IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networksecurity

2,287 views

Published on

IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd
IEEE projects, final year projects, students project, be project, engineering projects, academic project, project center in madurai, trichy, chennai, kollam, coimbatore

Published in: Education, Technology
1 Comment
0 Likes
Statistics
Notes
  • i want 'efficient network modification to improve qos stability at failures ' project 2011 ieee, please send me documentation and code,my mail is pavan.gangishetti@gmail.com
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
2,287
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
42
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

IEEE Final Year Projects 2011-2012 :: Elysium Technologies Pvt Ltd::Networksecurity

  1. 1. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-2012 Abstract NETWORK SECURITY 2011 - 201201 A Distributed Key Management Framework with Cooperative Message Authentication in VANETs In this paper, we propose a distributed key management framework based on group signature to provision privacy in vehicular ad hoc networks (VANETs). Distributed key management is expected to facilitate the revocation of malicious vehicles, maintenance of the system, and heterogeneous security policies, compared with the centralized key management assumed by the existing group signature schemes. In our framework, each road side unit (RSU) acts as the key distributor for the group, where a new issue incurred is that the semi-trust RSUs may be compromised. Thus, we develop security protocols for the scheme which are able to detect compromised RSUs and their colluding malicious vehicles. Moreover, we address the issue of large computation overhead due to the group signature implementation. A practical cooperative message authentication protocol is thus proposed to alleviate the verification burden, where each vehicle just needs to verify a small amount of messages. Details of possible attacks and the corresponding solutions are discussed. We further develop a medium access control (MAC) layer analytical model and carry out NS2 simulations to examine the key distribution delay and missed detection ratio of malicious messages, with the proposed key management framework being implemented over 802.11 based VANETs.02 A Policy Enforcing Mechanism for Trusted Ad Hoc Networks To ensure fair and secure communication in Mobile Ad hoc Networks (MANETs), the applications running in these networks must be regulated by proper communication policies. However, enforcing policies in MANETs is challenging because they lack the infrastructure and trusted entities encountered in traditional distributed systems. This paper presents the design and implementation of a policy enforcing mechanism based on Satem, a kernel-level trusted execution monitor built on top of the Trusted Platform Module. Under this mechanism, each application or protocol has an associated policy. Two instances of an application running on different nodes may engage in communication only if these nodes enforce the same set of policies for both the application and the underlying protocols used by the application. In this way, nodes can form trusted application-centric networks. Before allowing a node to join such a network, Satem verifies its trustworthiness of enforcing the required set of policies. Furthermore, Satem protects the policies and the software enforcing these policies from being tampered with. If any of them is compromised, Satem disconnects the node from the network. We demonstrate the correctness of our solution through security analysis, and its low overhead through performance evaluation of two MANET applications.03 A Prediction-Based Overload Control Algorithm for SIP Servers Overload is a challenging problem for a SIP server because the built-in overload control mechanism based on generating rejection messages could not prevent the server from collapsing due to congestion. In this scenario, the paper presents an overload mechanism combining a local and a remote solution. The local part of the overload control mechanism is based on the appropriate queueing structure and buffer management of the SIP proxy. The remote overload control mechanism is based on feedback reports provided by the SIP proxy to the upstream neighbors. These reports permit the traffic regulation necessary to avoid the critical condition of overload. The main paper contributions are the design of key components of aMadurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 1
  2. 2. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-2012 remote control mechanism, the proposal of a new approach for dynamic load estimation, and the use of a prediction technique in the remote control loop.04 A Stochastic Model for Quantitative Security Analyses of Networked Systems Traditional security analyses are often geared toward cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender’s need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security. This question is known to be notoriously difficult to answer, and the state of the art is that we know little about it. Toward ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system: 1) the strength of deployed security mechanisms such as intrusion detection systems and 2) the underlying vulnerability graph, which reflects how attacks may proceed. The resulting model brings the following insights: 1) How should a defender “tune” system configurations (e.g., network topology) so as to improve security? 