Packet Filtering Based On Differentiated Services Code Point For DHCP Starvation Attacks Prevention

The use of the internet today has become a necessity, the most commonly used media to connect to the internet is a Wireless LAN network. For easy access to the network, DHCP service become a standard feature that must exist, because ordinary users no longer need to think about procedures for configuring IP addresses, all of which have been done automatically by the DHCP service. But it turns out that there is a security threat to DHCP service, namely DHCP Starvation attacks that can be exhausting the availability of IP addresses in DHCP service so that the configuration of IP address automatically can no longer be done on the client. Various methods such as authentication, cryptography, and machine learning are used by researchers in preventing DHCP Starvation attacks, but the issue of effectiveness and efficiency still opens up further research opportunities. In this research, packet filtering methods based on DSCP code applied to the Netfilter system are used to do prevention of DHCP Starvation attacks, this method has proven to be very effective in making prevention and more efficient when applied on small scale wireless networks such as at office networks and internet cafe.The use of the internet today has become a necessity, the most commonly used media to connect to the internet is a Wireless LAN network. For easy access to the network, DHCP service become a standard feature that must exist, because ordinary users no longer need to think about procedures for configuring IP addresses, all of which have been done automatically by the DHCP service. But it turns out that there is a security threat to DHCP service, namely DHCP Starvation attacks that can be exhausting the availability of IP addresses in DHCP service so that the configuration of IP address automatically can no longer be done on the client. Various methods such as authentication, cryptography, and machine learning are used by researchers in preventing DHCP Starvation attacks, but the issue of effectiveness and efficiency still opens up further research opportunities. In this research, packet filtering methods based on DSCP code applied to the Netfilter system are used to do prevention of DHCP Starvation attacks, this method has proven to be very effective in making prevention and more efficient when applied mainly on small and medium scale networks

Contextually and identity aware 5G services

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University LondonThe fifth generation (5G) mobile networks aim to be ten times faster than the existing 4G connection, whilst providing low latency, and flexibility. Hence, various alterations are planned to the existing network infrastructure to be able to reach the 5G expected performance levels. The main technologies that were used, to ensure high performance, flexible network, and efficient resource allocation, are Software Defined Network and Network Function Virtualization. As these technologies are replacing the device-based architecture with, a service-based architecture. This thesis provides a design of location database interactive web interface and interactive mobile application. The implementation of real time video streaming location server, the streaming system's performance parameters demonstrated a high level of QoS (0.07ms jitter and 9.53ms delay). In regard to experimental examination, it measured the localisation coverage, accuracy measurements and a highly scalable security solution. The localisation coverage and accuracy measurements were achieved through the mmWave and VLC link transmitters. The proposed simulated annealing algorithm aimed at data optimisation for location measurements accuracy showed results of the average location error of x and y which showed significant improvement from x= 22.5 and y=21.6 to x=11.09 and y= 11.63. The proposed indoor location security solution showed significant results, as it provides a high scalability solution using the VNF. The solution showed that it was not 100% effective, as some of the fake discover packets still reached the DHCP server. This was due to the high load of traffic passing through the network. Nonetheless, 90% of the fake DHCP discover packets never reached the DHCP server because the scripts began blocking all fake discover packets after realising it was an attack. This conveys that the proposed system was able to run successfully without crashing or overloading the controller. Overall, the main challenges facing 5G have been addressed with their proposed solutions, which showed promising results. Conclusively showing that there is a lot more space for technological advancements to support the future of mobile networks.European Union’s Horizon 2020 research program - the Internet of Radio-Light (IoRL) project H2020-ICT 761992

Experimenting with commodity 802.11 hardware: overview and future directions

The huge adoption of 802.11 technologies has triggered a vast amount of experimentally-driven research works. These works range from performance analysis to protocol enhancements, including the proposal of novel applications and services. Due to the affordability of the technology, this experimental research is typically based on commercial off-the-shelf (COTS) devices, and, given the rate at which 802.11 releases new standards (which are adopted into new, affordable devices), the field is likely to continue to produce results. In this paper, we review and categorise the most prevalent works carried out with 802.11 COTS devices over the past 15 years, to present a timely snapshot of the areas that have attracted the most attention so far, through a taxonomy that distinguishes between performance studies, enhancements, services, and methodology. In this way, we provide a quick overview of the results achieved by the research community that enables prospective authors to identify potential areas of new research, some of which are discussed after the presentation of the survey.This work has been partly supported by the European Community through the CROWD project (FP7-ICT-318115) and by the Madrid Regional Government through the TIGRE5-CM program (S2013/ICE-2919).Publicad

Proceedings of the Third Edition of the Annual Conference on Wireless On-demand Network Systems and Services (WONS 2006)

