Monitoring Network Traffic with Radial Traffic Analyzer
|
|
- Shana Perkins
- 8 years ago
- Views:
Transcription
1 MonitoringNetworkTraffic withradialtrafficanalyzer DanielA.KeimFlorianMansmannJörnSchneidewindTobiasSchreck IEEESymposiumonVisualAnalyticsScienceandTechnology,2006 StefanHeinz SeminarVisualAnalytics SummerTerm2008
2 Motivation Internethasbecometheinformationmediumoffirst resort Eachhostonthenetworkfacesdifferentthreatsinthis environment Maliciouscode Denial of serviceattacks Attemptstohijackamachine
3 Motivation Howcanweidentifysuchthreats? Whatkindofdataistransferredbetweenmycomputer andothercomputersonthenetwork? localnetwork localhost internet
4 Motivation NetworkMonitoring Surveillanceofimportantperformancemetrics Goal:supervisefunctionality,detectandprevent potentialproblems,developeffectivecounter measuresforanomaliesandsabotage
5 DataSet Communicationdataiscomplex Largeamountsofdata Real timedata Interrelationshipsbetweencommunication connections Relationshipsmayvaryovertime
6 DataSet TechnicalBackground TCP/IPReferenceModel 1 ApplicationLayer 2 PresentationLayer 3 SessionLayer 4 TransportLayer 5 NetworkLayer 6 DataLinkLayer 7 PhysicalLayer 1 ApplicationLayer 2 PresentationLayer 3 SessionLayer 4 TransportLayer 5 NetworkLayer 6 DataLinkLayer 7 PhysicalLayer
7 DataSet TechnicalBackground TCP/IPReferenceModel 1 ApplicationLayer 2 PresentationLayer 3 SessionLayer 4 TransportLayer 5 NetworkLayer 6 DataLinkLayer 7 PhysicalLayer allowsmappingtoapplications packetlevel TCP,UDP IP Ports IP Address MAC Address 80(http)
8 DataSet Attributes Time SourceIPaddress&port DestinationIPaddress&port Payload
9 RelatedWork StephenLau TheSpinningCube ofpotentialdoom Communicationsof thacm,2004
10 RelatedWork AnitaKomledietal. AUser CentricLookat Glyph BasedSecurity Visualization IEEEWorkshopon Visualizationfor ComputerSecurity, 2005
11 RelatedWork StefanoForestietal. VisualCorrelationof NetworkAlerts. IEEEComputer Graphicsand Applications,2006
12 RelatedWork Howdoesthisapproachdifferfromtheseworks? Bringtogetherthecomplementingpiecesof information Easierreadingandinterpretation Easier to understandmetaphors
13 RadialTrafficAnalyzer Layout Attributesaremappedto differentrings Userselectsimportant attributestobedisplayed intheinnerrings Frominsidetooutsidethe attributesareused successivelyforgrouping andsorting
14 RadialTrafficAnalyzer Whyaradiallayout? Supportsbetterthetaskoffindingsuspiciouspatterns Userisnotmisguidedtoplacemoreimportanceonan itemduetoitspositionsontheleftorright
15 ColoringConcept Specialcolors Brightnessfor secure/unsecured Usesdistinctcolors foripadressesand ports
16 RadialTrafficAnalyzer Interactivity Positioningandthusimportancewithinthesorting ordercanbechangedusingdrag&dropoperations Tooltipsareusedtodisplaythefulllabelincaseof smallsegmentsandadditionalinformation(hostname, possibleapplicationprograms)
17 RadialTrafficAnalyzer Interactivity Detailedinformationforasegmentisaccessibleusing apopupmenu Differentmeasures:transferredbytes,numberof connections,numberofsessions Mouseclickfilters/discardsalltrafficwiththechosen attribute
18 RadialTrafficAnalyzer Flexibility
19 CombiningRTAwithGeospatialDisplays IdeaforHistoMap RetrievecountrynamesforIPaddressesusing Maxmind'sGeoIPDatabase Usesquarifiedtreemaplayout Sizeofrectanglescorrespondstotrafficvolume
20 CombiningRTAwithGeospatialDisplays
21 InteractiveExplorationofDataTrafficwith HierarchicalNetworkMaps FlorianMansmannSvetlanaVinnik IEEETransactionsonVisualizationandComputerGraphics,2006
22 HierarchicalNetworkMaps Displaythedistributionofsourceandtargetdatatraffic ofnetworknodes Visualizationofportactivity Alsoaspace fillingtechniquetreemap
23 HierarchicalNetworkMaps
24 HierarchicalNetworkMaps Layout Squarifiedtreemap Togetanalmoststaticmaplayout,thetotalsizeofthe networkanditscomponentsisused(userorientation) Nodesoncontinentandcountrylevelpreservetheir relativegeographicalposition NodesontheotherlevelsaresortedbyIPaddresses
25 HierarchicalNetworkMaps
26 HierarchicalNetworkMaps
27 HierarchicalNetworkMaps Filters Typeofload(packetssent,receivedortotal) Timeframe Portorportcluster Protocol
