Global ETD Search

11	Nasazení DNSSEC na klientské straně / Client side DNSSEC deployment Nekuža, Karel January 2018 (has links) Diplomová práce se zabývá problémem přístupu koncového uživatele k odpovědím ověřeným pomocí protokolu DNSSEC. Práce posuzuje možnosti nasazení a nastavování resolveru za účelem zlepšení bezpečnosti pro koncové uživatele. V práci je navrhnuto řešení problému pro operační systém Fedora Workstation. Navrhnuté řešení je realizováno a porovnáno s již existujícím řesením.
12	Attacking and securing Network Time Protocol Malhotra, Aanchal 14 February 2020 (has links) Network Time Protocol (NTP) is used to synchronize time between computer systems communicating over unreliable, variable-latency, and untrusted network paths. Time is critical for many applications; in particular it is heavily utilized by cryptographic protocols. Despite its importance, the community still lacks visibility into the robustness of the NTP ecosystem itself, the integrity of the timing information transmitted by NTP, and the impact that any error in NTP might have upon the security of other protocols that rely on timing information. In this thesis, we seek to accomplish the following broad goals: 1. Demonstrate that the current design presents a security risk, by showing that network attackers can exploit NTP and then use it to attack other core Internet protocols that rely on time. 2. Improve NTP to make it more robust, and rigorously analyze the security of the improved protocol. 3. Establish formal and precise security requirements that should be satisfied by a network time-synchronization protocol, and prove that these are sufficient for the security of other protocols that rely on time. We take the following approach to achieve our goals incrementally. 1. We begin by (a) scrutinizing NTP's core protocol (RFC 5905) and (b) statically analyzing code of its reference implementation to identify vulnerabilities in protocol design, ambiguities in specifications, and flaws in reference implementations. We then leverage these observations to show several off- and on-path denial-of-service and time-shifting attacks on NTP clients. We then show cache-flushing and cache-sticking attacks on DNS(SEC) that leverage NTP. We quantify the attack surface using Internet measurements, and suggest simple countermeasures that can improve the security of NTP and DNS(SEC). 2. Next we move beyond identifying attacks and leverage ideas from Universal Composability (UC) security framework to develop a cryptographic model for attacks on NTP's datagram protocol. We use this model to prove the security of a new backwards-compatible protocol that correctly synchronizes time in the face of both off- and on-path network attackers. 3. Next, we propose general security notions for network time-synchronization protocols within the UC framework and formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols (including but not limited to NTP), and how they can be used to assert security of time-reliant applications-specifically, cryptographic certificates with revocation and expiration times. Our security framework allows for a clear and modular treatment of the use of time in security-sensitive systems. Our work makes the core NTP protocol and its implementations more robust and secure, thus improving the security of applications and protocols that rely on time. Computer science Cryptography Domain name system (DNS) Network attacks Network protocols Network Time Protocol Security
13	The DNS Bake Sale: Advertising DNS Cookie Support for DDoS Protection Davis, Jacob 02 April 2021 (has links) The Domain Name System (DNS) has been frequently abused for Distributed Denial of Service (DDoS) attacks and cache poisoning because it relies on the User Datagram Protocol (UDP). Since UDP is connection-less, it is trivial for an attacker to spoof the source of a DNS query or response. DNS Cookies, a protocol standardized in 2016, add pseudo-random values to DNS packets to provide identity management and prevent spoofing attacks. This work finds that 30% of popular authoritative servers and open recursive resolvers fully support cookies and that 10% of recursive clients send cookies. Despite this, DNS cookie use is rarely enforced as it is non-trivial to ascertain whether a given client intends to fully support cookies. We also show that 80% of clients and 99% of servers do not change their behavior when encountering a missing or illegitimate cookie. This paper presents a new protocol to allow cookie enforcement: DNS Protocol Advertisement Records (DPAR). Advertisement records allow DNS clients intending to use cookies to post a public record in the reverse DNS zone stating their intent. DNS servers may then lookup this record and require a client to use cookies as directed, in turn preventing an attacker from sending spoofed messages without a cookie. In this paper, we define the specification for DNS Protocol Advertisement Records, considerations that were made, and comparisons to alternative approaches. We additionally estimate the effectiveness of advertisements in preventing DDoS attacks and the expected burden to DNS servers. Advertisement records are designed as the next step to strengthen the existing support of DNS Cookies by enabling strict enforcement of client cookies. Domain Name System DNS Cookies Internet Measurement Cybersecurity Internet Protocols Physical Sciences and Mathematics
