Active Internet Traffic Filtering: Real-time Response to Denial of Service Attacks

Denial of Service (DoS) attacks are one of the most challenging threats to Internet security. An attacker typically compromises a large number of vulnerable hosts and uses them to flood the victim's site with malicious traffic, clogging its tail circuit and interfering with normal traffic. At present, the network operator of a site under attack has no other resolution but to respond manually by inserting filters in the appropriate edge routers to drop attack traffic. However, as DoS attacks become increasingly sophisticated, manual filter propagation becomes unacceptably slow or even infeasible. In this paper, we present Active Internet Traffic Filtering, a new automatic filter propagation protocol. We argue that this system provides a guaranteed, significant level of protection against DoS attacks in exchange for a reasonable, bounded amount of router resources. We also argue that the proposed system cannot be abused by a malicious node to interfere with normal Internet operation. Finally, we argue that it retains its efficiency in the face of continued Internet growth.Comment: Briefly describes the core ideas of AITF, a protocol for facing Denial of Service Attacks. 6 pages lon

Investigation of Afghanistan network infrastructure for cyber security

06.03.2018 tarihli ve 30352 sayılı Resmi Gazetede yayımlanan “Yükseköğretim Kanunu İle Bazı Kanun Ve Kanun Hükmünde Kararnamelerde Değişiklik Yapılması Hakkında Kanun” ile 18.06.2018 tarihli “Lisansüstü Tezlerin Elektronik Ortamda Toplanması, Düzenlenmesi ve Erişime Açılmasına İlişkin Yönerge” gereğince tam metin erişime açılmıştır.Anahtar Kelimeler: Siber güvenlik, siber saldırılar, siber savaşlar, güvenlik açığı, gizlilik, bütünlük, ağ altyapısı, iletişim ve bilgi sistemleri. Global endüstriler büyük ölçüde bilgi ve veri güvenliğine yatırım yapıyor. Sanal iletişim zamanında, herhangi bir topolojisinde, öncelikle geçerlik ve güvenliği garanti altına almalı. Aksi takdirde bu tür iletişim karmaşık sorunlara ve kaynakların ağlar üzerinde zarar görmesine neden olur. Halbuki iletişim sistemleri savunmasızdır, Ülkenin bilgi bütünlüğüne, gizliliğine ve kullanılabilirliğine güvenmesi, siber güvenliğinin yetersizliğinden tam tersidir. Aslında, iletişim sistemleri veya internet öncelikle odaklı veya insan zihnindeki güvenlikle tasarlanmamıştır. Diğer bir deyişle, çok sayıda ağ bileşeninin koordinasyonu, öncelikle hava-arayüzü üzerinden kurulan veya ağ üzerinden önceden tanımlanmış protokoller altında fiziksel olarak entegre edilmiş güvenli bir bağlantıya ihtiyaç duyar. Ayrıca, bir hükümetin gerçekleştirme sorumluluğundan biri, siber ortamda ya da gerçekçi saldırı ve tehditlerle mücadele etmek için bir caydırma ekibi ya da teşkilatı oluşturmaktır. Modern iletişim sistemlerinde, siber saldırılar casusluk açısından gittikçe artmaktadır ve bilgi sistemlerine ciddi zarar vermek suretiyle siber alanın geleceğinde büyük bir sorun çıkarmaktadır. Öte yandan, Afganistan hükümeti, herhangi bir dışa bağımlı siber saldırılara karşı iyi tanımlanmış bir stratejiye sahip değilken, casusluktan sorumlu olan ve Afganistan'daki siber alanda katastrofik sorunlar çıkaran ülkelerden aktarılan değiştirilebilir verilerin büyük bir çoğunluğu bulunmaktadır. Bu sorunlar dikkate alındığında, bu çalışma Afganistan'da siber saldırılar ve siber istismar, bilgi güvenliği ile ilgili zorluklar, siber saldırıların mevcut Afganistan ağ altyapıları üzerindeki etkileri ve analizleri de dahil olmak üzere siber tehditlerle ilgilidir. Siberayla ilgili belirgin ve belirgin olmayan siber saldırılar için bir şekilde çözümün yanı sıra, mevcut ve gelecekteki siber krizin, modellerin ve simülasyon özelliklerinin bu raporun kısmen bir bölümünde analizi tanımlanmıştır. Bununla birlikte, güvenlik açısından Afganistan'ın mevcut siber durumuna, yaygın gelecekteki siber güvenlik ve siber güvenlik zorluklarına ilişkin sorunlar da bu raporda gösterilmektedir.Global industries are investing heavily in information and data security. At the time of virtual communication under any types of topologies, firstly, the validity and security must be guaranteed. Otherwise, such communication cause complex problems and resources damage over the networks. However, communication systems are vulnerable, the nation's reliance on the integrities, confidentialities, and availabilities of information stand in stark contrast to the inadequacy of their cybersecurity. In fact, communication systems or internet was not primarily designed with security in oriented or human minds. On the other word, coordinating of huge numbers of network components, first of all, need to a secure connection, either such connection established via air-interface or integrated physically under predefined protocols over the network. Additionally, one of the accomplishment responsibility of a government is creating a deterrence team or military to combat any types of attack and threat either on cyberspace or on realistic. In modern communication systems cyber-attacks becoming increasingly in terms of espionage, and it would make a big challenge in the future of cyberspace by causing serious damage to information systems. From the other hand, the government of Afghanistan does not have a well-defined strategy against any types of outsider cyberattacks while the huge amount of the exchangeable data transferring from the countries who are in charge of espionage and attempt to make catastrophic problems on Afghanistan's cyberspace. In consideration to these issues, this study concerned in Afghanistan's cyber-threats including cyber-attacks and cyber-exploit, information security challenges, analysis and effects of cyber-attacks on current Afghanistan network infrastructures. Definition of somewhat solution for distinctive and non-distinctive cyber-attacks over cyberspace, as well as the analysis of current and future cyberspace crisis, models and simulations aspect in some partial part of this report, has been also covered. However, current cyberspace status of Afghanistan in term of security, challenges of prevalent future cyber security and cyber security difficulties have also illustrated in this report

To NACK or not to NACK? Negative Acknowledgments in Information-Centric Networking

Information-Centric Networking (ICN) is an internetworking paradigm that offers an alternative to the current IP\nobreakdash-based Internet architecture. ICN's most distinguishing feature is its emphasis on information (content) instead of communication endpoints. One important open issue in ICN is whether negative acknowledgments (NACKs) at the network layer are useful for notifying downstream nodes about forwarding failures, or requests for incorrect or non-existent information. In benign settings, NACKs are beneficial for ICN architectures, such as CCNx and NDN, since they flush state in routers and notify consumers. In terms of security, NACKs seem useful as they can help mitigating so-called Interest Flooding attacks. However, as we show in this paper, network-layer NACKs also have some unpleasant security implications. We consider several types of NACKs and discuss their security design requirements and implications. We also demonstrate that providing secure NACKs triggers the threat of producer-bound flooding attacks. Although we discuss some potential countermeasures to these attacks, the main conclusion of this paper is that network-layer NACKs are best avoided, at least for security reasons.Comment: 10 pages, 7 figure

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Privacy In The Smart Grid: An Information Flow Analysis

Project Final Report prepared for CIEE and California Energy Commissio

Orchestrating Intelligent Network Operations in Programmable Networks

Peer reviewe