@article{MTMT:34547562, title = {Detection strategies for post-pandemic DDoS profiles}, url = {https://m2.mtmt.hu/api/publication/34547562}, author = {Orosz, Péter and Nagy, Balázs and Varga, Pál}, doi = {10.36244/ICJ.2023.4.4}, journal-iso = {INFOCOMM J}, journal = {INFOCOMMUNICATIONS JOURNAL}, volume = {15}, unique-id = {34547562}, issn = {2061-2079}, abstract = {The global pandemic lockdowns fostered the digital transition of companies worldwide since most of their employees worked from home using public or private cloud services. Accordingly, these services became the primary targets of the latest generation DDoS threats. While some features of current DDoS attack profiles appeared before the pandemic period, they became significant and reached their current complexity in the recent period. Besides applying novel methods and tools, the attacks’ frequency, extent, and complexity also increased significantly. The combination of various attack vectors opened the way for multi-vector attacks incorporating a unique blend of L3-L7 attacking profiles. Unifying the hit-and-run method and the multi-vector approach contributed to the remarkable rise in success rate. The current paper has two focal points. First, it discusses the profiles of the latest DDoS attacks discovered in real data center infrastructures. To demonstrate and emphasize the changes in attack profile, we reference attack samples recently collected in various data center networks. Second, it provides a comprehensive survey of the state-of-the-art detection methods related to recent attacks. The paper especially focuses on the accuracy and speed of these, mostly networking-related detection approaches. Furthermore, we define features and quantitative and qualitative requirements to support detection methods handling the latest threat profiles.}, year = {2023}, eissn = {2061-2125}, pages = {26-39} } @article{MTMT:33779419, title = {Application-Aware Analysis of Network Neutrality: A Scalable Real-Time Method}, url = {https://m2.mtmt.hu/api/publication/33779419}, author = {Orosz, Péter and Skopkó, Tamás and Marosits, Tamás}, doi = {10.36244/ICJ.2023.1.8}, journal-iso = {INFOCOMM J}, journal = {INFOCOMMUNICATIONS JOURNAL}, volume = {15}, unique-id = {33779419}, issn = {2061-2079}, abstract = {Internet access subscribers expect a satisfying quality of experience for any accessed service, independently from time, place, and service- and content-type. Besides the everincreasing amount of Internet data, the spectrum of video service platforms offering sharing and streaming also got significantly more comprehensive. Internet access providers try to avoid the exhaustion of network bandwidth by investing in network capacity or setting up higher-level resource management within their infrastructure. The primary question in this domain is how resource management constrains the subscriber to access an arbitrary service and experience good service quality.This question directly relates to network neutrality fundamentals. This paper presents a real-time full-reference objective method to assess network neutrality. It contributes three novelties to support user-centric analysis of potential restraints affecting Internet access quality: i) the proposal supports application-specific measurements and involves real content and real traffic, ii) the measured traffic originates from the content provider’s cloud infrastructure, iii) reference is created in real time. Accordingly, the proposal introduces a novel measurement layout. The key component is the emulated client that provides the real-time reference by emulating the access properties of the real client and accessing the same content simultaneously. We demonstrate the method’s feasibility with an applicationaware proof-of-concept use case: video streaming from a public VoD provider. We have validated the method against the emulated network parameters using an extensive series of laboratory measurements.}, year = {2023}, eissn = {2061-2125}, pages = {77-86} } @article{MTMT:31958142, title = {A New Application-Aware No-Reference Quality Assessment Method for IP Voice Services}, url = {https://m2.mtmt.hu/api/publication/31958142}, author = {Orosz, Péter and Tóthfalusi, Tamás}, doi = {10.1007/s10922-021-09595-8}, journal-iso = {J NETW SYST MANAG}, journal = {JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT}, volume = {29}, unique-id = {31958142}, issn = {1064-7570}, year = {2021}, eissn = {1573-7705} } @inproceedings{MTMT:31958166, title = {VoicePerf: A Quality Estimation Approach for No-reference IP Voice Traffic}, url = {https://m2.mtmt.hu/api/publication/31958166}, author = {Orosz, Péter and Tóthfalusi, Tamás}, booktitle = {NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium: Management in the Age of Softwarization and Artificial Intelligence}, doi = {10.1109/NOMS47738.2020.9110264}, unique-id = {31958166}, year = {2020}, pages = {1-9} } @inproceedings{MTMT:31666897, title = {QoS Guarantees for Industrial IoT Applications over LTE - a Feasibility Study}, url = {https://m2.mtmt.hu/api/publication/31666897}, author = {Orosz, Péter and Varga, Pál and