IU-ATC Network Security and Resilience Monitoring (Theme 4)

Size: px
Start display at page:

Download "IU-ATC Network Security and Resilience Monitoring (Theme 4)"

Transcription

1 IU-ATC Network Security and Resilience Monitoring (Theme 4) Policy-driven Resilience Simulator Alberto Schaeffer-Filho, Paul Smith and Andreas Mauthe Lancaster University India-UK Centre of Excellence in Next Generation Networks EPSRC-DST Project Workshop, Mysore January 25 th -26 th, 2011

2 Introduction Basic idea Difficult to evaluate resilience strategies Involve the interplay between a number of detection and remediation mechanisms Must be activated on demand, according to events observed in the network Integrate network simulator and Policy framework Simulation of policy-based resilience strategies Policies applied based on conditions observed during run-time High link utilisation Malicious attacks Equipment failures Observe how policies affect operation of simulated components Understand how real policies affect the operation of resilience mechanisms Evaluate resilience strategies before deployment in the network, e.g. routers Gamer & Mayer, 2009: Integrated detection mechanisms into network simulator Our work is complementary, but focuses on remediation 2

3 Policy-based Management Management of network components in the infrastructure Decouple hard-wired implementation from the management strategy Modify management strategy without interrupting system operation Reconfiguration of operational parameters Dynamic activation/deactivation of mechanisms P. Smith, A. Schaeffer-Filho, A. Ali, M. Schöller, N. Kheir, A. Mauthe and D. Hutchison. "Strategies for Network Resilience: Capitalising on Policies". In: 4th International Conference on Autonomous Infrastructure, Management and Security (AIMS 2010), Springer, ser. LNCS. Zurich, Switzerland. June

4 Policy-driven Network Simulation Objects in simulation can be manipulated Setting flags, dropping connections, adding extra delay to packets, etc Evaluate effects of remediation mechanisms Integration techniques (Mayer & Gamer, 2008) Socket connection Sockets in simulation connect to third-party app No source code changes CPU/synchronisation problems Source code integration Only for simple applications No time distortions Difficult due to build dependencies Shared libraries Similar to source code integration Separated building environments Thread scheduling problems A. Schaeffer-Filho, P. Smith and A. Mauthe. Policy-driven Network Simulation: a Resilience Case Study. To appear in: 26th ACM Symposium on Applied Computing (SAC 2011), ACM, Taichung, Taiwan. March

5 Network Simulators NS-2 High coupling between C++ and Otcl, steep learning curve, poor scalability Extensible library of public available network models NS-3 Major revision, focus on scalability, extensibility and modularity Still short of network models OMNeT++ Modular, extensible Good scalability and large library of network models SSFNet Implementations both in Java and C++, large number of models Discontinued in 2004 OPNET Source code of simulator is not publicly available Hard to extend to implement resilience mechanisms 5

6 Prototype Integration between OMNeT++/SSFNet and Ponder2 framework Ponder2 Both obligation and authorisation policies Policies written in terms of managed objects, kept in a domain structure Different communication protocols supported, e.g. RMI, HTTP Command interpreter and PonderTalk for configuration and control OMNeT++ Modelling and simulation of networks at and above link layer Realistic topologies, generation of background and attack traffic (ReaSE) Self-similar behaviour: different traffic profiles, such as Web traffic, name server traffic, and streaming traffic Resilience mechanisms: instrumented objects in the simulation Link monitor, flow exporter, rate limiter, IDS, etc Mechanisms export a management interface as a call-back proxy 6

7 Prototype Integration between OMNeT++/SSFNet and Ponder2 framework Instrumented objects in the simulation Most are additions to the standard Router module Integration based on XMLRPC Simulation platform that permits Experiment different topologies Analysis of anomaly scenarios Implement resilience strategies adapttohigh := factory/ecapolicy create. adapttohigh event: event/highutil. adapttohigh condition: [ :value value >= 75 ]. adapttohigh action: [rate_limiter_xyz setbitrate: ]. 7

8 Prototype Policy-based DDoS remediation Topology: 2 stub Autonomous Systems connected by 1 transit AS Victim AS attacked by 35 DDoSZombie hosts 1000 hosts generate background traffic to a number of other servers Resilience functions carried out at the edge of the AS network Progressive detection and tailored remediation of the attack Attack starts Rate limit the entire link Rate limit all traffic towards the victim Rate limit only the attack flow All attack flows is successfully classified 8

