Biblio

In the era of Internet usage growth, storage services are widely used where users' can store their data, while hackers techniques pose massive threats to users' data security. The proposed system introduces multiple layers of security where data confidentiality, integrity and availability are achieved using honey encryption, hashed random passwords as well as detecting intruders and preventing them. The used techniques can ensure security against brute force and denial of service attacks. Our proposed methodology proofs the efficiency for storing and retrieving data using honey words and password hashing with less execution time and more security features achieved compared with other systems. Other systems depend on user password leading to easily predict it, we avoid this approach by making the password given to the user is randomly generated which make it unpredictable and hard to break. Moreover, we created a simple user interface to interact with users to take their inputs and store them along with the given password in true database, if an adversary detected, he will be processed as a normal user but with fake information taken from another database called false database, after that, the admin will be notified about this illegitimate access by providing the IP address. This approach will make the admin have continuous detection and ensure availability and confidentiality. Our execution time is efficient as the encryption process takes 244 ms and decryption 229 ms.

Smart grid architecture and Software-defined Networking (SDN) have evolved into a centrally controlled infrastructure that captures and extracts data in real-time through sensors, smart-meters, and virtual machines. These advances pose a risk and increase the vulnerabilities of these infrastructures to sophisticated cyberattacks like distributed denial of service (DDoS), false data injection attack (FDIA), and Data replay. Integrating machine learning with a network intrusion detection system (NIDS) can improve the system's accuracy and precision when detecting suspicious signatures and network anomalies. Analyzing data in real-time using trained and tested hyperparameters on a network traffic dataset applies to most network infrastructures. The NSL-KDD dataset implemented holds various classes, attack types, protocol suites like TCP, HTTP, and POP, which are critical to packet transmission on a smart grid network. In this paper, we leveraged existing machine learning (ML) algorithms, Support vector machine (SVM), K-nearest neighbor (KNN), Random Forest (RF), Naïve Bayes (NB), and Bagging; to perform a detailed performance comparison of selected classifiers. We propose a multi-level hybrid model of SVM integrated with RF for improved accuracy and precision during network filtering. The hybrid model SVM-RF returned an average accuracy of 94% in 10-fold cross-validation and 92.75%in an 80-20% split during class classification.

The performance-driven design of SDN architectures leaves many security vulnerabilities, a notable one being the communication bottleneck between the controller and the switches. Functioning as a cache between the controller and the switches, the flow table mitigates this bottleneck by caching flow rules received from the controller at each switch, but is very limited in size due to the high cost and power consumption of the underlying storage medium. It thus presents an easy target for attacks. Observing that many existing defenses are based on simplistic attack models, we develop a model of intelligent attacks that exploit specific cache-like behaviors of the flow table to infer its internal configuration and state, and then design attack parameters accordingly. Our evaluations show that such attacks can accurately expose the internal parameters of the target flow table and cause measurable damage with the minimum effort.

Microgrids' dependency on communication links exposes the control systems to cyber attack threats. In this work, instead of designing reactive defense approaches, a proacitve moving target defense mechanism is proposed for securing microgrid secondary frequency control from denial of service (DoS) attack. The sensor data is transmitted by following a Markov process, not in a deterministic way. This uncertainty will increase the difficulty for attacker's decision making and thus significantly reduce the attack space. As the system parameters are constantly changing, a gain scheduling based secondary frequency controller is designed to sustain the system performance. Case studies of a microgrid with four inverter-based DGs show the proposed moving target mechanism can enhance the resiliency of the microgrid control systems against DoS attacks.

Modbus TCP/IP protocol is a commonly used protocol in industrial automation control systems, systems responsible for sensitive operations such as gas turbine operation and refinery control. The protocol was designed decades ago with no security features in mind. Denial of service attack and malicious parameter command injection are examples of attacks that can exploit vulnerabilities in industrial control systems that use Modbus/TCP protocol. This paper discusses and explores the use of intrusion detection and prevention systems (IDPS) with deep packet inspection (DPI) capabilities and DPI industrial firewalls that have capability to detect and stop highly specialized attacks hidden deep in the communication flow. The paper has the following objectives: (i) to develop signatures for IDPS for common attacks on Modbus/TCP based network architectures; (ii) to evaluate performance of three IDPS - Snort, Suricata and Bro - in detecting and preventing common attacks on Modbus/TCP based control systems; and (iii) to illustrate and emphasize that the IDPS and industrial firewalls with DPI capabilities are not preventing but only mitigating likelihood of exploitation of Modbus/TCP vulnerabilities in the industrial and automation control systems. The results presented in the paper illustrate that it might be challenging task to achieve requirements on real-time communication in some industrial and automation control systems in case the DPI is implemented because of the latency and jitter introduced by these IDPS and DPI industrial firewall.

