Abdul Hafeez-Baig, R. Gururajan, Heng-Sheng Tsai, Prema Sankaran
In the 21st century and the emergence of a digital economy, knowledge and the knowledge base economy are rapidly growing. To effectively be able to understand the processes involved in the creating, managing and sharing of knowledge management in the business environment is critical to the success of an organization. This study builds on the previous research of the authors on the enablers of knowledge management by identifying the relationship between the enablers of knowledge management and the role played by information communication technologies (ICT) and ICT infrastructure in a business setting. This paper provides the findings of a survey collected from the four major Indian cities (Chennai, Coimbatore, Madurai and Villupuram) regarding their views and opinions about the enablers of knowledge management in business setting. A total of 80 organizations participated in the study with 100 participants in each city. The results show that ICT and ICT infrastructure can play a critical role in the creating, managing and sharing of knowledge in an Indian business environment.
{"title":"Exploratory Study to Explore the Role of ICT in the Process of Knowledge Management in an Indian Business Environment","authors":"Abdul Hafeez-Baig, R. Gururajan, Heng-Sheng Tsai, Prema Sankaran","doi":"10.1109/NSS.2010.89","DOIUrl":"https://doi.org/10.1109/NSS.2010.89","url":null,"abstract":"In the 21st century and the emergence of a digital economy, knowledge and the knowledge base economy are rapidly growing. To effectively be able to understand the processes involved in the creating, managing and sharing of knowledge management in the business environment is critical to the success of an organization. This study builds on the previous research of the authors on the enablers of knowledge management by identifying the relationship between the enablers of knowledge management and the role played by information communication technologies (ICT) and ICT infrastructure in a business setting. This paper provides the findings of a survey collected from the four major Indian cities (Chennai, Coimbatore, Madurai and Villupuram) regarding their views and opinions about the enablers of knowledge management in business setting. A total of 80 organizations participated in the study with 100 participants in each city. The results show that ICT and ICT infrastructure can play a critical role in the creating, managing and sharing of knowledge in an Indian business environment.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127005427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The service-oriented computing paradigm and its application to support e-Infrastructures offers, at least in principle, the opportunity to realise platforms for multi- and inter-disciplinary research. Augmenting the service-oriented model for e-Research are mechanisms for services to be coupled and enacted in a coordinated manner through workflow environments. Typically workflows capture a research process that can be shared and repeated by others. However, existing models of workflow definition and enactment assume that services are directly available and can be accessed and invoked by arbitrary users or enactment engines. In more security-oriented domains, such assumptions rarely hold true. Rather in many domains, service providers demand to be autonomous and define and enforce their own service / resource access control using locally defined policy enforcement points (PEP) and policy decision points (PDP) which allow access and usage of resources to be strictly monitored and enforced. In this paper, we outline how it is possible to support security-oriented workflow definition and enactment through chaining of PDPs to support “workflow-oriented” access control. To demonstrate this, we focus on a case study taken from the Economic and Social Science Research Council (ESRC) funded Data Management through e-Social Science (DAMES – www.dames.org.uk) project in the area of depression, self-harm and suicide.
