Domain Server Research Articles

Estimating DNS Source and Cache Dynamics under Interval-Censored Age Sampling

Since inception, DNS has used a TTL-based replication scheme that allows the source (i.e., an authoritative domain server) to control the frequency of record eviction from client caches. Existing studies of DNS predominantly focus on reducing query latency and source bandwidth, both of which are optimized by increasing the cache hit rate. However, this causes less-frequent contacts with the source and results in higher staleness of retrieved records. Given high data-churn rates at certain providers (e.g., dynamic DNS, CDNs) and importance of consistency to their clients, we propose that cache models include the probability of freshness as an integral performance measure. We derive this metric under general update/download processes and present a novel framework for measuring its value using remote observation (i.e., without access to the source or the cache). Besides freshness, our methods can estimate the inter-update distribution of DNS records, cache hit rate, distribution of TTL, and query arrival rate from other clients. Furthermore, these algorithms do not require any changes to the existing infrastructure/protocols.

Malicious DNS detection by combining improved transformer and CNN

With the widespread application of the Internet, network security issues have become increasingly prominent. As an important infrastructure of the Internet, the domain name server has been attacked in various forms. Traditional methods for detecting malicious domain servers are usually based on rules or feature engineering, requiring a large amount of manual participation and rule library updates. These methods cannot adapt to the constantly changing threat environment. In response to these issues, this study first improves the Transformer by adjusting its attention head and encoding method. Then, the model is combined with convolutional neural networks. Finally, a block-based ensemble classifier is used for classification detection. The relevant outcomes showed that the average accuracy score of the proposed method was as high as 95.8 points, the average detection time score was 96.8 points, the average feature extraction ability score of the model was 96.3 points, and the overall performance score was 97.6 points. This method has significant advantages over traditional methods in terms of accuracy and detection time, providing a new tool for detecting malicious domain servers.

On The Zero-Trust Intranet Certification Problem

Securing corporate networks and ensuring the trustworthiness of network resources are critical security concerns for organisations in today's interconnected digital landscape. The zero-trust security model is an approach to designing and implementing ICT systems which prescribes that clients and servers cannot be trusted automatically, even when connected to networks traditionally considered trusted. The implementation of the zero-trust model within the corporate intranet requires a secure method to verify the identity of local servers. On the Internet, trust in the identity of public servers is established by well-known public Certificate Authorities (CAs), which issue digital certificates to securely identify servers. However, local intranet servers exist within the internal address space of the network. Consequently, it is impossible to naturally obtain digital certificates for these servers, validly signed by a public CA, without publicly disclosing sensitive information such as intranet server Domain Name System (DNS) records. This leaves organisations with the option of relying on endpoint management systems to install custom CA root certificates on all corporate browsers or, in some cases, ignoring the problem altogether. In this paper, we draw on practical experience in the deployment of cybersecurity devices in corporate intranets to formally define the intranet certification problem. We specify five requirements that a solution to this problem must satisfy. We then conduct a comprehensive review of existing candidate solutions and academic research relevant to the intranet certification problem. Specifically, existing ICT systems for public key infrastructure and endpoint management are identified and evaluated with respect to their ability to meet the stated requirements for solving the intranet certification problem, as well as their cost. Our study reveals that solutions that meet the technical and security requirements of the intranet certification problem are beyond the reach of smaller private sector companies and public sector organisations in underdeveloped and emerging economies. The high cost and technical expertise required for their implementation and management render these solutions impractical. Consequently, by relying on servers with self-signed certificates, these entities inadvertently leave their servers susceptible to impersonation, information theft, and unauthorised resource access, thus violating the fundamental principles of the zero-trust model. We conclude that a gap exists for a simple, cost-effective, and easily managed solution to the intranet certification problem.

Data Security and Privacy Mechanism Based on Key Exposure Method over Cloud

Recent news reveal a powerful attacker which breaks data confidentiality by acquiring cryptographic keys, by means of coercion or backdoors in cryptographic software. Once the encryption key is exposed, the only viable measure to preserve data confidentiality is to limit the attacker’s access to the ciphertext. This may be achieved, for example, by spreading ciphertext blocks across servers in multiple administrative domains—thus assuming that the adversary cannot compromise all of them. Nevertheless, if data is encrypted with existing schemes, an adversary equipped with the encryption key, can still compromise a single server and decrypt the ciphertext blocks stored therein. In this paper, we study data confidentiality against an adversary which knows the encryption key and has access to a large fraction of the ciphertext blocks. To this end, we propose Bastion, a novel and efficient scheme that guarantees data confidentiality even if the encryption key is leaked and the adversary has access to almost all ciphertext blocks. We analyze the security of Bastion, and we evaluate its performance by means of a prototype implementation. We also discuss practical insights with respect to the integration of Bastion in commercial dispersed storage systems.

