 1 Filtering: Firewalls Filtering traffic based on
More informationInternet Streaming Media
Internet Streaming Media Reji Mathew NICTA & CSE UNSW COMP9519 Multimedia Systems S2 2008 Multimedia Streaming preferred for streaming System Overview Protocol stack Protocols + SDP S Encoder Side Issues
More informationOSI Transport Layer. Network Fundamentals Chapter 4. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1
OSI Transport Layer Network Fundamentals Chapter 4 Version 4.0 1 Transport Layer Role and Services Transport layer is responsible for overall end-to-end transfer of application data 2 Transport Layer Role
More informationReliable Transport I: Concepts and TCP Protocol
Reliable Transport I: Concepts and TCP Protocol Brad Karp UCL Computer Science CS 3035/GZ01 29 th October 2013 Part I: Transport Concepts Layering context Transport goals Transport mechanisms 2 Context:
More informationARP, IP, TCP, UDP. CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1
ARP, IP, TCP, UDP CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1 IP and MAC Addresses Devices on a local area network have IP addresses (network layer) MAC addresses (data
More informationCSC Network Security
CSC 474 -- Security Topic 9. Firewalls CSC 474 Dr. Peng Ning 1 Outline Overview of Firewalls Filtering Firewalls Proxy Servers CSC 474 Dr. Peng Ning 2 Overview of Firewalls CSC 474 Dr. Peng Ning 3 1 Internet
More informationSome of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du. Firewalls. Chester Rebeiro IIT Madras
Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du Firewalls Chester Rebeiro IIT Madras Firewall Block unauthorized traffic flowing from one network to another
More informationIntroduction to Networks and the Internet
Introduction to Networks and the Internet CMPE 80N Announcements Project 2. Reference page. Library presentation. Internet History video. Spring 2003 Week 7 1 2 Today Internetworking (cont d). Fragmentation.
More informationInterconnecting Networks with TCP/IP
Chapter 8 Interconnecting s with TCP/IP 1999, Cisco Systems, Inc. 8-1 Introduction to TCP/IP Internet TCP/IP Early protocol suite Universal 1999, Cisco Systems, Inc. www.cisco.com ICND 8-2 TCP/IP Protocol
More informationHP High-End Firewalls
HP High-End Firewalls Attack Protection Configuration Guide Part number: 5998-2630 Software version: F1000-E/Firewall module: R3166 F5000-A5: R3206 Document version: 6PW101-20120706 Legal and notice information
More informationCorrigendum 3. Tender Number: 10/ dated
(A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial
More informationCSC 4900 Computer Networks: Security Protocols (2)
CSC 4900 Computer Networks: Security Protocols (2) Professor Henry Carter Fall 2017 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message Integrity 8.4 End point Authentication
More informationA Robust Classifier for Passive TCP/IP Fingerprinting
A Robust Classifier for Passive TCP/IP Fingerprinting Rob Beverly MIT CSAIL rbeverly@csail.mit.edu April 20, 2004 PAM 2004 Typeset by FoilTEX Outline A Robust Classifier for Passive TCP/IP Fingerprinting
More informationsurveillance & anonymity cs642 computer security adam everspaugh
surveillance & anonymity cs642 computer security adam everspaugh ace@cs.wisc.edu today Internet-wide scanning, zmap Massive surveillance, packet inspection Anonymous browsing, TOR TCP handshake Client
More informationCCNA Exploration Network Fundamentals. Chapter 04 OSI Transport Layer
CCNA Exploration Network Fundamentals Chapter 04 OSI Transport Layer Updated: 05/05/2008 1 4.1 Roles of the Transport Layer 2 4.1 Roles of the Transport Layer The OSI Transport layer accept data from the
More informationNetwork Forensics and Covert Channels Analysis in Internet Protocols
School of Computer Science North Haugh KY16 9SX Scotland, UK Network Forensics and Covert Channels Analysis in Internet Protocols #1 Covert Channels in Internet Protocols PhD Student Email david@dcs.st-andrews.ac.uk
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationNetwork Analysis of Point of Sale System Compromises
Network Analysis of Point of Sale System Compromises Operation Terminal Guidance Chicago Electronic & Financial Crimes Task Force U.S. Secret Service Outline Background Hypothesis Deployment Methodology
More informationSecurity Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)
Security Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings) Lecture Outline Network Attacks Attive Attacks Passive Attacks TCP Attacks Contermeasures IPSec SSL/TLS Firewalls
More informationRef: A. Leon Garcia and I. Widjaja, Communication Networks, 2 nd Ed. McGraw Hill, 2006 Latest update of this lecture was on
IP Version 4 (IPv4) Header (Continued) Identification (16 bits): One of the parameters of any network is the maximum transmission unit (MTU) parameter. This parameter specifies the maximum size of the
More informationfile:///c:/users/hpguo/dropbox/website/teaching/fall 2017/CS4470/H...
