602 research outputs found
Efficient User Controlled Inter-Domain SIP Mobility: Authentication, Registration, and Call Routing
Over the past decade, multimedia services have gained significant acceptance and played an important role in the convergence of IP networks. Supporting mobility in IP (Internet Protocol) networks is a crucial step towards satisfying the nomadic communication paradigms on the current Internet. The Session Initiation Protocol (SIP) presents one approach towards supporting IP mobility. Additionally, SIP is increasingly gaining in popularity as the next generation multimedia signaling and session establishment protocol. It is anticipated that the SIP infrastructure will be extensively deployed all over the Internet. In this paper, we explore an efficient approach to inter-domain SIP mobility in an attempt to improve personal and terminal mobility schemes. We succeed in applying a persistent identification framework to application level SIP addressing by introducing a level of indirection on top of the traditional SIP architecture. We refer to our approach as the Handle SIP (H-SIP). H-SIP leverages the current SIP architecture abstracting any domain binding from users. Our approach to mobility is user-controlled. We experimentally prove the efficiency of H-SIP in achieving inter-domain authentication and call routing through modeling and real-time measurements
Honeynet design and implementation
Over the past decade, webcriminality has become a real issue. Because they allow the botmasters to control hundreds to millions of machines, botnets became the first-choice attack platform for the network attackers, to launch distributed denial of service attacks, steal sensitive information and spend spam emails.
This work aims at designing and implementing a honeynet, specific to IRC bots. Our system works in 3 phasis: (1) binaries collection, (2) simulation, and (3) activity capturing and monitoring. Our phase 2 simulation uses an IRC redirection to extract the connection information thanks to a IRC redirection (using a DNS redirection and a "fakeserver"). In phase 3, we use the information previously extracted to launch our honeyclient, which will capture and monitor the traffic on the C&C channel.
Thanks to our honeynet, we create a database of the activity of IRC botnets (their connection characteristics, commands on the C&C ), and hope to learn more about their behavior and the underground market they create.M.S.Committee Chair: Wenke Lee; Committee Member: Jonathon Giffin; Committee Member: Mustaque Ahama
AUTOMATED NETWORK FAULT INFERENCE TOOL (AN FIT)
The lack of specialized experts in diagnosing network faults, inconsistencies of diagnose
results and professional opinions, time-consuming and growing complexity of this task; has
motivated the dewlopment of our c\utomated Network Fault Diagnostic System. This
system aims to serve as an intelligent diai-,'llOStic system that will be able to produce fast,
accurate, user-friendly and appropriate suggestions that will assist normal network users and
administrators respectively. To ensure the realistic and successful development of the
system, we adopt Extreme Programming methodology. l\lany efforts have been paid to
implement a novel and efficient solution to precisely diagnose problems and in timely
manner. The methodology has e\·oh-ed from rule-based systems through case-based
systems to more recent model-based systems. Our project is designed upon case-based
diagnostic approach as it suggests the use of previously experienced, concrete problem or
cases instead of rules or modelling yueries evaluation. We propose a system that will
provide reactive response on-demand in term of error messages based on inaccessible URL
input entered by user. 'I he system will then diagnose the problems based on the formulated
inference table that is comprised of pre-defined failure cases and test cases which will be
developed via user-defined functions and general network probing tools. hom there, we
expect the output to be returned in command line error mess;tges. To measure the success
of the system, four Key Performance Indicators (KPI) hm-e been identified as evaluation
metrics which are cm·erage, accuracy, time and response. Hence, unit testing, integration
testing and usability test will be conducted to obtain the assessment results. We claim that
the system could initiate an extensible framework for network services that act as a
community support tooL However, at present we narrow down our focus on Web Set\~ce
application but by all means encouraging and welcoming the extension to other network
services or adding in new test cases as future development for the benefit of all network
users
A new scheme to reduce session establishment time in session initiation protocol (SIP)