Globalization of semiconductor design and manufacturing has led to several hardware security issues. The problem of Hardware Trojans (HT) is one such security issue discussed widely in industry and academia. Adversary design engineer can insert the HT to leak confidential data, cause a denial of service attack or any other intention specific to the design. HT in cryptographic modules and processors are widely discussed. HT in Multi-Processor System on Chips (MPSoC) are also catastrophic, as most of the military applications use MPSoCs. Network on Chips (NoC) are standard communication infrastructure in modern day MPSoC. In this paper, we present a novel hardware Trojan which is capable of inducing performance degradation and denial of service attacks in a NoC. The presence of the Hardware Trojan in a NoC can compromise the crucial details of packets communicated through NoC. The proposed Trojan is triggered by a particular complex bit pattern from input messages and tries to mislead the packets away from the destined addresses. A mitigation method based on bit shuffling mechanism inside the router with a key directly extracted from input message is proposed to limit the adverse effects of the Trojan. The performance of a 4×4 NoC is evaluated under uniform traffic with the proposed Trojan and mitigation method. Simulation results show that the proposed mitigation scheme is useful in limiting the malicious effect of hardware Trojan.

In this paper, security of networked control system (NCS) under denial of service (DoS) attack is considered. Different from the existing literatures from the perspective of control systems, this paper considers a novel method of dynamic allocation of network bandwidth for NCS under DoS attack. Firstly, time-constrained DoS attack and its impact on the communication channel of NCS are introduced. Secondly, details for the proposed dynamic bandwidth allocation structure are presented along with an implementation, which is a bandwidth allocation strategy based on error between current state and equilibrium state and available bandwidth. Finally, a numerical example is given to demonstrate the effectiveness of the proposed bandwidth allocation approach.

Software Defined Networking (SDN) is an emerging architecture providing services on a priority basis for real-time communication, by pulling out the intelligence from the hardware and developing a better management system for effective networking. Denial of service (DoS) attacks pose a significant threat to SDN, as it can disable the genuine hosts and routers by exhausting their resources. It is thus vital to provide efficient traffic management, both at the data layer and the control layer, thereby becoming more responsive to dynamic network threats such as DoS. Existing DoS prevention and mitigation models for SDN are computationally expensive and are slow to react. This paper introduces a novel biologically inspired architecture for SDN to detect DoS flooding attacks. The proposed biologically inspired architecture utilizes the concepts of the human immune system to provide a robust solution against DoS attacks in SDNs. The two layer immune inspired framework, viz innate layer and adaptive layer, is initiated at the data layer and the control layer of SDN, respectively. The proposed model is reactive and lightweight for DoS mitigation in SDNs.

Mitigating the effect of Distributed Denial of Service (DDoS) attacks in wired/wireless networks is a problem of extreme importance. The present paper investigates this problem and proposes a secure AQM to encounter the effects of DDoS attacks on queue's router. The employed method relies on modelling the TCP/AQM system subjected to different DoS attack rate where the resulting closed-loop system is expressed as new Markovian Jump Linear System (MJLS). Sufficient delay-dependent conditions which guarantee the syntheses of a stabilizing control for the closed-loop system with a guaranteed cost J* are derived. Finally, a numerical example is displayed.

Network-on-Chip (NoC) is the communication platform of the data among the processing cores in Multiprocessors System-on-Chip (MPSoC). NoC has become a target to security attacks and by outsourcing design, it can be infected with a malicious Hardware Trojan (HT) to degrades the system performance or leaves a back door for sensitive information leaking. In this paper, we proposed a HT model that applies a denial of service attack by deliberately discarding the data packets that are passing through the infected node creating a black hole in the NoC. It is known as Black Hole Router (BHR) attack. We studied the effect of the BHR attack on the NoC. The power and area overhead of the BHR are analyzed. We studied the effect of the locations of BHRs and their distribution in the network as well. The malicious nodes has very small area and power overhead, 1.98% and 0.74% respectively, with a very strong violent attack.

