Mehran Pourvahab | University of Beira Interior (original) (raw)
Papers by Mehran Pourvahab
Port-Knocking with the usage of Web, Internet control message protocol and Tunneling (PWIT), 2012
Providing the facility of an open port for public is example of sending an invitation to an intru... more Providing the facility of an open port for public is example of sending an invitation to an intruder. Unfortunately, lots of computer services like SMTP and HTTP need to be with open port for public. Although there are the other services that don't need to be available, and whenever we need them, must be available for. Therefore, with the use of Port-Knocking technique, with the use of sending invisible Knocks on the close port, enable us to find the level of requirement availability of ports or necessity of services. In this paper a novel method called "Pro-Knocking with the usage of Web, Internet control message protocol and Tunneling" , with the creation of an invisible service for hacking like DoS, and also with the use of Tunneling for reduction of NAT-Knocking and more complexity at the Knock operation, password and usage of ICMP at the same time to prevent Sniffing. This method for users would be cause of deletion specific and complex programs, for knocking process and also successfully run and implementation on MikroTik RouterOs.
2nd Lahijan National Conference on Software Engeering, 2012
Sometimes, we need to grant access to open ports or services only to specific authorized users, w... more Sometimes, we need to grant access to open ports or services only to specific authorized users, while keeping these ports or services closed, inaccessible, or hidden from others. This necessitates a robust and effective authentication system to distinguish users with access privileges from unauthorized ones. This is where Port Knocking (PK) plays a role, enabling users to gain access to ports or services by sending hidden "knocks" to closed ports.
Port Knocking (PK) is an authentication method where data transfer occurs via closed ports, acting as a highly resilient shield against numerous vulnerabilities, including insecure services and various attacks.
This paper introduces a novel approach titled "Increased Security of Port-Knocking, using tunneling and Internet messages control protocol (SPKT+I)" to mitigate Knocking-DoS attacks by establishing an invisible service, reduce NAT-Knocking attacks through tunneling, and increase the complexity of knock operations using passwords and the simultaneous use of ICMP to prevent sniffing. This method eliminates the need for specialized and complex applications to perform knock operations for users. Furthermore, it has been successfully implemented and executed on the RouterOS operating system and MikroTik devices.
arXiv (Cornell University), May 4, 2023
Electrocardiogram (ECG) signals, which capture the heart's electrical activity, are used to diagn... more Electrocardiogram (ECG) signals, which capture the heart's electrical activity, are used to diagnose and monitor cardiac problems. The accurate classification of ECG signals, particularly for distinguishing among various types of arrhythmias and myocardial infarctions, is crucial for the early detection and treatment of heart-related diseases. This paper proposes a novel approach based on an improved differential evolution (DE) algorithm for ECG signal classification for enhancing the performance. In the initial stages of our approach, the preprocessing step is followed by the extraction of several significant features from the ECG signals. These extracted features are then provided as inputs to an enhanced multi-layer perceptron (MLP). While MLPs are still widely used for ECG signal classification, using gradient-based training methods, the most widely used algorithm for the training process, has significant disadvantages, such as the possibility of being stuck in local optimums. This paper employs an enhanced differential evolution (DE) algorithm for the training process as one of the most effective population-based algorithms. To this end, we improved DE based on a clustering-based strategy, opposition-based learning, and a local search. Clusteringbased strategies can act as crossover operators, while the goal of the opposition operator is to improve the exploration of the DE algorithm. The weights and biases found by the improved DE algorithm are then fed into six gradient-based local search algorithms. In other words, the weights found by the DE are employed as an initialization point. Therefore, we introduced six different algorithms for the training process (in terms of different local search algorithms). In an extensive set of experiments, we showed that our proposed training algorithm could provide better results than the conventional training algorithms.