Let gambling hide nowhere: Detecting illegal mobile gambling apps via heterogeneous graph-based encrypted traffic analysis

Mobile gambling apps, as a new type of online gambling service, have not only enriched people’s online entertainment activities but also brought about negative impacts for both individuals and society. Existing gambling app detection methods mainly extract static content-based characteristics, such as vision and textual features, to mine the key information from the user interface to detect gambling apps. In this paper, we are the first to introduce a dynamic communication characteristic-based approach by utilizing encrypted traffic analysis. Firstly, we conduct an analysis of the communication characteristics of 175 popular gambling apps in China, and unveil their important server domain name randomization and inter-app level familial characteristics, which cannot be well-leveraged by previous encrypted traffic analysis methods. Based on the analysis results, we design HeCGamb, a Heterogeneous Communication Graph-based method to enhance the Gambling app detection performance. HeCGamb models the inter-flow relations from various traffic flows to mine the flow-level communication patterns of gambling apps. Based on the inter-flow relations, HeCGamb further constructs inter-app relations to utilize the app-level familial characteristics. Finally, the multi-view semantic information from both servers and apps with inter-app relations are fused to generate the app node representations to comprehensively leverage the characteristics from server domains and familial apps. Extensive experiments not only demonstrate the superior performance(94.1% F1-score and 96.8% AUC score in open world) of HeCGamb, but also highlight its potential in gambling industry chain tracking.

Falls and associated risk factors in a sample of old age population in Egyptian community.

Falling is a major health problem among old age persons and are the sixth cause of mortality and morbidity among them. Assessing the prevalence of falls among elderly in an Egyptian community and investigating its associated risk factors using the Arabic translation of the SHARE-Questionnaire. This cross-sectional analytic study was a part of the pilot for AL-SEHA project. It included 289 old age people (50+ years age) residing in the study areas. The main project data were collected using the Arabic translation of the SHARE (Survey of Health, Aging, and Retirement in Europe) questionnaire. The original project data were collected by investigators from five universities, then uploaded to the internet server domain of the American University in Cairo (AUC) Social Research Center. The prevalence of falls was 11.07% (95% CI: 7.95-15.21). Falls were significantly more among 70 years or older (p < 0.001), unemployed or housewives (p = 0.026), have a family caregiver (p = 0.022), and home facilities for disability (p = 0.015). They had significantly higher rates of ischemic heart disease, hypertension, dyslipidemia, stroke, and diabetes mellitus. The most frequently reported problems were the fear of fall and dizziness (62.5%). The multivariate analysis identified the history of stroke and diabetes mellitus, the fear of fall and dizziness, and the total number of health problems and the score of difficulty in performing physical activities as significant independent predictors of fall occurrence. The history of stroke was the strongest risk factor (OR 33.49, CI: 3.45-325.40). The prevalence of falls among old age persons in the studied community is not alarmingly high. It is highest among stroke patients. Community interventions and rehabilitation programs are recommended to train and educate old age people, especially those at risk such as stroke and diabetic patients, and those with dizziness to improve their physical fitness and reduce the fear of fall among them.

On a DSML Domain Server for Fluids Transmission Pipeline Design and Modeling

Domain specific modelling languages (DSMLs) are special purpose languages that have been designed and tailored for specific application domains. With domain specific features user of the language can construct with very familiar notations and get desired outcomes. The focus in this paper is on the functionality of a domain server in a domain specific modelling language for modelling oil and gas pipeline design. A domain server is coupled to a range of pipeline physical components by a pipeline context model, each of the components having a variety of pipeline built units, attributes and values. The domain server stores data received from at least one of the range of the pipeline physical components, the data including values associated with one or more attributes of the components. The domain server derives a model type for at least one phase from the lifecycle of the pipeline design operation for the first instance of the pipeline built units, based on analytics of information stored in the pipeline built units memory and the component attributes storage, where the model type includes a set of attributes for at least one of the range of pipeline physical components. In addition, the domain server generates an orientation for performance operation of an instance including one or more actions from the pipeline built units corresponding to at least one attribute of the set of attributes Keywords: Attribute sets, model type, built units, pipeline context model (PCM)

