Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
LYNXTUN
Download
index.pdf
Date
2018
Author
Okan, Galip Oral
Metadata
Show full item record
Item Usage Stats
110
views
57
downloads
Cite This
Lynxtun is a VPN solution that allows the creation of a secure tunnel between two hosts over an insecure network. The Lynxtun Protocol transmits fully encrypted datagrams with a fixed size and at a fixed interval using UDP/IP. Our custom authenticated encryption scheme uses the AES-256 block cipher and modified version of GCM mode in order to decrypt and authenticate datagrams efficiently. It ensures traffic flow confidentiality by maintaining a constant bitrate that does not depend on underlying communication. In this sense, it provides unobservable communication. This constitutes a difficult engineering problem. The protocol design allows implementations to fulfill this requirement. We analyze factors that influence realtime behavior and propose solutions to mitigate this. We developed a full implementation for the GNU/Linux operating system in the C programming language. Our implementation succeeds in performing dispatch operations at the correct time, with a tolerance on the order of microseconds, as we have verified empirically.
Subject Keywords
Extranets (Computer networks).
,
Computer networks
,
Wide area networks (Computer networks).
,
Virtual private networks (Computer networks).
,
Computer network protocols
URI
http://etd.lib.metu.edu.tr/upload/12622560/index.pdf
https://hdl.handle.net/11511/27642
Collections
Graduate School of Informatics, Thesis
Suggestions
OpenMETU
Core
Software implementations of QoS scheduling algorithms for high speed networks /
Pehlivanlı, Aydın; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2015)
The end to end Quality of Service (QoS) support for the dominating multimedia traffic in the contemporary computer networks is achieved by implementing schedulers in the routers and deploying traffic shapers. To this end, realistic modeling and simulation of these components is essential for network performance evaluation. The first contribution of this thesis is the design and implementation of a C++ simulator QueST (Quality of Service simulaTor) for this task. QueST is a modular cycle accurate simulator w...
Improving performance of network intrusion detection systems through concurrent mechanisms
Atakan, Mustafa; Şener, Cevat; Department of Computer Engineering (2003)
As the bandwidth of present networks gets larger than the past, the demand of Network Intrusion Detection Systems (NIDS) that function in real time becomes the major requirement for high-speed networks. If these systems are not fast enough to process all network traffic passing, some malicious security violations may take role using this drawback. In order to make that kind of applications schedulable, some concurrency mechanism is introduced to the general flowchart of their algorithm. The principal aim is...
Analysis of the pantograph arcing and its effects on the railway vehicle
Baysal, Dilek; Bazlamaçcı, Cüneyt Fehmi; Erdem, Oğuzhan; Department of Electrical and Electronics Engineering (2014)
Virtual router is an essential solution to fulfill the increasing demands of network services. A virtual router, having a single hardware platform, serves several networks concurrently and hence provides cost saving. A virtual router maintains multiple forwarding tables that belong to separate internet service providers (ISPs) and performs IP lookup and forwarding functionality for each ISP in one common platform. IP lookup in a virtual router is performed by inspecting the incoming packets that also carry ...
Server notarıes: a complementary approach to the web PKI TRUST model
Yüce, Emre; Doğanaksoy, Ali; Selçuk, Ali Aydın; Department of Cryptography (2016)
SSL/TLS is the de facto protocol for providing secure communication over the Internet. It relies on the Web PKI model for authentication and secure key exchange. Despite its relatively successful past, the number of Web PKI incidents observed have increased recently. These incidents revealed the risks of forged certificates issued by certificateauthoritieswithouttheconsentofthedomainowners. Severalsolutionshave beenproposedtosolvethisproblem,butnosolutionhasyetreceivedwidespreadadaption due to complexity and ...
A faster intrusion detection method for high-speed computer networks
Tarım, Mehmet Cem; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2011)
The malicious intrusions to computer systems result in the loss of money, time and hidden information which require deployment of intrusion detection systems. Existing intrusion detection methods analyze packet payload to search for certain strings and to match them with a rule database which takes a long time in large size packets. Because of buffer limits, packets may be dropped or the system may stop working due to high CPU load. In this thesis, we investigate signature based intrusion detection with sig...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
G. O. Okan, “LYNXTUN,” M.S. - Master of Science, Middle East Technical University, 2018.