1 of 9 11/26/2017, 11:28 AM Homework 3 solutions 1. A window holds bytes 2001 to 5000. The next byte to be sent is 3001. Draw a figure to show the situation of the window after the following two events:
More informationECE 435 Network Engineering Lecture 15
ECE 435 Network Engineering Lecture 15 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 26 October 2016 Announcements HW#5 due HW#6 posted Broadcasts on the MBONE 1 The Transport
More informationNetwork Interconnection
Network Interconnection Covers different approaches for ensuring border or perimeter security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Lecture
More informationNT1210 Introduction to Networking. Unit 10
NT1210 Introduction to Networking Unit 10 Chapter 10, TCP/IP Transport Objectives Identify the major needs and stakeholders for computer networks and network applications. Compare and contrast the OSI
More informationCSCI 466 Midterm Networks Fall 2013
CSCI 466 Midterm Networks Fall 2013 Name: This exam consists of 6 problems on the following 7 pages. You may use your single-sided hand-written 8 ½ x 11 note sheet and a calculator during the exam. No
More informationHP Load Balancing Module
HP Load Balancing Module Load Balancing Configuration Guide Part number: 5998-4218 Software version: Feature 3221 Document version: 6PW100-20130326 Legal and notice information Copyright 2013 Hewlett-Packard
More informationIntroduction to Internet. Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis
Introduction to Internet Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis What about inter-networks communications? Between LANs? Ethernet?? Ethernet Example Similarities and Differences between
More informationCS 455: INTRODUCTION TO DISTRIBUTED SYSTEMS [NETWORKING] Frequently asked questions from the previous class surveys
CS 455: INTRODUCTION TO DISTRIBUTED SYSTEMS [NETWORKING] The Receiver's Buffer Small it may be But throttle the mightiest sender It can Not just the how much But also the when Or if at all Shrideep Pallickara
More informationObservation by Internet Fix-Point Monitoring System (TALOT2) for May 2011
Observation by Internet Fix-Point Monitoring System (TALOT2) for May 2011 1. To General Internet Users According to the Internet Fixed-Point Monitoring System (TALOT2), 189,497 unwanted (one-sided) accesses
More informationDDOS RESILIENCY SCORE (DRS) "An open standard for quantifying an Organization's resiliency to withstand DDoS attacks" Version July
DDOS RESILIENCY SCORE (DRS) "An open standard for quantifying an Organization's resiliency to withstand DDoS attacks" Version 1.01.01 17 July 2017... Text is available under the GNU Free Documentation
More informationIntroduction to Information Science and Technology 2017 Networking II. Sören Schwertfeger 师泽仁
II Sören Schwertfeger 师泽仁 Outline Review Network Layer Routing Transport Layer Applications HTTP Demos Internet: Huge network of networks Billions of hosts (computers) Internet Structure Network Edge:
More informationChapter 8 roadmap. Network Security
Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing
More informationTCP/IP Protocol Suite 1
TCP/IP Protocol Suite 1 Stream Control Transmission Protocol (SCTP) TCP/IP Protocol Suite 2 OBJECTIVES: To introduce SCTP as a new transport-layer protocol. To discuss SCTP services and compare them with
More informationLayer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers
Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled
More information