Network Resilience. From Concepts to Experimentation. FIRE Research Workshop - May 16 th 2011
|
|
- Briana Teresa Blankenship
- 8 years ago
- Views:
Transcription
1 Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Resilience From Concepts to Experimentation FIRE Research Workshop - May 16 th 2011 Georg Carle, TU München work in collaboration with the ResumeNet Consortium Credits: Ali Fessi (TUM) Yue Yu and Michael Fry (USyd) Matthew Broadbent, Alberto Schaeffer-Filho, Paul Smith and David Hutchison (ULANC) Mathias Fischer and Merkouris Karaliopoulos (ETHZ)
2 Motivation The Internet has become a critical infrastructure But was not designed to be one! Needed: a new approach towards a resilient Internet 2
3 DNS SIP AAA Voice user database SIP Complex and vulnerable infrastructure 3
4 Internet Structure Analysis 4
5 Internet Structure Data struktures from BGP updates Anomaly detection Example: earthquake in Japan, March
6 Motivation Challenges in the current Internet Topology Failures Cable cut, router crash, routing misbehaviour, Overload Network congestions, DoS attacks, Lack of integrity DNS poisoning, PKI poisoning, Software faults Development faults, e.g., buffer overflow in router implementation Configuration faults, e.g., misconfigured firewall Domino Effects Failures may propagate due to dependencies, e.g., DNS failure 6
7 ResumeNet: From Concepts to Experimentation Framework Challenge modeling ResilienceMetrics Control loops Resilience policies Multi-level resilience Mechanisms and algorithms Network resilience (redundancy, diversity in routing, transport, incentives for collaboration, challenge detection) Service resilience (overlays/p2p, virtualization, challenge detection, machine learning) Validation by Experimentation Resilient Service provision (Web, VoIP) using virtualization Wireless Mesh Networks (WMN) Opportunistic Networks Smart Environments 7
8 Control Loops Inner Control Loop (D 2 R 2 ) Real-time Control Loop Defend, Detect, Remediate, Recover Defend Diagnose Detect Outer control loop (DR) Diagnose, Refine long-term, slow reaction humans in the loop : re-design, policy change Recover Refine Remediate 8
9 Control Loop Implementation View Idealised system operation + + Off line Loop: DR Refine (Human) Defence Mechanisms Design & Policies Real time Loop: D 2 R 2 Challenges Resilience Target Resilience Estimator Resilience Manager Network & Services Resilience Mechanisms Service provided to users Resilience Knowledge Challenge Analysis Diagnose 9
10 Multi-stage Challenge Analysis Approach Incremental on-demand challenge analysis and remediation Challenge analysis strategy tailored to the: Deployment context Mechanism capabilities (Type of) challenge Use policies to define detection (and remediation) strategies Enables reusability and adaptation of approaches at run-time Less complete & Lightweight inform Challenge Analysis inform More complete & Heavier weight Coarse grain Remediation Challenge specific Time 10
11 Mechanisms Link Monitor IDS Classifier Less complete & Lightweight inform Challenge Analysis inform More complete & Heavier weight Coarse grain Remediation Challenge specific Limit (Link) Limit (Dest) Limit (Flow) Time 11
12 High Traffic Volume Challenge Detection and Remediation LocalManage LinkMonitor IDS RateLimiter Classifier FlowExporter r 12 setthreshold(t) load(link) start(link) limit(link) detect(dest) start(dest) limit(dest) classify(flow) classification(label, flow) limit(flow)
13 Policy-driven Resilience Simulator Policies Ponder2 Event on <event> if <condition> do <action> in/router N RPC obj in/router E RemediationInterface Managed objects (XMLRPC adaptors) RPC obj OMNeT++ Network Simulator RemediationInterface Adaptive actions 13
14 Experiments 1. Attack starts 2. The LinkMonitor detects threshold breach RateLimiter rate limits affected link (50%) 3. The IntrusionDetection identifies target IP address RateLimiter configured to limit to target (70%) and FlowExporter started 4. The Classifier identifies malicious flows RateLimiter blocks malicious flows 5. Final malicious flow classified and blocked 14
15 From Concepts to Experimentation Framework Challenge modeling ResilienceMetrics Control loops Resilience policies Multi-level resilience Mechanisms and algorithms Network resilience (redundancy, diversity in routing, transport, incentives for collaboration, challenge detection) Service resilience (overlays/p2p, virtualization, challenge detection, machine learning) Validation by Experimentation Resilient Service provision (Web, VoIP) using virtualization Wireless Mesh Networks (WMN) Opportunistic Networks Smart Environments 15
