Operating system (OS) fingerprinting tools are essential to network security because of their rel... more Operating system (OS) fingerprinting tools are essential to network security because of their relationship to vulnerability scanning and penetrating testing. Although OS identification is traditionally performed by passive or active tools, more contributions have focused on IPv4 than IPv6. This paper proposes a new methodology based on machine learning algorithms to build classification models to identify IPv6 OS fingerprinting using a newly created dataset. Unlike other proposals that mainly depend on TCP and IP generic features; this work adds other features to improve the detection accuracy. It also considers OSes installed in mobiles (Android and iOS). The experimental results have shown that the algorithms achieved high and acceptable results in classifying OSes. KNN and DT achieved high accuracy of up to 99%. SVM and GNB achieved 81% and 75%, respectively. Moreover, KNN, RF and DT achieved the best recall, precision, and f-score with almost the same as the achieved accuracy.
2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)
Mobile Ad-hoc Networks (MANETs) usually suffer from high packet loss and high link failure rates.... more Mobile Ad-hoc Networks (MANETs) usually suffer from high packet loss and high link failure rates. These challenges usually increase congestion on some links while other links are almost free. In this paper, we propose a novel mechanism to enhance QoS in multipath routing protocols in MANETs based on the InfiniBand (IB) QoS architecture. The basic idea of our approach is to enhance the load balancing and thus reduce congestion on overloaded links. This mechanism has enabled us to (1) give critical applications higher priority when routing their packets across the network, (2) effectively manage frequent connections and disconnections and thus reduce link failures and packet loss rates, and (3) reduce the overall power consumption as a consequence of the previous gains. We have tested the scheme on the (IBsim) simulator and achieved significant improvements in QoS parameters compared to two well-known routing protocols: AODV and AOMDV.
Mobile Ad Hoc Networks (MANETs) are kind of wireless networks where the nodes move in decentraliz... more Mobile Ad Hoc Networks (MANETs) are kind of wireless networks where the nodes move in decentralized environments with a highly dynamic infrastructure. Many well-known routing protocols have been proposed, with each having its own design mechanism and its own strengths and weaknesses and most importantly, each protocol being mainly designed for specific applications and scenarios. Most of the research studies in this field used simulation testbeds to analyze routing protocols. Very few contributions suggested the use of analytical studies and mathematical approaches to model some of the existing routing protocols. In this research, we have built a comprehensive mathematical-based model to analyze the Destination-Sequenced Distance Vector protocol (DSDV), one of the main widely deployed proactive protocols and studied its performance on estimating the path duration based on the concepts of the probability density function and the expected values to find the best approximation values i...
International Journal of Interactive Mobile Technologies (iJIM)
Mobile Ad-Hoc Networks (MANETs) are characterized as decentralized control networks. The mobile n... more Mobile Ad-Hoc Networks (MANETs) are characterized as decentralized control networks. The mobile nodes route and forward data based on their routing information without the need for routing devices. In this type of networks, nodes move in an unstructured environment where some nodes are still fixed, others are moving in a constant velocity, and others move with diverse velocities; and thus, they need special protocols to keep track of network changes and velocity changes among the nodes. Destination Sequenced Distance-Vector (DSDV) routing protocol is one of the most popular proactive routing protocols for wireless networks. This protocol has a good performance in general, but with high speed nodes and congested networks its performance degrades quickly.In this paper we propose an extension to the DSDV (we call it Diverse-Velocity DSDV) to address this problem. The main idea is to modify the protocol to include node speed, determine update intervals and the duration of settling time....
Journal of King Saud University - Computer and Information Sciences, 2021
Lexical Recognition Test (LRT) themes are one of the main methods that are widely used to measure... more Lexical Recognition Test (LRT) themes are one of the main methods that are widely used to measure language proficiency of some common languages such as English, German and Spanish. However, similar research for Arabic is still at development stages, and existing proposals mainly use human-crafted methods. In this paper, a new methodology, based on a newly developed algorithm, was proposed with the aim of automatically constructing high quality nonwords associated with a real quick measurement of Arabic proficiency levels (Arabic LRT). The suggested algorithm will automatically generate nonwords based on Arabic special characteristics they are orthography (spelling), phonology (pronunciation), ngrams and the word frequency map, which is an important factor to create a multi-level test. With the help of a large dataset of Arabic vocabulary, the proposed algorithm was experimented. For this purpose, a Web-based application, following the suggested methodology, was designed and implemented to facilitate the process of collecting and analyzing learners' responses. The experimental results have shown that the LRT questions that were automatically generated by the proposed system had confused the learners, this is clear from the output of the confusion matrix which showed that (1/3) of the generated nonwords were able to distract the learners (with accuracy 65%). Consequentially, the results of recall and precision have smaller values, 0.52 and 0.48, respectively.
