IU-ATC Network Security and Resilience Monitoring (Theme 4)
|
|
- Delilah Fitzgerald
- 8 years ago
- Views:
Transcription
1 IU-ATC Network Security and Resilience Monitoring (Theme 4) Policy-driven Resilience Simulator Alberto Schaeffer-Filho, Paul Smith and Andreas Mauthe Lancaster University India-UK Centre of Excellence in Next Generation Networks EPSRC-DST Project Workshop, Mysore January 25 th -26 th, 2011
2 Introduction Basic idea Difficult to evaluate resilience strategies Involve the interplay between a number of detection and remediation mechanisms Must be activated on demand, according to events observed in the network Integrate network simulator and Policy framework Simulation of policy-based resilience strategies Policies applied based on conditions observed during run-time High link utilisation Malicious attacks Equipment failures Observe how policies affect operation of simulated components Understand how real policies affect the operation of resilience mechanisms Evaluate resilience strategies before deployment in the network, e.g. routers Gamer & Mayer, 2009: Integrated detection mechanisms into network simulator Our work is complementary, but focuses on remediation 2
3 Policy-based Management Management of network components in the infrastructure Decouple hard-wired implementation from the management strategy Modify management strategy without interrupting system operation Reconfiguration of operational parameters Dynamic activation/deactivation of mechanisms P. Smith, A. Schaeffer-Filho, A. Ali, M. Schöller, N. Kheir, A. Mauthe and D. Hutchison. "Strategies for Network Resilience: Capitalising on Policies". In: 4th International Conference on Autonomous Infrastructure, Management and Security (AIMS 2010), Springer, ser. LNCS. Zurich, Switzerland. June
4 Policy-driven Network Simulation Objects in simulation can be manipulated Setting flags, dropping connections, adding extra delay to packets, etc Evaluate effects of remediation mechanisms Integration techniques (Mayer & Gamer, 2008) Socket connection Sockets in simulation connect to third-party app No source code changes CPU/synchronisation problems Source code integration Only for simple applications No time distortions Difficult due to build dependencies Shared libraries Similar to source code integration Separated building environments Thread scheduling problems A. Schaeffer-Filho, P. Smith and A. Mauthe. Policy-driven Network Simulation: a Resilience Case Study. To appear in: 26th ACM Symposium on Applied Computing (SAC 2011), ACM, Taichung, Taiwan. March
5 Network Simulators NS-2 High coupling between C++ and Otcl, steep learning curve, poor scalability Extensible library of public available network models NS-3 Major revision, focus on scalability, extensibility and modularity Still short of network models OMNeT++ Modular, extensible Good scalability and large library of network models SSFNet Implementations both in Java and C++, large number of models Discontinued in 2004 OPNET Source code of simulator is not publicly available Hard to extend to implement resilience mechanisms 5
6 Prototype Integration between OMNeT++/SSFNet and Ponder2 framework Ponder2 Both obligation and authorisation policies Policies written in terms of managed objects, kept in a domain structure Different communication protocols supported, e.g. RMI, HTTP Command interpreter and PonderTalk for configuration and control OMNeT++ Modelling and simulation of networks at and above link layer Realistic topologies, generation of background and attack traffic (ReaSE) Self-similar behaviour: different traffic profiles, such as Web traffic, name server traffic, and streaming traffic Resilience mechanisms: instrumented objects in the simulation Link monitor, flow exporter, rate limiter, IDS, etc Mechanisms export a management interface as a call-back proxy 6
7 Prototype Integration between OMNeT++/SSFNet and Ponder2 framework Instrumented objects in the simulation Most are additions to the standard Router module Integration based on XMLRPC Simulation platform that permits Experiment different topologies Analysis of anomaly scenarios Implement resilience strategies adapttohigh := factory/ecapolicy create. adapttohigh event: event/highutil. adapttohigh condition: [ :value value >= 75 ]. adapttohigh action: [rate_limiter_xyz setbitrate: ]. 7
