Results 181-200 of 203.
Bookmark and Share    
Full Text
Peer Reviewed
See detailImproving Performance and Anonymity in the Tor Network
Panchenko, Andriy UL; Lanze, Fabian UL; Engel, Thomas UL

in Abstract book of 31st IEEE International Performance Computing and Communications Conference (IEEE IPCCC 2012) (2012)

Detailed reference viewed: 207 (13 UL)
Full Text
Peer Reviewed
See detailDetecting Stealthy Backdoors with Association Rule Mining
Hommes, Stefan UL; State, Radu UL; Engel, Thomas UL

in IFIP Networking 2012 (2012)

In this paper we describe a practical approach for detecting a class of backdoor communication channel that relies on port knocking in order to activate a backdoor on a remote compromised system ... [more ▼]

In this paper we describe a practical approach for detecting a class of backdoor communication channel that relies on port knocking in order to activate a backdoor on a remote compromised system. Detecting such activation sequences is extremely challenging because of varying port sequences and easily modifiable port values. Simple signature-based ap- proaches are not appropriate, whilst more advanced statistics-based test- ing will not work because of missing and incomplete data. We leverage techniques derived from the data mining community designed to detect se- quences of rare events. Simply stated, a sequence of rare events is the joint occurrence of several events, each of which is rare. We show that search- ing for port knocking sequences can be reduced to a problem of finding rare associations. We have implemented a prototype and show some ex- perimental results on its performance and underlying functioning. [less ▲]

Detailed reference viewed: 229 (7 UL)
Full Text
Peer Reviewed
See detailInstant Degradation of Anonymity in Low-Latency Anonymisation Systems
Ries, Thorsten UL; State, Radu UL; Engel, Thomas UL

in Sadre, Ramin; Novotny, Jiri; Celeda, Pavel (Eds.) et al Dependable Networks and Services, LNCS 7279 (2012)

Detailed reference viewed: 188 (5 UL)
Full Text
Peer Reviewed
See detailImproving Highway Traffic through Partial Velocity Synchronization
Forster, Markus UL; Frank, Raphaël UL; Gerla, Mario et al

in Proceedings of the IEEE Global Communications Conference 2012 (2012)

In this paper we address the problem of uncoor- dinated highway traffic. We first identify the main causes of the capacity drop, namely high traffic demand and inadequate driver reaction. In the past ... [more ▼]

In this paper we address the problem of uncoor- dinated highway traffic. We first identify the main causes of the capacity drop, namely high traffic demand and inadequate driver reaction. In the past, traffic and user behavior have been accurately described by cellular automata (CA) models. In this paper we extend the CA model to deal with highway traffic fluctuations and jams. Specifically, the model incorporates the communication layer between vehicles. The model thus enables us to study the impact of inter-vehicular communications and in particular the delivery of critical and timely upstream traffic information on driver reaction. Based on the newly-available traffic metrics, we propose an Advanced Driver Assistance System (ADAS) that suggests non-intuitive speed reduction in order to avoid the formation of so-called phantom jams. The results show that using such a system considerably increases the overall traffic flow, reduces travel time and avoids unnecessary slow-downs. [less ▲]

Detailed reference viewed: 185 (7 UL)
Full Text
See detailA Survey on the Performance of Commercial Mobile Access Networks
Frank, Raphaël UL; Forster, Markus UL; Mario, Gerla et al

Report (2012)

Detailed reference viewed: 123 (7 UL)
Full Text
Peer Reviewed
See detailComparison of Low-Latency Anonymous Communication Systems - Practical Usage and Performance
Ries, Thorsten UL; Panchenko, Andriy UL; State, Radu UL et al

in Ninth Australasian Information Security Conference (2011)

The most popular system for providing practical low-latency anonymity on the Internet is Tor. However, many other tools besides Tor exist as both free and commercial solutions. In this paper, we consider ... [more ▼]