28 HierarchicalNetworkMaps Largeamountsofdata Itturnedouttobeinfeasibletoprocesstheentire networkdata Aggregationentrieswereused(#sessions,#packets transferred,bytestransferred) Usageofdatawarehousetechniques(OLAPcubes) SplitthelogintoaShortTermLog,MiddleTermLogand LongTermLog
29 HierarchicalNetworkMaps DescendingtothePixelLevel
30 HierarchicalNetworkMaps Interaction Usercanchoosewhichregionofthenetworkshould beinvestigatedfurther Drill down/roll up Additionalinformationviapopupmenu(interactive time,host,andportactivitydiagrams)
31 HierarchicalNetworkMaps
32 HierarchicalNetworkMaps Pros Integrationofgeographicalinformationwithaclever layout Nicedataoverview Cons Needsalotofdisplayspacedependingonthe granularitylevel Integrationofdetails
33 CombiningRTAwithGeospatialDisplays
34 RadialTrafficAnalyzer Animationovertime
35 RadialTrafficAnalyzer Animationovertime
36 RadialTrafficAnalyzer Animationovertime
37 RadialTrafficAnalyzer Animationovertime
38 RadialTrafficAnalyzer Classification
39 RadialTrafficAnalyzer Pros Easymetaphor(e.g.fastperceptionofthetraffic composition) Goodcolorscheme Combinationofmachinetechniquesandhuman capabilities
40 RadialTrafficAnalyzer Cons Displayspace/useoftooltips(especiallywhen displayingbothvisualizationsatonce) Noexplanationofthedatapreprocessingand performance
41 Summary
Chapter 32 Internet Security
Chapter 32 Internet Security Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 32: Outline 32.1 NETWORK-LAYER SECURITY 32.2 TRANSPORT-LAYER SECURITY 32.3
More informationNetwork Management & Security (CS 330) RMON
Network Management & Security (CS 330) RMON Dr. Ihsan Ullah Department of Computer Science & IT University of Balochistan, Quetta Pakistan November 08, 2013 CS 330 RMON 1/13 1 / 13 Outline Remote Network
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationIP Filter/Firewall Setup
IP Filter/Firewall Setup Introduction The IP Filter/Firewall function helps protect your local network against attack from outside. It also provides a method of restricting users on the local network from
More informationOpen System Interconnection (OSI) Protocols
CHAPTER 32 Open System Interconnection (OSI) Protocols Background The Open System Interconnection (OSI) protocol suite is comprised of numerous standard protocols that are based on the OSI reference model.
More informationOSI Protocols. Background. Technology Basics. Media Access CHAPTER
CHAPTER 20 OSI Protocols Background In the early days of intercomputer communication, networking software was created in a haphazard, ad hoc fashion. When networks grew sufficiently popular, the need to
More informationFirewalls. Network Security. Firewalls Defined. Firewalls
Network Security Firewalls Firewalls Types of Firewalls Screening router firewalls Computer-based firewalls Firewall appliances Host firewalls (firewalls on clients and servers) Inspection Methods Firewall
More informationGuideline on Firewall
CMSGu2014-02 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Firewall National Computer Board Mauritius Version 1.0 June
More informationCSE 4482 Computer Security Management: Assessment and Forensics. Protection Mechanisms: Firewalls
CSE 4482 Computer Security Management: Assessment and Forensics Protection Mechanisms: Firewalls Instructor: N. Vlajic, Fall 2013 Required reading: Management of Information Security (MIS), by Whitman
More informationHow To Set Up Mybpx Security Configuration Guide V1.2.2 (V1.3.2) On A Pc Or Mac)
MyPBX Security Configuration Guide Version: V1.2 Date: October 15 th, 2012 Yeastar Technology Co., Ltd. http://www.yeastar.com 1/11 Contents 1. Security Configuration for Web GUI... 3 1.1 Change the default
More informationCYBER SCIENCE 2015 AN ANALYSIS OF NETWORK TRAFFIC CLASSIFICATION FOR BOTNET DETECTION
CYBER SCIENCE 2015 AN ANALYSIS OF NETWORK TRAFFIC CLASSIFICATION FOR BOTNET DETECTION MATIJA STEVANOVIC PhD Student JENS MYRUP PEDERSEN Associate Professor Department of Electronic Systems Aalborg University,
More informationCisco PIX vs. Checkpoint Firewall
Cisco PIX vs. Checkpoint Firewall Introduction Firewall technology ranges from packet filtering to application-layer proxies, to Stateful inspection; each technique gleaning the benefits from its predecessor.
