Search

Your search keyword '"Secure Shell"' showing total 7 results
Start Over Descriptor "Secure Shell" Publisher institute of electrical and electronics engineers (ieee)
7 results on '"Secure Shell"'

1. A Heuristic Statistical Testing Based Approach for Encrypted Network Traffic Identification

Author

Xiaosong Zhang, Zhongliu Zhuo, Niu Weina, Guowu Yang, Xiaojiang Du, and Mohsen Guizani

Subjects
Handshake, Computer Networks and Communications, Computer science, Heuristic (computer science), protocol-independent, Aerospace Engineering, 02 engineering and technology, computer.software_genre, Encryption, 0203 mechanical engineering, statistical testing, Randomness tests, Electrical and Electronic Engineering, Transport Layer Security, business.industry, Secure Shell, 020302 automobile design & engineering, Cryptographic protocol, Statistical classification, Identification (information), machine learning, handshake skipping, Automotive Engineering, Encrypted traffic identification, Malware, Data mining, business, computer
Abstract

In recent years, malware with strong concealment uses encrypted protocol to evade detection. Thus, encrypted traffic identification can help security analysts to be more effective in narrowing down those encrypted network traffic. Existing methods are protocol independent, such as statistical-based and machine-learning-based approaches. Statistical-based approaches, however, are confined to payload length and machine-learning-based approaches have a low recognition rate for encrypted traffic using undisclosed protocols. In this paper, we proposed a heuristic statistical testing (HST) approach that combines both statistics and machine learning and has been proved to alleviate their respective deficiencies. We manually selected four randomness tests to extract small payload features for machine learning to improve real-time performances. We also proposed a simple handshake skipping method called HST-R to increase the classification accuracy. We compared our approach with other identification approaches on a testing dataset consisting of traffic that uses two known, two undisclosed, and one custom cryptographic protocols. Experimental results showed that HST-R performs better than other traditional coding-based, entropy-based, and ML-based approaches. We also showed that our handshake skipping method could generalize better for unknown cryptographic protocols. Finally, we also conducted experimental comparisons among different classification algorithms. The results showed that C4.5, with our method, has the highest identification accuracy for secure sockets layer and secure shell traffic. Basic Research Programs of Sichuan Province, Science and Technology Foundation of State Grid Corporation of China, National Natural Science Foundation of China Scopus

Published
2019

2. Detecting Malicious Activity With DNS Backscatter Over Time

Author

Kensuke Fukuda, John Heidemann, and Abdul Qadeer

Subjects
Computer Networks and Communications, Computer science, business.industry, BitTorrent tracker, Domain Name System, Secure Shell, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Electronic mail, Computer Science Applications, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, DNS hijacking, Backscatter (email), Heartbleed, business, computer, Software, Computer network
Abstract

Network-wide activity is when one computer (the originator ) touches many others (the targets ). Motives for activity may be benign (mailing lists, content-delivery networks, and research scanning), malicious (spammers and scanners for security vulnerabilities), or perhaps indeterminate (ad trackers). Knowledge of malicious activity may help anticipate attacks, and understanding benign activity may set a baseline or characterize growth. This paper identifies domain name system (DNS) backscatter as a new source of information about network-wide activity. Backscatter is the reverse DNS queries caused when targets or middleboxes automatically look up the domain name of the originator. Queries are visible to the authoritative DNS servers that handle reverse DNS. While the fraction of backscatter they see depends on the server’s location in the DNS hierarchy, we show that activity that touches many targets appear even in sampled observations. We use information about the queriers to classify originator activity using machine-learning. Our algorithm has reasonable accuracy and precision (70–80%) as shown by data from three different organizations operating DNS servers at the root or country level. Using this technique, we examine nine months of activity from one authority to identify trends in scanning, identifying bursts corresponding to Heartbleed, and broad and continuous scanning of secure shell.