The session Initiation Protocol (SIP) has been developed by Internet Engineering Taskforce standard (IETF) with the main purpose of establishing and managing sessions between two or more parties wishing to communicate. SIP is a signaling protocol which is used for the current and future Internet Protocol (IP) telephony services, video services, and integrated web and multimedia services. SIP is an application layer protcol, thus it can run over Transmission Control Protocol(TCP) or User Datagram Protocol (UDP). When the packets are sent over the network, a form of congestion control mechanism is necessary to prevent from network collapse. TCP is a reliable protocl and provides the congestion control by adjusting the size of the congestion windows. UDP is an unreliable protocol and no flow control mechanism is provided. Many applications of the Internet require the establishment and management of sessions. The purpose of the thesis is to study the session establishnment procedure in SIP and try to reduce the time taken for the session setup in two different conditions. One, when there is no congestion in the network, and the other is when there is a network congestion. We have simulated the behaviour of session establishment in SIP using Network Simulator (NS2). UDP is used as the transport protocol. We have created different network topologies. In the topology we had created SIP user agents who wants to communicte, proxy servers for forwarding the requests on behalf of the user agents, and a Domain Name Server (DNS) which maintains the location information of all proxy servers. We tried to reduce the time taken for the session establishment. As UDP does not provide any congestion control mechanisms, we used the binary exponential backoff (BEB) algorithm to set the timers. In our network topolgy when there is no packet loss in the network, the time taken for the session establishment is reduced from 0.86 sec to 0.574 sec. In case of network congestion the setup time is reduced from 4.55 sec to 2.86 sec. From the simulation, we conclude that the session establishment time can be reduced by reducing the number of message exchanges required for session setup
Internet censorship in the European Union
Diese Arbeit befasst sich mit Internetzensur innnerhalb der EU, und hier
insbesondere mit der technischen Umsetzung, das heißt mit den angewandten
Sperrmethoden und Filterinfrastrukturen, in verschiedenen EU-Ländern. Neben
einer Darstellung einiger Methoden und Infrastrukturen wird deren Nutzung zur
Informationskontrolle und die Sperrung des Zugangs zu Websites und anderen im
Internet verfügbaren Netzdiensten untersucht. Die Arbeit ist in drei Teile
gegliedert. Zunächst werden Fälle von Internetzensur in verschiedenen EU-Ländern
untersucht, insbesondere in Griechenland, Zypern und Spanien. Anschließend wird
eine neue Testmethodik zur Ermittlung der Zensur mittels einiger Anwendungen,
welche in mobilen Stores erhältlich sind, vorgestellt. Darüber hinaus werden
alle 27 EU-Länder anhand historischer Netzwerkmessungen, die von freiwilligen
Nutzern von OONI aus der ganzen Welt gesammelt wurden, öffentlich zugänglichen
Blocklisten der EU-Mitgliedstaaten und Berichten von
Netzwerkregulierungsbehörden im jeweiligen Land analysiert.This is a thesis on Internet censorship in the European Union (EU),
specifically regarding the technical implementation of blocking methodologies
and filtering infrastructure in various EU countries. The analysis examines the
use of this infrastructure for information controls and the blocking of access
to websites and other network services available on the Internet. The thesis
follows a three-part structure. Firstly, it examines the cases of Internet
censorship in various EU countries, specifically Greece, Cyprus, and Spain.
Subsequently, this paper presents a new testing methodology for determining
censorship of mobile store applications. Additionally, it analyzes all 27 EU
countries using historical network measurements collected by Open Observatory
of Network Interference (OONI) volunteers from around the world, publicly
available blocklists used by EU member states, and reports issued by network
regulators in each country
The Power Manager for the LHCb On-Line Farm
The Power Manager is a tool of the LHCb FMC (Farm Monitoring and Control System) which allows - in an OS-independent manner and without requiring expensive network-controlled power distributors - to switch the farm nodes on and off, and to monitor their physical condition: power status (on/off), temperatures, fan speeds and voltages. The Power Manager can operate on farm nodes whose motherboards and network interface cards implement the IPMI (Intelligent Platform Management Interface) specifications, version 1.5 or subsequent, and copes with several IPMI limitations
Efficient User Controlled Inter-Domain SIP Mobility Authentication, Registration, and Call Routing
Over the past decade, multimedia services have gained significant acceptance and played an important role in the convergence of IP networks. The proliferation of mobile devices and the nomadic user and computing lifestyles on current networks make mobility support a crucial ingredient of current IP-based multimedia systems. The Session Initiation Protocol (SIP) presents one approach towards supporting IP mobility. Additionally, SIP is increasingly gaining in popularity as the next generation multimedia signaling and session establishment protocol, and the SIP infrastructure is anticipated to be extensively deployed all over the Internet. We have lately proposed an approach to inter-domain SIP mobility which we call H-SIP. H-SIP is a user-controlled mobility scheme that improves personal and terminal mobility. H-SIP uses persistent identifiers and leverages the traditional SIP architecture to abstract any domain binding from users. This paper expands on our previous work and experimentally proves the efficiency of H-SIP in achieving inter-domain authentication and call routing through modeling and real-time measurements
- …