Future Network Systems and Security

In the modern era of cyber-security attackers are persistent in their attempts to hide and mask the origin of their attacks. In many cases, attacks are launched from spoofed or unknown Internet addresses, which makes investiga‐ tion a challenging task. While protection from anonymized attacks is an important goal, detection of anonymized traffic is also important in its own right, because it allows defenders to take necessary preventative and defensive steps at an early stage, even before the attack itself has begun. In this paper we present AuthentIx, a system which measures the authenticity of the sources of Internet traffic. In order to measure the authenticity of traffic sources, our system uses passive and active profiling techniques, which are employed in both the network and the application protocols. We also show that performing certain cross-views between different communications layers can uncover inconsistencies and find clients which are suspicious. We present our system design and describe its implementation, and evaluate AuthentIx on traffic from authentic and non-authentic sources. Results show that our system can successfully detect anonymous and impersonated attackers, and furthermore, can be used as a general framework to cope with new anonymization and hiding techniques.

[1]  Aiko Pras,et al.  Booters — An analysis of DDoS-as-a-service attacks , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[2]  G. Usha Devi,et al.  Detection of DDoS Attack using Optimized Hop Count Filtering Technique , 2015 .

[3]  S. Selvakumar,et al.  Distributed denial of service attack detection using an ensemble of neural classifier , 2011, Comput. Commun..

[4]  F. Richard Yu,et al.  Distributed denial of service attacks in software-defined networking with cloud computing , 2015, IEEE Communications Magazine.

[5]  Joel Bender,et al.  The association of technology in a workplace wellness program with health risk factor reduction. , 2013, Journal of occupational and environmental medicine.

[6]  Aiko Pras,et al.  Inside booters: An analysis on operational databases , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[7]  Radhouane B. N. Jrad,et al.  Architectural Pattern for Inter-Organizational Middleware Systems , 2016, ICTCC.

[8]  Annalisa Socievole,et al.  Wireless contacts, Facebook friendships and interests: Analysis of a multi-layer social network in an academic environment , 2014, 2014 IFIP Wireless Days (WD).

[9]  Wanlei Zhou,et al.  Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics , 2011, IEEE Transactions on Information Forensics and Security.

[10]  Ming-Chien Yang,et al.  RIHT: A Novel Hybrid IP Traceback Scheme , 2012, IEEE Transactions on Information Forensics and Security.

[11]  Wenzhong Li,et al.  Rethinking routing information in mobile social networks: Location-based or social-based? , 2014, Comput. Commun..

[12]  Tobias Mueller,et al.  Towards inter-organizational Enterprise Architecture Management - Applicability of TOGAF 9.1 for Network Organizations , 2013, AMCIS.

[13]  Alex Pentland,et al.  Reality mining: sensing complex social systems , 2006, Personal and Ubiquitous Computing.

[14]  Tudor Dumitras,et al.  Why Do Upgrades Fail and What Can We Do about It? , 2009, Middleware.

[15]  Robert B. Johnston,et al.  An empirical evaluation of existing IS change theories for the case of IOIS evolution , 2014, Eur. J. Inf. Syst..

[16]  Pan Hui,et al.  People are the network : experimental design and evaluation of social-based forwarding algorithms , 2008 .

[17]  Ingrid Schirmer,et al.  From Enterprise Architecture to Business Ecosystem Architecture: Stages and Challenges for Extending Architectures beyond Organizational Boundaries , 2014, 2014 IEEE 18th International Enterprise Distributed Object Computing Conference Workshops and Demonstrations.

[18]  Wei Tsang Ooi,et al.  Analysis and implications of student contact patterns derived from campus schedules , 2006, MobiCom '06.

[19]  Thomas F. La Porta,et al.  Social-Aware Data Diffusion in Delay Tolerant MANETs , 2012 .

[20]  Jian-Xin Xu,et al.  Consensus Based Approach for Economic Dispatch Problem in a Smart Grid , 2013, IEEE Transactions on Power Systems.

[21]  Song Guo,et al.  Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient , 2012, IEEE Transactions on Parallel and Distributed Systems.

[22]  Mads Haahr,et al.  Social network analysis for routing in disconnected delay-tolerant MANETs , 2007, MobiHoc '07.

[23]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[24]  Anders Lindgren,et al.  Probabilistic Routing in Intermittently Connected Networks , 2004, SAPIR.

[25]  Sean B. Eom An Introduction to Inter-Organizational Information Systems with Selected Bibliography , 2005 .

[26]  Brian Gallagher,et al.  MaxProp: Routing for Vehicle-Based Disruption-Tolerant Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[27]  Márk Jelasity,et al.  Asynchronous privacy-preserving iterative computation on peer-to-peer networks , 2012, Computing.

[28]  Ivan Porres,et al.  DevOps: A Definition and Perceived Adoption Impediments , 2015, XP.

[29]  Tzu-Chieh Tsai,et al.  NCCU Trace: social-network-aware mobility trace , 2015, IEEE Communications Magazine.

[30]  Yehuda Lindell,et al.  Secure Multiparty Computation for Privacy-Preserving Data Mining , 2009, IACR Cryptol. ePrint Arch..

[31]  Aiko Pras,et al.  Real-time DDoS attack detection for Cisco IOS using NetFlow , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[32]  FireCircle : GRNET ’ s approach to advanced network security services ’ management via bgp flow-spec and NETCONF , 2012 .

[33]  Mohammad Kazem Haki,et al.  Inter-Organizational Information System Architecture: A Service-Oriented Approach , 2010, PRO-VE.

[34]  Allen J. Wood,et al.  Power Generation, Operation, and Control , 1984 .

[35]  Urbashi Mitra,et al.  Parametric Methods for Anomaly Detection in Aggregate Traffic , 2011, IEEE/ACM Transactions on Networking.

[36]  Radhouane B. N. Jrad,et al.  Architecting adaptive inter-organizational middleware systems: A proposal, implementation, and evaluation , 2016, 2016 SAI Computing Conference (SAI).

[37]  M. Markus,et al.  The Enterprise System Experience— From Adoption to Success , 2000 .

[38]  Aiko Pras,et al.  Collaborative attack mitigation and response: A survey , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).