Vulnerability Testing of HTTP based on Vulnerability-testing Oriented Petri Net (VOPN)
|
|
- Cornelius Bridges
- 8 years ago
- Views:
Transcription
1 Vulnerability Testing of HTTP based on Vulnerability-testing Oriented Petri Net () Li Weihai 1,2, Ma Yan 1,2, Huang Xiaohong 1 1 Research Institute of Networking Technology, Beijing Key Laboratory of Intelligent Telecommunications Software and Multimedia, Beijing, P.R.China 2 School of Electronic Engineering, Beijing University of Posts and Telecommunications, Beijing, P.R.China Abstract: Vulnerability-testing Oriented Petri Net (), a vulnerability testing model for communication protocol is brought forward first, which is combined Petri Net system with protocol Syntax analysis. Then vulnerability testing of implementation of HTTP protocol based on is made and the process is analyzed to prove the feasibility of the model. Key words: vulnerability testing; testing model; HTTP; Petri net I. introduction In computer network and protocol engineering, protocol testing has become the most active research field. Robustness testing and Interoperability testing are the important part of the protocol testing. And Robustness testing consists of performance testing and security testing[1]. The vulnerability testing, which is also an important kind of Robustness testing is made to find the weakness in a protocol implementation that allows an attacker to violate the integrity of the system in the internet. Collecting of vulnerability of a protocol implementation is very important, but unfortunately in vulnerability testing, the disclosure and fixing of vulnerabilities are expensive and inconvenient[2]. This paper introduces a systematic approach of vulnerability testing, brings up a model which combines Petri net and syntax analysis in vulnerability analysis. Then vulnerability testing of implementation of HTTP (Hyper Text Transfer Protocol) is made and the process is introduced in detail. II. Syntax Testing and its Extension Syntax testing is a kind of method for finding possible weakness in protocol implementation. In syntax testing, the test-cases, i.e. the to the software, are created based on the specifications of protocols realized by the interfaces of software[3]. Interfaces have many formats: command-line prompts, files, environment variables, pipes, sockets, etc. An interface has a specification which defines what is legal to the interface and what is not. The meaning of specification may be hidden
2 Broadband Network 宽 带 网 络 or open. The motivation for testing based on the syntax analysis of this interface definition language springs from the fact that each interface has a specification, whether its meaning was hidden or open, from which effective vulnerability test cases can be created with a relatively small effort[3]. To find weakness in protocol implementation, fault injection is the main method to execute test in syntax testing. The selection of test cases could be single-error sentences, also could be proceed to pairs of errors, three errors combination, and so on. There are at least five kinds of error that can be produced in syntax analysis, which are Syntax error, Delimiter error, Field-value errors, Contextdependent errors, State dependency error[3]. Although having the advantages of low cost and high reliability, syntax testing has these shortcomings: a) Only the error in the implementation level can be detected by syntax testing. b) Not all of the part of the software can be detected, for there is no limit for errors. And because syntax testing focuses on protocol specifications analysis, it has the shortcoming in protocol analysis, especially in the state transition analysis. On the other hand, as a good protocol analysis tool, there are many new kinds of Petri net and it plays a more and more important role in protocol vulnerability analysis. The paper[4] brought an advanced Petri net for protocol conformance testing. But due to many differences between conformance testing and vulnerability testing, such as different perspectives, having or not having redundant element, this advanced Petri Net and many other similar kinds of Petri Net can t be directly used in vulnerability testing. To take advantage of Petri net in protocol state analysis, a new extended syntax testing method called (Vulnerability-testing Oriented Petri Net), which combined Petri net and syntax testing is brought forward here. It can compensate for lacking of protocol analysis in the former syntax testing method. III. MODEL OF EXTENDED SYNTAX ANALYSIS 3.1 Method flow The flow of the consists of three steps: Modeling, Analysis, and Fault injection (test cases running), which is explained in Figure 1. Modeling means to construct an extended Petri net model based on the text description of protocol to be tested. After this step, a of protocol was constructed; Analysis means to analyze the Petri net and design test cases from it; Fault Injection means to put data or message in test cases into the system under test (SUT), and to create the test report. Protocol Description Model Test cases Test Report Documents Fig.1 Flow of the Constructing Analysis Fault Injection(Test cases running) Steps 3.2 constructing In the stage of Constructing, e.g. Protocol Modeling, an extended Petri net was constructed according to the text protocol description. The was defined below The static structure of. Definition 1: The extended Petri net for vulnerability testing has eight members. P S =(P, T; F, A, X, C, t, M 0 ). 1) (P, T; F)is essential Petri net. P is place. T is transition. F is flow. 2) A is a non-empty limited set of resource. Resource can be variable, const or timer; 3) X is a limited set of fault, consisting of all possible types of fault, it must cling to A, and the element relation between A and X is one on multiple. When one resource a in A was
