Loading...
Search for: network-security
0.008 seconds
Total 155 records

    A Model for Network Telescope on White IP Address Space

    , M.Sc. Thesis Sharif University of Technology Ghasemzadeh, Hamed (Author) ; Kharrazi, Mehdi (Supervisor)
    Abstract
    Network Telescopes are used to extract security features of large a?a?s targeted large net-works.In this method all tra?cs received targeted to an unused address blo? are processedto ?nd useful informations about descriptive parameters of work propagation.Currently all resear?es are focused on dark addresses or unused address blo?s, in this re-sear? the idea is generalized to cover used and white address blo?s. Also the structure ofnetwork telescope is de?ned with a new manner whi?added more details to prediction andestimation methods. To extract security features of a?a?events, a newmethod have been introduced for inferenceabout a?a? parameters. ?e proposed method may be used to predict... 

    An efficient dynamic allocation mechanism for security in networks of interdependent strategic agents

    , Article Dynamic Games and Applications ; Volume 9, Issue 4 , 2019 , Pages 914-941 ; 21530785 (ISSN) Farhadi, F ; Tavafoghi, H ; Teneketzis, D ; Golestani, S. J ; Sharif University of Technology
    Springer New York LLC  2019
    Abstract
    Motivated by security issues in networks, we study the problem of incentive mechanism design for dynamic resource allocation in a multi-agent networked system. Each strategic agent has a private security state which can be safe or unsafe and is only known to him. At every time, each agent faces security threats from outside as well as from his unsafe neighbors. Therefore, the agents’ states are correlated and have interdependent stochastic dynamics. Agents have interdependent valuations, as each agent’s instantaneous utility depends on his own security state as well as his neighbors’ security states. There is a network manager that can allocate a security resource to one agent at each time... 

    A dynamic incentive mechanism for security in networks of interdependent agents

    , Article 7th EAI International Conference on Game Theory for Networks, GameNets 2017, 9 May 2017 through 9 May 2017 ; Volume 212 , 2017 , Pages 86-96 ; 18678211 (ISSN); 9783319675398 (ISBN) Farhadi, F ; Tavafoghi, H ; Teneketzis, D ; Golestani, J ; Sharif University of Technology
    Springer Verlag  2017
    Abstract
    We study a dynamic mechanism design problem for a network of interdependent strategic agents with coupled dynamics. In contrast to the existing results for static settings, we present a dynamic mechanism that is incentive compatible, individually rational, budget balanced, and social welfare maximizing. We utilize the correlation among agents’ states over time, and determine a set of inference signals for all agents that enable us to design a set of incentive payments that internalize the effect of each agent on the overall network dynamic status, and thus, align each agent’s objective with the social objective. © 2017, ICST Institute for Computer Sciences, Social Informatics and... 

    Resisting Flow Content Characterization in Network Traffic

    , M.Sc. Thesis Sharif University of Technology Momeni Boroojeni, Farzad (Author) ; Kharrazi, Mehdi (Supervisor)
    Abstract
    One way to control the type of data being transferred in the network is to check the header of the packet, but in networks that have high-speed data transmission or data can move through different routes, the probability of finding the first packet which contains the header reduces tremendously, and the usage of the methods mentioned below becomes clear. So even if the packet header isn’t received correctly, or the declarative features of these flows are changed, without having exact knowledge of the data transferred, you can use a limited number of packets to obtain information such as the type and protocol being used. This is possible with the help of statistical data analysis.Traffic... 

    Key Management for Large Scale Mobile Ad-hoc Networks

    , M.Sc. Thesis Sharif University of Technology Gharib, Mohammed (Author) ; Movaghar Rahimabadi, Ali (Supervisor)
    Abstract
    Mobile ad hoc networks have been attracted the attention of many researchers during last years. One of the major concerns faces such networks is the security issue. The root of this concern is the fact that the intermediate nodes have the responsibility of packet transportation and forwarding. The nodes inside the mobile ad hoc networks assumed to be trusty while they can read, change or drop the transported packets. Cryptography as the cornerstone of the security could be play an essential role in such networks. Any cryptosystem need some keys to be able to secure communications. In large scale mobile ad hoc networks storing the whole keys in all nodes is inefficient, if possible, due to... 

