Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 6 of 6
Full-Text Articles in Information Security
Dial "N" For Nxdomain: The Scale, Origin, And Security Implications Of Dns Queries To Non-Existent Domains, Gunnan Liu, Lin Jin, Shuai Hao, Yubao Zhang, Daiping Liu, Angelos Stavrou, Haining Wang
Dial "N" For Nxdomain: The Scale, Origin, And Security Implications Of Dns Queries To Non-Existent Domains, Gunnan Liu, Lin Jin, Shuai Hao, Yubao Zhang, Daiping Liu, Angelos Stavrou, Haining Wang
Computer Science Faculty Publications
Non-Existent Domain (NXDomain) is one type of the Domain Name System (DNS) error responses, indicating that the queried domain name does not exist and cannot be resolved. Unfortunately, little research has focused on understanding why and how NXDomain responses are generated, utilized, and exploited. In this paper, we conduct the first comprehensive and systematic study on NXDomain by investigating its scale, origin, and security implications. Utilizing a large-scale passive DNS database, we identify 146,363,745,785 NXDomains queried by DNS users between 2014 and 2022. Within these 146 billion NXDomains, 91 million of them hold historic WHOIS records, of which 5.3 million …
Passing Time And Syncing Secrets: Demonstrating Covert Channel Vulnerabilities In Precision Time Protocol (Ptp), Aron J. Smith-Donovan
Passing Time And Syncing Secrets: Demonstrating Covert Channel Vulnerabilities In Precision Time Protocol (Ptp), Aron J. Smith-Donovan
Mathematics, Statistics, and Computer Science Honors Projects
Covert channels use steganographic approaches to transfer secret digital communications; when applied to network protocols, these strategies can facilitate undetectable data exfiltration and insertion attacks. Because covert channel techniques are protocol- and implementation-specific, individual case studies are necessary to assess for vulnerabilities under different conditions. While several investigations have been published evaluating covert channel potential in infrastructure- and manufacturing-based contexts, no existing research explores Precision Time Protocol (PTP), a time synchronization protocol commonly used in industrial control systems. This study aims to fill this gap by demonstrating the feasibility of a covert channel-based attack on a PTP-enabled network.
A Virtual Machine Introspection Based Multi-Service, Multi-Architecture, High-Interaction Honeypot For Iot Devices, Cory A. Nance
A Virtual Machine Introspection Based Multi-Service, Multi-Architecture, High-Interaction Honeypot For Iot Devices, Cory A. Nance
Masters Theses & Doctoral Dissertations
Internet of Things (IoT) devices are quickly growing in adoption. The use case for IoT devices runs the gamut from household applications (such as toasters, lighting, and thermostats) to medical, battlefield, or Industrial Control System (ICS) applications used in life or death situations. A disturbing trend is that for IoT devices is that they are not developed with security in mind. This lack of security has led to the creation of massive botnets that conduct nefarious acts. A clear understanding of the threat landscape IoT devices face is needed to address these security issues. One technique used to understand threats …
Attacker Capability Based Dynamic Deception Model For Large-Scale Networks, Md Ali Reza Al Amin, Sachhin Shetty, Laurent Njilla, Deepak K. Tosh, Charles Kamhoua
Attacker Capability Based Dynamic Deception Model For Large-Scale Networks, Md Ali Reza Al Amin, Sachhin Shetty, Laurent Njilla, Deepak K. Tosh, Charles Kamhoua
Computational Modeling & Simulation Engineering Faculty Publications
In modern days, cyber networks need continuous monitoring to keep the network secure and available to legitimate users. Cyber attackers use reconnaissance mission to collect critical network information and using that information, they make an advanced level cyber-attack plan. To thwart the reconnaissance mission and counterattack plan, the cyber defender needs to come up with a state-of-the-art cyber defense strategy. In this paper, we model a dynamic deception system (DDS) which will not only thwart reconnaissance mission but also steer the attacker towards fake network to achieve a fake goal state. In our model, we also capture the attacker’s capability …
Paul Baran, Network Theory, And The Past, Present, And Future Of Internet, Christopher S. Yoo
Paul Baran, Network Theory, And The Past, Present, And Future Of Internet, Christopher S. Yoo
All Faculty Scholarship
Paul Baran’s seminal 1964 article “On Distributed Communications Networks” that first proposed packet switching also advanced an underappreciated vision of network architecture: a lattice-like, distributed network, in which each node of the Internet would be homogeneous and equal in status to all other nodes. Scholars who have subsequently embraced the concept of a lattice-like network approach have largely overlooked the extent to which it is both inconsistent with network theory (associated with the work of Duncan Watts and Albert-László Barabási), which emphasizes the importance of short cuts and hubs in enabling networks to scale, and the actual way, the Internet …
Controlled Access To Cloud Resources For Mitigating Economic Denial Of Sustainability (Edos) Attacks, Zubair A. Baig, Sadiq M. Sait, Farid Binbeshr
Controlled Access To Cloud Resources For Mitigating Economic Denial Of Sustainability (Edos) Attacks, Zubair A. Baig, Sadiq M. Sait, Farid Binbeshr
Research outputs 2014 to 2021
Cloud computing is a paradigm that provides scalable IT resources as a service over the Internet. Vulnerabilities in the cloud infrastructure have been readily exploited by the adversary class. Therefore, providing the desired level of assurance to all stakeholders through safeguarding data (sensitive or otherwise) which is stored in the cloud, is of utmost importance. In addition, protecting the cloud from adversarial attacks of diverse types and intents, cannot be understated. Economic Denial of Sustainability (EDoS) attack is considered as one of the concerns that has stalled many organizations from migrating their operations and/or data to the cloud. This is …