发布求助
文献互助 智能选刊 最新文献

2009 5th IEEE Workshop on Secure Network Protocols最新文献

筛选
英文 中文
Packet classification in co-mingled traffic streams 混合流中的包分类
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342251
Siddharth Maru, T. Brown
{"title":"Packet classification in co-mingled traffic streams","authors":"Siddharth Maru, T. Brown","doi":"10.1109/NPSEC.2009.5342251","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342251","url":null,"abstract":"This paper considers the problem of packet classification in a co-mingled traffic stream. Given an encrypted co-mingled stream consisting of different protocol flows originating from different sources; we investigate if it is possible to assign packets to their respective sources and identify the protocol for each source. Encryption makes it difficult to obtain any information from packet headers or payloads. Consequently the only information available to an observer is the packet size, arrival times, direction and power levels. This paper presents a statistical approach that analyses the sizes and power levels of packets belonging to each protocol and uses this information to classify the packets in the co-mingled stream. Results are presented for the classification of a co-mingled stream of upto five different protocols. The results show that it is possible to efficiently classify packets based on sizes, direction and power levels. We see that packets belonging to the HTTP protocol are easiest to classify whereas those belonging to the FTP and IMAP protocols are difficult to separate when co-mingled with each other.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126947110","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
SINE: Cache-friendly integrity for the web 正弦:缓存友好的网络完整性
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342250
C. Gaspard, S. Goldberg, W. Itani, E. Bertino, C. Nita-Rotaru
{"title":"SINE: Cache-friendly integrity for the web","authors":"C. Gaspard, S. Goldberg, W. Itani, E. Bertino, C. Nita-Rotaru","doi":"10.1109/NPSEC.2009.5342250","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342250","url":null,"abstract":"In this paper we present SINE, a cache-friendly protocol for integrity-enforced web documents. SINE operates by decoupling integrity from confidentiality and provides web documents with an integrity-enforcement authentication tag that can be incrementally verified by multiple parties. We developed a prototype implementation of SINE with minimal changes to the standard web client/server architecture and conducted experiments using the standard Squid web proxy. Our experimental results show that SINE provides the required integrity services to web pages while maintaining the standard caching mechanisms. Moreover, by taking advantage of caching, SINE shows a performance gain that reached a factor of 5 over SSL/TLS.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"213 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133574938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Cryptographic protocols to fight sinkhole attacks on tree-based routing in Wireless Sensor Networks 无线传感器网络树型路由中抗陷坑攻击的加密协议
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342246
Anthonis Papadimitriou, Fabrice Le Fessant, A. C. Viana, C. Sengul
{"title":"Cryptographic protocols to fight sinkhole attacks on tree-based routing in Wireless Sensor Networks","authors":"Anthonis Papadimitriou, Fabrice Le Fessant, A. C. Viana, C. Sengul","doi":"10.1109/NPSEC.2009.5342246","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342246","url":null,"abstract":"This work introduces two new cryptographic protocols of different complexity and strength in limiting network degradation caused by sinkhole attacks on tree-based routing topologies in Wireless Sensor Networks (WSNs). The main goal of both protocols is to provide continuous operation by improving resilience against, rather than detection of, these attacks. The main benefit of providing resilience is that it allows operating (or graceful degradation) in the presence of attacks. Furthermore, while resilience mechanisms do not dismiss detection mechanisms, detection mechanisms often introduce more complexity and so, more weaknesses to the system, which might not justify their benefits. We provide a simulation study of the two protocols for three different routing protocols, that encompass typical routing strategies used in WSN. The results of our simulation study show that our cryptographic protocols are effective in improving resilience against sinkhole attacks, even in the presence of some collusion.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127253698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 30
Information game of public firewall rules 公共防火墙规则的信息博弈
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342253
Qi Liao, Zhen Li, A. Striegel
{"title":"Information game of public firewall rules","authors":"Qi Liao, Zhen Li, A. Striegel","doi":"10.1109/NPSEC.2009.5342253","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342253","url":null,"abstract":"Firewalls are among the most important components in network security. Traditionally, the rules of the firewall are kept private under the assumption that privacy of the ruleset makes attacks on the network more difficult. We posit that this assumption is no longer valid in the Internet of today due to two factors: the emergence of botnets reducing probing difficulty and second, the emergence of distributed applications where private rules increase the difficulty of troubleshooting. We argue that the enforcement of the policy is the key, not the secrecy of the policy itself. In this paper, we demonstrate through the application of game theory that public firewall rules when coupled with false information (lying) are not only viable but actually better.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114164656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Project Bloom: Empowering the security research community through data products and computing Bloom项目:通过数据产品和计算增强安全研究社区的能力
