Selected Technical Publications
I have published many research papers in conferences and journals over the last 25 years. unlike an academic, I haven’t tracked all my publications, Also, I have submitted many standards committees submissions. Here are some selected publications. I am hoping to upload copies of these papers or link to online copies someday.
Design and Deployment of Highly-Scalable Distributed Web Conferencing Systems
publication date Jul 21, 2014 publication description WORLDCOMP’ 14 – The 2014 World Congress in Computer Science, Computer Engineering, and Applied Computing, July 21-24, Las Vegas, USA
publication description The current generation of commercially available Web conferencing systems is limited by the number of simultaneous users that can join a Web conferencing. This number is often limited to a few thousand users at the most. Recently, mconf, a distributed open source based web conferencing system developed by Brazilian NREN team has been deployed primarily for the educational use. In this paper, we discuss the design of distributed Web conferencing system like mconf that can support a very large number of simultaneous users. Various deployment issues with server load balancing, bandwidth management and streams management are discussed.
A Framework For Intrusion Deception On Web Servers
publication date Apr 29, 2013 publication description To Appear In WORLDCOMP’13 – The 2013 World Congress in Computer Science, Computer Engineering, and Applied Computing, July 22-25, Las Vegas, USA
publication description Threats against computer systems continue to multiply, but existing security solutions that attempt to keep the attacker out of the system are becoming unable to keep pace with these challenges. In this paper we discuss the application of military deception to defend computer systems. Deception techniques enable the defender to influence the attacker’s selection of targets and thus direct him to perform actions that reveal his presence and intentions. We discuss techniques that mislead attackers and cause them to take specific actions that aid in the defense of a computer system. We then focus on web servers, that are frequently attacked often as a first step of a deeper intrusion into a computer network, and present an architecture integrating deception into a popular web server.
publication date May 1, 2012 publication description The 13th International Conference on Internet Computing (ICOMP’12: July 16-19, 2012, USA)
publication description This paper describes methods to detect intruders and then use automated deception techniques to avoid attacks on vital infrastructures.
An Architectural Framework for Mobile Device Interaction with Consumer Home Network Appliances
publication date Jan 14, 2012 publication description CCNC’2012 Pernets Workshop 6th IEEE International Workshop on Personalized Networks
publication description With the proliferation of digital contents and the expanding variety of connected and IP-enabled consumer electronics (CE) devices, consumers are increasingly seeking ways to efficiently integrate their mobile devices with home networked devices. Expanding wireless coverage is enabling exciting new set of consumer-focused applications between CE devices, mobile handsets, home appliances and personal computers. In this paper, we discuss an architectural framework for mobile device interaction with consumer home network appliances and devices. A number of technological elements such as service discovery, addressing and numbering, control and data transport protocols and security requirements are presented and discussed. A realization of this framework will allow mobile devices to interact with home appliances and other consumer electronic devices in a heterogeneous network from remote locations.
A Network Based Approach to Malware Detection in Large IT Infrastructures
publication date Jul 15, 2010 publication description The 9th IEEE International Symposium on Network Computing and Applications
publication description Malware is code that has malicious intent and is designed for malicious purpose such as stealing confidential data, or obtaining root privileges on a system. The current approach to deal with malware threats such as virus and spyware is to use host based anti-malware software. However, this approach leads to many vulnerable machines since many users don’t update their software, their virus signatures, and some even disable their software to avoid the system performance degradation caused by these software. Host based security software require a good deal of administration, with consistent needs for reconfiguration, management, and report analysis. With security administrators supporting an ever growing number of users, such an approach has become impractical. In this paper, we present a novel network based malware detection architecture that uses host security vectors to protect host machines without any intervention from ho
A Security Mechanism for Web Servers Based on Deception, in The 13th International Conference on Internet Computing (ICOMP’12: July 16-19, 2012, USA)
sts. This architecture provides another layer of security and can complement existing host based solutions. Only central detection server needs to be actively managed instead of individual hosts – hence providing more manageable solution for large IT infrastructures.
SIP based Mobility Extension of UPnP
publication date Jan 10, 2006 publication description IEEE Consumer Communications and Networking Conference
publication description Universal Plug and Play (UPnp) consists of a set of protocols that allow consumer electronic (CE) devices to discover, connect and access one another when they are on the same sub-network. However, UPnP does not provide support for device mobility in which devices are allowed to move from one IP networking domains to another without affecting their ability to interact with other devices. In this paper, we propose a system level architecture to provide mobility support to UPnP devices and services by utilizing Session Initiation Protocol (SIP). We propose a new UPnP mime type for carrying UPnP data. We also propose a UPnP packet forwarding architecture, which uses SIP signaling procedures and hides the mobility of UPnP capable devices from other devices in the network.
Integration of security in network routing protocols
publication date Mar 1, 1993 publication description ACM SIGSAC Review, Vol 11 No 2
publication description There are two sources of threats to secure operation of routing protocols in networks. The first source of threats is subverted routers that legitimately participate in a routing protocol. The second source of threats is intruders which may illegally attempt to interfere in routing protocols by masquerading as routers. In this paper, we first analyze the security requirements of network routing protocols and then discuss the necessary measures which can be adopted to make the operation of these protocols secure.