TY - JOUR AU - Orosz, Péter AU - Nagy, Balázs AU - Varga, Pál TI - Detection strategies for post-pandemic DDoS profiles JF - INFOCOMMUNICATIONS JOURNAL J2 - INFOCOMM J VL - 15 PY - 2023 IS - 4 SP - 26 EP - 39 PG - 14 SN - 2061-2079 DO - 10.36244/ICJ.2023.4.4 UR - https://m2.mtmt.hu/api/publication/34547562 ID - 34547562 N1 - Export Date: 8 March 2024 Funding text 1: The research has been partially funded by the Hungarian government’s National Security Cooperative PhD program. AB - The global pandemic lockdowns fostered the digital transition of companies worldwide since most of their employees worked from home using public or private cloud services. Accordingly, these services became the primary targets of the latest generation DDoS threats. While some features of current DDoS attack profiles appeared before the pandemic period, they became significant and reached their current complexity in the recent period. Besides applying novel methods and tools, the attacks’ frequency, extent, and complexity also increased significantly. The combination of various attack vectors opened the way for multi-vector attacks incorporating a unique blend of L3-L7 attacking profiles. Unifying the hit-and-run method and the multi-vector approach contributed to the remarkable rise in success rate. The current paper has two focal points. First, it discusses the profiles of the latest DDoS attacks discovered in real data center infrastructures. To demonstrate and emphasize the changes in attack profile, we reference attack samples recently collected in various data center networks. Second, it provides a comprehensive survey of the state-of-the-art detection methods related to recent attacks. The paper especially focuses on the accuracy and speed of these, mostly networking-related detection approaches. Furthermore, we define features and quantitative and qualitative requirements to support detection methods handling the latest threat profiles. LA - English DB - MTMT ER - TY - JOUR AU - Orosz, Péter AU - Skopkó, Tamás AU - Marosits, Tamás TI - Application-Aware Analysis of Network Neutrality: A Scalable Real-Time Method JF - INFOCOMMUNICATIONS JOURNAL J2 - INFOCOMM J VL - 15 PY - 2023 IS - 1 SP - 77 EP - 86 PG - 10 SN - 2061-2079 DO - 10.36244/ICJ.2023.1.8 UR - https://m2.mtmt.hu/api/publication/33779419 ID - 33779419 N1 - Export Date: 1 June 2023 AB - Internet access subscribers expect a satisfying quality of experience for any accessed service, independently from time, place, and service- and content-type. Besides the everincreasing amount of Internet data, the spectrum of video service platforms offering sharing and streaming also got significantly more comprehensive. Internet access providers try to avoid the exhaustion of network bandwidth by investing in network capacity or setting up higher-level resource management within their infrastructure. The primary question in this domain is how resource management constrains the subscriber to access an arbitrary service and experience good service quality.This question directly relates to network neutrality fundamentals. This paper presents a real-time full-reference objective method to assess network neutrality. It contributes three novelties to support user-centric analysis of potential restraints affecting Internet access quality: i) the proposal supports application-specific measurements and involves real content and real traffic, ii) the measured traffic originates from the content provider’s cloud infrastructure, iii) reference is created in real time. Accordingly, the proposal introduces a novel measurement layout. The key component is the emulated client that provides the real-time reference by emulating the access properties of the real client and accessing the same content simultaneously. We demonstrate the method’s feasibility with an applicationaware proof-of-concept use case: video streaming from a public VoD provider. We have validated the method against the emulated network parameters using an extensive series of laboratory measurements. LA - English DB - MTMT ER - TY - JOUR AU - Orosz, Péter AU - Tóthfalusi, Tamás TI - A New Application-Aware No-Reference Quality Assessment Method for IP Voice Services JF - JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT J2 - J NETW SYST MANAG VL - 29 PY - 2021 IS - 3 SN - 1064-7570 DO - 10.1007/s10922-021-09595-8 UR - https://m2.mtmt.hu/api/publication/31958142 ID - 31958142 LA - English DB - MTMT ER - TY - CHAP AU - Orosz, Péter AU - Tóthfalusi, Tamás ED - IEEE, null TI - VoicePerf: A Quality Estimation Approach for No-reference IP Voice Traffic T2 - NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium: Management in the Age of Softwarization and Artificial Intelligence PB - IEEE CY - Piscataway (NJ) SN - 9781728149738 T3 - IEEE IFIP Network Operations and Management Symposium, ISSN 1542-1201 PY - 2020 SP - 1 EP - 9 PG - 9 DO - 10.1109/NOMS47738.2020.9110264 UR - https://m2.mtmt.hu/api/publication/31958166 ID - 31958166 LA - English DB - MTMT ER - TY - CHAP AU - Orosz, Péter AU - Varga, Pál AU - Soós, Gábor AU - Hegedűs, Csaba Miklós TI - QoS Guarantees for Industrial IoT Applications over LTE - a Feasibility Study T2 - 2019 IEEE International Conference on Industrial Cyber Physical Systems, ICPS 2019 PB - IEEE CY - Piscataway (NJ) SN - 9781538685006 PY - 2019 SP - 667 EP - 672 PG - 6 DO - 10.1109/ICPHYS.2019.8780308 UR - https://m2.mtmt.hu/api/publication/31666897 ID - 31666897 N1 - Funding Agency and Grant Number: EU ARTEMIS JU funding [737459]; BME Artificial Intelligence FIKP grant of EMMI (BME FIKP-MI/SC) Funding text: This work is supported by the EU ARTEMIS JU funding, under grant agreement 737459 (project Productive4.0). Part of the research reported in this paper was supported by the BME Artificial Intelligence FIKP grant of EMMI (BME FIKP-MI/SC). IEEE Industrial Electronics Society (IES); The Institute of Electrical and Electronics Engineers (IEEE) Dept. of Telecommunications and Media Informatics, Budapest University of Technology and Economics, Budapest, Hungary Telecommunication Division, AITIA International Inc, Budapest, Hungary Conference code: 150221 Cited By :5 Export Date: 6 December 2020 Funding details: BME FIKP-MI/SC Funding details: Productive4.0, 737459 Funding text 1: ACKNOWLEDGMENT This work is supported by the EU ARTEMIS JU funding, under grant agreement 737459 (project Productive4.0). Part of the research reported in this paper was supported by the BME Artificial Intelligence FIKP grant of EMMI (BME FIKP-MI/SC). IEEE Industrial Electronics Society (IES); The Institute of Electrical and Electronics Engineers (IEEE) Dept. of Telecommunications and Media Informatics, Budapest University of Technology and Economics, Budapest, Hungary Telecommunication Division, AITIA International Inc, Budapest, Hungary Conference code: 150221 Cited By :5 Export Date: 7 December 2020 Funding details: BME FIKP-MI/SC Funding details: Productive4.0, 737459 Funding text 1: ACKNOWLEDGMENT This work is supported by the EU ARTEMIS JU funding, under grant agreement 737459 (project Productive4.0). Part of the research reported in this paper was supported by the BME Artificial Intelligence FIKP grant of EMMI (BME FIKP-MI/SC). AB - Industrial automation systems traditionally require communication systems to have high availability, high security and low latency. This results in efficient protocols with low protocol-processing overhead, but somewhat rigid communication systems that are cumbersome to scale up when deployed. On the other hand, Internet Protocol based communication which is often preferred by IoT systems - offer high flexibility, but best-effort reliability. Furthermore, various radio access technologies have been created for IoT devices facilitating their IP networking as well. Nevertheless, these wireless technologies are rarely capable of corresponding to the strict requirements of complex industrial use cases, they usually cannot certain the necessary Quality of Service (QoS) promises.On the contrary, 5G mobile technologies are being developed exactly for such industrial and automation IoT use cases. Certainly, there are traffic prioritization techniques available for 4G and 5G systems, but their capabilities need to be investigated for Industrial IoT feasibility, before deployment. This paper aims to provide a feasibility study for applying mobile networking technologies (4G and 5G) - and its QoS guarantees - to IIoT applications. The proposed methodology can be extended for benchmarking whether a given use case can benefit from applying mobile networking for its various industrial and automation systems. LA - English DB - MTMT ER - TY - JOUR AU - Orosz, Péter AU - Tóthfalusi, Tamás AU - Varga, Pál TI - FPGA-Assisted DPI Systems: 100 Gbit/s and Beyond JF - IEEE COMMUNICATIONS SURVEYS AND TUTORIALS J2 - IEEE COMMUN SURV TUTOR VL - 21 PY - 2019 IS - 2 SP - 2015 EP - 2040 PG - 26 SN - 1553-877X DO - 10.1109/COMST.2018.2876196 UR - https://m2.mtmt.hu/api/publication/3419995 ID - 3419995 N1 - Cited By :4 Export Date: 