More informationApplication-layer protocols
Application layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Learn about protocols by examining popular application-level protocols HTTP DNS Application-layer
More informationEconomic Indicators Division Henock Kebede October 20, 2015
USA usatrade.census.gov ONLINE Economic Indicators Division Henock Kebede October 20, 2015 CUSTOMERS Small Businesses Manufacturers Local and State Governments Federal Government Agencies Congress and
More informationCS 4803 Computer and Network Security
Network layers CS 4803 Computer and Network Security Application Transport Network Lower level Alexandra (Sasha) Boldyreva IPsec 1 2 Roughly Application layer: the communicating processes themselves and
More informationZENworks 11 Support Pack 4 HTTP Proxy Reference. May 2016
ZENworks 11 Support Pack 4 HTTP Proxy Reference May 2016 Legal Notices For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights,
More informationLab 8.4.2 Configuring Access Policies and DMZ Settings
Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set
More informationChapter 11 Cloud Application Development
Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How
More informationSecurity threats and network. Software firewall. Hardware firewall. Firewalls
Security threats and network As we have already discussed, many serious security threats come from the networks; Firewalls The firewalls implement hardware or software solutions based on the control of
More informationChapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)
Chapter 3 TCP/IP Networks 3.1 Internet Protocol version 4 (IPv4) Internet Protocol version 4 is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely
More informationProtocol Security Where?
IPsec: AH and ESP 1 Protocol Security Where? Application layer: (+) easy access to user credentials, extend without waiting for OS vendor, understand data; (-) design again and again; e.g., PGP, ssh, Kerberos
More informationBypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited
Bypassing Firewall @ PISA AGM Theme Seminar 2005 Presented by Ricky Lou Zecure Lab Limited Firewall Piercing (Inside-Out Attacks) Disclaimer We hereby disclaim all responsibility for the following hacks.
More informationFirewall. User Manual
Firewall User Manual 1 IX. Firewall This chapter introduces firewall general policy, access rule, and content filter settings to ensure network security. 9.1 General Policy The firewall is enabled by default.
More informationNetwork Traffic Evolution. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig
Network Traffic Evolution Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig 1 Example trace Name port % bytes % packets bytes per packet world-wide-web 80???????????? netnews 119???????????? pop-3 mail 110????????????...
More informationRID-DoS: Real-time Inter-network Defense Against Denial of Service Attacks. Kathleen M. Moriarty. MIT Lincoln Laboratory.
: Real-time Inter-network Defense Against Denial of Service Attacks Kathleen M. Moriarty 22 October 2002 This work was sponsored by the Air Force Contract number F19628-00-C-002. Opinions, interpretations,
More information!NAVSEC':!A!Recommender!System!for!3D! Network!Security!Visualiza<ons!
