IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much mor...IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much more attentions in these years since more and more physical devices are connected to cyberspace.Most geolocation methods cannot resolve the geolocation accuracy for those devices with few landmarks around.In this paper,we propose a novel geolocation approach that is based on common routers as secondary landmarks(Common Routers-based Geolocation,CRG).We search plenty of common routers by topology discovery among web server landmarks.We use statistical learning to study localized(delay,hop)-distance correlation and locate these common routers.We locate the accurate positions of common routers and convert them as secondary landmarks to help improve the feasibility of our geolocation system in areas that landmarks are sparsely distributed.We manage to improve the geolocation accuracy and decrease the maximum geolocation error compared to one of the state-of-the-art geolocation methods.At the end of this paper,we discuss the reason of the efficiency of our method and our future research.展开更多
IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much mor...IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much more attentions in these years since more and more physical devices are connected to cyberspace.Most geolocation methods cannot resolve the geolocation accuracy for those devices with few landmarks around.In this paper,we propose a novel geolocation approach that is based on common routers as secondary landmarks(Common Routers-based Geolocation,CRG).We search plenty of common routers by topology discovery among web server landmarks.We use statistical learning to study localized(delay,hop)-distance correlation and locate these common routers.We locate the accurate positions of common routers and convert them as secondary landmarks to help improve the feasibility of our geolocation system in areas that landmarks are sparsely distributed.We manage to improve the geolocation accuracy and decrease the maximum geolocation error compared to one of the state-of-the-art geolocation methods.At the end of this paper,we discuss the reason of the efficiency of our method and our future research.展开更多
Software-Defined Network(SDN)represents a new network paradigm.Unlike conventional networks,SDNs separate control planes and data planes.The function of a data plane is enabled using switches,whereas that of a control...Software-Defined Network(SDN)represents a new network paradigm.Unlike conventional networks,SDNs separate control planes and data planes.The function of a data plane is enabled using switches,whereas that of a control plane is facilitated by a controller.The controller learns network topologies and makes traffic forwarding decisions.However,some serious vulnerabilities are gradually exposed in the topology management services of current SDN controller designs.These vulnerabilities mainly exist in host tracking and link discovery services.Attackers can exploit these weak points to poison the network topology information in SDN controllers.In this study,a novel solution is proposed to defend against topology poisoning attacks.By analyzing the existing topology attack principles and threat models,this work constructs legal conditions for host migration to detect host hijacking attacks.The checking of the Link Layer Discovery Protocol(LLDP)source and integrity is designed to defend against link fabrication attacks.A relay-type link fabrication attack detection method based on entropy is also designed.Results show that the proposed solution can effectively detect existing topological attacks and provide complete and comprehensive topological security protection.展开更多
Resilient Packet Ring (RPR), or the Standard IEEE 802.17, is a new IP-based network technology proposed to replace SONET/SDH in metropolitan area networks. RPR is well-adapted to handle multimedia traffic and is eff...Resilient Packet Ring (RPR), or the Standard IEEE 802.17, is a new IP-based network technology proposed to replace SONET/SDH in metropolitan area networks. RPR is well-adapted to handle multimedia traffic and is efficient. However, when RPR networks are bridged, inter-ring packets, or packets with the destination on a remote RPR network other than on the source network, are flooded on the source and the destination networks, and also on the path of the intermediate networks between the source and the destination networks. This decreases the available bandwidth for other traffic in those networks and is inefficient. As a result, we propose two solutions based on topology discovery, global topology discovery (GTD) and enhanced topology discovery (ETD), that prevent the flooding of inter-ring packets. GTD enables the bridges to determine the next-hop bridge for each destination. ETD enables the source node to determine a default ringlet, so that packets reach the next-hop bridge without flooding the source network. The proposed solutions were analyzed and the overhead bandwidth and stabilization time were shown to be bounded. Simulations performed showed that the proposed solutions successfully avoid flooding and achieve optimal efficiency in the intermediate and destination networks, and in the source networks with one bridge.展开更多
文摘IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much more attentions in these years since more and more physical devices are connected to cyberspace.Most geolocation methods cannot resolve the geolocation accuracy for those devices with few landmarks around.In this paper,we propose a novel geolocation approach that is based on common routers as secondary landmarks(Common Routers-based Geolocation,CRG).We search plenty of common routers by topology discovery among web server landmarks.We use statistical learning to study localized(delay,hop)-distance correlation and locate these common routers.We locate the accurate positions of common routers and convert them as secondary landmarks to help improve the feasibility of our geolocation system in areas that landmarks are sparsely distributed.We manage to improve the geolocation accuracy and decrease the maximum geolocation error compared to one of the state-of-the-art geolocation methods.At the end of this paper,we discuss the reason of the efficiency of our method and our future research.
文摘IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much more attentions in these years since more and more physical devices are connected to cyberspace.Most geolocation methods cannot resolve the geolocation accuracy for those devices with few landmarks around.In this paper,we propose a novel geolocation approach that is based on common routers as secondary landmarks(Common Routers-based Geolocation,CRG).We search plenty of common routers by topology discovery among web server landmarks.We use statistical learning to study localized(delay,hop)-distance correlation and locate these common routers.We locate the accurate positions of common routers and convert them as secondary landmarks to help improve the feasibility of our geolocation system in areas that landmarks are sparsely distributed.We manage to improve the geolocation accuracy and decrease the maximum geolocation error compared to one of the state-of-the-art geolocation methods.At the end of this paper,we discuss the reason of the efficiency of our method and our future research.
文摘Software-Defined Network(SDN)represents a new network paradigm.Unlike conventional networks,SDNs separate control planes and data planes.The function of a data plane is enabled using switches,whereas that of a control plane is facilitated by a controller.The controller learns network topologies and makes traffic forwarding decisions.However,some serious vulnerabilities are gradually exposed in the topology management services of current SDN controller designs.These vulnerabilities mainly exist in host tracking and link discovery services.Attackers can exploit these weak points to poison the network topology information in SDN controllers.In this study,a novel solution is proposed to defend against topology poisoning attacks.By analyzing the existing topology attack principles and threat models,this work constructs legal conditions for host migration to detect host hijacking attacks.The checking of the Link Layer Discovery Protocol(LLDP)source and integrity is designed to defend against link fabrication attacks.A relay-type link fabrication attack detection method based on entropy is also designed.Results show that the proposed solution can effectively detect existing topological attacks and provide complete and comprehensive topological security protection.
文摘Resilient Packet Ring (RPR), or the Standard IEEE 802.17, is a new IP-based network technology proposed to replace SONET/SDH in metropolitan area networks. RPR is well-adapted to handle multimedia traffic and is efficient. However, when RPR networks are bridged, inter-ring packets, or packets with the destination on a remote RPR network other than on the source network, are flooded on the source and the destination networks, and also on the path of the intermediate networks between the source and the destination networks. This decreases the available bandwidth for other traffic in those networks and is inefficient. As a result, we propose two solutions based on topology discovery, global topology discovery (GTD) and enhanced topology discovery (ETD), that prevent the flooding of inter-ring packets. GTD enables the bridges to determine the next-hop bridge for each destination. ETD enables the source node to determine a default ringlet, so that packets reach the next-hop bridge without flooding the source network. The proposed solutions were analyzed and the overhead bandwidth and stabilization time were shown to be bounded. Simulations performed showed that the proposed solutions successfully avoid flooding and achieve optimal efficiency in the intermediate and destination networks, and in the source networks with one bridge.
