Ugo Fiore - Academia.edu (original) (raw)
Papers by Ugo Fiore
Journal of High Speed Networks, 2010
Journal of Networks, 2007
Journal of Communications and Networks, 2007
As the Internet continues to grow, it faces an increasingly hostile environment and consequently,... more As the Internet continues to grow, it faces an increasingly hostile environment and consequently, the need for security in network infrastructure is stronger than ever. In this scenario the Multi-Protocol Label Switching (MPLS) emerging paradigm, seems to be the cornerstone for developing most of the next generation network infrastructure-level services in the Internet. Unfortunately, due to the lack of a scalable means of verifying the authenticity and legitimacy of the control plane traffic in an MPLS domain, almost all the existing MPLS control and signaling protocols are extremely vulnerable to a variety of malicious attacks both in theory and in practice and communication between peer routers speaking the above common protocols is subject to active and passive forgery, hijacking and wiretapping activities. In this paper, we propose a robust framework for MPLS-based network survivability against security threats, by making the MPLS control and signaling protocols more secure. Our design goals include integrity safeguarding, protection against replay attacks, and gradual deployment, with routers not supporting authentication breaking the trust chain but operating undisturbed under any other respect.
Computers & Security, 2010
... Early integrated approach to the wider theme of intrusion detection were based on the assumpt... more ... Early integrated approach to the wider theme of intrusion detection were based on the assumption that most ... allows us to study their evolution in time and can be used for the detection of transitions ... On the other side, good values for m can be found by using methods like false ...
Simulation seems to be the best available alternative to the deployment of expensive and complex ... more Simulation seems to be the best available alternative to the deployment of expensive and complex testbed infrastructuresfor the activities oftesting, validating and evaluating optical network control protocols and algorithms. In this paper we present SimulNet, a specialized optical ...
... Aniello Castiglione ∗ , Alfredo De Santis Dipartimento di Informatica Universit`a degli Stu... more ... Aniello Castiglione ∗ , Alfredo De Santis Dipartimento di Informatica Universit`a degli Studi di Salerno I-84084 Fisciano (SA), Italy castiglione@ieee.org ∗ , ads@dia.unisa.it ... Initially formulated in [2] it involves two prisoners, Alice and Bob, as well as a warden named Wendy. ...
A well-recognized problem in high-speed all-optical networks is that fibres and switches frequent... more A well-recognized problem in high-speed all-optical networks is that fibres and switches frequently fail. When a network, designed in a non-robust way, encounters such kind of problem it can become highly vulnerable, i.e. experiencing large fractions of connections disruption. This makes resiliency a key issue in network design and thus efficient protection schemas are needed so that when a failure occurs, the involved traffic must be immediately rerouted over a predetermined backup path without affecting the user-perceivable service quality. In this paper we propose a new protection scheme, achieving robustness through a new low complexity link protection algorithm, which can be used to select end-to-end totally disjoint backup paths between each couple of nodes in a mesh network, providing restoration speeds comparable to ring restoration. Many research efforts in this area are targeted at optimization, with the objective of using as much capacity as possible while trying to guarantee adequate levels of protection. The design requirements for our scheme were instead simplicity and performance, aiming at providing a way of quickly computing backup paths for each link without taking resource optimization issues into consideration. We believe that the novel formulations and results of this paper, may be of interest for a network operator wishing to improve connections reliability, at a low implementation cost.
Because of the evolution of portable computing, and personal communication technologies, mobile I... more Because of the evolution of portable computing, and personal communication technologies, mobile Internet connectivity is the fastest growing business in the telecommunications market, playing a vital role in shaping the 21st century communications paradigms. In this scenario, the deployment of innovative wireless data networks, the integration with the Internet and the inter-working between different wireless technologies will be challenging objectives for competitive service providers. These factors, combined with the impact that mobile related traffic may have on the fixed infrastructure, and the convergence of mobile and fixed services, drive towards a rationalization of the resource allocation and management procedures and make it urgent to address the node mobility problem from a global, core-level traffic engineering point of view. We propose a framework for the integration of IP mobility and MPLS in the mobile data network focusing on the use of consolidated technology, with no major changes to standardized protocols or devices. Our model that handles wireless IP device mobility by combining local area mobility techniques at the edge and MPLS in the backbone, allows very fast handovers without the need of modifying the IP address, works with any IP version, has a low header overhead (compared to IP-in-IP tunneling), and can get the native traffic engineering and QoS benefits provided by MPLS to continuously adequate the traffic flows in the mobile data network backbone to the dynamically changing traffic requirements.