Securing Cloud Data Under Key Exposure

Abstract: Recent news reveal a powerful attacker which breaks data confidentiality by acquiring cryptographic keys, by means of coercion or backdoors in cryptographic software. Once the encryption key is exposed, the only viable measure to preserve data confidentiality is to limit the attacker’s access to the ciphertext. This may be achieved, for example, by spreading ciphertext blocks across servers in multiple administrative domains—thus assuming that the adversary cannot compromise all of them. Nevertheless, if data is encrypted with existing schemes, an adversary equipped with the encryption key, can still compromise a single server and decrypt the ciphertext blocks stored therein. In this paper, we study data confidentiality against an adversary which knows the encryption key and has access to a large fraction of the ciphertext blocks[3]. To this end, we propose Bastion, a novel and efficient scheme that guarantees data confidentiality even if the encryption key is leaked and the adversary has access to almost all ciphertext blocks. We analyze the security of Bastion, and we evaluate its performance by means of a prototype implementation. We also discuss practical insights with respect to the integration of Bastion in commercial dispersed storage systems.

Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications.

Digital forensic analysis of videoconferencing applications has received considerable attention recently, owing to the wider adoption and diffusion of such applications following the recent COVID-19 pandemic. In this contribution, we present a detailed forensic analysis of Cisco WebEx which is among the top three videoconferencing applications available today. More precisely, we present the results of the forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications. We focus on three digital forensic areas, namely memory, disk space, and network forensics. From the extracted artifacts, it is evident that valuable user data can be retrieved from different data localities. These include user credentials, emails, user IDs, profile photos, chat messages, shared media, meeting information including meeting passwords, contacts, Advanced Encryption Standard (AES) keys, keyword searches, timestamps, and call logs. We develop a memory parsing tool for Cisco WebEx based on the extracted artifacts. Additionally, we identify anti-forensic artifacts such as deleted chat messages. Although network communications are encrypted, we successfully retrieve useful artifacts such as IPs of server domains and host devices along with message/event timestamps.

Identifying Influential SLD Authoritative Name Servers on the Internet

DNS plays an important role on the Internet. The addressing of most applications depends on the proper operation of DNS. The root servers and the top-level domain servers are relied upon by many domains on the Internet, and their security affects the whole Internet. As a result, more attention has been paid to the security of servers at these two levels. However, the security of second-level domains and their servers also needs to be brought to the forefront. This paper focuses on showing the complex resolving dependencies and identifying influential name servers for second-level domains. We start by detecting domain name resolution paths and building up a name dependency graph. Then we construct domain name resolution networks of different numbers and sizes, which are connected by a certain number of domain name resolution graphs. On this basis, the network is analyzed from the perspective of complex network analysis, and a multi-indicators node importance evaluation method based on partial order is proposed to identify the influential name servers of the network. Once these name servers are not properly configured and fail or are compromised by DDoS attacks, it will cause resolution failure for a wide range of domain names.

On perfectly secure 2PC in the OT-hybrid model

A well known result by Kilian (1988) [23] asserts that general secure two computation (2PC) with statistical security, can be based on OT. Specifically, in the client-server model, where only one party – the client – receives an output, Kilian's result shows that given the ability to call an ideal oracle that computes OT, two parties can securely compute an arbitrary function of their inputs with unconditional security. Ishai et al. (2011) [20] further showed that this can be done efficiently for every two-party functionality in NC1 in a single round.However, their results only achieve statistical security, namely, it is allowed to have some error in security. This leaves open the natural question as to which client-server functionalities can be computed with perfect security in the OT-hybrid model, and what is the round complexity of such computation. So far, only a handful of functionalities were known to have such protocols. In addition to the obvious theoretical appeal of the question towards better understanding secure computation, perfect, as opposed to statistical reductions, may be useful for designing secure multiparty protocols with high concrete efficiency, achieved by eliminating the dependence on a security parameter.In this work, we identify a large class of client-server functionalities f:X×Y↦{0,1}, where the server's domain X is larger than the client's domain Y, that have a perfect reduction to OT. Furthermore, our reduction is 1-round using an oracle to secure evaluation of many parallel invocations of 1-out-of-2 bit OT, as done by Ishai et al. (2011) [20]. Interestingly, the set of functions that we are able to compute was previously identified by Asharov (2014) [3] in the context of fairness in two-party computation, naming these functions full-dimensional. Our result also extends to randomized non-Boolean functions f:X×Y↦{0,…,k−1} satisfying |X|>(k−1)⋅|Y|.