{"title":"Security-Oriented Workflows for the Social Sciences","authors":"R. Sinnott, Sardar Hussain","doi":"10.1109/NSS.2010.72","DOIUrl":"https://doi.org/10.1109/NSS.2010.72","url":null,"abstract":"The service-oriented computing paradigm and its application to support e-Infrastructures offers, at least in principle, the opportunity to realise platforms for multi- and inter-disciplinary research. Augmenting the service-oriented model for e-Research are mechanisms for services to be coupled and enacted in a coordinated manner through workflow environments. Typically workflows capture a research process that can be shared and repeated by others. However, existing models of workflow definition and enactment assume that services are directly available and can be accessed and invoked by arbitrary users or enactment engines. In more security-oriented domains, such assumptions rarely hold true. Rather in many domains, service providers demand to be autonomous and define and enforce their own service / resource access control using locally defined policy enforcement points (PEP) and policy decision points (PDP) which allow access and usage of resources to be strictly monitored and enforced. In this paper, we outline how it is possible to support security-oriented workflow definition and enactment through chaining of PDPs to support “workflow-oriented” access control. To demonstrate this, we focus on a case study taken from the Economic and Social Science Research Council (ESRC) funded Data Management through e-Social Science (DAMES – www.dames.org.uk) project in the area of depression, self-harm and suicide.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125810380","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
It is the fact that wireless local area networks are increasingly deployed by businesses, government and SOHO users as they offer many advantages to its customers with mobility, flexibility, convenience etc. It opened a wide range of new commercial areas for hardware vendors, at low cost. This justifies why wireless networks have become one of the most widely used communication systems in the world. However, since there are no boundaries in wireless networks, they are vulnerable to security threats than wired networks. Therefore, providing secure communication for wireless networks has become one of the prime concerns. Quantum cryptography, to be precise, Quantum Key Distribution (QKD), offers the promise of unconditional security. In this paper, we extend our previous research work of how QKD can be used in IEEE 802.11 wireless networks to ensure secure key distribution. Our contributions in this paper are as follows: (1) We discussed how QKD can be used in IEEE 802.11 wireless networks to securely distribute the keys. (2) We use new protocol QKD. (3) We introduced a method that take the advantage of mutual authentication features offered by some EAP variants of 802.1X Port-Based Network Access Control. (4) Finally, we present a new code called Quantum Message Integrity Code (Q-MIC) which provides mutual authentication between the two communication parties. Also experimental results are presented with Simulink Model.
{"title":"Secure Communication in 802.11 Networks with a Novel Protocol Using Quantum Cryptography","authors":"Xu Huang, S. Wijesekera, D. Sharma","doi":"10.1109/NSS.2010.17","DOIUrl":"https://doi.org/10.1109/NSS.2010.17","url":null,"abstract":"It is the fact that wireless local area networks are increasingly deployed by businesses, government and SOHO users as they offer many advantages to its customers with mobility, flexibility, convenience etc. It opened a wide range of new commercial areas for hardware vendors, at low cost. This justifies why wireless networks have become one of the most widely used communication systems in the world. However, since there are no boundaries in wireless networks, they are vulnerable to security threats than wired networks. Therefore, providing secure communication for wireless networks has become one of the prime concerns. Quantum cryptography, to be precise, Quantum Key Distribution (QKD), offers the promise of unconditional security. In this paper, we extend our previous research work of how QKD can be used in IEEE 802.11 wireless networks to ensure secure key distribution. Our contributions in this paper are as follows: (1) We discussed how QKD can be used in IEEE 802.11 wireless networks to securely distribute the keys. (2) We use new protocol QKD. (3) We introduced a method that take the advantage of mutual authentication features offered by some EAP variants of 802.1X Port-Based Network Access Control. (4) Finally, we present a new code called Quantum Message Integrity Code (Q-MIC) which provides mutual authentication between the two communication parties. Also experimental results are presented with Simulink Model.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"169 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125224388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Apavatjrut, Wassim Znaidi, A. Fraboulet, C. Goursaud, C. Lauradoux, M. Minier
The recent advances in information theory and networking have significantly modified the way to disseminate data in wireless sensor networks (WSNs): aggregation, network coding or rateless codes. These new paradigms of dissemination create new threats for security such as pollution attacks. These attacks exploit the difficulty to protect data integrity in those contexts. In this paper, we consider the particular case of xor network coding. We compare the different strategies based on message authentication codes algorithms (MACs) to thwart these attacks. We emphasize the advantages of universal hash functions (UHFs) in terms of flexibility and efficiency. These schemes reduce the energy consumption by 42% and 68% (according to the used protocol) for the relaying nodes over those based on classical cryptographic primitives without any loss in security. The key feature of the UHFs considered here is their homomorphic property ($h(x_1 oplus x_2)=h(x_1)oplus h(x_2)$). These homomorphic MACs offer more possibilities for the relying nodes than the classical cryptographic ones: the detection time of a pollution attack can be adjusted to preserve the nodes energy. Moreover, they can be computed with the low resources of a sensor.
