Network-Embedded Security using In-Network Packet Marking

Principal Investigator’s Organization (PIO):

School of Electrical Engineering & Computer Science, NUST, Islamabad

Principal Investigator (PI):

Dr. Syed Ali Khayam, Dr. Fauzan Mirza

Summary

The project developed theoretically-sound, practical and scalable security-based packet marking methods, including security-induced packet marking at wire-speeds within the core network. It also developed robust strategies for discarding (or more generally “handling”) of security-marked malicious packets and ensured stability, fairness and convergence objectives for benign and legitimate flows. The key benefits of this project are: The security framework was deployed at major Pakistan gateways to allow networking monitoring and malicious packet dropping in Pakistan’s network core, thereby protected Pakistan from high-rate network attacks and the consequent bandwidth wastage. The security framework allowed the designers of the next generation Internet and Internet Service Providers (ISPs) remote monitoring and detection at the ISP gateways. Pakistan Education Research Network (PERN) significantly benefitted from the network-embedded security framework.

Start Date 01-Aug-2008

Duration 36 months

Budget PKR 7.88 million

Status  Closed Project

Progress Report View Progress Report

Publications   N/A

Thematic Area  Security

Project Website 
N/A