Project List

Handling Multiple Failures in IP Networks through Localized On-Demand Link State Routing It has been observed that transient failures are fairly common in IP backbone networks and there have been several proposals based on local rerouting to provide high network availability despite failures. While most of these proposals are effective in handling single failures, they either cause loops or drop packets in the case of multiple independent failures. To ensure forwarding continuity even with multiple failures, we propose Localized On-demand Link State (LOLS) routing. Under LOLS, each packet carries a blacklist, which is a minimal set of failed links encountered along its path, and the next hop is determined by excluding the blacklisted links. We show that the blacklist can be reset when the packet makes forward progress towards the…

FireCol: A Collaborative Protection Network for the Detection of Flooding DDoS Attacks Distributed denial-of-service (DDoS) attacks remain a major security problem, the mitigation of which is very hard especially when it comes to highly distributed botnet-based attacks. The early discovery of these attacks, although challenging, is necessary to protect end-users as well as the expensive network infrastructure resources. In this paper, we address the problem of DDoS attacks and present the theoretical foundation, architecture, and algorithms of FireCol. The core of FireCol is composed of intrusion prevention systems (IPSs) located at the Internet service providers (ISPs) level. The IPSs form virtual protection rings around the hosts to defend and collaborate by exchanging selected traffic information. The evaluation of FireCol using extensive simulations and a real dataset is presented, showing FireCol…

Participatory Privacy: Enabling Privacy in Participatory Sensing Participatory Sensing is an emerging computing paradigm that enables the distributed collection of data by self-selected participants. It allows the increasing number of mobile phone users to share local knowledge acquired by their sensor-equipped devices, e.g., to monitor temperature, pollution level or consumer pricing information. While research initiatives and prototypes proliferate, their real-world impact is often bounded to comprehensive user participation. If users have no incentive, or feel that their privacy might be endangered, it is likely that they will not participate. In this article, we focus on privacy protection in Participatory Sensing and introduce a suitable privacy-enhanced infrastructure. First, we provide a set of definitions of privacy requirements for both data producers (i.e., users providing sensed information) and consumers (i.e., applications accessing…

A Fast Re-Route Method We present a method to find an alternate path, after a link failure, from a source node to a destination node, before the Interior Gateway Protocol (e.g., OSPF or IS-IS) has had a chance to reconverge in response to the failure. The target application is a small (up to tens of nodes) regional access subnetwork of a service provider’s network, which is a typical access scale encountered in practice. We illustrate the method and prove that it will find a path if one exists.

Optimum Relay Selection for Energy-Efficient Cooperative Ad Hoc Networks The Cooperative Communication (CC) is a technology that allows multiple nodes to simultaneously transmit the same data. It can save power and extend transmission coverage. However, prior research work on topology control considers CC only in the aspect of energy saving, not that of coverage extension. We identify the challenges in the development of a centralized topology control scheme, named Cooperative Bridges, which reduces transmission power of nodes as well as increases network connectivity. Prior research on topology control with CC only focuses on maintaining the network connectivity, minimizing the transmission power of each node, whereas ignores the energy efficiency of paths in constructed topologies. This may cause inefficient routes and hurt the overall network performance in cooperative ad hoc networks.…

Detecting and Resolving Firewall Policy Anomalies As the network dramatically extended security considered as major issue in networks. There are many methods to increase the network security at the moment such as encryption, VPN, firewall etc. but all of these are too static to give an effective protection against attack and counter attack. We use data mining algorithm and apply it to the anomaly detection problem. In this work our aim to use data mining techniques including classification tree and support vector machines for anomaly detection. The result of experiments shows that the algorithm C4.5 has greater capability than SVM in detecting network anomaly and false alarm rate by using 1999 KDD cup data.

Detecting and Resolving Firewall Policy Anomalies As the network dramatically extended security considered as major issue in networks. There are many methods to increase the network security at the moment such as encryption, VPN, firewall etc. but all of these are too static to give an effective protection against attack and counter attack. We use data mining algorithm and apply it to the anomaly detection problem. In this work our aim to use data mining techniques including classification tree and support vector machines for anomaly detection. The result of experiments shows that the algorithm C4.5 has greater capability than SVM in detecting network anomaly and false alarm rate by using 1999 KDD cup data.