I won't go into too much detail in this blog about what wireless tomography is, but I am pretty sure that it will be the topic for my research proposal. It is the idea we have been discussing in our research meetings and I think working on it will help me understand the research better and hopefully come up with some new ideas for the research.
I feel that it will be a useful topic for me to study because, once the class is complete, the ideas I formulate will still be useful. Whereas, if I tried to find a different area of research related to wireless networking, my efforts would most likely bring nothing to fruition.
Friday, December 10, 2010
Thursday, December 9, 2010
Can't Get Enough of Network Security
Most of the security papers we looked at this week seemed to discuss anomaly detection, I am not sure if this is just the new fad in Network Security, but it seems like Kalman Filtering does a good job (at least in detecting denial of service attacks) while the newly presented ASTUTE protocol seems to take note of other anomalies in the system. Of course, given the nature of Network Security, there will always be a need for new anomaly detection systems as attackers work out how to circumvent the current systems.
The paper I enjoyed the most was a paper that attempted to increase fairness by using a credit system. I am interested in the ideas of incentives to work fairly, while the security nature of the system was focused on making sure people don't cheat the system. I think that it's a very interesting dilemma, since there usually is no incentive to fairly share the network, but integrating it into the system so that people have a greater incentive (and aren't forced) to share seems like an interesting area of research. Overall, I feel that Network Security has a lot of potential, but I'm not sure how much I would enjoy the cat and mouse view of research. I might just focus on wireless networks for now.
The paper I enjoyed the most was a paper that attempted to increase fairness by using a credit system. I am interested in the ideas of incentives to work fairly, while the security nature of the system was focused on making sure people don't cheat the system. I think that it's a very interesting dilemma, since there usually is no incentive to fairly share the network, but integrating it into the system so that people have a greater incentive (and aren't forced) to share seems like an interesting area of research. Overall, I feel that Network Security has a lot of potential, but I'm not sure how much I would enjoy the cat and mouse view of research. I might just focus on wireless networks for now.
Tuesday, December 7, 2010
The Scope of Network Security
Today I realized there really is a lot more involved in Network Security then I had originally imagined. My paper covered machine-learning for anomaly detection, while we also discussed spam filtering, botnets (and how to attack them), improving DNS in order to track malicious activity, and even outsourcing network management in an attempt to improve network security (which reminds me too much of the movie "The Net" to sound like a safe and viable solution).
Maybe I hadn't realized that there was such a wide variety because I haven't researched much in this area, or maybe because I haven't been exposed to all the different ways that "bad guys" try and attack a network, but this topic has been a really eye-opening experience. I mean Hollywood glamorizes hacking all the time, but these papers discuss serious threats that could have serious ramifications. Seeing a real-life perspective of cyber-terrorism is interesting and it starts to make sense why it has become more of a cat and mouse game.
Some of the papers had really intuitive ideas to deal with attackers, and even tutorial papers like the ones I read play an important part. As my professor stated in class, tutorial papers do a great job at focusing the field in the right direction, so that students working on their Master's can understand how to proceed if they are new to the area and can help the community as a whole fight the "bad guys."
Maybe I hadn't realized that there was such a wide variety because I haven't researched much in this area, or maybe because I haven't been exposed to all the different ways that "bad guys" try and attack a network, but this topic has been a really eye-opening experience. I mean Hollywood glamorizes hacking all the time, but these papers discuss serious threats that could have serious ramifications. Seeing a real-life perspective of cyber-terrorism is interesting and it starts to make sense why it has become more of a cat and mouse game.
Some of the papers had really intuitive ideas to deal with attackers, and even tutorial papers like the ones I read play an important part. As my professor stated in class, tutorial papers do a great job at focusing the field in the right direction, so that students working on their Master's can understand how to proceed if they are new to the area and can help the community as a whole fight the "bad guys."
Sunday, December 5, 2010
Anomaly Detection
I just read a paper entitled "Outside the Closed World: On Using Machine Learning For Network Intrusion Detection," which was very interesting because of the other paper we recently read for class on Anomaly Detection. I understood this paper really well because instead of trying to introduce a new model for anomaly detection, it simply tried to explain two things: (i) why machine-learning hasn't been as effective in anomaly detection as it has been in other areas, e.g. natural language processing and product recommendation systems, and (ii) how researchers can approach this area successfully.
I haven't read too many papers like this, but there must be plenty who try and steer research in the right direction. Some of the authors insights were intuitive, while others seemed fairly obvious. Overall, it helped me understand a little more how research is approached as opposed to how it should be approached. As for my own research, I am focusing on wireless networks, but I still have yet to decide what topic to choose for my proposal. I guess I will have to pick soon.
