Explore chapters and articles related to this topic
Providing Authentication, Trust, and Privacy in Wireless Mesh Networks
Published in Yan Zhang, Jun Zheng, Honglin Hu, Security in Wireless Mesh Networks, 2008
Secure packet forwarding is an approach to detect malfunctioning among the network elements and estimate a level of trust for each network element according to its forwarding behavior. Although a tool such as traceroute [35] could be used in detecting forwarding misbehavior and identify the offending mesh routers, an attacker can still treat traceroute packets differently or can tamper with the traceroute responses sent by other nodes. A secure traceroute SecTrace protocol [36] is developed to securely trace the existing traffic paths. SecTrace allows intermediate routers to prove the traffic reception rather than using implicit responses. In addition, SecTrace responses are authenticated to verify their origin and prevent spoofing and tampering. SecTrace is recommended for the community WMN environment to monitor end-to-end connectivity to other mesh nodes and to detect connectivity problems.
Reconnaissance
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Christos-Minas Mathas, Costas Vassilakis
In the case that an IDS is part of the network route, instead of passively listening, it may be possible detect its presence using traceroute. The traceroute utility lists the complete network path for reaching a target and for each hop within the path, the hop sequence, its name and IP address as well as the round-trip time to the hop are normally returned. However, IDSs and firewalls typically do not provide such information, and the traceroute utility accordingly displays only the hop number in its results. The presence, therefore, of such an incomplete line may signify the presence of an IDS.
Designing the Switch/Router
Published in James Aweya, Designing Switch/Routers, 2023
Other software tools include Ping [RFC792] and Traceroute [RFC1393]. Ping is a software tool used for testing end-to-end connectivity between two devices running the Ping software (e.g., two routers). Traceroute is a software tool used to determine the path packets travel over from one point on a network to another.
An Unsupervised Detection Method for Multiple Abnormal Wi-Fi Access Points in Large-Scale Wireless Network
Published in Applied Artificial Intelligence, 2022
There are three major methods to detect an abnormal device: 1) Using SNMP protocol (Matousek, Rysavy, and Polcak 2021; Wang 2020), WMI protocol (Yeh, Lai, and Lin 2012), or other private API interfaces to communicate with the device. In this way, we can obtain the performance, alarm, and configuration information from the device, which supports these protocols, or API interfaces. 2) Using ping (Gezer and Warner 2019; Lima et al. 2019), or traceroute (Xie et al. 2020) to obtain the round-trip time (RTT) data (Hou et al. 2021; Mirkovic, Armitage, and Branch 2018) from the device. This method is used to detect whether the device is online. 3) Sending the syslog (Zhao et al. 2021b) or trap (Bretan 2017) messages to the network management system immediately when the device status is changed. These existing methods can detect the offline AP, but cannot distinguish between normal and abnormal offline APs. It is necessary to detect abnormal APs by a new intelligent method.
Network node grouping algorithm and evaluation model based on clustering and Bayesian classifier
Published in International Journal of Computers and Applications, 2023
Network feature attributes of network nodes need to extract before grouping. The network feature attributes extracted in this paper include intrinsic attributes and measurement attributes. Fixed attributes are the intrinsic information of network nodes (including ISP and IP network segments); measurement belongs to the network communication information from the packet server nodes to the network nodes to group by using network tools such as Ping and Traceroute. Finally, a six-tuple is used to describe the characteristics of a network node:
A QoS guarantee approach for multimedia software system
Published in International Journal of Computers and Applications, 2020
For QoS guarantee, traditional rule-based methods [10] require explicit margins of QoS parameters; so, the scalability and efficiency cannot be satisfied. In order to address these issues, end-to-end approaches for QoS guarantee were proposed. Active approaches require the injection of probe packets into the network. The pioneering active approach [11] traceroutes between 37 participating sites are collected and analyzed to characterize the end-to-end performance issues. The authors of [12,13] propose to detect path outage among hosts using ping and localizes the observed path outage with traceroute. PlanetSeer [14] relies on active probes to diagnose the root cause of Internet path failures that are detected by passive monitoring the end users of a CDN service deployed on PlanetLab. Commercial systems such as Keynote [15] and Gomez [16] are also available to detect issues from the end users’ perspective by active probing. All these work employ active probing while ‘Argus’ purely depends on passive monitoring. Although the DiffServ architecture [17] supports end-to-end QoS guarantee, only a limited number of static QoS classes are provided. Obviously, it cannot meet the active fine-grained QoS demands of diverse services. Moreover, end-to-end QoS guarantee by DiffServ may require underlying hardware to support QoS guarantee, which will introduce an overhead to those core devices and lead to low efficiency. In addition, fine-grained QoS quantitative guarantee is difficult to be realized in this architecture because these fine-grained service anomalies are hard to be traced among ISPs due to commercial security problem. Besides, current research [10,18] on QoS diagnosis or QoS guarantee focused mainly on one specific criteria, such as packet loss rate, packet delay, and delay jitter, on one application. In fact, other factors, i.e. contexts in this study from different resources, should be considered in a comprehensive way because of their joint effects on a QoS metric.