8 Prototype Policy-based DDoS remediation Topology: 2 stub Autonomous Systems connected by 1 transit AS Victim AS attacked by 35 DDoSZombie hosts 1000 hosts generate background traffic to a number of other servers Resilience functions carried out at the edge of the AS network Progressive detection and tailored remediation of the attack Attack starts Rate limit the entire link Rate limit all traffic towards the victim Rate limit only the attack flow All attack flows is successfully classified 8
9 Demonstration Instructions online Download, installation, running (OMNeT++ & Ponder2) Straightforward to change policies in Ponder2 Activate/deactivate policies Adapt their thresholds Observe how these different policies adapt the network behaviour More interesting extensions Development of additional policy-enabled modules Available at: hosted/resilience/policy-resilience-simulator/ 9
10 Related Publications C. Peoples, G. Parr, A. Schaeffer-Filho and A. Mauthe, Towards the Simulation of Energy- Efficient Resilience Management. To appear in: 4th International ICST Conference on Simulation Tools and Techniques (SIMUTools 2011), ACM/ICST, Barcelona, Spain. March A. Schaeffer-Filho, P. Smith and A. Mauthe. Policy-driven Network Simulation: a Resilience Case Study. To appear in: 26th ACM Symposium on Applied Computing (SAC 2011), ACM, Taichung, Taiwan. March P. Smith, A. Schaeffer-Filho, A. Ali, M. Schöller, N. Kheir, A. Mauthe and D. Hutchison. "Strategies for Network Resilience: Capitalising on Policies". In: 4th International Conference on Autonomous Infrastructure, Management and Security (AIMS 2010), Springer, ser. LNCS. Zurich, Switzerland. June A. Ali, A. Schaeffer-Filho, P. Smith and D. Hutchison. "Justifying a Policy Based Approach for DDoS Remediation: A Case Study". In: 11th Annual PostGraduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting (PGNet 2010), Liverpool, UK. June
Service Level AgreementMonitoring for Resilience in Computer Networks
Service Level AgreementMonitoring for Resilience in Computer Networks Noor-ul-hassan Shirazi, Alberto Schaeffer-Filho and David Hutchison School of Computing and Communications InfoLab21, Lancaster University
More informationNetwork Resilience. From Concepts to Experimentation. FIRE Research Workshop - May 16 th 2011
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Resilience From Concepts to Experimentation FIRE Research Workshop - May 16 th 2011 Georg Carle, TU
More informationDistack. Towards Understanding the Global Behavior of DDoS Attacks A Framework for Distributed Attack Detection and Beyond
Distack Towards Understanding the Global Behavior of DDoS Attacks A Framework for and Beyond Thomas Gamer, Christoph P. Mayer, Martina Zitterbart 29. Aug 2008, EURECOM, France, (TH) Karlsruhe Institute
More informationNetwork Resilience & DDoS attacks
Network Resilience & DDoS attacks Paul Smith School of Computing and Communications Lancaster University p.smith@comp.lancs.ac.uk The ResiliNets Group @ Lancaster http://www.comp.lancs.ac.uk/resilience
More informationJustifying a Policy Based Approach for DDoS Remediation: A Case Study
Justifying a Policy Based Approach for DDoS Remediation: A Case Study Azman Ali, Alberto Schaeffer-Filho, Paul Smith and David Hutchison Computing Department, Lancaster University, UK {a.ali, asf, p.smith,
More informationSecurity Challenges & Opportunities in Software Defined Networks (SDN)
Security Challenges & Opportunities in Software Defined Networks (SDN) June 30 th, 2015 SEC2 2015 Premier atelier sur la sécurité dans les Clouds Nizar KHEIR Cyber Security Researcher Orange Labs Products
More informationTesting Network Security Using OPNET
Testing Network Security Using OPNET Agustin Zaballos, Guiomar Corral, Isard Serra, Jaume Abella Enginyeria i Arquitectura La Salle, Universitat Ramon Llull, Spain Paseo Bonanova, 8, 08022 Barcelona Tlf:
More informationA Multilevel Approach Towards Challenge Detection in Cloud Computing
1 A Multilevel Approach Towards Challenge Detection in Cloud Computing A Multilevel Approach Towards Challenge Detection in Cloud Computing Noorulhassan Shirazi, Michael R. Watson, Angelos K. Marnerides,
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationLarge-scale Evaluation of Distributed Attack Detection
Large-scale Evaluation of Distributed Attack Detection Thomas Gamer Institute of Telematics Universität Karlsruhe (TH) Germany gamer@tm.uka.de Christoph P. Mayer Institute of Telematics Universität Karlsruhe
More informationChapter 2 TOPOLOGY SELECTION. SYS-ED/ Computer Education Techniques, Inc.
