Current Search: Fu, Xinwen (x)
View All Items
- Title
- Scalable Network Design and Management with Decentralized Software-defined Networking.
- Creator
-
Atwal, Kuldip Singh, Bassiouni, Mostafa, Fu, Xinwen, Zou, Changchun, Deo, Narsingh, University of Central Florida
- Abstract / Description
-
Network softwarization is among the most significant innovations of computer networks in the last few decades. The lack of uniform and programmable interfaces for network management led to the design of OpenFlow protocol for the university campuses and enterprise networks. This breakthrough coupled with other similar efforts led to an emergence of two complementary but independent paradigms called software-defined networking (SDN) and network function virtualization (NFV). As of this writing,...
Show moreNetwork softwarization is among the most significant innovations of computer networks in the last few decades. The lack of uniform and programmable interfaces for network management led to the design of OpenFlow protocol for the university campuses and enterprise networks. This breakthrough coupled with other similar efforts led to an emergence of two complementary but independent paradigms called software-defined networking (SDN) and network function virtualization (NFV). As of this writing, these paradigms are becoming the de-facto norms of wired and wireless networks alike. This dissertation mainly addresses the scalability aspect of SDN for multiple network types. Although centralized control and separation of control and data planes play a pivotal role for ease of network management, these concepts bring in many challenges as well. Scalability is among the most crucial challenges due to the unprecedented growth of computer networks in the past few years. Therefore, we strive to grapple with this problem in diverse networking scenarios and propose novel solutions by harnessing capabilities provided by SDN and other related technologies. Specifically, we present the techniques to deploy SDN at the Internet scale and to extend the concepts of softwarization for mobile access networks and vehicular networks. Multiple optimizations are employed to mitigate latency and other overheads that contribute to achieve performance gains. Additionally, by taking care of sparse connectivity and high mobility, the intrinsic constraints of centralization for wireless ad-hoc networks are addressed in a systematic manner. The state-of-the-art virtualization techniques are coupled with cloud computing methods to exploit the potential of softwarization in general and SDN in particular. Finally, by tapping into the capabilities of machine learning techniques, an SDN-based solution is proposed that inches closer towards the longstanding goal of self-driving networks. Extensive experiments performed on a large-scale testbed corroborates effectiveness of our approaches.
Show less - Date Issued
- 2019
- Identifier
- CFE0007600, ucf:52543
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007600
- Title
- D-FENS: DNS Filtering (&) Extraction Network System for Malicious Domain Names.
- Creator
-
Spaulding, Jeffrey, Mohaisen, Aziz, Leavens, Gary, Bassiouni, Mostafa, Fu, Xinwen, Posey, Clay, University of Central Florida
- Abstract / Description
-
While the DNS (Domain Name System) has become a cornerstone for the operation of the Internet, it has also fostered creative cases of maliciousness, including phishing, typosquatting, and botnet communication among others. To address this problem, this dissertation focuses on identifying and mitigating such malicious domain names through prior knowledge and machine learning. In the first part of this dissertation, we explore a method of registering domain names with deliberate typographical...
Show moreWhile the DNS (Domain Name System) has become a cornerstone for the operation of the Internet, it has also fostered creative cases of maliciousness, including phishing, typosquatting, and botnet communication among others. To address this problem, this dissertation focuses on identifying and mitigating such malicious domain names through prior knowledge and machine learning. In the first part of this dissertation, we explore a method of registering domain names with deliberate typographical mistakes (i.e., typosquatting) to masquerade as popular and well-established domain names. To understand the effectiveness of typosquatting, we conducted a user study which helped shed light on which techniques were more (")successful(") than others in deceiving users. While certain techniques fared better than others, they failed to take the context of the user into account. Therefore, in the second part of this dissertation we look at the possibility of an advanced attack which takes context into account when generating domain names. The main idea is determining the possibility for an adversary to improve their (")success(") rate of deceiving users with specifically-targeted malicious domain names. While these malicious domains typically target users, other types of domain names are generated by botnets for command (&) control (C2) communication. Therefore, in the third part of this dissertation we investigate domain generation algorithms (DGA) used by botnets and propose a method to identify DGA-based domain names. By analyzing DNS traffic for certain patterns of NXDomain (non-existent domain) query responses, we can accurately predict DGA-based domain names before they are registered. Given all of these approaches to malicious domain names, we ultimately propose a system called D-FENS (DNS Filtering (&) Extraction Network System). D-FENS uses machine learning and prior knowledge to accurately predict unreported malicious domain names in real-time, thereby preventing Internet devices from unknowingly connecting to a potentially malicious domain name.
Show less - Date Issued
- 2018
- Identifier
- CFE0007587, ucf:52540
- Format
- Document (PDF)
- PURL
- http://purl.flvc.org/ucf/fd/CFE0007587