Biblio

The analysis shows how important Power Network Measuring and Characterization (PSMC) is to the plan. Networks planning and oversight for the transmission of electrical energy is becoming increasingly frequent. In reaction to the current contest of assimilating trying to cut charging in the crate, estimation, information sharing, but rather govern into PSMC reasonable quantities, Electrical Transmit Monitoring and Management provides a thorough outline of founding principles together with smart sensors for domestic spying, security precautions, and control of developed broadening power systems.Electricity supply control must depend increasingly heavily on telecommunications infrastructure to manage and run their processes because of the fluctuation in transmission and distribution of electricity. A wider attack surface will also be available to threat hackers as a result of the more communications. Large-scale blackout have occurred in the past as a consequence of cyberattacks on electrical networks. In order to pinpoint the key issues influencing power grid computer networks, we looked at the network infrastructure supporting electricity grids in this research.

This paper introduces a new type of attack on isolated, air-gapped workstations. Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6 GHz frequency band. The Serial ATA (SATA) is a bus interface widely used in modern computers and connects the host bus to mass storage devices such as hard disk drives, optical drives, and solid-state drives. The prevalence of the SATA interface makes this attack highly available to attackers in a wide range of computer systems and IT environments. We discuss related work on this topic and provide technical background. We show the design of the transmitter and receiver and present the implementation of these components. We also demonstrate the attack on different computers and provide the evaluation. The results show that attackers can use the SATA cable to transfer a brief amount of sensitive information from highly secured, air-gap computers wirelessly to a nearby receiver. Furthermore, we show that the attack can operate from user mode, is effective even from inside a Virtual Machine (VM), and can successfully work with other running workloads in the background. Finally, we discuss defense and mitigation techniques for this new air-gap attack.

The era of technology has seen many rising inventions and with that rise, comes the need to secure our systems. In this paper we have discussed how the old generation of people are falling behind at being updated in tandem with technology, and losing track of the knowledge required to process the same. In addition this factor leads to leakage of critical personal information. This paper throws light upon the steps taken in order to exploit the pre-existing operating system, Windows 7, Ultimate, using a ubiquitous framework used by everyone, i.e. Metasploit. It involves installation of a backdoor on the victim machine, from a remote setup, mostly Kali Linux operating machine. This backdoor allows the attackers to create executable files and deploy them in the windows system to gain access on the machine, remotely. After gaining access, manipulation of sensitive data becomes easy. Access to the admin rights of any system is a red alert because it means that some outsider has intense access to personal information of a human being and since data about someone explains a lot of things about them. It basically is exposing and human hate that. It depraves one of their personal identity. Therefore security is not something that should be taken lightly. It is supposed to be dealt with utmost care.

With the rapid development of the Internet of Things (IoT), a large amount of data is exchanged between various communicating devices. Since the data should be communicated securely between the communicating devices, the network security is one of the dominant research areas for the 6LoWPAN IoT applications. Meanwhile, 6LoWPAN devices are vulnerable to attacks inherited from both the wireless sensor networks and the Internet protocols. Thus intrusion detection systems have become more and more critical and play a noteworthy role in improving the 6LoWPAN IoT networks. However, most intrusion detection systems focus on the attacked areas in the IoT networks instead of precisely on certain IoT nodes. This may lead more resources to further detect the compromised nodes or waste resources when detaching the whole attacked area. In this paper, we therefore proposed a new precisional detection strategy for 6LoWPAN Networks, named as PDS-6LoWPAN. In order to validate the strategy, we evaluate the performance and applicability of our solution with a thorough simulation by taking into account the detection accuracy and the detection response time.

The report examines approaches to assessing the information security of data transmission networks (DTN). The analysis of methods for quantitative assessment of information security risks is carried out. A methodological approach to the assessment of IS DTN based on the risk-oriented method is presented. A method for assessing risks based on the mathematical apparatus of the queening systems (QS) is considered and the problem of mathematical modeling is solved.

