ChowSCID1 Secure Collective Internet Defense (SCID) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

Slides:

Advertisements

Similar presentations

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

Advertisements

Extensible Manet Auto-configuration Protocol (EMAP) draft-ros-autoconf-emap-02.txt Pedro M. Ruiz Francisco J. Ros March, 2006 Dallas, USA 65 th IETF.

On Proxy Server based Multipath Connections (PSMC) PhD Proposal Yu Cai 12/2003 University of Colorado at Colorado Springs.

IPv6 Series – APJII-ID 2003 Report 25 March 2003 IIXv6[  ] ISPv6[  ] MIPv6[  ] ‘Status of Adoption of IPv6 In Indonesia’ Bangkok, 20 – 21 March 2003.

Design Deployment and Use of the DETER Testbed Terry Benzel, Robert Braden, Dongho Kim, Clifford Informatino Sciences Institute

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.

Distributed Denial of Service Attacks: Characterization and Defense Will Lefevers CS522 UCCS.

Firewall Configuration Strategies

System and Network Security Practices COEN 351 E-Commerce Security.

Firewalls and Intrusion Detection Systems

RASD Rapid Adaptive Secure DNS Matthew Weaver Jeremy Witmer Dr. Chow, Advising CS 622 – Fall 2007.

Design and Implementation of Alternative Route Against DDOS Jing Yang and Su Li.

Explore the use of multiple gateways for intrusion detection defense Sunil Bhave & Sonali Patankar CS526 Fall 2002.

On Proxy Server based Multipath Connections (PSMC) PhD Proposal Yu Cai 10/2003 University of Colorado at Colorado Springs.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

1 TPAC 10/10/2003 chow C. Edward Chow Department of Computer Science University of Colorado at Colorado Springs C. Edward Chow Department of Computer Science.

PSMC Proxy Server-based Multipath Connection CS 526 Advanced Networking - Richard White.

Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.

ChowSCOLD1 Secure Collective Defense Network (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

RASD Rapid Adaptive Secure DNS Matthew Weaver Jeremy Witmer Dr. Chow, Advising CS 622 – Fall 2007.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs.

Secure Collective Internet Defense (SCID) Yu Cai 05/30/2003

1 Routing as a Service Karthik Lakshminarayanan (with Ion Stoica and Scott Shenker) Sahara/i3 retreat, January 2004.

Enhanced Secure Dynamic DNS Update with Indirect Route David Wilkinson, C. Edward Chow, Yu Cai 06/11/2004 University of Colorado at Colorado Springs IEEE.

ChowSCOLD1 Secure Collective Internet Defense (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

Investigations into BIND Dynamic Update with OpenSSL by David Wilkinson.

1 Cybersecurity Symposium 9/19/2003 chow C. Edward Chow Yu Cai Dave Wilkinson Department of Computer Science University of Colorado at Colorado Springs.

1 DACAManet Proposer’s Workshop UCCS-Raytheon Terry Boult C. Edward Chow Department of Computer Science University of Colorado at Colorado Springs Leland.

1 Security Research 2/7/2003 chow C. Edward Chow Department of Computer Science University of Colorado at Colorado Springs C. Edward Chow Department of.

Autonomous Anti-DDoS Network V2.0 (A2D2-2) Sarah Jelinek University Of Colorado, Colo. Spgs. Spring Semester 2003, CS691 Project.

Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.

Wireless Ad Hoc VoIP Thesis by: Patrick Stuedi & Gustavo Alonso Presentation by: Anil Kumar Marukala & Syed Khaja Najmuddin Ahmed.

By: Paul Albert.  Project Description  Design Protocols  User Profiles  Deliverables  Timeline  Budget  Demonstration  Conclusion.

1 Security Research 1/10/2003 chow C. Edward Chow Department of Computer Science University of Colorado at Colorado Springs C. Edward Chow Department of.

Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.

