Domain Specific Stateful Filtering with Worst-Case Bandwidth

نویسندگان

Maxime Puys

Jean-Louis Roch

Marie-Laure Potet

چکیده

Industrial systems are publicly the target of cyberattacks since Stuxnet. Nowadays they are increasingly communicating over insecure media such as Internet. Due to their interaction with the real world, it is crucial to ensure their security. In this paper, we propose a domain specific stateful filtering that keeps track of the value of predetermined variables. Such filter allows to express rules depending on the context of the system. Moreover, it must guarantee bounded memory and execution time to be resilient against malicious adversaries. Our approach is illustrated on an example.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Stateful DDoS attacks and targeted filtering

The goal of a distributed denial of service (DDoS) attack is to completely tie up certain resources so that legitimate users are not able to access a service. It has long been an open security problem of the Internet. In this paper, we identify a class of stateful DDoS attacks that defeat the existing cookie-based solutions. To counter these attacks, we propose a new defense mechanism, called t...

متن کامل

A Novel Architecture for Secure and Scalable Multicast over IP Network

Currently, multicast services can be implemented at the IP layer or the application layer. While IP multicast violates the stateless paradigm of Internet and incurs great difficulties to congestion and flow control, application-layer multicast is lack of scalability due to the unreliability and resource constraints of end-hosts. Moreover, security is a main weakness in Internet-wide group commu...

متن کامل

Mitigating Multi-Target Attacks in Hash-based Signatures Preliminary Version

This work introduces XMSS-T, a new hash-based signature scheme with tight security. Previous hash-based signature schemes are facing a loss of security, linear in performance parameters like the total tree height. Our new scheme can use hash functions with a smaller output length at the same security level, immediately leading to a smaller signature size. XMSS-T is stateful, however, the same t...

متن کامل

Mitigating Multi-target Attacks in Hash-Based Signatures

This work introduces XMSS-T, a new stateful hash-based signature scheme with tight security. Previous hash-based signatures are facing a loss of security, linear in performance parameters such as the total tree height. Our new scheme can achieve the same security level but using hash functions with a smaller output length, which immediately leads to a smaller signature size. The same techniques...

متن کامل

Strong Domain Filtering Consistencies for Non-Binary Constraint Satisfaction Problems

Domain filtering local consistencies, such as inverse consistencies, that only delete values and do not add new constraints are particularly useful in Constraint Programming. Although many such consistencies for binary constraints have been proposed and evaluated, the situation with non-binary constraints is quite different. Only very recently have domain filtering consistencies stronger than G...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2016

Domain Specific Stateful Filtering with Worst-Case Bandwidth

نویسندگان

چکیده

منابع مشابه

Stateful DDoS attacks and targeted filtering

A Novel Architecture for Secure and Scalable Multicast over IP Network

Mitigating Multi-Target Attacks in Hash-based Signatures Preliminary Version

Mitigating Multi-target Attacks in Hash-Based Signatures

Strong Domain Filtering Consistencies for Non-Binary Constraint Satisfaction Problems

عنوان ژورنال:

اشتراک گذاری