Global ETD Search

881	IP multicast receiver mobility support using PMIPv6 in a global satellite network Jaff, Esua K., Pillai, Prashant, Hu, Yim Fun 18 March 2015 (has links) Yes / A new generation of satellite systems that support regenerative on-board processors (OBPs) and multiple spot beam technology have opened new and efficient possibilities of implementing IP multicast communication over satellites. These new features have widened the scope of satellite-based applications and also enable satellite operators to efficiently utilize their allocated bandwidth resources. This makes it possible to provide cost effective satellite network services. IP multicast is a network layer protocol designed for group communication to save bandwidth resources and reduce processing overhead on the source side. The inherent broadcast nature of satellites, their global coverage (air, land, and sea), and direct access to a large number of subscribers imply satellites have unrivalled advantages in supporting IP multicast applications. IP mobility support in general and IP mobile multicast support in particular on mobile satellite terminals like the ones mounted on long haul flights, maritime vessels, continental trains, etc., still remain big challenges that have received very little attention from the research community. This paper proposes how Proxy Mobile IPv6 (PMIPv6)-based IP multicast mobility support defined for terrestrial networks can be adopted and used to support IP mobile multicast in future satellite networks, taking cognizance of the trend in the evolution of satellite communications.
882	Beware of IPs in Sheep's Clothing: Measurement and Disclosure of IP Spoofing Vulnerabilities Hilton, Alden Douglas 25 October 2021 (has links) Networks not employing destination-side source address validation (DSAV) expose themselves to a class of pernicious attacks which could be prevented by filtering inbound traffic purporting to originate from within the network. In this work, we survey the pervasiveness of networks vulnerable to infiltration using spoofed addresses internal to the network. We issue recursive Domain Name System (DNS) queries to a large set of known DNS servers world-wide using various spoofed-source addresses. In late 2019, we found that 49% of the autonomous systems we tested lacked DSAV. After a large-scale notification campaign run in late 2020, we repeated our measurements in early 2021 and found that 44% of ASes lacked DSAV--though importantly, as this is an observational study, we cannot conclude causality. As case studies illustrating the dangers of a lack of DSAV, we measure susceptibility of DNS resolvers to cache poisoning attacks and the NXNS attack, two attacks whose attack surface is significantly reduced when DSAV in place. We discover 309K resolvers vulnerable to the NXNS attack and 4K resolvers vulnerable to cache poisoning attacks, 70% and 59% of which would have been protected had DSAV been in place. IP Spoofing DNS Security Large-scale Vulnerability Disclosure Network Measurement Computer Sciences Physical Sciences and Mathematics
883	PUMA and the innate immune response during pneumococcal infection in the lung Kennedy, Daniel Edward, II 06 August 2021 (has links) Background: The p53-up-regulated modulator of apoptosis (PUMA) protein is a pro-apoptotic, BH3-only member of the BCL2 family of effector proteins responsible for promoting organized cell death. PUMA is required for resolution of pneumococcal pneumonia in mice, as mice deficient of PUMA exhibit greater numbers of S. pneumoniae CFU within tissues and higher mortality rates than observed in Puma+/+ mice. Methods: Puma+/+ and Puma-/- mice were intranasally challenged with TIGR4 pneumococcus and sacrificed 24 h post-infection. Differences in cytokine levels from blood and whole lung tissue were detected by MILLIPLEX MAP Mouse Cytokine/Chemokine Magnetic Bead Panel. Lung transcriptomes from Puma+/+ and Puma-/- mice were prepared from total lung RNA using NEBNext Poly(A) mRNA Magnetic Isolation Module and NEBNext Ultra RNA Library Prep Kit for Illumina. Libraries were read by Illumina NovaSeq and transcript reads were referenced to Mus musculus. Results: Puma-/- mice exhibited significant differences in G-CSF, GM-CSF, IFN-gamma, IL-1-alpha and -beta, -6, -9, -10, -12 (p40 and p70), -13, and -17, IP-10, KC, MCP-1, MIP- iv 1alpha and -beta, MIP-2, RANTES, and TNF-alpha compared to Puma+/+ mice. Puma-/- lungs exhibited higher levels of IL-12, IFN-gamma, and IP-10. Loss of PUMA also resulted in expression of the pro-angiogenic genes Adam19 and Neurexin2. Additionally, Puma+/+ and Puma-/- mice displayed similar levels of colonization, but Puma-/- mice were more susceptible to subsequent dissemination to the lungs and blood. Conclusion: