期刊文献+
共找到6篇文章
< 1 >
每页显示 20 50 100
Analysis and Application of Covert Channels of Internet Control Message Protocol
1
作者 ZHOU Xueguang ZHANG Huanguo 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1857-1861,共5页
Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert cha... Based on the analysis of the covert channel's working mechanism of the internet control message protocol (ICMP) in internet protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), the ICMP covert channd's algorithms of the IPv4 and IPv6 are presented, which enable automatic channeling upon IPv4/v6 nodes with non-IPv4-compatible address, and the key transmission is achieved by using this channel in the embedded Internet terminal. The result shows that the covert channel's algorithm, which we implemented if, set correct, the messages of this covert channel might go through the gateway and enter the local area network. 展开更多
关键词 internet control message protocol (ICMP) covert channel embedded Internet terminal (EIT) algorithm information security
下载PDF
ICMPTend: Internet Control Message Protocol Covert Tunnel Attack Intent Detector
2
作者 Tengfei Tu Wei Yin +4 位作者 Hua Zhang Xingyu Zeng Xiaoxiang Deng Yuchen Zhou Xu Liu 《Computers, Materials & Continua》 SCIE EI 2022年第5期2315-2331,共17页
The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not eas... The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP. 展开更多
关键词 Internet control message protocol support vector machine covert tunnel network analysis
下载PDF
On Generality of the Data Plane and Scalability of the Control Plane in Software-Defined Networking 被引量:2
3
作者 ZUO Qingyun CHEN Ming DING Ke XU Bo 《China Communications》 SCIE CSCD 2014年第2期55-64,共10页
The control and data planes are decoupled in software-defined networking(SDN),which enables both planes to evolve independently,and brings about many advantages such as high flexibility,programmability,and rapid imple... The control and data planes are decoupled in software-defined networking(SDN),which enables both planes to evolve independently,and brings about many advantages such as high flexibility,programmability,and rapid implementation of new network protocols.However,in order to improve the scalability of the control plane at present,some control functionalities are added to the data plane,which is probably to impact on the generality of the data plane.The key challenge of adding control functionalities to the data plane is to strike a careful balance between the generality of the data plane and the scalability of the control plane.We propose some basic principles that both control and data planes should comply with,based on the evolutionary trend of SDN.Moreover,we take two approaches for reference according to the principles,viewed from the control messages in OpenFlow-based SDN.Our evaluations demonstrate that the approaches can maintain the generality of the data plane and improve the scalability of the control plane. 展开更多
关键词 OpenFlow SDN architecture control functionalities control message
下载PDF
The History, Trend, Types, and Mitigation of Distributed Denial of Service Attacks
4
作者 Richard Kabanda Bertrand Byera +1 位作者 Henrietta Emeka Khaja Taiyab Mohiuddin 《Journal of Information Security》 2023年第4期464-471,共8页
Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global infor... Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat. 展开更多
关键词 DDoS (Distributed Denial of Service Attacks) and DoS (Denial of Service Attacks) DAC (DDoS Attack Coefficient) Flood SIEM (Security Information and Event Management) CISA (Cybersecurity and Infrastructure Security Agency) NIST (National Institute of Standards and Technology) XDR (Extended Detection and Response) ACK-SYN (Synchronize Acknowledge Packet) ICMP (Internet control message Protocol) Cyberwarfare
下载PDF
Development and Verification of Simulation Model Based on Real MANET Experiments for Transport Layer Protocols (UDP and TCP) 被引量:2
5
作者 Joarder Mohammad Mustafa Kamal Mohammad Shahidul Hasan +1 位作者 Alison L. Griffiths Hongnian Yu 《International Journal of Automation and computing》 EI CSCD 2013年第1期53-63,共11页
There is a lack of appropriate guidelines for realistic user traces, mobility models, routing protocols, considerations of real-life challenges, etc. for general-purpose mobile ad hoc networks (MANET). In this paper... There is a lack of appropriate guidelines for realistic user traces, mobility models, routing protocols, considerations of real-life challenges, etc. for general-purpose mobile ad hoc networks (MANET). In this paper, four laptops are used in an open field environment in four scenarios to evaluate the performances of Internet control message protocol (ICMP) based ping and transmission control protocol (TCP) based streaming video applications using optimised link state routing (OLSR) implementation in an IEEE 802.11g wireless network. Corresponding simulations are developed in Network Simulator ns-2 by setting simulation parameters according to the real experiments. Difficulties faced to regenerate real-life scenarios have been discussed and the gaps between reality and simulation are identified. A setup guideline to produce realistic simulation results has been established. 展开更多
关键词 Mobile ad-hoc networks (MANET) real-life experiment Internet control message protocol (ICMP) user datagram protocol (UDP) transmission control protocol (TCP) optimised link state routing (OLSR) NS-2
原文传递
Dawning-1000 PROOS Distributed Operating System
6
作者 孙凝晖 刘文卓 +3 位作者 刘宏 王川宝 陆雪琳 张浩 《Journal of Computer Science & Technology》 SCIE EI CSCD 1997年第2期160-166,共7页
PROOS is a distributed operating system running on the computing nodes of massively parallel processing computer Dawning-1000. It is an efficient and easily extendible micro kernel operating system. It supports the in... PROOS is a distributed operating system running on the computing nodes of massively parallel processing computer Dawning-1000. It is an efficient and easily extendible micro kernel operating system. It supports the intel NX message passing interface for communication. 展开更多
关键词 Dawning-1000 distributed operating system message passing flow control
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部