3 injected into SUT, it may have many corresponding x in X, which was denoted as a(x). 4)C is resource function, C:P U T P(A), P(A) is power set of resource set A. 5) Transition set T = T s U T r U T t, and T s T r T t =, T s is sending transition, denote sending operation, T t is receiving transition, denote receiving operation transition, and T t is timeout transition. 6) t is timeout function, t: T t 0 U N +, N + denote positive rational number. 7) M 0 is initialization identifier, M 0 :P A MS. Explanation of Definition 1:1) This is based on the essential Petri net. 2) When modeling the protocol, the resource set A in company with fault set X describe all the data, timer data and fault data that would be injected into SUT. 3) Resource function C defines the resource that belongs to every position p i P and every transition t i T. For p i P, C(p i ) means the resource set belong to it. For t i T, C(t i ) means all the resources that the transition needed, which is the necessary condition for the transition. 4) Transition set T denotes communication operation or timeout event. State of SUT will change when these events happen. 5) t defines the time limit of each timeout. 6) M 0 denotes the initialization state of the system Dynamic behavior A model s dynamic behavior regulated by these rules: 1) If all the positions of send transitions have at least a token, then this transition can take place. 2) If all of the position of receive transitions have at least a token, and the received resource is equal to the resource which belongs to the transition, then these transitions can take place. 3) If all the position belong to a timeout transition have at least one token, and the time is beyond the limit, the timeout transition can take place Denotation method The figure and table denote the model for. In the figure of, symbol based on that of Petri net was used to denote the dynamic behavior of protocol. Broken line denotes fault injection. Tables in explain the meaning of resource and fault. There will be four tables which are table of S 0 a 0 t1 S 1 a 0(x 0) Fig.2 A simple example of extended Petri net place, transition, resource, and fault. In the example in Figure 2, a client that in initialization state (s 0 ) transfers to the state of waiting for connection (s 1 ) by sending a connect request. The broken line denotes that the resource a 0 was injected fault of x 0 in sending transition. The client should keep staying at the initialization state and discard the fault connection request. 3.3 analysis After the construction of the, test cases could be got from the analysis of the model. In, the symbols that denote the state and the transition are the same to that in the essential Petri net. The element T denotes transition and the resource function denotes the resource related to transition. The element S denotes place, and place that has one or more states. Vulnerability X denotes types of all possible errors. The analysis rules were explained below. Seeking all transitions that describe communication. This type of transition is potential fault injection point. In Figure 2, t 1 denotes the client communicates with the server by sending a request to it. Choosing of fault type. The set of vulnerability defines the fault that could be injected into SUT. In syntax testing, there are five types of faults. Each place could be injected one or multiple fault. By the increasing of types of fault, the number of test cases will increase at exponential level. Expanding of table. Resource, fault type could be added continuously, and then numbers of test cases will increase. Thus the test will be more exhaustive. 3.4 Fault injection In the step of fault injection, the test case which generated in the stage of model analysis would be executed by a fault injector. The fault injector sends the fault data to the SUT by UDP, TCP, or
4 Broadband Network 宽 带 网 络 other protocols, checks the result, and then generates the test report. IV. TESTING OF HTTP With the number of internet user increasing rapidly, and HTTP widely used[5], it is necessary to guarantee the robustness of HTTP client. Here the vulnerability testing of HTTP is brought. Figure 3 is a model of HTTP, and Table 1~4 describe the place, transition, resource and vulnerability of HTTP. According to the description of the protocol, the client of HTTP has four states, including No connection, Connected, Waiting for response, Response waiting close. These four states were denoted by four symbols from S 0 to S 3. In the state of No connection, the client transfers to Connected state by receiving request. In the state of connected, if the client sends the HTTP request according to the user action, it will transfer to the state of Waiting for response. These responses of the HTTP server trigger the transition if client state, so they could be denoted by transition. Table 2 explains the meaning of the transitions. s 0 t 3 s 3 a3 (x0, x1) t 0 s 1 Fig.3 of HTTP Client Places t 2 Table 1 Places of HTTP a0 (x1) t 1 s 2 meanings S 0 No connection S 1 Connected S 2 Waiting for response S 3 Response waiting close Table 2 Transitions of HTTP Transitions meanings t 0 Send connect.req t 1 Infomation.req t 2 Send/receive response t 3 Close connection Name type place meaning a 0 a 1 a 2 a 3 a 4 a 5 symbol Table 3 Example Resources of HTTP Version URI Time Char set Rep. line State line type, s 0,s 1,s 3 s 2 Table 4 Fault of HTTP HTTP version URI= http: // hostname.. Greenwich Time UTF-8 or GBK Request line in Request Msg. State line in Response Msg. meaning x 0 Delimiter errors Using other special symbol to substitute Delimiter in x 1 Char String errors Using other