16 Supervised P2P Networks for Resilient Services Supervisor provides verifiable identities (e.g., X.509 certificates) At the overlay layer: Node ID At the application layer: SIP address Supervisor, not a Single-Point-of-Failure 16
17 Cooperative SIP (CoSIP) Registration Session setup REGISTER SIP SIP SIP INVITE A A INVITE B STORE GET P2P P2P STORE(hash(alice@example.com), IP:port) GET(hash(alice@example.com) ) 17
18 CoSIP Modeling of Peer Churn Pr [ peer is online until t ] Traces Power-Law Model Weibull Model Lifetime t R Skype supernode ( t) = Pr[ peer is online until t] = e t λ α ; α = 0.52; λ = 8.84; 18
19 CoSIP Modeling of Peer Churn R ( t) = 1 (1 R ( t)) replica peer k Goal Infrastructure failures can be successfully handled with probability
20 From Concepts to Experimentation Framework Challenge modeling ResilienceMetrics Control loops Resilience policies Multi-level resilience Mechanisms and algorithms Network resilience (redundancy, diversity in routing, transport, incentives for collaboration, challenge detection) Service resilience (overlays/p2p, virtualization, challenge detection, machine learning) Validation by Experimentation Resilient Service provision (Web, VoIP) using virtualization Wireless Mesh Networks (WMN) Opportunistic Networks Smart Environments 20
21 Resilient Service Provision with Virtualization Use Virtualization as a generic service Virtual machine live migration Typically within the same LAN Wide-area live migration Virtual machine acquires a new IP address Need to keep connectivity between VM and clients 21
22 VM Wide-Area Live Migration with Indirection Point Wide area live migration with IP address change Keep connectivity using an indirection point vm.uni-tuebingen.de Migration vm.tu-muenchen.de proxy.uni-tuebingen.de proxy.tum.de Client 22
23 VM Wide-Area Live Migration with E2E Notification Wide area live migration with IP address change Keep connectivity using end-to-end notification 23
24 Wide-Area VM Migration with E2E Notification SIP use case, message flow 24
25 Putting Everything Together Case Study: VoIP provider Defence: SIP server hosted in VM VM images distributed in the network Location of SIP UAs stored at server + P2P Verifiable peer Identities Challenges Software or hardware failure Misconfiguration Network failure Detection Client-side: UAs cannot reach server Infrastructure-side: Monitoring probes Distributed challenge detection Event correlation REGISTER A STORE P2P SIP VM STORE(hash(alice@example.com), IP:port) 25
26 Resumenet Integrated Use Case Remediation Session setup Client-side: UAs use P2P network to establish sessions SIP SIP INVITE Infrastructure-side: use VM to Migrate or A INVITE B Start new VM image with a SIP server running GET P2P Recovery Notification about new server location DNS updates Back to normal operation GET(hash(alice@example.com) ) 26
27 Conclusions The Internet has become a critical infrastructure A systematic approach is required for Network Resilience Service Resilience We developed a Resilience framework To build resilient network and services by design Challenge modelling, resilience metrics, policies Different mechanisms can be integrated into the resilience framework Overlay/P2P networks, Virtualization,... Validation by experimentation on different testbed platforms VM live migration between different sites in PlanetLab and G-Lab 27
28 Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Thank you! Questions?
Network Resilience & DDoS attacks
Network Resilience & DDoS attacks Paul Smith School of Computing and Communications Lancaster University p.smith@comp.lancs.ac.uk The ResiliNets Group @ Lancaster http://www.comp.lancs.ac.uk/resilience
More informationIU-ATC Network Security and Resilience Monitoring (Theme 4)
IU-ATC Network Security and Resilience Monitoring (Theme 4) Policy-driven Resilience Simulator Alberto Schaeffer-Filho, Paul Smith and Andreas Mauthe Lancaster University India-UK Centre of Excellence
More informationNetwork virtualization in AutoI
Network virtualization in AutoI and ResumeNet Future Internet Cluster meeting March, Sophia Antipolis Andreas Fischer, Andreas Berl, Alex Galis, Hermann de Meer Network Virtualization Network virtualization
More informationpacket retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.
Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System
More informationTechnological Trend. A Framework for Highly-Available Cascaded Real-Time Internet Services. Service Composition. Service Composition
A Framework for Highly-Available Cascaded Real-Time Internet Services Bhaskaran Raman Qualifying Examination Proposal Feb 12, 2001 Examination Committee: Prof. Anthony D. Joseph (Chair) Prof. Randy H.
More informationResilience in Networks: Elements and Approach for a Trustworthy Infrastructure. Andreas Fischer and Hermann de Meer
Resilience in Networks: Elements and Approach for a Trustworthy Infrastructure Andreas Fischer and Hermann de Meer The ResumeNet project Resilience & Survivability for future networking framework, mechanisms
More informationWhitepaper. A Practical Guide to ISP Redundancy and Uninterrupted Internet Connectivity
Whitepaper A Practical Guide to ISP Redundancy and Uninterrupted Internet Connectivity Table of Content Executive Overview 1 The Challenge 1 The Solution: Multi-Link Technology 3 Making Your VPNs Reliable
More informationService Level AgreementMonitoring for Resilience in Computer Networks
Service Level AgreementMonitoring for Resilience in Computer Networks Noor-ul-hassan Shirazi, Alberto Schaeffer-Filho and David Hutchison School of Computing and Communications InfoLab21, Lancaster University
More informationNOS for Network Support (903)
NOS for Network Support (903) November 2014 V1.1 NOS Reference ESKITP903301 ESKITP903401 ESKITP903501 ESKITP903601 NOS Title Assist with Installation, Implementation and Handover of Network Infrastructure
More informationContents. Foreword. Acknowledgments
Foreword Preface Acknowledgments xv xvii xviii CHAPTER 1 Introduction 1 1.1 What Is Mission Critical? 1 1.2 Purpose of the Book 2 1.3 Network Continuity Versus Disaster Recovery 2 1.4 The Case for Mission-Critical
More informationDisaster-Resilient Backbone and Access Networks
The Workshop on Establishing Resilient Life-Space in the Cyber-Physical Integrated Society, March. 17, 2015, Sendai, Japan Disaster-Resilient Backbone and Access Networks Shigeki Yamada (shigeki@nii.ac.jp)
More informationbased on Network Architectures and Services NET 2011-01-1 Ali Fessi
Network Architectures and Services NET 2011-01-1 Dissertation Resilient Application Layer Signaling based on Supervised Peer-to-Peer (P2P) Networks Ali Fessi Network Architectures and Services Department
More informationA Topology-Aware Relay Lookup Scheme for P2P VoIP System
Int. J. Communications, Network and System Sciences, 2010, 3, 119-125 doi:10.4236/ijcns.2010.32018 Published Online February 2010 (http://www.scirp.org/journal/ijcns/). A Topology-Aware Relay Lookup Scheme
More informationbcp for a large scale carrier level VoIP system
bcp for a large scale carrier level VoIP system using p2psip draft zhang p2psip bcp 04 Yunfei.Zhang Gang.Li Jin.Peng Baohong.He Shihui.Duan Wei.Zhu {zhangyunfei,ligangyf,pengjin}@chinamobile.com {hebaohong,duanshihui,zhuwei}@catr.cn
More informationVirtual Privacy vs. Real Security
Virtual Privacy vs. Real Security Certes Networks at a glance Leader in Multi-Layer Encryption Offices throughout North America, Asia and Europe Growing installed based with customers in 37 countries Developing
More informationVoIP Fraud and Misuse
DFN Tagung 15.10.2013 VoIP Fraud and Misuse Detection and Mitigation Prof. Dr.-Ing. Erwin P. Rathgeb Dirk Hoffstadt, M.Sc. Networking Technology Group Institute for Experimental Mathematics & Institute
More informationDisaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs
Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs As a head of the campus network department in the Deanship of Information Technology at King Abdulaziz University for more
More informationCHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs
CHAPTER 6 VOICE COMMUNICATION OVER HYBRID MANETs Multimedia real-time session services such as voice and videoconferencing with Quality of Service support is challenging task on Mobile Ad hoc Network (MANETs).
