Browsing by Author "Ransbottom, J. Scot"
Now showing 1 - 6 of 6
Results Per Page
Sort Options
- Mobile Wireless System Interworking with 3G and Packet Aggregation for Wireless LANRansbottom, J. Scot (Virginia Tech, 2004-04-21)This research considered the efficient transmission of data within a wireless local area network (WLAN) system. A simulation model was developed to study the performance of our protocol, AGG-MAC (aggregated medium access control). AGG-MAC is a simple and elegant medium access control (MAC) protocol designed to improve performance by transmitting a maximal quantity of data with minimal overhead. Our enhancement to IEEE 802.11, AGG-MAC yields dramatic improvements in both local and global throughput. It furthermore reduces jitter in support of real time communications requirements such as voice over IP (VoIP). In support of heterogeneous roaming between Third Generation (3G) Wideband CDMA (WCDMA), specifically Universal Mobile Telecommunications System (UMTS) and WLAN systems, we constructed a simulation environment which allowed the evaluation of AGG-MAC in such a system. We further demonstrated the suitability of AGG-MAC throughout a range of infrastructure and ad hoc based WLAN scenarios. The AGG-MAC protocol enhancement provides significant performance improvements across a range of wireless applications, while interoperating with standard IEEE 802.11 stations. Performance is commensurate to original WLAN MAC performance for applications that do not benefit from packet level aggregation. The key contributions of this research were two-fold. First was the development of an OPNET simulation environment suitable for evaluation of future protocols supporting tightly coupled, heterogeneous WLAN and 3G systems. Secondly was the implementation and testing of the AGG-MAC protocol which aggregates suboptimal size packets together into a single frame, thereby amortizing the overhead.
- Privacy Preserving Network Security Data AnalyticsDeYoung, Mark E. (Virginia Tech, 2018-04-24)The problem of revealing accurate statistics about a population while maintaining privacy of individuals is extensively studied in several related disciplines. Statisticians, information security experts, and computational theory researchers, to name a few, have produced extensive bodies of work regarding privacy preservation. Still the need to improve our ability to control the dissemination of potentially private information is driven home by an incessant rhythm of data breaches, data leaks, and privacy exposure. History has shown that both public and private sector organizations are not immune to loss of control over data due to lax handling, incidental leakage, or adversarial breaches. Prudent organizations should consider the sensitive nature of network security data and network operations performance data recorded as logged events. These logged events often contain data elements that are directly correlated with sensitive information about people and their activities -- often at the same level of detail as sensor data. Privacy preserving data publication has the potential to support reproducibility and exploration of new analytic techniques for network security. Providing sanitized data sets de-couples privacy protection efforts from analytic research. De-coupling privacy protections from analytical capabilities enables specialists to tease out the information and knowledge hidden in high dimensional data, while, at the same time, providing some degree of assurance that people's private information is not exposed unnecessarily. In this research we propose methods that support a risk based approach to privacy preserving data publication for network security data. Our main research objective is the design and implementation of technical methods to support the appropriate release of network security data so it can be utilized to develop new analytic methods in an ethical manner. Our intent is to produce a database which holds network security data representative of a contextualized network and people's interaction with the network mid-points and end-points without the problems of identifiability.
- Securing the Public Cloud: Host-Obscure Computing with Secure EnclavesCain, Chandler Lee (Virginia Tech, 2021-01-12)As the practice of renting remote computing resources from a cloud computing platform becomes increasingly popular, the security of such systems is a subject of continued scrutiny. This thesis explores the current state of cloud computing security along with critical components of the cloud computing model. It identifies the need to trust a third party with sensitive information as a substantial obstacle for cloud computing customers. It then proposes a new model, Host-Obscure Computing, for a cloud computing service using secure enclaves and encryption that allows a customer to execute code remotely without exposing sensitive information, including program flow control logic. It presents a proof of concept for a secure cloud computing service using confidential computing technology, cryptography, and an emulator that runs in a secure memory space. It then provides an analysis of its effectiveness at reducing data exposure and its performance impact. Finally, it analyzes this model's advantages and its potential impact on the cloud computing industry.