随着信息理论和网络技术的发展,无线传感器网络中的数据传播方式发生了重大变化:聚合、网络编码或无速率编码。这些新的传播模式给安全带来了新的威胁,例如污染攻击。这些攻击利用了在这些上下文中保护数据完整性的困难。本文考虑了xor网络编码的特殊情况。我们比较了基于消息验证码算法(mac)的不同策略来阻止这些攻击。我们强调了通用哈希函数(uhf)在灵活性和效率方面的优势。与基于经典密码原语的中继节点相比,这些方案的能耗分别降低了42%和68%(根据所使用的协议),而安全性没有任何损失。这里考虑的超高频的关键特征是它们的同态性质($h(x_1 o + x_2)=h(x_1)o + h(x_2)$)。这些同态mac为依赖节点提供了比经典加密节点更多的可能性:可以调整污染攻击的检测时间以保持节点的能量。此外,它们可以在传感器资源较少的情况下计算出来。
{"title":"Energy Friendly Integrity for Network Coding in Wireless Sensor Networks","authors":"A. Apavatjrut, Wassim Znaidi, A. Fraboulet, C. Goursaud, C. Lauradoux, M. Minier","doi":"10.1109/NSS.2010.32","DOIUrl":"https://doi.org/10.1109/NSS.2010.32","url":null,"abstract":"The recent advances in information theory and networking have significantly modified the way to disseminate data in wireless sensor networks (WSNs): aggregation, network coding or rateless codes. These new paradigms of dissemination create new threats for security such as pollution attacks. These attacks exploit the difficulty to protect data integrity in those contexts. In this paper, we consider the particular case of xor network coding. We compare the different strategies based on message authentication codes algorithms (MACs) to thwart these attacks. We emphasize the advantages of universal hash functions (UHFs) in terms of flexibility and efficiency. These schemes reduce the energy consumption by 42% and 68% (according to the used protocol) for the relaying nodes over those based on classical cryptographic primitives without any loss in security. The key feature of the UHFs considered here is their homomorphic property ($h(x_1 oplus x_2)=h(x_1)oplus h(x_2)$). These homomorphic MACs offer more possibilities for the relying nodes than the classical cryptographic ones: the detection time of a pollution attack can be adjusted to preserve the nodes energy. Moreover, they can be computed with the low resources of a sensor.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124964164","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A proxy signature scheme is a variant of digital signature scheme in which a signer delegates his signing rights to another person called proxy signer, so that the proxy signer can generate the signature of the actual signer in his absence. Self Proxy Signature (SPS) is a type of proxy signature wherein, the original signer delegates the signing rights to himself (Self Delegation), there by generating temporary public and private key pairs for himself. Thus, in SPS the user can prevent the exposure of his private key from repeated use. In this paper, we propose the first identity based self proxy signature scheme. We give a generic scheme and a concrete instantiation in the identity based setting. We have defined the appropriate security model for the same and proved both the generic and identity based schemes in the defined security model.
{"title":"Identity Based Self Delegated Signature - Self Proxy Signatures","authors":"S. S. D. Selvi, S. Vivek, S. Nath, C. Rangan","doi":"10.1109/NSS.2010.98","DOIUrl":"https://doi.org/10.1109/NSS.2010.98","url":null,"abstract":"A proxy signature scheme is a variant of digital signature scheme in which a signer delegates his signing rights to another person called proxy signer, so that the proxy signer can generate the signature of the actual signer in his absence. Self Proxy Signature (SPS) is a type of proxy signature wherein, the original signer delegates the signing rights to himself (Self Delegation), there by generating temporary public and private key pairs for himself. Thus, in SPS the user can prevent the exposure of his private key from repeated use. In this paper, we propose the first identity based self proxy signature scheme. We give a generic scheme and a concrete instantiation in the identity based setting. We have defined the appropriate security model for the same and proved both the generic and identity based schemes in the defined security model.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123478506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
RFID implementations leverage competitive business advantages in processing, tracking and tracing of fast-moving goods. Most of them suffer from security threats and the resulting privacy risks as RFID technology was not designed for exchange of sensible data. Emerging global RFID-aided supply chains require open interfaces for data exchange of confidential business data between business partners. We present a mutual authentication model based on one-time passwords preventing tag access by unauthorized third parties. Compared to models using complex on-tag encryption methods our implementation focuses on reducing tag-manufacturing costs while increasing customers’ acceptance for RFID technology.