Trust and Reputation Based mechanisms for CIP Uniparthenope, UniRC, Polito (Fai della Paganella, Febbraio 2014)

“Securing IP Multimedia Subsystem (IMS) infrastructures …,” M. Tsagkaropoulos UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Chow6/23/2003 sgfr1 SFGR: Secure Groupware for First Responder C. Edward Chow Chip Benight Ganesh Godavari.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

Application of Content Computing in Honeyfarm Introduction Overview of CDN (content delivery network) Overview of honeypot and honeyfarm New redirection.

XMPP Concrete Implementation Updates: 1. Why XMPP 2 »XMPP protocol provides capabilities that allows realization of the NHIN Direct. Simple – Built on.

1 ITS-ZeeWave Meeting 2/26/2004 UCCS Chow C. Edward Chow Department of Computer Science University of Colorado at Colorado Springs C. Edward Chow Department.

1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.

Scalable Grid system– VDHA_Grid: an e-Science Grid with virtual and dynamic hierarchical architecture Huang Lican College of Computer.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Information Security Dashboard Senior Design Spring 2008 Brian Rappach.

Domain and Type Enforcement Firewalls Karen Oostendorp, Lee Badger, Christopher Vance, Wayne Morrison, Michael Petkac, David Sherman, Daniel Sterne Trusted.

Outline of the Talk UCCS CS Programs/Network Security Lab Brief Overview of Distributed Denial of Services (DDoS) Intrusion Tolerance with Multipath Routing.

Monitoring and Securing New Functions Deployed in a Virtualized Networking Environment Bertrand Mathieu, Guillaume Doyen, Wissam Mallouli, Thomas Silverston,

5/28/03Chow NISSC Proposal1 NISSC Call For Proposal Grants for Homeland Security/Defense 5/27/2003 Summer Deadline 7/1/2003 Fall Deadline.

Exam 2 Review CS461/ECE422 Fall Exam guidelines Same as for first exam A single page of supplementary notes is allowed  8.5x11. Both sides. Write.

1 Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Architecture Technology Corporation Odyssey Research Associates DARPA OASIS PI.

Intrusion Tolerant Distributed Object Systems Joint IA&S PI Meeting Honolulu, HI July 17-21, 2000 Gregg Tally

C. Edward Chow Department of Computer Science

Network Security Analysis Name : Waleed Al-Rumaih ID :

High Performance Computing Lab.

Network Services, Cloud Computing, and Virtualization

ISMS Information Security Management System

Final Conference 18 Set 2018.

SFGR: Secure Groupware for First Responder

Mobile Networking Through Mobile IP

Presentation transcript:

ChowSCID1 Secure Collective Internet Defense (SCID) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from NISSC; and a seed grant from EAS RDC.

ChowSCID2 Goals of SCID Project The goal of the project is to investigate techniques for enhancing Internet security and protecting the Internet Infrastructure through collective defense. SCID explores the use of alternate gateways and a collection of proxy servers for intrusion tolerance. SCID pushes back intrusion attacks using an enhanced IDIP (Intrusion Detection and Isolation Protocol) and SLP (Service Location Protocol).

ChowSCID3 SCID View Graph

ChowSCID4 SCID View Graph

ChowSCID5 Timeline and Deliverables Phase 1. 6/2/2003-7/9/2003 (feasibility study)  Extend Bind9 DNS with Secure DNS update/query including indirect routing entries  Develop indirect routing with IP tunnel  NISSC Midterm Report. Phase 2. 7/10/2003-8/9/2003 (SCID 0.1 development)  Develop SCID protocol among SCID coordinator, proxy server, DNS server, and target.  Integrate proxy server with A2D2 for intrusion detection.  Enhance A2D2 IDS with IDIP protocol for intrusion push back. Phase 3. 8/10/2003-9/9/2003  Create test scripts and benchmark to evaluate SCID version 0.1 system;  Suggest improvements to SCID version 0.2 system.  NISSC Final Report.

ChowSCID6 Status Extended Bind9 DNS with DNS update with new indirect routing entry/query Developing client side indirect routing with IP tunnel Setting up the SCID prototype test bed.