14	An Anomaly Behavior Analysis Methodology for Network Centric Systems Alipour, Hamid Reza January 2013 (has links) Information systems and their services (referred to as cyberspace) are ubiquitous and touch all aspects of our life. With the exponential growth in cyberspace activities, the number and complexity of cyber-attacks have increased significantly due to an increase in the number of applications with vulnerabilities and the number of attackers. Consequently, it becomes extremely critical to develop efficient network Intrusion Detection Systems (IDS) that can mitigate and protect cyberspace resources and services against cyber-attacks. On the other hand, since each network system and application has its own specification as defined in its protocol, it is hard to develop a single IDS which works properly for all network protocols. The keener approach is to design customized detection engines for each protocol and then aggregate the reports from these engines to define the final security state of the system. In this dissertation, we developed a general methodology based on data mining, statistical analysis and protocol semantics to perform anomaly behavior analysis and detection for network-centric systems and their protocols. In our approach, we develop runtime models of protocol's state transitions during a time interval ΔΤ. We consider any n consecutive messages in a session during the time interval ΔΤ as an n-transition pattern called n-gram. By applying statistical analysis over these n-gram patterns we can accurately model the normal behavior of any protocol. Then we use the amount of the deviation from this normal model to quantify the anomaly score of the protocol activities. If this anomaly score is higher than a well-defined threshold the system marks that activity as a malicious activity. To validate our methodology, we have applied it to two different protocols: DNS (Domain Name System) at the application layer and the IEEE 802.11(WiFi) at the data link layer, where we have achieved good detection results (>95%) with low detection errors (<0.1%). Computer Networks Domain Name System IEEE 802.11 Intrusion Detection Systems Security Electrical & Computer Engineering Anomaly Detection
15	Das Domain-Name-System : eine kritische Bestandsaufnahme aus kartellrechtlicher Sicht / Eckhard, Rolf Andreas. January 2001 (has links) (PDF) Univ., Diss.--Münster (Westfalen), 2001. / Literaturverz. S. 230 - 241.
16	Architectural Support for Implementing Service Function Chains in the Internet Silvestro, Alessio 25 June 2018 (has links) No description available. 510 Network Function Chain Network Function Domain Name System Service Function Chain NF SFC DNS Informatik (PPN619939052)
17	Spårning av inkommande trafik till anycastnoder / Tracking incoming traffic to anycast nodes Petersson, Alexander January 2022 (has links) Att en hemsida tar extra lång tid att ladda är inte ovanligt och kan bero på att trafiken från en klient tar en helt annan väg till hemsidans server än den som är geografiskt närmast. Orsaken bakom problemet är att DNS-förfrågningarna färdas onödigt långa sträckor. NetNod är ett företag som tillhandahåller dessa internettjänster, bland annat rotservrar runt om i världen. De vill ta reda på varför trafik från olika klienter inte alltid går den geografiskt närmaste vägen till deras anycastnoder Problemställningen för examensarbetet är att analysera varifrån trafik till företagets anycastnod i Miami kommer. Realiseringen av detta gjordes genom att utveckla en programkod som markerade geografisk placering av olika klienter utifrån deras IP-adress. Förinspelade trafikdata från NetNod analyserades. Detta gjordes för att visa på vilka problem som observeras i peering och anycastrouting mellan internetprotokoll. Resultatet redovisades med en karta med markeringar av de IP-adresser där deras trafik analyserades för att se hur det transporterades till anycastnoden. Utifrån detta har resultatet visat på vilka avvikelser och mönster som uppstått inom BGP-routing när trafiken färdas till anycastnoden. De avvikelser som hittats är hur olika routingregler manipulerat trafikens transport till anycastnoden och gör att trafiken från klienterna inte tar den geografiskt närmaste vägen till anycastnoden. / The fact that