    Network Security using Host-controller Application Codesign in SDN

    , M.Sc. Thesis Sharif University of Technology Tajzad, Mohammad Reza (Author) ; Afshin Hematyar, Ali Mohammad (Supervisor)
    Abstract
    Software Defined Networks provide programmability and centralized control for network’s administrator. Like other networks, security problems are important in these networks, but there is not enough research in this area. The problem being discussed here is to elevate the security level in software defined networks using centralized control and programmability of these networks. We will accomplish this purpose by using hosts and controller at the same time to prevent unwanted traffic from entering the network. By using this approach, we will be able to remove many short comings of these networks and implement security systems, like intrusion detection systems, more efficient. One of these... 

    Online Policy Enforcement on Heavy Network Traffic Using Protocol Parsers

    , M.Sc. Thesis Sharif University of Technology Ebrahimi, Alireza (Author) ; Jalili, Rasool (Supervisor)
    Abstract
    In recent years, internet traffic is experiencing an explosive growth. High performance networking in large scale computer networks creates several security challenges. Exploiting Deep Packet Inspection (DPI) is regarded as a big challenge especially for massive data when number of concurrent connections grows. Using simple security based on network layer data can easily avaded by attackers and also can not detect more sophisticated attacks like DDoS. In this paper we proposed a new grammar model named bidirectional asynchronous counting grammar and it’s automata. With this grammar model we can define policies based on extracted fields in both request and response flows. Using new model of... 

    An efficient spam mail detection by counter technique

    , Article World Academy of Science, Engineering and Technology ; Volume 50 , May , 2011 , Pages 573-576 ; 2010376X (ISSN) Kholghi, R ; Behnam Roudsari, S ; Nemaney Pour, A ; Sharif University of Technology
    Abstract
    Spam mails are unwanted mails sent to large number of users. Spam mails not only consume the network resources, but cause security threats as well. This paper proposes an efficient technique to detect, and to prevent spam mail in the sender side rather than the receiver side. This technique is based on a counter set on the sender server. When a mail is transmitted to the server, the mail server checks the number of the recipients based on its counter policy. The counter policy performed by the mail server is based on some pre-defined criteria. When the number of recipients exceeds the counter policy, the mail server discontinues the rest of the process, and sends a failure mail to sender of... 

    Improving mobile banking security using steganography

    , Article 4th International Conference on Information Technology-New Generations, ITNG 2007, Las Vegas, NV, 2 April 2007 through 4 April 2007 ; 2007 , Pages 885-887 ; 0769527760 (ISBN); 9780769527765 (ISBN) Shirali Shahreza, M ; Sharif University of Technology
    2007
    Abstract
    Upon development of m-commerce as one of the new branches of e-commerce, m-banking has emerged as one of the main divisions of m-commerce. As the m-banking was received very well, it has embarked upon supply of various services based on different systems and with the aid of various services such as the Short Messaging Service (SMS). However, in spite of its advantages, m-banking is facing some challenges as well. One of these challenges is the issue of security of this system. This paper presents a method for increasing security of the information requested by users with the use of steganography method. In this method, instead of direct sending of the information, it is hidden in a picture... 

    A Scheme for Improving Security in Peer-to-Peer Video Streaming Networks

    , M.Sc. Thesis Sharif University of Technology Toghia, Pezhman (Author) ; Rabiei, Hamid Reza (Supervisor)
    Abstract
    The improvments in computer networks and video compression techniques have motivated the network engineers to broadcast video over the Internet. Recently, Peer-to-Peer networks have been considered as a suitable way for video streaming. P2P networks are distributed and there’s no central management mechanism in them. In addition, video has a time-sensitive nature. Therefore, these networks are vulnerable to security attacks. Denial of Service attacks, attacks on the membership management mechanism, attacks on neighbors selection mechanism, selfish nodes and content pollution attacks are common attack on Peer-to-Peer Video Streaming networks. In a content pollution attack, one or several... 