More informationLoad Balancing for Microsoft Office Communication Server 2007 Release 2
Load Balancing for Microsoft Office Communication Server 2007 Release 2 A Dell and F5 Networks Technical White Paper End-to-End Solutions Team Dell Product Group Enterprise Dell/F5 Partner Team F5 Networks
More informationG-Lab: A Future Generation Internet Research Platform
Institute of Computer Science Department of Distributed Systems Prof. G-Lab: A Future Generation Internet Research Platform www3.informatik.uni-wuerzburg.de Institute of Computer Science University of
More informationState of Texas. TEX-AN Next Generation. NNI Plan
State of Texas TEX-AN Next Generation NNI Plan Table of Contents 1. INTRODUCTION... 1 1.1. Purpose... 1 2. NNI APPROACH... 2 2.1. Proposed Interconnection Capacity... 2 2.2. Collocation Equipment Requirements...
More informationVerizon Columbia Research on VoIP Security A Model Academia/Industry Collaboration. Gaston Ormazabal. Verizon Laboratories.
Verizon 2009 All Rights Reserved. 1 Verizon Columbia Research on VoIP Security A Model Academia/Industry Collaboration Gaston Ormazabal Verizon Laboratories May 13, 2009 June 16, 2009 Verizon 2009 All
More informationSoftware Defined Networking What is it, how does it work, and what is it good for?
Software Defined Networking What is it, how does it work, and what is it good for? slides stolen from Jennifer Rexford, Nick McKeown, Michael Schapira, Scott Shenker, Teemu Koponen, Yotam Harchol and David
More informationTesting Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES
Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 SDN - An Overview... 2 SDN: Solution Layers and its Key Requirements to be validated...
More informationNetwork Virtualization: A Tutorial
Network Virtualization: A Tutorial George N. Rouskas Department of Computer Science North Carolina State University http://rouskas.csc.ncsu.edu/ Network Virtualization: A Tutorial OFC 2012, March 2012
More informationInjazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
More informationNetwork-Wide Class of Service (CoS) Management with Route Analytics. Integrated Traffic and Routing Visibility for Effective CoS Delivery
Network-Wide Class of Service (CoS) Management with Route Analytics Integrated Traffic and Routing Visibility for Effective CoS Delivery E x e c u t i v e S u m m a r y Enterprise IT and service providers
More informationA P2P SIP Architecture - Two Layer Approach - draft-sipping-shim-p2p-arch-00.txt
A SIP Architecture - Two Layer Approach - draft-sipping-shim-p2p-arch-00.txt IETF65, Dallas March 25, 2006 Eunsoo Shim Sathya Narayanan Greg Daley Panasonic Digital Networking Laboratory Two Layer Approach
More informationIP Telephony Management
IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient
More informationDefinition. A Historical Example
Overlay Networks This lecture contains slides created by Ion Stoica (UC Berkeley). Slides used with permission from author. All rights remain with author. Definition Network defines addressing, routing,
More informationCloud Resilient Architecture (CRA) -Design and Analysis. Hamid Alipour Salim Hariri Youssif-Al-Nashif
Cloud Resilient Architecture (CRA) -Design and Analysis Glynis Dsouza Hamid Alipour Salim Hariri Youssif-Al-Nashif NSF Center for Autonomic Computing University of Arizona Mohamed Eltoweissy Pacific National
More informationJive Core: Platform, Infrastructure, and Installation
Jive Core: Platform, Infrastructure, and Installation Jive Communications, Inc. 888-850-3009 www.getjive.com 1 Overview Jive hosted services are run on Jive Core, a proprietary, cloud-based platform. Jive
More informationAdvancement in Virtualization Based Intrusion Detection System in Cloud Environment
Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Jaimin K. Khatri IT Systems and Network Security GTU PG School, Ahmedabad, Gujarat, India Mr. Girish Khilari Senior Consultant,
More informationSIP and VoIP 1 / 44. SIP and VoIP
What is SIP? What s a Control Channel? History of Signaling Channels Signaling and VoIP Complexity Basic SIP Architecture Simple SIP Calling Alice Calls Bob Firewalls and NATs SIP URIs Multiple Proxies
More informationSIP, Security and Session Border Controllers
SIP, Security and Session Border Controllers SIP, Security and Session Border Controllers Executive Summary Rolling out a public SIP service brings with it several security issues. Both users and Service
More informationName. Description. Rationale
Complliiance Componentt Description DEEFFI INITION Network-Based Intrusion Detection Systems (NIDS) Network-Based Intrusion Detection Systems (NIDS) detect attacks by capturing and analyzing network traffic.