!:!A!Recommender!System!for!3D! Network!Security!Visualiza
More informationNetwork Address Translation (NAT)
Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT. Taken from http://www.cs.virginia.edu/~itlab/ book/slides/module17-nat.ppt 1 Private Network Private IP network
More informationInternet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering
Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch
More informationProxySG TechBrief Implementing a Reverse Proxy
ProxySG TechBrief Implementing a Reverse Proxy What is a reverse proxy? The Blue Coat ProxySG provides the basis for a robust and flexible Web communications solution. In addition to Web policy management,
More information12. Firewalls Content
Content 1 / 17 12.1 Definition 12.2 Packet Filtering & Proxy Servers 12.3 Architectures - Dual-Homed Host Firewall 12.4 Architectures - Screened Host Firewall 12.5 Architectures - Screened Subnet Firewall
More informationWeb Application Level Approach against the HTTP Flood Attacks IOSEC HTTP Anti Flood/DoS Security Gateway Module
Web Application Level Approach against the HTTP Flood Attacks IOSEC HTTP Anti Flood/DoS Security Gateway Module While HTTP Flood and DoS attacks are spreading nowadays, there is a new attack surface reduction
More informationOn-Premises DDoS Mitigation for the Enterprise
On-Premises DDoS Mitigation for the Enterprise FIRST LINE OF DEFENSE Pocket Guide The Challenge There is no doubt that cyber-attacks are growing in complexity and sophistication. As a result, a need has
More informationNetwork Management Functions RMON1, RMON2. Network Management
Network Management Functions RMON1, RMON2 Network Management 30.5.2013 1 Lectures Schedule Week Week 1 Topic Computer Networks - Network Management Architectures & Applications Week 2 Network Management
More informationBusiness Case for a DDoS Consolidated Solution
Business Case for a DDoS Consolidated Solution Executive Summary Distributed denial-of-service (DDoS) attacks are becoming more serious and sophisticated. Attack motivations are increasingly financial
More informationEnterprise Network Management. March 4, 2009
Automated Service Discovery for Enterprise Network Management Stony Brook University sty March 4, 2009 1 Motivation shutdown unplug what happen when a network device is unplugged df for maintenance? 2
More informationThe Transport Layer. Antonio Carzaniga. October 24, 2014. Faculty of Informatics University of Lugano. 2005 2007 Antonio Carzaniga
The Transport Layer Antonio Carzaniga Faculty of Informatics University of Lugano October 24, 2014 Outline Basic concepts in transport-layer protocols Multiplexing/demultiplexing UDP message format Reliable
More informationFirewall Testing Methodology W H I T E P A P E R
Firewall ing W H I T E P A P E R Introduction With the deployment of application-aware firewalls, UTMs, and DPI engines, the network is becoming more intelligent at the application level With this awareness
More informationFirewall Introduction Several Types of Firewall. Cisco PIX Firewall
Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls
More informationAppendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003
http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with
More informationFlow Analysis Versus Packet Analysis. What Should You Choose?
Flow Analysis Versus Packet Analysis. What Should You Choose? www.netfort.com Flow analysis can help to determine traffic statistics overall, but it falls short when you need to analyse a specific conversation
More informationInternet Traffic Measurement
Internet Traffic Measurement Internet Traffic Measurement Network Monitor Placement Measurement Analysis Tools Measurement Result Reporting Probing Mechanism Vantage Points Edge vs Core Hardware vs Software
More informationDragonframe License Manager User Guide Version 1.2.2
Dragonframe License Manager User Guide Version 1.2.2 The Dragonframe License Manager (DFLM) provides floating license management for Dragonframe 3.0 and above. You must contact support (support@dragonframe.com)
More informationCover. White Paper. (nchronos 4.1)
Cover White Paper (nchronos 4.1) Copyright Copyright 2013 Colasoft LLC. All rights reserved. Information in this document is subject to change without notice. No part of this document may be reproduced
More informationCMPSCI 453 Computer Networking. Professor V. Arun Department of Computer Science University of Massachusetts Amherst
CMPSCI 453 Computer Networking Professor V. Arun Department of Computer Science University of Massachusetts Amherst 1 What is this course about? introductory (first) course in computer networking q learn
More informationSummer Internship 2013
Summer Internship 2013 Group IV - Enhancement of Jmeter Week 4 Report 1 9 th June 2013 Shekhar Saurav Report on Configuration Element Plugin 'SMTP Defaults' Configuration Elements or config elements are
More informationCisco IOS Flexible NetFlow Technology
Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application
More informationMonitor network traffic in the Dashboard tab
As a network analyzer (aka. packet sniffer & protocol analyzer), Capsa makes it easy for us to monitor and analyze network traffic in its intuitive and information-rich tab views. With Capsa's network
More informationGiganet Cloud Managed Security as a Service
Giganet Cloud Managed Security as a Service The Internet is so slow! Am I getting the right bandwidth?? These are common questions and issues familiar to ISPs and subscribers. ISPs and subscribers have
More informationCOMPUTER NETWORKING PRIMER
COMPUTER NETWORKING PRIMER To help you understand the uses and benefits of Novell products, this primer explains basic computer networking concepts and technology and also introduces computer networking
More informationThe question becomes, How does the competent Windows IT professional open up their print server to their Mac clients?
