Skip to main content
main-content

Über dieses Buch

This book constitutes the refereed proceedings of the Second International Conference on Future Network Systems and Security, FNSS 2016, held in Paris, France, in November 2016.
The 12 full papers and one short paper presented were carefully reviewed and selected from 34 submissions. The papers focus on the technology, communications, systems and security aspects of relevance to the network of the future.

Inhaltsverzeichnis

Frontmatter

AuthentIx: Detecting Anonymized Attacks via Automated Authenticity Profiling

In the modern era of cyber-security attackers are persistent in their attempts to hide and mask the origin of their attacks. In many cases, attacks are launched from spoofed or unknown Internet addresses, which makes investigation a challenging task. While protection from anonymized attacks is an important goal, detection of anonymized traffic is also important in its own right, because it allows defenders to take necessary preventative and defensive steps at an early stage, even before the attack itself has begun. In this paper we present AuthentIx, a system which measures the authenticity of the sources of Internet traffic. In order to measure the authenticity of traffic sources, our system uses passive and active profiling techniques, which are employed in both the network and the application protocols. We also show that performing certain cross-views between different communications layers can uncover inconsistencies and find clients which are suspicious. We present our system design and describe its implementation, and evaluate AuthentIx on traffic from authentic and non-authentic sources. Results show that our system can successfully detect anonymous and impersonated attackers, and furthermore, can be used as a general framework to cope with new anonymization and hiding techniques.

Mordechai Guri, Matan Monitz, Yuval Elovici

Statistical Network Anomaly Detection: An Experimental Study

The number and impact of attack over the Internet have been continuously increasing in the last years, pushing the focus of many research activities into the development of effective techniques to promptly detect and identify anomalies in the network traffic. In this paper, we propose a performance comparison between two different histogram based anomaly detection methods, which use either the Euclidean distance or the entropy to measure the deviation from the normal behaviour. Such an analysis has been carried out taking into consideration different traffic features.The experimental results, obtained testing our systems over the publicly available MAWILAb dataset, point out that both the applied method and the chosen descriptor strongly impact the detection performance.

Christian Callegari, Stefano Giordano, Michele Pagano

Power Usage Efficiency with a Modular Routing Protocol

Recent years have seen major efforts to contain the environmental footprint of the Internet. The last decade has witnessed revolutionary research to address some of the challenges faced in the Internet. This article describes an investigative framework for determining the energy savings incurred with new routing protocols and routers. The framework is applied to a real ISP network - the AT&T ISP network in the United States. It describes techniques to collect statistics from such large networks and analyze them. The statistics are then used to study the energy consumption in the ISP network both with routers running the current routing protocol, which is Open Shortest Path First (OSPF) and also with routers running the new protocol. The cost models and energy savings studies applied to large ISP networks as presented in this article is the first of its kind. As evidenced from this study significant energy benefits and cost savings thereof can be realized with the proposed modular routing protocol.

Yoshihiro Nozaki, Nirmala Shenoy, Aparna Gupta

Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures

Tactical mobile ad-hoc networks are likely to suffer from highly restricted link capacity and intermittent connectivity loss, but must provide secure access to services. The conditions under which services may be accessed and which security requirements must be maintained will vary dynamically, and local policies will hence change on a per-node basis even when starting from a common baseline such as when nodes obtain new information.In this paper we describe a mechanism allowing structured security policies to incorporate such local changes but to efficiently reconcile across tactical SOA networks, allowing the derivation of policy decisions as precomputed Horn clauses or directly reasoning over a description logic fragment. This mechanism minimises the communication overhead compared to earlier work whilst maintaining policy integrity, thereby allowing security policies to adapt to resource and network constraints and other local knowledge such as node compromises and blacklisting.

Vasileios Gkioulos, Stephen D. Wolthusen

A Social Behavior Based Interest-Message Dissemination Approach in Delay Tolerant Networks

Compared with 3G, 4G and Wi-Fi, Delay-Tolerant Networking (DTN) can only have intermittent chance to transmit messages. Without a clear end-to-end path, routing a message in DTN to the destination is difficult. But in some particular case, it could be an advantage. People around the world have their personal habit and it will be projected on their social life. Therefore we use the social behavior as a foundation feature of our routing algorithm. We propose two new kinds of routing algorithms with our own trace file. On one hand, birds of a feather flock together, so people who have similar interests tend to go to the same places. In case of this, we combining the personal interests and the trace file to different buildings where each node locates, we propose the building-based routing algorithm. On the other hand, we think people who have similar interests hang out together more often, so we use the social relationship as a feature and propose social-based routing algorithm. In the end, we compare our algorithms with Epidemic, MaxProp and PRoPHET routing algorithms. The result shows that our algorithms outperform the others.