- Strengthening MT6D Defenses with Darknet and Honeypot capabilitiesBasam, Dileep Kumar (Virginia Tech, 2015-12-09)With the ever increasing adoption of IPv6, there has been a growing concern for security and privacy of IPv6 networks. Mechanisms like the Moving Target IPv6 Defense (MT6D) leverage the immense address space available with the new 128-bit addressing scheme to improve security and privacy of IPv6 networks. MT6D allows participating hosts to hop onto new addresses, that are cryptographically computed, without any disruption to ongoing conversations. However, there is no feedback mechanism in the current MT6D implementation to substantiate the core strength of the scheme i.e., to find an attacker attempting to discover and target any MT6D addresses. This thesis proposes a method to monitor the intruder activity targeting the relinquished addresses to extract information for reinforcing the defenses of the MT6D scheme. Our solution identifies and acquires IPv6 addresses that are being discarded by MT6D hosts on a local network, in addition to monitoring and visualizing the incoming traffic on these addresses. This is essentially equivalent to forming a darknet out of the discarded MT6D addresses. The solution's architecture also includes an ability to deploy a virtual (LXC-based) honeypot on-demand, based on any interesting traffic pattern observed on a discarded address. With this solution in place, we can become cognizant of an attacker trailing an MT6D-host along the address changes, as well as understanding the composition of attack traffic hitting the discarded MT6D addresses. With the honeypot deployment capabilities, the solution can take the conversation forward with the attacker to collect more information on attacker methods and delay further tracking attempts. The solution architecture also allows an MT6D host to query the solution database for network activity on its relinquished addresses as a JavaScript Object Notation (JSON) object. This feature allows the MT6D host to identify any suspicious activity on its discarded addresses and strengthen the MT6D scheme parameters accordingly. We have built a proof-of-concept for the proposed solution and analyzed the solution's feasibility and scalability.
- Strengthening MT6D Defenses with LXC-Based Honeypot CapabilitiesBasam, Dileep; Ransbottom, J. Scot; Marchany, Randolph C.; Tront, Joseph G. (Hindawi, 2016-04-20)Moving Target IPv6 Defense (MT6D) imparts radio-frequency hopping behavior to IPv6 networks by having participating nodes periodically hop onto new addresses while giving up old addresses. Our previous research efforts implemented a solution to identify and acquire these old addresses that are being discarded by MT6D hosts on a local network besides being able to monitor and visualize the incoming traffic on these addresses. This was essentially equivalent to forming a darknet out of the discarded MT6D addresses, but the solution presented in the previous research effort did not include database integration for it to scale and be extended. This paper presents a solution with a new architecture that not only extends the previous solution in terms of automation and database integration but also demonstrates the ability to deploy a honeypot on a virtual LXC (Linux Container) on-demand based on any interesting traffic pattern observed on a discarded address. The proposed architecture also allows an MT6D host to query the solution database for network activity on its relinquished addresses as a JavaScript Object Notation (JSON) object. This allows an MT6D host to identify suspicious activity on its discarded addresses and strengthen the MT6D scheme parameters accordingly. We have built a proof-of-concept for the proposed solution and analyzed the solution’s feasibility and scalability.
- WIP: The Feasibility of High-performance Message Authentication in Automotive Ethernet NetworksAllen, Evan; Bowden, Zeb; Marchany, Randy; Ransbottom, J. Scot (2023-02-27)Modern vehicles are increasingly connected systems that expose a wide variety of security risks to their users. Message authentication prevents entire classes of these attacks, such as message spoofing and electronic control unit impersonation, but current in-vehicle networks do not include message authentication features. Latency and throughput requirements for vehicle traffic can be very stringent (<0.1 ms and >100 Mbps in cases), making it difficult to implement message authentication with cryptography due to the overheads required. This work investigates the feasibility of implementing cryptography-based message authentication in Automotive Ethernet networks that is fast enough to comply with these performance requirements. We find that it is infeasible to include Message Authentication Codes in all traffic without costly hardware accelerators and propose alternate approaches for future research.