Published
2017

3. GWMEP: Task-Manageras-a-Service in Apache CloudStack

Author

Antonio J. Garcia-Loureiro, Guillermo Indalecio, and F. Gomez-Folgar

Subjects
Task management, Computer Networks and Communications, business.industry, Computer science, Secure Shell, Distributed computing, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, computer.software_genre, Cost reduction, Elasticity (cloud computing), Virtual machine, Software deployment, 0202 electrical engineering, electronic engineering, information engineering, Operating system, 020201 artificial intelligence & image processing, Task manager, business, computer
Abstract

To provide researchers with the computing capacity that they need, several solutions have emerged. Cloud computing is known for providing on-demand self-service, elasticity, flexibility, and cost reduction. However, open source clouds such as Eucalyptus, OpenNebula, OpenStack, and Apache CloudStack don't provide features to handle computing tasks or workloads on virtual machines. Here, a solution is presented that lets the user execute tasks from within Apache CloudStack's interface, supporting task deployment, management, and retrieval, even in external Secure Shell (SSH)-reachable computing resources.

Published
2016

4. Honey Encryption: Encryption beyond the Brute-Force Barrier

Author

Thomas Ristenpart and Ari Juels

Subjects
Password, Password policy, Computer Networks and Communications, business.industry, Computer science, Secure Shell, Cryptography, computer.software_genre, Computer security, Encryption, One-time pad, Multiple encryption, Probabilistic encryption, Ciphertext, Key (lock), Attribute-based encryption, Electrical and Electronic Engineering, On-the-fly encryption, business, Law, computer, Password psychology, Honey Encryption, Hacker
Abstract

Honey encryption (HE) addresses the challenge of encrypting messages using keys that are vulnerable to guessing attacks, such as the passwords selected by ordinary users. HE creates a ciphertext that, when decrypted with an incorrect key or password, yields a valid-looking but bogus message. So, attackers can't tell when decryption has been successful. Counterintuitively, HE enables the encryption of a message using a weak password such that even a strong attacker--one with unlimited computing power--can't decrypt the message with certainty. You can use HE to encrypt the list of passwords in a password manager, credentials used in SSH (Secure Shell), and so on. HE fuses the creative use of honey objects and decoys in system security with the rigor and principled application imparted by cryptography.

Published
2014

5. IEEE standards for encrypted storage

Author

J. Hughes

Subjects
Information privacy, Cloud computing security, General Computer Science, Computer science, computer.internet_protocol, business.industry, Secure Shell, Data security, Certified Information Systems Security Professional, Cryptography, Information security, Certification, Computer security, computer.software_genre, Communications security, Encryption, Security service, IPsec, On-the-fly encryption, business, computer, Computer network
Abstract

Numerous communications security standards - including IP security (IPsec), secure shell (SSH), and various forms of e-mail encryption - now exist to protect information in transit. However, businesses have come to realize that the mishandling of stored data - information at rest - is also a significant threat to them and their customers. Whether data is stolen, lost, or discarded, the results are the same: Information that should be confidential may no longer be. To address this deficiency, the IEEE Computer Society's Security in Storage Working Group (http://siswg.org) is developing Project 1619, Standard Architecture for Encrypted Shared Storage Media. P1619's goal is to enable the interoperable encryption of storage devices, provide methods for information owners to transfer key material, and facilitate product certification. The standard currently includes encryption at the physical level of disk and tape drives, and future efforts will extend it to objects and file systems.

Published
2004

6. SpectroGrid: providing simple secure remote access to scientific instruments

Author

Andre Charbonneau, Victor V. Terskikh, and IEEE

Subjects
Scientific instrument, Computer science, business.industry, Secure Shell, open source technology, Data security, remote instrumentation, virtual network computing (VNC), Computer security, computer.software_genre, law.invention, high performance network, Grid computing, secure shell (SSH), law, Server, remote access, SpectroGrid, grid security infrastructure (GSI), Grid Security Infrastructure, Telecommunications, business, computer, Virtual network, Remote control
Abstract

High Performance Computing Systems and Applications, June 09-11, 2008, Québec City, Québec, Canada, available, unlimited, public

Published
2008

Catalog

Books, media, physical & digital resources
See catalog results