Search

Your search keyword '"COMPUTER network protocols"' showing total 15 results
Start Over "COMPUTER network protocols" Topic computer security Language undetermined
15 results on '"COMPUTER network protocols"'

1. Covert channels and countermeasures in computer network protocols [Reprinted from IEEE Communications Surveys and Tutorials]

Author

Sebastian Zander, Grenville Armitage, and Philip Branch

Subjects
Focus (computing), Computer Networks and Communications, business.industry, Computer science, Covert channel, Cryptography, Data_CODINGANDINFORMATIONTHEORY, Computer security, computer.software_genre, Encryption, Computer Science Applications, Countermeasure, The Internet, Computer network protocols, Electrical and Electronic Engineering, business, Communications protocol, computer, Computer network
Abstract

Covert channels are used for the secret transfer of information. Encryption only protects communication from being decoded by unauthorized parties, whereas covert channels aim to hide the very existence of the communication. Initially, covert channels were identified as a security threat on monolithic systems such as mainframes. More recently, focus has shifted toward covert channels in computer network protocols. The huge amount of data and large number of different protocols in the Internet is ideal as a high-bandwidth vehicle for covert communication. This article provides an overview of the existing techniques for creating covert channels in widely deployed network protocols, and common methods for their detection, elimination, and capacity limitation.

Published
2007

2. A survey of covert channels and countermeasures in computer network protocols

Author

Grenville Armitage, Philip Branch, and Sebastian Zander

Subjects
business.industry, Computer science, Data security, Covert channel, Data_CODINGANDINFORMATIONTHEORY, Information security, Computer security model, Encryption, Computer security, computer.software_genre, Security service, Network Access Control, The Internet, Electrical and Electronic Engineering, business, computer, Computer network
Abstract

Covert channels are used for the secret transfer of information. Encryption only protects communication from being decoded by unauthorised parties, whereas covert channels aim to hide the very existence of the communication. Initially, covert channels were identified as a security threat on monolithic systems i.e. mainframes. More recently focus has shifted towards covert channels in computer network protocols. The huge amount of data and vast number of different protocols in the Internet seems ideal as a high-bandwidth vehicle for covert communication. This article is a survey of the existing techniques for creating covert channels in widely deployed network and application protocols. We also give an overview of common methods for their detection, elimination, and capacity limitation, required to improve security in future computer networks.

Published
2007

3. A game theoretic trust model for on-line distributed evolution of cooperation inMANETs

Author

Oscar Esparza, Jose L. Muñoz, Marcela Rodríguez Mejía, Marco A. Alzate, Nestor Pena, Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica, and Universitat Politècnica de Catalunya. SERTEL - Serveis Telemàtics

Subjects
Game theoretic, Computer Networks and Communications, Computer science, business.industry, Network packet, Mobile ad hoc network, Computer security, computer.software_genre, Computer Science Applications, Incentive, Hardware and Architecture, Computer network protocols, Line (geometry), Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors::Protocols de comunicació [Àrees temàtiques de la UPC], Protocols de xarxes d'ordinador, Jocs, Teoria de, Enforcement, business, Game theory, computer, Ad hoc networks (Computer networks), Computer network
Abstract

Cooperation among nodes is fundamental for the operation of mobile ad hoc networks(MANETs). In such networks, there could be selfish nodes that use resources from other nodes to send their packets but that do not offer their resources to forward packets for other nodes.Thus,a cooperation enforcement mechanism is necessary. Trust models have been proposed as mechanisms to incentive cooperation in MANET sand some of them are based on game theory concepts. Among game theoretic trust models, those that make nodes’ strategies evolve genetically have shown promising results for cooperation improvement. However,current approaches propose a highly centralized genetic evolution which render them unfeasible for practical purposes in MANETs. In this article, we propose a trust model based on a non-cooperative game that uses a bacterial-like algorithm to let the nodes quickly learn the appropriate cooperation behavior. Our model is completely distributed, achieves optimal cooperation values in a small fraction of time compared with centralized algorithms,and adapts effectively to environmental changes.