2023 IEEE 7th Portuguese Meeting on Bioengineering (ENBENG)
IEEE Transactions on Geoscience and Remote Sensing
Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 2023
IEEE Access, 2019
Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crime... more Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using fast-growing Software-Defined Networking (SDN) and Blockchain technology for Infrastructure-as-a-Service (IaaS) cloud. In this proposed forensic architecture, the evidence is collected and preserved in the blockchain that is distributed among multiple peers. To protect the system from unauthorized users, Secure Ring Verification based Authentication (SRVA) scheme is proposed. To strengthen the cloud environment, secret keys are generated optimally by using Harmony Search Optimization (HSO) algorithm. All data are encrypted based on the sensitivity level and stored in the cloud server. For encryption, Sensitivity Aware Deep Elliptic Curve Cryptography (SA-DECC) algorithm is presented. For every data stored in the cloud, a block is created in the SDN controller and the history of data is recorded as metadata. In each block, the Merkle hash tree is built by using Secure Hashing Algorithm-3 (SHA-3). Our system allows users to trace their data by deploying Fuzzy based Smart Contracts (FCS). Finally, evidence analysis is enabled by constructing Logical Graph of Evidence (LGoE) collected from the blockchain. Experiments are conducted in an integrated environment of java (for cloud and blockchain) and network simulator-3.26 (for SDN). The extensive analysis shows that proposed forensic architecture shows promising results in Response time, Evidence insertion time, Evidence verification time, Communication overhead, Hash computation time, Key generation time, Encryption time, Decryption time and total change rate. INDEX TERMS Software-defined networking, blockchain, evidence collection, cloud forensics, security.
IEEE Access, 2019
A Potential solution for solving forensic is the use of blockchain in software-defined networking... more A Potential solution for solving forensic is the use of blockchain in software-defined networking (SDN). The blockchain is a distributed peer-to-peer network that can be utilized on SDN-based Internet of Things (IoT) environments for security provisioning. Hence, to meet some challenges in digital forensics such as data integrity, evidence deletion or alteration, blockchain is used. However, some problems such as poor attack detection and slow processing existed in previous works. To address these issues, an efficient forensics architecture is proposed in SDN-IoT that establishes the Chain of Custody (CoC) in blockchain technology. The proposed SDN-based IoT architecture is initiated with flow table rules on switches for the three different traffics Voice over Internet Protocol (VoIP), File Transfer Protocol (FTP), and Hyper Text Transfer Protocol (HTTP). In this work, overloaded switches migrate the packets to nearby switches to balance the packet flow. The packets disobeying flow rules will be discarded by switches. The blockchainbased distributed controller in this forensic architecture is designed to use the Linear Homomorphic Signature (LHS) algorithm for validating users. Each controller is fed with a classifier that uses the Neuro Multifuzzy to classify malicious packets based on packet features. The logs of events are used and stored on the blockchain in the proposed SDN-IoT architecture. We evaluated the performance of our forensic architecture and compared it to the existing model using various performance measures. Our evaluation results demonstrate performance improvement by reducing delay, response time and processing time, increasing throughput, accuracy, and security parameters. INDEX TERMS Software-defined networking, the Internet of Things, forensics, security, blockchain.
The Smart Computing Review, 2002
Recent developments of wireless communication devices have increased the interest in wireless net... more Recent developments of wireless communication devices have increased the interest in wireless networks. The hidden node problem is one of the major problems which leads to packet dropping and transfer delays via blind collisions. In this paper, we discuss the design factors of some existing mechanisms to deal with hidden node avoidance, and present a timeline of the development of these mechanisms. We classify and characterize the existing mechanisms into three categories, which are handshaking, busy tone multiple accesses, and routing management mechanisms. This classification and characterization provides a better qualitative comparison and presents a clear picture of the strengths and weaknesses of these mechanisms. Finally, we highlight the open issues that still need to be addressed.
2012 IEEE Symposium on Computers & Informatics (ISCI), 2012
In recent years, there has been an increasing interest in the authentication process due to the k... more In recent years, there has been an increasing interest in the authentication process due to the key role that it has in the network security. Port Knocking (PKn) is an authentication method in which data transmits through the closed ports. This method is prone to attacks when attackers sniff the network. This paper proposes a new method which is called
IEEE, 2019
Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crime... more Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using fast-growing Software-Defined Networking (SDN) and Blockchain technology for Infrastructure-as-a-Service (IaaS) cloud. In this proposed forensic architecture, the evidence is collected and preserved in the blockchain that is distributed among multiple peers. To protect the system from unauthorized users, Secure Ring Verification based Authentication (SRVA) scheme is proposed. To strengthen the cloud environment, secret keys are generated optimally by using Harmony Search Optimization (HSO) algorithm. All data are encrypted based on the sensitivity level and stored in the cloud server. For encryption, Sensitivity Aware Deep Elliptic Curve Cryptography (SA-DECC) algorithm is presented. For every data stored in the cloud, a block is created in the SDN controller and the history of data is recorded as metadata. In each block, the Merkle hash tree is built by using Secure Hashing Algorithm-3 (SHA-3). Our system allows users to trace their data by deploying Fuzzy based Smart Contracts (FCS). Finally, evidence analysis is enabled by constructing Logical Graph of Evidence (LGoE) collected from the blockchain. Experiments are conducted in an integrated environment of java (for cloud and blockchain) and network simulator-3.26 (for SDN). The extensive analysis shows that proposed forensic architecture shows promising results in Response time, Evidence insertion time, Evidence verification time, Communication overhead, Hash computation time, Key generation time, Encryption time, Decryption time and total change rate.
