Challenges in Identification in Future Computer Networks

Libor Polčák

Abstract

Modern computer networks bring new challenges, such as network address translation and short-lived IPv6 addresses. As a result the number of identifiers related to a single user increases. Consequently, old methods for identification of the traffic of a specific user are becoming weak. This research aims to tackle the challenges by linking partial identities of a subject together. This way, all traffic of specific groups of users can be identified and it can be treated in a personalised manner, e.g. important calls of a manager can be prioritised. We consider a distributed system that can link identities discovered from various sources. As an example, we investigated both local and remote identification. This research already resulted in several accepted papers concerning dynamic detection of IPv6 addresses and clock-skew-based identification. Current efforts are in the area of the proposal of the method to link different identities, in improvements of the remote identification techniques, and in designing an SDN-based control system expanding the proposed identity management system to network control, such as quality of service.

References

  1. Asati, R. and Wing, D. (2012). Internet Draft version 00 (Work in progress): Tracking of Static/ Autoconfigured IPv6 addresses. Internet Engineering Task Force.
  2. ATIS/TIA (2006). Lawfully Authorized Electronic Surveillance. J-STD-025-B. Alliance for Telecommunications Industry Solutions/ Telecommunications Industry Association Joint Standard.
  3. Banse, C., Herrmann, D., and Federrath, H. (2012). Tracking users on the internet with behavioral patterns: Evaluation of its practical feasibility. In Gritzalis, D., Furnell, S., and Theoharidou, M., editors, Information Security and Privacy Research, volume 376 of IFIP Advances in Information and Communication Technology, pages 235-248. Springer Berlin Heidelberg, DE.
  4. Cisco Systems (2014). Cisco medianet architecture. http:// www.cisco.com/web/solutions/trends/medianet.
  5. Clauß, S. and Köhntopp, M. (2001). Identity management and its support of multilateral security. Computer Networks, 37(2):205-219. Electronic Business Systems.
  6. Dunlop, M., Groat, S., Marchany, R., and Tront, J. (2011). The Good, the Bad, the IPv6. In Communication Networks and Services Research Conference, pages 77-84, Ottawa, Canada.
  7. Eckersley, P. (2010). How unique is your web browser? In Atallah, M. and Hopper, N., editors, Privacy Enhancing Technologies, volume 6205 of Lecture Notes in Computer Science, pages 1-18. Springer Berlin Heidelberg, DE.
  8. Eckert, T., Penno, R., Choukir, A., and Eckel, C. (2013). A Framework for Signaling Flow Characteristics between Applications and the Network. IETF. InternetDraft (work in progress), intended status: Informational.
  9. ETSI (2001). ETSI TR 101 944: Telecommunications security; Lawful Interception (LI); Issues on IP Interception. European Telecommunications Standards Institute. Version 1.1.2.
  10. FIT BUT (2010-2014). Modern tools for detection and mitigation of cyber criminality on the new generation internet. Brno University of Technology, Faculty of Information Technology, CZ. http://www.fit.vutbr.cz/ipolcak/ grants.php?id=517.
  11. Groat, S., Dunlop, M., Marchany, R., and Tront, J. (2010). The privacy implications of stateless IPv6 addressing. In Cyber Security and Information Intelligence Research, pages 52:1-52:4, New York, NY, USA. ACM.
  12. Groat, S., Dunlop, M., Marchany, R., and Tront, J. (2011). What DHCPv6 says about you. In 2011 World Congress on Internet Security, pages 146-151, London, UK.
  13. Grégr, M., Matoušek, P., Podermanski, T., and Švéda, M. (2011). Practical IPv6 Monitoring Challenges and Techniques. In Symposium on Integrated Network Management, pages 660-663, Dublin, Ireland. IEEE CS.
  14. Herrmann, D., Gerber, C., Banse, C., and Federrath, H. (2012). Analyzing characteristic host access patterns for re-identification of web user sessions. In Aura, T., Järvinen, K., and Nyberg, K., editors, Information Security Technology for Applications, volume 7127 of Lecture Notes in Computer Science, pages 136-154. Springer Berlin Heidelberg, DE.
  15. Huang, D.-J., Yang, K.-T., Ni, C.-C., Teng, W.-C., Hsiang, T.-R., and Lee, Y.-J. (2012). Clock skew based client device identification in cloud environments. In Advanced Information Networking and Applications, pages 526-533.
  16. Jøsang, A., Fabre, J., Hay, B., Dalziel, J., and Pope, S. (2005). Trust requirements in identity management. In Proceedings of the 2005 Australasian Workshop on Grid Computing and e-Research Volume 44, ACSW Frontiers 7805, pages 99-108, Darlinghurst, Australia, Australia. Australian Computer Society, Inc.
  17. Kohno, T., Broido, A., and Claffy, K. (2005). Remote physical device fingerprinting. IEEE Transactions on Dependable and Secure Computing, 2(2):93-108.