Published
2011

4. Open problems for group-key agreement protocols on Vehicular Ad-hoc Networks

Author

Şerif Bahtiyar, Emin Anarim, M. Ufuk Caglayan, and Orhan Ermis

Subjects
Vehicular communication systems, Vehicular ad hoc network, business.industry, Computer science, Wireless ad hoc network, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Computer security, computer.software_genre, Wireless communication systems, In vehicle, Key (cryptography), Computer network protocols, business, computer, Computer network, Group key
Abstract

Security is a challenging issue in Vehicular Ad-hoc Networks since entities in the networks generally use insecure channels to communicate with each other, where key agreements are a major challenge. Actually, there exist several security constraints in vehicle to infrastructure communication and vehicle-to-vehicle communications. In this paper, we address open problems related to secure key agreement in Vehicular Ad-hoc Networks by comparing traditional group key agreement protocols with other key agreement protocols.

Published
2013

5. Modeling and detecting attacks against key agreement protocols

Author

Yadav, Anshu and Mathuria, Anish M.

Subjects
Computer security, Security measures, Computer network protocols, Cryptographic protocols, Public key infrastructure, Data encryption, Key agreement protocols
Abstract

Key agreement protocols establish a shared secret key between two or more communicating parties willing to exchange data over insecure channels using symmetric key cryptography. Based on the number of members involved in the communication these protocols can be classied as a two party or group key agreement protocols. Various formal methods are available in the literature to analyze the security of such protocols. This helps in establishing the validity of any attacks, if found, or to prove the security of the protocols under given adversarial assumptions. In this thesis we analyze the security of several existing two party and group key agreement protocols. We used provable security models like eCK'08 and enhanced eCK and the DS model given as an algebraic approach by Delicata and Schneider to analyze a class of DH based key agreement protocols. The distinguishing feature of key agreement protocols from key transport protocols is that the former aims to ensure the contribution of all the honest participants so that no one can predetermine the key. In a poorly designed protocol, an insider adversary can control the key in different forms as dened by Pieprzyk and Wang. This type of attack is termed as key control. We also dene ephemeral key control w.r.t. dishonest insider where it is assumed that the adversary also knows the ephemeral secret of the victim honest participants. This assumption is based on several advanced attributes that assume ephemeral leakage. We analyze this attack on MTI protocols using DS model. We have shown weakness in some provably secure two party implicitly authenticated protocols and modeled the attacks in provable security model. We also analyzed key control in some group key agreement protocols. We have used the DS model to formally derive an attack shown by Pieprzyk on Burmester-Desmedt protocol and have also proposed attacks on static version of the group key agreement protocol proposed by Dutta and Barua.

Published
2012

6. Security analysis of session initiation protocol

Author

Dobson, Lucas E., Dinolt, George, Eagle, Chris., Naval Postgraduate School (U.S.), and Computer Science

Subjects
Computer security, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Computer network protocols, Computer networks
Abstract

The goal of this thesis is to investigate the security of the Session Initiation Protocol (SIP). This was accomplished by researching previously discovered protocol and implementation vulnerabilities, evaluating the current state of security tools and using those tools to discover new vulnerabilities in SIP software. The CVSS v2 system was used to score protocol and implementation vulnerabilities to give them a meaning that was used to compare the severity of protocol vulnerabilities versus the implementation vulnerabilities. Comparison between protocol and implementation vulnerabilities reveals that software remains the greatest weakness of SIP. One particular weakness is lack of TLS (secure session level) implementation in any software tested. This remains a significant concern and leaves all of the software tested open to many of the protocol vulnerabilities mentioned. Furthermore, the large number of implementation vulnerabilities discovered in the parsing mechanisms while testing software leads to the conclusion that SIP is still too immature and complex of a protocol. More work needs to be done developing a reference implementation and robust parser for SIP, and TLS with SIP, before SIP is ready for environments that require high assurances of authenticity, secrecy and integrity. http://archive.org/details/securitynalysiso109455324 US Navy (USN) author Approved for public release; distribution is unlimited.

