发布求助
文献互助 智能选刊 最新文献

2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)最新文献

筛选
英文 中文
Honeypot testbed for network defence strategy evaluation 网络防御策略评估蜜罐试验台
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-08-05 DOI: 10.23919/INM.2017.7987397
Jana Medková, M. Husák, Martin Vizváry, Pavel Čeleda
{"title":"Honeypot testbed for network defence strategy evaluation","authors":"Jana Medková, M. Husák, Martin Vizváry, Pavel Čeleda","doi":"10.23919/INM.2017.7987397","DOIUrl":"https://doi.org/10.23919/INM.2017.7987397","url":null,"abstract":"In this paper, we describe a network defence strategy testbed, which could be utilized for testing the strategy decision logic against simulated attacks or real attackers. The testbed relies on a network of honeypots and the high level of logging and monitoring the honeypots provide. Its main advantage is that only the decision logic implementation is needed in order to test the strategy. The testbed also evaluates the tested network defence strategy. We demonstrate an example of network defence strategy implementation, the test setup, progress, and results. The source code of the testbed is available on GitHub.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133492151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Exchanging security events: Which and how many alerts can we aggregate? 交换安全事件:我们可以聚合哪些和多少个警报?
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-08-05 DOI: 10.23919/INM.2017.7987340
M. Husák, Milan Cermák, Martin Laštovička, Jan Vykopal
{"title":"Exchanging security events: Which and how many alerts can we aggregate?","authors":"M. Husák, Milan Cermák, Martin Laštovička, Jan Vykopal","doi":"10.23919/INM.2017.7987340","DOIUrl":"https://doi.org/10.23919/INM.2017.7987340","url":null,"abstract":"The exchange of security alerts is a current trend in network security and incident response. Alerts from network intrusion detection systems are shared among organizations so that it is possible to see the “big picture” of current security situation. However, the quality and redundancy of the input data seem to be underrated. We present four use cases of aggregation of the alerts from network intrusion detection systems. Alerts from a sharing platform deployed in the Czech national research and education network were examined in a case study. Volumes of raw and aggregated data are presented and a rule of thumb is proposed: up to 85% of alerts can be aggregated. Finally, we discuss the practical implications of alert aggregation for the network intrusion detection system, such as (in)completeness of the alerts and optimal time windows for aggregation.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133104220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Network defence strategy evaluation: Simulation vs. live network 网络防御策略评估:模拟与实时网络
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-08-05 DOI: 10.23919/INM.2017.7987267
Jana Medková, M. Husák, Martin Drasar
{"title":"Network defence strategy evaluation: Simulation vs. live network","authors":"Jana Medková, M. Husák, Martin Drasar","doi":"10.23919/INM.2017.7987267","DOIUrl":"https://doi.org/10.23919/INM.2017.7987267","url":null,"abstract":"A lot of research has been dedicated to finding an optimal strategy to defend network infrastructure. The proposed methods are usually evaluated using simulations, replayed attacks or testbed environments. However, these evaluation methods may give biased results, because in real life, attackers can follow a suboptimal strategy or react to a defence in an unexpected way. In this paper, we use a network of honeypots as a testing environment for evaluating network defence strategies. The honeypot network provides the opportunity to test a defence strategy against real attackers and is not as time and resource consuming as using white hat hackers. In our experiment, we use two different strategies to defend a group of honeypots in a live network and we compare these results to the results of a simulation with replayed attacks. We show that the results of the strategies in the simulation significantly differ from the results on the honeypot network which implies simulations are not sufficient for strategy evaluation. We also investigate how the attacker adapts to the responses taken by a defence strategy and how this change in behaviour affects the evaluation results.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129818253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A graph-based representation of relations in network security alert sharing platforms 基于图的网络安全警报共享平台关系表示
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-08-05 DOI: 10.23919/INM.2017.7987399
M. Husák, Milan Cermák
{"title":"A graph-based representation of relations in network security alert sharing platforms","authors":"M. Husák, Milan Cermák","doi":"10.23919/INM.2017.7987399","DOIUrl":"https://doi.org/10.23919/INM.2017.7987399","url":null,"abstract":"In this paper, we present a framework for graph-based representation of relation between sensors and alert types in a security alert sharing platform. Nodes in a graph represent either sensors or alert types, while edges represent various relations between them, such as common type of reported alerts or duplicated alerts. The graph is automatically updated, stored in a graph database, and visualized. The resulting graph will be used by network administrators and security analysts as a visual guide and situational awareness tool in a complex environment of security alert sharing.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116064281","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