2) How should a defender “tune” system parameters (e.g., by upgrading which security mechanisms) so as to improve security? 3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.05 A Unified Framework for the Analysis of Availability, Reliability and Security, With Applications to Quantum Networks Major goals of system security comprise confidentiality, integrity, availability, authenticity, and reliability. All of these have seen comprehensive treatment, yielding a vast collection of solutions. Information-theoretic security regarding confidentiality has seen considerable progress recently with the development of commercial quantum cryptographic devices. Solutions for perfectly secure authentication have been around much longer. Achieving perfect security, high availability and reliability, calls for combinations of various approaches. In this study, we propose a simple and uniform framework for the assessment of security, availability, and reliability that arbitrary compositions of security measures can provide. Our methodology facilitates system modeling in a decision-theoretic manner, which makes the models easily understandable even for specialists from fields other than security. At the same time, the models allow for strong assertions and for simple characterizations of the achievable security and safety in a system. We demonstrate the applicability of our results using quantum networks as an example.06 Achieving Bounded Matching Delay and Maximized Throughput in Information Dissemination Management The demand for high performance information dissemination is increasing in many applications, such as ecommerce and security alerting systems. These applications usually require that the desired information be matched between numerous sources and sinks based on established subscriptions in a timely manner while a maximized system throughput be achieved to find more matched results. Existing work primarily focuses on only one of the two requirements, either timeliness or throughput. This can lead to an unnecessarily underutilized system or poor guarantees on matching delays. In this paper, we propose an integrated solution that controls both the matching delay and CPU utilization in information dissemination systems to achieve bounded matching delay for high-priority information and maximized system throughput in an example information dissemination system. In addition, we design an admission control scheme to meet the timeliness requirements for selected lowpriority information. Our solution is based on optimal control theory for guaranteedMadurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 2
  3. 3. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-2012 control accuracy and system stability. Empirical results on a hardware testbed demonstrate that our controllers can meet the timeliness requirements while achieving maximized system throughput.07 An Intrusion-Detection Model Based on Fuzzy Class-Association-Rule Mining Using Genetic Network Programming As the Internet services spread all over the world,many kinds and a large number of security threats are increasing. Therefore, intrusion detection systems, which can effectively detect intrusion accesses, have attracted attention. This paper describes a novel fuzzy class-associationrule mining method based on genetic network programming (GNP) for detecting network intrusions. GNP is an evolutionary optimization technique, which uses directed graph structures instead of strings in genetic algorithm or trees in genetic programming, which leads to enhancing the representation ability with compact programs derived from the reusability of nodes in a graph structure. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database that contains both discrete and continuous attributes and also extract many important classassociation rules that contribute to enhancing detection ability. Therefore, the proposed method can be flexibly applied to both misuse and anomaly detection in network-intrusion-detection problems. Experimental results with KDD99Cup and DARPA98 databases from MIT Lincoln Laboratory show that the proposed method provides competitively high detection rates compared with other machine-learning techniques and GNP with crisp data mining.08 Dirichlet-Based Trust Management for Effective Collaborative Intrusion Detection Networks The accuracy of detecting intrusions within a Collaborative Intrusion Detection Network (CIDN) depends on the efficiency of collaboration between peer Intrusion Detection Systems (IDSes) as well as the security itself of the CIDN. In this paper, we propose Dirichlet-based trust management to measure the level of trust among IDSes according to their mutual experience. An acquaintance management algorithm is also proposed to allow each IDS to manage its acquaintances according to their trustworthiness. Our approach achieves strong scalability properties and is robust against common insider threats, resulting in an effective CIDN. We evaluate our approach based on a simulated CIDN, demonstrating its improved robustness, efficiency and scalability for collaborative intrusion detection in comparison with other existing models.09 Efficient Control of False Negative and False Positive Errors with Separate Adaptive Thresholds Component level performance thresholds are widely used as a basic means for performance management. As the complexity of managed