Extending AES with DH Key-Exchange to Enhance VoIP Encryption in Mobile Networks
Due to the huge developments in mobile and smartphone technologies in recent years, more attentio... more Due to the huge developments in mobile and smartphone technologies in recent years, more attention is given to voice data transmission such as VoIP (Voice over IP) technologies, e.g., (WhatsApp, Skype, and Face Book Messenger). When using VoIP services over smartphones, there are always security and privacy concerns like the eavesdropping of calls between the communicating parties. Therefore, there is a pressing need to address these risks by enhancing the security level and encryption methods. In this work, we suggest a new scheme to encrypt VoIP channels using (128, 192 & 256-bit) enhanced encryption based on the Advanced Encryption Standard (AES) algorithm, by extending it with the well-known Diffie-Hellman (DH) key exchange method. We have performed a series of real tests on the enhanced (AES/DH) algorithm and compared its performance with the generic AES algorithm. The results have shown that we can get a significant increase in the encryption strength at a very small overhead ...
Over the past few years vehicle usage has increased exponentially worldwide, but the capacities o... more Over the past few years vehicle usage has increased exponentially worldwide, but the capacities of transportation systems are still limited, and have not improved in a tantamount way to expeditiously cope with the number of vehicles traveling on them. As a result, road jamming and traffic correlated pollution has increased, and became complicated and chaotic, leading to an adverse effect socially and financially worldwide. Fortunately, Intelligent Transportation Systems are promising technologies that have been introduced to assist in reducing the side effects of these problems. The intelligence of these systems mainly depends on the accuracy and timely reliable application of real time traffic information. In this paper, we propose a novel mechanism based on queuing theory aiming at enhancing the load balancing and reducing waiting times on busy road intersections. The simulation results were obtained using the OpNet simulator and have shown that the proposed mechanism can effectively reduce average waiting time and queue lengths up to 44% and thus provide an efficient solution for the load balancing problem.
Interactivity in transport protocol can greatly benefit transport friendly applications. We have ... more Interactivity in transport protocol can greatly benefit transport friendly applications. We have recently implemented an interactive version of TCP. The implementation has two components--an interactive transport protocol over FreeBSD called iTCP and, a novel symbiotic MPEG-2 full logic transcoder, which can dynamically change video characteristics based on interactive congestion response inside network layer. We have experimented with the real system on the Active Network (ABone) using selected nodes in the U.S. and Europe. In this report we present the jitter and delay experiments of the live video streaming results to these sites. A second report contains the detail results from application level video quality experiments.
Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003
Interactivity in transport protocol can greatly benefit transport friendly applications. We envis... more Interactivity in transport protocol can greatly benefit transport friendly applications. We envision if a transport mechanism, which is interactive and can provide event notification about network state to the subscriber of its communication service, than a wide range of solution to many of today's hard network problem can be instituted. Recently we have implemented this concept system as a new TCP kernel on FreeBSD called TCP Interactive and a novel symbiotic MPEG-2 full logic transcoder. In this paper we share the results of the TCP Interactive performance experiment and show potential dramatic improvement in time-bounded video delivery. Index terms--netcentric applications, TCP interactive, transcoding, temporal QoS.