Adaptive honeypots are being widely proposed as a more powerful alternative to the traditional honeypot model. Just as with typical honeypots, however, one of the most important concerns of an adaptive honeypot is environment deception in order to make sure an adversary cannot fingerprint the honeypot. The threat of fingerprinting hints at a greater underlying concern, however; this being that honeypots are only effective because an adversary does not know that the environment on which they are operating is a honeypot. What has not been widely discussed in the context of adaptive honeypots is that they actually have an inherently increased level of susceptibility to this threat. Honeypots not only bear increased risks when an adversary knows they are a honeypot rather than a native system, but they are only effective as adaptable entities if one does not know that the honeypot environment they are operating on is adaptive as wekk. Thus, if adaptive honeypots become commonplace - or, instead, if attackers even have an inkling that an adaptive honeypot may exist on any given network, a new attack which could develop is a “blind confusion attack”; a form of connection which simply makes an assumption all environments are adaptive honeypots, and instead of attempting to perform a malicious strike on a given entity, opts to perform non-malicious behavior in specified and/or random patterns to confuse an adaptive network's learning.

This paper presents experimental results of evaluating the effect of network delay on the synchronization time of three parity machines. The possibility of using a hash function to confirm the synchronization of parity tree machines has been investigated. Three parity machines have been proposed as a modification of the symmetric encryption algorithm. One advantage of the method is the possibility to use the phenomenon of mutual synchronization of neural networks to generate an identical encryption key for users without the need to transfer it. As a result, the degree of influence of network delay and the type of hash function used on the synchronization time of neural networks was determined. The degree of influence of the network delay and hash function was determined experimentally. The hash function sha512 showed the best results. The tasks for further research have been defined.

Security of data and information in servers connected to networks that provide services to user computers, is the most important thing to maintain data privacy and security in network security management mechanisms. Weaknesses in the server security system can be exploited by intruders to disrupt the security of the server. One way to maintain server security is to implement an intrusion detection system using the Intrusion Detection System. This research is experimenting to create a security system prototype, monitoring, and evaluating server security systems using Snort and alert notifications that can improve security monitoring for server security. The system can detect intrusion attacks and provide warning messages and attack information through the Intrusion Detection System monitoring system. The results show that snort and alert notifications on the security server can work well, efficiently, and can be handled quickly. Testing attacks with Secure Shell Protocol and File Transfer Protocol Brute Force, Ping of Death and scanning port attacks requires a detection time of no more than one second, and all detection test results are detected and send real-time notification alerts to the Administrator.

In this research a secured framework is developed to support effective digital service delivery for government to stakeholders. It is developed to provide secured network to the remote area of Bangladesh. The proposed framework has been tested through the rough simulation of the network infrastructure. Each and every part of the digital service network has been analyzed in the basis of security purpose. Through the simulation the security issues are identified and proposed a security policy framework for effective service. Basing on the findings the issues are included and the framework has designed as the solution of security issues. A complete security policy framework has prepared on the basis of the network topology. As the output the stakeholders will get a better and effective data service. This model is better than the other expected network infrastructure. Till now in Bangladesh none of the network infrastructure are security policy based. This is needed to provide the secured network to remote area from government.

With the maturity of Internet of things technology, massive data transmission has become the focus of research. In order to solve the problem of low speed of traditional hybrid data fast distribution algorithm for wireless sensor networks, a hybrid data fast distribution algorithm for wireless sensor networks based on visual Internet of things is designed. The logic structure of mixed data input gate in wireless sensor network is designed through the visual Internet of things. The objective function of fast distribution of mixed data in wireless sensor network is proposed. The number of copies of data to be distributed is dynamically calculated and the message deletion strategy is determined. Then the distribution parameters are calibrated, and the fitness ranking is performed according to the distribution quantity to complete the algorithm design. The experimental results show that the distribution rate of the designed algorithm is significantly higher than that of the control group, which can solve the problem of low speed of traditional data fast distribution algorithm.

Policy documents are usually written in text form— word after word, sentence after sentence etc.—which often obscures some of their most critical features. Text cannot easily situate interconnections among elements, or identify feedback, nor reveal other embedded features. This paper presents a computational approach to International Law Applicable to Cyber Operations 2.0, Tallinn Manual, a seminal work of 600 pages at the intersection of law and cyberspace. The results identify the dominance of specific Rules, the centrality of select Rules, and Rules with autonomous standing, as well as the feedback structure that holds the system together. None of these features are evident from the text alone.

