A hybrid and cross-protocol architecture with semantics and syntax awareness to improve intrusion detection efficiency in Voice over IP environments

Includes abstract.Includes bibliographical references (leaves 134-140).Voice and data have been traditionally carried on different types of networks based on different technologies, namely, circuit switching and packet switching respectively. Convergence in networks enables carrying voice, video, and other data on the same packet-switched infrastructure, and provides various services related to these kinds of data in a unified way. Voice over Internet Protocol (VoIP) stands out as the standard that benefits from convergence by carrying voice calls over the packet-switched infrastructure of the Internet. Although sharing the same physical infrastructure with data networks makes convergence attractive in terms of cost and management, it also makes VoIP environments inherit all the security weaknesses of Internet Protocol (IP). In addition, VoIP networks come with their own set of security concerns. Voice traffic on converged networks is packet-switched and vulnerable to interception with the same techniques used to sniff other traffic on a Local Area Network (LAN) or Wide Area Network (WAN). Denial of Service attacks (DoS) are among the most critical threats to VoIP due to the disruption of service and loss of revenue they cause. VoIP systems are supposed to provide the same level of security provided by traditional Public Switched Telephone Networks (PSTNs), although more functionality and intelligence are distributed to the endpoints, and more protocols are involved to provide better service. A new design taking into consideration all the above factors with better techniques in Intrusion Detection are therefore needed. This thesis describes the design and implementation of a host-based Intrusion Detection System (IDS) that targets VoIP environments. Our intrusion detection system combines two types of modules for better detection capabilities, namely, a specification-based and a signaturebased module. Our specification-based module takes the specifications of VoIP applications and protocols as the detection baseline. Any deviation from the protocol’s proper behavior described by its specifications is considered anomaly. The Communicating Extended Finite State Machines model (CEFSMs) is used to trace the behavior of the protocols involved in VoIP, and to help exchange detection results among protocols in a stateful and cross-protocol manner. The signature-based module is built in part upon State Transition Analysis Techniques which are used to model and detect computer penetrations. Both detection modules allow for protocol-syntax and protocol-semantics awareness. Our intrusion detection uses the aforementioned techniques to cover the threats propagated via low-level protocols such as IP, ICMP, UDP, and TCP

Security-centric analysis and performance investigation of IEEE 802.16 WiMAX

fi=vertaisarvioitu|en=peerReviewed

Telemedicine system in the South Atlantic. Phase VII (I)

The information technology and communications (also known as ICT) are an essential part of the evolution in the economy and society. Access to information has become a vital tool for the development of a community. Consequently, there has been a phenomenon known as "digital divide", which refers to differences between countries that have access to ICT and those without. This project aims to provide a small gesture to reduce the gap between what is often called "differences between North and South", providing an improvement in the telemedicine system that the NGO Telecos Sense Fronteres is developing to the Region of South Atlantic of Nicaragua since 2006. This seventh stage of the project has tried, first of all, to make a careful maintenance of the infrastructure and equipment which currently has the Hospital Ernesto Sequeira Blanco of Bluefields; to improve their performance by incorporating a system of virtual desktops. In addition, the VoIP telephony system has been expanded to other departments of the hospital and other health centres of Bluefields, plus designing a virtual private network for their internal use. Secondly, there has been worked in a radio-link to bring telemedicine to Monkey Point, a rural community, isolated and without access to telecommunications. Finally, it has been emphasized the fact to bring the project to the community of Bluefields in order that they appropriate it and not see it as mere spectators. Related to this, some collaboration agreements have been closed with various local institutions that can contribute to self-management of the project, such as Bluefields Indian & Caribbean University (with engineering students) or the Sistema Local de Atención Integral en Salud (both with the economic and health sides).Català: Les tecnologies de la informació i les comunicacions (també anomenades TIC) són una part essencial dels canvis en l'economia i la societat actual. L'accés a la informació s'ha convertit en una eina vital pel desenvolupament d'una comunitat. Arran d'això, ha sorgit un fenomen conegut com a “bretxa digital”, el qual fa referència a les diferències entre països que tenen accés a les TIC, i aquells que no. Aquest projecte pretén aportar un petit gest per tal de disminuir aquesta bretxa entre el que freqüentment s'anomena “diferències entre Nord i Sud”, proporcionant una millora en el Sistema de Telemedicina que la ONG Telecos Sense Fronteres està desenvolupant a la Regió de l'Atlàntic Sur de Nicaragua des del 2006. En aquesta setena fase del projecte, s'ha pretés, en primer lloc, fer un manteniment acurat de la infraestructura i els equips dels quals disposa l'Hospital Ernesto Sequeira Blanco de Bluefields, millorat-ne les prestacions amb la incorporació d'un sistema d'escriptoris virtuals. A més, s'ha ampliat la xarxa de telefonia VoIP per tal de fer-la extensiva a altres departaments de l'hospital i a altres centres de salut de la població, concretant una xarxa privada virtual pel seu ús intern. En segon terme, s'ha treballat en un radioenllaç per fer arribar la telemedicina a Monkey Point, una comunitat rural, aïllada i sense accés a les telecomunicacions. Finalment, s'ha fet èmfasi en apropar el projecte a la pròpia comunitat de Bluefields amb la finalitat que se l'apropiïn i no el vegin com a mers espectadors. En aquesta direcció, s'han establert convenis de col·laboració amb diferents entitats que poden contribuir a l'autogestió del projecte, com són la Bluefields Indian & Caribbean University (amb estudiants d'enginyeria) o el Sistema Local de Atención Integral en Salud (amb la part econòmica i relacionada amb la salut)

