Adaptive Traffic Fingerprinting for Darknet Threat Intelligence

Darknet technology such as Tor has been used by various threat actors for organising illegal activities and data exfiltration. As such, there is a case for organisations to block such traffic, or to try and identify when it is used and for what purposes. However, anonymity in cyberspace has always been a domain of conflicting interests. While it gives enough power to nefarious actors to masquerade their illegal activities, it is also the cornerstone to facilitate freedom of speech and privacy. We present a proof of concept for a novel algorithm that could form the fundamental pillar of a darknet-capable Cyber Threat Intelligence platform. The solution can reduce anonymity of users of Tor, and considers the existing visibility of network traffic before optionally initiating targeted or widespread BGP interception. In combination with server HTTP response manipulation, the algorithm attempts to reduce the candidate data set to eliminate client-side traffic that is most unlikely to be responsible for server-side connections of interest. Our test results show that MITM manipulated server responses lead to expected changes received by the Tor client. Using simulation data generated by shadow, we show that the detection scheme is effective with false positive rate of 0.001, while sensitivity detecting non-targets was 0.016+-0.127. Our algorithm could assist collaborating organisations willing to share their threat intelligence or cooperate during investigations.Comment: 26 page

The Road Ahead for Networking: A Survey on ICN-IP Coexistence Solutions

In recent years, the current Internet has experienced an unexpected paradigm shift in the usage model, which has pushed researchers towards the design of the Information-Centric Networking (ICN) paradigm as a possible replacement of the existing architecture. Even though both Academia and Industry have investigated the feasibility and effectiveness of ICN, achieving the complete replacement of the Internet Protocol (IP) is a challenging task. Some research groups have already addressed the coexistence by designing their own architectures, but none of those is the final solution to move towards the future Internet considering the unaltered state of the networking. To design such architecture, the research community needs now a comprehensive overview of the existing solutions that have so far addressed the coexistence. The purpose of this paper is to reach this goal by providing the first comprehensive survey and classification of the coexistence architectures according to their features (i.e., deployment approach, deployment scenarios, addressed coexistence requirements and architecture or technology used) and evaluation parameters (i.e., challenges emerging during the deployment and the runtime behaviour of an architecture). We believe that this paper will finally fill the gap required for moving towards the design of the final coexistence architecture.Comment: 23 pages, 16 figures, 3 table

A Survey of Green Networking Research

Reduction of unnecessary energy consumption is becoming a major concern in wired networking, because of the potential economical benefits and of its expected environmental impact. These issues, usually referred to as "green networking", relate to embedding energy-awareness in the design, in the devices and in the protocols of networks. In this work, we first formulate a more precise definition of the "green" attribute. We furthermore identify a few paradigms that are the key enablers of energy-aware networking research. We then overview the current state of the art and provide a taxonomy of the relevant work, with a special focus on wired networking. At a high level, we identify four branches of green networking research that stem from different observations on the root causes of energy waste, namely (i) Adaptive Link Rate, (ii) Interface proxying, (iii) Energy-aware infrastructures and (iv) Energy-aware applications. In this work, we do not only explore specific proposals pertaining to each of the above branches, but also offer a perspective for research.Comment: Index Terms: Green Networking; Wired Networks; Adaptive Link Rate; Interface Proxying; Energy-aware Infrastructures; Energy-aware Applications. 18 pages, 6 figures, 2 table

Improving perceptual multimedia quality with an adaptable communication protocol

Copyrights @ 2005 University Computing Centre ZagrebInnovations and developments in networking technology have been driven by technical considerations with little analysis of the benefit to the user. In this paper we argue that network parameters that define the network Quality of Service (QoS) must be driven by user-centric parameters such as user expectations and requirements for multimedia transmitted over a network. To this end a mechanism for mapping user-oriented parameters to network QoS parameters is outlined. The paper surveys existing methods for mapping user requirements to the network. An adaptable communication system is implemented to validate the mapping. The architecture adapts to varying network conditions caused by congestion so as to maintain user expectations and requirements. The paper also surveys research in the area of adaptable communications architectures and protocols. Our results show that such a user-biased approach to networking does bring tangible benefits to the user

Poor Man's Content Centric Networking (with TCP)

A number of different architectures have been proposed in support of data-oriented or information-centric networking. Besides a similar visions, they share the need for designing a new networking architecture. We present an incrementally deployable approach to content-centric networking based upon TCP. Content-aware senders cooperate with probabilistically operating routers for scalable content delivery (to unmodified clients), effectively supporting opportunistic caching for time-shifted access as well as de-facto synchronous multicast delivery. Our approach is application protocol-independent and provides support beyond HTTP caching or managed CDNs. We present our protocol design along with a Linux-based implementation and some initial feasibility checks

Design of a 5G Multimedia Broadcast Application Function Supporting Adaptive Error Recovery

The demand for mobile multimedia streaming services has been steadily growing in recent years. Mobile multimedia broadcasting addresses the shortage of radio resources but introduces a network error recovery problem. Retransmitting multimedia segments that are not correctly broadcast can cause service disruptions and increased service latency, affecting the quality of experience perceived by end users. With the advent of networking paradigms based on virtualization technologies, mobile networks have been enabled with more flexibility and agility to deploy innovative services that improve the utilization of available network resources. This paper discusses how mobile multimedia broadcast services can be designed to prevent service degradation by using the computing capabilities provided by multiaccess edge computing (MEC) platforms in the context of a 5G network architecture. An experimental platform has been developed to evaluate the feasibility of a MEC application to provide adaptive error recovery for multimedia broadcast services. The results of the experiments carried out show that the proposal provides a flexible mechanism that can be deployed at the network edge to lower the impact of transmission errors on latency and service disruptions.Comment: 14 pages, 10 figure