The team
Research projects
Publications
Research projects
Teaching
Open positions
Eurecom

Internet Security

The goal of this project is to develop practical tools and an experimental know-how in order to help increase user awareness in the area of Internet security. Internet protocols and applications widely suffer from security exposures due to programming errors or bugs exploited by hackers. Because of the diversity of these errors, the security solutions to these problems do not lend themselves to a systematic approach.

The project first aims at gaining a good understanding of known exposures in selected areas: attacks on IP and TCP, exposures with HTTP, web servers, and Java. Dynamic information and demonstration package for each area including vulnerability test tools for well-known attacks are designed and developed.

Team

Publications

[Mol99] Refik Molva.  Internet Security Architecture. Computer Networks & ISDN Systems Journal, 31, April 1999. PDF

Results

  • Inventory and analysis of security exposures with Java, WWW and IP networks
  • Vulnerability test tools for Java browsers and web servers
  • Evaluation of network scanners: Nmap, Nessus, Satan 
  • Design and implementation of an enhanced network scanner. A network scanning tool was developed that integrates modules from existing tools and allows for incremental addition of protocol specific scanning techniques as plug-ins. This tool also aims at stealth discovery.
  • Evaluation of a commercial intrusion detection product.
  • Generation of malicious TCP/IP traffic from a high-level definition of attack scenarios. A mixed graphical and textual tool was developed for the design of new attack scenarios on TCP/IP. For each new input scenario, the tool generates a traffic generating program. Malicious traffic patterns can be used as software components.
  • Deployment of public key infrastructures
  • Firewall based Java filtering tool

[Webmaster] - [NSTeam] - Eurecom - 09/11/98