Análisis del comportamiento autosimilar del tráfico Ethernet de las redes de datos

The queuing analysis has been and is of enormous usefulness for the designers of networks and analysts of traffic, to effects of planning the capacities of the elements of network and of predicting his performance. These analyses depend on the nature Poisson of the traffic of data. Nevertheless, many results predicted from the analysis of queuings differ significantly from the performance observed in the reality. Diverse studies have demonstrated that for some environments the pattern of traffic is self-similar, instead of Poisson. This concept is related to other acquaintances since it are the fractals and the theory of the chaos. From beginning of the 90s were begun to publish documents referred to the self-similarity of the traffic of Ethernet. The present work develops successively the following paragraphs: 1) Self-similarity, 2) Self-similar data traffic, 3) Ethernet data traffic, 4) Case of experimental Study of Ethernet traffic, 5) Analysis with distribution Pareto, and 6) Analysis of goodness of fit with Kolmogorov-Smirnov's test.Presentado en el V Workshop Arquitectura, Redes y Sistemas Operativos (WARSO)Red de Universidades con Carreras en Informática (RedUNCI

A framework for network traffic analysis using GPUs

During the last years the computer networks have become an important part of our society. Networks have kept growing in size and complexity, making more complex its management and traffic monitoring and analysis processes, due to the huge amount of data and calculations involved. In the last decade, several researchers found effective to use graphics processing units (GPUs) rather than a traditional processors (CPU) to boost the execution of some algorithms not related to graphics (GPGPU). In 2006 the GPU chip manufacturer NVIDIA launched CUDA, a library that allows software developers to use their GPUs to perform general purpose algorithm calculations, using the C programming language. This thesis presents a framework which tries to simplify the task of programming network traffic analysis with CUDA to software developers. The objectives of the framework have been abstracting the task of obtaining network packets, simplify the task of creating network analysis programs using CUDA and offering an easy way to reuse the analysis code. Several network traffic analysis have also been developed

Performance Evaluation of MPLS in a Virtualized Service Provider Core (with/without Class of Service)

The last decade has witnessed a major change in the types of traffic scaling the Internet. With the development of real-time applications several challenges were faced within traditional IP networks. Some of these challenges are delay, increased costs faced by the service provider and customer, limited scalability, separate infrastructure costs and high administrative overheads to manage large networks etc. To combat these challenges, researchers have steered towards finding alternate solutions. Over the recent years, we have seen an introduction of a number of virtualized platforms and solutions being offered in the networking industry. Virtual load balancers, virtual firewalls, virtual routers, virtual intrusion detection and preventions systems are just a few examples within the Network Function Virtualization world! Service Providers are trying to find solutions where they could reduce operational expenses while at the same time meet the growing bandwidth demands of their customers. The main aim of this thesis is to evaluate the performance of voice, data and video traffic in a virtualized service provider core. Observations are made on how these traffic types perform on congested vs uncongested links and how Quality of Service treats traffic in a virtualized Service Provider Core using Round Trip Time as a performance metric. This thesis also tries to find if resiliency features such as Fast Reroute provide an additional advantage in failover scenarios within virtualized service provider cores. Juniper Networks vSRX are used to replicate virtual routers in a virtualized service provider core. Twenty-Four tests are carried out to gain a better understanding of how real-time applications and resiliency methods perform in virtualized networks. It is observed that a trade-off exists when introducing QoS on congested primary and secondary label switched paths. What can be observed thru the graphs is having Quality of Service enabled drops more packets however gives us the advantage of lower Round Trip Time for in-profile traffic. On the hand, having Quality of Service disabled, permits more traffic but leads to bandwidth contention between the three traffic classes leading to higher Round-Trip Times. The true benefit of QoS is seen in traffic congestion scenarios. The test bed built in this thesis, shows us that Fast Reroute does not add a significant benefit to aid in the reduction of packet loss during failover scenarios between primary and secondary paths. However, in certain scenarios fast reroute does seem to reduce packet loss specifically for data traffic

Modern cyber attacks

Bakalářská práce pojednává o současných kybernetických útocích se zaměřením na útoky odepření služeb. V teoretické části se soustřeďuje na analýzu a popis kybernetických útoků. Dále v nich sleduje trendy a pokračuje rozborem generátorů útoků odepření služeb postavených na softwarové a hardwarové platformě. S využitím těchto poznatků je výstupem práce návrh testování odolnosti síťových prvků, jeho praktická realizace a následné zhodnocení a porovnání jednotlivých útoků vedených na tato zařízení. Závěr práce pak nabízí návrh protiopatření před těmito útoky.This bachelor's thesis deals with contemporary cyber attacks with an emphasis on denial of service attacks. In the theoretical part the thesis focuses on an analysis and description of the cyber attacks. It monitors trends in cyber attacks and also describes generators of denial of service attacks based on software and hardware platform. The practical part uses the information from the theoretical one to design tests of network devices against cyber attacks, their practical realization and a comparison between used cyber attacks. At the very end the thesis offers possible countermeasures against them.

Comparación de algoritmos de encriptación para la transferencia de archivos en mensajería instantánea

Esta investigación está basada especialmente en la seguridad informática, donde se realiza la comparación de algoritmos de encriptación en la transferencia de mensajería instantánea de un servidor de protocolo seguro de transferencia de archivos (SFTP) a un terminal. Asimismo, está a la vanguardia con las actualizaciones tecnológicas que solicitan las grandes corporaciones empresariales actuales, en constantes ocasiones existe fragilidad en la transmisión de los datos mediante los dispositivos tecnológicos cuando nos conectamos en una red o el internet, ya que tenemos personas que se benefician de la vulnerabilidad con la finalidad de obtener ganancias personales. Por tal razón esta tesis se ha encaminado en desarrollar un análisis de comparación de los algoritmos criptográficos que se usan en los servidores en la transferencia de datos en una red pública, el problema fundamental está en garantizar la seguridad e integridad de los datos al momento de conectamos en una gran red de objetos físicos. Esta investigación se logró haciendo una selección de algoritmos de encriptación e implementándolo en un servidor SFTP, donde se desarrolló el análisis de encriptación de cada uno de los algoritmos en la transferencia de información con la captura de tráfico entre el servidor y el cliente. De esta manera se observó y analizo cuál de los algoritmos brindaba mayor seguridad e integridad de la información. La metodología utilizada es experimental, se utilizó este método porque permite la manipulación de variables, de esta manera se conoció el tipo de encriptación de cada uno de los algoritmos con respecto al tamaño de paquetes, nivel de encriptación y no encriptación y tiempo de envió. Obteniendo como resultado que el algoritmo Advanced Encryption Standard (AES) fracciona los datos en menor cantidad de paquetes necesitando menos tiempo para remitirlos comparándolos con otros algoritmos. En paquetes encriptados el algoritmo AES muestra mayor cantidad de paquetes encriptados y la cantidad de paquetes no encriptados es menor.TesisInfraestructura, Tecnología y Medio Ambient