SDQ: Enabling rapid QoE experimentation using Software Defined Networking SDQ:使用软件定义网络实现快速QoE实验
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-07-24 DOI: 10.23919/INM.2017.7987353
L. Fawcett, Mu Mu, M. Broadbent, Nicholas Hart, N. Race
{"title":"SDQ: Enabling rapid QoE experimentation using Software Defined Networking","authors":"L. Fawcett, Mu Mu, M. Broadbent, Nicholas Hart, N. Race","doi":"10.23919/INM.2017.7987353","DOIUrl":"https://doi.org/10.23919/INM.2017.7987353","url":null,"abstract":"The emerging network paradigm of Software Defined Networking (SDN) has been increasingly adopted to improve the Quality of Experiences (QoE) across multiple HTTP adaptive streaming (HAS) instances. However, there is currently a gap between research and reality in this field. QoE models, which offer user-level context to network management processes, are often tested in a simulation environment. Such environments do not consider the effects that network protocols, client programs, and other real world factors may have on the outcomes. Ultimately, this can lead to models not functioning as expected in real networks. On the other hand, setting up an experiment that reflects reality is a time consuming process requiring expert knowledge. This paper shares designs and guidelines of an SDN experimentation framework (SDQ), which offers rapid evaluation of QoE models using real network infrastructures.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129054289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Locality based approach to improve propagation delay on the Bitcoin peer-to-peer network 基于局部性的比特币点对点网络传播延迟改进方法
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-07-20 DOI: 10.23919/INM.2017.7987328
M. Sallal, Gareth Owenson, M. Adda
{"title":"Locality based approach to improve propagation delay on the Bitcoin peer-to-peer network","authors":"M. Sallal, Gareth Owenson, M. Adda","doi":"10.23919/INM.2017.7987328","DOIUrl":"https://doi.org/10.23919/INM.2017.7987328","url":null,"abstract":"The delay overhead of transaction verification in Bitcoin, a peer-to-peer electronic currency system, is a complicated issue which makes the system vulnerable to double spend attacks. In this paper, we propose a new approach, that is based on how the clusters are formulated and the nodes define their membership, to improve the transaction propagation delay in the Bitcoin network. In this approach, the locality of connectivity in the Bitcoin network is increased by grouping Bitcoin nodes based on their geographical location. We show, through simulations, that location based-distance better defines clustering structures that optimize the performance of the transaction propagation delay. A key reason behind this improvement is mainly due to the reduction of the communication link cost measured by the distance between nodes. Compared to the existing clustering protocol (BCBSN) that we proposed in our previous work, location based clustering is more effective at reducing the transaction propagation delay.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134082441","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Distributed spatial indexing for the Internet of Things data management 面向物联网数据管理的分布式空间索引
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-06-24 DOI: 10.23919/INM.2017.7987467
Yasmin Fathy, P. Barnaghi, R. Tafazolli
{"title":"Distributed spatial indexing for the Internet of Things data management","authors":"Yasmin Fathy, P. Barnaghi, R. Tafazolli","doi":"10.23919/INM.2017.7987467","DOIUrl":"https://doi.org/10.23919/INM.2017.7987467","url":null,"abstract":"The Internet of Things (IoT) has become a new enabler for collecting real-world observation and measurement data from the physical world. The IoT allows objects with sensing and network capabilities (i.e. Things and devices) to communicate with one another and with other resources (e.g. services) on the digital world. The heterogeneity, dynamicity and ad-hoc nature of underlying data, and services published by most of IoT resources make accessing and processing the data and services a challenging task. The IoT demands distributed, scalable, and efficient indexing solutions for large-scale distributed IoT networks. We describe a novel distributed indexing approach for IoT resources and their published data. The index structure is constructed by encoding the locations of IoT resources into geohashes and then building a quadtree on the minimum bounding box of the geohash representations. This allows to aggregate resources with similar geohashes and reduce the size of the index. We have evaluated our proposed solution on a large-scale dataset and our results show that the proposed approach can efficiently index and enable discovery of the IoT resources with 65% better response time than a centralised approach and with a high success rate (around 90% in the first few attempts).","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134114691","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Energy-efficient peer-to-peer networking for constrained-capacity mobile environments 有限容量移动环境的节能点对点网络