INTRODUCTION With the number of Macs growing, especially in the academic and consumer fields the need to support them has become a must have for many existing Windows environments. The question becomes,
More informationDarstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03
Darstellung Unterschied ZyNOS Firmware Version 4.02 => 4.03 1 - ZyWALL Firmware v4.03 Enhancement (1) - Content Filter Support for Multiple Policies : : November 14, 2007 2 - ZyWALL Firmware v4.03 Enhancement
More informationConfiguring Network Load Balancing with Cerberus FTP Server
Configuring Network Load Balancing with Cerberus FTP Server May 2016 Version 1.0 1 Introduction Purpose This guide will discuss how to install and configure Network Load Balancing on Windows Server 2012
More informationDATA MINING TOOL FOR INTEGRATED COMPLAINT MANAGEMENT SYSTEM WEKA 3.6.7
DATA MINING TOOL FOR INTEGRATED COMPLAINT MANAGEMENT SYSTEM WEKA 3.6.7 UNDER THE GUIDANCE Dr. N.P. DHAVALE, DGM, INFINET Department SUBMITTED TO INSTITUTE FOR DEVELOPMENT AND RESEARCH IN BANKING TECHNOLOGY
More informationFlow Visualization Using MS-Excel
Flow Visualization Using MS-Excel Visualization for the Common Man Presented by Lee Rock and Jay Brown US-CERT Analysts Einstein Program Background US-CERT Mission Einstein Program > Large volumes of traffic
More informationHTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief
ProxySG TechBrief Reverse Proxy with SSL What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the basis for a robust and flexible reverse proxy solution. In addition to web policy management,
More informationStateful Inspection Technology
Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions
More informationNew Products and New Features May, 2015
NetAcquire Server 8 New Products and New Features May, 2015 1. Includes all NetAcquire 7.6 and earlier enhancements 2. Runs on a new real-time operating system: NetAcquire Deterministic Linux (NDL) a.
More informationProtection and Security [supplemental] 1. Network Firewalls
Protection and Security [supplemental] 1 Network Firewalls How to connect a trusted computer system to an untrusted network? Put a firewall between the trusted (system or systems) and the untrusted. All
More informationAn apparatus for P2P classification in Netflow traces
An apparatus for P2P classification in Netflow traces Andrew M Gossett, Ioannis Papapanagiotou and Michael Devetsikiotis Electrical and Computer Engineering, North Carolina State University, Raleigh, USA
More informationInnovative, High-Density, Massively Scalable Packet Capture and Cyber Analytics Cluster for Enterprise Customers
Innovative, High-Density, Massively Scalable Packet Capture and Cyber Analytics Cluster for Enterprise Customers The Enterprise Packet Capture Cluster Platform is a complete solution based on a unique
More informationTable of Contents. Cisco Blocking Peer to Peer File Sharing Programs with the PIX Firewall
Table of Contents Blocking Peer to Peer File Sharing Programs with the PIX Firewall...1 Document ID: 42700...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...1 Conventions...2 PIX
More informationReverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006
Reverse Shells Enable Attackers To Operate From Your Network Richard Hammer August 2006 Reverse Shells? Why should you care about reverse shells? How do reverse shells work? How do reverse shells get installed
More informationHadoop Technology for Flow Analysis of the Internet Traffic
Hadoop Technology for Flow Analysis of the Internet Traffic Rakshitha Kiran P PG Scholar, Dept. of C.S, Shree Devi Institute of Technology, Mangalore, Karnataka, India ABSTRACT: Flow analysis of the internet
More informationScan Report Executive Summary. Part 2. Component Compliance Summary IP Address : 69.43.165.11
Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: rsync.net ASV Company: Comodo CA Limited 06-02-2015 Scan expiration date: 08-31-2015 Part 2. Component
More informationNetwork Security: A Practical Approach. Jan L. Harrington
Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of
More informationIPSec or SSL VPN? Copyright 2004 Juniper Networks, Inc. www.juniper.net 1
IPSec or SSL VPN? Copyright 2004 Juniper Networks, Inc. www.juniper.net 1 Copyright 2004 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 2 The Traditional Extended Enterprise Fixed
More informationCSCI 7000-001 Firewalls and Packet Filtering
CSCI 7000-001 Firewalls and Packet Filtering November 1, 2001 Firewalls are the wrong approach. They don t solve the general problem, and they make it very difficult or impossible to do many things. On
More informationIDS / IPS. James E. Thiel S.W.A.T.