In this article we have developed a simulation model in the Mininet environment for analyzing the operation of a software-defined network (SDN) in cloud data centers. The results of the simulation model of the operation of the SDN network on the Mininet emulator and the results of the simulation of the traditional network in the Graphical Network Simulator 3 emulator are presented.

In electronic warfare, communication may not counter reconnaissance and jamming without the help of network-station selection of frequency hopping. The competition in the field of electromagnetic spectrum is becoming more and more fierce with the increasingly complex electromagnetic environment of modern battlefield. The research on detection, identification, parameter estimation and network station selection of frequency hopping communication network has aroused the interest of scholars both at home and abroad, which has been summarized in this paper. Firstly, the working mode and characteristics of two kinds of FH communication networking modes synchronous orthogonal network and asynchronous non orthogonal network are introduced. Then, through the analysis of FH signals time hopping, frequency hopping, bandwidth, frequency, direction of arrival, bad time-frequency analysis, clustering analysis and machine learning method, the feature-based method is adopted Parameter selection technology is used to sort FH network stations. Finally, the key and difficult points of current research on FH communication network separation technology and the research status of blind source separation technology are introduced in details in this paper.

Network traffic analysis and deep packet inspection are time-consuming tasks, which current processors can not handle at 100 Gbps speed. Therefore security systems need fast packet processing with hardware acceleration. With the growing of encrypted network traffic, it is necessary to extend Intrusion Detection Systems (IDSes) and other security tools by new detection methods. Security tools started to use classifiers trained by machine learning techniques based on decision trees. Random Forest, Compact Random Forest and AdaBoost provide excellent result in network traffic analysis. Unfortunately, hardware architectures for these machine learning techniques need high utilisation of on-chip memory and logic resources. Therefore we propose several optimisations of highly pipelined architecture for acceleration of machine learning techniques based on decision trees. The optimisations use the various encoding of a feature vector to reduce hardware resources. Due to the proposed optimisations, it was possible to reduce LUTs by 70.5 % for HTTP brute force attack detection and BRAMs by 50 % for application protocol identification. Both with only negligible impact on classifiers' accuracy. Moreover, proposed optimisations reduce wires and multiplexors in the processing pipeline, positively affecting the proposed architecture's maximal achievable frequency.

Security is the key concern, which allows safe communication between any two mobile nodes in an unfavorable environment. Wireless Ad Hoc can be unsecured against attacks by means of malicious nodes. Hence this study assesses the influence of wormhole attacks on Mobile Ad Hoc network (MANET) system that is evaluated and validated based on the QualNet simulator. The MANET performance is investigated utilizing the wormhole attacks. The simulation is performed on Mobile node's network layer and data link layer in the WANET (wireless Ad Hoc network). The MANET performance was examined using “what-if” analyses too. Results showed that for security purposes, it is indeed necessary to assess the Mobile Ad Hoc node deployment.

This advanced research survey aims to perform intrusion detection and routing in ad hoc networks in wireless MANET networks using machine learning techniques. The MANETs are composed of several ad-hoc nodes that are randomly or deterministically distributed for communication and acquisition and to forward the data to the gateway for enhanced communication securely. MANETs are used in many applications such as in health care for communication; in utilities such as industries to monitor equipment and detect any malfunction during regular production activity. In general, MANETs take measurements of the desired application and send this information to a gateway, whereby the user can interpret the information to achieve the desired purpose. The main importance of MANETs in intrusion detection is that they can be trained to detect intrusion and real-time attacks in the CIC-IDS 2019 dataset. MANETs routing protocols are designed to establish routes between the source and destination nodes. What these routing protocols do is that they decompose the network into more manageable pieces and provide ways of sharing information among its neighbors first and then throughout the whole network. The landscape of exciting libraries and techniques is constantly evolving, and so are the possibilities and options for experiments. Implementing the framework in python helps in reducing syntactic complexity, increases performance compared to implementations in scripting languages, and provides memory safety.