applications increases, manual threshold maintenance becomes a difficult task. Complexity arises from having a large number of application components and their operational metrics, dynamically changing workloads, and compound relationships between application components. To alleviate this problem, we advocate that component level thresholds should be computed, managed and optimized automatically and autonomously. To this end, we have designed and implemented a performance threshold management application that automatically and dynamically computes two separate component level thresholds: one for controlling Type I errors and another for controlling Type II errors. Our solution additionally facilitates metric selection thus minimizing management overheads. We present the theoretical foundation for this autonomic threshold management application, describe a specific algorithm and its implementation, and evaluate it using real-life scenarios and production data sets. As our present study shows, with proper parameter tuning, our on-line dynamic solution is capable of nearly optimal performance thresholds calculation.Madurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 3
  4. 4. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-201210 Efficient Network Modification to Improve QoS Stability at Failures When a link or node fails, flows are detoured around the failed portion, so the hop count of flows and the link load could change dramatically as a result of the failure. As real-time traffic such as video or voice increases on the Internet, ISPs are required to provide stable quality as well as connectivity at failures. For ISPs, how to effectively improve the stability of these qualities at failures with the minimum investment cost is an important issue, and they need to effectively select a limited number of locations to add link facilities. In this paper, efficient design algorithms to select the locations for adding link facilities are proposed and their effectiveness is evaluated using the actual backbone networks of 36 commercial ISPs11 ELMO: Energy Aware Local Monitoring in Sensor Networks Over the past decade, local monitoring has been shown to be a powerful technique for improving security in multihop wireless sensor networks (WSNs). Indeed, local monitoring-based security algorithms are becoming the most popular tool for providing security in WSNs. However, local monitoring as it is currently practiced is costly in terms of energy consumption, a major drawback for energy-constrained systems such as WSNs. In WSN environments, the scarce power resources are typically addressed through sleep-wake scheduling of the nodes. However, sleep-wake scheduling techniques in WSNs are vulnerable even to simple attacks. In this paper, a new technique is proposed that promises to allow operation of WSNs in a manner that is both energy-efficient and secure. The proposed technique combines local monitoring with a novel, more secure form of sleep-wake scheduling. The latter is a new methodology dubbed Elmo (Energy Aware Local MOnitoring in Sensor Networks), which enables sleep-wake management in a secure manner even in the face of adversarial nodes that choose not to awaken nodes responsible for monitoring their traffic. An analytical proof is given showing that security coverage is not weakened under ELMO. Moreover, ns-2 simulation results show that the performance of local monitoring is practically unchanged, while energy savings of 20 to 100 times are achieved, depending on the scenario..12 FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks Distributed sensor data storage and retrieval have gained increasing popularity in recent years for supporting various applications. While distributed architecture enjoys a more robust and fault-tolerant wireless sensor network (WSN), such architecture also poses a number of security challenges especially when applied in mission-critical applications such as battlefield and ehealthcare. First, as sensor data are stored and maintained by individual sensors and unattended sensors are easily subject to strong attacks such as physical compromise, it is significantly harder to ensure data security. Second, in many mission-critical applications, fine-grained data access control is a must as illegal access to the sensitive data may cause disastrous results and/or be prohibited by the law. Last but not least, sensor nodes usually are resource-constrained, which limits the direct adoption of expensive cryptographic primitives. To address the above challenges, we propose, in this paper, a distributed data access control scheme that is able to enforce fine-grained access control over sensor data and is resilient against strong attacks such as sensor compromise and user colluding. The proposed scheme exploits a novel cryptographic primitive called attribute-based encryption (ABE), tailors, and adapts it for WSNs with respect to both performance and security requirements. The feasibility of the scheme is demonstrated by experiments on real sensor platforms. To our best knowledge, this paper is the first to realize distributed fine-grained data access control for WSNs.13 Improving Application Placement for Cluster-Based Web ApplicationsMadurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 4