IEEE Access, 2019
A Potential solution for solving forensic is the use of blockchain in Software Defined Networking... more A Potential solution for solving forensic is the use of blockchain in Software Defined Networking (SDN). The blockchain is a distributed peer to peer network that can be utilized on SDN based Internet of Things (IoT) environments for security provisioning. Hence, to meet some challenges in digital forensics such as data integrity, evidence deletion or alteration, blockchain is used. However, some problems as poor attack detection and slow processing existed in previous works. To address these issues an efficient forensics architecture is proposed in SDN-IoT that establishes Chain of Custody (CoC) in blockchain technology. The proposed SDN based IoT architecture is initiated with flow table rules on switches for three different traffics Voice over Internet Protocol (VoIP), File Transfer Protocol (FTP) and Hyper Text Transfer Protocol (HTTP). In this work, overloaded switches migrate the packets to nearby switches to balance the packet flow. The packets disobeying flow rules will be discarded by switches. The blockchain-based distributed controller in this forensic architecture is designed to use Linear Homomorphic Signature (LHS) algorithm for validating users. Each controller is fed with a classifier that uses Neuro Multi-fuzzy to classify malicious packets based on packet features. The logs of events are used and stored on the blockchain in the proposed SDN-IoT architecture. We evaluated the performance of our forensic architecture and compared it to the existing model using various performance measures. Our evaluation results demonstrate performance improvement by reducing delay, response time and processing time, increasing throughput, accuracy and security parameters.
INTERNATIONAL JOURNAL OF CURRENT LIFE SCIENCES, 2014
There are times we need to grant access to open ports and services only to certain or authorized ... more There are times we need to grant access to open ports and services only to certain or authorized users while they are inaccessible or hidden to others. Thus, there is needs for an effective authentication system which enables privileged users to secretly knock in close ports. Web-Knocking, is a variation of PortKnocking (PKn), transmits data through web pages instead of closed ports. Traditional methods of PKn could be subject to sniffing and DoS (Denial of Service) attacks. In this paper put forward, a novel method called Enhanced Secure Web-Knocking (SWKn). SWKn is shields against sniffers through cryptography and One-Time Password (OTP), parries DoS-Knocking attacks by making the service invisible, and eliminates the client’s need for sophisticated and special applications to knock. This method has been successfully implemented on Router-OS and Linux operating systems.
Smart Computing Review, 2012
Recent developments of wireless communication devices have increased the interest in wireless net... more Recent developments of wireless communication devices have increased the interest in wireless networks. The hidden node problem is one of the major problems which leads to packet dropping and transfer delays via blind collisions. In this paper, we discuss the design factors of some existing mechanisms to deal with hidden node avoidance, and present a timeline of the development of these mechanisms. We classify and characterize the existing mechanisms into three categories, which are handshaking, busy tone multiple accesses, and routing management mechanisms. This classification and characterization provides a better qualitative comparison and presents a clear picture of the strengths and weaknesses of these mechanisms. Finally, we highlight the open issues that still need to be addressed.
Computers & Informatics (ISCI), Mar 18, 2012
In recent years, there has been an increasing interest in the authentication process due to the k... more In recent years, there has been an increasing interest in the authentication process due to the key role that it has in the network security. Port Knocking (PKn) is an authentication method in which data transmits through the closed ports. This method is prone to attacks when attackers sniff the network. This paper proposes a new method which is called “Secure Port Knock-Tunneling” to eliminate both DOS-Knocking and NATK-nocking attacks. The possibility of implementation of this method is investigated on the Mikrotik devices.
