Session 8: Internet security (original) (raw)
Related papers
Implementing moving target IPv6 defense to secure 6LoWPAN in the internet of things and smart grid
Proceedings of the 9th Annual Cyber and Information Security Research Conference on - CISR '14, 2014
The growing momentum of the Internet of Things (IoT) has shown an increase in attack vectors within the security research community. We propose adapting a recent new approach of frequently changing IPv6 address assignment to add an additional layer of security to the Internet of Things. We examine implementing Moving Target IPv6 Defense (MT6D) in IPv6 over Low-Powered Wireless Personal Area Networks (6LoWPAN); a protocol that is being used in wireless sensors found in home automation systems and smart meters. 6LoWPAN allows the Internet of Things to extend into the world of wireless sensor networks. We propose adapting Moving-Target IPv6 Defense for use with 6LoWPAN in order to defend against network-side attacks such as Denial-of-Service and Man-In-The-Middle while maintaining anonymity of client-server communications. This research aims in providing a moving-target defense for wireless sensor networks while maintaining power efficiency within the network.
Security and privacy produced by DHCP unique identifiers
The 16th North-East Asia Symposium on Nano, Information Technology and Reliability, 2011
As protection against the current privacy weaknesses of StateLess Address AutoConfiguration (SLAAC) in the Internet Protocol version 6 (IPv6), network administrat ors may choose to deploy the new Dynamic Host Configuration Protocol for IPv6 (DHCPv6). Similar to the Dynamic Host Configuration Protocol (DHCP) for the Internet Protocol version 4 (IPv4), DHCPv6 uses a client server model to manage addresses in networks, providing statefol address assignment. While DHCPv6 can be configured to assign randomly distributed addresses to clients, the DHCP Unique Identifier (DUID) was designed to identify uniquely identify clients to servers and remains static to clients as they move between diff erent subnets and networks. Since the DUID is globally unique and exposed in the clear, attackers can geotemporally track clients by sniffi ng DHCPv6 messages on the local network or by using unauthenticated protocol-valid queries that request systems' DUIDs or leased addresses. DUIDs can also be formed with system specific iriformation, forther compromising the privacy and security of the host. To combat the threat of the static DUID, a dynamic DUID was implemented and analyzed for its effect on privacy and security as well as its computational overhead. The privacy implications of DHCPv6 must be addressed before large-scale IPv6 deployment.
Privacy and Security of DHCP Unique Identifiers
… for Information Security …, 2011
As protection against the current privacy weaknesses of StateLess Address AutoConfiguration (SLAAC) in the Internet Protocol version 6 (IPv6), network administrators may choose to deploy the new Dynamic Host Configuration Protocol for IPv6 (DHCPv6). Similar to the Dynamic Host Configuration Protocol (DHCP) for the Internet Protocol version 4 (IPv4), DHCPv6 uses a clientserver model to manage addresses in networks, providing stateful address assignment. While DHCPv6 can be configured to assign randomly ...
Securing Static Nodes in Mobile-Enabled Systems using a Network-Layer Moving Target Defense
As computing becomes mobile and systems enable connectivity through mobile applications, the characteristics of the network communication of these systems change due to the instability of mobile nodes on networks. Mobile devices logically move by changing addresses throughout the course of their communication in the system. These mobiles nodes acquire characteristics of a moving target defense, in which nodes change addresses to avoid detection and attack. Yet, as mobile nodes change addresses, the critical points in the system that applications are set to communicate with, such as servers, cloud services, and peer registration servers, remain static and become easily identifiable. Mobile-enabled systems are beginning to model heterogeneous moving target networks, in which some nodes move while others remain static. Heterogeneous moving target networks expose relationships and dependencies between nodes, helping an attacker easily identify the static, critical nodes within a mobile-enabled system. Homogeneous moving target networks, in which all nodes change addresses, mask the critical points within the system, blending the mobile nodes with the critical, static nodes, and provide additional security for the static nodes. By applying a moving target defense to all nodes within a mobile-enabled system, the critical points can be masked and additional security can be provided.