9 Demonstration Instructions online Download, installation, running (OMNeT++ & Ponder2) Straightforward to change policies in Ponder2 Activate/deactivate policies Adapt their thresholds Observe how these different policies adapt the network behaviour More interesting extensions Development of additional policy-enabled modules Available at: https://forge.comp.lancs.ac.uk/ hosted/resilience/policy-resilience-simulator/ 9

10 Related Publications C. Peoples, G. Parr, A. Schaeffer-Filho and A. Mauthe, Towards the Simulation of Energy- Efficient Resilience Management. To appear in: 4th International ICST Conference on Simulation Tools and Techniques (SIMUTools 2011), ACM/ICST, Barcelona, Spain. March A. Schaeffer-Filho, P. Smith and A. Mauthe. Policy-driven Network Simulation: a Resilience Case Study. To appear in: 26th ACM Symposium on Applied Computing (SAC 2011), ACM, Taichung, Taiwan. March P. Smith, A. Schaeffer-Filho, A. Ali, M. Schöller, N. Kheir, A. Mauthe and D. Hutchison. "Strategies for Network Resilience: Capitalising on Policies". In: 4th International Conference on Autonomous Infrastructure, Management and Security (AIMS 2010), Springer, ser. LNCS. Zurich, Switzerland. June A. Ali, A. Schaeffer-Filho, P. Smith and D. Hutchison. "Justifying a Policy Based Approach for DDoS Remediation: A Case Study". In: 11th Annual PostGraduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting (PGNet 2010), Liverpool, UK. June

Service Level AgreementMonitoring for Resilience in Computer Networks

Service Level AgreementMonitoring for Resilience in Computer Networks Service Level AgreementMonitoring for Resilience in Computer Networks Noor-ul-hassan Shirazi, Alberto Schaeffer-Filho and David Hutchison School of Computing and Communications InfoLab21, Lancaster University

More information

Network Resilience. From Concepts to Experimentation. FIRE Research Workshop - May 16 th 2011

Network Resilience. From Concepts to Experimentation. FIRE Research Workshop - May 16 th 2011 Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Resilience From Concepts to Experimentation FIRE Research Workshop - May 16 th 2011 Georg Carle, TU

More information

Distack. Towards Understanding the Global Behavior of DDoS Attacks A Framework for Distributed Attack Detection and Beyond

Distack. Towards Understanding the Global Behavior of DDoS Attacks A Framework for Distributed Attack Detection and Beyond Distack Towards Understanding the Global Behavior of DDoS Attacks A Framework for and Beyond Thomas Gamer, Christoph P. Mayer, Martina Zitterbart 29. Aug 2008, EURECOM, France, (TH) Karlsruhe Institute

More information

Network Resilience & DDoS attacks

Network Resilience & DDoS attacks Network Resilience & DDoS attacks Paul Smith School of Computing and Communications Lancaster University p.smith@comp.lancs.ac.uk The ResiliNets Group @ Lancaster http://www.comp.lancs.ac.uk/resilience

More information

Security Challenges & Opportunities in Software Defined Networks (SDN)

Security Challenges & Opportunities in Software Defined Networks (SDN) Security Challenges & Opportunities in Software Defined Networks (SDN) June 30 th, 2015 SEC2 2015 Premier atelier sur la sécurité dans les Clouds Nizar KHEIR Cyber Security Researcher Orange Labs Products

More information

Justifying a Policy Based Approach for DDoS Remediation: A Case Study

Justifying a Policy Based Approach for DDoS Remediation: A Case Study Justifying a Policy Based Approach for DDoS Remediation: A Case Study Azman Ali, Alberto Schaeffer-Filho, Paul Smith and David Hutchison Computing Department, Lancaster University, UK {a.ali, asf, p.smith,

More information

Testing Network Security Using OPNET

Testing Network Security Using OPNET Testing Network Security Using OPNET Agustin Zaballos, Guiomar Corral, Isard Serra, Jaume Abella Enginyeria i Arquitectura La Salle, Universitat Ramon Llull, Spain Paseo Bonanova, 8, 08022 Barcelona Tlf:

More information

A Multilevel Approach Towards Challenge Detection in Cloud Computing

A Multilevel Approach Towards Challenge Detection in Cloud Computing 1 A Multilevel Approach Towards Challenge Detection in Cloud Computing A Multilevel Approach Towards Challenge Detection in Cloud Computing Noorulhassan Shirazi, Michael R. Watson, Angelos K. Marnerides,

