Microsoft server Operating Systems are considered to have in-built, host based security features that should provide some protection against Distributed Denial of Service (DDoS) attacks. In this paper, we presented re...Microsoft server Operating Systems are considered to have in-built, host based security features that should provide some protection against Distributed Denial of Service (DDoS) attacks. In this paper, we presented results of experiments that were conducted to test the security capability of the latest server Operating System from Microsoft Inc., namely Windows Server 2012 R2. Experiments were designed to evaluate its in-built security features in defending against a common Distributed Denial of Service (DDoS) attack, namely the TCP-SYN based DDoS attack. Surprisingly, it was found that the Windows Server 2012 R2 OS lacked sufficient host-based protection and was found to be unable to defend against even a medium intensity3.1 Gbps-magnitude of TCP-SYN attack traffic. The server was found to crash within minutes after displaying a Blue Screen of Death (BSoD) under such security attacks.展开更多
Software Defined Network(SDN)deals with huge data processing units which possess network management.However,due to centralization behavior ensuring security in SDN is the major concern.In this work to ensure security,...Software Defined Network(SDN)deals with huge data processing units which possess network management.However,due to centralization behavior ensuring security in SDN is the major concern.In this work to ensure security,a security server has been at its aid to check the vulnerability of the networks and to keep an eye on the packet according to the screening policies.A Secure Shell Connection(SSH)is established by the security server which does a frequent inspection of the network’s logs.Malware detection and the Intrusion Detection System policies are also incorporated in the server for the effective scanning of the packets.In response to a suspicious log or the packets in the SDN network there is a change in the security norms.Hence the proposed work updates the security policies in accordance with the attacker mentality.展开更多
The secure socket layer/ transport layer security(SSL/TLS) handshake protocol uses public key cryptographic algorithms such as RSA for key establishment. Typically, public key cryptographic algorithm is computationa...The secure socket layer/ transport layer security(SSL/TLS) handshake protocol uses public key cryptographic algorithms such as RSA for key establishment. Typically, public key cryptographic algorithm is computational intensive due to the modular multiplications. Therefore, SSL/TLS servers often become swamped while performing public key decryptions when the simultaneous requests increase quickly. A batch RSA decryption algorithm was proposed. The novel algorithm provides the reasonable response time and optimizes server performance significantly. The decryption speedup is proportional to the batch size b, for instance, the speedup factor is 4, while in Shacham's scheme the acceleration rate is only 2.5 when b = 4.展开更多
文摘Microsoft server Operating Systems are considered to have in-built, host based security features that should provide some protection against Distributed Denial of Service (DDoS) attacks. In this paper, we presented results of experiments that were conducted to test the security capability of the latest server Operating System from Microsoft Inc., namely Windows Server 2012 R2. Experiments were designed to evaluate its in-built security features in defending against a common Distributed Denial of Service (DDoS) attack, namely the TCP-SYN based DDoS attack. Surprisingly, it was found that the Windows Server 2012 R2 OS lacked sufficient host-based protection and was found to be unable to defend against even a medium intensity3.1 Gbps-magnitude of TCP-SYN attack traffic. The server was found to crash within minutes after displaying a Blue Screen of Death (BSoD) under such security attacks.
文摘Software Defined Network(SDN)deals with huge data processing units which possess network management.However,due to centralization behavior ensuring security in SDN is the major concern.In this work to ensure security,a security server has been at its aid to check the vulnerability of the networks and to keep an eye on the packet according to the screening policies.A Secure Shell Connection(SSH)is established by the security server which does a frequent inspection of the network’s logs.Malware detection and the Intrusion Detection System policies are also incorporated in the server for the effective scanning of the packets.In response to a suspicious log or the packets in the SDN network there is a change in the security norms.Hence the proposed work updates the security policies in accordance with the attacker mentality.
基金The National Natural Science Foundation of China (No. 60273049, 60303026, 60473020)
文摘The secure socket layer/ transport layer security(SSL/TLS) handshake protocol uses public key cryptographic algorithms such as RSA for key establishment. Typically, public key cryptographic algorithm is computational intensive due to the modular multiplications. Therefore, SSL/TLS servers often become swamped while performing public key decryptions when the simultaneous requests increase quickly. A batch RSA decryption algorithm was proposed. The novel algorithm provides the reasonable response time and optimizes server performance significantly. The decryption speedup is proportional to the batch size b, for instance, the speedup factor is 4, while in Shacham's scheme the acceleration rate is only 2.5 when b = 4.