IDS / IPS An introduction to intrusion detection and intrusion prevention systems James E. Thiel January 14, 2005 S.W.A.T. Drexel University Overview Intrusion Detection Purpose Types Detection Methods
More informationFigure 41-1 IP Filter Rules
41. Firewall / IP Filter This function allows user to enable the functionality of IP filter. Both inside and outside packets through router could be decided to allow or drop by supervisor. Figure 41-1
More informationNetwork Security Topologies. Chapter 11
Network Security Topologies Chapter 11 Learning Objectives Explain network perimeter s importance to an organization s security policies Identify place and role of the demilitarized zone in the network
More informationComputer Networks. A Top-Down Approach. Behrouz A. Forouzan. and. Firouz Mosharraf. \Connect Mc \ Learn. Hill
Computer Networks A Top-Down Approach Behrouz A. Forouzan and Firouz Mosharraf \Connect Mc \ Learn Graw I Succeed* Hill Preface xvii Trademarks xxiii Chapter 1 Introduction 1 1.1 OVERVIEW OF THE INTERNET
More informationFirewalls, NAT and Intrusion Detection and Prevention Systems (IDS)
Firewalls, NAT and Intrusion Detection and Prevention Systems (IDS) Internet (In)Security Exposed Prof. Dr. Bernhard Plattner With some contributions by Stephan Neuhaus Thanks to Thomas Dübendorfer, Stefan
More informationCSCI 454/554 Computer and Network Security. Topic 8.1 IPsec
CSCI 454/554 Computer and Network Security Topic 8.1 IPsec Outline IPsec Objectives IPsec architecture & concepts IPsec authentication header IPsec encapsulating security payload 2 IPsec Objectives Why
More informationProxy Server, Network Address Translator, Firewall. Proxy Server
Proxy Server, Network Address Translator, Firewall 1 Proxy Server 2 1 Introduction What is a proxy server? Acts on behalf of other clients, and presents requests from other clients to a server. Acts as
More informationDDoS Protection Technology White Paper
DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of
More informationCloudvue Remote Desktop Client GUI User Guide
Cloudvue Remote Desktop Client GUI User Guide I. To connect to a Windows server - After power up, the login screen will be displayed. A. Auto Search/User Defined Use Auto Search to find available Windows
More informationCOMP416 Lab (1) Wireshark I. 23 September 2013
COMP416 Lab (1) Wireshark I 23 September 2013 2 Before the lab Review the content of communication architecture. Review TCP/IP model and protocol suite. Understand data transferring, layering, and encapsulation/demultiplexing.
More informationFlashback: Internet design goals. Security Part Two: Attacks and Countermeasures. Security Vulnerabilities. Why did they leave it out?
Flashback: Internet design goals Security Part Two: Attacks and Countermeasures 1. Interconnection 2. Failure resilience 3. Multiple types of service 4. Variety of networks 5. Management of resources 6.
More informationVoice Over IP and Firewalls
Introduction Voice Over IP and Firewalls By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Use of Voice Over IP (VoIP) in enterprises is becoming more and more
More information02 Internet!= Web. Internet Technology. MSc in Communication Sciences 2010-11 Program in Technologies for Human Communication.