special string to substitute common string x 1 Length errors Using wrong length char string in message After the construction of the model, test cases can be got from the analysis of the model. In vulnerability testing, the fault injection was used to test the robustness of SUT. So adding fault in company with the sending transition and the resource can compose a test case. In Figure 3, a fault was injected into the transition of t 1, which was denoted by broken lines. And at the side of the broken line, the fault resource and the fault type were labeled. The label for the fault is a 0 (x 1 ), with a 0 explained in Table 3, and x 1 explained in Table 4. This fault is a CharString error injected into the URL in redirect request. The error message is: GET /test.htm HTTPxx1.1xxxxxxxxxxxxxxxxxxx In the fault injection stage, all the test cases were sent by UDP to the HTTP client. If the message sent is correct, the client way will transmit to the state of Waiting for response. If the Client received a wrong message it will reject the response and send back the corresponding message, while avoiding transmitting the wrong message to the
5 http server. Three type of fault were mostly used in the testing account for the characteristic HTTP: Char string abnormity: The abnormal char string consists of chars ASCII. In this example, we test many char numbers that can cause error. Length abnormity: Length abnormity means using integer of type of UINTVAR. Delimiter errors: Delimiter errors means puting wrong URL delimiter such as :+1000x /) into string to test the URL parser. V. RESULT OF TESTING We use the method of to test the open source HTTP client Maxthon For the 500 test cases, the Maxthon failed in 23. Among them, there are 0 length abnormity error, 13 Char string errors and 10 Delimiter errors, Every failure means a vulnerability that may be attacked by some methods, such as DOS. Mostly these failures may be caused by memory leak, stack overflow, or cache overflow. Of course, these test cases cannot find all of the possible vulnerability, and if time permits more and more test cases can be produced. Although it is believe that these test cases can cover all the transition, we hope more test cases and more elaborate model can be constructed to testing. Further works of may be computing of fault cover rate, simplification of the model, and test case autogeneration. Acknowledgments Specific thanks to Gang Liu, Bin Hou, Qing Ma, and Xing Zhao s help of completing the programme. Thanks also to Qiong Sun s advice for improving the paper. Finally, we acknowledge the valuable feedback provided by the anonymous reviewers and our colleagues at Beijing University of Posts & Telecommunication. References [1] DeVale J, Koopman P, Guttendorf D, The Ballista Software Robustness Testing Service, Testing Computer Software Conference, [2] Laakso M., Takanen A., Röning J.(1999). The Vulnerability Process: a tiger team approach to resolving vulnerability cases[eb/ol]. In proceedings of the 11th FIRST Conference on Computer Security Incident Handling and Response, Brisbane June, [3] Rauli Kaksonen, Marko Laakso, Ari Takanen. (2000). Vulnerability Analysis of Software through Syntax Testing [EB/ OL]. [ WP2000-robustness/] [4] Xiao Zheng, Feng Qin, (2006). Auto Generation of Test Case Based On Petri Net.Journal Of Central China Science University (4). [5] IETF. RFC Hypertext Transfer Protocol -- HTTP/ Biographies Li Weihai received his master degree of computer science from Beijing University of Posts & Telecommunication in He is now a Lecturer in School of Electronic Engineering in BUPT. His current research interests are protocol testing of computer networks. Prof. Ma Yan, Vice President of Network Information Center, doctoral supervisor in Computer Science and Technology Department and. His research includes network management technology in TCP/IP network, network security, mobile IP, IPv6, etc. Dr. Huang Xiaohong received her Ph.D degree from the school of Electrical and Electronic Engineering (EEE), Nanyang Technological University, Singapore in Since 2005, Dr. Huang is currently the Associate Professor in the Research Institute of Network Technology at BUPT. She has published more than 30 academic papers in the area of WDM optical networks, IP networks, Grid computing and other relevant fields. Her current research interests are performance analysis of computer networks, QoS management, service classification, grid computing etc
The application of TTCN-3 in M2M Testing
The application of TTCN-3 in M2M Testing Xiaohong Huang, Ruiping Zhu, Weihai Li, Yan Ma TTCN-3 User Conference 2010 June 8-10 2009, Beijing, CHINA Outlines Introduction M2M Network Architecture TTCN-3
More information[MS-CCEIP]: Corporate Customer Experience Improvement Program Client-to-Server Protocol
[MS-CCEIP]: Corporate Customer Experience Improvement Program Client-to-Server Protocol Intellectual Property Rights Notice for Open Specifications Documentation Technical Documentation. Microsoft publishes
More informationFault Analysis in Software with the Data Interaction of Classes
, pp.189-196 http://dx.doi.org/10.14257/ijsia.2015.9.9.17 Fault Analysis in Software with the Data Interaction of Classes Yan Xiaobo 1 and Wang Yichen 2 1 Science & Technology on Reliability & Environmental
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system
More informationTunnel Broker System Using IPv4 Anycast
Tunnel Broker System Using IPv4 Anycast Xin Liu Department of Electronic Engineering Tsinghua Univ. lx@ns.6test.edu.cn Xing Li Department of Electronic Engineering Tsinghua Univ. xing@cernet.edu.cn ABSTRACT
More informationAuditing a Web Application. Brad Ruppert. SANS Technology Institute GWAS Presentation 1