Cybersecurity Verification and Validation Testing in Automotive

The new generations of cars have a number of ECUs (Electronic Control Units) which are connected to a central gateway and need to pass cybersecurity integration tests to fulfil the homologation requirements of cars. Cars usually have a gateway server (few have additional domain servers) with Linux and a large number of ECUs which are real time control of actuators (ESP, EPS, ABS, etc. – usually they are multicore embedded controllers) connected by a real time automotive specific bus (CAN-FD) to the domain controller or gateway server. The norms (SAE J3061, ISO 21434) require cybersecurity related verification and validation. Fir the verification car manufacturers use a network test suite which runs &gt; 2000 test cases and which have to be passed for homologation. These norms have impact on the way how car communication infrastructure is tested, and which cybersecurity attack patterns are checked before a road release of an ECU/car. This paper describes typical verification and validation approaches in modern vehicles and how such test cases are derived and developed.

Using Deep Learning to Block Web Tracking

Most websites that users browse every day utilize trackers that can identify who users are and what activities they conduct online. Although there are benefits to these trackers, they also raise considerable privacy concerns. This research study examines the issue of how to identify web trackers and how to protect users from being tracked. Specifically, this study investigates how AI Deep Learning technologies can be leveraged to identify and stop trackers. The main idea of AI Tracker Blocking is that AI can detect the small differences between tracker server domains and non-tracker server domains. For instance, a tracker domain may appear like this: analytics.xxx.bid, whereas a non-tracker domain may be like this: mail.xxx.com. Although it is likely impossible to block all trackers, results from this study indicate that there are new ways to identify them using Deep Learning.

Implementation of LWM2M Protocol in Constrained IoT Devices

An emerging Lightweight machine to machine had been indulged with a high speed portable client-server specification. The LWM2M was helpfull for constrained networks. It has systematic machine manipulation also with an invulnerability venture, was supported in IoT applications. Research activities also focus on the server domain was in process in LWM2M. In LWM2M end-nodes are always resource-constrained. The client-side authorized LWM2M functionalities are not only critical and crucial also challenging. To approach the client-side set-up in LWM2M, it has a proper authenticity environment embedded in hand with IoT node. Its interconnection was predetermined to associate with the lightweight protocol stack and response was figured up by the LWM2M v1.0 specification. The usability and effectiveness of Lightweight protocol validated using a real-world application. Building a home automation product is one of the most effective parts is to think about protocols. Thus the LWM2M protocols are one of the efficient ways to communicate to gateways, servers, and sensors.

Cloud Computing Security using by Applying Cryptography Technique

Cloud computing is the provision of computing and storage capacity to users as a service. Cloud storage is a type of networked online storage where data is stored in virtualized storage pools as a subservice of infrastructure as a service (IaaS) in cloud computing. Cloud computing plays a significant role in the efficient use of resources and in the utilization of service. Regardless of the cloud category (e.g. private, public, hybrid or inter-cloud), all service providers rely on domain server data. As a rapid development and deployment of cloud computing and cloud storage, users are increasingly concerned about security and privacy issues involved in these techniques. This paper provides a summary of basic security problems that consist of conventional security issues. It also addresses the additional challenges resulting from the cloud computing paradigm being used by cloud system providers and consumers. In addition, solutions suggested by some researchers are presented with a focus on cryptographic techniques which support secure storage of the cloud.

Securing Cloud Data Under Key Exposure

Recent news reveal a powerful attacker which breaks data confidentiality by acquiring cryptographic keys, by means of coercion or backdoors in cryptographic software. Once the encryption key is exposed, the only viable measure to preserve data confidentiality is to limit the attacker's access to the ciphertext. This may be achieved, for example, by spreading ciphertext blocks across servers in multiple administrative domains—thus assuming that the adversary cannot compromise all of them. Nevertheless, if data is encrypted with existing schemes, an adversary equipped with the encryption key, can still compromise a single server and decrypt the ciphertext blocks stored therein. In this paper, we study data confidentiality against an adversary which knows the encryption key and has access to a large fraction of the ciphertext blocks. To this end, we propose $\mathrm{Bastion}$ Bastion , a novel and efficient scheme that guarantees data confidentiality even if the encryption key is leaked and the adversary has access to almost all ciphertext blocks. We analyze the security of $\mathrm{Bastion}$ Bastion , and we evaluate its performance by means of a prototype implementation. We also discuss practical insights with respect to the integration of $\mathrm{Bastion}$ Bastion in commercial dispersed storage systems. Our evaluation results suggest that $\mathrm{Bastion}$ Bastion is well-suited for integration in existing systems since it incurs less than 5 percent overhead compared to existing semantically secure encryption modes.

