Visible to the public Security QoS profiling against cyber terrorism in airport network systems

TitleSecurity QoS profiling against cyber terrorism in airport network systems
Publication TypeConference Paper
Year of Publication2015
AuthorsUgwoke, F. N., Okafor, K. C., Chijindu, V. C.
Conference Name2015 International Conference on Cyberspace (CYBER-Abuja)
Date Publishednov
KeywordsAir traffic control, AIRMS, airport information network services, airport information resource management systems, airport network systems, Airports, Atmospheric modeling, attacks, aviation industry, Cisco 9000 router firewall, cloud based network, cloud based platform, cloud computing, Cloud Datacenters, cloud infrastructure, Computer crime, critical network assets, cyber terrorism, cyber terrorists, DDoS, denial of service, distributed DoS, DoS, embedded network device, Embedded systems, firewalls, Floods, Information management, MCS, mission critical services, mitigation techniques, Nigerian aviation industry, OpenFlow application centric infrastructure, pubcrawl170109, quality of service, quality of service profiling, riverbed modeler software, robust counter security network model, security QoS profiling, SPI-OACI, stateful packet inspection, system response metrics, telecommunication network routing, VBDDA, virtual DDoS protection
Abstract

Attacks on airport information network services in the form of Denial of Service (DoS), Distributed DoS (DDoS), and hijacking are the most effective schemes mostly explored by cyber terrorists in the aviation industry running Mission Critical Services (MCSs). This work presents a case for Airport Information Resource Management Systems (AIRMS) which is a cloud based platform proposed for the Nigerian aviation industry. Granting that AIRMS is susceptible to DoS attacks, there is need to develop a robust counter security network model aimed at pre-empting such attacks and subsequently mitigating the vulnerability in such networks. Existing works in literature regarding cyber security DoS and other schemes have not explored embedded Stateful Packet Inspection (SPI) based on OpenFlow Application Centric Infrastructure (OACI) for securing critical network assets. As such, SPI-OACI was proposed to address the challenge of Vulnerability Bandwidth Depletion DDoS Attacks (VBDDA). A characterization of the Cisco 9000 router firewall as an embedded network device with support for Virtual DDoS protection was carried out in the AIRMS threat mitigation design. Afterwards, the mitigation procedure and the initial phase of the design with Riverbed modeler software were realized. For the security Quality of Service (QoS) profiling, the system response metrics (i.e. SPI-OACI delay, throughput and utilization) in cloud based network were analyzed only for normal traffic flows. The work concludes by offering practical suggestion for securing similar enterprise management systems running on cloud infrastructure against cyber terrorists.

URLhttp://ieeexplore.ieee.org/document/7360516/
DOI10.1109/CYBER-Abuja.2015.7360516
Citation Keyugwoke_security_2015