  5. 5. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-2012 Dynamic application placement for clustered web applications heavily influences system performance and quality of user experience. Existing approaches claim that they strive to maximize the throughput, keep resource utilization balanced across servers, and minimize the start/stop cost of application instances. However, they fail to minimize the worst case of server utilization; the load balancing performance is not optimal. What’s more, some applications need to communicate with each other, which we called dependent applications; the network cost of them also should be taken into consideration. In this paper, we investigate how to minimize the resource utilization of servers in the worst case, aiming at improving load balancing among clustered servers. Our contribution is twofold. First we propose and define a new optimization objectives: limiting the worst case of each individual server’s utilization, formulated by a min-max problem. A novel framework based on binary search is proposed to detect an optimal load balancing solution. Second, we define system cost as the weighted combination of both placement change and inter-application communication cost. By maximizing the number of instances of dependent applications that reside in the same set of servers, the basic load-shifting and placement-change procedures are enhanced to minimize whole system cost. Extensive experiments have been conducted and effectively demonstrate that: 1) the proposed framework achieves a good allocation for clustered web applications. In other words, requests are evenly allocated among servers, and throughput is still maximized; 2) the total system cost maintains at a low level; 3) our algorithm has the capacity of approximating an optimal solution within polynomial time and is promising for practical implementation in real deployments.14 Locating Equivalent Servants over P2P Networks While peer-to-peer networks are mainly used to locate unique resources across the Internet, new interesting deployment scenarios are emerging. Particularly, some applications (e.g., VoIP) are proposing the creation of overlays for the localization of services based on equivalent servants (e.g., voice relays). This paper explores the possible overlay architectures that can be adopted to provide such services, showing how an unstructured solution based on a scale-free overlay topology is an effective option to deploy in this context. Consequently, we propose EQUATOR (EQUivalent servAnt locaTOR), an unstructured overlay implementing the above mentioned operating principles, based on an overlay construction algorithm that well approximates an ideal scale-free construction model. We present both analytical and simulation results which support our overlay topology selection and validate the proposed architecture.15 Low-Overhead End-to-End Performance Measurement for Next Generation Networks Internet performance measurement is commonly perceived as a high-cost control-plane activity and until now it has tended to be implemented on top of the network’s forwarding operation. Consequently, measurement mechanisms have often had to trade relevance and accuracy over non-intrusiveness and cost effectiveness. In this paper, we present the software implementation of an in-line measurement mechanism that uses native structures of the Internet Protocol version 6 (IPv6) stack to piggyback measurement information on data-carrying traffic as this is routed between two points in the network. We carefully examine the overhead associated with both the measurement process and the measurement data, and we demonstrate that direct twopoint measurement has minimal impact on throughput and on system processing load. The results of this paper show that adequately engineered measurement mechanisms that exploit selective processing do not compromise the network’s forwarding efficiency, and can be deployed in an always-on manner to reveal the true performance of network traffic over small timescales16 Monitoring the Impact of P2P Users on a Broadband Operator’s Network over TimeMadurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 5
  6. 6. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-2012 Since their emergence peer-to-peer (P2P) applications have been generating a considerable fraction of the overall transferred bandwidth in broadband networks. Residential broadband service has been moving from one geared towards technology enthusiasts and early adopters to a commodity for a large fraction of households. Thus, the question whether P2P is still the dominant application in terms of bandwidth usage becomes highly relevant for broadband operators. In this work we present an adaption to a previously published method for classifying broadband users into a P2P- and a non-P2P group based on the amount of communication partners (“peers") they have in a dedicated timeframe. Based on this classification, we derive their impact on network characteristics like the number of active users and their aggregate bandwidth. Privacy is assured by anonymization of the data and by not taking into account the packet payloads. We apply our method to real operational data collected 2007 and 2010, respectively, from a major German DSL provider’s access link which transported all traffic each user generates and receives. In 2010 the fraction of P2P users clearly decreased compared to previous years. Nevertheless we find that P2P users are still large contributors to the total amount of traffic seen especially in upstream direction. However in 2010 the impact from P2P on the bandwidth peaks in the busy hours has clearly