Computer Network Security Research Papers (original) (raw)

2025

In symmetric block ciphers, substitution and diffusion operations are performed in multiple rounds using sub-keys generated from a key generation procedure called key schedule. The key schedule plays a very important role in deciding the security of block ciphers. In this paper we propose a complex key generation procedure, based on matrix manipulations, which could be introduced in symmetric ciphers. The proposed key generation procedure offers two advantages. First, the procedure is simple to implement and has complexity in determining the sub-keys through crypt analysis. Secondly, the procedure produces a strong avalanche effect making many bits in the output block of a cipher to undergo changes with one bit change in the secret key. As a case study, matrix based key generation procedure has been introduced in Advanced Encryption Standard (AES) by replacing the existing key schedule of AES. The key avalanche and differential key propagation produced in AES have been observed. The paper describes the matrix based key generation procedure and the enhanced key avalanche and differential key propagation produced in AES. It has been shown that, the key avalanche effect and differential key propagation characteristics of AES have improved by replacing the AES key schedule with the Matrix based key generation procedure.

2025, 2012 International Conference on Telecommunications and Multimedia (TEMU)

Managing a large number of heterogeneous nodes in a network of embedded systems is a challenging task, mainly due to differences in requirements and resources. Nano nodes with very limited capabilities, such as the nodes of a Wireless Sensor Network (WSN), may not be suitable for adopting solutions designed for power nodes that have no such constraints. Using these devices in dynamic, ad-hoc infrastructures that feature a plethora of characteristics, has brought up the need for appropriate management of participating nodes to satisfy the corresponding policy restrictions. Many schemes have been proposed for various types of devices in terms of resources, ranging from the wellstudied policy-based management in computer networks to the more challenging management in sensor networks. This paper identifies these schemes and proposes a framework for the secure and interoperable policy-based management of heterogeneous, resource-constrained, embedded systems networks.

2025, Lecture Notes in Computer Science

Ubiquitous devices comprising several resource-constrained sensors and actuators while having the long desired Internet connectivity, are becoming part of many solutions that seek to enhance user's environment smartness and quality of living. Their intrinsic resource limitations however constitute critical requirements, such as security, a great challenge. When these nodes are associated with applications that might have an impact in user's privacy or even become life threatening, the security issues are of primary concern. Access to these resources should be appropriately controlled to ensure that such wearable nodes are adequately protected. On the other hand, it is very important to not restrict access to only a very closed group of entities. This work presents a service oriented architecture that utilizes policy-based, unified, cross-platform and flexible access control to allow authenticated entities consume the services provided by wearable nodes while protecting their valuable resources.

2025, Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA)

As computing becomes ubiquitous, researchers and engineers aim to exploit the potential of the pervasive systems in order to introduce new types of services and address inveterate and emerging problems. This process will, eventually, lead us to the era of urban computing and the Internet of Things; the ultimate goal being to improve our quality of life. But these concepts typically require direct and constant interaction of computing systems with the physical world in order to be realized, which inevitably leads to the introduction of a range of safety and privacy issues that must be addressed. One such important aspect is the fine-grained control of access to the resources of these pervasive embedded systems, in a secure and scalable manner. This paper presents an implementation of such a secure policy-based access control scheme, focusing on the use of well-established, standardized technologies and considering the potential resource-constraints of the target heterogeneous embedded devices. The proposed framework adopts a DPWScompliant approach for smart devices and introduces XACMLbased access control mechanisms. The proof-of-concept implementation is presented in detail, along with a performance evaluation on typical embedded platforms.

2025, Lecture Notes in Computer Science

This paper uses agent-based simulation to determine appropriate strategies for attackers and defenders in a simple network security game, using a method which is generalizable to many other security games. In this game, both sides are modeled as strategic entities. The attacker is trying to maximize the amount of damage he causes, and the defender is trying to minimize her loss subject to cost constraints. Through simulation, we derive Nash equilibrium strategies for each side under a variety of cost conditions in order to better inform network administrators about attacker behaviors and possible mitigations.

