This paper presents a remote, undetectable, high accuracy mechanism to infer Skype voice traffic on WiFi networks with a success rate of similar or equal to 97% and only a similar or equal to 3% false positive rate. I...
详细信息
ISBN:
(纸本)9781479967704
This paper presents a remote, undetectable, high accuracy mechanism to infer Skype voice traffic on WiFi networks with a success rate of similar or equal to 97% and only a similar or equal to 3% false positive rate. In spite of any encryption scheme employed, we infer user activity by exploiting a variety of frame size and interarrival time distributions. We demonstrate ways to use these efficiently and optimise the Random Forest classifier generated. The final product is an efficient classifier that we believe can be implemented at very low-cost on portable, commodity hardware. Given its design and the side-channel data used, these methods should easily generalise to other encrypted communication methods such as 4G LTE. With longer range wireless communications becoming more prevalent, and increased commercial interest in tracking and analysing publicly broadcast wireless data, this paper highlights a plausible threat to users' private activities.
MPTCP is a new transport protocol that enables mobile devices to use several physical paths simultaneously through multiple network interfaces, such as WiFi and cellular. However, wireless path characteristics change ...
详细信息
ISBN:
(纸本)9781479933600
MPTCP is a new transport protocol that enables mobile devices to use several physical paths simultaneously through multiple network interfaces, such as WiFi and cellular. However, wireless path characteristics change frequently in mobile environments, causing challenges for MPTCP: For example, WiFi associated paths often become unavailable as devices move, since WiFi has intermittent connectivity caused by the short signal range and susceptibility to interference. In this work, we improve MPTCP to manage path usage based on the associated link status. This variant, called MPTCP-MA, uses MAC-Layer information to locally estimate path quality and connectivity. By suspending/releasing paths based on their quality, MPTCP-MA can more effectively utilize restored paths. We have implemented and deployed MPTCP-MA in Linux and Android. Our experimental results show that MPTCP-MA can efficiently utilize an intermittently available path, with Wifi throughput improvements of up to 72 percent.
Boundary overflows are caused by violation of constraints, mostly limiting the range of internal values of program, and can be provoked by an intruder to gain control of or access to stored data. In order to counterme...
详细信息
ISBN:
(纸本)9781424445257
Boundary overflows are caused by violation of constraints, mostly limiting the range of internal values of program, and can be provoked by an intruder to gain control of or access to stored data. In order to countermeasure this well-known vulnerability issue, this paper focuses on input validation of graphical user interfaces (GUI). The approach proposed generates test cases for numerical inputs based on GUI specification through decision tables. If boundary overflow error(s) are detected, the source code will be analyzed to localize and correct the encountered error(s) automatically.
An extranet is used to connect businesses with their suppliers, customers or other businesses that share common goals in a way that automates their administrative interactions using Internet technology. The security o...
详细信息
An extranet is used to connect businesses with their suppliers, customers or other businesses that share common goals in a way that automates their administrative interactions using Internet technology. The security of the communications over Internet is considered an essential feature. To guarantee secure operation the aid of some user authentication infrastructure is needed. This paper introduces a public key infrastructure (PKI) and user identification scheme to be used in extranet applications. The flexibility of the system allows it to fit the usual hierarchical organization structure.
The objective of the paper is to carry out an analysis of tools used for performing external security audits. All the tools with the capacity to remotely detect vulnerabilities which are currently available in the mar...
详细信息
The objective of the paper is to carry out an analysis of tools used for performing external security audits. All the tools with the capacity to remotely detect vulnerabilities which are currently available in the market were used to carry out this analysis. Although these tools are sometimes used to carry out internal audits of operating systems, this paper is exclusively centred on the capacity that these tools have for detecting security holes in remote machines. To produce this paper we have used a testbed composed of two UNIX machines running Solaris 2.5, and a PC with Windows NT 4.0. Whenever versions of the tools permitted it, attacks were carried out from Windows NT against Solaris and vice versa.
暂无评论