发布求助
文献互助 智能选刊 最新文献

2008 European Conference on Computer Network Defense最新文献

筛选
英文 中文
Complexity Attack Resistant Flow Lookup Schemes for IPv6: A Measurement Based Comparison IPv6的抗复杂性攻击流查找方案:基于度量的比较
2008 European Conference on Computer Network Defense Pub Date : 2008-12-11 DOI: 10.1109/EC2ND.2008.9
D. Malone, R. J. Tobin
{"title":"Complexity Attack Resistant Flow Lookup Schemes for IPv6: A Measurement Based Comparison","authors":"D. Malone, R. J. Tobin","doi":"10.1109/EC2ND.2008.9","DOIUrl":"https://doi.org/10.1109/EC2ND.2008.9","url":null,"abstract":"In this paper we look at the problem of choosing a good flow statelookup scheme for IPv6 firewalls. We want to choose a scheme whichis fast when dealing with typical traffic, but whose performancewill not degrade unnecessarily when subject to a complexity attack.We demonstrate the existing problem and, using captured traffic,assess a number of replacement schemes that are hash and tree based.Our aim is to improve FreeBSD's ipfw firewall, and so finally weimplement the most promising replacement schemes. We show that eventhough they are more costly computationally, they do not noticeablydegrade IPv6 forwarding performance.","PeriodicalId":427583,"journal":{"name":"2008 European Conference on Computer Network Defense","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133266391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Architecture for Inline Anomaly Detection 一种内联异常检测体系结构
2008 European Conference on Computer Network Defense Pub Date : 2008-12-11 DOI: 10.1109/EC2ND.2008.8
Tammo Krueger, Christian Gehl, Konrad Rieck, P. Laskov
{"title":"An Architecture for Inline Anomaly Detection","authors":"Tammo Krueger, Christian Gehl, Konrad Rieck, P. Laskov","doi":"10.1109/EC2ND.2008.8","DOIUrl":"https://doi.org/10.1109/EC2ND.2008.8","url":null,"abstract":"In this paper we propose an intrusion prevention system (IPS) which operates inline and is capable to detect unknown attacks using anomaly detection methods. Incorporated in the framework of a packet filter each incoming packet is analyzed and -- according to an internal connection state and a computed anomaly score -- either delivered to the production system, redirected to a special hardened system or logged to a network sink for later analysis. Runtime measurements of an actual implementation prove that the performance overhead of the system is sufficient for inline processing. Accuracy measurements on real network data yield improvements especially in the number of false positives, which are reduced by a factor of five compared to a plain anomaly detector.","PeriodicalId":427583,"journal":{"name":"2008 European Conference on Computer Network Defense","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127298474","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Towards Next-Generation Botnets 迈向下一代僵尸网络
2008 European Conference on Computer Network Defense Pub Date : 2008-12-11 DOI: 10.1109/EC2ND.2008.11
R. Hund, M. Hamann, Thorsten Holz
{"title":"Towards Next-Generation Botnets","authors":"R. Hund, M. Hamann, Thorsten Holz","doi":"10.1109/EC2ND.2008.11","DOIUrl":"https://doi.org/10.1109/EC2ND.2008.11","url":null,"abstract":"In this paper, we introduce the design of an advanced bot called Rambot that is based on the weaknesses we found when tracking a diverse set of botnets over a period of several months. The main features of this bot are peer-to-peer communication, strong cryptography, a credit-point system to build bilateral trust amongst bots, and a proof-of-work scheme to protect against potential attacks. The goal of this work is to increase the understanding of more advanced botnet designs, such that more efficient detection and mitigation systems can be developed in the future.","PeriodicalId":427583,"journal":{"name":"2008 European Conference on Computer Network Defense","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125102141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 44
Reassembly of Fragmented JPEG Images Containing Restart Markers 包含重新启动标记的碎片化JPEG图像的重组
2008 European Conference on Computer Network Defense Pub Date : 2008-12-11 DOI: 10.1109/EC2ND.2008.10
Martin Karresand, N. Shahmehri
{"title":"Reassembly of Fragmented JPEG Images Containing Restart Markers","authors":"Martin Karresand, N. Shahmehri","doi":"10.1109/EC2ND.2008.10","DOIUrl":"https://doi.org/10.1109/EC2ND.2008.10","url":null,"abstract":"A fragmented JPEG image is currently not possible to reassemble without knowing the ordering of the fragments. This is a problem for the police when they search for illegal digital images. This paper presents a method to reassemble fragmented JPEG images containing restart markers. Empirical evaluations show that it is possible to reassemble images taken from a set containing fragments of several images.","PeriodicalId":427583,"journal":{"name":"2008 European Conference on Computer Network Defense","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130793297","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 42
WSIM: A Software Platform to Simulate All-Optical Security Operations 模拟全光安全操作的软件平台
2008 European Conference on Computer Network Defense Pub Date : 2008-12-11 DOI: 10.1109/EC2ND.2008.12
A. Krithinakis, L. Stroetmann, E. Athanasopoulos, G. Kopidakis, E. Markatos
{"title":"WSIM: A Software Platform to Simulate All-Optical Security Operations","authors":"A. Krithinakis, L. Stroetmann, E. Athanasopoulos, G. Kopidakis, E. Markatos","doi":"10.1109/EC2ND.2008.12","DOIUrl":"https://doi.org/10.1109/EC2ND.2008.12","url":null,"abstract":"Network throughput rates increase every day in contrast to electronic chip processingspeed and electronic I/O. Today's firewalls operate by using traditional electronic circuits just like any common PC. However, performing these operations in a fast fiber optics network on the scale of 40 Gbps is impossible. In this paper, we propose a novel system that is currently being researched and tries to perform the security operations of a firewall using optical components. We describe the basic limitations of the optical domain that make this project difficult to implement. We outline the basic software platform called WSIM which is a simulator that offers theoretical support of the project's feasibility. The marriage of an all-optical firewall with the traditional digital systems' architecture can offer significant benefits to the network from both a security and a performance perspective.","PeriodicalId":427583,"journal":{"name":"2008 European Conference on Computer Network Defense","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123446306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
PuppetCast: A Secure Peer Sampling Protocol PuppetCast:一个安全的对等抽样协议
2008 European Conference on Computer Network Defense Pub Date : 2008-12-11 DOI: 10.1109/EC2ND.2008.7
A. Bakker, M. van Steen
{"title":"PuppetCast: A Secure Peer Sampling Protocol","authors":"A. Bakker, M. van Steen","doi":"10.1109/EC2ND.2008.7","DOIUrl":"https://doi.org/10.1109/EC2ND.2008.7","url":null,"abstract":"PuppetCast is a protocol for secure peer sampling in large-scale distributed systems. A peer sampling protocol continuously provides each node in the system with a uniform random sample of the node population, and is animportant building block for gossip-based protocols for information dissemination, aggregation, load balancing and network management. Existing peer sampling protocols are either very vulnerable to attacks by malicious nodes, do not scale to large systems or provide only a static sample of the population. PuppetCast continues to operate when 50% (or more) of the nodes are acting maliciously, is shown to scale to systems of significant size and continuously provides new samples.","PeriodicalId":427583,"journal":{"name":"2008 European Conference on Computer Network Defense","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130915855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信