Auditing a Web Application Brad Ruppert SANS Technology Institute GWAS Presentation 1 Objectives Define why application vulnerabilities exist Address Auditing Approach Discuss Information Interfaces Walk
More informationProduct Standard General Interworking: Internet Server
General Interworking: Internet Server The Open Group Copyright August 1998, The Open Group All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted,
More informationSoftware Engineering 4C03 VoIP: The Next Telecommunication Frontier
Software Engineering 4C03 VoIP: The Next Telecommunication Frontier Rudy Muslim 0057347 McMaster University Computing and Software Department Hamilton, Ontario Canada Introduction Voice over Internet Protocol
More informationAn Oracle White Paper October 2013. Oracle Database and IPv6 Statement of Direction
An Oracle White Paper October 2013 Oracle Database and IPv6 Statement of Direction Disclaimer The following is intended to outline our general product direction. It is intended for information purposes
More informationComputer Networks/DV2 Lab
Computer Networks/DV2 Lab Room: BB 219 Additional Information: http://ti.uni-due.de/ti/en/education/teaching/ss13/netlab Equipment for each group: - 1 Server computer (OS: Windows Server 2008 Standard)
More informationSecurity Test s i t ng Eileen Donlon CMSC 737 Spring 2008
Security Testing Eileen Donlon CMSC 737 Spring 2008 Testing for Security Functional tests Testing that role based security functions correctly Vulnerability scanning and penetration tests Testing whether
More informationConfiguring Security for FTP Traffic
2 Configuring Security for FTP Traffic Securing FTP traffic Creating a security profile for FTP traffic Configuring a local traffic FTP profile Assigning an FTP security profile to a local traffic FTP
More informationGSM. Quectel Cellular Engine. HTTP Service AT Commands GSM_HTTP_ATC_V1.2
GSM Cellular Engine HTTP Service AT Commands GSM_HTTP_ATC_V1.2 Document Title HTTP Service AT Commands Version 1.2 Date 2015-04-13 Status Document Control ID Release GSM_HTTP_ATC_V1.2 General Notes offers
More informationNetwork Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media
IT 4823 Information Security Concepts and Administration March 17 Network Threats Notice: This session is being recorded. Happy 50 th, Vanguard II March 17, 1958 R.I.P. John Backus March 17, 2007 Copyright
More informationResearch on Server Push Methods in Web Browser based Instant Messaging Applications
2644 JOURNAL OF SOFTWARE, VOL. 8, NO. 10, OCTOBER 2013 Research on Server Push Methods in Web Browser based Instant Messaging Applications Kai Shuang State Key Laboratory of Network & Switching Technology,
More informationAn enhanced TCP mechanism Fast-TCP in IP networks with wireless links
Wireless Networks 6 (2000) 375 379 375 An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Jian Ma a, Jussi Ruutu b and Jing Wu c a Nokia China R&D Center, No. 10, He Ping Li Dong Jie,
More informationVoice over IP (VoIP) Overview. Introduction. David Feiner ACN 2004. Introduction VoIP & QoS H.323 SIP Comparison of H.323 and SIP Examples
Voice over IP (VoIP) David Feiner ACN 2004 Overview Introduction VoIP & QoS H.323 SIP Comparison of H.323 and SIP Examples Introduction Voice Calls are transmitted over Packet Switched Network instead
More informationCSE 473 Introduction to Computer Networks. Exam 2 Solutions. Your name: 10/31/2013
CSE 473 Introduction to Computer Networks Jon Turner Exam Solutions Your name: 0/3/03. (0 points). Consider a circular DHT with 7 nodes numbered 0,,...,6, where the nodes cache key-values pairs for 60
More informationQuectel Cellular Engine
Cellular Engine HTTP Service AT Commands GSM_HTTP_ATC_V1.00 Document Title HTTP Service AT Commands Version 1.00 Date 2009-07-06 Status Document Control ID Release GSM_HTTP_ATC_V1.00 General Notes offers
More informationConfiguring Security for SMTP Traffic
4 Configuring Security for SMTP Traffic Securing SMTP traffic Creating a security profile for SMTP traffic Configuring a local traffic SMTP profile Assigning an SMTP security profile to a local traffic
More informationIntroducing the Microsoft IIS deployment guide
Deployment Guide Deploying Microsoft Internet Information Services with the BIG-IP System Introducing the Microsoft IIS deployment guide F5 s BIG-IP system can increase the existing benefits of deploying
More informationUsing RADIUS Agent for Transparent User Identification
Using RADIUS Agent for Transparent User Identification Using RADIUS Agent Web Security Solutions Version 7.7, 7.8 Websense RADIUS Agent works together with the RADIUS server and RADIUS clients in your
More informationTransport Layer Protocols
Transport Layer Protocols Version. Transport layer performs two main tasks for the application layer by using the network layer. It provides end to end communication between two applications, and implements
More informationHands On Activities: TCP/IP Network Monitoring and Management
Hands On Activities: TCP/IP Network Monitoring and Management 1. TCP/IP Network Management Tasks TCP/IP network management tasks include Examine your physical and IP network address Traffic monitoring
More informationQuectel Cellular Engine
Cellular Engine GSM FTP AT Commands GSM_FTP_ATC_V1.1 Document Title GSM FTP AT Commands Version 1.1 Date 2010-12-28 Status Document Control ID Release GSM_FTP_ATC_V1.1 General Notes offers this information
More informationComputer Simulation of Denial of Service attack in Military Information Network using OPNET
3rd International Conference on Multimedia Technology(ICMT 2013) Computer Simulation of Denial of Service attack in Military Information Network using OPNET Lichun PEI, Chenhui LI, Runfeng HOU, Yanjun
More informationComputer Networks. Chapter 5 Transport Protocols