More information

Network Virtualization Network Admission Control Deployment Guide

Network Virtualization Network Admission Control Deployment Guide Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus

More information

Experimentation driven traffic monitoring and engineering research

Experimentation driven traffic monitoring and engineering research Experimentation driven traffic monitoring and engineering research Amir KRIFA (Amir.Krifa@sophia.inria.fr) 11/20/09 ECODE FP7 Project 1 Outline i. Future directions of Internet traffic monitoring and engineering

More information

Large-scale Evaluation of Distributed Attack Detection

Large-scale Evaluation of Distributed Attack Detection Large-scale Evaluation of Distributed Attack Detection Thomas Gamer Institute of Telematics Universität Karlsruhe (TH) Germany gamer@tm.uka.de Christoph P. Mayer Institute of Telematics Universität Karlsruhe

More information

A REPORT ON ANALYSIS OF OSPF ROUTING PROTOCOL NORTH CAROLINA STATE UNIVERSITY

A REPORT ON ANALYSIS OF OSPF ROUTING PROTOCOL NORTH CAROLINA STATE UNIVERSITY A REPORT ON ANALYSIS OF OSPF ROUTING PROTOCOL Using OPNET 14.5 Modeler NORTH CAROLINA STATE UNIVERSITY SUBMITTED BY: SHOBHANK SHARMA ssharma5@ncsu.edu Page 1 ANALYSIS OF OSPF ROUTING PROTOCOL A. Introduction

More information

Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst

Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst This Center for Internet Security

More information

Chapter 2 TOPOLOGY SELECTION. SYS-ED/ Computer Education Techniques, Inc.

Chapter 2 TOPOLOGY SELECTION. SYS-ED/ Computer Education Techniques, Inc. Chapter 2 TOPOLOGY SELECTION SYS-ED/ Computer Education Techniques, Inc. Objectives You will learn: Topology selection criteria. Perform a comparison of topology selection criteria. WebSphere component

More information

A Novel Packet Marketing Method in DDoS Attack Detection

A Novel Packet Marketing Method in DDoS Attack Detection SCI-PUBLICATIONS Author Manuscript American Journal of Applied Sciences 4 (10): 741-745, 2007 ISSN 1546-9239 2007 Science Publications A Novel Packet Marketing Method in DDoS Attack Detection 1 Changhyun

More information

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your

More information

spirent Test the security, performance and scalability of your app-aware infrastructure

spirent Test the security, performance and scalability of your app-aware infrastructure spirent Avalanche NEXT Test the security, performance and scalability of your app-aware infrastructure Avalanche NEXT The App-Aware Challenge The deployment of application-aware infrastructure brings with

More information

On Ubiquitous Network Security and Anomaly Detection *

On Ubiquitous Network Security and Anomaly Detection * On Ubiquitous Network Security and Anomaly Detection * Colin Van Dyke Çetin K. Koç Electrical & Computer Engineering Oregon State University {vandyke,koc}@ece.orst.edu Abstract As networking trends move

More information

Socket = an interface connection between two (dissimilar) pipes. OS provides this API to connect applications to networks. home.comcast.

Socket = an interface connection between two (dissimilar) pipes. OS provides this API to connect applications to networks. home.comcast. Interprocess communication (Part 2) For an application to send something out as a message, it must arrange its OS to receive its input. The OS is then sends it out either as a UDP datagram on the transport

More information

Management Patterns: SDN-Enabled Network Resilience Management

Management Patterns: SDN-Enabled Network Resilience Management Management Patterns: SDN-Enabled Network Management Paul Smith, Alberto Schaeffer-Filho, David Hutchison and Andreas Mauthe Safety and Security Department, AIT Austrian Institute of Technology, Austria

More information

A System for in-network Anomaly Detection

A System for in-network Anomaly Detection A System for in-network Anomaly Detection Thomas Gamer Institut für Telematik, Universität Karlsruhe (TH), Germany Abstract. Today, the Internet is used by companies frequently since it simplifies daily

More information

Software Development Kit

Software Development Kit Open EMS Suite by Nokia Software Development Kit Functional Overview Version 1.3 Nokia Siemens Networks 1 (21) Software Development Kit The information in this document is subject to change without notice

More information

Course Outline. Course 20336B: Core Solutions of Microsoft Lync Server 2013. Duration: 5 Days

Course Outline. Course 20336B: Core Solutions of Microsoft Lync Server 2013. Duration: 5 Days Course 20336B: Core Solutions of Microsoft Lync Server 2013 Duration: 5 Days What you will learn This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer

More information

Course Outline. Core Solutions of Microsoft Lync Server 2013 Course 20336B: 5 days Instructor Led. About this Course.