More informationMCSE SYLLABUS. Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003:
MCSE SYLLABUS Course Contents : Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003: Managing Users, Computers and Groups. Configure access to shared folders. Managing and Maintaining
More informationPLUMgrid Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure
Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure Introduction The concept of Virtual Networking Infrastructure (VNI) is disrupting the networking space and is enabling
More informationVoice over IP Networks: Ensuring quality through proactive link management
White Paper Voice over IP Networks: Ensuring quality through proactive link management Build Smarter Networks Table of Contents 1. Executive summary... 3 2. Overview of the problem... 3 3. Connectivity
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationNetwork Assessment Services
Network ment Services Information networks are arguably your most important IT assets, their speed and reliability are the foundations upon which your critical business systems and applications run. Ensuring
More informationWAN Traffic Management with PowerLink Pro100
Whitepaper WAN Traffic Management with PowerLink Pro100 Overview In today s Internet marketplace, optimizing online presence is crucial for business success. Wan/ISP link failover and traffic management
More informationMobile P2PSIP. Peer-to-Peer SIP Communication in Mobile Communities
Mobile P2PSIP -to- SIP Communication in Mobile Communities Marcin Matuszewski, Esko Kokkonen Nokia Research Center Helsinki, Finland marcin.matuszewski@nokia.com, esko.kokkonen@nokia.com Abstract This
More informationRam Dantu. VOIP: Are We Secured?
Ram Dantu Professor, Computer Science and Engineering Director, Center for Information and Computer Security University of North Texas rdantu@unt.edu www.cse.unt.edu/~rdantu VOIP: Are We Secured? 04/09/2012
More informationIS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationAppendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD)
Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD) Enterprise Cloud Resource Pool Services Features Sungard AS will provide the following in connection
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationAlcatel-Lucent Services
SOLUTION DESCRIPTION Alcatel-Lucent Services Security Introduction Security is a sophisticated business and technical challenge, and it plays an important role in the success of any network, service or
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationThreat Mitigation for VoIP
Threat Mitigation for VoIP Bogdan Materna, VP Engineering and CTO VoIPshield Systems Third Annual VoIP Security Workshop June 2, 2006 Overview Basics VoIP Security Impact Examples of real vulnerabilities
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationTesting Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES
Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 Network Virtualization Overview... 1 Network Virtualization Key Requirements to be validated...
More informationSEC-370. 2001, Cisco Systems, Inc. All rights reserved.
SEC-370 2001, Cisco Systems, Inc. All rights reserved. 1 Understanding MPLS/VPN Security Issues SEC-370 Michael Behringer SEC-370 2003, Cisco Systems, Inc. All rights reserved. 3
More informationStudying Black Holes on the Internet with Hubble
Studying Black Holes on the Internet with Hubble Ethan Katz-Bassett, Harsha V. Madhyastha, John P. John, Arvind Krishnamurthy, David Wetherall, Thomas Anderson University of Washington August 2008 This
More informationFireMon Security Manager Fact Sheet
FireMon Security Manager Fact Sheet Table of Contents Introduction to FireMon Security Manager... 2 Architecture... 3 Change Management... 4 Policy Cleanup & Optimization... 5 Business Continuity Policy
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationVoIP. Wireless, P2P and New Enterprise Voice over IP
Brochure More information from http://www.researchandmarkets.com/reports/2252023/ VoIP. Wireless, P2P and New Enterprise Voice over IP Description: Voice over Internet Protocol (VoIP) is revolutionizing
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More informationSTANDPOINT FOR QUALITY-OF-SERVICE MEASUREMENT
STANDPOINT FOR QUALITY-OF-SERVICE MEASUREMENT 1. TIMING ACCURACY The accurate multi-point measurements require accurate synchronization of clocks of the measurement devices. If for example time stamps
More informationRelease: 1. ICANWK607A Design and implement wireless network security
Release: 1 ICANWK607A Design and implement wireless network security ICANWK607A Design and implement wireless network security Modification History Release Release 1 Comments This Unit first released with