Published
2010

7. Employing a secure Virtual Private Network (VPN) infrastructure as a global command and control gateway to dynamically connect and disconnect diverse forces on a task-force-by-task-force basis

Author

Kilcrease, Patrick N., Barreto, Albert, Mayfield, Ross, and Naval Postgraduate School (U.S.)

Subjects
Network analysis (Planning), Computer security, Computer network protocols, Data encryption (Computer science)
Abstract

GHOSTNet is a secure and anonymous Virtual Private Network (VPN) service. Coupling Ethernet tunneling and proxy services to provide users safe and anonymous Internet access, GHOSTNet utilizes TLS (SSL) protocol with AES-256 encryption to secure the network along with PKI certificates and HMAC protection from replay attacks and UDP flooding. This thesis will be a system level test and evaluation of the GHOSTNet infrastructure. The primary objective is to determine the functional performance of GHOSTNet as a global command and control gateway with the goal of being able to dynamically connect and disconnect diverse forces on a task-force-by-task-force basis. To accomplish this objective, a robust test and evaluation plan will be implemented to base line the system in the moderate operating conditions of COASTS field experiments conducted at Camp Roberts. The system will then be tested in various operation environments to include, but not limited to, Fort Ord, the U.S. Cost Guard Station Monterey Bay, and Southern Thailand as part of the COASTS field experimentation program spanning FY 2008 and FY2009. http://archive.org/details/employingsecurev109454544 US Navy (USN) author. Approved for public release; distribution is unlimited.

Published
2009

8. A Security Framework for JXTA-Overlay

Author

Leonard Barolli, Keita Matsuo, Fatos Xhafa, Joan Arnedo-Moreno, and Universitat Politècnica de Catalunya. Departament de Ciències de la Computació

Subjects
Ordinadors, Xarxes d' -- Mesures de seguretat, XMLdsig, Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors [Àrees temàtiques de la UPC], Computer science, JXTA-overlay, Computer security, computer.software_genre, Security testing, Security information and event management, World Wide Web, Security engineering, Computer networks -- Security measures, Computer network protocols, P2P, Cloud computing security, Xarxes punt a punt (Xarxes d'ordinadors), Computer security model, JXTA, Security service, Peer-to-peer architecture (Computer networks), Peer-to-peer, Security through obscurity, Human-computer interaction in information security, Security, computer, Protocols de xarxes d'ordinadors
Abstract

En l'actualitat, la maduresa del camp de la investigació P2P empès a través de nous problemes, relacionats amb la seguretat. Per aquesta raó, la seguretat comença a convertir-se en una de les qüestions clau en l'avaluació d'un sistema P2P, i és important proporcionar mecanismes de seguretat per a sistemes P2P. El projecte JXTAOverlay fa un esforç per utilitzar la tecnologia JXTA per proporcionar un conjunt genèric de funcions que poden ser utilitzades pels desenvolupadors per desplegar aplicacions P2P. No obstant això, encara que el seu disseny es va centrar en qüestions com ara l'escalabilitat o el rendiment general, no va tenir en compte la seguretat. Aquest treball proposa un marc de seguretat, adaptat específicament a la idiosincràsia del JXTAOverlay. At present time, the maturity of P2P research field has pushed through new problems such us those related with security. For that reason, security starts to become one of the key issues when evaluating a P2P system and it is important to provide security mechanisms to P2P systems. The JXTAOverlay project is an effort to use JXTA technology to provide a generic set of functionalities that can be used by developers to deploy P2P applications. However, since its design focused on issues such as scalability or overall performance, it did not take security into account. This work proposes a security framework specifically suited to JXTAOverlay¿s idiosyncrasies. En la actualidad, la madurez del campo de la investigación P2P empujado a través de nuevos problemas, relacionados con la seguridad. Por esta razón, la seguridad comienza a convertirse en una de las cuestiones clave en la evaluación de un sistema P2P, y es importante proporcionar mecanismos de seguridad para sistemas P2P. El proyecto JXTAOverlay hace un esfuerzo por utilizar la tecnología JXTA para proporcionar un conjunto genérico de funciones que pueden ser utilizadas por los desarrolladores para desplegar aplicaciones P2P. Sin embargo, aunque su diseño se centró en cuestiones como la escalabilidad o el rendimiento general, no tuvo en cuenta la seguridad. Este trabajo propone un marco de seguridad, adaptado específicamente a la idiosincrasia del JXTAOverlay.