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-05-08 DOI: 10.23919/INM.2017.7987385
E. Harjula, T. Ojala, M. Ylianttila
{"title":"Energy-efficient peer-to-peer networking for constrained-capacity mobile environments","authors":"E. Harjula, T. Ojala, M. Ylianttila","doi":"10.23919/INM.2017.7987385","DOIUrl":"https://doi.org/10.23919/INM.2017.7987385","url":null,"abstract":"Energy efficiency is a powerful measure for promoting sustainability in technological evolution and ensuring feasible battery life of mobile end-user devices. Peer-to-peer technology provides decentralized and self-organizing, but also energy-inefficient technology for distributing content between devices in networks that scale up almost infinitely. The dissertation [1] summarized in this paper makes four contributions towards enabling energy-aware peer-to-peer networking in mobile environments: 1) an empirical study for understanding the energy consumption characteristics of radio interfaces and typical composition of traffic in peer-to-peer networks, 2) a model for estimating the energy consumption of a mobile device with different traffic profiles, 3) a model for energy-aware load monitoring of mobile peer nodes, and 4) a mobile agent based virtual peers concept for energy-aware sharing of peer responsibilities between peer nodes in a subnet. The results give valuable insight into implementing energy-efficient peer-to-peer systems in mobile environments.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"4 3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120812341","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
A cost-effective security management for clouds: A game-theoretic deception mechanism 一种经济有效的云安全管理:博弈论欺骗机制
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-05-08 DOI: 10.23919/INM.2017.7987269
Mohammad Taghi Adili, Amin Mohammadi, M. Manshaei, M. Rahman
{"title":"A cost-effective security management for clouds: A game-theoretic deception mechanism","authors":"Mohammad Taghi Adili, Amin Mohammadi, M. Manshaei, M. Rahman","doi":"10.23919/INM.2017.7987269","DOIUrl":"https://doi.org/10.23919/INM.2017.7987269","url":null,"abstract":"The Information Technology (IT) is observing a rising shift toward cloud computing due to its attractive on-demand storage and computing capabilities that allow moving the computing and storage load from the owner's side to the service provider's place and enjoying the data or computed results efficiently anywhere anytime. This growing use of clouds also introduces significant security concerns, as sensitive data and critical applications are increasingly being moved to clouds. Recent work also reveals different security threats, e.g., side-channel attacks, against cloud services. In this work, we address the need of improved solutions for the security management of cloud computing. We propose a moving target-based deceptive defense mechanism where the moving target idea is centered on frequent migrations of the virtual machines (VMs). We make the moves cost-efficient by modeling the problem as a signaling game between the adversary and the VMs and introducing deceptions. We solve the game and obtain two Nash equilibria. These results illustrate the best possible moves by the adversary and the corresponding strategy for the VMs that should reduce the adversary's chance of being successful at most.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123540372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Lightweight virtualization as enabling technology for future smart cars 轻量级虚拟化作为未来智能汽车的支持技术
2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) Pub Date : 2017-05-08 DOI: 10.23919/INM.2017.7987466
Roberto Morabito, Riccardo Petrolo, V. Loscrí, N. Mitton, G. Ruggeri, A. Molinaro
{"title":"Lightweight virtualization as enabling technology for future smart cars","authors":"Roberto Morabito, Riccardo Petrolo, V. Loscrí, N. Mitton, G. Ruggeri, A. Molinaro","doi":"10.23919/INM.2017.7987466","DOIUrl":"https://doi.org/10.23919/INM.2017.7987466","url":null,"abstract":"Modern vehicles are equipped with several interconnected sensors on board for monitoring and diagnosis purposes; their availability is a main driver for the development of novel applications in the smart vehicle domain. In this paper, we propose a Docker container-based platform as solution for implementing customized smart car applications. Through a proof-of-concept prototype—developed on a Raspberry Pi3 board—we show that a container-based virtualization approach is not only viable but also effective and flexible in the management of several parallel processes running on On Board Unit. More specifically, the platform can take priority-based decisions by handling multiple inputs, e.g., data from the CANbus based on the OBD II codes, video from the on-board webcam, and so on. Results are promising for the development of future in-vehicle virtualized platforms.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"545 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125385740","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信