(Period-II) Organisation : Fraunhofer Institute for Open Communication
Systems (FOKUS), Berlin, Germany
Designation : DAAD Fellow (on deputation from Govt of India)
Duration : October 2002 – March 2004
Major Activities : (a) Security analysis of communication protocol
(b) Studies on Network Intrusion Detection System
(Period-III) Organisation : CSIR Centre for Mathematical Modelling and
Computer Simulation (C-MMACS), NAL Belur
Campus, Bangalore – 37, India
Designation : Scientist
Duration : May 1996 – May 2002
Major activities : (a) System and Network administration of high
performance computing and networking resources (b) Implementation and deployment of system
network and security solutions
Network Security and Intrusion Detection Systems in inter-networked environment
Denial-of-Service attack analysis, detection and mitigation
Internet traffic engineering: measurement and performance analysis
Highlights of Professional Experience and Core Skills
Leading a medium-sized team engaged in design and implementation of network security solutions, Network administration, UNIX and Linux system administration, DoS attack analysis and detection.
Network management and day-to-day administration of heterogeneous high-speed campus-wide computer network. Installation and configuration of Internet routers, firewall (IPtable), proxy, Intrusion detection system (snort and N@G), virus cum spam control system (IMSS).
Security analysis of Internet Protocol (TCP/IP), vulnerability and attack identification, attack simulation and impact quantification using network simulator (ns2).
Administrative level experience in a number of operating systems like, Linux, SGI IRIX, SUN Solaris, IBM AIX, HP-UX, FreeBSD, MS Windows etc. Setting up of network services like DNS, NIS, NFS, E-mail, WWW, ftp etc.
Identified, for the first time, a new class of flooding Denial-of-Service attacks, and proposed detection and mitigation solutions.
Attack real implementation in Linux kernel and its impact quantification in widely used commercial and public domain Operating Systems like Linux, SUN SOLARIS, SGI IRIX, HP-UX, MS Windows, FreeBSD etc.
Design, implementation and performance evaluation of IDS and IPS modules for attack detection and mitigation, and their performance evaluation.
Setting up of network test-bed for Internet emulation by configuring router buffer capacity, router queue management scheme, link speed, packet drop and reordering rate etc., using tools like Dummynet, NISTnet, IPtable, Linux traffic controller (tc) etc.
Linux kernel (2.4 and 2.6) modification, recompilation and debugging
Network traffic (packet) capturing and analysis for identification of abnormal network incidents and attacks.
Chief-Investigator of a research project on “Analysis and Detection of a New Class of Denial-of-Service Attacks on the Internet”, sponsored by Ministry of Information Technology, Government of India.
Published 13 research papers in journals and international conference proceedings.
Delivered a number of technical presentations in international conferences (including vulnerability revelation conference). The most recent talks include presentation at CanSecWest 2007, Canada, presentation at University of British Colombia, Vancouver, Canada, and an invited talk at SANOG-9, Colombo.
In-depth understanding of TCP and IP protocol suite, IP technology, QoS, VoIP, router level per packet based Access Control List (ACL), VLAN, switched Ethernet, Fast Ethernet, and Gigabit Ethernet etc.
Hands on experience on computer & communication systems
Hardware platforms : 24 CPU SGI Altix, 32 CPU SGI Origin3400, 4 CPU
Programming Languages : C, Linux Kernel debugging, UNIX Shell and Tcl
Papers published in Journals and Conference Proceedings
G K Patra, V Anil Kumar, R P Thangavelu, Secure Chaotic Synchronizatin using Negative Feedback of Super-positioned Signals, LNCS, vol. 4812, pp. 193-207, Springer-Verlag, Proceedings of 3rd International Conference on Information System Securities (ICISS-2007), New Delhi, 16-20, December 2007.
S. Sivapoornam, V Anil Kumar, G K Patra, N Ch S N Iyengar, Analysis and Detection of Reflector based Distributed Denial of Service Attacks, Proceedings of International Conference on Soft Computing and Intelligent Systems (ICSCIS-07), Jabalpur, December 27-29, 2007.
