Important: Use custom search function to get better results from our thousands of pages

Use " " for compulsory search eg:"electronics seminar" , use -" " for filter something eg: "electronics seminar" -"/tag/" (used for exclude results from tag pages)
Tags: Detecting, malicious, packet, losses, Detecting malicious packet losses, Detecting malicious packet losses ppt, Detecting malicious packet losses pdf, uml diagrams for detecting malicious packet losses, ppt for detecting malicious packet losses, detecting malicious packet losses abstract, detecting malicious packet losses project in java, detecting malicious packet losses pdf, detecting malicious packet losses ppt,
Ask More Info Of  A Seminar Ask More Info Of A Project Post Reply  Follow us on Twitter
01-07-2010, 04:07 PM
Post: #1
Detecting malicious packet losses


The Internet is not a safe place. Unsecured hosts can expect to be compromised within minutes of connecting to the Internet and even well-protected hosts may be crippled with denial-of-service (DoS) attacks. However, while such threats to host systems are widely understood, it is less well appreciated that the network infrastructure itself is subject to constant attack as well. Indeed, through combinations of social engineering and weak passwords, attackers have seized control over thousands of Internet routers. Even more troubling is Mike Lynnâ„¢s controversial presentation at the 2005 Black Hat Briefings, which demonstrated how Cisco routers can be compromised via simple software vulnerabilities. Once a router has been compromised in such a fashion, an attacker may interpose on the traffic stream and manipulate it maliciously to attack others selectively dropping, modifying, or rerouting packets.

Several researchers have developed distributed protocols to detect such traffic manipulations, typically by validating that traffic transmitted by one router is received unmodified by another. However, all of these

Schemes including our own struggle in interpreting the absence of traffic. While a packet that has been modified in transit represents clear evidence of tampering, a missing packet is inherently ambiguous: it may have been explicitly blocked by a compromised router or it may have been dropped benignly due to network congestion. In fact, modern routers routinely drop packets due to bursts in traffic that exceed their buffering capacities, and the widely used Transmission Control Protocol (TCP) is designed to cause such losses as part of its normal congestion control behavior. Thus, existing traffic validation systems must inevitably produce false positives for benign events and/or produce false negatives by failing to report real malicious packet dropping.
Existing System:

Network routers occupy a unique role in modern distributed systems. They are responsible for cooperatively shuttling packets amongst themselves in order to provide the illusion of a network with universal point-to-point connectivity. However, this illusion is shattered - as are implicit assumptions of availability, confidentiality, or integrity - when network routers are subverted to act in a malicious fashion. By manipulating, diverting, or dropping packets arriving at a compromised router, an attacker can trivially mount denial-of-service, surveillance, or man-in-the-middle attacks on end host systems. Consequently, Internet routers have become a choice target for would-be attackers and thousands have been subverted to these ends. In this paper, we specify this problem of detecting routers with incorrect packet forwarding behavior and we explore the design space of protocols that implement such a detector. We further present a concrete protocol that is likely inexpensive enough for practical implementation at scale. Finally, we present a prototype system, called Fatih, that implements this approach on a PC router and describe our experiences with it. We show that Fatih is able to detect and isolate a range of malicious router actions with acceptable overhead and complexity. We believe our work is an important step in being able to tolerate attacks on key network infrastructure components

Proposed System:

We have designed, developed, and implemented a compromised router detection protocol that dynamically infers, based on measured traffic rates and buffer sizes, the number of congestive packet losses that will occur.

Once the ambiguity from congestion is removed, subsequent packet losses can be attributed to malicious actions. We have tested our protocol in Emulab and have studied its effectiveness in differentiating attacks from legitimate network behavior.

Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.
The implementation stage involves careful planning, investigation of the existing system and itâ„¢s constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods.
1. Network Module
2. Threat Model
3. Traffic Validation
4. Random Early Detection(RED)
5. Distributed Detection
Module Description:
1. Network Module

Client-server computing or networking is a distributed application architecture that partitions tasks or workloads between service providers (servers) and service requesters, called clients. Often clients and servers operate over a computer network on separate hardware. A server machine is a high-performance host that is running one or more server programs which share its resources with clients. A client also shares any of its resources; Clients therefore initiate communication sessions with servers which await (listen to) incoming requests.
2.Threat Model:
This focuses solely on data plane attacks (control plane attacks can be addressed by other protocols with appropriate threat models, and moreover, for simplicity, we examine only attacks that involve packet dropping.
However, our approach is easily extended to address other attacks such as packet modification or reordering similar to our previous work. Finally, as in, the protocol we develop validates traffic whose source and sink routers are uncompromised. A router can be traffic faulty by maliciously dropping packets and protocol faulty by not following the rules of the detection protocol. We say that a compromised router r is traffic faulty with respect to a path segment during if contains r and, during the period of time, r maliciously drops or misroutes packets that flow through. A router can drop packets without being faulty, as long as the packets are dropped because the corresponding output interface is congested. A compromised router r can also behave in an arbitrarily malicious way in terms of executing the protocol we present, in which case we indicate r as protocol faulty. A protocol faulty router can send control messages with arbitrarily faulty information, or it can simply not send some or all of them. A faulty router is one that is traffic faulty, protocol faulty, or both.
3.Traffic Validation

The first problem we address is traffic validation what information is collected about traffic and how Consider the queue Q in a router r associated with the output interface of link. The neighbor routers feed data into Q.
The traffic information collected by router r that traversed path segment over time interval, meaning traffic into Q, or Q out, meaning traffic out of Q. At an abstract level, we represent traffic, a validation mechanism associated with Q, as a predicate it is used to determine that a router has been compromised.

