Miralem Mehic

Impact of packet size variation in overlay quantum key distribution network

Quantum Key Distribution (QKD), based on the laws of physics rather than the computational complexity of mathematical problems, provides an information-theoretically secure way of establishing symmetrical binary keys between two geographically distant users. This paper is oriented to the practical realization of QKD public channels which are usually implemented as overlay point-to-point connections. We address the problem of minimizing the key material consumption by changing packet overhead. Our results show that the efficiency of communication in overlay QKD networks may increase when packets of larger sizes are used. However, this tuning directly affects the performance of overall communication. We evaluated this approach using an overlay network module which was implemented in the NS-3 simulator. The obtained results can be used for other overlay networks as well.

Calculation of key reduction for B92 QKD protocol

It is well known that Quantum Key Distribution (QKD) can be used with the highest level of security for distribution of the secret key, which is further used for symmetrical encryption. B92 is one of the oldest QKD protocols. It uses only two non-orthogonal states, each one coding for one bit-value. It is much faster and simpler when compared to its predecessors, but with the idealized maximum efficiencies of 25% over the quantum channel. B92 consists of several phases in which initial key is significantly reduced: secret key exchange, extraction of the raw key (sifting), error rate estimation, key reconciliation and privacy amplification. QKD communication is performed over two channels: the quantum channel and the classical public channel. In order to prevent a man-in-the-middle attack and modification of messages on the public channel, authentication of exchanged values must be performed. We used Wegman-Carter authentication because it describes an upper bound for needed symmetric authentication key. We explained the reduction of the initial key in each of QKD phases.

Analysis of the Public Channel of Quantum Key Distribution Link

Quantum key distribution (QKD) relies on the laws of physics to establish a symmetric binary key between remote parties. A QKD link involves the realization of a quantum channel for the transmission of quantum key material encoded in certain photon properties, as well as a public channel for verification of the exchanged key material. This paper deals with the mutual dependence of these channels and analyzes the impact of performance of both channels on the overall key material establishment process. This paper presents measurement data obtained under laboratory conditions as well as the results obtained by establishing a virtual QKD link. Despite the common beliefs that increased quantum bit error rate implies a larger amount of traffic on the public channel, our measurements prove the opposite. The obtained data clearly show that the public channel has a major impact on the overall performance of the QKD link.

On using multiple routing metrics with destination sequenced distance vector protocol for MultiHop wireless ad hoc networks

A mobile ad hoc network is a collection of mobile nodes which communicate without a fixed backbone or centralized infrastructure. Due to the frequent mobility of nodes, routes connecting two distant nodes may change. Therefore, it is not possible to establish a priori fixed paths for message delivery through the network. Because of its importance, routing is the most studied problem in mobile ad hoc networks. In addition, if the Quality of Service (QoS) is demanded, one must guarantee the QoS not only over a single hop but over an entire wireless multi-hop path which may not be a trivial task. In turns, this requires the propagation of QoS information within the network. The key to the support of QoS reporting is QoS routing, which provides path QoS information at each source. To support QoS for real-time traffic one needs to know not only minimum delay on the path to the destination but also the bandwidth available on it. Therefore, throughput, end-to-end delay, and routing overhead are traditional performance metrics used to evaluate the performance of routing protocol. To obtain additional information about the link, most of quality-link metrics are based on calculation of the lost probabilities of links by broadcasting probe packets. In this paper, we address the problem of including multiple routing metrics in existing routing packets that are broadcasted through the network. We evaluate the efficiency of such approach with modified version of DSDV routing protocols in ns-3 simulator.

Creating Covert Channel Using SIP

Sending VoIP (Voice Over IP) by default requires two protocols:SIP and RTP. First one is used for establishing and changing the settings of the session and second one for exchanging voice packets. The main aim of this paper is to calculate the maximum number and type of SIP messages that can be transferred during established VoIP call without detection and raising an alarm from IDS (Intrusion detection system). Finally, we calculated Steganography bandwidth, amount of data in these messages that can be used for transfer of hidden content. Also, this paper deals with Snort IDS settings for raising alarm, traditional ones by using hard-coded rules and usage of anomaly detection plugin. Results of experiment are provided.