di scienze MSc in Communication Sciences 2010-11 Program in Technologies for Human Communication Davide Eynard nternet Technology 02 nternet!= Web di scienze 2 The client-server model When you use an nternet-based
More informationSAP WEB DISPATCHER Helps you to make decisions on Web Dispatcher implementation
A BasisOnDemand.com White Paper SAP WEB DISPATCHER Helps you to make decisions on Web Dispatcher implementation by Prakash Palani Table of Contents 1. Purpose... 3 2. What is Web Dispatcher?... 3 3. Can
More informationIntroduction. Interoperability & Tools Group. Existing Network Packet Capture Tools. Challenges for existing tools. Microsoft Message Analyzer
Introduction Interoperability & Tools Group Existing Network Packet Capture Tools Challenges for existing tools Microsoft Message Analyzer Slide 2 Interop and Tools What we do Part of Windows Server Org
More informationOn-Net Surveillance Systems, Inc. Triggering Software Generic Events from the Windows Scheduler
Triggering Software Generic Events from the Windows Scheduler Background OnSSI s NetDVR and NetDVMS NVR software platforms have the ability to change certain settings based on external events. As an example,
More informationNEC contribution to OpenDaylight: Virtual Tenant Network (VTN)
NEC contribution to OpenDaylight: Virtual Tenant Network (VTN) June. 2013 NEC Page 1 Agenda OpenDaylight Virtual Tenant Network - VTN Model Live Demo VTN Implementation Page 2 OpenDaylight Virtual Tenant
More informationDigi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering
Introduction Digi Connect Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering The Digi Connect supports five features which provide security and IP traffic forwarding when using incoming
More informationLarge-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop
Large-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop R. David Idol Department of Computer Science University of North Carolina at Chapel Hill david.idol@unc.edu http://www.cs.unc.edu/~mxrider
More informationAnalysis of Communication Patterns in Network Flows to Discover Application Intent
Analysis of Communication Patterns in Network Flows to Discover Application Intent Presented by: William H. Turkett, Jr. Department of Computer Science FloCon 2013 January 9, 2013 Port- and payload signature-based
More informationAre Second Generation Firewalls Good for Industrial Control Systems?
Are Second Generation Firewalls Good for Industrial Control Systems? Bernie Pella, CISSP Schneider Electric Cyber Security Services bernie.pella@schneider-electric.com Firewall Overview Firewalls provide
More informationENSC 427: Communication Networks
Spring 2012 ENSC 427: Communication Networks Creating a Secure Network through Firewalls and Virtual Private Networks http://www.sfu.ca/~msa102 Team #2 Maxim Soleimani-Nouri Andy Cheng Saman Mehdizadeh
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More information1/5/2014. Objectives. Performance Evaluation of Computer Networks. Contents WHY? NETWORK MEASUREMENT. Why Network Measurement. Why Network Measurement
, 2013 Performance Evaluation of Computer Networks Week 9 (Part 1) Performance Measurement Objectives Appreciate the role of measurement in building and maintaining high-performance TCP/IP networks Explain
More informationPerformance Evaluation of Computer Networks
, 2013 Performance Evaluation of Computer Networks Week 9 (Part 1) Performance Measurement Mujdat Soyturk, Ph.D. Asst. Prof. Objectives Appreciate the role of measurement in building and maintaining high-performance
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationSmart Network Access System SmartNA 10 Gigabit Aggregating Filtering TAP
Smart Network Access System SmartNA 10 Gigabit Aggregating Filtering TAP Gain Access and Visibility to your 10 Gigabit Links Today! 10 Gigabit SR or LR Passive Optical TAP or connect two (2) 10 Gigabit
More informationAutomated Service Discovery for Enterprise Network Management
Automated Service Discovery for Enterprise Network Management William Tu, Priya Thangaraj, Jui-hao Chiang Professor Tzi-cker Chiueh CEWIT Stony Brook University March 8, 2009 1 Introductin A key pillar
More informationOverview - Using ADAMS With a Firewall
Page 1 of 6 Overview - Using ADAMS With a Firewall Internet security is becoming increasingly important as public and private entities connect their internal networks to the Internet. One of the most popular
More informationTrends and Differences in Connection-behavior within Classes of Internet Backbone Traffic
MonNet a project for network and traffic monitoring Trends and Differences in Connection-behavior within Classes of Internet Backbone Traffic Wolfgang John, Sven Tafvelin and Tomas Olovsson Department
More informationOLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS
OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS Eric Vyncke (@evyncke) Cisco Session ID: ARCH W01 Session Classification: Advanced Agenda Status of WorldWide IPv6 Deployment IPv6 refresher:
More informationIntroduction to Wireshark Network Analysis
Introduction to Wireshark Network Analysis Page 2 of 24 Table of Contents INTRODUCTION 4 Overview 4 CAPTURING LIVE DATA 5 Preface 6 Capture Interfaces 6 Capture Options 6 Performing the Capture 8 ANALYZING
More informationQuantum Hyper- V plugin
Quantum Hyper- V plugin Project blueprint Author: Alessandro Pilotti Version: 1.0 Date: 01/10/2012 Hyper-V reintroduction in OpenStack with the Folsom release was primarily focused
More information