Automatic Information Exchange in the Early Rescue Chain Using the International Standard Accident Number (ISAN)

Thus far, emergency calls are answered by human operators who interview the calling person in order to obtain all relevant information. In the near future-based on the Internet of (Medical) Things (IoT, IoMT)-accidents, emergencies, or adverse health events will be reported automatically by smart homes, smart vehicles, or smart wearables, without any human in the loop. Several parties are involved in this communication: the alerting system, the rescue service (responding system), and the emergency department in the hospital (curing system). In many countries, these parties use isolated information and communication technology (ICT) systems. Previously, the International Standard Accident Number (ISAN) has been proposed to securely link the data in these systems. In this work, we propose an ISAN-based communication platform that allows semantically interoperable information exchange. Our aims are threefold: (i) to enable data exchange between the isolated systems, (ii) to avoid data misinterpretation, and (iii) to integrate additional data sources. The suggested platform is composed of an alerting, responding, and curing system manager, a workflow manager, and a communication manager. First, the ICT systems of all parties in the early rescue chain register with their according system manager, which tracks the keep-alive. In case of emergency, the alerting system sends an ISAN to the platform. The responsible rescue services and hospitals are determined and interconnected for platform-based communication. Next to the conceptual design of the platform, we evaluate a proof-of-concept implementation according to (1) the registration, (2) channel establishment, (3) data encryption, (4) event alert, and (5) information exchange. Our concept meets the requirements for scalability, error handling, and information security. In the future, it will be used to implement a virtual accident registry

Managing law practice technology

Presented by Barron K. Henley, at a seminar by the same name, held November 17, 2020

A Secure Peer-to-Peer Application Framework

The nature of the Internet has changed dramatically. From a modest research network, it has evolved into one of the most important fabrics of our modern society, affecting the lives of billions each day. We rely on it for everything from performing our daily chores to accessing rich media and keeping in touch with our friends. Despite this change, service provisioning has largely remained intact. Services are provided in a centralized manner, resulting in bottlenecks and vulnerable collections of, often unwittingly, submitted sensitive information. Peer-to-peer (P2P) technologies have the potential to provide a better alternative for future networking. P2P services distribute the load from a single node to a network of peers, relying on the resources of the end-users themselves. Not only does it remove the bottlenecks, it has the potential to provide a more personal and safe networking environment. In this dissertation, we inspect the feasibility and implications of a generic, cross-application, P2P framework. We present the design and implementation of a framework that uses existing infrastructure and advanced networking protocols to create a secure environment. Using this framework, applications are able to benefit from P2P networking without having to deploy new infrastructure or implement complex connection- and identity management. Users benefit from using a single, strong, cross-application identity management and having better control over their data. This improves the trust within the system and enables new ways of dealing with security threats. We demonstrate the feasibility of the framework by evaluating the performance and usability of the prototype implementation. This provides a model for future networking applications and insight into the security and usability issues these will face