By Topic

1st IEEE ICNP Workshop on Secure Network Protocols, 2005. (NPSec).

Date 6-6 Nov. 2005

Filter Results

Displaying Results 1 - 19 of 19
  • 2005 First Workshop on Secure Network Protocols (NPSEC)

    Publication Year: 2005
    Request permission for commercial reuse | PDF file iconPDF (30 KB)
    Freely Available from IEEE
  • Copyright page

    Publication Year: 2005, Page(s): ii
    Request permission for commercial reuse | PDF file iconPDF (29 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2005, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (37 KB)
    Freely Available from IEEE
  • Message from the general chair and program chairs

    Publication Year: 2005, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (29 KB) | HTML iconHTML
    Freely Available from IEEE
  • Committees

    Publication Year: 2005, Page(s): v
    Request permission for commercial reuse | PDF file iconPDF (33 KB)
    Freely Available from IEEE
  • L3A: a protocol for layer three accounting

    Publication Year: 2005, Page(s):1 - 6
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (172 KB) | HTML iconHTML

    Accounting protocols are used to quantify traffic to support billing, QoS assurances, and other objectives. Current protocols do not provide complete security for this purpose because of the threat of 'cramming' attacks in which unauthenticated parties can introduce traffic that the accounting system attributes incorrectly. In this paper we explain this vulnerability and introduce a protocol, laye... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Mitigating DoS attack through selective bin verification

    Publication Year: 2005, Page(s):7 - 12
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (185 KB) | HTML iconHTML

    Despite considerable attention from both the academic and commercial communities, denial-of-service (DoS) attacks represent a growing threat to network administrators and service providers. A large number of proposed DoS countermeasures attempt to detect an attack in-progress and filter out the DoS attack packets. These techniques often depend on the instantiation of sophisticated routing mechanis... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On design tradeoffs between security and performance in wireless group communicating systems

    Publication Year: 2005, Page(s):13 - 18
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (234 KB) | HTML iconHTML

    While security is of prime concern in secure group communicating systems in wireless networks, security mechanisms employed often have implication on the performance of the system. Recently model-based qualitative evaluation has been used for the evaluation of security protocols to quantify security properties in terms of intrusion tolerance using quantitative modeling techniques. However, most of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Detecting and filtering instant messaging spam - a global and personalized approach

    Publication Year: 2005, Page(s):19 - 24
    Cited by:  Papers (8)  |  Patents (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (250 KB) | HTML iconHTML

    While instant message (IM) is gaining its popularity it is exposed to increasingly severe security threats. A serious problem is IM spam (spim) that is unsolicited commercial messages sent via IM messengers. Unlike e-mail spam (unsolicited bulk e-mails), which has been a serious security issue for a long time and a number of techniques have been proposed to cope with, spim has not received adequat... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Analysis of IPSec overheads for VPN servers

    Publication Year: 2005, Page(s):25 - 30
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (157 KB) | HTML iconHTML

    Internet protocol security (IPSec) is a widely deployed mechanism for implementing virtual private networks (VPNs). This paper evaluates the performance overheads associated with IPSec. We use Openswan, an open source implementation of IPSec, and measure the running times of individual security operations and also the speedup gained by replacing various IPSec components with no-ops. The main findi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Practical security for disconnected nodes

    Publication Year: 2005, Page(s):31 - 36
    Cited by:  Papers (31)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (257 KB) | HTML iconHTML

    Endpoints in a delay tolerant network (DTN) [K. Fall, 2003] must deal with long periods of disconnection, large end-to-end communication delays, and opportunistic communication over intermittent links. This makes traditional security mechanisms inefficient and sometimes unsuitable. We study three specific problems that arise naturally in this context: initiation of a secure channel by a disconnect... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Achieving K-anonymity in mobile ad hoc networks

    Publication Year: 2005, Page(s):37 - 42
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (260 KB) | HTML iconHTML

    A zone-based K-anonymity routing protocol is proposed and investigated, the goal of which is to achieve destination anonymity in positioning routing algorithms. Under this protocol, the source sends the data to an anonymity zone, where the destination node and a number of other nodes are located. The data is flooded within the anonymity zone so that to a tracer is not able to guess which is the de... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Phyllo: a peer-to-peer overlay security framework

    Publication Year: 2005, Page(s):43 - 48
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (247 KB) | HTML iconHTML

    Despite the success of peer-to-peer systems, a majority of their overlay architectures are vulnerable to exploitation. Some of the features for improved performance have created security holes that attackers can breach to gain control of the network. De facto network security solutions (e.g., trusted servers, encryption, and firewalls) offer little assistance, as they are often not compatible with... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Identity theft protection in structured overlays

    Publication Year: 2005, Page(s):49 - 54
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (133 KB) | HTML iconHTML

    Structured peer-to-peer (P2P) overlays rely on consistent and robust key-based routing to support large-scale network applications such as multicast and global-scale storage. We identify the main attack in these networks as a form of P2P identity theft, where a malicious node in the path of a message claims it is the desired destination node. Attackers can hijack route and lookup requests to forge... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An effective intrusion detection approach for OLSR MANET protocol

    Publication Year: 2005, Page(s):55 - 60
    Cited by:  Papers (24)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (254 KB) | HTML iconHTML

    The optimized link state routing (OLSR) protocol is a proactive mobile ad hoc network (MANET) routing protocol. Security aspects have not been designed into the OLSR protocol and therefore make it vulnerable to various kinds of attacks. Recent research efforts have focused on providing authentication and encryption techniques to secure the OLSR protocol against attacks from outside intruders. A se... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The attackers' potential influence on the tactical assessments produced by standard alert correlation systems

    Publication Year: 2005, Page(s):61 - 66
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (221 KB) | HTML iconHTML

    This work shows that knowledgeable attackers can influence the tactical assessments output by INFOSEC alert correlation systems solely through manipulating the timing characteristics of their attacks. The approach taken is to assume that the defender's goal is to thwart attackers by enact optimal tactical responses. It is then shown that, even in an idealized environment, the defender has no guara... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Policy segmentation for intelligent firewall testing

    Publication Year: 2005, Page(s):67 - 72
    Cited by:  Papers (14)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (165 KB) | HTML iconHTML

    Firewall development and implementation are constantly being improved to accommodate higher security and performance standards. Using reliable yet practical techniques for testing new packet filtering algorithms and firewall design implementations from a functionality point of view becomes necessary to assure the required security. In this paper, an efficient paradigm for automated testing of fire... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A distributed reputation approach to cooperative Internet routing protection

    Publication Year: 2005, Page(s):73 - 78
    Cited by:  Papers (5)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (109 KB) | HTML iconHTML

    The security of the Internet's interdomain routing system hinges on whether autonomous systems (ASes) can trust the information they receive from each other via the border gateway protocol (BGP). Frequently, this trust has been misguided, resulting in wide-spread outages and significant concerns about future attacks. Despite the seriousness of these problems, proposals for a more secure version of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2005, Page(s): 79
    Request permission for commercial reuse | PDF file iconPDF (27 KB)
    Freely Available from IEEE