Chapter 2 TOPOLOGY SELECTION SYS-ED/ Computer Education Techniques, Inc. Objectives You will learn: Topology selection criteria. Perform a comparison of topology selection criteria. WebSphere component
More informationA Novel Packet Marketing Method in DDoS Attack Detection
SCI-PUBLICATIONS Author Manuscript American Journal of Applied Sciences 4 (10): 741-745, 2007 ISSN 1546-9239 2007 Science Publications A Novel Packet Marketing Method in DDoS Attack Detection 1 Changhyun
More informationExperimentation driven traffic monitoring and engineering research
Experimentation driven traffic monitoring and engineering research Amir KRIFA (Amir.Krifa@sophia.inria.fr) 11/20/09 ECODE FP7 Project 1 Outline i. Future directions of Internet traffic monitoring and engineering
More informationA System for in-network Anomaly Detection
A System for in-network Anomaly Detection Thomas Gamer Institut für Telematik, Universität Karlsruhe (TH), Germany Abstract. Today, the Internet is used by companies frequently since it simplifies daily
More informationGuide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst
INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst This Center for Internet Security
More informationA REPORT ON ANALYSIS OF OSPF ROUTING PROTOCOL NORTH CAROLINA STATE UNIVERSITY
A REPORT ON ANALYSIS OF OSPF ROUTING PROTOCOL Using OPNET 14.5 Modeler NORTH CAROLINA STATE UNIVERSITY SUBMITTED BY: SHOBHANK SHARMA ssharma5@ncsu.edu Page 1 ANALYSIS OF OSPF ROUTING PROTOCOL A. Introduction
More informationTools for Peer-to-Peer Network Simulation
Tools for Peer-to-Peer Network Simulation draft-irtf-p2prg-core-simulators-00.txt Alan Brown and Mario Kolberg University of Stirling, UK IETF65 P2PRG - March 24, 2006 1 Overview Provide survey of tools
More informationManagement Patterns: SDN-Enabled Network Resilience Management
Management Patterns: SDN-Enabled Network Management Paul Smith, Alberto Schaeffer-Filho, David Hutchison and Andreas Mauthe Safety and Security Department, AIT Austrian Institute of Technology, Austria
More informationAshok Kumar Gonela MTech Department of CSE Miracle Educational Group Of Institutions Bhogapuram.
Protection of Vulnerable Virtual machines from being compromised as zombies during DDoS attacks using a multi-phase distributed vulnerability detection & counter-attack framework Ashok Kumar Gonela MTech
More informationCisco Application Networking for IBM WebSphere
Cisco Application Networking for IBM WebSphere Faster Downloads and Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address
More informationIntelligent. Data Sheet
Cisco IPS Software Product Overview Cisco IPS Software is the industry s leading network-based intrusion prevention software. It provides intelligent, precise, and flexible protection for your business
More informationEnabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches
print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your
More informationOn Ubiquitous Network Security and Anomaly Detection *
On Ubiquitous Network Security and Anomaly Detection * Colin Van Dyke Çetin K. Koç Electrical & Computer Engineering Oregon State University {vandyke,koc}@ece.orst.edu Abstract As networking trends move
More informationspirent Test the security, performance and scalability of your app-aware infrastructure
spirent Avalanche NEXT Test the security, performance and scalability of your app-aware infrastructure Avalanche NEXT The App-Aware Challenge The deployment of application-aware infrastructure brings with
More informationSocket = an interface connection between two (dissimilar) pipes. OS provides this API to connect applications to networks. home.comcast.
Interprocess communication (Part 2) For an application to send something out as a message, it must arrange its OS to receive its input. The OS is then sends it out either as a UDP datagram on the transport
More informationSoftware Development Kit
Open EMS Suite by Nokia Software Development Kit Functional Overview Version 1.3 Nokia Siemens Networks 1 (21) Software Development Kit The information in this document is subject to change without notice
More informationArchitectural Overview
Architectural Overview Version 7 Part Number 817-2167-10 March 2003 A Sun ONE Application Server 7 deployment consists of a number of application server instances, an administrative server and, optionally,
More informationNemea: Searching for Botnet Footprints
Nemea: Searching for Botnet Footprints Tomas Cejka 1, Radoslav Bodó 1, Hana Kubatova 2 1 CESNET, a.l.e. 2 FIT, CTU in Prague Zikova 4, 160 00 Prague 6 Thakurova 9, 160 00 Prague 6 Czech Republic Czech
More informationDoS: Attack and Defense
DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches
More informationLab 1: Evaluating Internet Connection Choices for a Small Home PC Network
Lab 1: Evaluating Internet Connection Choices for a Small Home PC Network Objective This lab teaches the basics of using OPNET IT Guru. We investigate application performance and capacity planning, by
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationSANE: A Protection Architecture For Enterprise Networks
Fakultät IV Elektrotechnik und Informatik Intelligent Networks and Management of Distributed Systems Research Group Prof. Anja Feldmann, Ph.D. SANE: A Protection Architecture For Enterprise Networks WS
More informationHow To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1.