Port-Knocking with the usage of Web, Internet control message protocol and Tunneling (PWIT), 2012
Providing the facility of an open port for public is example of sending an invitation to an intru... more Providing the facility of an open port for public is example of sending an invitation to an intruder. Unfortunately, lots of computer services like SMTP and HTTP need to be with open port for public. Although there are the other services that don't need to be available, and whenever we need them, must be available for. Therefore, with the use of Port-Knocking technique, with the use of sending invisible Knocks on the close port, enable us to find the level of requirement availability of ports or necessity of services. In this paper a novel method called "Pro-Knocking with the usage of Web, Internet control message protocol and Tunneling" , with the creation of an invisible service for hacking like DoS, and also with the use of Tunneling for reduction of NAT-Knocking and more complexity at the Knock operation, password and usage of ICMP at the same time to prevent Sniffing. This method for users would be cause of deletion specific and complex programs, for knocking process and also successfully run and implementation on MikroTik RouterOs.
2nd Lahijan National Conference on Software Engeering, 2012
Sometimes, we need to grant access to open ports or services only to specific authorized users, w... more Sometimes, we need to grant access to open ports or services only to specific authorized users, while keeping these ports or services closed, inaccessible, or hidden from others. This necessitates a robust and effective authentication system to distinguish users with access privileges from unauthorized ones. This is where Port Knocking (PK) plays a role, enabling users to gain access to ports or services by sending hidden "knocks" to closed ports.
Port Knocking (PK) is an authentication method where data transfer occurs via closed ports, acting as a highly resilient shield against numerous vulnerabilities, including insecure services and various attacks.
This paper introduces a novel approach titled "Increased Security of Port-Knocking, using tunneling and Internet messages control protocol (SPKT+I)" to mitigate Knocking-DoS attacks by establishing an invisible service, reduce NAT-Knocking attacks through tunneling, and increase the complexity of knock operations using passwords and the simultaneous use of ICMP to prevent sniffing. This method eliminates the need for specialized and complex applications to perform knock operations for users. Furthermore, it has been successfully implemented and executed on the RouterOS operating system and MikroTik devices.
arXiv (Cornell University), May 4, 2023
Electrocardiogram (ECG) signals, which capture the heart's electrical activity, are used to diagn... more Electrocardiogram (ECG) signals, which capture the heart's electrical activity, are used to diagnose and monitor cardiac problems. The accurate classification of ECG signals, particularly for distinguishing among various types of arrhythmias and myocardial infarctions, is crucial for the early detection and treatment of heart-related diseases. This paper proposes a novel approach based on an improved differential evolution (DE) algorithm for ECG signal classification for enhancing the performance. In the initial stages of our approach, the preprocessing step is followed by the extraction of several significant features from the ECG signals. These extracted features are then provided as inputs to an enhanced multi-layer perceptron (MLP). While MLPs are still widely used for ECG signal classification, using gradient-based training methods, the most widely used algorithm for the training process, has significant disadvantages, such as the possibility of being stuck in local optimums. This paper employs an enhanced differential evolution (DE) algorithm for the training process as one of the most effective population-based algorithms. To this end, we improved DE based on a clustering-based strategy, opposition-based learning, and a local search. Clusteringbased strategies can act as crossover operators, while the goal of the opposition operator is to improve the exploration of the DE algorithm. The weights and biases found by the improved DE algorithm are then fed into six gradient-based local search algorithms. In other words, the weights found by the DE are employed as an initialization point. Therefore, we introduced six different algorithms for the training process (in terms of different local search algorithms). In an extensive set of experiments, we showed that our proposed training algorithm could provide better results than the conventional training algorithms.