Due to the increasing threat of attacks and malicious activities, the use of firewall technology ... more Due to the increasing threat of attacks and malicious activities, the use of firewall technology is an important milestone toward making networks of any complexity and size secure. Unfortunately, the inherent difficulties in designing and managing firewall policies within the modern highly distributed, dynamic and heterogeneous environments might greatly limit the effectiveness of firewall security. It is therefore desirable to
With the increasing popularity of the Internet, unsolicited electronic mail (spam) has become a m... more With the increasing popularity of the Internet, unsolicited electronic mail (spam) has become a major concern. It fills up user’s mailboxes, clogs mail relays, wastes postmaster time, and creates inconveniences for sites that have been used as a relay. This seems to be a growing problem, and without appropriate countermeasures, spam messages could eventually undermine the usability of e-mail. In this paper, we propose a cooperative spam-avoidance strategy based on the concept of restricting, at the network border and mail relay level, the mail sending function through properly authorized mail gateways registered as proper new Resource Records in the DNS System. If accepted and enforced by the largest number possible of network and mail administrators on the Internet, this strategy may result in a substantial reduction of the worldwide e-mail spam phenomenon.
Computers & Security, 2008
Computers & Security, 2009
International Journal of Wireless and Mobile Computing, 2007
... Ugo Fiore received his degree in Physics from Federico II University, Italy. ... However, for... more ... Ugo Fiore received his degree in Physics from Federico II University, Italy. ... However, for this strategy to be effective, every other network activity should be quarantined while the update process is running and this requires too tight a control over the protocol stack components. ...
The enormous growth in popularity of peer-to-peer applications has recently introduced great inte... more The enormous growth in popularity of peer-to-peer applications has recently introduced great interest in understanding the associated traffic workload and behavior. The goal of this work is determining the fundamental dynamics characterizing such traffic that can be used to develop simple and effective prediction models and to illustrate and describe fundamental performance issues. The discovery of nonlinear traffic dynamics, due to the very complex characteristics of the involved time series, led us to use several nonlinear analysis techniques and tools evidencing the presence of chaos-related structures together with self-similarity and long-range dependence features.
Computers & Mathematics With Applications
Journal of High Speed Networks, 2010
Journal of Networks, 2007
Journal of Communications and Networks, 2007
As the Internet continues to grow, it faces an increasingly hostile environment and consequently,... more As the Internet continues to grow, it faces an increasingly hostile environment and consequently, the need for security in network infrastructure is stronger than ever. In this scenario the Multi-Protocol Label Switching (MPLS) emerging paradigm, seems to be the cornerstone for developing most of the next generation network infrastructure-level services in the Internet. Unfortunately, due to the lack of a scalable means of verifying the authenticity and legitimacy of the control plane traffic in an MPLS domain, almost all the existing MPLS control and signaling protocols are extremely vulnerable to a variety of malicious attacks both in theory and in practice and communication between peer routers speaking the above common protocols is subject to active and passive forgery, hijacking and wiretapping activities. In this paper, we propose a robust framework for MPLS-based network survivability against security threats, by making the MPLS control and signaling protocols more secure. Our design goals include integrity safeguarding, protection against replay attacks, and gradual deployment, with routers not supporting authentication breaking the trust chain but operating undisturbed under any other respect.
Computers & Security, 2010
... Early integrated approach to the wider theme of intrusion detection were based on the assumpt... more ... Early integrated approach to the wider theme of intrusion detection were based on the assumption that most ... allows us to study their evolution in time and can be used for the detection of transitions ... On the other side, good values for m can be found by using methods like false ...
Simulation seems to be the best available alternative to the deployment of expensive and complex ... more Simulation seems to be the best available alternative to the deployment of expensive and complex testbed infrastructuresfor the activities oftesting, validating and evaluating optical network control protocols and algorithms. In this paper we present SimulNet, a specialized optical ...
... Aniello Castiglione ∗ , Alfredo De Santis Dipartimento di Informatica Universit`a degli Stu... more ... Aniello Castiglione ∗ , Alfredo De Santis Dipartimento di Informatica Universit`a degli Studi di Salerno I-84084 Fisciano (SA), Italy castiglione@ieee.org ∗ , ads@dia.unisa.it ... Initially formulated in [2] it involves two prisoners, Alice and Bob, as well as a warden named Wendy. ...