Instreamer to Exstreamer connection Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection 1.11 Date: 06.03.2013 2013 Barix AG, all rights reserved. All information is subject
More informationSecurity Advisory. Some IPS systems can be easily fingerprinted using simple techniques.
Some IPS systems can be easily fingered using simple techniques. The unintentional disclosure of which security devices are deployed within your defences could put your network at significant risk. Security
More informationADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY
ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY One of the largest concerns of organisations is how to implement and introduce advanced security mechanisms to protect
More informationIntroducing Performance Engineering by means of Tools and Practical Exercises
Introducing Performance Engineering by means of Tools and Practical Exercises Alexander Ufimtsev, Trevor Parsons, Lucian M. Patcas, John Murphy and Liam Murphy Performance Engineering Laboratory, School
More informationAnalysis and Simulation of VoIP LAN vs. WAN WLAN vs. WWAN
ENSC 427 Communication Networks Final Project Report Spring 2014 Analysis and Simulation of VoIP Team #: 2 Kadkhodayan Anita (akadkhod@sfu.ca, 301129632) Majdi Yalda (ymajdi@sfu.ca, 301137361) Namvar Darya
More informationMonitoring Infrastructure (MIS) Software Architecture Document. Version 1.1
Monitoring Infrastructure (MIS) Software Architecture Document Version 1.1 Revision History Date Version Description Author 28-9-2004 1.0 Created Peter Fennema 8-10-2004 1.1 Processed review comments Peter
More informationDDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack
DDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack Sugih Jamin EECS Department University of Michigan jamin@eecs.umich.edu Internet Design Goals Key design goals of Internet protocols:
More informationCourse Outline. Course 20336B: Core Solutions of Microsoft Lync Server 2013. Duration: 5 Days
Course 20336B: Core Solutions of Microsoft Lync Server 2013 Duration: 5 Days What you will learn This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer
More informationCourse Outline. Core Solutions of Microsoft Lync Server 2013 Course 20336B: 5 days Instructor Led. About this Course.
Core Solutions of Microsoft Lync Server 2013 Course 20336B: 5 days Instructor Led About this Course This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer
More informationA Layperson s Guide To DoS Attacks
A Layperson s Guide To DoS Attacks A Rackspace Whitepaper A Layperson s Guide to DoS Attacks Cover Table of Contents 1. Introduction 2 2. Background on DoS and DDoS Attacks 3 3. Types of DoS Attacks 4
More informationDDoS Protection Technology White Paper
DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of
More informationCisco Application Networking for BEA WebLogic
Cisco Application Networking for BEA WebLogic Faster Downloads and Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address
More informationUSING MOBILE AGENTS TO IMPROVE PERFORMANCE OF NETWORK MANAGEMENT OPERATIONS
USING MOBILE AGENTS TO IMPROVE PERFORNCE OF NETWORK NAGEMENT OPERATIONS Iwan Adhicandra, Colin Pattinson, Ebrahim Shaghouei Computer Communications Research Group, School of Computing, Leeds Metropolitan
More informationCisco IPS 4200 Series Sensors
Cisco IPS 4200 Series Sensors In today s busy network environments, business continuity relies on effective network intrusion prevention to stop malicious attacks, worms, and application abuse before they
More informationCurrent and Future Research into Network Security Prof. Madjid Merabti
Current and Future Research into Network Security Prof. Madjid Merabti School of Computing & Mathematical Sciences Liverpool John Moores University UK Overview Introduction Secure component composition
More informationEmerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA
Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering
More informationOPNET Network Simulator
Simulations and Tools for Telecommunications 521365S: OPNET Network Simulator Jarmo Prokkola Research team leader, M. Sc. (Tech.) VTT Technical Research Centre of Finland Kaitoväylä 1, Oulu P.O. Box 1100,
More informationInternational Journal of Enterprise Computing and Business Systems ISSN (Online) : 2230-8849
WINDOWS-BASED APPLICATION AWARE NETWORK INTERCEPTOR Ms. Shalvi Dave [1], Mr. Jimit Mahadevia [2], Prof. Bhushan Trivedi [3] [1] Asst.Prof., MCA Department, IITE, Ahmedabad, INDIA [2] Chief Architect, Elitecore
More informationSURE 5 Zone DDoS PROTECTION SERVICE
