Leandro Márcio Bertholdo scite author profile

Darknets are ranges of IP addresses advertised without answering any traffic. Darknets help to uncover interesting network events, such as misconfigurations and network scans. Interpreting darknet traffic helps against cyber-attacks -e.g., malware often reaches darknets when scanning the Internet for vulnerable devices. The traffic reaching darknets is however voluminous and noisy, which calls for efficient ways to represent the data and highlight possibly important events. This paper evaluates a methodology to summarize packets reaching darknets. We represent the darknet activity as a graph, which captures remote hosts contacting the darknet nodes ports, as well as the frequency at which each port is reached. From these representations, we apply community detection algorithms in the search for patterns that could represent coordinated activity. By highlighting such activities we are able to group together, for example, groups of IP addresses that predominantly engage in contacting specific targets, or, vice versa, to identify targets which are frequently contacted together, for exploiting the vulnerabilities of a given service. The network analyst can recognize from the community detection results, for example, that a group of hosts has been infected by a botnet and it is currently scanning the network in search of vulnerable services (e.g., SSH and Telnet among the most commonly targeted). Such piece of information is impossible to obtain when analyzing the behavior of single sources, or packets one by one. All in all, our work is a first step towards a comprehensive aggregation methodology to automate the analysis of darknet traffic, a fundamental aspect for the recognition of coordinated and anomalous events.

show abstract

Refactoring internet of things middleware through software-defined network

Arbiza

Bertholdo

Santos

et al. 2015

View full text Add to dashboard Cite

Refactoring means to rewrite pieces of code aiming to improve it internally but keeping the expected software behavior. In this paper we present the refactoring of an Internet of Things middleware based on Software-Defined Network. In a previous work we proposed a middleware to address issues we found in healthcare devices used to monitor patients with chronic illnesses in their homes. Software-Defined Network allowed the redesign of the middleware architecture to improve things management, its interconnection with services, and the deployment process of new monitoring scenarios. Refactoring process also extended the middleware to support multiple services in a single home network sharing the same network infrastructure. This work details an OpenFlow controller and an application developed to achieve our goals; we also present sample scenarios where our approach can be applied showing different services delivered in the same home network environment, and using data from all connected devices to build a digital representation of the physical realm.

show abstract

An Evaluation of Service Composition Technologies Applied to Network Management

Vianna

Polina

Marquezan

et al. 2007

View full text Add to dashboard Cite

Service composition is a technique that may help the development of management systems by aggregating smaller services to produce more sophisticated ones. Service composition can be realized by using traditional management technologies, although these technologies have not been conceived taking composition support as one of their main aspects. Current service-oriented architecture (SOA)-related efforts, however, define specific standards for Web services composition, such as the Web Services Business Process Execution Language (WS-BPEL). Web services for network management have been investigated by the management community at least in the last four years, but up to today no research evaluating Web services composition applied to network management has been carried out. In this paper we present such an evaluation where compositions based on the IETF Script MIB, ad-hoc Java Web services, and WS-BPEL are compared against one another in a managed network where BGP routers are investigated in order to identify route advertisement anomalies.

show abstract

The Effect of the Russian-Ukrainian Conflict from the Perspective of Internet eXchanges

Trusin

Bertholdo

Santanna

2022

View full text Add to dashboard Cite

In 2022 the Russian invasion of Ukraine began. It is known that Ukraine faced outages because of the damage to their infrastructure. It is also known that Russia was boycotted by the international community. However the impact on the telecommunications of the two countries remains unknown. In this paper we quantified the degree to which the Internet was affected in both countries by analyzing routing tables from five large Internet Exchange Points (IXPs). IXPs provide a central point of interconnection where internet traffic can be freely exchanged between Autonomous Systems (ASes). This centrality makes IXPs a good vantage point for analyzing changes in the Internet infrastructure. With data collected before and after the start of the conflict we observed considerable damage to the Ukrainian Internet network with numerous outages and minimal damage to the Russian network. An average of 11.12% of Ukrainian ASes were unreachable at each IXP. We identified the biggest outages and the events responsible for them. This paper highlights resilience issues during conflicts to the network and management community, and serves as a basis for future more in-depth research.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.