One of the most significant systems in computer network security assurance is the assessment of computer network security. With the goal of finding an effective method for performing the process of security evaluation in a computer network, this paper uses a deep neural network to be responsible for the task of security evaluating. The DNN will be built with python on Spyder IDE, it will be trained and tested by 17 network security indicators then the output that we get represents one of the security levels that have been already defined. The maj or purpose is to enhance the ability to determine the security level of a computer network accurately based on its selected security indicators. The method that we intend to use in this paper in order to evaluate network security is simple, reduces the human factors interferences, and can obtain the correct results of the evaluation rapidly. We will analyze the results to decide if this method will enhance the process of evaluating the security of the network in terms of accuracy.

In this article, we introduce the MACH-2K trust overlay network and its architecture. MACH-2K's objectives are to (a) enhance the resiliency of emergency response and public service networks and (b) help build such networks in places, or at times, where network infrastructure is limited. Resiliency may be enhanced in an economic manner by building new ad hoc networks of private mobile devices and joining these to public service networks at specific trusted points. The major barrier to building resiliency by using private devices is ensuring security. MACH-2K uses device location and communication utility patterns to assign trust to devices, after owner approval. After trust is established, message confidentiality, privacy, and integrity may be implemented by well-known cryptographic means. MACH-2K devices may be then requested to forward or consume different types of messages depending on their current level of trust and utility.

The proliferation of IoT devices in smart homes, hospitals, and enterprise networks is wide-spread and continuing to increase in a superlinear manner. The question is: how can one assess the security of an IoT network in a holistic manner? In this paper, we have explored two dimensions of security assessment- using vulnerability information and attack vectors of IoT devices and their underlying components (compositional security scores) and using SIEM logs captured from the communications and operations of such devices in a network (dynamic activity metrics). These measures are used to evaluate the security of IoT devices and the overall IoT network, demonstrating the effectiveness of attack circuits as practical tools for computing security metrics (exploitability, impact, and risk to confidentiality, integrity, and availability) of the network. We decided to approach threat modeling using attack graphs. To that end, we propose the notion of attack circuits, which are generated from input/output pairs constructed from CVEs using NLP, and an attack graph composed of these circuits. Our system provides insight into possible attack paths an adversary may utilize based on their exploitability, impact, or overall risk. We have performed experiments on IoT networks to demonstrate the efficacy of the proposed techniques.

In the open network environment, the network offensive information is implanted in big data environment, so it is necessary to carry out accurate location marking of network offensive information, to realize network attack detection, and to implement the process of accurate location marking of network offensive information. Combined with big data analysis method, the location of network attack nodes is realized, but when network attacks cross in series, the performance of attack information tagging is not good. An accurate marking technique for network attack information is proposed based on big data fusion tracking recognition. The adaptive learning model combined with big data is used to mark and sample the network attack information, and the feature analysis model of attack information chain is designed by extracting the association rules. This paper classifies the data types of the network attack nodes, and improves the network attack detection ability by the task scheduling method of the network attack information nodes, and realizes the accurate marking of the network attacking information. Simulation results show that the proposed algorithm can effectively improve the accuracy of marking offensive information in open network environment, the efficiency of attack detection and the ability of intrusion prevention is improved, and it has good application value in the field of network security defense.

Using the keyboard LEDs to send data optically was proposed in 2002 by Loughry and Umphress [1] (Appendix A). In this paper we extensively explore this threat in the context of a modern cyber-attack with current hardware and optical equipment. In this type of attack, an advanced persistent threat (APT) uses the keyboard LEDs (Caps-Lock, Num-Lock and Scroll-Lock) to encode information and exfiltrate data from airgapped computers optically. Notably, this exfiltration channel is not monitored by existing data leakage prevention (DLP) systems. We examine this attack and its boundaries for today's keyboards with USB controllers and sensitive optical sensors. We also introduce smartphone and smartwatch cameras as components of malicious insider and 'evil maid' attacks. We provide the necessary scientific background on optical communication and the characteristics of modern USB keyboards at the hardware and software level, and present a transmission protocol and modulation schemes. We implement the exfiltration malware, discuss its design and implementation issues, and evaluate it with different types of keyboards. We also test various receivers, including light sensors, remote cameras, 'extreme' cameras, security cameras, and smartphone cameras. Our experiment shows that data can be leaked from air-gapped computers via the keyboard LEDs at a maximum bit rate of 3000 bit/sec per LED given a light sensor as a receiver, and more than 120 bit/sec if smartphones are used. The attack doesn't require any modification of the keyboard at hardware or firmware levels.