HoliTrust-A Holistic Cross-Domain Trust Management Mechanism for Service-Centric Internet of Things

Internet of Things (IoT) is proposed and used in diverse application domains. In IoT, nodes commonly have a low capacity to maintain security on their own expenses, which increases the vulnerability for several attacks. Many approaches have been proposed that are based on privacy and trust management to reduce these vulnerabilities. Existing approaches neglect the aspects of cross-domain node communications and the significance of cross-domain trust management. In this paper, we propose a Holistic Cross-domain trust management model (HoliTrust) that is based on multilevel central authorities. To provide multilevel security, the HoliTrust divides domains into communities on the basis of similarities and interests. Every community has its dedicated server to calculate and manage the degree of trust. In addition, these domains also have their dedicated servers to manage their specific domains, to communicate with the trust server, and to sustain trust among other domain servers. The trust sever is introduced in the HoliTrust that controls the domains, calculates the domain trust, manages the trust values, and distributes standard trust certificates to domains based on a degree of trust. Trust computation is performed on the basis of direct and indirect trust parameters. Furthermore, if a trustor communicates through the community, then the community server includes community trust of the trustee during the trust evaluation. If the communication of the trustor is across the domain, then the community server includes the domain trust along with the community trust of the trustee comprising direct and indirect observations. The overall trust evaluation of communities and domains is time-driven and the responsible authority computes trust after a specific interval of time. We have also compared the HoliTrust with the existing trust mechanisms by focusing on several holistic trust objectives, such as trust relation and decision, data perception trust, and privacy preservation.

MEMBANGUN CLOUD COMPUTING UNTUK MANAGEMEN DATA PADA UNIVERSITAS ISLAM LAMONGAN

To improve the efficiency of work activity management at Islamic University of Lamongan requires a service system that can help the work of management, especially data management service / file then the wake of data management services with website technology built in network of private University, website service is in the cloud Computing Local Service was built from a virtual server with a Debian 8 operating system and a server residing within the Proxmox operating system. The stages of the development of this service system include the creation of cloud services is done through several stages, namely the stage of network design, the stage of installing the operating system Proxmox, the stage of creating a VE server in proxmox, the stage of installing the VE server with debian8, the stage of configuring the VE server to web server and domain Server, implementation and testing stages. And also the stages of making management services through several stages, namely the design phase of the context diagram, the phase make usecase service diagram, create an activity diagram, the stage of making sequence diagram, and interfaces design stage

Hypervisor for consolidating real-time automotive control units: Its procedure, implications and hidden pitfalls

Abstract The future of automotive industry has a major focus on computing innovations such as autonomous driving, connectivity and mobility. These complex innovations integrate hardware and software components of different automotive safety integrity levels. Although standards like AUTOSAR provides flexibility in integrating different software components, it compromises on isolation from software interference. Virtualization is a technique, used for several decades in server domains, ensuring integration of heterogeneous subsystems without interference. Until recent years, inheriting virtualization onto real-time systems has been avoided due to its overhead and impact in-terms of timing behavior. With the usage of multi- and many-cores in the automotive industry, virtualization is gaining more importance to handle the upcoming innovations with incredible increased complexity and the needed computation power. This paper describes the technique for bringing virtualization into an automotive state-of-the-art multicore controller, which does not support virtualization. We have used two automotive state-of-the-art heterogeneous applications: engine electronic control unit and vehicle control unit, and a prototype version of hypervisor from ETAS-GmbH. Important aspects in virtualization like system-startup, handling of interrupts and traps, facilitating input–output access are discussed. Finally, the performance of a virtualized system in terms of core loading, interrupt and task timing parameters are evaluated and compared.

HTTM - Design and Implementation of a Type-2 Hypervisor for MIPS64 Based Systems

Virtualization has emerged as an attractive software solution for many problems in server domain. Recently, it has started to enrich embedded systems domain by offering features such as hardware consolidation, security, and isolation. Our objective is to bring virtualization to high-end MIPS64 based systems, such as network routers, switches, wireless base station, etc. For this purpose a Type-2 hypervisor is a viable software solution which is easy to deploy and requires no changes in host system. In this paper we present the internal design HTTM –A Type-2 hypervisor for MIPS64 based systems and demonstrate its functional correctness by using Linux Testing Project (LTP) tests. Finally, we performed LMbench tests for performance evaluation.