G K Patra, V Anil Kumar, R P Thangavelu, A New Concept of Key Agreement using Chaos-synchronization based Parameter Estimation, LNCS, vol. 4812, pp. 263-266, Springer-Verlag, Proceedings of 3rd International Conference on Information System Securities (ICISS-2007), New Delhi, 16-20, December 2007.
G K Patra, V Anil Kumar, R P Thangavelu, Analysis of Synchronization based Parameter Estimation Attack on Switched Bi-directional Chaotic Key Stream Generator, in the proceedings of International Conference on Information Processing, Bangalore, pp. 298-307, August 2007.
V Anil Kumar, G K Patra, R P Thangavelu, A Sahu, P S Jayalekshmy, Transport Layer Protocol Exploitation Attempts for DoS/DDoS Attacks: Journal of Computer Science, Karpagam publications, Vol. 2, No. 4, pp 272-280, Jan-Feb 2007.
V Anil Kumar and Dorgham Sisalem, TCP based Denial-of-Service Attacks to Edge Network: Analysis and Detection, LNCS, Vol. 3356, pp 214-223, Springer-Verlag.
V Anil Kumar, Sophistication in distributed denial-of-service attacks on the Internet, Current Science, 2004, Vol. 87, No.7, pp 885-888.
G K Patra, T R Ramamohanan, V Anil Kumar, R P Thangavelu, Improvement in Security Level of First Generation Chaotic Communication System by Mutual Synchronization, IEEE press as the proceedings of the14th International Conference on Advanced Computing and Communication, ADCOM-2006.
V Anil Kumar, G K Patra, R P Thangavelu and P S Jayalekshmi, An Overview of TCP Related Denial-of-Service Attacks and Associated Challenges, National workshop on towards securing end-systems in the networked world challenges and possible solutions, June 2006, Hyderabad, India.
G K Patra, Tahir Ali, V Anil Kumar, R P Thangavelu “Multiparty Secure Key Exchange Algorithm Using Neural Cryptography”, In Proceedings of National Workshop on Cryptography, September 2004.
V Anil Kumar, R.P. Thangavelu and G.K. Patra, “Secure and Active Hop-count Mapping for early Detection of IP Spoofed Denial-of-Service Attacks”, in Proceedings of National Conference on Hardware and Software Solutions for Secure Networks, Hyderabad, 23-24 January, 2004.
Malay Mukul, Debjani Roy, Shibasis Satpathy, and V Anil Kumar, “Bootstrapped spatial statistics: a more robust approach to the analysis of finite strain data”, Journal of Structural Geology 26 (2004) 595-600.
Major Research Projects Title of the Project: Analysis and Detection of a New Class of Denial-of-Service
Attacks on the Internet
Role : Chief Investigator
Duration : 2 years
Budget : Rs 2850000 (~ 65000 US$)
Team Size : 5
Invited talks/Presentations/Seminars delivered
Low-rate Denial-of-Service Attacks, CanSecWest-2007, the applied security conference, 18-20 April 2007 Vancouver, Canada (Invited Talk)
On Detecting ACK Spoofing Attacks, Department of Electrical and computer Engineering, University of British Colombia, 20, April 2007, Vancouver, Canada
TCP Related DoS Attacks and Associated Challenges, National Conference on Cyber Security, 8-10 March, 2007, Bangalore, India (Invited Talk)
Sophistication in Denial-of-Service Attacks: Conventional Brute Force vs. Low-rate Tactical Flooding, 9th South Asian Network Operational Group Conference, (SANOG-9), 23-24 January 2007, Colombo, Sri Lanka
An Overview of TCP Related Denial-of-Service Attacks and Associated Challenges, National workshop on towards securing end-systems in the networked world challenges and possible solutions, June 2006, Hyderabad, India (Invited Talk)
TCP based Denial-of-Service Attacks to Edge Network: Analysis and Detection, 7th International Conference on Information Technology, CIT-2004, Hyderabad, India