The most popular system for providing practical low-latency anonymity on the Internet is Tor. However, many other tools besides Tor exist as both free and commercial solutions. In this paper, we consider five most popular low-latency anonymisation services that represent the current state of the art: single-hop proxies (Perfect Privacy and free proxies) and Onion Routing based solutions (Tor, I2P, and Jon-Donym). We assess their usability and rank them in regard to their anonymity. We also assess their efficiency and reliability. To this end, we define a set of metrics and present extensive measurements based on round-trip time, inter-packet delay variation and throughput. Apart from the technical realization, economic aspects are also crucial for anonymous communication systems. In order to attract more users, which is mandatory in order to improve anonymity per se, systems need to exhibit a certain payoff. We therefore define an economic model that takes all relevant aspects into consideration. In this paper, we describe the results obtained, lessons learned, and provide guidance for selecting the most appropriate system with respect to a set of requirements. [less ▲]

Detailed reference viewed: 604 (4 UL)
Full Text
Peer Reviewed
See detailDetection of Abnormal Behaviour in a Surveillance Environment Using Control Charts
Hommes, Stefan UL; State, Radu UL; Zinnen, Andreas UL et al

in 8th IEEE International Conference on Advanced Video and Signal-Based Surveillance, 2011 (2011)

This paper introduces a new approach to unsupervised detection of abnormal sequences of images in video surveillance data. We leverage an online object detection method and statistical process control ... [more ▼]

This paper introduces a new approach to unsupervised detection of abnormal sequences of images in video surveillance data. We leverage an online object detection method and statistical process control techniques in order to identify suspicious sequences of events. Our method assumes a training phase in which the spatial distribution of objects is learned, followed by a chart-based tracking process. We evaluate the performance of our method on a standard dataset and have implemented a publicly available opensource prototype. [less ▲]

Detailed reference viewed: 186 (5 UL)
Full Text
Peer Reviewed
See detailMeasuring anonymity using network coordinate systems
Ries, Thorsten UL; State, Radu UL; Engel, Thomas UL

in International Symposium on Communications and Information Technologies (ISCIT), 2011 (2011)

Popularity and awareness of anonymisation systems increased tremendously over the past years, however only a very few systems made it from research to production. These systems usually add intermediate ... [more ▼]

Popularity and awareness of anonymisation systems increased tremendously over the past years, however only a very few systems made it from research to production. These systems usually add intermediate nodes in the communication path aiming to hide user identities. Several attacks against these systems exist, like timing attacks or exploitation of latency information. In this paper, we propose an alternative approach to disclose users of current popular anonymisation systems in practice by the means of virtual network coordinate systems, a widely accepted method for latency prediction and network optimisation. Mapping physical nodes to a n-dimensional space can reveal a geographical proximity that is used to disclose users, who expect to stay anonymous. We define a model that leverages network coordinates in order to measure quantitatively the anonymity services and evaluate it on the Planet-Lab research network. The basic idea is to analyse the relative distance between nodes and to calculate the probability of nodes being hosted in the same location. Evaluation proves that our proposed model can be used as a measure of anonymity. [less ▲]

Detailed reference viewed: 128 (2 UL)
Full Text
Peer Reviewed
See detailVerification of Data Location in Cloud Networking
Ries, Thorsten UL; Fusenig, Volker UL; Vilbois, Christian UL et al

in IEEE/ACM International Conference on Utility and Cloud Computing (2011)

Cloud computing aims to provide services and resources on a pay-as-you-use basis with additional possibilities for efficient adaptation of the required resources to the actual needs. Cloud networking ... [more ▼]

Cloud computing aims to provide services and resources on a pay-as-you-use basis with additional possibilities for efficient adaptation of the required resources to the actual needs. Cloud networking extends this approach by providing more flexibility in the placement, movement, and interconnection of these virtual resources. Depending on the use, customers however require the data to be located under a certain jurisdiction. To ensure this without the need of trusting the cloud operator, we propose a geolocation approach based on network coordinate systems and evaluate the accuracy of three prevalent systems. Even if the cloud operator uses supplemental measures like traffic relaying to hide the resource location, a high probability of location disclosure is achieved by the means of supervised classification algorithms. [less ▲]