In internet based communication, various types of attacks have been evolved. Hence, attacker easily breaches the securities. Traditional intrusion detection techniques to observe these attacks have failed and thus hefty systems are required to remove these attacks before they expose entire network. With the ability of artificial intelligence systems to adapt high computational speed, boost fault tolerance, and error resilience against noisy information, a hybrid particle swarm optimization(PSO) fuzzy rule based inference engine has been designed in this paper. The fuzzy logic based on degree of truth while the PSO algorithm based on population stochastic technique helps in learning from the scenario, thus their combination will increase the toughness of intrusion detection system. The proposed network intrusion detection system will be able to classify normal as well as anomalism behaviour in the network. DARPA-KDD99 dataset examined on this system to address the behaviour of each connection on network and compared with existing system. This approach improves the result on the basis of precision, recall and F1-score.

Modern cybercrimes have exponentially grown over the last one decade. Ransomware is one of the types of malware which is the result of sophisticated attempt to compromise the modern computer systems. The governments and large corporations are investing heavily to combat this cyber threat against their critical infrastructure. It has been observed that over the last few years that Industrial Control Systems (ICS) have become the main target of Ransomware due to the sensitive operations involved in the day to day processes of these industries. As the technology is evolving, more and more traditional industrial systems are replaced with advanced industry methods involving advanced technologies such as Internet of Things (IoT). These technology shift help improve business productivity and keep the company's global competitive in an overflowing competitive market. However, the systems involved need secure measures to protect integrity and availability which will help avoid any malfunctioning to their operations due to the cyber-attacks. There have been several cyber-attack incidents on healthcare, pharmaceutical, water cleaning and energy sector. These ICS' s are operated by remote control facilities and variety of other devices such as programmable logic controllers (PLC) and sensors to make a network. Cyber criminals are exploring vulnerabilities in the design of these ICS's to take the command and control of these systems and disrupt daily operations until ransomware is paid. This paper will provide critical analysis of the impact of Ransomware threat on SCADA systems.

Security and protection are among the most squeezing worries that have developed with the Internet. As systems extended and turned out to be more open, security hones moved to guarantee insurance of the consistently developing Internet, its clients, and information. Today, the Internet of Things (IoT) is rising as another sort of system that associates everything to everybody, all over. Subsequently, the edge of resistance for security and protection moves toward becoming smaller on the grounds that a break may prompt vast scale irreversible harm. One element that eases the security concerns is validation. While diverse confirmation plans are utilized as a part of vertical system storehouses, a typical personality and validation plot is expected to address the heterogeneity in IoT and to coordinate the distinctive conventions exhibit in IoT. In this paper, a light weight secure framework is proposed. The proposed framework is analyzed for performance with security mechanism and found to be better over critical parameters.

As Blockchain technology become more understood in recent years and its capability to solve enterprise business use cases become evident, technologist have been exploring Blockchain technology to solve use cases that have been daunting industries for years. Unlike existing technologies, one of the key features of blockchain technology is its unparalleled capability to provide, traceability, accountability and immutable records that can be accessed at any point in time. One application area of interest for blockchain is securing heterogenous networks. This paper explores the security challenges in a heterogonous network of IoT devices and whether blockchain can be a viable solution. Using an experimental approach, we explore the possibility of using blockchain technology to secure IoT devices, validate IoT device transactions, and establish a chain of trust to secure an IoT device mesh network, as well as investigate the plausibility of using immutable transactions for forensic analysis.