basheer al duwairi jordan university of science technology
play

Basheer Al-Duwairi Jordan University of Science & Technology - PowerPoint PPT Presentation

Mar 12, 2024 •166 likes •301 views

Basheer Al-Duwairi Jordan University of Science & Technology United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012 Outline Examples of using network

  1. Basheer Al-Duwairi Jordan University of Science & Technology United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  2. Outline • Examples of using network measurements /monitoring – Example 1: fast flux detection – Example 2: DDoS mitigation as a service • Future trends – Hot topics – Challenges United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  3. Detection and Characterization of Fast Flux Networks ;; ANSWER SECTION: 09-service.ru. 9 IN A 136.169.214.129 09-service.ru. 9 IN A 158.181.153.20 09-service.ru. 9 IN A 176.215.247.0 09-service.ru. 9 IN A 178.129.215.113 09-service.ru. 9 IN A 194.28.140.134 09-service.ru. 9 IN A 91.226.57.151 09-service.ru. 9 IN A 95.81.53.162 09-service.ru. 9 IN A 176.109.54.103 09-service.ru. 9 IN A 176.97.101.11 09-service.ru. 9 IN A 128.73.112.222 ;; ANSWER SECTION: 09-service.ru. 9 IN A 176.109.54.103 09-service.ru. 9 IN A 176.97.101.11 09-service.ru. 9 IN A 176.8.245.247 09-service.ru. 9 IN A 128.71.255.82 09-service.ru. 9 IN A 46.0.62.42 09-service.ru. 9 IN A 136.169.168.197 09-service.ru. 9 IN A 37.99.17.53 09-service.ru. 9 IN A 180.211.154.217 09-service.ru. 9 IN A 109.254.85.172 09-service.ru. 9 IN A 188.191.237.220 United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  4. [B. Al-Duwairi et. al , “GFlux: A Google-Based Approach for FFlux Detection ”, Technical Report. Jordan Univ. of Science & Technology] GFlux- System Overview List of IP Classify Input: Suspect addresses Extract # hits Form a search domain name domain name (obtained from Google query into FFux or (www.xyz.com) actively or results Non-FFlux passively) United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  5. GFlux- Input: domain hosted by CDN ;; ANSWER SECTION: images.amazon.com. 60 IN CNAME ecx.images- amazon.com.c.footprint.net. ecx.images-amazon.com.c.footprint.net. 230 IN A 204.160.107.126 ecx.images-amazon.com.c.footprint.net. 230 IN A 198.78.205.126 ecx.images-amazon.com.c.footprint.net. 230 IN A 198.78.213.126 List of IP addresses Extract # hits Classify domain Form a search Input: (obtained from Google name into FFux query images.amazon.com actively or results or Non-FFlux passively) United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  6. GFlux- Input: FFlux domain ;; ANSWER SECTION: 09-service.ru. 9 IN A 136.169.214.129 09-service.ru. 9 IN A 158.181.153.20 09-service.ru. 9 IN A 176.215.247.0 09-service.ru. 9 IN A 178.129.215.113 09-service.ru. 9 IN A 194.28.140.134 09-service.ru. 9 IN A 91.226.57.151 09-service.ru. 9 IN A 95.81.53.162 09-service.ru. 9 IN A 176.109.54.103 09-service.ru. 9 IN A 176.97.101.11 09-service.ru. 9 IN A 128.73.112.222 List of IP Classify Extract # addresses Form a domain hits from Input: (obtained search name into Google 09-service.ru actively or query FFux or results passively) Non-FFlux United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  7. Data Collection issue a DNS lookup for every Email spam trap Oct. 2011 – unique domain name using the Mar. 2012 Linux dig utility Form Query Used 240 Planelab nodes Record # hits extracted all URLs from Google the Linux urlview utility Focused on the domain names Analyze associated with the highest number of resolved IP results addresses. Verified them manually, too, to ascertain A cleaning stage they are indeed FFNs. where only base domain names are produced and repeated entries are removed. United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  8. [Zakaria Al-Qudah, Basheer Al-Duwairi, and Osama Al-Khaleel, “DDoS Protection as a Service: Hiding Behind the Giants”, To appear in International Journal of Computational Science and Engineering] DDoS Protection as a Service Web server (content server) Web server CDN (content server) Network CDN Edge server Web client Web client (a) In the absence of an attack (a) During an attack United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  9. Performance evaluation/ experiments Downloading static object from origin server vs. via an CDN edge server acting like • a proxy Object type: PDF file – Object size: 3.1 MB – Origin Server: fedex.com – CDN network: Akamai – Downloads are performed from 391 Planetlab nodes • For each node two downloads for the identified object: one from origin.fedex.com and the – other from images.fedex.com Frequency: once every hour for a period of 24 hours – Important issue: ensuring that the CDN edge server fetches a fresh copy of the object – Solution: We append the download from images.fedex.com with a random query string – United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  10. Performance Results The figure plots the difference • between effective download bandwidth in the two cases (CDN download minus direct Correspond to download). downloads via the CDN Most of the Planetlab nodes, • downloading via the CDN have Correspond to better performance. direct downloads from the origin server This is due to the fact that • CDNs optimize the path through which they fetch objects from the origin server. United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  11. Future trends: Hot topics + main challenges • Most of web traffic is referred by search engines + social networks websites – Google, yahoo, Facebook, twitter, etc. – What traffic needs to be collected/monitored to infer malicious activities? • Collecting data from social networks – investigating and exploring the tradeoffs between services and privacy guarantees United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