4.Random Early Detection(RED)

RED monitors the average queue size, based on an exponential weighted moving average: where is the actual queue size and w is the weight for a
Low- pass filter. RED uses three more parameters: min, minimum threshold; Max, maximum threshold; and maximum probability.

Using, RED dynamically computes a dropping probability in two steps for each packet it receives. First, it computes an interim probability further; the RED algorithm tracks the number of packets, since the last dropped packet. The final dropping probability, p, is specified to increase slowly as increases

5.Distributed Detection

Since the behavior of the queue is deterministic, the traffic validation mechanisms detect traffic faulty routers whenever the actual behavior of the queue deviates from the predicted behavior. However, a faulty router can also be protocol faulty. It can behave arbitrarily with respect to the protocol,
by dropping or altering the control messages .We mask the effect of protocol faulty routers using distributed detection.
Given TV, we need to distribute the necessary traffic information among the routers and implement a distributed detection protocol. Every outbound interface queue Q in the network is monitored by the neighboring routers and validated by a router rd such that Q is associated with the link.
Hardware Requirements:

¢ System : Pentium IV 2.4 GHz.
¢ Hard Disk : 40 GB.
¢ Floppy Drive : 1.44 Mb.
¢ Monitor : 15 VGA Colour.
¢ Mouse : Logitech.
¢ Ram : 256 Mb.
Software Requirements:

¢ Operating system : - Windows XP Professional.
¢ Coding Language : - JavaTool Used : - Eclipse.

read full report

Please Use Search wisely To Get More Information About A Seminar Or Project Topic
17-02-2011, 07:44 PM
Post: #2
RE: Detecting malicious packet losses
i need code for Detecting malicious packet losses,uml diagrams,and documentation.
pleaz some body help out.
thank you
08-03-2011, 09:34 AM
Post: #3
RE: Detecting malicious packet losses
Hi friends,

can any body please send me the project DETECTING MALICIOUS PACKET LOSSES project in java. I have to submit the project 10th of this month.

please send me to the following email: kskanths[at]
01-02-2012, 10:05 AM
Post: #4
RE: Detecting malicious packet losses
to get information about the topic detecting malicious packet losses full report ppt, and related topics refer the link bellow
07-02-2012, 01:08 PM
Post: #5
RE: Detecting malicious packet losses
Detecting malicious packet losses


The problem of detecting whether a compromised router is maliciously manipulating its stream of packets. In particular, we are concerned with a simple yet effective attack in which a router selectively drops packets destined for some victim. Unfortunately, it is quite challenging to attribute a missing packet to a malicious action because normal network congestion can produce the same effect. Modern networks routinely drop packets when the load temporarily exceeds their buffering capacities. Previous detection protocols have tried to address this problem with a user-defined threshold: too many dropped packets imply malicious intent. However, this heuristic is fundamentally unsound; setting this threshold is, at best, an art and will certainly create unnecessary false positives or mask highly focused attacks. We have designed, developed, and implemented a compromised router detection protocol that dynamically infers, based on measured traffic rates and buffer sizes, the number of congestive packet losses that will occur. Once the ambiguity from congestion is removed, subsequent packet losses can be attributed to malicious actions. We have tested our protocol in EMU lab and have studied its effectiveness in differentiating attacks from legitimate network behavior.
Rating Detecting malicious packet losses Options
Share Detecting malicious packet losses To Your Friends :- Seminar Topics Bookmark
Post Reply 

Marked Categories : malicious router, malicious pocket losses, proposed system of the project packet loss detection, uml diagrams for detecting malicious packet losses, code for detecting malicious data packets in java, tcp ip pdf, detecting malicious packet losses code in java, malicious packet losses, project report on compromised router detection with code, detection of malicious packet losses, detection of malicious packet loss project, malicious packets, detecting malicious packet losses ppt, detection of malicious packet losses ppt, existing system of detection of malicious packet loss, ppts on detection of malicious packet loss, detecting malicious packet losses project,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
Last Post: seminar code
  Detecting Copy-Move Forgery in Digital Images: A Survey and Analysis of Current Metho seminar code 0 94 17-06-2014 11:54 AM
Last Post: seminar code
  Detecting image purpose in World-Wide Web documents seminar post 0 88 22-05-2014 04:20 PM
Last Post: seminar post
  Automated Blocking of Malicious Code with NDISIntermediate Driver seminar post 0 63 15-05-2014 02:14 PM
Last Post: seminar post
  Constructing Inter-Domain Packet Filters to Control IP Spoofing B seminar projects maker 0 89 10-05-2014 12:10 PM
Last Post: seminar projects maker
  Detecting Anomalous Insiders in Collaborative Information Systems project girl 1 690 11-11-2013 10:22 PM
Last Post: Guest
  A Robust Image Watermarking Using Two Level DCT And Wavelet Packet Denoising PPT seminar projects maker 0 331 13-09-2013 04:56 PM
Last Post: seminar projects maker
  Fast and Memory- Efficient Regular Expression Matching for Deep Packet PPT study tips 0 260 18-06-2013 12:17 PM
Last Post: study tips
  Using String Matching for Deep Packet Inspection PPT study tips 0 270 18-06-2013 12:16 PM
Last Post: study tips
  Detecting Targeted Malicious Email Report study tips 0 513 03-06-2013 02:40 PM
Last Post: study tips
This Page May Contain What is Detecting malicious packet losses And Latest Information/News About Detecting malicious packet losses,If Not ...Use Search to get more info about Detecting malicious packet losses Or Ask Here