Tzu-Chieh Tsai, Ho-Hsiang Chan, Chien Chun Han, Po-Chi Chen

The Looking-Glass System: A Unidirectional Network for Secure Data Transfer Using an Optic Medium

The Looking-Glass system is a unidirectional network for data transfer using an optic medium, base on the principle of transferring information digitally between two stations without an electric connection. The implementation of this idea includes one side encoding and projecting the information to a screen in high speed, and a receiving side, which decodes the information image back to its original form. The decoding is done using a unique algorithm. Also, in order to synchronize between the transmitter and the receiver sides a separate synchronization system base on video pattern recognition is used. This technique can be useful whenever there is a need to transfer information from a closed network – especially sensitive one – to an open network, such as the Internet network, while keeping the information in its original form, and without any fear of an uncontrolled bidirectional flow of information – either by a leakage or a cyber attack.

Gal Oren, Lior Amar, David Levy-Hevroni, Guy Malamud

Privacy Preserving Consensus-Based Economic Dispatch in Smart Grid Systems

Economic dispatch is a well-known optimization problem in smart grid systems which aims at minimizing the total cost of power generation among generation units while maintaining some system constraints. Recently, some distributed consensus-based approaches have been proposed to replace traditional centralized calculation. However, existing approaches fail to protect privacy of individual units like cost function parameters, generator constraints, output power levels, etc. In this paper, we show an attack against an existing consensus-based economic dispatch algorithm from [16] assuming semi-honest non-colluding adversaries. Then we propose a simple solution by combining a secure sum protocol and the consensus-based economic dispatch algorithm that guarantees data privacy under the same attacker model. Our Privacy Preserving Economic Dispatch (PPED) protocol is information-theoretically secure.

Avikarsha Mandal

Network DDoS Layer 3/4/7 Mitigation via Dynamic Web Redirection

Layer 3, 4 and 7 DDoS attacks are common and very difficult to defend against. The academic community has published hundreds of well thought out algorithms, which require changes in computer networking equipment, to better detect and mitigate these attacks. The problem with these solutions, is that they require computer networking manufacturers to make changes to their hardware and/or software. On the other hand, with our solution, absolutely no hardware or software changes are required. We only require the use of BGP4 Flow-Spec, which has already been widely deployed many years ago. Further the customers’ own ISP does not require Flow-Spec. Our algorithm protects groups of over sixty-five thousand different customers, via the aggregation into one very small Flow-Spec rule. In this paper, we propose our novel, low cost and efficient solution, to both detect and greatly mitigate any and all types of L347 DDoS Web attacks.

Todd Booth, Karl Andersson

Secure RFID Protocol to Manage and Prevent Tag Counterfeiting with Matryoshka Concept

Since the RFID technology has been found couple of decades ago, there was much involvement of this emerging technology in the improvement of supply chain management. As this technology made the industry more reliable and faster to process, yet there were always some technical issues and security threats that emerged from the heavy use of the RFID tags in the SCM, or other industries. Hereby we represent a new protocol based on a new idea that can be used to manage and organize tags as well as the objects attached to them in SCM, to prevent counterfeiting and reduce the security threats taking into consideration the security and privacy concerns that faces the industry today. This new approach will open a new horizon to the supply chain management as well as the RFID systems technology since it will handle multi- tags attached to objects managed in one location as an entity of one in one. We called our approach the MATRYOSHKA approach since it has the same idea of the russian doll, in managing multi-tags as one entity and prevent counterfeiting. We also added extra authentication process based on a mathematical exchange key formation to increase the security during communication to prevent threats and attacks and to provide a secure mutual authentication method.

Gaith Al., Robin Doss, Morshed Chowdhury, Biplob Ray

A Roadmap for Upgrading Unupgradable Legacy Processes in Inter-Organizational Middleware Systems

Complex changes in an Organization’s Information Systems require roadmapping to ensure planning and execution meet the objectives. While traditional projects have plethora of methodologies to help achieving their goals, agile projects are harder to plan, particularly when dealing with Unupgradable Legacy Processes (ULP). A ULP is a process that is too old, complex, critical, and/or costly to be upgraded using standard methodologies and tools. One approach to address such difficulty is to separate project and technological roadmaps to separate focuses on organizational and technical aspects. In B2B context, and more precisely Inter-Organizational Information Systems (IOIS), the increasing need for integration has generated a new layer of middleware components referred to as Inter-Organizational Middleware Systems (IOMS). IOMS is a set of services, processes, procedures and methods that allow information to be shared between multiple partners of the same IOIS despite the heterogeneity of their systems. In spite of IOMS being relatively a new concept, it lacks full valuation and dare-we-say appreciation from stakeholders, which has ultimately culminated in them suffering the problem of ULPs. The purpose of this paper is to address the issue by proposing a set of roadmaps to upgrade ULPs in IOMS. First, the concept of roadmaps is investigated and a separation between Enterprise Project (EP) and Technological Project (TP) roadmaps is put forward. IOMS is then presented before a set of roadmaps is proposed to address its ULP issues. An implementation validating these roadmaps is then presented before merits and limitations of the proposed artifacts are discussed.

Radhouane B. N. Jrad, M. Daud Ahmed, David Sundaram

Sustainable, Holistic, Adaptable, Real-Time, and Precise (SHARP) Approach Towards Developing Health and Wellness Systems

As populations age and chronic diseases become more prevalent, new strategies are required to help people live well. Traditional models of episodic health care will not be sufficient to meet changing health care needs and the reorientation of services towards maintaining function as opposed to treating illness. One strategy to meet these challenges is an increased focus on self-care via use of broader social networks and seamless integration of applications with lifestyle activities, particularly for people with chronic diseases including diabetes, cardiovascular disease, and respiratory conditions. There has also been a rapid increase in a range of technologies for connecting different components of the health system and delivering services through smartphones and connected devices. Our proposal is to pursue systems development in healthcare in a way that considers a range of aspects known as SHARP: Sustainable, Holistic, Adaptive, Real-time and Precise. This approach will provide solutions that will be useful and effective for managing the long-term well-being of individuals.

Farhaan Mirza, Asfahaan Mirza, Claris Yee Seung Chung, David Sundaram

Connected Bicycles

As IoT (Internet of Things) applications pervade every facet of our lives, it becomes necessary to take stock of the possibilities that include what has already been achieved and what could readily be achieved. We consider a specific facet of IoT applications as they relate to bicycles, specifically the use of IoT in connected bicycles. We discuss current IoT applications in connected bicycles as well as associated dimensions on connected and quantified self. While the concept of quantified self existed without any influence from IoT, the widespread acceptance of IoT and associated convenience have certainly spurred the emergence of IoT-enabled devices that facilitate ease of quantified self data collection. We also identify possible extensions to what already exists in connected bicycles from an IoT-based perspective.

Otto B. Piramuthu

Collaborative Network Coding in Opportunistic Mobile Social Network

Opportunistic mobile social network is a type of delayed tolerant network, where nodes with mobility contacts each other through short range wireless communications. Recently, many related applications are emerging, such as Firechat. However, message dissemination in opportunistic mobile social network is a challenging task. We propose collaborative network coding that enables users to take part in improving the performance of using network coding for message dissemination. The proposed method is evaluated by trace data conducted by participants who may not know each other in advance for a more realistic simulation of real world opportunistic mobile social network. Simulation result shows that our proposed method out performs flooding based message dissemination.

Tzu-Chieh Tsai, Chien-Chun Han, Shou-Yu Yen

Backmatter

Weitere Informationen

Premium Partner

Neuer Inhalt

BranchenIndex Online

Die B2B-Firmensuche für Industrie und Wirtschaft: Kostenfrei in Firmenprofilen nach Lieferanten, Herstellern, Dienstleistern und Händlern recherchieren.

Whitepaper

- ANZEIGE -

Best Practices für die Mitarbeiter-Partizipation in der Produktentwicklung

Unternehmen haben das Innovationspotenzial der eigenen Mitarbeiter auch außerhalb der F&E-Abteilung erkannt. Viele Initiativen zur Partizipation scheitern in der Praxis jedoch häufig. Lesen Sie hier  - basierend auf einer qualitativ-explorativen Expertenstudie - mehr über die wesentlichen Problemfelder der mitarbeiterzentrierten Produktentwicklung und profitieren Sie von konkreten Handlungsempfehlungen aus der Praxis.
Jetzt gratis downloaden!

Bildnachweise