{"title":"A Dynamic Mutual RFID Authentication Model Preventing Unauthorized Third Party Access","authors":"M. Schapranow, A. Zeier, H. Plattner","doi":"10.1109/NSS.2010.46","DOIUrl":"https://doi.org/10.1109/NSS.2010.46","url":null,"abstract":"RFID implementations leverage competitive business advantages in processing, tracking and tracing of fast-moving goods. Most of them suffer from security threats and the resulting privacy risks as RFID technology was not designed for exchange of sensible data. Emerging global RFID-aided supply chains require open interfaces for data exchange of confidential business data between business partners. We present a mutual authentication model based on one-time passwords preventing tag access by unauthorized third parties. Compared to models using complex on-tag encryption methods our implementation focuses on reducing tag-manufacturing costs while increasing customers’ acceptance for RFID technology.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130911994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper presents security mechanisms for router and link admittance control in OLSRv2. Digitally signing OLSRv2 control messages allows recipient routers to - individually - choose to admit or exclude the originating router for when populating link-state databases, calculating MPR sets etc. By additionally embedding signatures for each advertised link, recipient routers can also control admittance of each advertised link in the message, rendering an OLSRv2 network resilient to both identity-spoofing and link-spoofing attacks. The flip-side of the coin when using such a link-admittance mechanism is, that the number of signatures to include in each OLSRv2 control message is a function of the number of links advertised. For HELLO messages, this is essentially the number of neighbor routers, for TC messages, this is the number of MPR Selectors of the originator of the message. Also, upon receipt of a control message, these signatures are to be verified. This paper studies the impact of adding a link-admittance control mechanism to OLSRv2, both in terms of additional control-traffic overhead and additional in-router processing resources, using several cryptographic algorithms, such as RSA and Elliptic Curve Cryptography for very short signatures.
{"title":"Router and Link Admittance Control in the Optimized Link State Routing Protocol Version 2 (OLSRv2)","authors":"T. Clausen, U. Herberg","doi":"10.1109/NSS.2010.20","DOIUrl":"https://doi.org/10.1109/NSS.2010.20","url":null,"abstract":"This paper presents security mechanisms for router and link admittance control in OLSRv2. Digitally signing OLSRv2 control messages allows recipient routers to - individually - choose to admit or exclude the originating router for when populating link-state databases, calculating MPR sets etc. By additionally embedding signatures for each advertised link, recipient routers can also control admittance of each advertised link in the message, rendering an OLSRv2 network resilient to both identity-spoofing and link-spoofing attacks. The flip-side of the coin when using such a link-admittance mechanism is, that the number of signatures to include in each OLSRv2 control message is a function of the number of links advertised. For HELLO messages, this is essentially the number of neighbor routers, for TC messages, this is the number of MPR Selectors of the originator of the message. Also, upon receipt of a control message, these signatures are to be verified. This paper studies the impact of adding a link-admittance control mechanism to OLSRv2, both in terms of additional control-traffic overhead and additional in-router processing resources, using several cryptographic algorithms, such as RSA and Elliptic Curve Cryptography for very short signatures.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129832348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The goal of federated identity management is to allow principals, such as identities and attributes, to be shared across trust boundaries based on established policies. Since current Single Sign-On (SSO) mechanism excessively relies on the specifications of Circle of Trust (CoT), the need for service collaboration from different domains is being addressed on CoT. For the motivating issue of the cross-domain SSO mechanism, we need an emergent dynamic trust list for calculating the trust parties, thus, the CoT specifications require an initial effort on enrolling members automatically to adapt to the dynamic open environment. In this paper, we propose a Dynamic Trust Policy Language to support trust negotiation. The formal syntax of this language is presented in Backus Naur Form (BNF) based on the concept of role membership. We also systematically develop the Dynamic Trust Model (DTM) to allow Untrusted SP to join the existing CoT by trust negotiation. Finally, we identify the process and algorithm for communication between negotiation entities.
{"title":"Dynamic Trust Model for Federated Identity Management","authors":"Hao Gao, Jun Yan, Y. Mu","doi":"10.1109/NSS.2010.40","DOIUrl":"https://doi.org/10.1109/NSS.2010.40","url":null,"abstract":"The goal of federated identity management is to allow principals, such as identities and attributes, to be shared across trust boundaries based on established policies. Since current Single Sign-On (SSO) mechanism excessively relies on the specifications of Circle of Trust (CoT), the need for service collaboration from different domains is being addressed on CoT. For the motivating issue of the cross-domain SSO mechanism, we need an emergent dynamic trust list for calculating the trust parties, thus, the CoT specifications require an initial effort on enrolling members automatically to adapt to the dynamic open environment. In this paper, we propose a Dynamic Trust Policy Language to support trust negotiation. The formal syntax of this language is presented in Backus Naur Form (BNF) based on the concept of role membership. We also systematically develop the Dynamic Trust Model (DTM) to allow Untrusted SP to join the existing CoT by trust negotiation. Finally, we identify the process and algorithm for communication between negotiation entities.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132366070","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The paper examines the advice and support provided by seven major Internet Service Providers in Australia through late 2009 and early 2010 in relation to computer and network security. Previous research has indicated that many end-users will attempt to utilise the support provided by Internet Service Providers as a simple and effective method by which to obtain key information in regards to computer security. This paper demonstrates that in many cases the individuals working at the help desk are either reluctant to provide IT security support or have insufficient skill to provide the correct information.
{"title":"Ignorant Experts: Computer and Network Security Support from Internet Service Providers","authors":"Patryk Szewczyk, C. Valli","doi":"10.1109/NSS.2010.42","DOIUrl":"https://doi.org/10.1109/NSS.2010.42","url":null,"abstract":"The paper examines the advice and support provided by seven major Internet Service Providers in Australia through late 2009 and early 2010 in relation to computer and network security. Previous research has indicated that many end-users will attempt to utilise the support provided by Internet Service Providers as a simple and effective method by which to obtain key information in regards to computer security. This paper demonstrates that in many cases the individuals working at the help desk are either reluctant to provide IT security support or have insufficient skill to provide the correct information.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114433520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The race for innovation is driving Internet evolution. Internet software developers have to create more complex systems while enduring the pressuring time to market. Therefore, end-host software have bugs, vulnerabilities and cannot be trusted. That's why, among others, network Intrusion Detection System (IDS), Intrusion Prevention System (IPS), firewall or other network devices monitor such software to prevent unexpected behaviors. However, their functionalities are limited by design, because they can only handle a configuration of predefined monolithic protocol layerings. In this paper we present Luth, a midpoint inspection device that relies on the composition and parallelization of predefined midpoint inspectors (MI). We present the main functionalities offered by its configuration language and interpreter. Finally, we benchmark a prototype implemented in OCaml. This prototype runs in the user space of a GNU/Linux operating system, by means of the libnet filter_queue library. We show how it efficiently inspects and filters DNS hidden-channels encapsulated into 20 GRE tunnels.
{"title":"Luth: Composing and Parallelizing Midpoint Inspection Devices","authors":"Ion Alberdi, V. Nicomette, P. Owezarski","doi":"10.1109/NSS.2010.44","DOIUrl":"https://doi.org/10.1109/NSS.2010.44","url":null,"abstract":"The race for innovation is driving Internet evolution. Internet software developers have to create more complex systems while enduring the pressuring time to market. Therefore, end-host software have bugs, vulnerabilities and cannot be trusted. That's why, among others, network Intrusion Detection System (IDS), Intrusion Prevention System (IPS), firewall or other network devices monitor such software to prevent unexpected behaviors. However, their functionalities are limited by design, because they can only handle a configuration of predefined monolithic protocol layerings. In this paper we present Luth, a midpoint inspection device that relies on the composition and parallelization of predefined midpoint inspectors (MI). We present the main functionalities offered by its configuration language and interpreter. Finally, we benchmark a prototype implemented in OCaml. This prototype runs in the user space of a GNU/Linux operating system, by means of the libnet filter_queue library. We show how it efficiently inspects and filters DNS hidden-channels encapsulated into 20 GRE tunnels.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"515 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132825115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: