Design and implementation of an unauthorized internet access blocking system validating the source information in internet access logs

Uzunay, Yusuf
Internet Access logs in a local area network are the most prominent records when the source of an Internet event is traced back. Especially in a case where an illegal activity having originated from your local area network is of concern, it is highly desirable to provide healthy records to the court including the source user and machine identity of the log record in question. To establish the validity of user and machine identity in the log records is known as source authentication. In our study, after the problem of source authentication in each layer is discussed in detail, we argue that the only way to establish a secure source authentication is to implement a system model that unifies low level and upper level defense mechanisms. Hence, in this thesis we propose an Unauthorized Internet Access Blocking System validating the Source Information in Internet Access Logs. The first version of our proposed system, UNIDES, is a proxy based system incorporating advanced switches and mostly deals with the low level source authentication problems. In the second version, we extend our system with SIACS which is an Internet access control system that deals with the user level source authentication problems. By supplementing the classical username-password authentication mechanism with SSL client authentication, SIACS integrates a robust user level authentication scheme into the proposed solution.


Design and implementation of a secure and searchable audit logging system
İncebacak, Davut; Çetin, Yasemin; Department of Information Systems (2007)
Logs are append-only time-stamped records to represent events in computers or network devices. Today, in many real-world networking applications, logging is a central service however it is a big challenge to satisfy the conflicting requirements when the security of log records is of concern. On one hand, being kept on mostly untrusted hosts, the logs should be preserved against unauthorized modifications and privacy breaches. On the other, serving as the primary evidence for digital crimes, logs are often n...
Performance evaluation of routing protocols in wireless ad hoc networks with service differentiation
Yılmaz, Semra; Koçyiğit, Altan; Erten, Murat; Department of Information Systems (2003)
An ad hoc network is a collection of wireless mobile nodes dynamically forming a temporary network without the use of any fixed network infrastructure or centralized administration. Due to the limitations in the wireless environment, it may be necessary for one mobile host to enlist the aid of other hosts in forwarding a packet to its destination. In order to enable communication within the network, a routing protocol is needed to discover routes between nodes. The primary goal of ad hoc network routing pro...
Outdoor mapping and localization using satellite images
DOĞRUER, CAN ULAŞ; Koku, Ahmet Buğra; Dolen, M. (Cambridge University Press (CUP), 2010-12-01)
Recently, satellite images of most urban settings has become available on the internet. In this study, a novel mapping and global localization approach, which uses these images, is proposed for outdoor mobile robots operating in urban environment. The mapping of large-scale outdoor environments is done by employing the satellite images acquired by remote sensing technology, and then a map-based approach, that is, Monte Carlo localization is used for localization. The novelty of proposed method is that it us...
Statistical inference based load balanced routing in software defined networks
Kaya, Semih; Koçyiğit, Altan; Department of Information Systems (2020-10-14)
Networks have been the main method of transferring data for more than forty years. The traffic volumes and sizes of networks have increased considerably in the last two decades. The traditional methods used in the networks to transfer data become inefficient due to this growth. Therefore, network planning and smart delivery methods have gained importance. Accordingly, traffic engineering methods are deployed to meet the faster and more efficient delivery requirements. These methods have been proven ben...
IPBM: an energy efficient reliable interference-aware periodic broadcast messaging protocol for MANETs
ÜNLÜ, BERK; Ozceylan, Baver; Baykal, Buyurman (Springer Science and Business Media LLC, 2019-07-01)
Mobile ad-hoc networks (MANETs) have been widely employed in many fields including critical information delivery in open terrains as in tactical area, vehicular or disaster area network scenarios. To provide effective network maintenance for those MANETs, it is essential to adopt proper control communication methods, which provide reliable delivery of network information. However, it is difficult to provide control communication that meets the quality of service requirements due to the broadcasting of contr...
Citation Formats
Y. Uzunay, “Design and implementation of an unauthorized internet access blocking system validating the source information in internet access logs,” M.S. - Master of Science, Middle East Technical University, 2006.