Currently it is very difficult for connection oriented applications to use a mobile environment. ... more Currently it is very difficult for connection oriented applications to use a mobile environment. One reason is that Mobile IP requires intermediate software agents to be deployed in the Internet. This infrastructure based mobility scheme offers connectivity to itinerant hosts but incurs significant handoff and tunneling delays along with deployment costs. These delays are particularly harmful for connection oriented applications. In this paper we investigate an alternate mobility scheme which does not require any such infrastructure but only uses an end-point technique and interestingly provides much faster loss-free handoff for connection oriented applications. This End-to-End scheme named Interactive Protocol for Mobile Networks (IPMN) intelligently performs handoff based on information provided by MAC Layer. The network address change is handled by renewing the existing connections by manipulating the TCP/IP stack at the end-points. Also, unlike several other recently proposed end-to-end techniques which require extensive modification of end-protocols, the proposed scheme does not require any functional change in the TCP/IP protocol software. Besides the difference in deployment scenarios, the IPMN offers blazingly fast event based handoff and much faster and simplified transport (no tunneling delay) than MIP. We have implemented IPMN over FreeBSD. In this paper we show the performance advantage of IPMN over MIP with real deployment for three interesting real-time traffic types -www, voice streaming and, steerable/interactive time critical video.
21st International Conference on Advanced Networking and Applications (AINA '07), 2007
Interactive Transparent Networking has been proposed to support a new generation of symbiotic app... more Interactive Transparent Networking has been proposed to support a new generation of symbiotic applications that require advance interaction with the Network. In this mode advanced applications can subscribe to statespace event based feed from network protocol local endpoints by interactive version of the network protocols. This enables a whole new range of high performance extensible adaptation which requires low-time constant feedback. In this paper, we show how classical TCP can be extended to support long delay high capacity pipe. We demonstrate a system that mimics FAST TCP however, without the usual extensive reengineering required by the original. It seems matching performance can be achieved with protocol interactivity.
Communications in Computer and Information Science, 2010
Most distributed system architectures are designed as a three-tier systems consisting of a thin-c... more Most distributed system architectures are designed as a three-tier systems consisting of a thin-client, middleware and a database. The overall performance of such systems depends on the performance of each tier individually and the overhead incurred by the collaboration between these three tiers. Nowadays, the two most popular middleware systems are: Microsoft's .NET platform and Sun's Java 2 Enterprise Edition (J2EE) platform. In J2EE, the middle tier infrastructure is called Enterprise JavaBeans (EJB) and in the .NET framework, it is called Component-Oriented Middle-Tier (COM+). Usually, the middle tier provides the business logic (any code that is not specifically related to storing and retrieving data, or formatting data for display to the user) and the performance of this tier is crucial to the overall performance of the distributed system. In this paper, we will measure via real experimentation the performance of the middle-tier (business logic) of the two platforms, namely: EJB3 and COM+ 1.5, in terms of response time and scalability. Then we compare and analyze the performance of each technology under different workload scenarios.
Third International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt'05)
Loss-Free handoff in Mobile Networks is an extensive research area. Mobile IP (MIP) provided a so... more Loss-Free handoff in Mobile Networks is an extensive research area. Mobile IP (MIP) provided a solution to enable a mobile node to roam from one location to another while maintaining its network level connectivity. However, handoff latencies and longer triangular routing paths in MIP can severely degrade communication performance and in particular cripple connection oriented protocols like TCP. In this paper we propose an alternate approach for robust mobility. The scheme is based on the principle of 'Interactive Transparent Networking' where all networking layers remain lightweight but are engineered for interactivity. This would allow principle intelligent actions to be performed at the application layer. With protocol interactivity we demonstrate a novel scheme that switches IP address in the TCP/IP stack on both end-points and perform loss-free rapid handoff. The scheme offers not only loss-free handoff, but also offers several fundamental system advantages; (i) it does not impose any changes on original network protocols or their dynamics, and (ii) it fully adheres to the end-to-end principle and do not require intermediary nodes as in MIP. We have achieved a real implementation of the scheme on FreeBSD and tested the real system over Internet with voice traffic. We show that this scheme can dramatically reduce handoff latency and improve TCP performance by offering shorter routes with loss-free handoffs and smooth, low-jitter voice stream.
In this paper we present result f rom an app lication integrated congestion control mechanism des... more In this paper we present result f rom an app lication integrated congestion control mechanism designed for time-sensitive traffic based on the principle of direct protocol i nteractivity. In contrast t o classical t ransport protocols we e nvision a transport mechanism, which is interactive and can p rovide event notification to the subscriber of it s communication service. We then show a friendly adaptive MPEG-2 video transcoding scheme, which d irectly interacts with the transport protocol and adjusts its production in synch with the impairment events in the transport l ayer. In this paper we present t he application side symbiotic mechanics, and report potential dramatic improvement i n time-bounded video delivery. The system can be implemented with relative simple and direct modification o f t he c urrent TCP transport.