Computer Networks Chapter 5 Transport Protocols Transport Protocol Provides end-to-end transport Hides the network details Transport protocol or service (TS) offers: Different types of services QoS Data
More informationResearch And Implementation For Remote Access Of UPnP
3rd International Conference on Material, Mechanical and Manufacturing Engineering (IC3ME 2015) Research And Implementation For Remote Access Of UPnP Gan Xiaojian 1, a,wang Haitao 2, b, Jiang Ying 3, c,
More informationNetworking Basics and Network Security
Why do we need networks? Networking Basics and Network Security Shared Data and Functions Availability Performance, Load Balancing What is needed for a network? ISO 7-Layer Model Physical Connection Wired:
More informationIdentity Federation Broker for Service Cloud
2010 International Conference on Sciences Identity Federation Broker for Cloud He Yuan Huang 1, Bin Wang 1, Xiao Xi Liu 1, Jing Min Xu 1 1 IBM Research China {huanghey, wangbcrl, liuxx, xujingm}@cn.ibm.com
More informationTerminology. Internet Addressing System
Terminology A local area network (LAN) is a computer network covering a small physical area, like a home, office, or small group of buildings, such as a school, or an airport. The defining characteristics
More informationBasic Vulnerability Issues for SIP Security
Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future
More informationMingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway
Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway All transparent deployment Full HTTPS site defense Prevention of OWASP top 10 Website Acceleration
More information3GPP TS 31.220 V8.0.0 (2008-03)
TS 31.220 V8.0.0 (2008-03) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Characteristics of the Contact Manager for UICC applications
More informationWeb Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability
Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange
More informationAn Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography
ROMANIAN JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY Volume 16, Number 4, 2013, 324 335 An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography
More informationConfiguring SSL Termination
CHAPTER 4 This chapter describes the steps required to configure a CSS as a virtual SSL server for SSL termination. It contains the following major sections: Overview of SSL Termination Creating an SSL
More informationLoad Balancing BEA WebLogic Servers with F5 Networks BIG-IP v9
Load Balancing BEA WebLogic Servers with F5 Networks BIG-IP v9 Introducing BIG-IP load balancing for BEA WebLogic Server Configuring the BIG-IP for load balancing WebLogic Servers Introducing BIG-IP load
More informationHIDS and NIDS Hybrid Intrusion Detection System Model Design Zhenqi Wang 1, a, Dankai Zhang 1,b
Advanced Engineering Forum Online: 2012-09-26 ISSN: 2234-991X, Vols. 6-7, pp 991-994 doi:10.4028/www.scientific.net/aef.6-7.991 2012 Trans Tech Publications, Switzerland HIDS and NIDS Hybrid Intrusion
More informationSetup Guide Access Manager 3.2 SP3
Setup Guide Access Manager 3.2 SP3 August 2014 www.netiq.com/documentation Legal Notice THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE
More informationIf you wanted multiple screens, there was no way for data to be accumulated or stored
Handling State in Web Applications Jeff Offutt http://www.cs.gmu.edu/~offutt/ SWE 642 Software Engineering for the World Wide Web sources: Professional Java Server Programming, Patzer, Wrox Web Technologies:
More informationA Prevention & Notification System By Using Firewall. Log Data. Pilan Lin
A Prevention & Notification System By Using Firewall Log Data By Pilan Lin 1 Table Of Content ABSTRACT... 3 1 INTRODUCTION... 4 2. Firewall Log data... 6 2.1 How to collect log data... 6 3. Prevention
More informationMake search become the internal function of Internet
Make search become the internal function of Internet Wang Liang 1, Guo Yi-Ping 2, Fang Ming 3 1, 3 (Department of Control Science and Control Engineer, Huazhong University of Science and Technology, WuHan,
More informationA Link Layer Discovery Protocol Fuzzer
The University of Texas at Austin, Department of Computer Sciences, Technical Report TR-07-24 A Link Layer Discovery Protocol Fuzzer Jeremy Hollander Department of Computer Sciences The University of Texas
More informationCS 356 Lecture 16 Denial of Service. Spring 2013
CS 356 Lecture 16 Denial of Service Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationProtocols. Packets. What's in an IP packet
Protocols Precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet Protocol (bottom level) all packets shipped from network to network as IP packets
More informationSIP : Session Initiation Protocol
: Session Initiation Protocol EFORT http://www.efort.com (Session Initiation Protocol) as defined in IETF RFC 3261 is a multimedia signaling protocol used for multimedia session establishment, modification
More informationRemote login (Telnet):
SFWR 4C03: Computer Networks and Computer Security Feb 23-26 2004 Lecturer: Kartik Krishnan Lectures 19-21 Remote login (Telnet): Telnet permits a user to connect to an account on a remote machine. A client
More informationInnominate mguard Version 6
Innominate mguard Version 6 Configuration Examples mguard smart mguard PCI mguard blade mguard industrial RS EAGLE mguard mguard delta Innominate Security Technologies AG Albert-Einstein-Str. 14 12489
More informationFirewalls with IPTables. Jason Healy, Director of Networks and Systems
Firewalls with IPTables Jason Healy, Director of Networks and Systems Last Updated Mar 18, 2008 2 Contents 1 Host-based Firewalls with IPTables 5 1.1 Introduction.............................. 5 1.2 Concepts...............................