Course Outline. Core Solutions of Microsoft Lync Server 2013 Course 20336B: 5 days Instructor Led. About this Course. Core Solutions of Microsoft Lync Server 2013 Course 20336B: 5 days Instructor Led About this Course This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer

More information

Network & Agent Based Intrusion Detection Systems

Network & Agent Based Intrusion Detection Systems Network & Agent Based Intrusion Detection Systems Hakan Albag TU Munich, Dep. of Computer Science Exchange Student Istanbul Tech. Uni., Dep. Of Comp. Engineering Abstract. The following document is focused

More information

SANE: A Protection Architecture For Enterprise Networks

SANE: A Protection Architecture For Enterprise Networks Fakultät IV Elektrotechnik und Informatik Intelligent Networks and Management of Distributed Systems Research Group Prof. Anja Feldmann, Ph.D. SANE: A Protection Architecture For Enterprise Networks WS

More information

Tools for Peer-to-Peer Network Simulation

Tools for Peer-to-Peer Network Simulation Tools for Peer-to-Peer Network Simulation draft-irtf-p2prg-core-simulators-00.txt Alan Brown and Mario Kolberg University of Stirling, UK IETF65 P2PRG - March 24, 2006 1 Overview Provide survey of tools

More information

Ashok Kumar Gonela MTech Department of CSE Miracle Educational Group Of Institutions Bhogapuram.

Ashok Kumar Gonela MTech Department of CSE Miracle Educational Group Of Institutions Bhogapuram. Protection of Vulnerable Virtual machines from being compromised as zombies during DDoS attacks using a multi-phase distributed vulnerability detection & counter-attack framework Ashok Kumar Gonela MTech

More information

Cisco Application Networking for IBM WebSphere

Cisco Application Networking for IBM WebSphere Cisco Application Networking for IBM WebSphere Faster Downloads and Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address

More information

Monitoring Infrastructure (MIS) Software Architecture Document. Version 1.1

Monitoring Infrastructure (MIS) Software Architecture Document. Version 1.1 Monitoring Infrastructure (MIS) Software Architecture Document Version 1.1 Revision History Date Version Description Author 28-9-2004 1.0 Created Peter Fennema 8-10-2004 1.1 Processed review comments Peter

More information

Intelligent. Data Sheet

Intelligent. Data Sheet Cisco IPS Software Product Overview Cisco IPS Software is the industry s leading network-based intrusion prevention software. It provides intelligent, precise, and flexible protection for your business

More information

Core Solutions of Microsoft Lync Server 2013

Core Solutions of Microsoft Lync Server 2013 Course 20336A: Core Solutions of Microsoft Lync Server 2013 Length: Audience(s): 5 Days Level: 300 IT Professionals Technology: Microsoft Lync Server 2013 Type: Delivery Method: Course Instructor-led (classroom)

More information

Current and Future Research into Network Security Prof. Madjid Merabti

Current and Future Research into Network Security Prof. Madjid Merabti Current and Future Research into Network Security Prof. Madjid Merabti School of Computing & Mathematical Sciences Liverpool John Moores University UK Overview Introduction Secure component composition

More information

Introducing Performance Engineering by means of Tools and Practical Exercises

Introducing Performance Engineering by means of Tools and Practical Exercises Introducing Performance Engineering by means of Tools and Practical Exercises Alexander Ufimtsev, Trevor Parsons, Lucian M. Patcas, John Murphy and Liam Murphy Performance Engineering Laboratory, School

More information

Exploiting peer group concept for adaptive and highly available services

Exploiting peer group concept for adaptive and highly available services Exploiting peer group concept for adaptive and highly available services Muhammad Asif Jan Centre for European Nuclear Research (CERN) Switzerland Fahd Ali Zahid, Mohammad Moazam Fraz Foundation University,

More information

Introduction to Sun ONE Application Server 7

Introduction to Sun ONE Application Server 7 Introduction to Sun ONE Application Server 7 The Sun ONE Application Server 7 provides a high-performance J2EE platform suitable for broad deployment of application services and web services. It offers