Published
2009

9. Security analysis of two fair exchange protocols

Author

Gahlot, Jai and Mathuria, Anish M.

Subjects
Security auditing, Right of electronic commerce, Computer security, Security measures, Computer network protocols, Access control, Security assessment
Abstract

E-commerce applications enable two parties to exchange digital items electronically. It is critical for such applications that the underlying protocols ensure the fairness requirement: no honest participant should suffer any loss of significant value. It is important to verify that an e-commerce protocol satisfies its fairness goal. Formal methods such as model checking can be helpful in this regard. To this end, it is essential to develop a model of the protocol under realistic assumptions. Using the NetBill protocol as an example this work shows how improper modelling can lead to incorrect claims about the protocol. It also shows how a carefully developed formal model can be successfully used to discover previously unknown flaws in an existing protocol.

Published
2007

10. Trust relationships in exchange protocols

Author

Gonzãlez-Deleito Collell, Nicolãs, Gollmann, Dieter, Roggeman, Yves, Markowitch, Olivier, López, Javier, and Devillers, Raymond

Subjects
security protocols, Sécurité informatique, Informatique générale, Electronic commerce, Echange électronique d'information, non-repudiation, Computer security, Computer network protocols, Electronic data interchange, contract signing, Commerce électronique, Protocoles de réseaux d'ordinateurs, certified email, fair exchange, Sciences exactes et naturelles
Abstract

Les protocoles d'échange d'informations représentent un des grands domaines actuels de recherche en sécurité informatique, et sont entre autres à la base des mécanismes de commerce électronique. Ils sont par exemple nécessaires à la réalisation d'un achat en ligne, à la signature d'un contrat électronique et au courrier électronique recommandé. Dans ces exemples, les échanges d'informations consistent à échanger respectivement un objet électronique contre un paiement, des signatures digitales sur un même contrat, et un courrier électronique contre un accusé de réception.Informellement, un protocole mettant en oeuvre de tels types d'échanges est dit équitable si et seulement si à la fin du protocole soit l'échange d'information a eu lieu, soit aucune information (même en partie) n'a été échangée. Afin d'assurer cette propriété d'équité de manière efficace, et d'éviter ainsi des éventuels comportements malhonnêtes de la part des participants à l'échange d'informations qui chercheraient à nuire au bon déroulement du protocole, une tierce partie de confiance est utilisée.Un des buts de cette thèse est de discerner les tâches devant être assurées par une telle tierce partie de confiance et développer des méthodes permettant d'en minimiser le nombre et l'importance, afin de limiter la confiance que les entités effectuant l'échange doivent porter à cette tierce partie. Pour cela, nous identifions tout d'abord de manière générique quels sont ces types de tâches, puis nous analysons sous ce point de vue les principaux protocoles ayant été proposés dans la littérature.Cette démarche nous conduit ensuite naturellement à nous pencher sur les relations de confiance entre les participants à un protocole d'échange. Ce type de relations est particulièrement significatif pour des protocoles à plus de deux participants.Enfin, dans ce travail, nous observons à la lumière des aspects de confiance, les différentes propriétés propres aux protocoles d'échange, et nous proposons plusieurs nouveaux protocoles ayant des besoins en confiance limités., Doctorat en sciences, Spécialisation Informatique, info:eu-repo/semantics/nonPublished

Published
2005

12. A reliable system for JXTA-Overlay P2P platform considering number of authentic files, security and QoS parameters

Author

Donald Elmazi, Leonard Barolli, Fatos Xhafa, Yi Liu, Shinji Sakamoto, Kazunori Uchida, and Universitat Politècnica de Catalunya. Departament de Ciències de la Computació