More informationQuality of Service in the Internet. QoS Parameters. Keeping the QoS. Traffic Shaping: Leaky Bucket Algorithm
Quality of Service in the Internet Problem today: IP is packet switched, therefore no guarantees on a transmission is given (throughput, transmission delay, ): the Internet transmits data Best Effort But:
More informationFirst Line of Defense to Protect Critical Infrastructure
RFI SUBMISSION First Line of Defense to Protect Critical Infrastructure Developing a Framework to Improve Critical Infrastructure Cybersecurity Response to NIST Docket # 130208119-3119-01 Document # 2013-044B
More informationLecture 8b: Proxy Server Load Balancing
Internet and Intranet Protocols and Applications Lecture 8b: Proxy Server Load Balancing March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Load Balancing Problem:
More informationACKNOWLEDGMENT. I would like to thank Allah for giving me the patience to work hard and overcome all the
ACKNOWLEDGMENT I would like to thank Allah for giving me the patience to work hard and overcome all the research obstacles. My full gratitude is to Dr. Mohammed Al-Jarrah and Dr. Izzat Alsmadi for their
More informationBasic Internet programming Formalities. Hands-on tools for internet programming
Welcome Basic Internet programming Formalities Hands-on tools for internet programming DD1335 (gruint10) Serafim Dahl serafim@nada.kth.se DD1335 (Lecture 1) Basic Internet Programming Spring 2010 1 / 23
More informationService Identifier Comparison module Service Rule Comparison module Favourite Application Server Reinvocation Management module
Service Broker for Managing Feature Interactions in IP Multimedia Subsystem Anahita Gouya, Noël Crespi {anahita.gouya, noel.crespi @int-evry.fr}, Institut National des télécommunications (GET-INT) Mobile
More informationWireless Computing and IT Ecosystems
Wireless Computing and IT Ecosystems William R Simpson Institute for Defense Analyses, 4850 Mark Center Drive, Alexandria, Virginia 22311 USA, rsimpson@ida.org Abstract. We have evolved an IT system that
More informationSIP Protocol as a Communication Bus to Control Embedded Devices
229 SIP Protocol as a Communication Bus to Control Embedded Devices Ramunas DZINDZALIETA Institute of Mathematics and Informatics Akademijos str. 4, Vilnius Lithuania ramunas.dzindzalieta@gmail.com Abstract.
More informationInternet Control Protocols Reading: Chapter 3
Internet Control Protocols Reading: Chapter 3 ARP - RFC 826, STD 37 DHCP - RFC 2131 ICMP - RFC 0792, STD 05 1 Goals of Today s Lecture Bootstrapping an end host Learning its own configuration parameters
More informationDEPLOYMENT GUIDE DEPLOYING F5 WITH MICROSOFT WINDOWS SERVER 2008
DEPLOYMENT GUIDE DEPLOYING F5 WITH MICROSOFT WINDOWS SERVER 2008 Table of Contents Table of Contents Deploying F5 with Microsoft Windows Server 2008 Prerequisites and configuration notes...1-1 Deploying
More information2.2 SIP-based Load Balancing. 3 SIP Load Balancing. 3.1 Proposed Load Balancing Solution. 2 Background Research. 2.1 HTTP-based Load Balancing
SIP TRAFFIC LOAD BALANCING Ramy Farha School of Electrical and Computer Engineering University of Toronto Toronto, Ontario Email: rfarha@comm.utoronto.ca ABSTRACT This paper presents a novel solution to
More informationDesign of a SIP Outbound Edge Proxy (EPSIP)
Design of a Outbound Edge Proxy (EP) Sixth FRUCT seminar Helsinki, Finland on 3 6 ovember 2009. Sergio Lembo Department of Communications and etworking (TKK) Jani Heikkinen, Sasu Tarkoma Department of
More informationCape Girardeau Career Center CISCO Networking Academy Bill Link, Instructor. 2.,,,, and are key services that ISPs can provide to all customers.