More informationA Lightweight Countermeasure to Cope with Flooding Attacks Against Session Initiation Protocol
A Lightweight Countermeasure to Cope with Flooding Attacks Against Session Initiation Protocol Intesab Hussain, Soufiene Djahel, Dimitris Geneiatakis ±, and Farid Naït-Abdesselam LIPADE, University of
More informationAn Integrated CyberSecurity Approach for HEP Grids. Workshop Report. http://hpcrd.lbl.gov/hepcybersecurity/
An Integrated CyberSecurity Approach for HEP Grids Workshop Report http://hpcrd.lbl.gov/hepcybersecurity/ 1. Introduction The CMS and ATLAS experiments at the Large Hadron Collider (LHC) being built at
More informationResource Management and Containment for Active Services
Resource Management and Containment for Active Services M. Ranganathan, Doug Montgomery, Kevin Mills Advanced Networking Technologies Division National Inst. Of Standards and Technology Gaithersburg, MD
More informationVoice Over IP (VoIP) Denial of Service (DoS)
Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based
More informationBest Practices in Network and System Administration
Best Practices in Network and System Administration Dónal Cunningham donal@sage-ie.org http://www.sage-ie.org Outline Some notes on Infrastructure 10 rules to live by Network Administration System Administration
More informationCisco Virtual Office Unified Contact Center Architecture
Guide Cisco Virtual Office Unified Contact Center Architecture Contents Scope of Document... 1 Introduction... 1 Platforms and Images... 2 Deployment Options for Cisco Unified Contact Center with Cisco
More informationBasic & Advanced Administration for Citrix NetScaler 9.2
Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios
More informationIntelligent. Data Sheet
Cisco IPS Software Product Overview Cisco IPS Software is the industry s leading network-based intrusion prevention software. It provides intelligent, precise, and flexible protection for your business
More informationRisk and Security Assessment. Zbigniew Kalbarczyk
Risk and Security Assessment Zbigniew Kalbarczyk 1 TCIPG Cluster Arrangement Communication and Data Delivery for Wide-Area Monitoring and Control Trustworthy cyber infrastructure and technologies for wide-area
More informationCloud Communications for the Enterprise. www.smoothstone.com
Cloud Communications for the Enterprise Agenda General Environment Overview Common Industry Trends Why The Cloud Approach Smoothstone Overview Platform/Technology Overview UCaaS Applications DRS Solutions
More informationP2P and IMS Cooperation / Integration
P2P and IMS Cooperation / Integration Jens Fiedler Fraunhofer FOKUS Group for Next Generation Network Infrastructures 1 P2P vs. IMS Isn t P2P and IMS like Fire and Water? No, more like Fish and Chips.
More informationManaging and Maintaining Windows Server 2008 Servers
Managing and Maintaining Windows Server 2008 Servers Course Number: 6430A Length: 5 Day(s) Certification Exam There are no exams associated with this course. Course Overview This five day instructor led
More informationHands-on Hacking Unlimited
About Zone-H Attacks techniques (%) File Inclusion Shares misconfiguration SQL Injection DNS attack through social engineering Web Server external module intrusion Attack against the administrator/user
More informationSecurity. Security consulting and Integration: Definition and Deliverables. Introduction
Security Security Introduction Businesses today need to defend themselves against an evolving set of threats, from malicious software to other vulnerabilities introduced by newly converged voice and data
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationHow To Secure Cloud Computing
Resilient Cloud Services By Hemayamini Kurra, Glynis Dsouza, Youssif Al Nasshif, Salim Hariri University of Arizona First Franco-American Workshop on Cybersecurity 18 th October, 2013 Presentation Outline
More informationEmbedded BGP Routing Monitoring. Th. Lévy O. Marcé
Embedded BGP Routing Monitoring Th. Lévy O. Marcé Introduction & Motivations Off-line BGP routing monitoring initiatives (i.e based on router logs) already exist: Periodic report : The CIDR Report Objective
More informationValidating the System Behavior of Large-Scale Networked Computers
Validating the System Behavior of Large-Scale Networked Computers Chen-Nee Chuah Robust & Ubiquitous Networking (RUBINET) Lab http://www.ece.ucdavis.edu/rubinet Electrical & Computer Engineering University
More informationQoS Bandwidth Management
QoS Bandwidth Management AI0135 QoS Bandwidth Management Introduction As Voice over IP (VoIP) emerges as the future of voice communications, questions remain about its quality and security. Put simply,