Software Defined Networking (SDN) is a major paradigm in controlling and managing number of heterogeneous networks. It's a real challenge however to secure such complex networks which are heterogeneous in network security. The centralization of the intelligence in network presents both an opportunity as well as security threats. This paper focuses on various potential security challenges at the various levels of SDN architecture such as Denial of service (DoS) attack and its countermeasures. The paper shows the detection of DoS attck with S-FlowRT.

Military communities have come to rely heavily on commercial off the shelf (COTS) standards and technologies for Internet of Things (IoT) operations. One of the major obstacles to military use of COTS IoT devices is the security of data transfer. In this paper, we successfully design and develop a lightweight, trust-based security architecture to support routing in a mobile IoT network. Specifically, we modify the RPL IoT routing algorithm using common security techniques, including a nonce identity value, timestamp, and network whitelist. Our approach allows RPL to select a routing path over a mobile IoT wireless network based on a computed node trust value and average received signal strength indicator (ARSSI) value across network members. We conducted simulations using the Cooja network simulator and Wireshark to validate the algorithm against stipulated threat models. We demonstrate that our algorithm can protect the network against Denial of Service (DoS) and Sybil based identity attacks. We also show that the control overhead required for our algorithm is less than 5% and that the packet delivery rate improves by nearly 10%.

Security is the most important issue which needs to be given utmost importance and as both `Mobile Ad hoc Networks (MANET) and Wireless Sensor Networks (WSN) have similar system models, their security issues are also similar. This study deals in analysing the various lapses in security and the characteristics of various routing protocol's functionality and structure. This paper presents the implementation of ECC algorithm in the prevention of Denial of Service (DoS) attack through fictitious node. Optimized Link State Routing (OLSR) protocol is a MANET routing protocol and is evaluated mainly for two things. Primarily OLSR is less secure like AODV and others. The reason for it being less secure is that it is a table-driven in nature and uses a methodology called selective flooding technique, where redundancy is reduced and thus the security possibilities of the protocol is reduced. Another reason for selecting OLSR is that is an highly effective routing protocol for MANET. A brief information about formal routing is provided by the proposed methodology termed Denial Contradictions with Fictitious Node Mechanism (DCFM) which provides brief information about formal routing. Here, fictitious node acts as a virtual node and large networks are managed from attacks. More than 95% of attacks are prevented by this proposed methodology and the solution is applicable all the other DoS attacks of MANET.

Secure routing over VANET is a major issue due to its high mobility environment. Due to dynamic topology, routes are frequently updated and also suffers from link breaks due to the obstacles i.e. buildings, tunnels and bridges etc. Frequent link breaks can cause packet drop and thus result in degradation of network performance. In case of VANETs, it becomes very difficult to identify the reason of the packet drop as it can also occur due to the presence of a security threat. VANET is a type of wireless adhoc network and suffer from common attacks which exist for mobile adhoc network (MANET) i.e. Denial of Services (DoS), Black hole, Gray hole and Sybil attack etc. Researchers have already developed various security mechanisms for secure routing over MANET but these solutions are not fully compatible with unique attributes of VANET i.e. vehicles can communicate with each other (V2V) as well as communication can be initiated with infrastructure based network (V2I). In order to secure the routing for both types of communication, there is need to develop a solution. In this paper, a method for secure routing is introduced which can identify as well as eliminate the existing security threat.

Software Defined Networking (SDN) stands to transmute our modern networks and data centers, opening them up into highly agile frameworks that can be reconfigured depending on the requirement. Denial of Service (DoS) attacks are considered as one of the most destructive attacks. This paper, is about DoS attack detection and mitigation using SDN. DoS attack can minimize the bandwidth utilization, leaving the network unavailable for legitimate traffic. To provide a solution to the problem, concept of performance aware Software Defined Networking is used which involves real time network monitoring using sFlow as a visibility protocol. So, OpenFlow along with sFlow is used as an application to fight DoS attacks. Our analysis and results demonstrate that using this technique, DoS attacks are successfully defended implying that SDN has promising potential to detect and mitigate DoS attacks.

