Learn More
—In July 2008, the Kaminsky attack showed that DNS is sensitive to cache poisoning, and DNSSEC is considered the long term solution to mitigate this attack. A lot of technical documents provide configuration and security guide lines to deploy DNSSEC on organization's servers. However, such documents do not provide ISP or network administrators inputs to(More)
—To manage the huge demand on traffic, the Internet Service Providers (ISP) are offloading its mobile data from Radio Access Networks (RAN) to Wireless Access Networks (WLAN). While these RANs are considered trusted networks, WLANs need to build a similar trusted zone in order to offer the same security level and Quality of Service (QoS) to End-Users (EU).(More)
—To face the huge demand on mobile traffic, ISPs are looking to offload traffic of their Radio Access Network to WLAN. Currently I-WLAN is the proposed offload architecture by 3GPP which tunnels the traffic to a Security Gateway. This paper proposes for ISPs an ISP Offload Infrastructure which minimizes the infrastructure cost deployment, and which can be(More)
Although there is a strong need to deploy secure communications in home networks and for Machine-to-Machine (M2M) environment, to our knowledge the impact of authenticated encryption migration has not been evaluated yet. As the security performance issue is especially critical for wireless environment, this paper measures the effect of the security settings(More)
Network packet transport services (namely the Internet) are subject to significant security issues. This paper aims to apply Machine Learning methods based on Neural Networks (Extreme Learning Machines or ELM) to analyze the Internet traffic in order to detect specific malicious activities. This is performed by classifying traffic for a key service run over(More)
Radio Access Network (RAN) are likely to be overloaded, and some places will not be able to provide the necessary requested bandwidth. In order to respond to the demand of bandwidth, overloaded RAN are currently offloading their traffic on WLAN. WLAN Access Points like (ISP provided xDSL boxes) are untrusted, unreliable and do not handle mobility. As a(More)
Several Virtual Private Networks are based on IPsec. However, IPsec has not been designed with elasticity in mind, which makes clusters of IPsec security gateways hard to manage for providing high Service Level Agreement (SLA). Thus, these SG clusters need management techniques to maintain their Quality of Service. For example, ISPs use VPNs to secure(More)
—DNSSEC deployment for large Internet Service Provider (ISP) is an important issue. With the current architecture , the migration of current DNS resolving platforms requires 5 times more nodes. This paper introduces alternative architectures where the DNS traffic is split between the nodes of the platform according to the queried Fully Qualified Domain(More)