Abstract: Electric power is a fundamental necessity in the 21st century. Consequently, any break in electric power is probably going to affect the general activity. To make the power supply smooth and efficient, a smart grid network is introduced which uses communication technology. In any communication network, security is essential. It has been observed from several recent incidents that adversary causes an interruption to the operation of networks. In order to resolve the issues, it is vital to understand the threats and vulnerabilities associated with the smart grid networks. In this paper, we have investigated the threats and vulnerabilities in Smart Grid Networks (SGN) and the few solutions in the literature. Proposed solutions showed developments in electricity theft countermeasures, Denial of services attacks (DoS) and malicious injection attacks detection model, as well as malicious nodes detection using watchdog like techniques and other solutions.
Abstract: The telemedicine services require correct computing resource management to guarantee productivity and efficiency for medical and non-medical staff. The aim of this study was to examine web management strategies to ensure the availability of resources and services in telemedicine so as to provide medical information management with an accessible strategy. In addition, to evaluate the quality-of-service parameters, the followings were measured: delays, throughput, jitter, latency, available bandwidth, percent of access and denial of services based of web management performance map with profiles permissions and database management. Through 24 different test scenarios, the results show 100% in availability of medical information, in relation to access of medical staff to web services, and quality of service (QoS) of 99% because of network delay and performance of computer network. The findings of this study suggest that the proposed strategy of web management is an ideal solution to guarantee the availability, reliability, and accessibility of medical information. Finally, this strategy offers seven user profile used at telemedicine center of Bogota-Colombia keeping QoS parameters suitable to telemedicine services.
Abstract: Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.
Abstract: Software Defined Networking (SDN) is a new norm of networks. It is designed to facilitate the way of managing, measuring, debugging and controlling the network dynamically, and to make it suitable for the modern applications. Generally, measurement methods can be divided into two categories: Active and passive methods. Active measurement method is employed to inject test packets into the network in order to monitor their behaviour (ping tool as an example). Meanwhile the passive measurement method is used to monitor the traffic for the purpose of deriving measurement values. The measurement methods, both active and passive, are useful for the collection of traffic statistics, and monitoring of the network traffic. Although there has been a work focusing on measuring traffic statistics in SDN environment, it was only meant for measuring packets and bytes rates for non-web traffic. In this study, a feasible method will be designed to measure the number of packets and bytes in a certain time, and facilitate obtaining statistics for both web traffic and non-web traffic. Web traffic refers to HTTP requests that use application layer; while non-web traffic refers to ICMP and TCP requests. Thus, this work is going to be more comprehensive than previous works. With a developed module on POX OpenFlow controller, information will be collected from each active flow in the OpenFlow switch, and presented on Command Line Interface (CLI) and wireshark interface. Obviously, statistics that will be displayed on CLI and on wireshark interfaces include type of protocol, number of bytes and number of packets, among others. Besides, this module will show the number of flows added to the switch whenever traffic is generated from and to hosts in the same statistics list. In order to carry out this work effectively, our Python module will send a statistics request message to the switch requesting its current ports and flows statistics in every five seconds; while the switch will reply with the required information in a message called statistics reply message. Thus, POX controller will be notified and updated with any changes could happen in the entire network in a very short time. Therefore, our aim of this study is to prepare a list for the important statistics elements that are collected from the whole network, to be used for any further researches; particularly, those that are dealing with the detection of the network attacks that cause a sudden rise in the number of packets and bytes like Distributed Denial of Service (DDoS).
Abstract: A Distributed Denial of Service (DDoS) attack is a
major threat to cyber security. It originates from the network layer or
the application layer of compromised/attacker systems which are
connected to the network. The impact of this attack ranges from the
simple inconvenience to use a particular service to causing major
failures at the targeted server. When there is heavy traffic flow to a
target server, it is necessary to classify the legitimate access and
attacks. In this paper, a novel method is proposed to detect DDoS
attacks from the traces of traffic flow. An access matrix is created
from the traces. As the access matrix is multi dimensional, Principle
Component Analysis (PCA) is used to reduce the attributes used for
detection. Two classifiers Naive Bayes and K-Nearest neighborhood
are used to classify the traffic as normal or abnormal. The
performance of the classifier with PCA selected attributes and actual
attributes of access matrix is compared by the detection rate and
False Positive Rate (FPR).