Subjects
Artificial intelligence, Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors [Àrees temàtiques de la UPC], Network security, Computer science, Distributed computing, media_common.quotation_subject, Overlay network, Overlay, security, Seguretat informàtica, Informàtica::Seguretat informàtica [Àrees temàtiques de la UPC], Computer security, Computer network protocols, Broadband communication systems, fuzzy ystem, Reliability (statistics), media_common, P2P, reliability, business.industry, JXTA-Overlay platform, Quality of service, Intel·ligència artificial, Telecomunicació de banda ampla, Sistemes de, number of authentic files, quality of service, business, Protocols de xarxes d'ordinadors, Reputation, Computer network
Abstract

(c) 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works. The reliability of peers is very important for safe communication in Peer-to-Peer (P2P) systems. The reliability of a peer can be evaluated based on the reputation and interactions with other peers to provide different services. However, in order to decide the peer reliability there are needed many parameters, which make the problem NP-hard. In this paper, we propose and evaluate a new fuzzy-based reliability system for P2P communications in JXTA-Overlay platform. In our system, we considered three input parameters: Number of Authentic Files (NAF), Security (S) and Quality of Service (QoS) to decide the Peer Reliability (PR). We evaluate the proposed system by computer simulations. The simulation results have shown that the proposed system has a good performance and can choose reliable peers to connect in JXTA-Overlay platform.

13. RIAPPA: a robust identity assignment protocol for P2P overlays

Author

Caubet Fernández, Juan, Esparza Martín, Óscar|||0000-0002-2593-0162, Muñoz Tapia, José Luis|||0000-0001-6442-437X, Alins Delgado, Juan José|||0000-0001-8214-4056, Mata Diaz, Jorge|||0000-0003-4831-0588, Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica, and Universitat Politècnica de Catalunya. SERTEL - Serveis Telemàtics

Subjects
Ordinadors, Xarxes d' -- Mesures de seguretat, DHT, Sybil attack, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Systems, Network, Eclipse attack, Seguretat informàtica, Trust, Informàtica::Seguretat informàtica [Àrees temàtiques de la UPC], Computer networks -- Security measures, Computer security, Computer network protocols, P2P overlay, Defense, Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors::Protocols de comunicació [Àrees temàtiques de la UPC], Identity assignment, Chord, Protocols de xarxes d'ordinadors, Sybil attacks
Abstract

Peer-to-peer (P2P) overlay networks have been proposed to solve routing problems of big distributed infrastructures, even for Internet scale. But the research community has been questioning the security of these networks for years. Most prior work in security services was focused on trust and reputation systems, anonymity, and secure routing. However, the proper management of identities in overlays is an important prerequisite to provide most of these security services. In this paper, we propose a protocol to control the access to a P2P overlay and to assign identities in a secure way; all this preserving the anonymity of users. This protocol involves two trusted third parties (TTPs), thanks to which it is possible to preserve the users' anonymity within the network without losing traceability. Users are authenticated by a TTP using real-world digital certificates, they select their network identifier jointly with the other TTP, and finally, the two TTPs issue the internal certificate to them. The protocol also provides revocability and protection against Sybil attacks, Eclipse attacks, whitewashers, and so on. A detailed protocol description is presented, and a performance and security analysis of the protocol is also provided. Copyright (c) 2014 John Wiley & Sons, Ltd.

14. Ağ üzerinden yavaşlama tabanlı anomali tespiti

Subjects
Değişim analizi, Network systems, Ağ performansı, Change analysis, Bilgisayar ağları, Computer security, Network performance, Computer network protocols, Bilgisayar ağ protokolleri, Bilgisayar güvenliği, Statistics tests, İstatistik testler, Computer networks, Ağ sistemleri
Abstract