Ce fichier regroupe en un seul documents l'ensemble des articles accéptés pour la conférences WONS2006/http://citi.insa-lyon.fr/wons2006/index.htmlThis year, 56 papers were submitted. From the Open Call submissions we accepted 16 papers as full papers (up to 12 pages) and 8 papers as short papers (up to 6 pages). All the accepted papers will be presented orally in the Workshop sessions. More precisely, the selected papers have been organized in 7 session: Channel access and scheduling, Energy-aware Protocols, QoS in Mobile Ad-Hoc networks, Multihop Performance Issues, Wireless Internet, Applications and finally Security Issues. The papers (and authors) come from all parts of the world, confirming the international stature of this Workshop. The majority of the contributions are from Europe (France, Germany, Greece, Italy, Netherlands, Norway, Switzerland, UK). However, a significant number is from Australia, Brazil, Canada, Iran, Korea and USA. The proceedings also include two invited papers. We take this opportunity to thank all the authors who submitted their papers to WONS 2006. You helped make this event again a success

Secure Communication in Disaster Scenarios

Während Naturkatastrophen oder terroristischer Anschläge ist die bestehende Kommunikationsinfrastruktur häufig überlastet oder fällt komplett aus. In diesen Situationen können mobile Geräte mithilfe von drahtloser ad-hoc- und unterbrechungstoleranter Vernetzung miteinander verbunden werden, um ein Notfall-Kommunikationssystem für Zivilisten und Rettungsdienste einzurichten. Falls verfügbar, kann eine Verbindung zu Cloud-Diensten im Internet eine wertvolle Hilfe im Krisen- und Katastrophenmanagement sein. Solche Kommunikationssysteme bergen jedoch ernsthafte Sicherheitsrisiken, da Angreifer versuchen könnten, vertrauliche Daten zu stehlen, gefälschte Benachrichtigungen von Notfalldiensten einzuspeisen oder Denial-of-Service (DoS) Angriffe durchzuführen. Diese Dissertation schlägt neue Ansätze zur Kommunikation in Notfallnetzen von mobilen Geräten vor, die von der Kommunikation zwischen Mobilfunkgeräten bis zu Cloud-Diensten auf Servern im Internet reichen. Durch die Nutzung dieser Ansätze werden die Sicherheit der Geräte-zu-Geräte-Kommunikation, die Sicherheit von Notfall-Apps auf mobilen Geräten und die Sicherheit von Server-Systemen für Cloud-Dienste verbessert