decreased while other applications have a growing impact, leading to an increased bandwidth usage per subscriber in the peak hours. Further analysis also reveals that the P2P users’ traffic still does not exhibit strong locality. We compare our findings to those available in the literature and propose areas for future work on network monitoring, P2P applications, and network design.17 On the Impact of Security Protocols on the Performance of SNMP Since the early 1990s, there have been several attempts to secure the Simple Network Management Protocol (SNMP). The third version of the protocol, published as full standard in 2002, introduced the User-based Security Model (USM), which comes with its own user and key-management infrastructure. Since then, network operators have reported that deploying another user and key management infrastructure to secure SNMP is expensive and a reason to not deploy SNMPv3. This paper describes how existing security protocols operating above the transport layer and below application protocols can be used to secure SNMP. These protocols can take advantage of already deployed key management infrastructures that are used for other network management interfaces and hence their use can reduce the operational costs associated with securing SNMP. Our main contribution is a detailed performance analysis of a prototype implementation, comparing the performance of SNMPv3 over SSH, TLS, and DTLS with other versions of SNMP. We also discuss the differences between the various options to secure SNMP and provide guidelines for choosing solutions to implement or deploy.18 Practical and Secure Multidimensional Query Framework in Tiered Sensor Networks The two-tier architecture consisting of a small number of resource-abundant storage nodes in the upper tier and a large number of sensors in the lower tier could be promising for large-scale sensor networks in terms of resource efficiency, network capacity, network management complexity, etc. In this architecture, each sensor having multiple sensing capabilities periodically forwards the multidimensional sensed data to the storage node, which responds to the queries, such as range query, top- query, and skyline query. Unfortunately, node compromises pose the great challenge of securing the data collection; the sensed data could be leaked to or could be manipulated by the compromised nodes. Furthermore, chunks of the sensed data could be dropped maliciously, resulting in an incomplete query result, which is the most difficult security breach. Here, we propose a simple yet effective hash tree-based framework, under which data confidentiality, query result authenticity, and query result completeness can be guaranteed simultaneously. In addition, the subtree sampling technique, which could be of independent interest to the other applications, is proposed to efficiently identify the compromised nodes. Last, analytical and extensive simulation studies are conducted to evaluate the performance and security of our methods. Prototype implementation on TelosB mote demonstrates the practicality of our proposed methods.Madurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 6
  7. 7. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-201219 Privacy Preserving Collaborative Enforcement of Firewall Policies in Virtual Private Networks The widely deployed Virtual Private Network (VPN) technology allows roaming users to build an encrypted tunnel to a VPN server, which, henceforth, allows roaming users to access some resources as if that computer were residing on their home organization’s network. Although VPN technology is very useful, it imposes security threats on the remote network because its firewall does not know what traffic is flowing inside the VPN tunnel. To address this issue, we propose VGuard, a framework that allows a policy owner and a request owner to collaboratively determine whether the request satisfies the policy without the policy owner knowing the request and the request owner knowing the policy. We first present an efficient protocol, called Xhash, for oblivious comparison, which allows two parties, where each party has a number, to compare whether they have the same number, without disclosing their numbers to each other. Then, we present the VGuard framework that uses Xhash as the basic building block. The basic idea of VGuard is to first convert a firewall policy to nonoverlapping numerical rules and then use Xhash to check whether a request matches a rule. Comparing with the Cross- Domain Cooperative Firewall (CDCF) framework, which represents the state-of-theart, VGuard is not only more secure but also orders of magnitude more efficient. On real-life firewall policies, for processing packets, our experimental results show that VGuard is three to four orders of magnitude faster than CDCF.20 Robust Correlation of Encrypted Attack Traffic through Stepping Stones by Flow Watermarking Network-based intruders seldom attack their victims directly from their own computer. Often, they stage their attacks through intermediate “stepping stones” in order to conceal their identity and origin. To identify the source of the attack behind the stepping stone(s), it is necessary to correlate the incoming and outgoing flows or connections of a stepping stone. To resist attempts at correlation, the attacker may encrypt or otherwise manipulate the connection traffic. Timing- based correlation approaches have been shown to be quite effective in