Smart city is gaining a significant attention all around the world. Narrowband technologies would have strong impact on achieving the smart city promises to its citizens with its powerful and efficient spectrum. The expected diversity of applications, different data structures and high volume of connecting devices for smart cities increase the persistent need to apply narrowband technologies. However, narrowband technologies have recognized limitations regarding security which make them an attractive target to cyber-attacks. In this paper, a novel platform architecture to secure smart city against cyber attackers is presented. The framework is providing a threat deep learning-based model to detect attackers based on users data behavior. The proposed architecture could be considered as an attempt toward developing a universal model to identify and block Denial of Service (DoS) attackers in a real time for smart city applications.

A digital microfluidic biochip (DMFB) is an emerging technology that enables miniaturized analysis systems for point-of-care clinical diagnostics, DNA sequencing, and environmental monitoring. A DMFB reduces the rate of sample and reagent consumption, and automates the analysis of assays. In this paper, we provide the first assessment of the security vulnerabilities of DMFBs. We identify result-manipulation attacks on a DMFB that maliciously alter the assay outcomes. Two practical result-manipulation attacks are shown on a DMFB platform performing enzymatic glucose assay on serum. In the first attack, the attacker adjusts the concentration of the glucose sample and thereby modifies the final result. In the second attack, the attacker tampers with the calibration curve of the assay operation. We then identify denial-of-service attacks, where the attacker can disrupt the assay operation by tampering either with the droplet-routing algorithm or with the actuation sequence. We demonstrate these attacks using a digital microfluidic synthesis simulator. The results show that the attacks are easy to implement and hard to detect. Therefore, this work highlights the need for effective protections against malicious modifications in DMFBs.

Public Key Regime (PKR) was proposed as an alternative to certificate based PKI in securing Vehicular Networks (VNs). It eliminates the need for vehicles to append their certificate for verification because the Road Side Units (RSUs) serve as Delegated Trusted Authorities (DTAs) to issue up-to-date public keys to vehicles for communications. If a vehicle's private/public key needs to be revoked, the root TA performs real time updates and disseminates the changes to these RSUs in the network. Therefore, PKR does not need to maintain a huge Certificate Revocation List (CRL), avoids complex certificate verification process and minimizes the high latency. However, the PKR scheme is vulnerable to Denial of Service (DoS) and collusion attacks. In this paper, we study these attacks and propose a pre-authentication mechanism to secure the PKR scheme. Our new scheme is called the Secure Public Key Regime (SPKR). It is based on the Schnorr signature scheme that requires vehicles to expend some amount of CPU resources before RSUs issue the requested public keys to them. This helps to alleviate the risk of DoS attacks. Furthermore, our scheme is secure against collusion attacks. Through numerical analysis, we show that SPKR has a lower authentication delay compared with the Elliptic Curve Digital Signature (ECDSA) scheme and other ECDSA based counterparts.

Nowadays, with the rapid development of Internet, the use of Web is increasing and the Web applications have become a substantial part of people's daily life (e.g. E-Government, E-Health and E-Learning), as they permit to seamlessly access and manage information. The main security concern for e-business is Web application security. Web applications have many vulnerabilities such as Injection, Broken Authentication and Session Management, and Cross-site scripting (XSS). Subsequently, web applications have become targets of hackers, and a lot of cyber attack began to emerge in order to block the services of these Web applications (Denial of Service Attach). Developers are not aware of these vulnerabilities and have no enough time to secure their applications. Therefore, there is a significant need to study and improve attack detection for web applications through determining the most significant factors for detection. To the best of our knowledge, there is not any research that summarizes the influent factors of detection web attacks. In this paper, the author studies state-of-the-art techniques and research related to web attack detection: the author analyses and compares different methods of web attack detections and summarizes the most important factors for Web attack detection independent of the type of vulnerabilities. At the end, the author gives recommendation to build a framework for web application protection.

Cultivation of Smart Grid refurbish with brisk and ingenious. The delinquent breed and sow mutilate in massive. This state of affair coerces security as a sapling which incessantly is to be irrigated with Research and Analysis. The Cyber Security is endowed with resiliency to the SYN flooding induced Denial of Service attack in this work. The proposed secure web server algorithm embedded in the LPC1768 processor ensures the smart resources to be precluded from the attack.