Using transport layer multihoming to enhance network layer moving target defenses
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop on - CSIIRW '13, 2013
As systems and networks begin to transition to the Internet Protocol version 6 (IPv6), the immense address space available in the new protocol allows for devices to maintain multiple addresses and to change addresses frequently. These new capabilities encourage network layer moving target defenses in IPv6. Yet, common transport layer protocols, such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP), create sockets that are bound to a single IP address and that require significant amounts of system and network overhead per session, discouraging their use for communication over multiple addresses. Stream Control Transmission Protocol (SCTP) is a transport layer protocol that allows for network sockets to use multiple IP addresses, referred to as multihoming. SCTP was tested with the Moving Target Defense for IPv6 (MT6D), a network layer moving target defense that was originally designed using UDP to dynamically change IPv6 addresses while maintaining sessions. By switching from UDP to SCTP, MT6D will improve performance and show the capability of multihomed transport layer protocols, such as SCTP, in moving target defenses.
Mobile Information Systems
An effective machine learning implementation means that artificial intelligence has tremendous potential to help and automate financial threat assessment for commercial firms and credit agencies. The scope of this study is to build a predictive framework to help the credit bureau by modelling/assessing the credit card delinquency risk. Machine learning enables risk assessment by predicting deception in large imbalanced data by classifying the transaction as normal or fraudster. In case of fraud transaction, an alert can be sent to the related financial organization that can suspend the release of payment for particular transaction. Of all the machine learning models such as RUSBoost, decision tree, logistic regression, multilayer perceptron, K-nearest neighbor, random forest, and support vector machine, the overall predictive performance of customized RUSBoost is the most impressive. The evaluation metrics used in the experimentation are sensitivity, specificity, precision, F scores...
Critical evaluation of classifiers in data stream mining
International Journal of Engineering & Technology
Over past decade there has been a significant increase in the volume of online data. Extracting meaningful knowledge from this high volume data is considered as important aspect of research. It is very difficult to completely store full data, because of its perpetual nature. Therefore, analysis is needed while the “data is moving”. This moving data is known as data stream and analyzing it without storing it completely is termed as data stream mining. In recent years, many new techniques have been proposed to overcome the challenges of data stream mining. In this paper, we review the operation of popular streaming algorithms highlighting their strength and weaknesses. We also evaluate the classifiers used in these algorithms against two popular benchmark datasets namely (a) forest cover (forest) and (b) german credit available at UCI repository. Finally, we present our critical observation and draw conclusions on the basis of our analysis.
Performance Modeling of Moving Target Defenses
In recent years, Moving Target Defense (MTD) has emerged as a potential game changer in the security landscape, due to its potential to create asymmetric uncertainty that favors the defender. Many different MTD techniques have then been proposed, each addressing an often very specific set of attack vectors. Despite the huge progress made in this area, there are still some critical gaps with respect to the analysis and quantification of the cost and benefits of deploying MTD techniques. In fact, common metrics to assess the performance of these techniques are still lacking and most of them tend to assess their performance in different and often incompatible ways. This paper addresses these gaps by proposing a quantitative analytic model for assessing the resource availability and performance of MTDs, and a method for the determination of the highest possible reconfiguration rate, and thus smallest probability of attacker's success, that meets performance and stability constraints. Finally, we present an experimental validation of the proposed approach.
SCAM Detection in Credit Card Application
Identity crime is well known, prevalent, and costly, and credit application scam is a specific case of identity crime. The existing no data mining recognition system of business rules and scorecards and known scam matching have confines. To address these confines and combat identity crime in real time, this paper proposes a new multilayered discovery system complemented with two additional layers: communal detection (CD) and spike detection (SD). CD finds real social relationships to reduce the suspicion score, and is tamper unaffected to synthetic social relationships. It is the whitelist-oriented methodology on a fixed set of attributes. SD finds spikes in false to increase the suspicion score, and is probe-unaffected for elements. It is the attribute-oriented approach on a variable-size set of elements. Together, CD and SD can detect more types of attacks, better account for changing legal activities, and remove the redundant elements. Experiments were carried out on CD and SD with several million real credit applications. Results on the data support the suggestion that successful credit application scam patterns are sudden and exhibit sharp spikes in false. Although this research is specific to credit application scam recognition, the concept of flexibility, together with adaptively and quality data discussed in the paper, are general to the model, implementation, and evaluation of all recognition systems.