7 December 2020 Correspondence Address: Orosz, P.; Department of Telecommunications and Media Informatics, Budapest University of Technology and EconomicsHungary; email: orosz.peter@tmit.bme.hu Cited By :5 Export Date: 19 April 2021 Correspondence Address: Orosz, P.; Department of Telecommunications and Media Informatics, Hungary; email: orosz.peter@tmit.bme.hu AB - Carrying out deep packet inspection (DPI) in aggregated network connections remains a continuous requirement even though the line rate reaches and exceeds 100 Gb/s. The increasing packet-arrival rate necessitates efficient solutions for on-the-fly packet parsing, packet classification, and distribution for parallelized, software-based payload inspection. Inspection complexity and real-time processing are competing requirements. The deep analysis capabilities of software-based approaches can be enhanced by hardware-based support on time-critical packet parsing and classification. Moreover, some payload inspection tasks can be carried out in hardware as well, further reducing the resources spent on software-based solutions. This paper aims at presenting the state-of-the-art and describing a set of best practices in field programmable gate arrays (FPGA)based packet processing, which can be applied fir DPI-related tasks at 100 Gb/s and beyond. Accordingly, we provide an architectural view of the DPI systems throughout the paper. Besides summarizing the limitations of hardware- and software-based solutions for the three processing phases within a DPI system (packet parsing, packet classification, and payload inspection), this paper reveals the possible trade-offs for choosing the different technical approaches. These limitations include operating frequency, bus size, available memory, on-chip physical resources for hardware-based implementations, and CPU time for software-based solutions. LA - English DB - MTMT ER - TY - CHAP AU - Orosz, Péter AU - Nagy , Balázs AU - Varga, Pál AU - Mitch, Gusat ED - Salsano, S ED - Riggio, R ED - Ahmed, T ED - Samak, T ED - DosSantos, CRP TI - Low False Alarm Ratio DDoS Detection for ms-scale Threat Mitigation T2 - 2018 14TH INTERNATIONAL CONFERENCE ON NETWORK AND SERVICE MANAGEMENT (CNSM) PB - IEEE CY - New York, New York SN - 9783903176140 PY - 2018 SP - 212 EP - 218 PG - 7 UR - https://m2.mtmt.hu/api/publication/31666929 ID - 31666929 N1 - Department of Telecommunication, Budapest University of Technology and Economics, Budapest, Hungary IBM Research, Zurich Lab, Rüschlikon, Switzerland Conference code: 143827 Export Date: 6 December 2020 LA - English DB - MTMT ER - TY - CHAP AU - Nagy , Balázs AU - Orosz, Péter AU - Varga, Pál ED - IEEE, , TI - Low-Reaction Time FPGA-based DDoS Detector T2 - IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018 PB - IEEE CY - Piscataway (NJ) SN - 9781538634158 PY - 2018 SP - 1 EP - 2 PG - 2 DO - 10.1109/NOMS.2018.8406124 UR - https://m2.mtmt.hu/api/publication/3421322 ID - 3421322 N1 - AITIA International Inc., Telecommunications Division, Budapest, Hungary Budapest University of Technology and Economics, Budapest, Hungary Conference code: 137784 Cited By :3 Export Date: 6 December 2020 LA - English DB - MTMT ER - TY - CHAP AU - Nagy , Balázs AU - Orosz, Péter AU - Tóthfalusi, Tamás AU - László, Kovács AU - Varga, Pál ED - IEEE, , TI - Detecting DDoS Attacks within Milliseconds by Using FPGA-based Hardware Acceleration T2 - IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018 PB - IEEE CY - Piscataway (NJ) SN - 9781538634158 PY - 2018 PG - 4 DO - 10.1109/NOMS.2018.8406299 UR - https://m2.mtmt.hu/api/publication/3421153 ID - 3421153 N1 - AITIA International Inc., Telecommunications Division, Budapest, Hungary Budapest University of Technology and Economics, Dept. of Telecommunication and Media Informatics, Budapest, Hungary Conference code: 137784 Cited By :5 Export Date: 6 December 2020 AITIA International Inc., Telecommunications Division, Budapest, Hungary Budapest University of Technology and Economics, Dept. of Telecommunication and Media Informatics, Budapest, Hungary Conference code: 137784 Cited By :5 Export Date: 7 December 2020 LA - English DB - MTMT ER - TY - JOUR AU - Orosz, Péter AU - Kulik, Ivett AU - Marosits, Tamás TI - Internet-hozzáférések teljesítményvizsgálata webböngészőben JF - HIRADÁSTECHNIKA (1962) J2 - HIRADÁSTECHNIKA VL - LXXIII. PY - 2018 IS - 1 SP - 37 EP - 44 PG - 8 SN - 0018-2028 UR - https://m2.mtmt.hu/api/publication/3421067 ID - 3421067 N1 - # Cím ismeretlen LA - Hungarian DB - MTMT ER -