Identifying and Preventing Large-scale Internet Abuse

The widespread access to the Internet and the ubiquity of web-based services make it easy to communicate and interact globally. Unfortunately, the software and protocols implementing the functionality of these services are often vulnerable to attacks. In turn, an attacker can exploit them to compromise, take over, and abuse the services for her own nefarious purposes. In this dissertation, we aim to better understand such attacks, and we develop methods and algorithms to detect and prevent them, which we evaluate on large-scale datasets.First, we detail Meerkat, a system to detect a visible way in which websites are being compromised, namely website defacements. They can inflict significant harm on the websites’ operators through the loss of sales, the loss in reputation, or because of legal ramifications. Meerkat requires no prior knowledge about the websites’ content or their structure, but only the Uniform Resource Identifier (URI) at which they can be reached. By design, Meerkat mimics how a human analyst decides if a website was defaced when viewing it in a browser, by using computer vision techniques. Thus, it tackles the problem of detecting website defacements through their attention-seeking nature, their goal and purpose, rather than code or data artifacts that they might exhibit. In turn, it is much harder for an attacker to evade our system, as she needs to change her modus operandi. When Meerkat detects a website as defaced, the website can automatically be put into maintenance mode or restored to a known good state.An attacker, however, is not limited to abuse a compromised website in a way that is visible to the website’s visitors. Instead, she can misuse the website to infect its visitors with malicious software (malware). Although malware is well studied, identifying malicious websites remains a major challenge in today’s Internet. Second, we introduce Delta, a novel, purely static analysis approach that extracts change-related features between two versions of the same website, uses machine learning to derive a model of website changes, detects if an introduced change was malicious or benign, identifies the underlying infection vector based on clustering, and generates an identifying signature. Furthermore, due to the way Delta clusters campaigns, it can uncover infection campaigns that leverage specific vulnerable applications as a distribution channel, and it can greatly reduce the human labor necessary to uncover the application responsible for a service’s compromise.Third, we investigate the practicality and impact of domain takeover attacks, which an attacker can similarly abuse to spread misinformation or malware, and we present a defense on how such takeover attacks can be rendered toothless. Specifically, the new elasticity of Internet resources, in particular Internet protocol (IP) addresses in the context of Infrastructure-as-a-Service cloud service providers, combined with previously made protocol assumptions can lead to security issues. In Cloud Strife, we show that this dynamic component paired with recent developments in trust-based ecosystems (e.g., Transport Layer Security (TLS) certificates) creates so far unknown attack vectors. For example, a substantial number of stale domain name system (DNS) records points to readily available IP addresses in clouds, yet, they are still actively attempted to be accessed. Often, these records belong to discontinued services that were previously hosted in the cloud. We demonstrate that it is practical, and time and cost-efficient for attackers to allocate the IP addresses to which stale DNS records point. Further considering the ubiquity of domain validation in trust ecosystems, an attacker can impersonate the service by obtaining and using a valid certificate that is trusted by all major operating systems and browsers, which severely increases the attackers’ capabilities. The attacker can then also exploit residual trust in the domain name for phishing, receiving and sending emails, or possibly distributing code to clients that load remote code from the domain (e.g., loading of native code by mobile apps, or JavaScript libraries by websites). To prevent such attacks, we introduce a new authentication method for trust-based domain validation that mitigates staleness issues without incurring additional certificate requester effort by incorporating existing trust into the validation process.Finally, the analyses of Delta, Meerkat, and Cloud Strife have made use of large-scale measurements to assess our approaches’ impact and viability. Indeed, security research in general has made extensive use of exhaustive Internet-wide scans over the recent years, as they can provide significant insights into the state of security of the Internet (e.g., if classes of devices are behaving maliciously, or if they might be insecure and could turn malicious in an instant). However, the address space of the Internet’s core addressing protocol (Internet Protocol version 4; IPv4) is exhausted, and a migration to its successor (Internet Protocol version 6; IPv6), the only accepted long-term solution, is inevitable. In turn, to better understand the security of devices connected to the Internet, in particular Internet of Things devices, it is imperative to include IPv6 addresses in security evaluations and scans. Unfortunately, it is practically infeasible to iterate through the entire IPv6 address space, as it is 296 times larger than the IPv4 address space. Without enumerating hosts prior to scanning, we will be unable to retain visibility into the overall security of Internet-connected devices in the future, and we will be unable to detect and prevent their abuse or compromise. To mitigate this blind spot, we introduce a novel technique to enumerate part of the IPv6 address space by walking DNSSEC-signed IPv6 reverse zones. We show (i) that enumerating active IPv6 hosts is practical without a preferential network position contrary to common belief, (ii) that the security of active IPv6 hosts is currently still lagging behind the security state of IPv4 hosts, and (iii) that unintended default IPv6 connectivity is a major security issue

ICTERI 2020: ІКТ в освіті, дослідженнях та промислових застосуваннях. Інтеграція, гармонізація та передача знань 2020: Матеріали 16-ї Міжнародної конференції. Том II: Семінари. Харків, Україна, 06-10 жовтня 2020 р.

This volume represents the proceedings of the Workshops co-located with the 16th International Conference on ICT in Education, Research, and Industrial Applications, held in Kharkiv, Ukraine, in October 2020. It comprises 101 contributed papers that were carefully peer-reviewed and selected from 233 submissions for the five workshops: RMSEBT, TheRMIT, ITER, 3L-Person, CoSinE, MROL. The volume is structured in six parts, each presenting the contributions for a particular workshop. The topical scope of the volume is aligned with the thematic tracks of ICTERI 2020: (I) Advances in ICT Research; (II) Information Systems: Technology and Applications; (III) Academia/Industry ICT Cooperation; and (IV) ICT in Education.Цей збірник представляє матеріали семінарів, які були проведені в рамках 16-ї Міжнародної конференції з ІКТ в освіті, наукових дослідженнях та промислових застосуваннях, що відбулася в Харкові, Україна, у жовтні 2020 року. Він містить 101 доповідь, які були ретельно рецензовані та відібрані з 233 заявок на участь у п'яти воркшопах: RMSEBT, TheRMIT, ITER, 3L-Person, CoSinE, MROL. Збірник складається з шести частин, кожна з яких представляє матеріали для певного семінару. Тематична спрямованість збірника узгоджена з тематичними напрямками ICTERI 2020: (I) Досягнення в галузі досліджень ІКТ; (II) Інформаційні системи: Технології і застосування; (ІІІ) Співпраця в галузі ІКТ між академічними і промисловими колами; і (IV) ІКТ в освіті

Model Checking and Model-Based Testing : Improving Their Feasibility by Lazy Techniques, Parallelization, and Other Optimizations

This thesis focuses on the lightweight formal method of model-based testing for checking safety properties, and derives a new and more feasible approach. For liveness properties, dynamic testing is impossible, so feasibility is increased by specializing on an important class of properties, livelock freedom, and deriving a more feasible model checking algorithm for it. All mentioned improvements are substantiated by experiments