Sec Mon EndtoEnd Quality and Security Monitoring System

  • Slides: 1
Download presentation
Sec. Mon: End-to-End Quality and Security Monitoring System Tomasz Ciszkowski & Wojciech Mazurczyk Markus

Sec. Mon: End-to-End Quality and Security Monitoring System Tomasz Ciszkowski & Wojciech Mazurczyk Markus Fiedler Charlott Eliasson Zbigniew Kotulski Radu Lupu Warsaw University of Technology, Institute of Telecommunications, Poland Blekinge Institute of Technology, Department of Telecommunication Systems, Sweden Institute of Fundamental Technological Research PAS, Poland University Politehnica of Bucharest, Romania Sec. Mon system Sec. Mon Architecture • Designed for Peer-to-Peer Voice over IP service with assurance of • Security Network model • Quality of Service • P 2 P overlay network • Three-layer node architecture Sec. Mon objectives – build a reliable and secure system for P 2 P Vo. IP Security • Based on hiding techniques with no transmission bandwidth consumption • Digital watermarking and network steganography • Source authentication and data integrity Node model • Service Layer – SL Fig. 1 P 2 P overlay network composition for Sec. Mon • session establishment • reputation-based routing • session tear-down • Monitoring Layer – ML • reputation block – building node’s reputation, Qo. S and security routing decision support, hostile nodes isolation • monitoring block - calculation and evaluation E 2 E Qo. S parameters Fig. 2 Three-layer node’s model for a flow transmission • security block – source and data authentication, integrity, • Transport Layer – TL Quality of Service • Lightweight End-to-End Qo. S monitoring for network efficiency and performance • network conditions measurements, • real time and hidden data transmission Fig. 3 Monitoring layer blocks and cooperation diagram • Communication between layers though Service Access Point – SAP • DDo. S detection Reliability • Reputation system for Qo. S and security support • Qo. S metrics and trust management for best path routing decision support • Misbehaviour detection and defence, hostile nodes isolation Reputation system model • Evidence repository feeding and Service Reputation (SR) building Fig. 4 Example scenario of P 2 P communication in Sec. Mon For source node S depending on time n based on Own Experience (OE), recommendations (V), end nodes’ credibility (IR) • Qo. S metrics and behavioural data consolidation Contacts • Qo. S & secure routing decision support Tomasz Ciszkowski, t. ciszkowski@tele. pw. edu. pl Zbigniew Kotulski, z. kotulski@tele. pw. edu. pl Markus Fiedler, markus. fiedler@bth. se Charlott Eliasson, charlott. eliasson@bth. se Radu Lupu, radu. lupu@elcom. pub. ro Wojciech Mazurczyk, w. mazurczyk@tele. pw. edu. pl Fig. 5 Overall reputation management system for Sec. Mon