Abstract: Vehicular Ad-hoc Network (VANET) is taking more
attention in automotive industry due to the safety concern of human
lives on roads. Security is one of the safety aspects in VANET. To be
secure, network availability must be obtained at all times since
availability of the network is critically needed when a node sends any
life critical information to other nodes. However, it can be expected
that security attacks are likely to increase in the coming future due to
more and more wireless applications being developed and deployed
onto the well-known expose nature of the wireless medium. In this
respect, the network availability is exposed to many types of attacks.
In this paper, Denial of Service (DOS) attack on network availability
is presented and its severity level in VANET environment is
elaborated. A model to secure the VANET from the DOS attacks has
been developed and some possible solutions to overcome the attacks
have been discussed.
Abstract: The Address Resolution Protocol (ARP) is used by
computers to map logical addresses (IP) to physical addresses
(MAC). However ARP is an all trusting protocol and is stateless
which makes it vulnerable to many ARP cache poisoning attacks
such as Man-in-the-Middle (MITM) and Denial of service (DoS)
attacks. These flaws result in security breaches thus weakening the
appeal of the computer for exchange of sensitive data. In this paper
we describe ARP, outline several possible ARP cache poisoning
attacks and give the detailed of some attack scenarios in network
having both wired and wireless hosts. We have analyzed each of
proposed solutions, identify their strengths and limitations. Finally
get that no solution offers a feasible solution. Hence, this paper
presents an efficient and secure version of ARP that is able to cope
up with all these types of attacks and is also a feasible solution. It is a
stateful protocol, by storing the information of the Request frame in
the ARP cache, to reduce the chances of various types of attacks in
ARP. It is more efficient and secure by broadcasting ARP Reply
frame in the network and storing related entries in the ARP cache
each time when communication take place.
Abstract: Recently, Denial of Service(DoS) attacks and Distributed DoS(DDoS) attacks which are stronger form of DoS attacks from plural hosts have become security threats on the Internet. It is important to identify the attack source and to block attack traffic as one of the measures against these attacks. In general, it is difficult to identify them because information about the attack source is falsified. Therefore a method of identifying the attack source by tracing the route of the attack traffic is necessary. A traceback method which uses traffic patterns, using changes in the number of packets over time as criteria for the attack traceback has been proposed. The traceback method using the traffic patterns can trace the attack by matching the shapes of input traffic patterns and the shape of output traffic pattern observed at a network branch point such as a router. The traffic pattern is a shapes of traffic and unfalsifiable information. The proposed trace methods proposed till date cannot obtain enough tracing accuracy, because they directly use traffic patterns which are influenced by non-attack traffics. In this paper, a new traffic pattern matching method using Independent Component Analysis(ICA) is proposed.
Abstract: Recently, malware attacks have become more serious
over the Internet by e-mail, denial of service (DoS) or distributed
denial of service (DDoS). The Botnets have become a significant part
of the Internet malware attacks. The traditional botnets include three
parts – botmaster, command and control (C&C) servers and bots. The
C&C servers receive commands from botmaster and control the
distributions of computers remotely. Bots use DNS to find the
positions of C&C server. In this paper, we propose an advanced hybrid
peer-to-peer (P2P) botnet 2.0 (AHP2P botnet 2.0) using web 2.0
technology to hide the instructions from botmaster into social sites,
which are regarded as C&C servers. Servent bots are regarded as
sub-C&C servers to get the instructions from social sites. The AHP2P
botnet 2.0 can evaluate the performance of servent bots, reduce DNS
traffics from bots to C&C servers, and achieve harder detection bots
actions than IRC-based botnets over the Internet.
Abstract: The lack of any centralized infrastructure in mobile ad
hoc networks (MANET) is one of the greatest security concerns in
the deployment of wireless networks. Thus communication in
MANET functions properly only if the participating nodes cooperate
in routing without any malicious intention. However, some of the
nodes may be malicious in their behavior, by indulging in flooding
attacks on their neighbors. Some others may act malicious by
launching active security attacks like denial of service. This paper
addresses few related works done on trust evaluation and
establishment in ad hoc networks. Related works on flooding attack
prevention are reviewed. A new trust approach based on the extent of
friendship between the nodes is proposed which makes the nodes to
co-operate and prevent flooding attacks in an ad hoc environment.
The performance of the trust algorithm is tested in an ad hoc network
implementing the Ad hoc On-demand Distance Vector (AODV)
protocol.