Wireless Mesh Networks (WMNs) are being considered as most adequate for deployment in the Neighborhood Area Network (NAN) domain of the smart grid infrastructure because their features such as self-organizing, scalability and cost-efficiency complement the NAN requirements. To enhance the security of the WMNs, the key refreshment strategy for the Simultaneous Authentication of Equals (SAE) or the Efficient Mesh Security Association (EMSA) protocols is an efficient way to make the network more resilient against the cyber-attacks. However, a security vulnerability is discovered in the EMSA protocol when using the key refreshment strategy. The first message of the Mesh Key Holder Security Handshake (MKHSH) can be forged and replayed back in the next cycles of the key refreshment leading to a Denial of Service (DoS) attack. In this paper, a simple one-way hash function based scheme is proposed to prevent the unprotected message from being replayed together with an enhancement to the key refreshment scheme to improve the resilience of the MKHSH. The Protocol Composition Logic (PCL) is used to verify the logical correctness of the proposed scheme, while the Process Analysis Toolkit (PAT) is used to evaluate the security functionality against the malicious attacks.

Rapid advances in wireless ad hoc networks lead to increase their applications in real life. Since wireless ad hoc networks have no centralized infrastructure and management, they are vulnerable to several security threats. Malicious packet dropping is a serious attack against these networks. In this attack, an adversary node tries to drop all or partial received packets instead of forwarding them to the next hop through the path. A dangerous type of this attack is called black hole. In this attack, after absorbing network traffic by the malicious node, it drops all received packets to form a denial of service (DOS) attack. In this paper, a dynamic trust model to defend network against this attack is proposed. In this approach, a node trusts all immediate neighbors initially. Getting feedback from neighbors' behaviors, a node updates the corresponding trust value. The simulation results by NS-2 show that the attack is detected successfully with low false positive probability.

Advanced Metering Infrastructure (AMI) is the core component in a smart grid that exhibits a highly complex network configuration. AMI shares information about consumption, outages, and electricity rates reliably and efficiently by bidirectional communication between smart meters and utilities. However, the numerous smart meters being connected through mesh networks open new opportunities for attackers to interfere with communications and compromise utilities assets or steal customers private information. In this paper, we present a new DoS attack, called puppet attack, which can result in denial of service in AMI network. The intruder can select any normal node as a puppet node and send attack packets to this puppet node. When the puppet node receives these attack packets, this node will be controlled by the attacker and flood more packets so as to exhaust the network communication bandwidth and node energy. Simulation results show that puppet attack is a serious and packet deliver rate goes down to 20%-10%.

Reduction of Quality (RoQ) attack is a stealthy denial of service attack. It can decrease or inhibit normal TCP flows in network. Victims are hard to perceive it as the final network throughput is decreasing instead of increasing during the attack. Therefore, the attack is strongly hidden and it is difficult to be detected by existing detection systems. Based on the principle of Time-Frequency analysis, we propose a two-stage detection algorithm which combines anomaly detection with misuse detection. In the first stage, we try to detect the potential anomaly by analyzing network traffic through Wavelet multiresolution analysis method. According to different time-domain characteristics, we locate the abrupt change points. In the second stage, we further analyze the local traffic around the abrupt change point. We extract the potential attack characteristics by autocorrelation analysis. By the two-stage detection, we can ultimately confirm whether the network is affected by the attack. Results of simulations and real network experiments demonstrate that our algorithm can detect RoQ attacks, with high accuracy and high efficiency.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack, exhausts the resources of server/service and makes it unavailable for legitimate users. With increasing use of online services and attacks on these services, the importance of Intrusion Detection System (IDS) for detection of DoS/DDoS attacks has also grown. Detection accuracy & CPU utilization of Data mining based IDS is directly proportional to the quality of training dataset used to train it. Various preprocessing methods like normalization, discretization, fuzzification are used by researchers to improve the quality of training dataset. This paper evaluates the effect of various data preprocessing methods on the detection accuracy of DoS/DDoS attack detection IDS and proves that numeric to binary preprocessing method performs better compared to other methods. Experimental results obtained using KDD 99 dataset are provided to support the efficiency of proposed combination.