More information

USING MOBILE AGENTS TO IMPROVE PERFORMANCE OF NETWORK MANAGEMENT OPERATIONS

USING MOBILE AGENTS TO IMPROVE PERFORMANCE OF NETWORK MANAGEMENT OPERATIONS USING MOBILE AGENTS TO IMPROVE PERFORNCE OF NETWORK NAGEMENT OPERATIONS Iwan Adhicandra, Colin Pattinson, Ebrahim Shaghouei Computer Communications Research Group, School of Computing, Leeds Metropolitan

More information

International Journal of Enterprise Computing and Business Systems ISSN (Online) : 2230-8849

International Journal of Enterprise Computing and Business Systems ISSN (Online) : 2230-8849 WINDOWS-BASED APPLICATION AWARE NETWORK INTERCEPTOR Ms. Shalvi Dave [1], Mr. Jimit Mahadevia [2], Prof. Bhushan Trivedi [3] [1] Asst.Prof., MCA Department, IITE, Ahmedabad, INDIA [2] Chief Architect, Elitecore

More information

Architectural Overview

Architectural Overview Architectural Overview Version 7 Part Number 817-2167-10 March 2003 A Sun ONE Application Server 7 deployment consists of a number of application server instances, an administrative server and, optionally,

More information

OPNET Network Simulator

OPNET Network Simulator Simulations and Tools for Telecommunications 521365S: OPNET Network Simulator Jarmo Prokkola Research team leader, M. Sc. (Tech.) VTT Technical Research Centre of Finland Kaitoväylä 1, Oulu P.O. Box 1100,

More information

SURE 5 Zone DDoS PROTECTION SERVICE

SURE 5 Zone DDoS PROTECTION SERVICE SURE 5 Zone DDoS PROTECTION SERVICE Sure 5 Zone DDoS Protection ( the Service ) provides a solution to protect our customer s sites against Distributed Denial of Service (DDoS) attacks by analysing incoming

More information

DoS: Attack and Defense

DoS: Attack and Defense DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches

More information

Nemea: Searching for Botnet Footprints

Nemea: Searching for Botnet Footprints Nemea: Searching for Botnet Footprints Tomas Cejka 1, Radoslav Bodó 1, Hana Kubatova 2 1 CESNET, a.l.e. 2 FIT, CTU in Prague Zikova 4, 160 00 Prague 6 Thakurova 9, 160 00 Prague 6 Czech Republic Czech

More information

Lab 1: Evaluating Internet Connection Choices for a Small Home PC Network

Lab 1: Evaluating Internet Connection Choices for a Small Home PC Network Lab 1: Evaluating Internet Connection Choices for a Small Home PC Network Objective This lab teaches the basics of using OPNET IT Guru. We investigate application performance and capacity planning, by

More information

Analysis of IP Network for different Quality of Service

Analysis of IP Network for different Quality of Service 2009 International Symposium on Computing, Communication, and Control (ISCCC 2009) Proc.of CSIT vol.1 (2011) (2011) IACSIT Press, Singapore Analysis of IP Network for different Quality of Service Ajith

More information

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls

More information

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by

More information

Including Real Networking Hardware in the Modeling and Simulation (M&S) Environment.

Including Real Networking Hardware in the Modeling and Simulation (M&S) Environment. Provost s Learning Innovations Grant for Faculty Special Request for Proposal Course Development 2009-2010 Project Title: Including Real Networking Hardware in the Modeling and Simulation (M&S) Environment.

More information

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces Software Engineering, Lecture 4 Decomposition into suitable parts Cross cutting concerns Design patterns I will also give an example scenario that you are supposed to analyse and make synthesis from The

More information

Agenda. Understanding of Firewall s definition and Categorization. Understanding of Firewall s Deployment Architectures

Agenda. Understanding of Firewall s definition and Categorization. Understanding of Firewall s Deployment Architectures Firewall Agenda Unit 1 Understanding of Firewall s definition and Categorization Unit 2 Understanding of Firewall s Deployment Architectures Unit 3 Three Representative Firewall Deployment Examples in

More information

How To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1.