a website takes an unusually long time to load is not uncommon. This can be due to a client taking a different path to the websites server than one that is geographically closer. One reason behind this problem is that DNS-queries travel unnecessarily long distances. NetNod is a company that provides internet services and maintains one of the few root-servers around the world. The company wants to know why traffic from different clients do not always go via the geographically closest route to anycast nodes. The objective of the thesis is to analyze where traffic to NetNods anycast node in Miami geographically originates from. In order to do this, a computer program was developed in which plots the geographical location of different clients from their IP-address. Pre-recorded data from the company was used as a data source for the program. This was done to show different challenges in peering and anycast routing between internet protocols. The result is presented via a map with plots of where the IP-addresses are geographically coming from to the anycast node in Miami, it was generated by the developed program. The generated map showed anomalies and patterns of how the traffic is transported in large junctions as well as how routing rules are applied, this is one reason to why the traffic does not always go the geographically closest route. Domain Name System Border Gateway Protocol GeoIP Anycast routing Domännamnssystem Border Gateway Protocol GeoIP anycastrouting Computer Systems Datorsystem
18	Indexing Geographic Information Using the Domain Name System Fontanella, Shaun 05 October 2012 (has links) No description available. Geographic Information Science Geography Information Science Information Systems Information Technology DNS Geographic Information Domain Name System GDNS
19	La régulation du conflit impliquant le nom de domaine : articulation des sources / The regulation of domain name disputes : articulation of sources Fau, Jean 30 September 2015 (has links) Les noms de domaine sont des objets polymorphes, à la fois techniques et sémantiques. La question de leur régulation, avec l’essor du Domain Name System, est rapidement devenue un défi de taille pour le législateur. Face à une certaine défaillance du droit étatique s’est développé un véritable corpus supplétif de source privée. C’est notamment le cas des procédures extrajudiciaires de résolution des conflits mises en places par l’ICANN. Ces différents mécanismes de nature transnationale forment un ensemble cohérent, en constante évolution, que l’on peut qualifier de véritable lex domainia. Ce concept implique cependant une vision nécessairement pluraliste du droit - où cohabitent systèmes publics, privés et hybrides -, qui invite le juriste à repenser la théorie des sources. Cette thèse contribue à la compréhension de la nature et de l’articulation de ces différentes sphères normatives. Celles-ci ne doivent pas être considérées comme des espaces clos et hermétiques ; il existe entre eux des perméabilités qui dessinent un dispositif de régulation transnational aux sources plurielles. Il s’agit, selon l’auteur, d’une parfaite illustration de la théorie du réseau. / Domain names are polymorphic objects, whose nature is both technical and semantic. The question of their regulation has quickly become, with the rapid growth of the Domain Name System, a major challenge for the lawmaker. A certain default of state law favored the development of what one might call a private supplementary corpus. This is notably the case for extrajudicial domain name dispute resolution mechanisms promoted by the ICANN. These various transnational mechanisms form a coherent whole, in constant evolution, which can be described as a real lex domainia. This concept, however, necessarily implies a pluralistic conception of law - where public, private and hybrid systems cohabit -, which invites legal theorists to rethink the sources theory. This thesis contributes to the understanding of the nature and the articulation of these various normative spheres. These should not be regarded as closed and hermetic spaces ; permeabilities exist between them, that draw a transnational regulation pattern with plural sources. This is, according to the author, a perfect illustration of the mesh theory. Noms de Domaine Régulation Résolution des Litiges Sources du Droit Droits de Propriété Intellectuelle Domain names Domain Name System Regulation Dispute Resolution Sources of Law Intellectual Property Rights
20	Data-Driven Network-Centric Threat Assessment Kim, Dae Wook 19 May 2017 (has links) No description available. Computer Science network security fake anti-virus software intrusion detection web document analysis statistical classification Domain Name System behavioral fingerprints privacy online social networks virtual currency malicious accounts

Search results