4,894 research outputs found
KISS: Stochastic Packet Inspection Classifier for UDP Traffic
This paper proposes KISS, a novel Internet classifica- tion engine. Motivated by the expected raise of UDP traffic, which stems from the momentum of Peer-to-Peer (P2P) streaming appli- cations, we propose a novel classification framework that leverages on statistical characterization of payload. Statistical signatures are derived by the means of a Chi-Square-like test, which extracts the protocol "format," but ignores the protocol "semantic" and "synchronization" rules. The signatures feed a decision process based either on the geometric distance among samples, or on Sup- port Vector Machines. KISS is very accurate, and its signatures are intrinsically robust to packet sampling, reordering, and flow asym- metry, so that it can be used on almost any network. KISS is tested in different scenarios, considering traditional client-server proto- cols, VoIP, and both traditional and new P2P Internet applications. Results are astonishing. The average True Positive percentage is 99.6%, with the worst case equal to 98.1,% while results are al- most perfect when dealing with new P2P streaming applications
XSS-FP: Browser Fingerprinting using HTML Parser Quirks
There are many scenarios in which inferring the type of a client browser is
desirable, for instance to fight against session stealing. This is known as
browser fingerprinting. This paper presents and evaluates a novel
fingerprinting technique to determine the exact nature (browser type and
version, eg Firefox 15) of a web-browser, exploiting HTML parser quirks
exercised through XSS. Our experiments show that the exact version of a web
browser can be determined with 71% of accuracy, and that only 6 tests are
sufficient to quickly determine the exact family a web browser belongs to
RF Localization in Indoor Environment
In this paper indoor localization system based on the RF power measurements of the Received Signal Strength (RSS) in WLAN environment is presented. Today, the most viable solution for localization is the RSS fingerprinting based approach, where in order to establish a relationship between RSS values and location, different machine learning approaches are used. The advantage of this approach based on WLAN technology is that it does not need new infrastructure (it reuses already and widely deployed equipment), and the RSS measurement is part of the normal operating mode of wireless equipment. We derive the Cramer-Rao Lower Bound (CRLB) of localization accuracy for RSS measurements. In analysis of the bound we give insight in localization performance and deployment issues of a localization system, which could help designing an efficient localization system. To compare different machine learning approaches we developed a localization system based on an artificial neural network, k-nearest neighbors, probabilistic method based on the Gaussian kernel and the histogram method. We tested the developed system in real world WLAN indoor environment, where realistic RSS measurements were collected. Experimental comparison of the results has been investigated and average location estimation error of around 2 meters was obtained
Family-Based Fingerprint Analysis: A Position Paper
Thousands of vulnerabilities are reported on a monthly basis to security
repositories, such as the National Vulnerability Database. Among these
vulnerabilities, software misconfiguration is one of the top 10 security risks
for web applications. With this large influx of vulnerability reports, software
fingerprinting has become a highly desired capability to discover distinctive
and efficient signatures and recognize reportedly vulnerable software
implementations. Due to the exponential worst-case complexity of fingerprint
matching, designing more efficient methods for fingerprinting becomes highly
desirable, especially for variability-intensive systems where optional features
add another exponential factor to its analysis. This position paper presents
our vision of a framework that lifts model learning and family-based analysis
principles to software fingerprinting. In this framework, we propose unifying
databases of signatures into a featured finite state machine and using presence
conditions to specify whether and in which circumstances a given input-output
trace is observed. We believe feature-based signatures can aid performance
improvements by reducing the size of fingerprints under analysis.Comment: Paper published in the Proceedings A Journey from Process Algebra via
Timed Automata to Model Learning: Essays Dedicated to Frits Vaandrager on the
Occasion of His 60th Birthday 202
Authentication of Students and Students’ Work in E-Learning : Report for the Development Bid of Academic Year 2010/11
Global e-learning market is projected to reach $107.3 billion by 2015 according to a new report by The Global Industry Analyst (Analyst 2010). The popularity and growth of the online programmes within the School of Computer Science obviously is in line with this projection. However, also on the rise are students’ dishonesty and cheating in the open and virtual environment of e-learning courses (Shepherd 2008). Institutions offering e-learning programmes are facing the challenges of deterring and detecting these misbehaviours by introducing security mechanisms to the current e-learning platforms. In particular, authenticating that a registered student indeed takes an online assessment, e.g., an exam or a coursework, is essential for the institutions to give the credit to the correct candidate. Authenticating a student is to ensure that a student is indeed who he says he is. Authenticating a student’s work goes one step further to ensure that an authenticated student indeed does the submitted work himself. This report is to investigate and compare current possible techniques and solutions for authenticating distance learning student and/or their work remotely for the elearning programmes. The report also aims to recommend some solutions that fit with UH StudyNet platform.Submitted Versio
- …