Sharif Digital Repository

Network Telescopes are used to extract security features of large a?a?s targeted large net-works.In this method all tra?cs received targeted to an unused address blo? are processedto ?nd useful informations about descriptive parameters of work propagation.Currently all resear?es are focused on dark addresses or unused address blo?s, in this re-sear? the idea is generalized to cover used and white address blo?s. Also the structure ofnetwork telescope is de?ned with a new manner whi?added more details to prediction andestimation methods. To extract security features of a?a?events, a newmethod have been introduced for inferenceabout a?a? parameters. ?e proposed method may be used to predict... 

One way to control the type of data being transferred in the network is to check the header of the packet, but in networks that have high-speed data transmission or data can move through different routes, the probability of finding the first packet which contains the header reduces tremendously, and the usage of the methods mentioned below becomes clear. So even if the packet header isn’t received correctly, or the declarative features of these flows are changed, without having exact knowledge of the data transferred, you can use a limited number of packets to obtain information such as the type and protocol being used. This is possible with the help of statistical data analysis.Traffic... 

Mobile ad hoc networks have been attracted the attention of many researchers during last years. One of the major concerns faces such networks is the security issue. The root of this concern is the fact that the intermediate nodes have the responsibility of packet transportation and forwarding. The nodes inside the mobile ad hoc networks assumed to be trusty while they can read, change or drop the transported packets. Cryptography as the cornerstone of the security could be play an essential role in such networks. Any cryptosystem need some keys to be able to secure communications. In large scale mobile ad hoc networks storing the whole keys in all nodes is inefficient, if possible, due to... 

Software Defined Networks provide programmability and centralized control for network’s administrator. Like other networks, security problems are important in these networks, but there is not enough research in this area. The problem being discussed here is to elevate the security level in software defined networks using centralized control and programmability of these networks. We will accomplish this purpose by using hosts and controller at the same time to prevent unwanted traffic from entering the network. By using this approach, we will be able to remove many short comings of these networks and implement security systems, like intrusion detection systems, more efficient. One of these... 

In recent years, internet traffic is experiencing an explosive growth. High performance networking in large scale computer networks creates several security challenges. Exploiting Deep Packet Inspection (DPI) is regarded as a big challenge especially for massive data when number of concurrent connections grows. Using simple security based on network layer data can easily avaded by attackers and also can not detect more sophisticated attacks like DDoS. In this paper we proposed a new grammar model named bidirectional asynchronous counting grammar and it’s automata. With this grammar model we can define policies based on extracted fields in both request and response flows. Using new model of... 

The improvments in computer networks and video compression techniques have motivated the network engineers to broadcast video over the Internet. Recently, Peer-to-Peer networks have been considered as a suitable way for video streaming. P2P networks are distributed and there’s no central management mechanism in them. In addition, video has a time-sensitive nature. Therefore, these networks are vulnerable to security attacks. Denial of Service attacks, attacks on the membership management mechanism, attacks on neighbors selection mechanism, selfish nodes and content pollution attacks are common attack on Peer-to-Peer Video Streaming networks. In a content pollution attack, one or several... 

Wireless Sensor Networks (WSNs) are comprised of small sensor nodes with very limitedstorage, power and computational capabilities. The nodes in wireless sensor networks should be able to communicate with each other in order to accumulate information and to relay it to a base station in a secure manner. Since this communication often takes place in a hostile environment, encryption and/or authentication should be used. This requires the establishment of secure keys between the sensor nodes in the WSN. The constraints of such a lightweight distributed computing environment lend itself to the use of symmetric cryptography to provide security services. The lack of central infrastructure after... 

Wireless technology can now be seen almost everywhere. This technology has recently become very popular, and with the convenience that comes with its use, it will probably be the most commonly used technology among computer networks in the near future. Unfortunately, new technology is always under fire when it comes to security.So that this type of network security has become a big challenge for them.
The researchers approach to security in wireless networks that have a lot of attention is the use of intrusion detection systems. An intrusion detection system (IDS) monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. In some cases... 

One of the most important steps in the process of network forensics is attacker attribution and tracing the victims of the attack. In some situations, there is no other information to track the attacker except the payload of packet. Network security professionals have introduced payload attribution techniques to attribute this type of attacks. In payload attribution techniques, a history of network traffic is stored so that after the attack, it can be queried to trace the source and destination of excerpts. Due to the high volume of traffic in today's networks, payload attribution techniques should be able to store traffic in compressed format so that querying on this data be done easily at... 

Smart grids are the new generation of power grids that combine the power distribution grid with the communications network. The purpose of these networks is to create a secure, two-way infrastructure for the transmission of power and information. The complex structure of smart grids, along with the inherent vulnerabilities of physical systems, old devices and protocols on the network and the need for backward compatibility, have created serious cyber risks to critical assets and infrastructures. The difference between these types of networks and conventional computer networks has made the security mechanisms developed in conventional computer networks not very suitable for these types of... 

Due to the rapid development of computer networks, security is a major concern. Methods of intruding computer networks are also rapidly developing, and there is a new method every day. These facts corroborate the need for new and more intelligent mechanisms for detecting intrusion. To detect intrusion, one must analyze the network traffic. The most used traditional methods of traffic separation are port-based and payload based detection. The former is not so efficient, and the latter is not only inefficient but also violates the privacy of users. Unsatisfied by such methods, researchers adopted machine learning techniques and tried to develop new solutions for detecting intrusion. Methods... 

The rapid advancement of information technology and computer networks raised concerns of the users and network administrators regarding security. The development of computer networks and the increase in the number of specialists in this field led to the increase in the number of people who seek to abuse these networks, people known as attackers. The attackers look for security defects in a network to penetrate and abuse it proportionate to their needs. Considering the risks of these attacks, it is necessary to have an intrusion detection system (IDS). IDSs are capable of detecting attack traffic or suspected traffic, then, they alert the network administrators, and consequently, stop the...