More informationNetwork Management and Monitoring Software
Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the
More informationThe Future of Network Marketing Research
ONELAB and experimentally driven research. Leandros Tassiulas http://www.inf.uth.gr/~leandros University of Thessaly Volos, Greece Outline Onelab: facilitating experimentally driven research in Europe
More informationCourse Syllabus. About the course. Audience. At Course Completion. Microsoft Lync 2013 Depth Support Engineer. Certification Exams: 74-338
Course Syllabus Course Title: Microsoft Lync 2013 Depth Support Engineer Format: Instructor-Led Certification Exams: 74-338 This course syllabus should be used to determine whether the course is appropriate
More informationNetwork Management Deployment Guide
Smart Business Architecture Borderless Networks for Midsized organizations Network Management Deployment Guide Revision: H1CY10 Cisco Smart Business Architecture Borderless Networks for Midsized organizations
More informationWhitepaper. 10 Metrics to Monitor in the LTE Network. www.sevone.com blog.sevone.com info@sevone.com
10 Metrics to Monitor in the LTE Network The deployment of LTE increases dependency on the underlying network, which must be closely monitored in order to avert serviceimpacting events. In addition, the
More informationWide-Area Virtual Machine Migration as Resilience Mechanism
Wide-Area Virtual Machine Migration as Resilience Mechanism Andreas Fischer, Ali Fessi, Georg Carle and Hermann de Meer University of Passau Email: {andreas.fischer,demeer}@uni-passau.de Technische Universität
More informationEarthLink Business SIP Trunking. NEC SV8300 IP PBX Customer Configuration Guide
EarthLink Business SIP Trunking NEC SV8300 IP PBX Customer Configuration Guide Publication History First Release: Version 1.0 May 18, 2012 CHANGE HISTORY Version Date Change Details Changed By 1.0 5/18/2012
More informationCHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS
137 CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 8.1 CONCLUSION In this thesis, efficient schemes have been designed and analyzed to control congestion and distribute the load in the routing process of
More informationA Network Design Primer
Network Design Recommendations Recommendations for s to take into account when doing network design to help create a more easily defendable and manageable network K-20 Network Engineering 6/30/15 Network
More informationThe Alteon Application Switch Overview
Alteon Virtual Control Service for Applications in a VMware Environment Alteon Application Switch enhances application control in networked VMware ESX server infrastructures Solution Brief Virtual Data
More informationColumbia - Verizon Research Securing SIP: Scalable Mechanisms For Protecting SIP-Based Systems
Columbia - Verizon Research Securing SIP: Scalable Mechanisms For Protecting SIP-Based Systems Henning Schulzrinne Eilon Yardeni Somdutt Patnaik Columbia University CS Department Gaston Ormazabal Verizon
More informationGradwell VoIP Migration Issues Report
Gradwell VoIP Migration Issues Report For Gradwell Customer and Partners With Compliments June 2013, V.1.0 Draft VoIP Migration Issues Report Table of Contents 1. PURPOSE OF DOCUMENT...3 2. HIGH LEVEL
More informationAshok Kumar Gonela MTech Department of CSE Miracle Educational Group Of Institutions Bhogapuram.
Protection of Vulnerable Virtual machines from being compromised as zombies during DDoS attacks using a multi-phase distributed vulnerability detection & counter-attack framework Ashok Kumar Gonela MTech
More informationDoS: Attack and Defense
DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches
More informationHow To Use Mindarray For Business
Minder Network Performance Monitoring Monitor everything about your Network performance Discover, visualize and monitor your complete IT Infrastructure in less than an hour. Mindarray s Minder is a powerful
More informationPocket E-Guide. Sponsored By:
Pocket E-Guide Top disaster recovery tips for protecting your VoIP systems For today's enterprise, (VoIP) offers immense business benefits, including unified, voice-enabled applications and significant
More informationHow To Understand The Power Of The Internet
DATA COMMUNICATOIN NETWORKING Instructor: Ouldooz Baghban Karimi Course Book: Computer Networking, A Top-Down Approach, Kurose, Ross Slides: - Course book Slides - Slides from Princeton University COS461
More informationIntrusion Log Sharing University of Wisconsin-Madison
Intrusion Log Sharing University of Wisconsin-Madison John Bethencourt (bethenco@cs.wisc.edu) Jason Franklin (jfrankli@cs.wisc.edu) Mary Vernon (vernon@cs.wisc.edu) 1 Talk Outline Background: Blacklists,
More information