2023 IEEE 7th Portuguese Meeting on Bioengineering (ENBENG)
IEEE Transactions on Geoscience and Remote Sensing
Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 2023
IEEE Access, 2019
Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crime... more Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using fast-growing Software-Defined Networking (SDN) and Blockchain technology for Infrastructure-as-a-Service (IaaS) cloud. In this proposed forensic architecture, the evidence is collected and preserved in the blockchain that is distributed among multiple peers. To protect the system from unauthorized users, Secure Ring Verification based Authentication (SRVA) scheme is proposed. To strengthen the cloud environment, secret keys are generated optimally by using Harmony Search Optimization (HSO) algorithm. All data are encrypted based on the sensitivity level and stored in the cloud server. For encryption, Sensitivity Aware Deep Elliptic Curve Cryptography (SA-DECC) algorithm is presented. For every data stored in the cloud, a block is created in the SDN controller and the history of data is recorded as metadata. In each block, the Merkle hash tree is built by using Secure Hashing Algorithm-3 (SHA-3). Our system allows users to trace their data by deploying Fuzzy based Smart Contracts (FCS). Finally, evidence analysis is enabled by constructing Logical Graph of Evidence (LGoE) collected from the blockchain. Experiments are conducted in an integrated environment of java (for cloud and blockchain) and network simulator-3.26 (for SDN). The extensive analysis shows that proposed forensic architecture shows promising results in Response time, Evidence insertion time, Evidence verification time, Communication overhead, Hash computation time, Key generation time, Encryption time, Decryption time and total change rate. INDEX TERMS Software-defined networking, blockchain, evidence collection, cloud forensics, security.
IEEE Access, 2019
A Potential solution for solving forensic is the use of blockchain in software-defined networking... more A Potential solution for solving forensic is the use of blockchain in software-defined networking (SDN). The blockchain is a distributed peer-to-peer network that can be utilized on SDN-based Internet of Things (IoT) environments for security provisioning. Hence, to meet some challenges in digital forensics such as data integrity, evidence deletion or alteration, blockchain is used. However, some problems such as poor attack detection and slow processing existed in previous works. To address these issues, an efficient forensics architecture is proposed in SDN-IoT that establishes the Chain of Custody (CoC) in blockchain technology. The proposed SDN-based IoT architecture is initiated with flow table rules on switches for the three different traffics Voice over Internet Protocol (VoIP), File Transfer Protocol (FTP), and Hyper Text Transfer Protocol (HTTP). In this work, overloaded switches migrate the packets to nearby switches to balance the packet flow. The packets disobeying flow rules will be discarded by switches. The blockchainbased distributed controller in this forensic architecture is designed to use the Linear Homomorphic Signature (LHS) algorithm for validating users. Each controller is fed with a classifier that uses the Neuro Multifuzzy to classify malicious packets based on packet features. The logs of events are used and stored on the blockchain in the proposed SDN-IoT architecture. We evaluated the performance of our forensic architecture and compared it to the existing model using various performance measures. Our evaluation results demonstrate performance improvement by reducing delay, response time and processing time, increasing throughput, accuracy, and security parameters. INDEX TERMS Software-defined networking, the Internet of Things, forensics, security, blockchain.
The Smart Computing Review, 2002
Recent developments of wireless communication devices have increased the interest in wireless net... more Recent developments of wireless communication devices have increased the interest in wireless networks. The hidden node problem is one of the major problems which leads to packet dropping and transfer delays via blind collisions. In this paper, we discuss the design factors of some existing mechanisms to deal with hidden node avoidance, and present a timeline of the development of these mechanisms. We classify and characterize the existing mechanisms into three categories, which are handshaking, busy tone multiple accesses, and routing management mechanisms. This classification and characterization provides a better qualitative comparison and presents a clear picture of the strengths and weaknesses of these mechanisms. Finally, we highlight the open issues that still need to be addressed.
2012 IEEE Symposium on Computers & Informatics (ISCI), 2012
In recent years, there has been an increasing interest in the authentication process due to the k... more In recent years, there has been an increasing interest in the authentication process due to the key role that it has in the network security. Port Knocking (PKn) is an authentication method in which data transmits through the closed ports. This method is prone to attacks when attackers sniff the network. This paper proposes a new method which is called
IEEE, 2019
Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crime... more Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using fast-growing Software-Defined Networking (SDN) and Blockchain technology for Infrastructure-as-a-Service (IaaS) cloud. In this proposed forensic architecture, the evidence is collected and preserved in the blockchain that is distributed among multiple peers. To protect the system from unauthorized users, Secure Ring Verification based Authentication (SRVA) scheme is proposed. To strengthen the cloud environment, secret keys are generated optimally by using Harmony Search Optimization (HSO) algorithm. All data are encrypted based on the sensitivity level and stored in the cloud server. For encryption, Sensitivity Aware Deep Elliptic Curve Cryptography (SA-DECC) algorithm is presented. For every data stored in the cloud, a block is created in the SDN controller and the history of data is recorded as metadata. In each block, the Merkle hash tree is built by using Secure Hashing Algorithm-3 (SHA-3). Our system allows users to trace their data by deploying Fuzzy based Smart Contracts (FCS). Finally, evidence analysis is enabled by constructing Logical Graph of Evidence (LGoE) collected from the blockchain. Experiments are conducted in an integrated environment of java (for cloud and blockchain) and network simulator-3.26 (for SDN). The extensive analysis shows that proposed forensic architecture shows promising results in Response time, Evidence insertion time, Evidence verification time, Communication overhead, Hash computation time, Key generation time, Encryption time, Decryption time and total change rate.