Name: 1. What is an Enterprise network and how does it differ from a WAN? 2.,,,, and are key services that ISPs can provide to all customers. 3. Describe in detail what a managed service that an ISP might
More informationName: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.
Name: 1 CSE331: Introduction to Networks and Security Final Fall 2003 Dec. 12, 2003 1 /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35 Total /135 Do not begin the exam until you are told to do so. You
More informationAttack Lab: Attacks on TCP/IP Protocols
Laboratory for Computer Security Education 1 Attack Lab: Attacks on TCP/IP Protocols Copyright c 2006-2010 Wenliang Du, Syracuse University. The development of this document is funded by the National Science
More informationSome insights about the recent TCP DoS (Denial of Service) vulnerabilities
Some insights about the recent TCP DoS (Denial of Service) vulnerabilities Fernando Gont project carried out on behalf of UK CPNI HACK.LU 09 Conference October 28-30, 2009. Luxembourg Agenda Overview of
More informationQoS Parameters. Quality of Service in the Internet. Traffic Shaping: Congestion Control. Keeping the QoS
Quality of Service in the Internet Problem today: IP is packet switched, therefore no guarantees on a transmission is given (throughput, transmission delay, ): the Internet transmits data Best Effort But:
More informationETSI TS 131 220 V13.0.0 (2016
TS 131 220 V13.0.0 (2016 16-02) TECHNICAL SPECIFICATIONION Universal Mobile Telecommunications System (UMTS); LTE; Characteristics of the Contact Manager for 3GPP UICC applications (3GPP TS 31.220 version
More informationLabVIEW Internet Toolkit User Guide
LabVIEW Internet Toolkit User Guide Version 6.0 Contents The LabVIEW Internet Toolkit provides you with the ability to incorporate Internet capabilities into VIs. You can use LabVIEW to work with XML documents,
More informationELIXIR LOAD BALANCER 2
ELIXIR LOAD BALANCER 2 Overview Elixir Load Balancer for Elixir Repertoire Server 7.2.2 or greater provides software solution for load balancing of Elixir Repertoire Servers. As a pure Java based software
More informationDesign of a SIP Outbound Edge Proxy (EPSIP)
Design of a SIP Outbound Edge Proxy (EPSIP) Sergio Lembo Dept. of Communications and Networking Helsinki University of Technology (TKK) P.O. Box 3000, FI-02015 TKK, Finland Jani Heikkinen, Sasu Tarkoma
More informationIntroduction to Computer Networks
Introduction to Computer Networks Chen Yu Indiana University Basic Building Blocks for Computer Networks Nodes PC, server, special-purpose hardware, sensors Switches Links: Twisted pair, coaxial cable,
More informationObjectives of Lecture. Network Architecture. Protocols. Contents
Objectives of Lecture Network Architecture Show how network architecture can be understood using a layered approach. Introduce the OSI seven layer reference model. Introduce the concepts of internetworking
More informationFollow these steps to prepare the module and evaluation board for testing.
2 Getting Started 2.1. Hardware Installation Procedure Follow these steps to prepare the module and evaluation board for testing. STEP1: Plug the EG-SR-7100A module into the sockets on the test board.
More informationWeb. Services. Web Technologies. Today. Web. Technologies. Internet WWW. Protocols TCP/IP HTTP. Apache. Next Time. Lecture #3 2008 3 Apache.
JSP, and JSP, and JSP, and 1 2 Lecture #3 2008 3 JSP, and JSP, and Markup & presentation (HTML, XHTML, CSS etc) Data storage & access (JDBC, XML etc) Network & application protocols (, etc) Programming
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationMoonv6 Test Suite. IPv6 Firewall Network Level Interoperability Test Suite. Technical Document. Revision 1.0
Moonv6 Test Suite IPv6 Firewall Network Level Interoperability Test Suite Technical Document Revision 1.0 IPv6 Consortium 121 Technology Drive, Suite 2 InterOperability Laboratory Durham, NH 03824-3525
More informationPer-Flow Queuing Allot's Approach to Bandwidth Management
White Paper Per-Flow Queuing Allot's Approach to Bandwidth Management Allot Communications, July 2006. All Rights Reserved. Table of Contents Executive Overview... 3 Understanding TCP/IP... 4 What is Bandwidth
More informationNetwork Intrusion Detection Systems. Beyond packet filtering
Network Intrusion Detection Systems Beyond packet filtering Goal of NIDS Detect attacks as they happen: Real-time monitoring of networks Provide information about attacks that have succeeded: Forensic
More informationSIP Trunking Manual 05.15. Technical Support Web Site: http://ws1.necii.com (registration is required)
SIP Trunking Manual 05.15 Technical Support Web Site: http://ws1.necii.com (registration is required) This manual has been developed by NEC Unified Solutions, Inc. It is intended for the use of its customers
More informationINTERNET OF THINGS 1