  12. Challenges / Future Trends Collecting SMS traffic traces across multiple mobile network operators • Operators need greater visibility and understanding of the applications • running in their networks – Explosive growth in the number of web and mobile applications – Application hiding techniques like encryption, port abuse, and tunneling Little research has been done to characterize/detect spam/scam • campaigns – What percentage of email spam received users is effective? United-States/Middle-East Workshop On Trustworthiness in Emerging Distributed Systems and Networks, Istanbul- Turkey, 4-6 June 2012

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On Clifford-Fischer Theory Ayoub Basheer School of Mathematics, Statistics & Computer

On Clifford-Fischer Theory Ayoub Basheer School of Mathematics, Statistics & Computer

Introduction Conjugacy Classes of Group Extensions Clifford-Fischer Theory Some Survey On Clifford-Fischer Theory The Bibliography On Clifford-Fischer Theory Ayoub Basheer School of Mathematics, Statistics & Computer Science, University

380 views • 21 slides
University of Jordan University of Jordan Developmental dysplasia of the hip (DDH) . A

University of Jordan University of Jordan Developmental dysplasia of the hip (DDH) . A

Associated risk factors in children who had late presentation of DDH Freih Odeh Abu Hassan F.R.C.S (Eng.), F.R.C.S (Tr. & Orth.) Professor of Orthopedics and Pediatrics Orthopedics Surgeon University of Jordan University of Jordan

251 views • 24 slides
Some Number Theory Modulo Operation: Question: What is 12 mod 9? Answer: 12 mod 9 3 or 12

Some Number Theory Modulo Operation: Question: What is 12 mod 9? Answer: 12 mod 9 3 or 12

CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Loai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Dr. Loai Tawalbeh summer 2005 Some Number

546 views • 10 slides
Overview and General Concepts 1 Dr. Loai Tawalbeh Computer Engineering Department Jordan

Overview and General Concepts 1 Dr. Loai Tawalbeh Computer Engineering Department Jordan

CPE 776:DATA SECURITY & CRYPTOGRAPHY Overview and General Concepts 1 Dr. Loai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Dr. Loai Tawalbeh summer 2005 Announcements Textbook W.

358 views • 10 slides
Private-Key Cryptography traditional private/secret/single key cryptography uses one key

Private-Key Cryptography traditional private/secret/single key cryptography uses one key

CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 9 Public Key Cryptography and RSA Dr. Loai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Dr. Loai Tawalbeh Fall 2005 Private-Key

242 views • 12 slides
a b c d e 1 1 Prepared by Dr. Iyad Jafar UNIVERSITY OF JORDAN UNIVERSITY OF JORDAN CO

a b c d e 1 1 Prepared by Dr. Iyad Jafar UNIVERSITY OF JORDAN UNIVERSITY OF JORDAN CO

UNIVERSITY OF JORDAN UNIVERSITY OF JORDAN COMP CO MPUTER ENGI UTER ENGINEERIN NEERING DEPARTM G DEPARTMENT NT CPE0907311 COMPUTER CPE0907311 COMPUTER APPLICATIONS LAB APPLICATIONS LAB EXERCISE SHEET 2 EXERC SE SHEET 2 STUDY THE S