How To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1. Instreamer to Exstreamer connection Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection 1.11 Date: 06.03.2013 2013 Barix AG, all rights reserved. All information is subject

More information

Implementing the Application Control Engine Service Module

Implementing the Application Control Engine Service Module Course: Implementing the Application Control Engine Service Module Duration: 4 Day Hands-On Lab & Lecture Course Price: $ 2,995.00 Learning Credits: 30 Hitachi HiPass: 4 Description: Implementing the Application

More information

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY One of the largest concerns of organisations is how to implement and introduce advanced security mechanisms to protect

More information

The flow back tracing and DDoS defense mechanism of the TWAREN defender cloud

The flow back tracing and DDoS defense mechanism of the TWAREN defender cloud Proceedings of the APAN Network Research Workshop 2013 The flow back tracing and DDoS defense mechanism of the TWAREN defender cloud Ming-Chang Liang 1, *, Meng-Jang Lin 2, Li-Chi Ku 3, Tsung-Han Lu 4,

More information

Product Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity

Product Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity NIP IDS Product Overview The Network Intelligent Police (NIP) Intrusion Detection System (IDS) is a new generation of session-based intelligent network IDS developed by Huaweisymantec. Deployed in key

More information

Cisco IOS Flexible NetFlow Technology

Cisco IOS Flexible NetFlow Technology Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application

More information

Security Advisory. Some IPS systems can be easily fingerprinted using simple techniques.

Security Advisory. Some IPS systems can be easily fingerprinted using simple techniques. Some IPS systems can be easily fingered using simple techniques. The unintentional disclosure of which security devices are deployed within your defences could put your network at significant risk. Security

More information

Analysis and Simulation of VoIP LAN vs. WAN WLAN vs. WWAN

Analysis and Simulation of VoIP LAN vs. WAN WLAN vs. WWAN ENSC 427 Communication Networks Final Project Report Spring 2014 Analysis and Simulation of VoIP Team #: 2 Kadkhodayan Anita (akadkhod@sfu.ca, 301129632) Majdi Yalda (ymajdi@sfu.ca, 301137361) Namvar Darya

More information

Strengths and Limitations of Nagios as a Network Monitoring Solution

Strengths and Limitations of Nagios as a Network Monitoring Solution Strengths and Limitations of Nagios as a Network Monitoring Solution By Sophon Mongkolluksamee http://inms.in.th 1 Agenda o Network monitoring software o About Nagios o Limitations of Nagios o Improve

More information

Cisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time

Cisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time Essential Curriculum Computer Networking II Cisco Discovery 3: Introducing Routing and Switching in the Enterprise 157.8 hours teaching time Chapter 1 Networking in the Enterprise-------------------------------------------------

More information

Core Solutions of Microsoft Lync Server 2013

Core Solutions of Microsoft Lync Server 2013 MS20336 Längd: 5 dagar Core Solutions of Microsoft Lync Server 2013 This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer a Microsoft Lync Server 2013

More information

DDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack

DDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack DDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack Sugih Jamin EECS Department University of Michigan jamin@eecs.umich.edu Internet Design Goals Key design goals of Internet protocols:

More information

Core Solutions of Microsoft Lync Server 2013

Core Solutions of Microsoft Lync Server 2013 Course 20336B: Core Solutions of Microsoft Lync Server 2013 Course Details Course Outline Module 1: Architecture and Design Approach for Microsoft Lync Server 2013 This module will help you to plan and

More information

MPLS provides multi-site solution

MPLS provides multi-site solution MPLS provides multi-site solution Executive Summary MPLS (Multi Protocol Label Switching) meets the need for a cost effective solution for voice and data connectivity across multiple sites. Spitfire s

More information

DDoS Protection Technology White Paper

DDoS Protection Technology White Paper DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of

More information

Home Networking Evaluating Internet Connection Choices for a Small Home PC Network

Home Networking Evaluating Internet Connection Choices for a Small Home PC Network Laboratory 2 Home Networking Evaluating Internet Connection Choices for a Small Home PC Network Objetive This lab teaches the basics of using OPNET IT Guru. OPNET IT Guru s user-friendly interface with

More information

Cisco Application Networking for BEA WebLogic

Cisco Application Networking for BEA WebLogic Cisco Application Networking for BEA WebLogic Faster Downloads and Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address

More information

Cisco IPS 4200 Series Sensors

Cisco IPS 4200 Series Sensors Cisco IPS 4200 Series Sensors In today s busy network environments, business continuity relies on effective network intrusion prevention to stop malicious attacks, worms, and application abuse before they

More information

Cisco Network Foundation Protection Overview

Cisco Network Foundation Protection Overview Cisco Network Foundation Protection Overview June 2005 1 Security is about the ability to control the risk incurred from an interconnected global network. Cisco NFP provides the tools, technologies, and

More information

What is VLAN Routing?

