Biblio
With the development of network services and people's privacy requirements continue to increase. On the basis of providing anonymous user communication, it is necessary to protect the anonymity of the server. At the same time, there are many threatening crime messages in the dark network. However, many scholars lack the ability or expertise to conduct research on dark-net threat intelligence. Therefore, this paper designs a framework based on Hadoop is hidden threat intelligence. The framework uses HDFS as the underlying storage system to build a HBase-based distributed database to store and manage threat intelligence information. According to the heterogeneous type of the forum, the web crawler is used to collect data through the anonymous TOR tool. The framework is used to identify the characteristics of key dark network criminal networks, which is the basis for the later dark network research.
The amount of connected devices in the industrial environment is growing continuously, due to the ongoing demands of new features like predictive maintenance. New business models require more data, collected by IIoT edge node sensors based on inexpensive and low performance Microcontroller Units (MCUs). A negative side effect of this rise of interconnections is the increased attack surface, enabled by a larger network with more network services. Attaching badly documented and cheap devices to industrial networks often without permission of the administrator even further increases the security risk. A decent method to monitor the network and detect “unwanted” devices is network scanning. Typically, this scanning procedure is executed by a computer or server in each sub-network. In this paper, we introduce network scanning and mapping as a building block to scan directly from the Industrial Internet of Things (IIoT) edge node devices. This module scans the network in a pseudo-random periodic manner to discover devices and detect changes in the network structure. Furthermore, we validate our approach in an industrial testbed to show the feasibility of this approach.
SDN is a new network architecture for control and data forwarding logic separation, able to provide a high degree of openness and programmability, with many advantages not available by traditional networks. But there are still some problems unsolved, for example, it is easy to cause the controller to be attacked due to the lack of verifying the source of the packet, and the limited range of match fields cannot meet the requirement of the precise control of network services etc. Aiming at the above problems, this paper proposes a SDN network security control forwarding mechanism based on cipher identification, when packets flow into and out of the network, the forwarding device must verify their source to ensure the user's non-repudiation and the authenticity of packets. Besides administrators control the data forwarding based on cipher identification, able to form network management and control capabilities based on human, material, business flow, and provide a new method and means for the future of Internet security.
As the number of devices that gain connectivity and join the category of smart-objects increases every year reaching unprecedented numbers, new challenges are imposed on our networks. While specialized solutions for certain use cases have been proposed, more flexible and scalable new approaches to networking will be required to deal with billions or trillions of smart objects connected to the Internet. With this paper, we take a step back looking at the set of basic problems that are posed by this group of devices. In order to develop an analysis on how these issues could be approached, we define which fundamental abstractions might help solving or at least reducing their impact on the network by offering support for fundamental matters such as mobility, group based delivery and support for distributed computing resources. Based on the concept of named-objects, we propose a set of solutions that network and show how this approach can address both scalability and functional requirements. Finally, we describe a comprehensive clean-slate network architecture (MobiityFirst) which attempts to realize the proposed capabilities.
ID/password-based authentication is commonly used in network services. Some users set different ID/password pairs for different services, but other users reuse a pair of ID/password to other services. Such recycling allows the list attack in which an adversary tries to spoof a target user by using a list of IDs and passwords obtained from other system by some means (an insider attack, malwares, or even a DB leakage). As a countermeasure agains the list attack, biometric authentication attracts much attention than before. In 2012, Hattori et al. proposed a cancelable biometrics authentication scheme (fundamental scheme) based on homomorphic encryption algorithms. In the scheme, registered biometric information (template) and biometric information to compare are encrypted, and the similarity between these biometric information is computed with keeping encrypted. Only the privileged entity (a decryption center), who has a corresponding decryption key, can obtain the similarity by decrypting the encrypted similarity and judge whether they are same or not. Then, Hirano et al. showed the replay attack against this scheme, and, proposed two enhanced authentication schemes. In this paper, we propose a spoofing attack against the fundamental scheme when the feature vector, which is obtained by digitalizing the analogue biometric information, is represented as a binary coding such as Iris Code and Competitive Code. The proposed attack uses an unexpected vector as input, whose distance to all possible binary vectors is constant. Since the proposed attack is independent from the replay attack, the attack is also applicable to two revised schemes by Hirano et al. as well. Moreover, this paper also discusses possible countermeasures to the proposed spoofing attack. In fact, this paper proposes a countermeasure by detecting such unexpected vector.