In this work, we test an approach for passively detecting the slowdown which arises from some anomalies on computers over the network. This novel approach is important and differs from some other methodologies because it works without the measurements done on the computer itself, but it is based on the observation of client's network interactions out of the client. The proposed approach relies on detecting the slowdown via measurement of the elapsed time while client responds to the server in some network protocols. For this purpose, we tested and examined some statistical tests and algorithms based on these.Anomalies which cause the slowdown of computers are defined as hardware and software changes, errors and problems, malicious software infection. In order to detect the effects of these factors, we tested the methodology over the data we collected over different systems which include these activities.We have designed different test environments to collect data over client running some applications which include specific activities to be tested. In this setup, the client network traffic is captured over the network by an observer machine. We have calculated the response times and have seen that the slowdown amount is sufficient for detection of anomalies in reference to the ground state. Results have shown that the approach is suitable for measurement of the slowdown., Bu çalışmamızda, bilgisayarlarda meydana gelen bazı anomalilerin neden olduğu yavaşlamayı, bilgisayar dışından ve edilgen olarak tespit etmeyi amaçlayan bir yaklaşımı test ediyoruz. Bu yaklaşımın farklı olduğu nokta ve önemli özelliği, bilgisayar üzerinden yapılan ölçümlerle değil, tamamen dışarıdan, ağ etkileşimlerinin esas alınmasıyla çalışıyor olmasıdır. Burada önerilen yaklaşım, bilgisayarın bazı ağ etkileşimlerinde sunucuya yanıt verme sürelerinin dışarıdaki bir gözlemci bilgisayar üzerinden ölçülmesi ve bu verinin çözümlenmesiyle yavaşlamanın tespit edilmesidir. Bu amaçla bazı istatistiksel testler ve bunlara dayalı algoritmalar denenmiş ve ne düzeyde başarılı oldukları incelenmiştir.Bilgisayarın yavaşlamasına sebep olan anomaliler, donanımsal ve yazılımsal değişiklikler, hatalar ve sorunlar, kötü amaçlı yazılımların bulaşması olarak tanımlanmıştır. Bu etkenlerin sebep olduğu etkilerin tespit edilebilmesi için bu etmenleri içeren farklı sistem yapılandırmaları üzerinde testler yapılmış ve bunlardan alınan verilerle yöntem incelenmiştir.Verilerin toplanabilmesi için bir test ortamı oluşturulmuş ve belirli etkinlikleri içeren uygulamalar istemci makine üzerinde çalıştırılarak, istemcinin ağ trafiği gözlemci bir makine üzerinden toplanmıştır. Bu veri içerisinden bazı protokoller için yanıt süreleri hesaplanmış ve yapılan istatistiksel testler sonucunda yavaşlama miktarının dışarıdan ölçülebilir ve temel durumdan ayırt edilebilir boyutta olduğu görülmüştür. Sonuçlar, önerilen yaklaşımın kullanılmaya uygun olduğunu göstermektedir.

15. Protocol testing methdology development at NBS

Author

Robert P. Blanc

Subjects
Protocol (science), Government, Correctness, Computer Networks and Communications, Computer science, Computer security, computer.software_genre, Variety (cybernetics), Software portability, Engineering management, Global network, File transfer, Computer-mediated communication, computer, Software
Abstract

The National Bureau of Standards has three primary goals in computer networking. 1. To develop networking and protocol standards which meet U.S. Government and industry requirements and will be implemented in off-the-shelf, commercial products. 2. To develop testing methodologies to support the development and implementation of computer network protocols; and 3. To assist Government and industry users in the application of advanced networking technologies, and computer and communication manufacturers, in the implementation of standard protocols. To support these objectives, NBS has laboratory activities where prototypes of draft protocol standards are implemented and tested in a variety of communications environments (e.g. global networks, local networks, office systems networks), supporting different applications (e.g. file transfer, message processing), on difference kinds and sizes of computers. The primary purposes are to advance the state of the art in measurement methodologies for advanced computer networking technologies, and to determine protocol implementation correctness and performance. NBS views testing as a cooperative research effort and works with other agencies, private sector companies and other countries in the development of methodologies. At this time, this cooperation involves five network laboratories in other countries and over 20 computer manufacturers. The test methodologies developed at NBS are well documented and the testing tools themselves are developed with an objective of portability and made available to many organizations engaged in protocol development and implementations. Consistent with goals, NBS standards developments, research in testing methodologies, and technical assistance are characterized by direct industry/government cooperation and mutual support.

Published
1984

Catalog

Books, media, physical & digital resources
See catalog results