Change search
Refine search result
1 - 8 of 8
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Garcia, Johan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Partial Signature Matching in an MPTCP World using Insert-only Levenshtein DistanceManuscript (preprint) (Other academic)
  • 2.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Garcia, Johan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Brunström, Anna
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Slice Distance: An Insert-Only Levenshtein Distance with a Focus on Security Applications2018In: Proceedings of NTMS 2018 Conference and Workshop, New York: IEEE, 2018, p. 1-5Conference paper (Refereed)
    Abstract [en]

    Levenshtein distance is well known for its use in comparing two strings for similarity. However, the set of considered edit operations used when comparing can be reduced in a number of situations. In such cases, the application of the generic Levenshtein distance can result in degraded detection and computational performance. Other metrics in the literature enable limiting the considered edit operations to a smaller subset. However, the possibility where a difference can only result from deleted bytes is not yet explored. To this end, we propose an insert-only variation of the Levenshtein distance to enable comparison of two strings for the case in which differences occur only because of missing bytes. The proposed distance metric is named slice distance and is formally presented and its computational complexity is discussed. We also provide a discussion of the potential security applications of the slice distance.

  • 3.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science.
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science.
    Automated Testing of IDS Rules2015In: Software Testing, Verification and Validation Workshops (ICSTW), 2015 IEEE Eighth International Conference on, IEEE conference proceedings, 2015Conference paper (Refereed)
    Abstract [en]

    As technology becomes ubiquitous, new vulnerabilities are being discovered at a rapid rate. Security experts continuously find ways to detect attempts to exploit those vulnerabilities. The outcome is an extremely large and complex rule set used by Intrusion Detection Systems (IDSs) to detect and prevent the vulnerabilities. The rule sets have become so large that it seems infeasible to verify their precision or identify overlapping rules. This work proposes a methodology consisting of a set of tools that will make rule management easier.

  • 4.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science.
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science.
    IDS rule management made easy2016In: Electronics, Computers and Artificial Intelligence (ECAI), 2016 8th International Conference on, IEEE conference proceedings, 2016Conference paper (Refereed)
    Abstract [en]

    Signature-based intrusion detection systems (IDSs) are commonly utilized in enterprise networks to detect and possibly block a wide variety of attacks. Their application in industrial control systems (ICSs) is also growing rapidly as modem ICSs increasingly use open standard protocols instead of proprietary. Due to an ever changing threat landscape, the rulesets used by these IDSs have grown large and there is no way to verify their precision or accuracy. Such broad and non-optimized rulesets lead to false positives and an unnecessary burden on the IDS, resulting in possible degradation of the security. This work proposes a methodology consisting of a set of tools to help optimize the IDS rulesets and make rule management easier. The work also provides attack traffic data that is expected to benefit the task of IDS assessment.

  • 5.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science.
    Lindskog, Stefan
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science. Karlstad University, Faculty of Health, Science and Technology (starting 2013).
    Multipath TCP IDS Evasion and Mitigation2015In: Information Security: 18th International Conference, ISC 2015, Trondheim, Norway, September 9-11, 2015, Proceedings, Springer, 2015, Vol. 9290, p. 265-282Conference paper (Refereed)
    Abstract [en]

    The existing network security infrastructure is not ready for future protocols such as Multipath TCP (MPTCP). The outcome is that middleboxes are configured to block such protocols. This paper studies the security risk that arises if future protocols are used over unaware infrastructures. In particular, the practicality and severity of cross-path fragmentation attacks utilizing MPTCP against the signature-matching capability of the Snort intrusion detection system (IDS) is investigated. Results reveal that the attack is realistic and opens the possibility to evade any signature-based IDS. To mitigate the attack, a solution is also proposed in the form of the MPTCP Linker tool. The work outlines the importance of MPTCP support in future network security middleboxes.

  • 6.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Lindskog, Stefan
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Brunström, Anna
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Centre for HumanIT. Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).
    Lidén, Anders
    Towards Multipath TCP Aware Security Technologies2016In: 2016 8th IFIP International Conference onNew Technologies, Mobility and Security (NTMS), New York: IEEE, 2016, p. 1-8Conference paper (Refereed)
    Abstract [en]

    Multipath TCP (MPTCP) is a proposed extension to TCP that enables a number of performance advantages that have not been offered before. While the protocol specification is close to being finalized, there still remain some unaddressed challenges regarding the deployment and security implications of the protocol. This work attempts to tackle some of these concerns by proposing and implementing MPTCP aware security services and deploying them inside a proof of concept MPTCP proxy. The aim is to enable hosts, even those without native MPTCP support, to securely benefit from the MPTCP performance advantages. Our evaluations show that the security services that are implemented enable proper intrusion detection and prevention to thwart potential attacks as well as threshold rules to prevent denial of service (DoS) attacks.

  • 7.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science.
    Lindskog, Stefan
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science. Karlstad University, Faculty of Health, Science and Technology (starting 2013).
    Lidén, Anders
    A Multipath TCP Proxy2015Conference paper (Refereed)
    Abstract [en]

    Multipath TCP (MPTCP) is an extension to traditionalTCP that enables a number of performance advantages,which were not offered before. While the protocol specificationis close to being finalized, there still remain some concernsregarding deployability and security. This paper describes theon going work to develop a solution that will facilitate thedeployment of MPTCP. The solution will not only allow non-MPTCP capable end-hosts to benefit from MPTCP performancegains, but also help ease the network security concerns that manymiddleboxes face due to the possibility of data stream beingfragmented across multiple subflows.

  • 8.
    Afzal, Zeeshan
    et al.
    Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science.
    Rossebø, Judith
    Integrated Operations, ABB AS, Norway.
    Chowdhury, Mohammad
    Talha, Batool
    ABB Corporate Research, ABB AS, Norway.
    A Wireless Intrusion Detection System for 802.11 networks2016In: PROCEEDINGS OF THE 2016 IEEE INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, SIGNAL PROCESSING AND NETWORKING (WISPNET), IEEE conference proceedings, 2016, p. 828-834Conference paper (Refereed)
    Abstract [en]

    Wireless local area networks (WLANs) deployment is increasing rapidly. At the same time, WLANs have become an attractive target for many potential attackers. In spite of that, the de facto standard used to implement most WLANs (IEEE 802.11) has what appear to be residual vulnerabilities related to identity spoofing. In this paper, a pragmatic study of two common attacks on the standard is conducted. These attacks are then implemented on test beds to learn attack behavior. Finally, novel attack signatures and techniques to detect these attacks are devised and implemented in a proof of concept Wireless Intrusion Detection System (WIDS).

1 - 8 of 8
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf