0000000000012487
AUTHOR
Jarmo Siltanen
Analysis of Approaches to Internet Traffic Generation for Cyber Security Research and Exercise
Because of the severe global security threat of malwares, vulnerabilities and attacks against networked systems cyber-security research, training and exercises are required for achieving cyber resilience of organizations. Especially requirement for organizing cyber security exercises has become more and more relevant for companies or government agencies. Cyber security research, training and exercise require closed Internet like environment and generated Internet traffic. JAMK University of Applied Sciences has built a closed Internet-like network called Realistic Global Cyber Environment (RGCE). The traffic generation software for the RGCE is introduced in this paper. This paper describes …
Data Mining Approach for Detection of DDoS Attacks Utilizing SSL/TLS Protocol
Denial of Service attacks remain one of the most serious threats to the Internet nowadays. In this study, we propose an algorithm for detection of Denial of Service attacks that utilize SSL/TLS protocol. These protocols encrypt the data of network connections on the application layer which makes it impossible to detect attackers activity based on the analysis of packet payload. For this reason, we concentrate on statistics that can be extracted from packet headers. Based on these statistics, we build a model of normal user behavior by using several data mining algorithms. Once the model has been built, it is used to detect DoS attacks. The proposed framework is tested on the data obtained w…
The simulation and analysis of the revenue critierion based adaptive WFQ
This paper presents the simulation and analysis of the adaptive resource allocation model, which was proposed and theoretically considered in our previous works. It relies upon the Weighted Fair Queueing (WFQ) service policy and uses the revenue criterion to adjust weights. The purpose of the proposed model is to maximize a provider's revenue and, at the same time, ensure the required Quality-of-Service (QoS) for end-users. Our previous works provided the theoretical evaluation of the proposed model and considered the single-node case only. This paper presents more realistic network scenario, which includes a set of clients and several intermediate switching nodes with the proposed model. T…
VoiP performance analysis in IEEE802.16 networks
WiMAX, as known as IEEE standard 802.16, is a wide range broadband wireless access network which has a significant good support for the quality of service. According to IEEE standard 802.16e WiMAX has support also for mobility. One of the key advantages of the WiMAX network is the possibility to assign QoS parameters as connection based. A good example of traffic type having strict QoS demands is VoIP. VoIP will probably be a killer application in the future's broadband wireless networks because of its cost efficiency compared to circuit switched networks. In this paper, we analyze by extensive simulations how QoS is applied per connection, especially for the VoIP connection.
Weighted Fuzzy Clustering for Online Detection of Application DDoS Attacks in Encrypted Network Traffic
Distributed denial-of-service (DDoS) attacks are one of the most serious threats to today’s high-speed networks. These attacks can quickly incapacitate a targeted business, costing victims millions of dollars in lost revenue and productivity. In this paper, we present a novel method which allows us to timely detect application-layer DDoS attacks that utilize encrypted protocols by applying an anomaly-based approach to statistics extracted from network packets. The method involves construction of a model of normal user behavior with the help of weighted fuzzy clustering. The construction algorithm is self-adaptive and allows one to update the model every time when a new portion of network tr…
Quality of service and dynamic scheduling for traffic engineering in next generation networks
Nykyisin Internet-operaattorit tuottavat palveluja, jotka ovat sidoksissa verkon suorituskykyyn. Palvelut tunnistetaan niihin liittyvien parametrien mukaan, jotka jaottelevat pakettiliikenteen verkon solmujen kautta. Näitä parametreja kutsutaan palvelun laaduksi (QoS). Tulevaisuudessa tietoliikenneverkoissa aikakriittinen liikenne, kuten ääntä (IP-puhelut, VoIP) ja videokuvaa sisältävä liikenne tulee lisääntymään. Palvelun laatua tarvitaan takaamaan aikakriittisten liikenteiden toiminta tietoverkoissa.Menetelmät, jotka perustuvat pakettien merkitsemiseen, ovat yksinkertaisia ja skaalautuvia. Jonotusmenettelyjä käytetään takaamaan erityyppisten liikenteiden palvelun laatu. Palvelun laadun tu…