correlating encrypted connections. However, timing- based correlation approaches are subject to timing perturbations that may be deliberately introduced by the attacker at stepping stones. In this paper, we propose a novel watermarkbased- correlation scheme that is designed specifically to be robust against timing perturbations. Unlike most previous timing-based correlation approaches, our watermark-based approach is “active” in that it embeds a unique watermark into the encrypted flows by slightly adjusting the timing of selected packets. The unique watermark that is embedded in the encrypted flow gives us a number of advantages over passive timing-based correlation in resisting timing perturbations by the attacker. In contrast to the existing passive correlation approaches, our active watermark-based correlation does not make any limiting assumptions about the distribution or random process of the original interpacket timing of the packet flow. In theory, our watermark-based correlation can achieve arbitrarily close to 100 percent correlation true positive rate (TPR), and arbitrarily close to 0 percent false positive rate (FPR) at the same time for sufficiently long flows, despite arbitrarily large (but bounded) timing perturbations of any distribution by the attacker. Our paper is the first that identifies 1) accurate quantitative tradeoffs between the achievable correlation effectiveness and the defining characteristics of the timing perturbation; and 2) a provable upper bound on the number of packets needed to achieve a desired correlation effectiveness, given the amount of timing perturbation. Experimental results show that our active watermark-based correlation performs better and requires fewer packets than existing, passive timing-based correlation methods in the presence of random timing perturbations.21 Runtime Defense against Code Injection Attacks Using Replicated Execution The number and complexity of attacks on computer systems are increasing. This growth necessitates proper defense mechanisms. Intrusion detection systems play an important role in detecting and disrupting attacks before they can compromise software. Multivariant execution is an intrusion detection mechanism that executes several slightly different versions, called variants, of the same program in lockstep. The variants are built to have identical behavior under normalMadurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 7
  8. 8. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-2012 execution conditions. However, when the variants are under attack, there are detectable differences in their execution behavior. At runtime, a monitor compares the behavior of the variants at certain synchronization points and raises an alarm when a discrepancy is detected. We present a monitoring mechanism that does not need any kernel privileges to supervise the variants. Many sources of inconsistencies, including asynchronous signals and scheduling of multithreaded or multiprocess applications, can cause divergence in behavior of variants. These divergences cause false alarms. We provide solutions to remove these false alarms. Our experiments show that the multivariant execution technique is effective in detecting and preventing code injection attacks. The empirical results demonstrate that dual-variant execution has on average 17 percent performance overhead when deployed on multicore processors.22 SAT: A Security Architecture Achieving Anonymity and Traceability in Wireless Mesh Networks Anonymity has received increasing attention in the literature due to the users’ awareness of their privacy nowadays. Anonymity provides protection for users to enjoy network services without being traced. While anonymity-related issues have been extensively studied in payment-based systems such as e-cash and peer-to-peer (P2P) systems, little effort has been devoted to wireless mesh networks (WMNs). On the other hand, the network authority requires conditional anonymity such that misbehaving entities in the network remain traceable. In this paper, we propose a security architecture to ensure unconditional anonymity for honest users and traceability of misbehaving users for network authorities in WMNs. The proposed architecture strives to resolve the conflicts between the anonymity and traceability objectives, in addition to guaranteeing fundamental security requirements including authentication, confidentiality, data integrity, and nonrepudiation. Thorough analysis on security and efficiency is incorporated, demonstrating the feasibility and effectiveness of the proposed architecture.23 Scheduling Grid Tasks in Face of Uncertain Communication Demands Grid scheduling is essential to Quality of Service provisioning as well as to efficient management of grid resources. Grid scheduling usually considers the state of the grid resources as well application demands. However, such demands are generally unknown for highly demanding applications, since these often generate data which will be transferred during their execution. Without appropriate assessment of these demands, scheduling decisions can lead to poor performance. Thus, it is of paramount importance to consider uncertainties in the formulation of a grid scheduling problem. This paper introduces the IPDT-FUZZY scheduler, a scheduler which considers the demands of grid applications with such uncertainties. The scheduler uses fuzzy optimization, and both computational and communication demands are expressed as fuzzy numbers. Its performance was evaluated, and it was shown to be attractive when communication requirements are uncertain. Its efficacy is compared, via simulation, to that of a deterministic counterpart scheduler and the results reinforce its adequacy for dealing with the lack of accuracy in the estimation of communication demands.24 Securing Topology Maintenance Protocols for Sensor Networks We analyze the security vulnerabilities of PEAS, ASCENT, and CCP, three well-known topology maintenance protocols (TMPs) for sensor networks. These protocols aim to increase the lifetime of the sensor network by only maintaining aMadurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 8