SURE 5 Zone DDoS PROTECTION SERVICE Sure 5 Zone DDoS Protection ( the Service ) provides a solution to protect our customer s sites against Distributed Denial of Service (DDoS) attacks by analysing incoming
More informationCastelldefels Project: Simulating the Computer System that Gives Support to the Virtual Campus of the Open University of Catalonia
22nd EUROPEAN CONFERENCE ON OPERATIONAL RESEARCH Prague, July 8 11, 2007 Castelldefels Project: Simulating the Computer System that Gives Support to the Virtual Campus of the Open University of Catalonia
More informationExploiting peer group concept for adaptive and highly available services
Exploiting peer group concept for adaptive and highly available services Muhammad Asif Jan Centre for European Nuclear Research (CERN) Switzerland Fahd Ali Zahid, Mohammad Moazam Fraz Foundation University,
More informationNetwork & Agent Based Intrusion Detection Systems
Network & Agent Based Intrusion Detection Systems Hakan Albag TU Munich, Dep. of Computer Science Exchange Student Istanbul Tech. Uni., Dep. Of Comp. Engineering Abstract. The following document is focused
More informationIntroduction to Sun ONE Application Server 7
Introduction to Sun ONE Application Server 7 The Sun ONE Application Server 7 provides a high-performance J2EE platform suitable for broad deployment of application services and web services. It offers
More informationUNMASKCONTENT: THE CASE STUDY
DIGITONTO LLC. UNMASKCONTENT: THE CASE STUDY The mystery UnmaskContent.com v1.0 Contents I. CASE 1: Malware Alert... 2 a. Scenario... 2 b. Data Collection... 2 c. Data Aggregation... 3 d. Data Enumeration...
More informationCore Solutions of Microsoft Lync Server 2013
Course 20336A: Core Solutions of Microsoft Lync Server 2013 Length: Audience(s): 5 Days Level: 300 IT Professionals Technology: Microsoft Lync Server 2013 Type: Delivery Method: Course Instructor-led (classroom)
More informationLab 3: Evaluating Application Performance across a WAN
Lab 3: Evaluating Application Performance across a WAN Objective In this lab, we have a small LAN with 20 users for a startup company named Deltasoft Technologies. We investigate the application performance
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationMonitoring WAAS Using Cisco Network Analysis Module. Information About NAM CHAPTER
CHAPTER 5 Monitoring WAAS Using Cisco Network Analysis Module This chapter describes Cisco Network Analysis Module (NAM), which you can use to monitor your WAAS devices. This chapter contains the following
More informationPerformance Evaluation of VANETs with Multiple Car Crashes in Different Traffic Conditions
Performance Evaluation of VANETs with Multiple Car Crashes in Different Traffic Conditions Georgios Charalampopoulos 1,2 and Tasos Dagiuklas 1 1. Dept. of Computer Science, Hellenic Open University, Greece,
More informationA Multi-Objective Optimisation Approach to IDS Sensor Placement
A Multi-Objective Optimisation Approach to IDS Sensor Placement Hao Chen 1, John A. Clark 1, Juan E. Tapiador 1, Siraj A. Shaikh 2, Howard Chivers 2, and Philip Nobles 2 1 Department of Computer Science
More informationAnalysis of IP Network for different Quality of Service
2009 International Symposium on Computing, Communication, and Control (ISCCC 2009) Proc.of CSIT vol.1 (2011) (2011) IACSIT Press, Singapore Analysis of IP Network for different Quality of Service Ajith
More informationHow To Communicate With A Notification System
Cost effective and resiliant enterprise wide user notification methods. NetSupport School Cost effective and resiliant enterprise wide user notification methods Introduction Enterprises, both corporate
More informationBirdstep Intelligent Mobile IP Client v2.0, Universal Edition. Seamless secure mobility across all networks. Copyright 2002 Birdstep Technology ASA
White Paper Birdstep Intelligent Mobile IP Client v2.0, Universal Edition Seamless secure mobility across all networks Copyright 2002 Birdstep Technology ASA Haakon VII's gate 5B, N-0161 Oslo, Norway Tel:
More informationImplementing the Application Control Engine Service Module
Course: Implementing the Application Control Engine Service Module Duration: 4 Day Hands-On Lab & Lecture Course Price: $ 2,995.00 Learning Credits: 30 Hitachi HiPass: 4 Description: Implementing the Application
More informationThe flow back tracing and DDoS defense mechanism of the TWAREN defender cloud
Proceedings of the APAN Network Research Workshop 2013 The flow back tracing and DDoS defense mechanism of the TWAREN defender cloud Ming-Chang Liang 1, *, Meng-Jang Lin 2, Li-Chi Ku 3, Tsung-Han Lu 4,
More informationIncluding Real Networking Hardware in the Modeling and Simulation (M&S) Environment.