Detailed reference viewed: 150 (1 UL)
Full Text
Peer Reviewed
See detailWebsite Fingerprinting in Onion Routing Based Anonymization Networks
Panchenko, Andriy UL; Niessen, Lukas; Zinnen, Andreas UL et al

in 18th ACM Computer and Communications Security (ACM CCS) Workshop on Privacy in the Electronic Society (WPES) (2011)

Detailed reference viewed: 208 (0 UL)
Full Text
Peer Reviewed
See detailLightweight Hidden Services
Panchenko, Andriy UL; Spaniol, Otto; Egners, Andre et al

in 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2011) (2011)

Hidden services (HS) are mechanisms designed to provide network services while preserving anonymity for the identity of the server. Besides protecting the identity of the server, hidden services help to ... [more ▼]

Hidden services (HS) are mechanisms designed to provide network services while preserving anonymity for the identity of the server. Besides protecting the identity of the server, hidden services help to resist censorship, are resistant against distributed DoS attacks, and allow server functionality even if the service provider does not own a public IP address. Currently, only the Tor network offers this feature in full functionality. However, the HS concept in Tor is complex and provides poor performance. According to recent studies, average contact time for a hidden service is 24s which is far beyond what an average user is willing to wait. In this paper we introduce a novel approach for hidden services that achieves similar functionality as HS in Tor but does so in a simple and lightweight way with the goal to improve performance and usability. Additionally, contrary to Tor, in our approach clients are not required to install any specific software for accessing hidden services. This increases usability of our approach. Simplicity makes our approach easier to understand for normal users, eases protocol reviews, and increases chances of having several implementations of the protocol available. Moreover, simpler solutions are easier to analyze and they are naturally less prone to implementation failures rather than complex protocols. In this paper, we describe our approach and provide performance as well as anonymity analysis of resulting properties of the protocol. [less ▲]

Detailed reference viewed: 168 (0 UL)
Full Text
Peer Reviewed
See detailPerformance Bound for Routing in Urban Scenarios
Frank, Raphaël UL; Giordano, Eugenio; Gerla, Mario et al

in Proceedings of the 7th Asian Internet Engineering Conference (AINTEC 2011) (2011)

In this paper we present a novel evaluation methodology for the comparison of ad hoc routing protocols in urban scenarios applied to inter-vehicular communications. We introduce a new route evaluation ... [more ▼]

In this paper we present a novel evaluation methodology for the comparison of ad hoc routing protocols in urban scenarios applied to inter-vehicular communications. We introduce a new route evaluation metric that identifies the goodness of a given route. Through analysis of subsequent mobility snapshots of the network topology, we compute an optimal route between two communicating vehicles. We compare the properties of the obtained route to the most representative routing approaches namely reactive and proactive routing. Based on this evaluation we provide a detailed discussion on the pros and cons of the different schemes when applied to urban scenarios. [less ▲]

Detailed reference viewed: 183 (1 UL)
Full Text
Peer Reviewed
See detailAn Autonomic Testing Framework for IPv6 Configuration Protocols
Becker, Sheila UL; Abdelnur, Humberto J.; State, Radu UL et al

in Lecture Notes in Computer Science 6155 (2010)

Detailed reference viewed: 125 (4 UL)
Full Text
Peer Reviewed
See detailDefensive configuration with game theory
Becker, Sheila UL; State, Radu UL; Engel, Thomas UL

in The 11th IFIP/IEEE International Symposium on Integrated Network Management (2009)

Detailed reference viewed: 110 (1 UL)
Full Text
Peer Reviewed
See detailSecurity and Consistency of IT and Business Models at Credit Suisse realized by Graph Constraints, Transformation and Integration using Algebraic Graph Theory
Brandt, Christoph; Hermann, Frank UL; Engel, Thomas UL

in Proc. Int. Conf. on Exploring Modeling Methods in Systems Analysis and Design 2009 (EMMSAD'09) (2009)