A well-recognized problem in high-speed all-optical networks is that fibres and switches frequent... more A well-recognized problem in high-speed all-optical networks is that fibres and switches frequently fail. When a network, designed in a non-robust way, encounters such kind of problem it can become highly vulnerable, i.e. experiencing large fractions of connections disruption. This makes resiliency a key issue in network design and thus efficient protection schemas are needed so that when a failure occurs, the involved traffic must be immediately rerouted over a predetermined backup path without affecting the user-perceivable service quality. In this paper we propose a new protection scheme, achieving robustness through a new low complexity link protection algorithm, which can be used to select end-to-end totally disjoint backup paths between each couple of nodes in a mesh network, providing restoration speeds comparable to ring restoration. Many research efforts in this area are targeted at optimization, with the objective of using as much capacity as possible while trying to guarantee adequate levels of protection. The design requirements for our scheme were instead simplicity and performance, aiming at providing a way of quickly computing backup paths for each link without taking resource optimization issues into consideration. We believe that the novel formulations and results of this paper, may be of interest for a network operator wishing to improve connections reliability, at a low implementation cost.
Because of the evolution of portable computing, and personal communication technologies, mobile I... more Because of the evolution of portable computing, and personal communication technologies, mobile Internet connectivity is the fastest growing business in the telecommunications market, playing a vital role in shaping the 21st century communications paradigms. In this scenario, the deployment of innovative wireless data networks, the integration with the Internet and the inter-working between different wireless technologies will be challenging objectives for competitive service providers. These factors, combined with the impact that mobile related traffic may have on the fixed infrastructure, and the convergence of mobile and fixed services, drive towards a rationalization of the resource allocation and management procedures and make it urgent to address the node mobility problem from a global, core-level traffic engineering point of view. We propose a framework for the integration of IP mobility and MPLS in the mobile data network focusing on the use of consolidated technology, with no major changes to standardized protocols or devices. Our model that handles wireless IP device mobility by combining local area mobility techniques at the edge and MPLS in the backbone, allows very fast handovers without the need of modifying the IP address, works with any IP version, has a low header overhead (compared to IP-in-IP tunneling), and can get the native traffic engineering and QoS benefits provided by MPLS to continuously adequate the traffic flows in the mobile data network backbone to the dynamically changing traffic requirements.
Due to the increasing threat of attacks and malicious activities, the use of firewall technology ... more Due to the increasing threat of attacks and malicious activities, the use of firewall technology is an important milestone toward making networks of any complexity and size secure. Unfortunately, the inherent difficulties in designing and managing firewall policies within the modern highly distributed, dynamic and heterogeneous environments might greatly limit the effectiveness of firewall security. It is therefore desirable to
With the increasing popularity of the Internet, unsolicited electronic mail (spam) has become a m... more With the increasing popularity of the Internet, unsolicited electronic mail (spam) has become a major concern. It fills up user’s mailboxes, clogs mail relays, wastes postmaster time, and creates inconveniences for sites that have been used as a relay. This seems to be a growing problem, and without appropriate countermeasures, spam messages could eventually undermine the usability of e-mail. In this paper, we propose a cooperative spam-avoidance strategy based on the concept of restricting, at the network border and mail relay level, the mail sending function through properly authorized mail gateways registered as proper new Resource Records in the DNS System. If accepted and enforced by the largest number possible of network and mail administrators on the Internet, this strategy may result in a substantial reduction of the worldwide e-mail spam phenomenon.
Computers & Security, 2008
Computers & Security, 2009
International Journal of Wireless and Mobile Computing, 2007
... Ugo Fiore received his degree in Physics from Federico II University, Italy. ... However, for... more ... Ugo Fiore received his degree in Physics from Federico II University, Italy. ... However, for this strategy to be effective, every other network activity should be quarantined while the update process is running and this requires too tight a control over the protocol stack components. ...
The enormous growth in popularity of peer-to-peer applications has recently introduced great inte... more The enormous growth in popularity of peer-to-peer applications has recently introduced great interest in understanding the associated traffic workload and behavior. The goal of this work is determining the fundamental dynamics characterizing such traffic that can be used to develop simple and effective prediction models and to illustrate and describe fundamental performance issues. The discovery of nonlinear traffic dynamics, due to the very complex characteristics of the involved time series, led us to use several nonlinear analysis techniques and tools evidencing the presence of chaos-related structures together with self-similarity and long-range dependence features.
Computers & Mathematics With Applications