  9. 9. Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Trichy | Coimbatore | Kollam| Singapore Website: elysiumtechnologies.com, elysiumtechnologies.info Email: info@elysiumtechnologies.com IEEE Final Year Project List 2011-2012 subset of nodes in an active or awake state. The design of these protocols assumes that the sensor nodes will be deployed in a trusted, nonadversarial environment, and does not take into account the impact of attacks launched by malicious insider or outsider nodes. We propose a metaprotocol (Meta-TMP) to represent the class of topology maintenance protocols. The Meta-TMP provides us with a better understanding of the characteristics and of how a specific TMP works, and it can be used to study the vulnerabilities of a specific TMP. We describe various types of malicious behavior and actions that can be carried out by an adversary to attack a wireless sensor network by exploiting the TMP being used in the network. We describe three attacks against these protocols that may be used to reduce the lifetime of the sensor network, or to degrade the functionality of the sensor application by reducing the network connectivity and the sensing coverage that can be achieved. Further, we describe countermeasures that can be taken to increase the robustness of the protocols and make them resilient to such attacks.25 SLO Auditing Task Analysis, Decomposition, and Specification Service Level Objectives (SLOs) – the core of a Service Level Agreement (SLA) – reflect major Quality-of-Service (QoS) requirements of customers on a service for a given price. SLOs need to be updated, if those requirements change. This leads to an update of the SLO auditing implementation. However, in many existing implementations, efforts are required to adapt to SLO changes, and even more efforts are needed for dynamic adaptations. Thus, a new SLO auditing design is essential to be able to reduce such efforts to the bare minimum. This is especially essential, if the service landscape and relevant QoS parameters are changing frequently. Thus, to meet this core functional requirement of an automated auditing, a generic auditing framework, applicable to any SLO, is presented in this paper, where the analysis of a general audit task, the identification of its sequence of subtasks (functional decomposition), and the development of a respective audit specification for each subtask has been performed. A use case and examples are presented to describe and apply the concept in detail. An SLO auditing application, which was prototyped, is not restricted to a certain set of QoS parameters, but it is dynamically reconfigurable and extensible according to changing demands. The work shows that it has become quite easy to instantiate an auditing application for new SLOs. Additionally, third parties would be able to offer SLO auditing services to a service provider separately.26 Spectral Models for Bitrate Measurement from Packet Sampled Traffic In network measurement systems, packet sampling techniques are usually adopted to reduce the overall amount of data to collect and process. Being based on a subset of packets, they introduce estimation errors that have to be properly counteracted by using a fine tuning of the sampling strategy and sophisticated inversion methods. This problem has been deeply investigated in the literature with particular attention to the statistical properties of packet sampling and to the recovery of the original network measurements. Herein, we propose a novel approach to predict the energy of the sampling error in the real time estimation of traffic bitrate, based on spectral analysis in the frequency domain. We start by demonstrating that the error introduced by packet sampling can be modeled as an aliasing effect in the frequency domain. Then, we derive closed-form expressions for the Signal-to-Noise Ratio (SNR) to predict the distortion of traffic bitrate estimates over time. The accuracy of the proposed SNR metric is validated by means of real packet traces. Furthermore, a comparison with respect to an analogous SNR expression derived using classic stochastic tools is proposed, showing that the frequency domain approach grants for a higher accuracy when traffic rate measurements are carried out at fine time granularity..Madurai Trichy KollamElysium Technologies Private Limited Elysium Technologies Private Limited Elysium Technologies Private Limited230, Church Road, Annanagar, 3rd Floor,SI Towers, Surya Complex,Vendor junction,Madurai , Tamilnadu – 625 020. 15 ,Melapudur , Trichy, kollam,Kerala – 691 010.Contact : 91452 4390702, 4392702, 4394702. Tamilnadu – 620 001. Contact : 91474 2723622.eMail: info@elysiumtechnologies.com Contact : 91431 - 4002234. eMail: elysium.kollam@gmail.com eMail: elysium.trichy@gmail.com 9

×