297 views • 3 slides
SESSION 4: THE WAY FORWARD PANEL 4.1: Challenges and opportunities for the promotion of nuclear

SESSION 4: THE WAY FORWARD PANEL 4.1: Challenges and opportunities for the promotion of nuclear

SESSION 4: THE WAY FORWARD PANEL 4.1: Challenges and opportunities for the promotion of nuclear science and technology Chairman, Jordan Atomic Energy Commission Khaled Toukan has been President of Al- Balqa Applied University, then Jordan s

804 views • 11 slides
Integral Feminine Jordan Mayyada Abu Jaber The Five Ecosystems of Jordan Source: Jordan's

Integral Feminine Jordan Mayyada Abu Jaber The Five Ecosystems of Jordan Source: Jordan's

Integral Feminine Jordan Mayyada Abu Jaber The Five Ecosystems of Jordan Source: Jordan's Third National Communication Report on Climate Change- 2014 Educated J Jordan The MENA region has achieved gender parity when it comes to

462 views • 18 slides
K E D b . D a L a t a B a s e Jordan Vincent XML processing using GPGPU Jordan

K E D b . D a L a t a B a s e Jordan Vincent XML processing using GPGPU Jordan

XML processing using GPGPU Research proposal Jordan Vincent University of Tsukuba February 2, 2011 K E D b . D a L a t a B a s e Jordan Vincent XML processing using GPGPU Jordan Vincent Academic achievements Engineering degree

528 views • 18 slides
High accuracy Hermite approximation R d for space curves in I A. RABABAH Department of

High accuracy Hermite approximation R d for space curves in I A. RABABAH Department of

High accuracy Hermite approximation R d for space curves in I A. RABABAH Department of Mathematics, Jordan University of Science and Technology Irbid 22110, Jordan May 14, 2008 1 Introducing the method this talk we describe approximation

497 views • 21 slides
Exscind: Fast Pattern Matching for Intrusion Detection Using Exclusion and Inclusion Filters

Exscind: Fast Pattern Matching for Intrusion Detection Using Exclusion and Inclusion Filters

Exscind: Fast Pattern Matching for Intrusion Detection Using Exclusion and Inclusion Filters Monther Aldwairi and Duaa Alansari Department of Network Engineering and Security Jordan University of Science and Technology Irbid, Jordan

212 views • 7 slides
Chapter 5: Advanced Encryption Standard (AES) Dr. Loai Tawalbeh Computer Engineering

Chapter 5: Advanced Encryption Standard (AES) Dr. Loai Tawalbeh Computer Engineering

CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 5: Advanced Encryption Standard (AES) Dr. Loai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Dr. Loai Tawalbeh Fall 2005 History

323 views • 8 slides
Jordan Jordan is a land rich in history. Since the dawn of civilization, Jordan has played an

Jordan Jordan is a land rich in history. Since the dawn of civilization, Jordan has played an

Jordan Jordan is a land rich in history. Since the dawn of civilization, Jordan has played an important role in trade between east and west because of its geographic location at the crossroads of Asia, Africa and Europe. It has been home to some

1.39k views • 94 slides
Chapter 3: Block Ciphers and the Data Encryption Standard Dr. Loai Tawalbeh Computer

Chapter 3: Block Ciphers and the Data Encryption Standard Dr. Loai Tawalbeh Computer

CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 3: Block Ciphers and the Data Encryption Standard Dr. Loai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Dr. Loai Tawalbeh Fall 2005

339 views • 23 slides
Chapter 2: Classical Cryptosystems-Cont. Dr. Loai Tawalbeh Computer Engineering Department

Chapter 2: Classical Cryptosystems-Cont. Dr. Loai Tawalbeh Computer Engineering Department

776: DATA SECURITY & CRYPTOGRAPHY Chapter 2: Classical Cryptosystems-Cont. Dr. Loai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Dr. Loai Tawalbeh summer 2005 Cryptographic Systems

465 views • 11 slides
Ontology Evaluation and Ranking using OntoQA Samir Tartir Philadelphia University, Jordan I.

Ontology Evaluation and Ranking using OntoQA Samir Tartir Philadelphia University, Jordan I.