    Analysis of Key Distribution Schemes in Wireless Sensor Networks

    , M.Sc. Thesis Sharif University of Technology Shafieinejad, Masoumeh (Author) ; Aref, Mohammad Reza (Supervisor)
    Abstract
    Wireless Sensor Networks (WSNs) are comprised of small sensor nodes with very limitedstorage, power and computational capabilities. The nodes in wireless sensor networks should be able to communicate with each other in order to accumulate information and to relay it to a base station in a secure manner. Since this communication often takes place in a hostile environment, encryption and/or authentication should be used. This requires the establishment of secure keys between the sensor nodes in the WSN. The constraints of such a lightweight distributed computing environment lend itself to the use of symmetric cryptography to provide security services. The lack of central infrastructure after... 

    Performance Improvement of Intrusion Detection Systems for Wireless Networks

    , M.Sc. Thesis Sharif University of Technology Safir, Sajjad (Author) ; Hematyar, Ali Mohammad Afshin (Supervisor)
    Abstract
    Wireless technology can now be seen almost everywhere. This technology has recently become very popular, and with the convenience that comes with its use, it will probably be the most commonly used technology among computer networks in the near future. Unfortunately, new technology is always under fire when it comes to security.So that this type of network security has become a big challenge for them.
    The researchers approach to security in wireless networks that have a lot of attention is the use of intrusion detection systems. An intrusion detection system (IDS) monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. In some cases... 

    Improving Payload Attribution Techniques

    , M.Sc. Thesis Sharif University of Technology Sasan Narkes Abadi, Zeynab (Author) ; Kharrazi, Mehdi (Supervisor)
    Abstract
    One of the most important steps in the process of network forensics is attacker attribution and tracing the victims of the attack. In some situations, there is no other information to track the attacker except the payload of packet. Network security professionals have introduced payload attribution techniques to attribute this type of attacks. In payload attribution techniques, a history of network traffic is stored so that after the attack, it can be queried to trace the source and destination of excerpts. Due to the high volume of traffic in today's networks, payload attribution techniques should be able to store traffic in compressed format so that querying on this data be done easily at... 

    Intrusion Detection System in Smart Grids

    , M.Sc. Thesis Sharif University of Technology Beigi, Hossein (Author) ; Amini, Morteza (Supervisor)
    Abstract
    Smart grids are the new generation of power grids that combine the power distribution grid with the communications network. The purpose of these networks is to create a secure, two-way infrastructure for the transmission of power and information. The complex structure of smart grids, along with the inherent vulnerabilities of physical systems, old devices and protocols on the network and the need for backward compatibility, have created serious cyber risks to critical assets and infrastructures. The difference between these types of networks and conventional computer networks has made the security mechanisms developed in conventional computer networks not very suitable for these types of... 

    Anomaly Based Intrusion Detection in Computer Networks Using Generative Adversarial Networks

    , M.Sc. Thesis Sharif University of Technology Heidary, Milad (Author) ; Hemmatyar, Ali Mohammad Afshin (Supervisor)
    Abstract
    Due to the rapid development of computer networks, security is a major concern. Methods of intruding computer networks are also rapidly developing, and there is a new method every day. These facts corroborate the need for new and more intelligent mechanisms for detecting intrusion. To detect intrusion, one must analyze the network traffic. The most used traditional methods of traffic separation are port-based and payload based detection. The former is not so efficient, and the latter is not only inefficient but also violates the privacy of users. Unsatisfied by such methods, researchers adopted machine learning techniques and tried to develop new solutions for detecting intrusion. Methods... 