Polymorphonuclear cells (PMNs) were previously demonstrated to be one of the innate cell types responsible for Puma-dependent resolution of pneumococcal pneumonia in mice. Observations reported here suggest that this resolution is propelled by suppressing the inflammatory response via the inhibition of IL-12/IFN-gamma/IP-10 pro-inflammatory axis. Pulmonary tissue transcriptomic analysis also suggests PUMA-dependent positive regulation of homeostatic control of pulmonary vasculature, smooth muscle innervation, and maintenance of the interstitium. Gene ontological analysis further demonstrated Puma's modulatory role in Type I and II IFN signaling. For the first time, we report Puma's regulatory effects on pro-inflammatory cytokine signaling and gene expression during pneumococcal pneumonia. Streptococcus pneumoniae cell death apoptosis PUMA IFN gamma IP-10 neutrophils ER stress
884	Measuring The Adoption and The Effects of RPKI Route Validation and Filtering : Through active control plane and data plane measurements Ricardo Hernández Torres, Sergio January 2022 (has links) The BGP (Border Gateway Protocol) is responsible for establishing routing at the core of the Internet, yet it was not designed with security in mind. The Internet routing protocol is currently not secure — but its security can be enhanced. Initially conceived as a small community of trusted peers, the Internet has grown over time into a robust network of complex processes and securing these has become a priority. Thanks to the research community, the RPKI (Resource Public Key Infrastructure) protocol was designed to provide a layer of security to routing — by securing the origin, i.e., attesting that the source of the routing announcements is authorized to do so. As RPKI route validation has been recently widely adopted by multiple large carrier networks, many research projects have sought to measure the adoption of RPKI. This work aims to measure the adoption and the effects of RPKI route validation and filtering through the use of active experiments. A peering session was first established with one of the largest Tier-1 ISP: Arelion (formerly known as Telia Carrier) to announce and propagate a prefix with RPKI Valid, Invalid, and Unknown records. Then, the visibility of the prefix (in the control plane) and reachability of the prefix (in the data plane) was measured using visibility feeds from public BGP Route Collectors and reachability feeds from RIPE Atlas probes. The obtained results confirmed that some, but not all previously believed major networks, drop RPKI Invalid prefixes, affecting the destination network’s visibility. For networks that could still reach the destination, the data plane probes demonstrated that parameters such as the RTT and the hop count were not generally affected. A small increase in the destination network visibility was observed when comparing RPKI Valid with Unknown routes. All RPKI Valid Invalid and Unknown effects and their behavior are deeply analyzed. Data sets have been made publicly available for other researchers to analyze the data, and ensure the future of a more secure Internet. / BGP (Border Gateway Protocol) används för att sprida routinginformation mellan routrar i de tusentals nätverk som tillsammans bildar Internet, men det utformades inte med säkerhet i åtanke. Protokollet är i grunden inte säkert - men det kan bli det. Det som ursprungligen var en liten grupp sammanlänkade universitetsnätverk växte med tiden till att bli Internet, ett robust globalt nätverk med komplexa processer för utbyte av routinginformation. I ett modernt samhälle där vi kommit till att förlita oss på dess existens och funktion så har det blivit en prioritet att säkra dessa. Tack vare initiativ tagna i forsknings- och utvecklingsgruppen IETF (Internet Engineering Taskforce) utformades RPKI (Resource Public Key Infrastructure) för att tillhandahålla ett säkerhetslager för routing – genom att säkra ursprunget till routinginformation. Eftersom RPKI-validering nyligen har anammats av flera stora operatörsnätverk, har många forskningsprojekt försökt mäta användningen av RPKI. Detta arbete syftar till att mäta användningen och effekterna av RPKI-validering och filtrering genom användning av aktiva experiment. En BGP peering-session etablerades först med en av de större Tier-1 ISP: Arelion (tidigare känd som Telia Carrier) för att originera och sprida ett IP prefix med RPKI Valid, Invalid och Unknown poster. Sedan mättes prefixets synlighet (i kontrollplanet) och prefixets nåbarhet (i dataplanet) med hjälp av synlighetsflöden från offentliga BGP Route Collectors och nåbarhetsflöden från RIPE Atlas-prober. De erhållna resultaten bekräftade att vissa, men inte alla, stora nätverk blockerar RPKI Invalid prefix, vilket påverkar dess synlighet och nåbarhet. För nätverk som fortfarande kunde nå destinationen visade dataplanssonderna att parametrar som RTT och hoppantal inte påverkades generellt. En liten ökning av destinationsnätverkets synlighet observerades vid jämförelse av RPKI Valid med Unknown rötter. Alla RPKI Valid Invalid och Unknown effekter och deras beteende analyseras djupt. Datauppsättningar har gjorts offentligt tillgängliga för andra forskare för att analysera data och säkerställa framtiden för ett säkrare Internet. BGP IP Routing RPKI Tier-1 ISP Computer and Information Sciences Data- och informationsvetenskap