I haven't read too many papers like this, but there must be plenty who try and steer research in the right direction. Some of the authors insights were intuitive, while others seemed fairly obvious. Overall, it helped me understand a little more how research is approached as opposed to how it should be approached. As for my own research, I am focusing on wireless networks, but I still have yet to decide what topic to choose for my proposal. I guess I will have to pick soon.
Wednesday, December 1, 2010
Monitoring Traffic
I have to admit, I wouldn't think of monitoring traffic to be network security, but then I realized that police often "monitor traffic" on the road to try and catch speeding "criminals", so I guess it should have made more sense.
Anyways, ASTUTE (a networking traffic monitor that looks for anomalies) takes an interesting approach in that it doesn't rely on previous data to find anomalies. While I don't understand the entire procedure it follows, I understand that this is a novel idea and, from the results, it appears to work fairly well compared to existing anomaly detectors.
Although anomaly detection doesn't focus only on network security, it is a benefit, on top of being able to find faults with the network structure and other intriguing events in the network. One thing I did learn from this paper was how many different ways there were to detect and prevent network attacks and that network security research can also be beneficial to more than just a single focused area.
Anyways, ASTUTE (a networking traffic monitor that looks for anomalies) takes an interesting approach in that it doesn't rely on previous data to find anomalies. While I don't understand the entire procedure it follows, I understand that this is a novel idea and, from the results, it appears to work fairly well compared to existing anomaly detectors.
Although anomaly detection doesn't focus only on network security, it is a benefit, on top of being able to find faults with the network structure and other intriguing events in the network. One thing I did learn from this paper was how many different ways there were to detect and prevent network attacks and that network security research can also be beneficial to more than just a single focused area.
All About Spam
No, not the canned spiced ham (spam) popular in Hawaii, but the annoyingly consistent spam emails that turn up in our e-mail inbox every day. Microsoft Research, by monitoring spam, have come up with AutoRE, a technique that allows them to capture up to 16-18% of spam that is not usually detected by common spam filters. AutoRE works well because it has a low false positive rate and is the first (known) automated system to be able to generate regular expression signatures, a technique that was previously only possible by human experts.
The most interesting thing about the paper published on AutoRE, is that the spam monitor is not a comprehensive spam reduction tool. Most papers try and focus on the amount of spam that can be stopped, while the AutoRE paper focuses on stopping spam created by botnets that have been difficult to stop in the past.
Perhaps the weirdest part of the paper was the anti-climactic ending, where AutoRE has not been tested on data in real-time, although it supposedly would be easy to do so. It is interesting that a paper like this was published at SIGCOMM when it appears that the actual implementation was unfinished, even though the preliminary results were fairly good.
In terms of network security, as my professor explained in class, it is just a cat and mouse game. People will find ways around these incredible innovations and that will essentially drive the research in Network Security. This paper is a great example as it explores the changing trends in botnets to try and avoid current spam filters.
The most interesting thing about the paper published on AutoRE, is that the spam monitor is not a comprehensive spam reduction tool. Most papers try and focus on the amount of spam that can be stopped, while the AutoRE paper focuses on stopping spam created by botnets that have been difficult to stop in the past.
Perhaps the weirdest part of the paper was the anti-climactic ending, where AutoRE has not been tested on data in real-time, although it supposedly would be easy to do so. It is interesting that a paper like this was published at SIGCOMM when it appears that the actual implementation was unfinished, even though the preliminary results were fairly good.
In terms of network security, as my professor explained in class, it is just a cat and mouse game. People will find ways around these incredible innovations and that will essentially drive the research in Network Security. This paper is a great example as it explores the changing trends in botnets to try and avoid current spam filters.
Tuesday, November 30, 2010
Network Security
The next research area we are looking at in Networking is Network Security. Now while Wireless Networking may have a lot of promise in terms of research, I feel Network Security does also, maybe moreso than Wireless Networking. The problem with Network Security is that people are always finding ways to work around them, which means that there will also need to be new innovations in Network Security.
From what I have heard about Network Security, it would be interesting to see how Quantum Computing will affect the area. I am sure that Quantum Computing will change every area of computing especially in all areas networking, but the most I have heard about Quantum Computing is in security in general (which I am sure will affect Network Security).
From what I have heard about Network Security, it would be interesting to see how Quantum Computing will affect the area. I am sure that Quantum Computing will change every area of computing especially in all areas networking, but the most I have heard about Quantum Computing is in security in general (which I am sure will affect Network Security).
Subscribe to:
Posts (Atom)