Provost s Learning Innovations Grant for Faculty Special Request for Proposal Course Development 2009-2010 Project Title: Including Real Networking Hardware in the Modeling and Simulation (M&S) Environment.
More informationImproving Web Application Firewall Testing (WAF) for better Deployment in Production Networks January 2009 OWASP Israel
Improving Web Application Firewall Testing (WAF) for better Deployment in Production Networks January 2009 OWASP Israel Gregory Fresnais Director of International Business Development Email: gfresnais@bpointsys.com,
More informationWiMAX System-Level Simulation for Application Performance Analysis
WiMAX System-Level Simulation for Application Performance Analysis Krishna Ramadas Venturi Wireless kramadas@venturiwirelesscom Raj Jain Washington Univ in Saint Louis Saint Louis, MO 63130 Jain@wustledu
More informationDecomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces
Software Engineering, Lecture 4 Decomposition into suitable parts Cross cutting concerns Design patterns I will also give an example scenario that you are supposed to analyse and make synthesis from The
More informationHuawei One Net Campus Network Solution
Huawei One Net Campus Network Solution 2 引 言 3 园 区 网 面 临 的 挑 战 4 华 为 园 区 网 解 决 方 案 介 绍 6 华 为 园 区 网 解 决 方 案 对 应 产 品 组 合 6 结 束 语 Introduction campus network is an internal network of an enterprise or organization,
More informationHow To Understand The History Of The Network And Network (Networking) In A Network (Network) (Netnet) (Network And Network) (Dns) (Wired) (Lannet) And (Network Network)
COMPUTER NETWORKS LECTURES DR.PETER G. GYARMATI Research professor Lectures of P. G. Gyarmati 1. page 1999.-2006. 1999.-2006. This page is intentionally left blank Lectures of P. G. Gyarmati 2. page 1999.-2006.
More informationCisco IOS Flexible NetFlow Technology
Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application
More informationProduct Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity
NIP IDS Product Overview The Network Intelligent Police (NIP) Intrusion Detection System (IDS) is a new generation of session-based intelligent network IDS developed by Huaweisymantec. Deployed in key
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationSuricata IDS. What is it and how to enable it
Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat
More informationDistributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 23. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2015 November 17, 2015 2014-2015 Paul Krzyzanowski 1 Motivation Serving web content from one location presents
More informationCisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time
Essential Curriculum Computer Networking II Cisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time Chapter 1 Networking in the Enterprise-------------------------------------------------
More informationIPTV AND VOD NETWORK ARCHITECTURES. Diogo Miguel Mateus Farinha
IPTV AND VOD NETWORK ARCHITECTURES Diogo Miguel Mateus Farinha Instituto Superior Técnico Av. Rovisco Pais, 1049-001 Lisboa, Portugal E-mail: diogo.farinha@ist.utl.pt ABSTRACT IPTV and Video on Demand
More informationOpen-Source Software Toolkit for Network Simulation and Modeling
Open-Source Software Toolkit for Network Simulation and Modeling Chengcheng Li School of Information Technology University of Cincinnati Cincinnati, OH 45221 Chengcheng.li@uc.edu Abstract This paper summarizes
More informationpacket retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.
Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System
More informationDiDDeM: A System for Early Detection of TCP SYN Flood Attacks
DiDDeM: A System for Early Detection of TCP SYN Flood Attacks J. Haggerty, T. Berry, Q. Shi and M. Merabti School of Computing and Mathematical Sciences, Liverpool John Moores University, Liverpool, UK,
More informationStrengths and Limitations of Nagios as a Network Monitoring Solution
Strengths and Limitations of Nagios as a Network Monitoring Solution By Sophon Mongkolluksamee http://inms.in.th 1 Agenda o Network monitoring software o About Nagios o Limitations of Nagios o Improve
More informationSBSCET, Firozpur (Punjab), India
Volume 3, Issue 9, September 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Layer Based
More informationAgenda. Understanding of Firewall s definition and Categorization. Understanding of Firewall s Deployment Architectures
Firewall Agenda Unit 1 Understanding of Firewall s definition and Categorization Unit 2 Understanding of Firewall s Deployment Architectures Unit 3 Three Representative Firewall Deployment Examples in
More informationIP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview
This module describes IP Service Level Agreements (SLAs). IP SLAs allows Cisco customers to analyze IP service levels for IP applications and services, to increase productivity, to lower operational costs,
More informationHome Networking Evaluating Internet Connection Choices for a Small Home PC Network
Laboratory 2 Home Networking Evaluating Internet Connection Choices for a Small Home PC Network Objetive This lab teaches the basics of using OPNET IT Guru. OPNET IT Guru s user-friendly interface with
More informationMPLS provides multi-site solution
MPLS provides multi-site solution Executive Summary MPLS (Multi Protocol Label Switching) meets the need for a cost effective solution for voice and data connectivity across multiple sites. Spitfire s
More informationEXPERIENCES PARALLELIZING A COMMERCIAL NETWORK SIMULATOR
EXPERIENCES PARALLELIZING A COMMERCIAL NETWORK SIMULATOR Hao Wu Richard M. Fujimoto George Riley College Of Computing Georgia Institute of Technology Atlanta, GA 30332-0280 {wh, fujimoto, riley}@cc.gatech.edu
More informationA STUDY OF THE BEHAVIOUR OF THE MOBILE AGENT IN THE NETWORK MANAGEMENT SYSTEMS
A STUDY OF THE BEHAVIOUR OF THE MOBILE AGENT IN THE NETWORK MANAGEMENT SYSTEMS Tarag Fahad, Sufian Yousef & Caroline Strange School of Design and Communication Systems, Anglia Polytechnic University Victoria
More informationCisco Network Foundation Protection Overview
Cisco Network Foundation Protection Overview June 2005 1 Security is about the ability to control the risk incurred from an interconnected global network. Cisco NFP provides the tools, technologies, and
More informationACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Introduction to Network Security
More informationService Description DDoS Mitigation Service
Service Description DDoS Mitigation Service Interoute, Walbrook Building, 195 Marsh Wall, London, E14 9SG, UK Tel: +800 4683 7681 Email: info@interoute.com Contents Contents 1 Introduction...3 2 An Overview...3
More informationMicrosegmentation Using NSX Distributed Firewall: Getting Started
Microsegmentation Using NSX Distributed Firewall: VMware NSX for vsphere, release 6.0x REFERENCE PAPER Table of Contents Microsegmentation using NSX Distributed Firewall:...1 Introduction... 3 Use Case
More informationCore Solutions of Microsoft Lync Server 2013
MS20336 Längd: 5 dagar Core Solutions of Microsoft Lync Server 2013 This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer a Microsoft Lync Server 2013
More informationSWOON: A Testbed for Secure Wireless Overlay Networks
SWOON: A Testbed for Secure Wireless Overlay Networks Y. L. Huang, J. D. Tygar, H. Y. Lin, L. Y. Yeh, H. Y. Tsai, K. Sklower, S. P. Shieh, C. C. Wu, P. H. Lu, S. Y. Chien, Z. S. Lin, L. W. Hsu, C. W. Hsu,
More informationSoftware Defined Networking to Improve Mobility Management Performance
Department of Computer Science and the Electrical Engineering, The Netherlands Software Defined Networking to Improve Mobility Management Performance Morteza Karimzadeh, Anna Sperotto, and Aiko Pras m.karimzadeh@utwente.nl
More informationSpecific recommendations
Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It
More informationCS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013
CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access
More information