Find us on
 |
 |
 |
Upcoming Events
 |
My Computer Ate My Data, Changed My Students' Grades and Stole My Money |
 |
Mobile Measurement of Behavioral and Social Health at Population Scale |
Past Programs
 |
Cyber War, Cyber Peace, Stones, and Glass Houses |
 |
Real-Time Crowd Support for People with Disabilities |
 |
Cyber Operations and National Security |
 |
CISO vs. Adversary |
The objective of this research is to develop networking technologies that will help prevent and combat cyber-crime as well as strengthen computer and network systems against future attacks. The work involves architecting new networking infrastructure tolerant to attacks, and novel network protocols for tracking attackers.
To validate our proposed method, we have developed a software tool that, when fed with packet level traces, would calculate the PSD estimates of traffic flows contained in the traces and determine whether they exhibit periodicity or not by means of a statistical hypothesis test. Furthermore, we use real-world traces obtained on May 6 and 7, 1999, at an egress point of a Harvard campus network to verify the effectiveness of the software tool. The result shows that the proposed method correctly identify 81.8% of the TCP flows as exhibiting periodicity, while only 15.7% of the non-TCP flows are misidentified as having periodicity, showing that it is indeed a feasible way to distinguish legitimate TCP flows from non-periodic, open-loop traffic, which typical DoS attacks use.