Mobile IP is offers disconnection free handoff by assuming availability of infrastructure. It req... more Mobile IP is offers disconnection free handoff by assuming availability of infrastructure. It requires intermediate software agents in the network to be deployed ahead of time to circumvent IPs normal mode identity based routing. This infrastructure based mobility management though offers connectivity but incurs significant handoff and tunneling delays along with deployment costs. In this paper we demonstrate an alternate mobility scheme which does not require any such infrastructure and uses only end-point technique and yet provides much faster loss-free handoff. This End-to-End scheme named Interactive Protocol for Mobile Networks (IPMN) neither requires any functional changes to the network layers on the sending and receiving host machines nor an infrastructure in the network. It intelligently performs handoff based on information provided by MAC Layer. The network address change is handled by renewing the existing connections by manipulating the TCP/IP stack at the end-points. Besides, the difference in deployment scenarios, the IPMN offers blazingly fast event based handoff and much faster and simplified transport (no tunneling delay) than MIP. We provide a detail model based performance comparison between the two.
Interactivity in the transport protocol can greatly benefit transport friendly applications gener... more Interactivity in the transport protocol can greatly benefit transport friendly applications generating streaming traffic. Recently we have developed iTCP, which can provide event notification to the subscriber of its communication service. This is operationally state equivalent to the conventional TCP except applications can optionally subscribe, receive, and in real-time react to selected local end-point events. This simple extension opens the horizon for a spectrum of smart application level solutions to be realized for many of the current hard problems. In this paper we demonstrate a new paradigm of congestion management for time sensitive elastic traffic. Based on the transport layer feedback, a rate adaptation mechanism kicks in. This mechanism provides a generation rate control with guaranteed TCP buffer delay. We have recently implemented and tested the real system on the Active Network (ABone) testbed for video streaming to worldwide sites. In this paper we share the performance of this system and report observed dramatic improvements in time-bounded streaming traffic.
The layered rigid organization of traditional network service stack currently poses a two fold pr... more The layered rigid organization of traditional network service stack currently poses a two fold problem: (i) better solutions/improvements cannot be practically deployed in the service stack -we call this the 'Evolution ' problem, and (ii) applications are becoming more selective and critically demanding for specialized services -we call this the 'Implementation Conflict' problem. The 'Programmable' and 'Active' network paradigms tried to solve both problems by allowing arbitrary custom codes to be embedded inside network layers. We propose a less radical approach in which required service state information can be pulled-up to the upper layer where 'actions' are performed by programmable components, and generated 'actions' are pushed down into the network layer. This approach relives lower network layers from housing costly custom components and addresses other practical issues like security and flexibility. We call this mechanism 'Interactive Transparent Networking'. In this paper, we explain the mechanism and its advantages in creating TCP-friendly applications. We also show by example how it can be used as a protocol augmentation tool by modeling two well-known protocols proposed in the literature to improve TCP performance over wireless networks: Snoop [2] and WTCP .
the extensibility and evolution of network services and protocols had become a major research iss... more the extensibility and evolution of network services and protocols had become a major research issue in recent years. The 'programmable' and 'active' network paradigms have been trying to solve the problems emanating from the immutable organization of network software layers by allowing arbitrary custom codes to be embedded inside network layers. In this work, we propose a new approach for building extensible network systems to support cross-layer optimization. The fundamental idea is to perform a simple, light-weight meta-engineering on the classical OSI protocols' organization to make it interactive and transparent. The protocols become (interactive) since they can provide event notification to service subscribers, and they become (transparent) since they also allow controlled access to their state information. Actual protocol extensions (or modifications) can then be performed at the application space by what we call Transientware Modules. This organization provides the infrastructure needed for easy and practical extensions of the current network services and it becomes much easier to address other difficult issues like security and flexibility. We call this mechanism Interactive Transparent Networking (InTraN) and we call the extended kernel InTraN-enabled. We have realized a FreeBSD implementation of the extensible InTraN-enabled kernel. In this paper, we present a formal EFSM-based model for the proposed meta-engineering and illustrate the principles through a real example of TCP extension. Then, we demonstrate how it can be used to realize equivalents of other protocol modifications by showing the InTraN model of 'Snoop ' [4].
Uploads
Papers by Raid Zaghal