Your search keyword '"Sqalli, M.H."' showing total 12 results

1. Discovering last-matching rules in popular open-source and commercial firewalls

Author

Salah, K., Sattar, K., Baig, Z.A., Sqalli, M.H., and Calyam, P.

Subjects

Public software -- Usage, Firewalls (Data security) -- Usage, Firewalls (Data security) -- Analysis, Data security -- Methods, Open source software, Firewall technology, Data security issue, Computers and office automation industries

Abstract

Byline: K. Salah, K. Sattar, Z.A. Baig, M.H. Sqalli, P. Calyam Denial of service (DoS) attacks pose a major threat to the smooth operations of critical network resources. Network firewalls act as the first line of defence against unwanted and malicious traffic. Firewalls themselves can become target of DoS attacks. In a prior work (Salah et al., 2009), we studied the resiliency and robustness of open-source network firewalls against the remote discovery of the last-matching rules. If last-matching rules are discovered, an attacker can launch an effective and slow-rate DoS attack which can bring down the firewall to its knees. In this paper, we examine and compare the resiliency of five of the most popular network firewalls, considering both open-source and commercial ones; namely, Linux NetFilter, Linux IPSets and FreeBSD ipfw, Cisco PIX and Cisco ASA. Our results show significant variations in the resiliency of these five firewall technologies, with Cisco ASA being the most resilient and Cisco PIX being the most vulnerable.

Published

2010

2. An Enhanced Estimator to Multi-objective OSPF Weight Setting Problem

Author

Sqalli, M.H., primary, Sait, S.M., additional, and Mohiuddin, M.A., additional

Published

2006

3. Identifying Scanning Activities in Honeynet Data Using Data Mining.

Author

Sqalli, M.H., Arshad, S., Khalaf, M., and Salah, K.

Published

2011

4. An Entropy and Volume-Based Approach for Identifying Malicious Activities in Honeynet Traffic.

Author

Sqalli, M.H., Firdous, S.N., Baig, Z., and Azzedin, F.

Published

2011

5. Identifying network traffic features suitable for honeynet data analysis.

Author

Sqalli, M.H., Firdous, S.N., Salah, K., and Abu-Amara, M.

Published

2011

6. Dynamic peer-to-peer (P2P) solution to counter malicious higher Domain Name System (DNS) nameservers.

Author

Abu-Amara, M., Azzedin, F., Abdulhameed, F.A., Mahmoud, A., and Sqalli, M.H.

Published

2011

7. Internet access denial by higher-tier ISPS: A NAT-based solution.

Author

Al-Baiz, A., Abu-Amara, M., Mahmoud, A., Sqalli, M.H., and Azzedin, F.

Published

2011

8. Resilient Internet access using tunnel-based solution for malicious ISP blocking.

Author

Abu-Amara, M., Asif, M.A.K., Sqalli, M.H., Mahmoud, A., and Azzedin, F.

Published

2011

9. A delay-based probing technique for the discovery of a firewall's accept rules.

Author

Alhamwi, M.K., Al-Hmouz, O., Sqalli, M.H., and Salah, K.

Published

2011

10. EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing.

Author

Sqalli, M.H., Al-Haidari, F., and Salah, K.

Published

2011

11. Minimizing the Number of Congested Links in OSPF Routing.

Author

Sqalli, M.H., Sait, S.M., and Asadullah, S.

Published

2008

12. An adaptive load-balancing approach to XML-based network management using JPVM.

Author

Sqalli, M.H. and Sirajuddin, S.

Published

2005