Network Security: Current Status and Future Directions
Format: PDF / Kindle (mobi) / ePub
A unique overview of network security issues, solutions, and methodologies at an architectural and research level
Network Security provides the latest research and addresses likely future developments in network security protocols, architectures, policy, and implementations. It covers a wide range of topics dealing with network security, including secure routing, designing firewalls, mobile agent security, Bluetooth security, wireless sensor networks, securing digital content, and much more.
Leading authorities in the field provide reliable information on the current state of security protocols, architectures, implementations, and policies. Contributors analyze research activities, proposals, trends, and state-of-the-art aspects of security and provide expert insights into the future of the industry.
Complete with strategies for implementing security mechanisms and techniques, Network Security features:
State-of-the-art technologies not covered in other books, such as Denial of Service (DoS) and Distributed Denial-of-Service (DDoS) attacks and countermeasures
Problems and solutions for a wide range of network technologies, from fixed point to mobile
Methodologies for real-time and non-real-time applications and protocols
of Electrical and Electronics Engineers (IEEE) 802.11. The security of IEEE 802.11 is discussed in Chapter 17. Chapter 18 refers to the security issues of another popular wireless protocol, Bluetooth. Chapter 19 analyzes mobile telecom network security, where emphasis is given on the efﬁciency impact of security measures in these networks. References 11 Another case of wireless networks is the class of wireless ad hoc networks, where the network services are provided through cooperation of
for the AH SA. A ﬁeld that may change in transit and whose value on arrival is unpredictable is set to zero for purposes of calculation at both source and destination. • The AH other than the authentication data ﬁeld. The authentication data ﬁeld is set to zero for purposes of calculation at both source and destination. • The entire upper level protocol data, which are assumed to be immutable in transit (e.g., a TCP segment or an inner IP packet in tunnel mode). For IPv4, examples of immutable
destructive worms , combined with the requirement to monitor potentially thousands of IDS sensors, some argue the IDS output should be diverted to automatically disable suspect services. Others argue, in the classic form of , that there always needs to be a “human in the loop” and research efforts should be focused on improved data reduction and presentation methods. Regardless, what to do with the output of IDSs does not diminish the need for IDSs in the ﬁrst place. Consequently, the
computers of corporations, universities, and private individuals. They proposed a new technique, called “backscatter analysis.” This technique estimates the worldwide DoS activity. This research provided the only data Network Security: Current Status and Future Directions, Edited by C. Douligeris and D. N. Serpanos Copyright © 2007 the Institute of Electrical and Electronics Engineers, Inc. 117 118 Chapter 8 Denial-of-Service Attacks quantifying DoS attacks that are available to the public
target host or by using such applications to drain the resources of their victim. It is also possible that the attacker may have found points of high algorithmic complexity and exploits them in order to consume all available resources on a remote host. One example of an application-based attack is the ﬁnger bomb . A malicious user could cause the ﬁnger routine to be recursively executed on the victim in order to drain its resources. 4. In data ﬂooding attacks, an attacker attempts to use the