Analysis and Detection of Denial-of-Service Scenario generated by TCP Receivers to Edge-network, 12th International conference on Advanced Computing and Communication, ADCOM-2004, Ahmedabad, India
V Anil Kumar, Sonia Oberoi, Anna Peppler and Roswitha Paul-Walz, “Living and Learning in a Foreign Culture”, Asia pacific Week, Berlin Germany, Sep. 24, 2003
“Network Intrusion Detection Systems, its need and capabilities in a packet switched environment”, 16th May 2001 at C-MMACS
“An introduction to information security in networked society”, Brainstorming session on “Quantum information and cryptography” arranged by C-MMACS
“Simple Network Management Protocol based Bandwidth Measurement system for Internet access link” at C-MMACS
International/National conferences attended
CanSecWest 2007, the applied security conference, 18-20 April 2007, Vancouver, Canada
South Asian Network Operation Group Conference (SANOG-9), 23-24 January 2007, Colombo, Sri Lanka
National Conference on Cyber Security, 8-10 March, 2007, Bangalore, India
9th South Asian Network Operation Group Conference (SANOG-9), Colombo, Sri Lanka, 23-24 January 2007
7th International Conference on Information Technology, CIT 2004, Hyderabad, India, December 2004
12th International conference on “Advanced Computing and Communication” (ADCOM-2004), Ahmedabad, India, December 2004
Asia pacific Week, Berlin Germany, September 24-29, 2003
Workshop on “Self-Organizing Policy Handling for future Internet service Environment”, jointly organized by NTT-Data, Japan and Fraunhofer FOKUS, Germany, Berlin, Germany, June 18, 2003.
8th International conference on “Advanced Computing and Communication” (ADCOM-2000), Cochin, India, December 2000
Student Theses Supervised
Experimental Study on the Impact of Bursty Traffic on Edge-routers, M.Tech thesis submitted to National Institute of Technology, Karnataka
A Simulation Study on the Effect of Bursty Traffic on the Internet Routers, M.Tech thesis submitted to Vellore Institute of Technology, Deemed University, Tamilnadu
Simulation Study on Throughput Variation of TCP Flows under Different Queue Management scheme, ME thesis submitted to Noorul Islam College of Engineering, Anna University
Behaviour Analysis of TCP Servers in Context of Malicious Acknowledgement Spoofing, ME thesis submitted to Vellore Institute of Technology, Deemed University, Tamilnadu
A Simulation Study on TCP connection control for Bandwidth Management, ME thesis submitted to Visveswaraiyya Technological University, Karnataka.
Unsolicited Packet Analyzer, MCA thesis submitted to DOEACC Centre, Calicut Univeristy, Kerala
SoftNetTap: A Packet Capturing Tool for Network Monitoring, MCA thesis submitted to DOEACC Centre, Calicut Univeristy, Kerala
A Simulation Study of the Impact of Congestion related Packet Loss on Modern TCPs, MCA thesis submitted to Tezpur University, Assam
Analysis of Distributed Denial-of-Service attacks, BE thesis submitted to Visveswaraih, Technological University, Karnataka
Design and implementation of Bandwidth control techniques for on-line control of bandwidth utilisation of Internet access link, MCA thesis submitted to Nagpur University.
Estimation and Analysis of Bandwidth Utilisation of Internet access link, MCA thesis submitted to Perrier University, Tamilnadu
Implementation of network manager using Simple Network Management Protocol, BE thesis submitted to Birla Institute of Technology (BITS), Pilani.
GUI for Bandwidth Utilization of Internet Access Link, MCA thesis submitted to Kuvempu University
Transport Layer Packet Transfer Visualization System, BE thesis submitted to Dr. Ambedkar Institute of Technology, VTU
Neural Network based Rainfall Forecasting System from multi-modal inputs, BE thesis submitted to Bosco Institute of Technology