    Analysis and Evaluation of Intrusion Detection Datasets and Providing a Solution to Make Them Real

    , M.Sc. Thesis Sharif University of Technology Shabani Eshkalak, Majedeh (Author) ; Jahangir, Amir Hossein (Supervisor)
    Abstract
    The rapid advancement of information technology and computer networks raised concerns of the users and network administrators regarding security. The development of computer networks and the increase in the number of specialists in this field led to the increase in the number of people who seek to abuse these networks, people known as attackers. The attackers look for security defects in a network to penetrate and abuse it proportionate to their needs. Considering the risks of these attacks, it is necessary to have an intrusion detection system (IDS). IDSs are capable of detecting attack traffic or suspected traffic, then, they alert the network administrators, and consequently, stop the... 

    Mid-defense: Mitigating protocol-level attacks in TOR using indistinguishability obfuscation

    , Article 2014 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; 3- 4 September , 2014 , pp. 214-219 ; ISBN: 9781479953837 Soltani, M ; Najafi, S ; Jalili, R ; Sharif University of Technology
    Abstract
    TOR is one of the most famous anonymity networks. TOR works correctly when at least one honest relay exists along an established circuit. However, many attacks reveal anonymity of TOR communications by watermarking traffics, changing timings, counting cells per packets, and recently, introducing errors in cells. This paper focuses on protocol-level attacks which can de-anonymize users by changing a cell, and provides a solution for this attack by changing the way integrities of cells are checked. The proposed design allows all relays, not just the exit node, to check the integrity of cells, independently. In addition, this paper proposes a novel method, based on the concept of... 

    Key splitting for random key distribution schemes

    , Article Proceedings - International Conference on Network Protocols, ICNP ; 2012 ; 10921648 (ISSN) ; 9781467324472 (ISBN) Ehdaie, M ; Alexiou, N ; Ahmadian, M ; Aref, M. R ; Papadimitratos, P ; Sharif University of Technology
    2012
    Abstract
    A large number of Wireless Sensor Network (WSN) security schemes have been proposed in the literature, relying primarily on symmetric key cryptography. To enable those, Random Key pre-Distribution (RKD) systems have been widely accepted. However, WSN nodes are vulnerable to physical compromise. Capturing one or more nodes operating with RKD would give the adversary keys to compromise communication of other benign nodes. Thus the challenge is to enhance resilience of WSN to node capture, while maintaining the flexibility and low-cost features of RKD. We address this problem, without any special-purpose hardware, proposing a new and simple idea: key splitting. Our scheme does not increase... 

    An efficient spam mail detection by counter technique

    , Article World Academy of Science, Engineering and Technology ; Volume 74 , May , 2011 , Pages 579-582 ; 2010376X (ISSN) Kholghi, R ; Roudsari, S. B ; Pour, A. N ; Sharif University of Technology
    2011
    Abstract
    Spam mails are unwanted mails sent to large number of users. Spam mails not only consume the network resources, but cause security threats as well. This paper proposes an efficient technique to detect, and to prevent spam mail in the sender side rather than the receiver side. This technique is based on a counter set on the sender server. When a mail is transmitted to the server, the mail server checks the number of the recipients based on its counter policy. The counter policy performed by the mail server is based on some pre-defined criteria. When the number of recipients exceeds the counter policy, the mail server discontinues the rest of the process, and sends a failure mail to sender of... 

    Improving security issues in MANET AODV routing protocol

    , Article Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 1 September 2015 through 2 September 2015 ; Volume 155 , November , 2015 , Pages 237-250 ; 18678211 (ISSN) ; 9783319250663 (ISBN) Gharehkoolchian, M ; Hemmatyar, A. M. A ; Izadi, M ; Sharif University of Technology
    Springer Verlag  2015
    Abstract
    Mobile Ad-hoc Networks (MANETs) are forming dynamically by joining or leaving the nodes into/from the network without any fix infrastructure. It is also possible that each mobile node act as a host or router. This kind of wireless network is prone to various security threats or attacks due to its unique characteristics like dynamic topology, open medium, lack of central monitoring, etc. So security is a vital scope in MANET to protect communication between mobile nodes. Ad-hoc On-demand Distance Vector (AODV) is one of the on-demand reactive routing protocols in MANET that initially was improved without considering security protection. Significant attempts have been done to secure AODV...