This paper shows typical security and consistency challenges regarding the models of the business and the IT universe of the dynamic service-, process- and rule-based environment at Credit Suisse. It ... [more ▼]

This paper shows typical security and consistency challenges regarding the models of the business and the IT universe of the dynamic service-, process- and rule-based environment at Credit Suisse. It presents a theoretical solution for enterprise engineering that is implementable, and fits smoothly with the daily needs and constraints of the people in the scenario. It further enables decentralized modeling based on cognitive and mathematical or logical concepts. Normative aspects of the models are analyzed by graph constraint checks, while consistency is checked and ensured by model integration and transformation. To cope with theoretical and practical necessities, the presented solution is kept sound and usable as well as extensible and scalable. All techniques are based on one theoretical framework: algebraic graph theory. Therefore, the techniques are compatible with each other. [less ▲]

Detailed reference viewed: 190 (1 UL)
Full Text
Peer Reviewed
See detailModeling and Reconfiguration of critical Business Processes for the purpose of a Business Continuity Management respecting Security Risk and Compliance requirements at Credit Suisse using Algebraic Graph Transformation
Brandt, Christoph; Hermann, Frank UL; Engel, Thomas UL

in Enterprise Distributed Object Computing Conference Workshops, 2009. EDOCW 2009. 13th, Proc. International Workshop on Dynamic and Declarative Business Processes (DDBP 2009) (2009)

Critical business processes can fail. Therefore, continuity processes are needed as backup solutions. At the same time business processes are required to comply with security, risk and compliance ... [more ▼]

Critical business processes can fail. Therefore, continuity processes are needed as backup solutions. At the same time business processes are required to comply with security, risk and compliance requirements. In the context discussed here, they should be modeled in a decentralized local and declarative way, including methodological support by tools. By discussing a simplified loan granting process in the context of a Business Continuity Management System at Credit Suisse, we show how algebraic graph transformation can contribute a methodologically sound solution being compatible with all these requirements in a coherent way. As a consequence significant benefits of automation and quality can be realized. The presented contribution is theoretically sound and implementable by the people in the field. [less ▲]

Detailed reference viewed: 166 (3 UL)
Full Text
Peer Reviewed
See detailUsing Game Theory to configure P2P SIP
Becker, Sheila UL; State, Radu UL; Engel, Thomas UL

in Lecture Notes in Computer Science (2009)

Detailed reference viewed: 151 (5 UL)
Full Text
Peer Reviewed
See detailSlotted Packet Counting Attacks on Anonymity Protocols
Fusenig, Volker UL; Staab, Eugen UL; Sorger, Ulrich UL et al

in The proceedings of the Australasian Information Security Conference (2009)

In this paper we present a slotted packet counting attack against anonymity protocols. Common packet counting attacks make strong assumptions on the setup and can easily lead to wrong conclusions, as we ... [more ▼]

In this paper we present a slotted packet counting attack against anonymity protocols. Common packet counting attacks make strong assumptions on the setup and can easily lead to wrong conclusions, as we will show in our work. To overcome these limitations, we account for the variation of traffic load over time. We use correlation to express the relation between sender and receiver nodes. Our attack is applicable to many anonymity protocols. It assumes a passive attacker and works with partial knowledge of the network traffic. [less ▲]

Detailed reference viewed: 110 (5 UL)
Full Text
Peer Reviewed
See detailInteroperable Networking Applications for Emergency Services
Frank, Raphaël UL; Hourte, Benjamin; Jungels, Dan et al

in International Journal of Multimedia and Ubiquitous Engineering (2009), 4(1), 1122

Detailed reference viewed: 95 (2 UL)
Peer Reviewed
See detailEmergency Group Calls over Interoperable Networks
Frank, Raphaël UL; Scherer, Thomas UL; Engel, Thomas UL

in Proceedings of the 11th IEEE International Conference on Computational Science and Engineering (2008)

Detailed reference viewed: 126 (3 UL)