885	Compliance Regulatory and Security Challenges in Cloud & IP Telephony -A comparison study between India and Sweden / Compliance Regulatory and Security Challenges in Cloud & IP Telephony -A comparison study between India and Sweden Manayathil Chackochan, Thomas, Gonsalvez, Ronit January 2023 (has links) Cloud computing has evolved from cutting-edge technology to a best practice for businesses across industries. However, compliance with regulatory mandates and addressing security challenges in the cloud environment remain significant concerns. This thesis aims to explore the compliance, regulatory, and security challenges associated with cloud computing, with a particular focus on the differences in regulatory frameworks between an Asian country (India) and a European country (Sweden). Additionally, the study delves into the forensic investigation challenges in terms of evidence collection in the cloud environment. The research methodology involves studying the available literature on regulatory rules and cloud forensics, conducting surveys with cloud customers, experts, and cloud service provider (CSP) professionals, and proposing possible solutions and recommendations to overcome the identified challenges. By addressing these issues, this research contributes to a comprehensive understanding of the impacts of compliance regulations on cloud and IP Telephony services and the security and forensic investigation challenges in cloud platforms. cloud computing regulatory frameworks IP telephony forensic investigation compliance regulations Computer Systems Datorsystem
886	Utveckling av en starkt autentiserad WebRTC-prototyp / Development of a strongly authenticated WebRTC-Prototype Pettersson, Isak, Ros, Filip January 2017 (has links) Denna forskning utförs hos Tieto som hanterar IT-systemet Lifecare åt hälso- och sjukvården i ett antal regioner och län. Vårt arbete omfattar att utveckla en prototyp av en webbaserad realtidskommunikationslösning med en implementerad stark autentisering. Prototypen utvecklas för att underlätta arbetet kring en samordnad individuell planering (SIP) genom möjligheten att kunna genomföra möten på distans. Eftersom hälso- och sjukvården hanterar en stor mängd känslig information är stark autentisering ett krav på lösningen. Ett annat viktigt krav på lösningen är att den blir plattformsoberoende. I utvecklingsarbetet användes därför WebRTC som utvecklingsteknik då detta ramverk är anpassat till webbaserade realtidskommunikationslösningar vilket ger möjlighet till en stark autentisering. Ramverket WebRTC gör prototypen plattformsoberoende, då kommunikationen sker direkt över webbläsaren utan att något program är installerat. Resultatet av arbetet blev en fungerande prototyp av en WebRTC som vi skapat. Prototypen skapades utifrån teorier kring autentisering, designprinciper och WebRTC. Även data från de sammanställda intervjuerna med anställda inom sjukvården samt fallet vi tilldelats hos Tieto ligger till grund för prototypen. / This bachelor thesis is carried out at Tieto, which manages the Lifecare IT system used in healthcare in a number of counties and regions. Our work involves developing a prototype of a web-based real-time communication solution with an implemented strong authentication. The prototype is developed to facilitate the work on a coordinated individual plan (SIP) through the ability to conduct remote meetings. Because healthcare handles a large amount of sensitive information, strong authentication is a requirement for the solution. Another important requirement for the solution is that it becomes platform-independent. Therefore, in our development work, WebRTC was used as development technology, as this framework is adapted to web-based real-time communication solutions, enabling strong authentication. The WebRTC framework makes the prototype platform-independent, as communication occurs directly over the browser without the need for installed applications. The result of the work becomes a working prototype of a WebRTC that we create. The prototype is created based on theories about authentication, design principles and WebRTC. Data from the combined interviews with healthcare professionals and the case we were assigned at Tieto has also been vital for the prototype. WebRTC Peer-to-Peer Webbdesign TCP/IP Action Design Research Information Systems