What is VLAN Routing? Application Note #38 February 2004 What is VLAN Routing? This Application Notes relates to the following Dell product(s): 6024 and 6024F 33xx Abstract Virtual LANs (VLANs) offer a method of dividing one

More information

A Layperson s Guide To DoS Attacks

A Layperson s Guide To DoS Attacks A Layperson s Guide To DoS Attacks A Rackspace Whitepaper A Layperson s Guide to DoS Attacks Cover Table of Contents 1. Introduction 2 2. Background on DoS and DDoS Attacks 3 3. Types of DoS Attacks 4

More information

OSPF Version 2 (RFC 2328) Describes Autonomous Systems (AS) topology. Propagated by flooding: Link State Advertisements (LSAs).

OSPF Version 2 (RFC 2328) Describes Autonomous Systems (AS) topology. Propagated by flooding: Link State Advertisements (LSAs). OSPF Version 2 (RFC 2328) Interior gateway protocol (IGP). Routers maintain link-state database. Describes Autonomous Systems (AS) topology. Propagated by flooding: Link State Advertisements (LSAs). Router

More information

Castelldefels Project: Simulating the Computer System that Gives Support to the Virtual Campus of the Open University of Catalonia

Castelldefels Project: Simulating the Computer System that Gives Support to the Virtual Campus of the Open University of Catalonia 22nd EUROPEAN CONFERENCE ON OPERATIONAL RESEARCH Prague, July 8 11, 2007 Castelldefels Project: Simulating the Computer System that Gives Support to the Virtual Campus of the Open University of Catalonia

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering

More information

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3. Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System

More information

Software Defined Networking to Improve Mobility Management Performance

Software Defined Networking to Improve Mobility Management Performance Department of Computer Science and the Electrical Engineering, The Netherlands Software Defined Networking to Improve Mobility Management Performance Morteza Karimzadeh, Anna Sperotto, and Aiko Pras m.karimzadeh@utwente.nl

More information

Open-Source Software Toolkit for Network Simulation and Modeling

Open-Source Software Toolkit for Network Simulation and Modeling Open-Source Software Toolkit for Network Simulation and Modeling Chengcheng Li School of Information Technology University of Cincinnati Cincinnati, OH 45221 Chengcheng.li@uc.edu Abstract This paper summarizes

More information

Course 20336: Core Solutions of Microsoft Lync Server 2013

Course 20336: Core Solutions of Microsoft Lync Server 2013 Course 20336: Core Solutions of Microsoft Lync Server 2013 Type:Course Audience(s):IT Professionals Technology:Microsoft Lync Server Level:300 This Revision:B Delivery method: Instructor-led (classroom)

More information

Technical Series. A Prolexic White Paper. Firewalls: Limitations When Applied to DDoS Protection

Technical Series. A Prolexic White Paper. Firewalls: Limitations When Applied to DDoS Protection A Prolexic White Paper Firewalls: Limitations When Applied to DDoS Protection Introduction Firewalls are often used to restrict certain protocols during normal network situations and when Distributed Denial

More information

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013 CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access

More information

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Introduction to Network Security

More information

Microsegmentation Using NSX Distributed Firewall: Getting Started

Microsegmentation Using NSX Distributed Firewall: Getting Started Microsegmentation Using NSX Distributed Firewall: VMware NSX for vsphere, release 6.0x REFERENCE PAPER Table of Contents Microsegmentation using NSX Distributed Firewall:...1 Introduction... 3 Use Case

More information

A STUDY OF THE BEHAVIOUR OF THE MOBILE AGENT IN THE NETWORK MANAGEMENT SYSTEMS

A STUDY OF THE BEHAVIOUR OF THE MOBILE AGENT IN THE NETWORK MANAGEMENT SYSTEMS A STUDY OF THE BEHAVIOUR OF THE MOBILE AGENT IN THE NETWORK MANAGEMENT SYSTEMS Tarag Fahad, Sufian Yousef & Caroline Strange School of Design and Communication Systems, Anglia Polytechnic University Victoria

More information

A Catechistic Method for Traffic Pattern Discovery in MANET

A Catechistic Method for Traffic Pattern Discovery in MANET A Catechistic Method for Traffic Pattern Discovery in MANET R. Saranya 1, R. Santhosh 2 1 PG Scholar, Computer Science and Engineering, Karpagam University, Coimbatore. 2 Assistant Professor, Computer

More information

EXPERIENCES PARALLELIZING A COMMERCIAL NETWORK SIMULATOR

EXPERIENCES PARALLELIZING A COMMERCIAL NETWORK SIMULATOR EXPERIENCES PARALLELIZING A COMMERCIAL NETWORK SIMULATOR Hao Wu Richard M. Fujimoto George Riley College Of Computing Georgia Institute of Technology Atlanta, GA 30332-0280 {wh, fujimoto, riley}@cc.gatech.edu

More information

UNMASKCONTENT: THE CASE STUDY

UNMASKCONTENT: THE CASE STUDY DIGITONTO LLC. UNMASKCONTENT: THE CASE STUDY The mystery UnmaskContent.com v1.0 Contents I. CASE 1: Malware Alert... 2 a. Scenario... 2 b. Data Collection... 2 c. Data Aggregation... 3 d. Data Enumeration...