Soós, Gábor and Hegedűs, Csaba Miklós}, booktitle = {2019 IEEE International Conference on Industrial Cyber Physical Systems, ICPS 2019}, doi = {10.1109/ICPHYS.2019.8780308}, unique-id = {31666897}, abstract = {Industrial automation systems traditionally require communication systems to have high availability, high security and low latency. This results in efficient protocols with low protocol-processing overhead, but somewhat rigid communication systems that are cumbersome to scale up when deployed. On the other hand, Internet Protocol based communication which is often preferred by IoT systems - offer high flexibility, but best-effort reliability. Furthermore, various radio access technologies have been created for IoT devices facilitating their IP networking as well. Nevertheless, these wireless technologies are rarely capable of corresponding to the strict requirements of complex industrial use cases, they usually cannot certain the necessary Quality of Service (QoS) promises.On the contrary, 5G mobile technologies are being developed exactly for such industrial and automation IoT use cases. Certainly, there are traffic prioritization techniques available for 4G and 5G systems, but their capabilities need to be investigated for Industrial IoT feasibility, before deployment. This paper aims to provide a feasibility study for applying mobile networking technologies (4G and 5G) - and its QoS guarantees - to IIoT applications. The proposed methodology can be extended for benchmarking whether a given use case can benefit from applying mobile networking for its various industrial and automation systems.}, year = {2019}, pages = {667-672} } @article{MTMT:3419995, title = {FPGA-Assisted DPI Systems: 100 Gbit/s and Beyond}, url = {https://m2.mtmt.hu/api/publication/3419995}, author = {Orosz, Péter and Tóthfalusi, Tamás and Varga, Pál}, doi = {10.1109/COMST.2018.2876196}, journal-iso = {IEEE COMMUN SURV TUTOR}, journal = {IEEE COMMUNICATIONS SURVEYS AND TUTORIALS}, volume = {21}, unique-id = {3419995}, issn = {1553-877X}, abstract = {Carrying out deep packet inspection (DPI) in aggregated network connections remains a continuous requirement even though the line rate reaches and exceeds 100 Gb/s. The increasing packet-arrival rate necessitates efficient solutions for on-the-fly packet parsing, packet classification, and distribution for parallelized, software-based payload inspection. Inspection complexity and real-time processing are competing requirements. The deep analysis capabilities of software-based approaches can be enhanced by hardware-based support on time-critical packet parsing and classification. Moreover, some payload inspection tasks can be carried out in hardware as well, further reducing the resources spent on software-based solutions. This paper aims at presenting the state-of-the-art and describing a set of best practices in field programmable gate arrays (FPGA)based packet processing, which can be applied fir DPI-related tasks at 100 Gb/s and beyond. Accordingly, we provide an architectural view of the DPI systems throughout the paper. Besides summarizing the limitations of hardware- and software-based solutions for the three processing phases within a DPI system (packet parsing, packet classification, and payload inspection), this paper reveals the possible trade-offs for choosing the different technical approaches. These limitations include operating frequency, bus size, available memory, on-chip physical resources for hardware-based implementations, and CPU time for software-based solutions.}, year = {2019}, eissn = {2373-745X}, pages = {2015-2040} } @inproceedings{MTMT:31666929, title = {Low False Alarm Ratio DDoS Detection for ms-scale Threat Mitigation}, url = {https://m2.mtmt.hu/api/publication/31666929}, author = {Orosz, Péter and Nagy , Balázs and Varga, Pál and Mitch, Gusat}, booktitle = {2018 14TH INTERNATIONAL CONFERENCE ON NETWORK AND SERVICE MANAGEMENT (CNSM)}, unique-id = {31666929}, year = {2018}, pages = {212-218} } @inproceedings{MTMT:3421322, title = {Low-Reaction Time FPGA-based DDoS Detector}, url = {https://m2.mtmt.hu/api/publication/3421322}, author = {Nagy , Balázs and Orosz, Péter and Varga, Pál}, booktitle = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018}, doi = {10.1109/NOMS.2018.8406124}, unique-id = {3421322}, year = {2018}, pages = {1-2} } @inproceedings{MTMT:3421153, title = {Detecting DDoS Attacks within Milliseconds by Using FPGA-based Hardware Acceleration}, url = {https://m2.mtmt.hu/api/publication/3421153}, author = {Nagy , Balázs and Orosz, Péter and Tóthfalusi, Tamás and László, Kovács and Varga, Pál}, booktitle = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018}, doi = {10.1109/NOMS.2018.8406299}, unique-id = {3421153}, year = {2018} } @article{MTMT:3421067, title = {Internet-hozzáférések teljesítményvizsgálata webböngészőben}, url = {https://m2.mtmt.hu/api/publication/3421067}, author = {Orosz, Péter and Kulik, Ivett and Marosits, Tamás}, journal-iso = {HIRADÁSTECHNIKA}, journal = {HIRADÁSTECHNIKA (1962)}, volume = {LXXIII.}, unique-id = {3421067}, issn = {0018-2028}, year = {2018}, pages = {37-44} }