• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations

Towards better protocol identification using profile HMMs (2005)

by C Wright, F Monrose, G Masson
Add To MetaCart

Tools

Sorted by:
Results 1 - 4 of 4

Detecting policy violations through traffic analysis

by Jeffrey Horton, Rei Safavi-naini, Centre For Information Security - ACSAC 2006
"... Restrictions are commonly placed on the permitted uses of network protocols in the interests of security. These restrictions can sometimes be difficult to enforce. As an example, a permitted protocol can be used as a carrier for another protocol not otherwise permitted. However, if the observable be ..."
Abstract - Cited by 3 (0 self) - Add to MetaCart
Restrictions are commonly placed on the permitted uses of network protocols in the interests of security. These restrictions can sometimes be difficult to enforce. As an example, a permitted protocol can be used as a carrier for another protocol not otherwise permitted. However, if the observable behaviour of the protocol exhibits differences between permitted and non-permitted uses, it is possible to detect inappropriate use. We consider SSH, the Secure Shell protocol. This is an encrypted protocol with several uses. We attempt firstly to classify SSH sessions according to some different types of traffic for which the sessions have been used, and secondly, given a policy that permits SSH use for interactive traffic, to identify when a session appears to have been used for some other purpose. 1
(Show Context)

Citation Context

... can arise over access to the full traffic payload. Work in the area of traffic classification has used a variety of machine learning techniques, including decision trees [8] and hidden Markov models =-=[31, 32]-=-. Wright et al. [31, 32] consider a general traffic classification problem, for which SSH is one type of traffic being classified. Some interesting results are reported, but they do not look at attemp...

A REVIEW PAPER ON AD HOC NETWORK SECURITY

by Karan Singh, R. S. Yadav, Karan Singh, Rama Shankar Yadav
"... In this article we present a survey of secure ad hoc routing protocols for wireless networks. Ad hoc network is a collection of nodes that is connected through a wireless medium forming rapidly changing topologies. Attacks on ad hoc network routing protocols disrupt network performance and reliabili ..."
Abstract - Cited by 2 (0 self) - Add to MetaCart
In this article we present a survey of secure ad hoc routing protocols for wireless networks. Ad hoc network is a collection of nodes that is connected through a wireless medium forming rapidly changing topologies. Attacks on ad hoc network routing protocols disrupt network performance and reliability with there solution. We briefly present the most popular protocols that follow the table-driven and the source-initiated on-demand approaches. The comparison between the proposed solutions and parameters of ad hoc network shows the performance according to secure protocols. We discuss in this paper routing protocol and challenges and also discuss authentication in ad hoc network.

Age of Mythology and Counter Strike (two Multi Player Network

by Alberto Dainotti, Walter De Donato, Antonio Pescapè, Pierluigi Salvo Rossi
"... Abstract — Traffic classification and identification is a fertile research area. Beyond Quality of Service, service differentiation, and billing, one of the most important applications of traffic classification is in the field of network security. This paper proposes a packet-level traffic classific ..."
Abstract - Add to MetaCart
Abstract — Traffic classification and identification is a fertile research area. Beyond Quality of Service, service differentiation, and billing, one of the most important applications of traffic classification is in the field of network security. This paper proposes a packet-level traffic classification approach based on Hidden Markov Model (HMM). Classification is performed by using real network traffic and estimating- in a combined fashion-Packet Size (PS) and Inter Packet Time (IPT) characteristics, thus remaining applicable to encrypted traffic too. The effectiveness of the proposed approach is evaluated by considering several traffic typologies: we applied our model to real traffic traces of
(Show Context)

Citation Context

...rking separately on IPTs or on PSs, and a left-to-right structure for the state topology of the HMM is used. However, a proposal for extending their approach was later presented in a technical report =-=[11]-=-, where they try to account for joint IPT and PS modeling via vector quantization. Proposed profile HMMs in [11] present a very complex state structure depending on the length of the training sequence...

Jamming and Sensing of Encrypted Wireless Ad Hoc Networks

by unknown authors
"... This paper considers the problem of an attacker disrupting an encrypted victim wireless ad hoc network through jamming. Jamming is broken down into layers and this paper focuses on jamming at the Transport/Network layer. Jamming at this layer exploits AODV and TCP protocols and is shown to be very e ..."
Abstract - Add to MetaCart
This paper considers the problem of an attacker disrupting an encrypted victim wireless ad hoc network through jamming. Jamming is broken down into layers and this paper focuses on jamming at the Transport/Network layer. Jamming at this layer exploits AODV and TCP protocols and is shown to be very effective in simulated and real networks when it can sense victim packet types, but the encryption is assumed to mask the entire header and contents of the packet so that only packet size, timing, and sequence is available to the attacker for sensing. A sensor is developed and tested on live data. The classification is found to be highly reliable for many packet types. The relative roles of size, timing, and sequence are discussed along with the implications for making networks more secure.
(Show Context)

Citation Context

...ctivity. For instance, websites can be identified by the pattern of packets exchanged [5][19]. Traffic analysis can be used to attack user privacy [7][16]. Application protocols can be identified [22]=-=[23]-=-. The sensing described in this paper can provide more detailed pattern information that can refine such pattern and traffic analysis. 1.6 Paper Overview Within the framework defined so far this paper...

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University