Implementation of quantum key distribution network simulation module in the network simulator NS-3

As the research in quantum key distribution (QKD) technology grows larger and becomes more complex, the need for highly accurate and scalable simulation technologies becomes important to assess the practical feasibility and foresee difficulties in the practical implementation of theoretical achievements. Due to the specificity of the QKD link which requires optical and Internet connection between the network nodes, to deploy a complete testbed containing multiple network hosts and links to validate and verify a certain network algorithm or protocol would be very costly. Network simulators in these circumstances save vast amounts of money and time in accomplishing such a task. The simulation environment offers the creation of complex network topologies, a high degree of control and repeatable experiments, which in turn allows researchers to conduct experiments and confirm their results. In this paper, we described the design of the QKD network simulation module which was developed in the network simulator of version 3 (NS-3). The module supports simulation of the QKD network in an overlay mode or in a single TCP/IP mode. Therefore, it can be used to simulate other network technologies regardless of QKD.

Neural network classifier of attacks in IP telephony

Various types of monitoring mechanism allow us to detect and monitor behavior of attackers in VoIP networks. Analysis of detected malicious traffic is crucial for further investigation and hardening the network. This analysis is typically based on statistical methods and the article brings a solution based on neural network. The proposed algorithm is used as a classifier of attacks in a distributed monitoring network of independent honeypot probes. Information about attacks on these honeypots is collected on a centralized server and then classified. This classification is based on different mechanisms. One of them is based on the multilayer perceptron neural network. The article describes inner structure of used neural network and also information about implementation of this network. The learning set for this neural network is based on real attack data collected from IP telephony honeypot called Dionaea. We prepare the learning set from real attack data after collecting, cleaning and aggregation of this information. After proper learning is the neural network capable to classify 6 types of most commonly used VoIP attacks. Using neural network classifier brings more accurate attack classification in a distributed system of honeypots. With this approach is possible to detect malicious behavior in a different part of networks, which are logically or geographically divided and use the information from one network to harden security in other networks. Centralized server for distributed set of nodes serves not only as a collector and classifier of attack data, but also as a mechanism for generating a precaution steps against attacks.

Using DNS amplification DDoS attack for hiding data

This paper concerns available steganographic techniques that can be used for sending hidden data through public network. Typically, in steganographic communication it is advised to use popular/often used method for sending hidden data and amount of that data need to be high as much as possible. We confirmed this by choosing a Domain Name System (DNS) as a vital protocol of each network and choosing Distributed denial of service (DDoS) attacks that are most popular network attacks currently represented in the world. Apart from characterizing existing steganographic methods we provide new insights by presenting two new techniques. The first one is network steganography solution which exploits free/unused protocols fields and is known for IP, UDP or TCP protocols, but has never been applied to DNS (Domain Name Server) which are the fundamental part of network communications. The second explains the usage of DNS Amplification DDoS Attack to send seamlessly data through public network. The calculation that was performed to estimate the total amount of data that can be covertly transferred by using these technique, regardless of steganalysis, is included in this paper.

Predictive model for determining the quality of a call

In this paper the predictive model for speech quality estimation is described. This model allows its user to gain the information about the speech quality in VoIP networks without the need of performing the actual call and the consecutive time consuming sound file evaluation. This rapidly increases usability of the speech quality measurement especially in high load networks, where the actual processing of all calls is rendered difficult or even impossible. This model can reach its results that are highly conformant with the PESQ algorithm only based on the network state parameters that are easily obtainable by the commonly used software tools. Experiments were carried out to investigate whether different languages (English, Czech) have an effect on perceived voice quality for the same network conditions and the language factor was incorporated directly into the model.

QSIP: A Quantum Key Distribution Signaling Protocol

The rapid development of quantum equipment has led to increased interest in the application of Quantum Key Distribution (QKD) in everyday life. One of the questions is the establishment of a QKD session, namely the procedure for negotiating session parameters that is solved using a signaling protocol. In this paper, we analyze the existing signaling protocols and their limited application in a QKD network. We present a new QKD signaling protocol (QSIP) that aims to establish a session, modify the parameters of the established session and tear down the session. Additionally, QSIP is expanded to carry values that can be used to calculate average delay and perceive the state of the public channel of QKD link.