Yoshiaki Kasahara [kasahara AT nc.kyushu-u.ac.jp] Yasuichi Kitamura [kita AT jp.apan.net]
To raise the security awareness and knowledge within APAN community
To exchange experience and knowledge in network security technologies and issues, and
To cooperate with other international security efforts to raise security awareness, capabilities and interoperation globally.
Security related topics includes protection of the physical, intellectual, and electronic assets of the APAN and other network, including its security policies, network access controls, virus protection, network administration, auditing, and transaction security.
Challenges in P2P Botnet Monitoring - SECWS-1.pdf Shankar Karuppayah, Technische Universitat Darmstadt [shankar.karuppayah AT cased.de] Abstract:
Botnets are responsible for many of the cyber crimes that are executed throughout the globe, i.e., DDoS attacks, identity thefts, banking frauds, etc. Recent botnets such as the notorious GameOver Zeus, Sality, and ZeroAccess have embraced the P2P paradigm to ensure resiliency of the botnet against takedown attempts from enforcement agencies and security researchers. Although there are existing mechanisms to conduct monitoring on P2P botnets, researchers are often troubled by other challenges that impede successful monitoring due to the nature of P2P networks and also anti-monitoring countermeasures implemented by the botnets. This talk will introduce existing monitoring mechanisms for P2P botnets besides the various challenges that need to be tackled to allow a successful botnet monitoring.
Shankar is a PhD candidate at Technische Universitat Darmstadt (Telecooperation) and CASED. His main research interests are Botnets and Cyber Security. He received his bachelor degree (B.Sc. (Hons)) in Computer Science from Universiti Sains Malaysia in 2009 and masters degree (M.Sc.) in Software Systems Engineering from King Mongkuts University of Technology North Bangkok in 2011 (The master degree curriculum is based on the RWTH Aachen model). Currently he is pursuing his PhD under the Skim Latihan Akademik Individu fellowship program of the Ministry of Education, Malaysia and he is attached to Universiti Sains Malaysia (National Advanced IPv6 Center) at the same time.
Early DDoS Detection Close to SMTP Server Attack Target - SECWS-2.pdf Mohd Zafran, Kyushu University [zafran.fke AT gmail.com] Abstract:
Distributed denial of service (DDoS) attacks are a common threat to the uptime of websites, servers, and networks. Over the 15 years DDoS attacks have become the most serious and difficult to mitigate problem facing systems administrators and network operators. Historically, DDoS attacks existed only on the fringe of the internet, rarely impacting actual companies. Today, DDOS attacks far exceed the capabilities of most service providers and expert, S,Shin, G,GU at el. However, until today preventing the DDOS attacks may be impossible. But with some advance method and planning, they can be mitigated and stopped. For this research we focus on Software Defne Network Controller which manages flow control based on protocols such as openflow that allow servers to tell switches wheres to send packets. Thru the network centralize system, the network under SDN control can detect the attack SMTP Flood before the attack arrive at the destination SMTP server.
Zafran is a PhD candidate at Kyushu University, Japan (Advanced Distributed Processing Systems). His main research interests are Software Define Network. He received his bachelor degree (B.Eng) in Electrical Engineering and Computer Science from Kumamoto University, Japan in 2001 and masters degree (M.Sc.) in Engineering from Tokyo University Of Technology, Japan in 2008. Currently he is pursuing his PhD under the Skim Latihan Academik Bumiputera fellowship program of the Ministry of Education, Malaysia and he is attached to Universiti Teknologi MARA, Shah Alam Malaysia (Faculty of Electrical Engineering, Center of Computer Engineering Studies) at the same time.
Approach to Authenticity of Open Scientific Data - SECWS-3.pdf Hidenobu Watanabe, Kyushu University [h-watanabe AT cc.kyushu-u.ac.jp] Abstract:
Openness in scientific research data has been committed as one of IT strategy in Japan, long-term authenticity guarantee for a massive amount of open scientific data becomes increasingly important. Although cloud services have potential for long-term scientific data management, the scope of security responsibility ensured by a cloud service is a provided infrastructure only in principle. As a service to ensure authenticity of digital data, there is PKI-based service with certification chain such as digital signature. However, the certification issuance requires a few days or a week, and certification chain needs to verify multiple certification per data. In addition, existing standard format of digital signature cannot cover all scientific data. This presentation introduces my approach to improve these situation.
Watanabe joined the Research Institute for Information Technology at Kyushu University, Japan as an assistant professor in April 2015. He is also a member of the Cybersecurity Center at Kyushu University. His main research interests are interconnected clouds control, interoperable long-term open data conservation, and cybersecurity in e-Science. He received his PhD degree in computer science from Hiroshima University, Japan in 2011. Before joining Kyushu University, he was a researcher of cloud computing for e-Science at National Institute of Information and Communications Technology, Japan.
A Review on ICMPv6 Vulnerabilities and its Mitigation Techniques: Classification and Art - SECWS-4.pdf Navaneethan C. Arjuman, MYREN [nava AT nltvc.com] Abstract:
In IPv4, ICMP was used to error reporting and flow control management among others. Due to lack of security consideration in the design of ICMPv4 protocol leading to numerous vulnerabilities, this has led to exploitation and attacks on a particular network. Over the years, these vulnerabilities have been addressed by introducing new solutions and patches. IPv6 is a new protocol introduced to replace IPv4 in order to circumvent IP address depletion. In addition, new improvements have been introduced including ICMPv6. ICMPv6 has gained a much more significant and essential role because of new functionality that is now performed through ICMPv6. Due to its expanded role, security measures introduced in ICMPv4 are no longer sufficient to address the security issues potentially inherent in ICMPv6. This paper will review the vulnerabilities and exploitation of ICMPv6. The existing mitigation techniques and approaches used to address these vulnerabilities will also be reviewed to an extent.