Nicolás Macia

QoS -Traffic Classification in the Internet

In UNLPpsilas network, like in most of the present networks, a great percentage of the traffic network demand is that of HTTP protocol. At the moment it is around 60%. To be more precise, we would have to claim that most of the traffic is transported by TCP port 80. Although port 80 TCP is used by default by protocol HTTP, any other application can use it, taking advantage of the fact that usually this port is not filtered and that it is even assigned a greater priority over the others. This work proposes a way to classify traffic at the top level of the application. The objective consists of applying effective techniques of QoS, that distinguish HTTP from other protocols as well as different uses which the users generally give,like being navigation, streaming and downloading.

Chapter 29 – Improving Security in Web Sessions: Special Management of Cookies

The current mechanism implemented for Web session management implies exchanging session cookies between a Web application client (usually a browser) and a Web application server. Besides having privacy issues, the security of Web sessions can be affected by various reasons related to cookies. There are several vulnerabilities that threaten a Web application specifically related to cookies: theft, tampering, and/or forgery. Any of these vulnerabilities may favor session theft and/or unauthorized access using the identity of another user in the system. In this chapter, we present an alternative technique for management of Web sessions, where no session cookies are sent to clients while maintaining backward compatibility. As a result, the proposed technique is shown to avoid several specific vulnerabilities that affect the security of Web application sessions and users. The proposed mechanism works transparently for Web applications, and a proof of concept was successfully tested with Web applications based on different languages such as Php, Perl, Ruby, and Python.

Requirements for troubleshooting wi-fi network security through location technologies

The location of mobile devices in a network can be used to provide services that locate users as well, making positioning and tracking of mobile devices. From the standpoint of security and network administration, the location of mobile devices can be used as a protective mechanism complementary to existing ones, either by detecting unauthorized access to the Wi-Fi network as well as allowing the tracking of stolen mobile computers. The aim of this paper is to study techniques for locating mobile devices in Wi-Fi environments and discuss countermeasures that can be used by users who want to avoid being located. Based on this, will select the most appropriate location technique taking into account the countermeasures discussed. It will analyze the feasibility of implementing location technologies with general purpose hardware, evaluating possible changes to the software needed for access points so as to permit use in the tracking system. From this, we propose a location system architecture taking into account the appropriate security requirements to perform access control to information obtained and to safeguard the privacy and anonymity of the same.