IEEE Access, 2019
A Potential solution for solving forensic is the use of blockchain in Software Defined Networking... more A Potential solution for solving forensic is the use of blockchain in Software Defined Networking (SDN). The blockchain is a distributed peer to peer network that can be utilized on SDN based Internet of Things (IoT) environments for security provisioning. Hence, to meet some challenges in digital forensics such as data integrity, evidence deletion or alteration, blockchain is used. However, some problems as poor attack detection and slow processing existed in previous works. To address these issues an efficient forensics architecture is proposed in SDN-IoT that establishes Chain of Custody (CoC) in blockchain technology. The proposed SDN based IoT architecture is initiated with flow table rules on switches for three different traffics Voice over Internet Protocol (VoIP), File Transfer Protocol (FTP) and Hyper Text Transfer Protocol (HTTP). In this work, overloaded switches migrate the packets to nearby switches to balance the packet flow. The packets disobeying flow rules will be discarded by switches. The blockchain-based distributed controller in this forensic architecture is designed to use Linear Homomorphic Signature (LHS) algorithm for validating users. Each controller is fed with a classifier that uses Neuro Multi-fuzzy to classify malicious packets based on packet features. The logs of events are used and stored on the blockchain in the proposed SDN-IoT architecture. We evaluated the performance of our forensic architecture and compared it to the existing model using various performance measures. Our evaluation results demonstrate performance improvement by reducing delay, response time and processing time, increasing throughput, accuracy and security parameters.
INTERNATIONAL JOURNAL OF CURRENT LIFE SCIENCES, 2014
There are times we need to grant access to open ports and services only to certain or authorized ... more There are times we need to grant access to open ports and services only to certain or authorized users while they are inaccessible or hidden to others. Thus, there is needs for an effective authentication system which enables privileged users to secretly knock in close ports. Web-Knocking, is a variation of PortKnocking (PKn), transmits data through web pages instead of closed ports. Traditional methods of PKn could be subject to sniffing and DoS (Denial of Service) attacks. In this paper put forward, a novel method called Enhanced Secure Web-Knocking (SWKn). SWKn is shields against sniffers through cryptography and One-Time Password (OTP), parries DoS-Knocking attacks by making the service invisible, and eliminates the client’s need for sophisticated and special applications to knock. This method has been successfully implemented on Router-OS and Linux operating systems.
Smart Computing Review, 2012
Recent developments of wireless communication devices have increased the interest in wireless net... more Recent developments of wireless communication devices have increased the interest in wireless networks. The hidden node problem is one of the major problems which leads to packet dropping and transfer delays via blind collisions. In this paper, we discuss the design factors of some existing mechanisms to deal with hidden node avoidance, and present a timeline of the development of these mechanisms. We classify and characterize the existing mechanisms into three categories, which are handshaking, busy tone multiple accesses, and routing management mechanisms. This classification and characterization provides a better qualitative comparison and presents a clear picture of the strengths and weaknesses of these mechanisms. Finally, we highlight the open issues that still need to be addressed.
Computers & Informatics (ISCI), Mar 18, 2012
In recent years, there has been an increasing interest in the authentication process due to the k... more In recent years, there has been an increasing interest in the authentication process due to the key role that it has in the network security. Port Knocking (PKn) is an authentication method in which data transmits through the closed ports. This method is prone to attacks when attackers sniff the network. This paper proposes a new method which is called “Secure Port Knock-Tunneling” to eliminate both DOS-Knocking and NATK-nocking attacks. The possibility of implementation of this method is investigated on the Mikrotik devices.