INTERNET OF THINGS 1 OUTLINE Introduction to IoT Technologies Ubiquitous Network Network Management Technologies RFID WSN Embedded Nanotechnology IPv6 UPnP SNMP Challenging Problems Conclusions and Future
More informationMonitoring and Warning System for Information Technology (IT) Outsource Risk in Commercial Banks Based on Nested Theory of Excel Logical Function
Advance Journal of Food Science and Technology 9(4): 302-307, 2015 ISSN: 2042-4868; e-issn: 2042-4876 Maxwell Scientific Organization, 2015 Submitted: March 3, 2015 Accepted: March 14, 2015 Published:
More informationNetworks 3. 2015 University of Stirling CSCU9B1 Essential Skills for the Information Age. Content
Networks 3 Lecture Networks 3/Slide 1 Content What is a communications protocol? Network protocols TCP/IP High-level protocols Firewalls Network addresses Host name IP address Domain name system (DNS)
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationThe syslog-ng Premium Edition 5LTS
The syslog-ng Premium Edition 5LTS PRODUCT DESCRIPTION Copyright 2000-2013 BalaBit IT Security All rights reserved. www.balabit.com Introduction The syslog-ng Premium Edition enables enterprises to collect,
More informationDissertation Title: SOCKS5-based Firewall Support For UDP-based Application. Author: Fung, King Pong
Dissertation Title: SOCKS5-based Firewall Support For UDP-based Application Author: Fung, King Pong MSc in Information Technology The Hong Kong Polytechnic University June 1999 i Abstract Abstract of dissertation
More informationInternet Technologies. World Wide Web (WWW) Proxy Server Network Address Translator (NAT)
Internet Technologies World Wide Web (WWW) Proxy Server Network Address Translator (NAT) What is WWW? System of interlinked Hypertext documents Text, Images, Videos, and other multimedia documents navigate
More informationNetStream (Integrated) Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date 2012-9-6
(Integrated) Technology White Paper Issue 01 Date 2012-9-6 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means
More informationAbstract. Introduction. Section I. What is Denial of Service Attack?
Abstract In this report, I am describing the main types of DoS attacks and their effect on computer and network environment. This report will form the basis of my forthcoming report which will discuss
More informationIntroduction. How does FTP work?
Introduction The µtasker supports an optional single user FTP. This operates always in active FTP mode and optionally in passive FTP mode. The basic idea of using FTP is not as a data server where a multitude
More informationSecurity Issues and Possible Solutions in PACS Systems through Public Networks
, pp.118-123 http://dx.doi.org/10.14257/astl.2014.79.23 Security Issues and Possible Solutions in PACS Systems through Public Networks Feng Zhou 1, Jin Wang 1, Bin Li 1, Jeong-Uk Kim 2 1 College of Information
More informationResearch and Implementation of Single Sign-On Mechanism for ASP Pattern *
Research and Implementation of Single Sign-On Mechanism for ASP Pattern * Bo Li, Sheng Ge, Tian-yu Wo, and Dian-fu Ma Computer Institute, BeiHang University, PO Box 9-32 Beijing 100083 Abstract Software
More informationAlbert Ludwigs University Freiburg Department of Computer Science Prof. Dr. Stefan Leue and Corina Apachite Distributed Systems - WS 2001/2002 Assignment 1 - Solutions Question 1.1 Give vetypes of hardware
More informationHow To Protect A Web Application From Attack From A Trusted Environment
Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls
More informationLimi Kalita / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 5 (3), 2014, 4802-4807. Socket Programming
Socket Programming Limi Kalita M.Tech Student, Department of Computer Science and Engineering, Assam Down Town University, Guwahati, India. Abstract: The aim of the paper is to introduce sockets, its deployment
More informationSession Initiation Protocol (SIP) The Emerging System in IP Telephony
Session Initiation Protocol (SIP) The Emerging System in IP Telephony Introduction Session Initiation Protocol (SIP) is an application layer control protocol that can establish, modify and terminate multimedia
More informationDEPLOYMENT GUIDE DEPLOYING THE BIG-IP SYSTEM WITH MICROSOFT INTERNET INFORMATION SERVICES (IIS) 7.0
DEPLOYMENT GUIDE DEPLOYING THE BIG-IP SYSTEM WITH MICROSOFT INTERNET INFORMATION SERVICES (IIS) 7.0 Deploying F5 with Microsoft IIS 7.0 F5's BIG-IP system can increase the existing benefits of deploying
More informationHTTP 1.1 Web Server and Client
HTTP 1.1 Web Server and Client Finding Feature Information HTTP 1.1 Web Server and Client Last Updated: August 17, 2011 The HTTP 1.1 Web Server and Client feature provides a consistent interface for users
More informationTime-Frequency Detection Algorithm of Network Traffic Anomalies
2012 International Conference on Innovation and Information Management (ICIIM 2012) IPCSIT vol. 36 (2012) (2012) IACSIT Press, Singapore Time-Frequency Detection Algorithm of Network Traffic Anomalies
More information