887	Securing SDN Data Plane:Investigating the effects of IP SpoofingAttacks on SDN Switches and its Mitigation : Simulation of IP spoofing using Mininet JABBU, SHIVAKUMAR YADAV, MADIRAJU, ANIRUDH SAI January 2023 (has links) Background:Software-Defined Networking (SDN) represents a network architecture that offers a separate control and data layer, facilitating its rapid deployment and utilization for diverse purposes. However, despite its ease of implementation, SDN is susceptible to numerous security attacks, primarily stemming from its centralized nature. Among these threats, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks pose the most substantial risks. In the event of a successful attack on the SDNcontroller, the entire network may suffer significant disruption. Hence, safe guarding the controller becomes crucial to ensure the integrity and availability of the SDN network. Objectives:This thesis focuses on examining the IP spoofing attack and its impact on the Data Plane, particularly concerning the metrics of an SDN switch. The investigation centers around attacks that manipulate flow-rules to amplify the number of rules and deplete the resources of a switch within the Data Plane of an SDN network. To conduct the study, a software-defined network architecture was constructed using Mininet, with a Ryu controller employed for managing network operations. Various experiments were carried out to observe the response of the SDN system when subjected to an IP spoofing attack, aiming to identify potential mitigation strategies against such threats. Method and Results: To simulate the resource exhaustion scenario on the SDN network’s Data Plane,we deliberately triggered an escalation in the number of flow-rules installed in the switch. This was achieved by sending packets with spoofed IP addresses, there by exploiting the switch’s limited resources. Specifically, we focused on monitoring the impact on CPU utilization, storage memory, latency, and throughput within the switch. Detailed findings were presented in the form of tables, accompanied by graphical representations to visually illustrate the effects of increasing flow rules on the switches. Furthermore, we explored potential mitigation measures by developing an application that actively monitors the flow rules on the Ryu controller, aiming to detect and counteract such resource-exhausting effects. Software Defined Networking IP Spoofing Flooding DDoS Attacks Data Plane Mininet Telecommunications Telekommunikation
888	A Prevention Technique for DDoS Attacks in SDN using Ryu Controller Application Adabala, Yashwanth Venkata Sai Kumar, Devanaboina, Lakshmi Venkata Raghava Sudheer January 2024 (has links) Software Defined Networking (SDN) modernizes network control, offering streamlined management. However, its centralized structure makes it more vulnerable to distributed Denial of Service (DDoS) attacks, posing serious threats to network stability. This thesis explores the development of a DDoS attack prevention technique in SDN environments using the Ryu controller application. The research aims to address the vulnerabilities in SDN, particularly focusing on flooding and Internet Protocol (IP) spoofing attacks, which are a significant threat to network security. The study employs an experimental approach, utilizing tools like Mininet-VM (VirtualMachine), Oracle VM VirtualBox, and hping3 to simulate a virtual SDN environment and conduct DDoS attack scenarios. Key methodologies include packet sniffing and rule-based detection by integrating Snort IDS (Intrusion Detection System), which is critical for identifying and mitigating such attacks. The experiments demonstrate the effectiveness of the proposed prevention technique, highlighting the importance of proper configuration and integration of network security tools in SDN. This work contributes to enhancing the resilience of SDN architectures against DDoS attacks, offering insights into future developments in network security. Software Defined Networking SDN IP Spoofing Flooding DDoS Attacks Mininet Snort IDS Network Security Telecommunications Telekommunikation
889	Generic and Scalable Security Schemes for Ad Hoc Networks Bhargava, Sonali January 2002 (has links) No description available. Computer Science Ad Hoc Networks security AODV IP sec wireless networks
890	Data Transfer System for Host Computer and FPGA Communication Barnard, Michael T. January 2015 (has links) No description available. Electrical Engineering Data Transfer FPGA Board NIOS II Processor Sockets Ethernet TCP IP

Search results