|
The following is a summary of my ongoing and recent projects: 1. Investigation of stealthy worm attacks (funded by Alcatel-Lucent and OCE): The focus of this project is to investigate the threat of stealthy worm attacks. Stealthy worms are those worms that do not exhibit noticeable activities while spreading or infecting systems compared to traditional worms. The intention is to explore this critical area where the number of stealthy worm attacks is on the rise across different platforms. The main motivation is to investigate this problem at an early stage before this type of worm becomes more prevalent. Current networking systems and equipment cannot detect stealthy worms as they use non-traditional methods of target discovery and propagation. The project’s objective is to identify to system designers the issues that need to be addressed in order to enable their equipment to deal with this problem. 2. Quantitative Evaluation Of Network Security (funded by Solana Networks and CITO): This project investigates the evaluation of network security using quantitative metrics. The main contribution is the experimental study carried out with real network traffic. The study is based on our Hierarchical Quantitative Metrics (HQM) model that enables the representation of important aspects of network security using quantitative metrics. The HQM model was experimentally demonstrated through an example set of Intrusion Detection metrics. 3. Clustering and Pattern analysis of Internet Traffic (collaboration with Carleton Computer Security Lab): This ongoing project originated from discussions in The NDoS Mitigation project (project #5). It investigates a new clustering-based traffic classification technique. In this technique, we attempt to apply a machine learning approach to learn the structure of packet contents in IP networks without making any assumptions about these contents. 4. Application-aware networking (with Alcatel Canada and CITO): This project investigated the creation of XML routing infrastructure for application-aware networking. In particular it investigated how to create scalable routing techniques to enable practical handling of the excessively large volume of publish-subscribe messages. One of the main outcomes of this project is the creation of an algorithm that generates an application-level topology of XML routers that has a fixed order which reduces the resources required to perform application-level routing. 5.
Mitigation of Network Denial of
Service (NDoS) (collaboration with Carleton
Computer Security Lab): This project explored mitigating network
denial-of-service (NDoS) attacks (attacks that consume network bandwidth) by
dynamically regulating learned classes of network traffic so that no one
application (potentially malicious) can consume all network bandwidth. This
learning is based on the similarity of packets contents using a variation of
n-grams, which we call (p,n)-grams (an n-byte pattern at position p in the
packet). This project involved the design and implementation of an off-line
tool for traffic analysis based on (p,n)-grams and the analysis of real
network traces from our lab. 6. Multilayer Peer-to-Peer (P2P) framework for virtual collaborative environments: This is a project started in one of my graduate courses (Network Computing). The project focused on developing a multilayer P2P framework for developing distributed synchronous collaborative systems. We have used the framework to develop a shared Web browser (the students implemented it using Java on top of the JXTA platform) which was tested over an Internet connection. This shared Web browser enables multiple users to do collaborative work on the Internet. |