More information

Lab 3: Evaluating Application Performance across a WAN

Lab 3: Evaluating Application Performance across a WAN Lab 3: Evaluating Application Performance across a WAN Objective In this lab, we have a small LAN with 20 users for a startup company named Deltasoft Technologies. We investigate the application performance

More information

SWOON: A Testbed for Secure Wireless Overlay Networks

SWOON: A Testbed for Secure Wireless Overlay Networks SWOON: A Testbed for Secure Wireless Overlay Networks Y. L. Huang, J. D. Tygar, H. Y. Lin, L. Y. Yeh, H. Y. Tsai, K. Sklower, S. P. Shieh, C. C. Wu, P. H. Lu, S. Y. Chien, Z. S. Lin, L. W. Hsu, C. W. Hsu,

More information

Performance Evaluation of VANETs with Multiple Car Crashes in Different Traffic Conditions

Performance Evaluation of VANETs with Multiple Car Crashes in Different Traffic Conditions Performance Evaluation of VANETs with Multiple Car Crashes in Different Traffic Conditions Georgios Charalampopoulos 1,2 and Tasos Dagiuklas 1 1. Dept. of Computer Science, Hellenic Open University, Greece,

More information

A Multi-Objective Optimisation Approach to IDS Sensor Placement

A Multi-Objective Optimisation Approach to IDS Sensor Placement A Multi-Objective Optimisation Approach to IDS Sensor Placement Hao Chen 1, John A. Clark 1, Juan E. Tapiador 1, Siraj A. Shaikh 2, Howard Chivers 2, and Philip Nobles 2 1 Department of Computer Science

More information

Cost effective and resiliant enterprise wide user notification methods.

Cost effective and resiliant enterprise wide user notification methods. Cost effective and resiliant enterprise wide user notification methods. NetSupport School Cost effective and resiliant enterprise wide user notification methods Introduction Enterprises, both corporate

More information

Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de

Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Microsoft Forefront TMG How to use TMG network templates Abstract In this article I will show

More information

Birdstep Intelligent Mobile IP Client v2.0, Universal Edition. Seamless secure mobility across all networks. Copyright 2002 Birdstep Technology ASA

Birdstep Intelligent Mobile IP Client v2.0, Universal Edition. Seamless secure mobility across all networks. Copyright 2002 Birdstep Technology ASA White Paper Birdstep Intelligent Mobile IP Client v2.0, Universal Edition Seamless secure mobility across all networks Copyright 2002 Birdstep Technology ASA Haakon VII's gate 5B, N-0161 Oslo, Norway Tel:

More information

Microsoft 20336 - Core Solutions of Microsoft Lync Server 2013

Microsoft 20336 - Core Solutions of Microsoft Lync Server 2013 1800 ULEARN (853 276) www.ddls.com.au Microsoft 20336 - Core Solutions of Microsoft Lync Server 2013 Length 5 days Price $4070.00 (inc GST) Version B Overview This instructor-led course teaches IT professionals

More information

Core Solutions of Microsoft Lync Server 2013

Core Solutions of Microsoft Lync Server 2013 About this Course Core Solutions of Microsoft Lync This instructor-led course teaches IT professionals how to plan, design, deploy, configure, and administer a Microsoft Lync solution. The course emphasizes

More information

Monitoring WAAS Using Cisco Network Analysis Module. Information About NAM CHAPTER

Monitoring WAAS Using Cisco Network Analysis Module. Information About NAM CHAPTER CHAPTER 5 Monitoring WAAS Using Cisco Network Analysis Module This chapter describes Cisco Network Analysis Module (NAM), which you can use to monitor your WAAS devices. This chapter contains the following

More information

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above CCNA1 V3.0 Mod 10 (Ch 8) 1. How many bits are in an IP C. 64 2. What is the maximum value of each octet in an IP A. 28 55 C. 256 3. The network number plays what part in an IP A. It specifies the network

More information