  18. Kumpošt, M. (2008). Context Information and User Profiling. PhD thesis, Masaryk University, CZ.
  19. Laiping Zhao, Yizhi Ren, Mingchu Li, and Kouichi Sakurai (2012). Flexible service selection with userspecific QoS support in service-oriented architecture. Journal of Network and Computer Applications, 35(3):962-973. Special Issue on Trusted Computing and Communications.
  20. Lanze, F., Panchenko, A., Braatz, B., and Zinnen, A. (2012). Clock skew based remote device fingerprinting demystified. In Global Communications Conference, pages 813-819.
  21. Love, R. (2005). Kernel korner: Intro to inotify. Linux Journal, 2005(139).
  22. McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., and Turner, J. (2008). OpenFlow: enabling innovation in campus networks. SIGCOMM Computer Communication Review, 38(2):69-74.
  23. Megyesi, P. and Molnár, S. (2013). Analysis of elephant users in broadband network traffic. In Bauschert, T., editor, Advances in Communication Networking, Lecture Notes in Computer Science, pages 37-45. Springer Berlin Heidelberg. LNCS 8115.
  24. Meints, M. and Gasson, M. (2009). High-Tech ID and Emerging Technologies, pages 130-189. Springer Berlin Heidelberg.
  25. Murdoch, S. J. (2006). Hot or not: Revealing hidden services by their clock skew. In Computer and Communications Security, pages 27-36, New York, NY, USA. ACM.
  26. Napatech (2014a). Time to ReThink Mobile Network Analysis. White paper, version 6, available online at http://www.napatech.com/sites/default/files/ dn-0720_ttrt_mobile_network_analysis_v06_us_a4_ online.pdf.
  27. Napatech (2014b). Time to ReThink Performance Monitoring. White paper, version 6, available online at http://www.napatech.com/sites/default/files/dn-0645_ ttrt_performance_monitoring_ v6_us_a4_online.pdf.
  28. Narten, T., Draves, R., and Krishnan, S. (2007). Privacy Extensions for Stateless Address Autoconfiguration in IPv6. IETF. RFC 4941 (Draft Standard).
  29. Pfitzmann, A. and Hansen, M. (2010). A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. Technical report. Version 0.34, Available online at https://dud.inf.tu-dresden.de/ literatur/Anon_Terminology_v0.34.pdf.
  30. Polcák, L. and Franková, B. (2014). On reliability of clockskew-based remote computer identification. In International Conference on Security and Cryptography. SciTePress Science and Technology Publications.
  31. Polcák, L. and Holkovic, M. (2013). Behaviour of various operating systems during SLAAC, DAD, and ND. http://6lab.cz/?p=1691.
  32. Polcák, L., Holkovic, M., and Matoušek, P. (2013a). A New Approach for Detection of Host Identity in IPv6 Networks. In Data Communication Networking, pages 57-63. SciTePress Science and Technology Publications.
  33. Polcák, L., Holkovic, M., and Matoušek, P. (Accepted, 2013b). Host Identity Detection in IPv6 Networks. In Communications in Computer and Information Science. Springer Berlin Heidelberg, DE.
  34. Polcák, L., Jirásek, J., and Matoušek, P. (2013c). Comments on ”Remote physical device fingerprinting”. IEEE Transactions on Dependable and Secure Computing. Accepted, PrePrint available.
  35. Sanguanpong, S. and Koht-Arsa, K. (2013). A design and implementation of dual-stack aware authentication system for enterprise captive portal. In 9th International Conference on Network and Service Management (CNSM), pages 118-121, Zürich, Switzerland.
  36. Scarfone, K. A., Grance, T., and Masone, K. (2008). Computer security incident handling guide. Technical Report SP 800-61 Rev. 1., National Institute of Standards & Technology, Gaithersburg, MD, United States.
  37. Sharma, S., Hussain, A., and Saran, H. (2012). Experience with heterogenous clock-skew based device fingerprinting. In Workshop on Learning from Authoritative Security Experiment Results, pages 9- 18. ACM.
  38. Thomson, S., Narten, T., and Jinmei, T. (2007). RFC 4862 IPv6 Stateless Address Autoconfiguration. Internet Engineering Task Force.
  39. Wing, D. and Yourtchenko, A. (2012). Happy Eyeballs: Success with Dual-Stack Hosts. IETF. RFC 6555 (Proposed Standard).
  40. Zander, S. and Murdoch, S. J. (2008). An improved clockskew measurement technique for revealing hidden services. In Proceedings of the 17th Conference on Security Symposium, pages 211-225, Berkeley, CA, USA. USENIX Association.
Download


Paper Citation


in Harvard Style

Polčák L. (2014). Challenges in Identification in Future Computer Networks . In Doctoral Consortium - DCETE, (ICETE 2014) ISBN Not Available, pages 15-24


in Bibtex Style

@conference{dcete14,
author={Libor Polčák},
title={Challenges in Identification in Future Computer Networks},
booktitle={Doctoral Consortium - DCETE, (ICETE 2014)},
year={2014},
pages={15-24},
publisher={SciTePress},
organization={INSTICC},
doi={},
isbn={Not Available},
}


in EndNote Style

TY - CONF
JO - Doctoral Consortium - DCETE, (ICETE 2014)
TI - Challenges in Identification in Future Computer Networks
SN - Not Available
AU - Polčák L.
PY - 2014
SP - 15
EP - 24
DO -