Abstract: Multiparty voice over IP (MVoIP) systems allows a group of people to freely communicate each other via the internet, which have many applications such as online gaming, teleconferencing, online stock trading etc. Peertalk is a peer to peer multiparty voice over IP system (MVoIP) which is more feasible than existing approaches such as p2p overlay multicast and coupled distributed processing. Since the stream mixing and distribution are done by the peers, it is vulnerable to major security threats like nodes misbehavior, eavesdropping, Sybil attacks, Denial of Service (DoS), call tampering, Man in the Middle attacks etc. To thwart the security threats, a security framework called PEERTS (PEEred Reputed Trustworthy System for peertalk) is implemented so that efficient and secure communication can be carried out between peers.
Abstract: The wireless mesh networks (WMNs) are emerging technology in wireless networking as they can serve large scale high speed internet access. Due to its wireless multi-hop feature, wireless mesh network is prone to suffer from many attacks, such as denial of service attack (DoS). We consider a special case of DoS attack which is selective forwarding attack (a.k.a. gray hole attack). In such attack, a misbehaving mesh router selectively drops the packets it receives rom its predecessor mesh router. It is very hard to detect that packet loss is due to medium access collision, bad channel quality or because of selective forwarding attack. In this paper, we present a review of detection algorithms of selective forwarding attack and discuss their advantage & disadvantage. Finally we conclude this paper with open research issues and challenges.
Abstract: Wireless sensor network is formed with the combination of sensor nodes and sink nodes. Recently Wireless sensor network has attracted attention of the research community. The main application of wireless sensor network is security from different attacks both for mass public and military. However securing these networks, by itself is a critical issue due to many constraints like limited energy, computational power and lower memory. Researchers working in this area have proposed a number of security techniques for this purpose. Still, more work needs to be done.In this paper we provide a detailed discussion on security in wireless sensor networks. This paper will help to identify different obstacles and requirements for security of wireless sensor networks as well as highlight weaknesses of existing techniques.
Abstract: We propose a novel graphical technique (SVision) for
intrusion detection, which pictures the network as a community of
hosts independently roaming in a 3D space defined by the set of
services that they use. The aim of SVision is to graphically cluster
the hosts into normal and abnormal ones, highlighting only the ones
that are considered as a threat to the network. Our experimental
results using DARPA 1999 and 2000 intrusion detection and
evaluation datasets show the proposed technique as a good candidate
for the detection of various threats of the network such as vertical
and horizontal scanning, Denial of Service (DoS), and Distributed
DoS (DDoS) attacks.
Abstract: The aim of this paper is to explore the security issues
that significantly affect the performance of Mobile Adhoc Networks
(MANET)and limit the services provided to their intended users. The
MANETs are more vulnerable to Distributed Denial of Service
attacks (DDoS) because of their properties like shared medium,
dynamic topologies etc. A DDoS attack is a coordinated attempt
made by malicious users to flood the victim network with the large
amount of data such that the resources of the victim network are
exhausted resulting in the deterioration of the network performance.
This paper highlights the effects of different types of DDoS attacks
in MANETs and categorizes them according to their behavior.
Abstract: Wireless sensor networks can be used to measure and monitor many challenging problems and typically involve in monitoring, tracking and controlling areas such as battlefield monitoring, object tracking, habitat monitoring and home sentry systems. However, wireless sensor networks pose unique security challenges including forgery of sensor data, eavesdropping, denial of service attacks, and the physical compromise of sensor nodes. Node in a sensor networks may be vanished due to power exhaustion or malicious attacks. To expand the life span of the sensor network, a new node deployment is needed. In military scenarios, intruder may directly organize malicious nodes or manipulate existing nodes to set up malicious new nodes through many kinds of attacks. To avoid malicious nodes from joining the sensor network, a security is required in the design of sensor network protocols. In this paper, we proposed a security framework to provide a complete security solution against the known attacks in wireless sensor networks. Our framework accomplishes node authentication for new nodes with recognition of a malicious node. When deployed as a framework, a high degree of security is reachable compared with the conventional sensor network security solutions. A proposed framework can protect against most of the notorious attacks in sensor networks, and attain better computation and communication performance. This is different from conventional authentication methods based on the node identity. It includes identity of nodes and the node security time stamp into the authentication procedure. Hence security protocols not only see the identity of each node but also distinguish between new nodes and old nodes.
Abstract: Resistance of denial of service attacks is a key security requirement in voting protocols. Acquisti protocol plays an important role in development of internet voting protocols and claims its security without strong physical assumptions. In this study firstly Acquisti protocol is modeled in extended applied pi calculus, and then resistance of denial of service attacks is proved with ProVerif. The result is that it is not resistance of denial of service attacks because two denial of service attacks are found. Finally we give the method against the denial of service attacks.