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342252
Minaxi Gupta, Gregory R. Travis, D. A. Ripley, Douglous D. Pearson
{"title":"Project Bloom: Empowering the security research community through data products and computing","authors":"Minaxi Gupta, Gregory R. Travis, D. A. Ripley, Douglous D. Pearson","doi":"10.1109/NPSEC.2009.5342252","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342252","url":null,"abstract":"In order to execute Bloom, we need financial resources. The biggest resource required is personnel time to provision and maintain Bloom, offer data products, and collect feedback to improve the service. Further, even though Indiana University has committed much of the computing and storage infrastructure needed to realize it, access to those resources will not be exclusive for Bloom users. Hence, some addition to those resources is necessary to ensure that Bloom users can have dedicated sources and hence good quality of service.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125655553","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A high-performance capabilities-based network protocol 基于高性能功能的网络协议
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342257
T. Wolf, K. T. Vasudevan
{"title":"A high-performance capabilities-based network protocol","authors":"T. Wolf, K. T. Vasudevan","doi":"10.1109/NPSEC.2009.5342257","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342257","url":null,"abstract":"Capabilities-based networks present a fundamental shift in the security design of network architectures. Instead of permitting the transmission of packets from any source to any destination, routers deny forwarding by default. For a successful transmission, packets need to positively identify themselves and their permissions to the router. A major challenge for a high-performance implementation of such a network is an efficient design of the credentials that are carried in the packet and the verification procedure on the router. Based on our prior work on the design of packet credentials, we present a network protocol that implements these concepts. Our prototype implementation shows that there is some connection setup cost associated with this type of secure communication. However, once a connection is established, the throughput performance of a capabilities-based connection is similar to that of conventional TCP.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129443012","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Exploiting SIP for botnet communication 利用SIP进行僵尸网络通信
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342244
A. Berger, M. Hefeeda
{"title":"Exploiting SIP for botnet communication","authors":"A. Berger, M. Hefeeda","doi":"10.1109/NPSEC.2009.5342244","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342244","url":null,"abstract":"The Session Initiation Protocol (SIP) implements methods for generic service discovery and versatile messaging. It is, therefore, expected to be a key component in many telecommunication and Internet services. For example, the 3GPP IP Multimedia Subsystem relies heavily on SIP. Given its critical role, ensuring the security of SIP is clearly a crucial task. In this paper, we analyze the SIP protocol and show that it can easily be exploited to mount effective and large-scale botnets. We do this by scrutinizing the details of the SIP protocol and show how it offers a variety of ways to conceal botnet traffic within legitimate-looking SIP traffic. Using our analysis, we implement a SIP bot and present experimental results from a real testbed network. In addition, we employ traffic statistics collected from a large telecommunication provider and discuss the implications for both botnet design and detection. Finally, we present a software tool (called autosip) to generate synthetic traffic that resembles actual SIP traffic with different controllable characteristics. The proposed tool is quite useful for researchers working in the area who may not have access to traffic dumps from actual telecommunication providers.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127522270","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
On key agreement in wireless sensor networks based on radio transmission properties 基于无线电传输特性的无线传感器网络密钥协议研究
2009 5th IEEE Workshop on Secure Network Protocols Pub Date : 2009-12-01 DOI: 10.1109/NPSEC.2009.5342245
M. Wilhelm, I. Martinovic, J. Schmitt
{"title":"On key agreement in wireless sensor networks based on radio transmission properties","authors":"M. Wilhelm, I. Martinovic, J. Schmitt","doi":"10.1109/NPSEC.2009.5342245","DOIUrl":"https://doi.org/10.1109/NPSEC.2009.5342245","url":null,"abstract":"Recently, several research contributions have justified that wireless communication is not only a security burden. Its unpredictable and erratic nature can also be turned against an adversary and used to augment conventional security protocols, especially key agreement. In this paper, we are inspired by promising studies on such key agreement schemes, yet aim for releasing some of their limiting assumptions. We demonstrate the feasibility of our scheme within performance-limited wireless sensor networks. The central idea is to use the reciprocity of the wireless channel response between two transceivers as a correlated random variable. Doing so over several frequencies results in a random vector from which a shared secret is extracted. By employing error correction techniques, we are able to control the trade-off between the amount of secrecy and the robustness of our key agreement protocol. To evaluate its applicability, the protocol is implemented on MicaZ sensor nodes and analyzed in indoor environments. Further, these experiments provide insights into realistic channel behavior, available information entropy, and show a high rate of successful key agreements, up to 95 %.","PeriodicalId":307178,"journal":{"name":"2009 5th IEEE Workshop on Secure Network Protocols","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117037574","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信