Philadelphia University Faculty of Information Technology Ontology Evaluation and Ranking using OntoQA Samir Tartir Philadelphia University, Jordan I. Budak Arpinar University of Georgia Amit P. Sheth Wright State University 1 Outline

357 views • 22 slides
StarCluster - NumPy/SciPy Computing on Amazons Elastic Compute Cloud (EC2) Justin Riley

StarCluster - NumPy/SciPy Computing on Amazons Elastic Compute Cloud (EC2) Justin Riley

Outline Introduction Amazon EC2 Basics StarCluster Overview Conclusions StarCluster - NumPy/SciPy Computing on Amazons Elastic Compute Cloud (EC2) Justin Riley Software Tools for Academics and Researchers Office of Educational Innovation

941 views • 74 slides
Library2Go for Kindle - Instructions Kindle Fire, Smartphone and Tablet users: You must have

Library2Go for Kindle - Instructions Kindle Fire, Smartphone and Tablet users: You must have

Library2Go for Kindle - Instructions Kindle Fire, Smartphone and Tablet users: You must have access to the Library2Go full site (not the mobile site) to access Kindle eBooks directly from your device. Click the link on the E-book help page

384 views • 24 slides
Scalable Gaussian Processes Zhenwen Dai Amazon 9 September 2019 @GPSS 2019 Zhenwen Dai (Amazon)

Scalable Gaussian Processes Zhenwen Dai Amazon 9 September 2019 @GPSS 2019 Zhenwen Dai (Amazon)

Scalable Gaussian Processes Zhenwen Dai Amazon 9 September 2019 @GPSS 2019 Zhenwen Dai (Amazon) Scalable Gaussian Processes 9 September 2019 @GPSS 2019 1 / 46 Gaussian process Input and Output Data: X = ( x 1 , . . . , x N ) y = ( y 1 ,

516 views • 47 slides
Securing Serverless and Container Services Marc Schrter AWS DevOps Engineer @ globaldatanet

Securing Serverless and Container Services Marc Schrter AWS DevOps Engineer @ globaldatanet

Securing Serverless and Container Services Marc Schrter AWS DevOps Engineer @ globaldatanet Community Day 2019 Sponsors Serverless DevOps Automation Continuous Delivery Highly scalable and Infrastructure as Code fault-tolerant solutions

410 views • 40 slides
Video Codecs In An AI World Dr Doug Ridge Amphion Semiconductor The Proliferance of Video in

Video Codecs In An AI World Dr Doug Ridge Amphion Semiconductor The Proliferance of Video in

Video Codecs In An AI World Dr Doug Ridge Amphion Semiconductor The Proliferance of Video in Networks Video produces huge volumes of data According to Cisco By 2021 video will make up 82% of network traffic Equals 3.3

429 views • 13 slides
A"Large(Scale"Analysis"of"the"

A"Large(Scale"Analysis"of"the"

A"Large(Scale"Analysis"of"the" Security"of"Embedded"Firmwares Presented(by(Zhenyu Ning 1 Contents 1.(Background 2.(Motivation(&(Challenges 3.(Architecture 4.(Analysis(Result(&(Case(study

784 views • 23 slides
A Probabilistic U-Net for Segmentation of Ambiguous Images Simon A. A. Kohl 1*,2 , Bernardino

A Probabilistic U-Net for Segmentation of Ambiguous Images Simon A. A. Kohl 1*,2 , Bernardino

A Probabilistic U-Net for Segmentation of Ambiguous Images Simon A. A. Kohl 1*,2 , Bernardino Romera-Paredes 1 , Clemens Meyer 1 , Jeffrey De Fauw 1 , Joseph R. Ledsam 1 , Klaus H. Maier-Hein 2 , S. M. Ali Eslami 1 , Danilo Jimenez Rezende 1 , Olaf

669 views • 32 slides
A comparison of algorithms for maximum entropy parameter estimation Robert Malouf

A comparison of algorithms for maximum entropy parameter estimation Robert Malouf

A comparison of algorithms for maximum entropy parameter estimation Robert Malouf Alfa-Informatica Rijksuniversiteit Groningen Postbus 716 9700AS Groningen The Netherlands malouf@let.rug.nl Draft of May 15, 2002 Abstract representations is

103 views • 9 slides

More recommend