Learn More
In this paper we survey issues and challenges in enhancing the survivability of mobile wireless networks, with particular emphasis on military requirements*. Research focus on three key aspects can significantly enhance network survivability: (i) establishing and maintaining survivable topologies that strive to keep the network connected even under attack,(More)
We present decoy routing, a mechanism capable of circumventing common network filtering strategies. Unlike other circumvention techniques, decoy routing does not require a client to connect to a specific IP address (which is easily blocked) in order to provide circumvention. We show that if it is possible for a client to connect to any unblocked(More)
Experts have long recognized that theoretically it was possible to perform traffic analysis on encrypted packet streams by analyzing the timing of packet arrivals (or transmissions). We report on experiments to realize this possiblity using basic signal processing techniques taken from acoustics to perform traffic analysis on encrypted transmissions over(More)
Imagine a world in which every device has an embedded processor and a high-speed wireless link. Any two devices can talk to each other and you link devices together as needed to get your work done. Devices with embedded processors and wireless links are coming soon. This paper looks at some of the problems we have to overcome to make it possible to link(More)
This article introduces Smart Packets and describes the smart Packets architecture, the packet formats, the language and its design goals, and security considerations. Smart Packets is an Active Networks project focusing on applying active networks technology to network management and monitoring. Messages in active networks are programs that are executed(More)
We present the architecture, design, and implementation of a Smart Environment for Network Control, Monitoring and Management (SENCOMM). SENCOMM uses active network technology to comprise a Management Execution Environment (SMEE), which coexists with other execution environments (EEs). Management applications, called smart probes, run in the SMEE. A probe(More)
The Internet is an extremely complex system, and it is essential that we be able to make accurate measurements in order to understand its underlying behavior or to detect improper behavior (e.g., attacks). The reality, however, is that it is impractical to fully instrument anything but relatively small networks and impossible to even partially instrument(More)
— Recent studies have shown that signal-processing techniques are quite valuable for the modeling and analysis of modern networks and network traffic [1] [2]. However, to date most of these studies have focused on characterizing the multi-scale and long-memory stochastic nature of single streams or traces of non-encrypted network traffic. The key approach(More)
There is an urgent need for a pro-active approach to botnet detection and mitigation that will enable computer network defenders to characterize emerging and future bot-net threats and design effective defense techniques before these threats materialize. To this end, we have developed a System for Live Investigation of Next Generation bots (SLINGbot).(More)
—Flow correlation algorithms compare flows to determine similarity, and are especially useful and well studied for detecting flow chains through " stepping stone " hosts. Most correlation algorithms use only one characteristic and require all values in the correlation matrix (the correlation value of all flows to all other flows) to be updated on every(More)