2025, 2012 IEEE International Conference on Computer Science and Automation Engineering (CSAE)

One rule fuzzy-genetic classifier. . IEEE. Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.

2025, 2013 IEEE International Conference on Communications (ICC)

P2P live streaming are increasingly popular nowadays. Due to their popularity, these systems may be a target of attacks and opportunistic user behavior. In this paper, we address the pollution attacks in such systems. We present a pollution damage model and also analyze a reputation system as a tool to fight attacks in P2P live streaming systems. The model we propose evidences that attacks are harmful even in a system with a small number of polluters. In this case, peers must have more than 3 times network bandwidth than they should have in a system without polluters. Our experimental results on PlanetLab show that just check data integrity is not an effective protection. In this case, we observe a very high data loss rate. Finally, the reputation system is effective against pollution attack. When peers do not whitewash their identities, the reputation system quickly identifies polluters. In this case, the overhead and loss rate can be negligible. During a whitewashing, the new approach presents less than 20% overhead and 3% of loss.

2025

The Internet of Things (IoT) technology has become a hot topic over the last decade around the world. The availability of inexpensive components of IoT devices enables a wide range of applications and provide smart environments. These devices perform actuating and sensing tasks and identified through unique addresses. The IoT devices are connected to the Internet and expected to use the Constrained Application Protocol (CoAP) at the application layer as a main web transfer protocol. This protocol is a general protocol and does not provide secure channels for transferred data. One of the possible ways to provide security to this protocol is by using Datagram Transport Layer Security (DTLS) protocol for authentication functionality as well as end-to-end security to protect the transmission of sensitive information. In this project, we provide a brief overview of the CoAP and DTLS protocols. We simulate the CoAP protocol without security using the Contiki operating system and then we simulate the DTLS protocol over CoAP. We make a comparison between the two experiments in terms of memory footprint and power consumption since these two factors are the most concern factors in constrained devices in any IoT environment.

2025, IEEE Access

The main goals of fifth generation (5G) systems are to significantly increase the network
capacity and to support new 5G service requirements. Ultra network densification with small cells is
among the key pillars for 5G evolution. The inter-small-cell 5G backhaul network involves massive data
traffic. Hence, it is important to have a centralized, efficient multi-hop routing protocol for backhaul
networks to manage and speed up the routing decisions among small cells, while considering the 5G service
requirements. This paper proposes a parallel multi-hop routing protocol to speed up routing decisions in
5G backhaul networks. To this end, we study the efficiency of utilizing the parallel platforms of cloud
computing and high-performance computing (HPC) to manage and speed up the parallel routing protocol
for different communication network sizes and set recommendations for utilizing cloud resources to adopt
the parallel protocol. Our numerical results indicate that the HPC parallel implementation outperforms the
cloud computing implementation, in terms of routing decision speed-up and scalability to large network
sizes. In particular, for a large network size with 2048 nodes, our HPC implementation achieves a routing
speed-up of 37x. However, the best routing speed-up achieved using our cloud computing implementation
is 15.5x, and is recorded using one virtual machine (VM) for a network size of 1024 nodes. In summary,
there is a trade-off between a better performance for HPC vs. flexible resources of cloud computing. Thus,
choosing best fit platform for 5G routing protocols depends on the deployment scenarios at 5G core or edge
network.

2025, Delta Journal of Computing, Communications & Media Technologies

The exponential growth of web-based communication platforms has heightened the urgency of protecting message confidentiality and integrity against increasingly sophisticated cyber-attacks. While symmetric ciphers such as the Advanced Encryption Standard (AES) offer high performance, their secure key-exchange remains a challenge in open networks. Conversely, asymmetric schemes like Rivest-Shamir-Adleman (RSA) ensure secure key distribution but suffer from computational overhead when encrypting large payloads. This paper presents the design and implementation of a secure, real-time web messenger that leverages a hybrid AES-RSA encryption workflow to combine the low-latency benefits of AES for message payloads with the robust key-exchange properties of RSA. Our system is underpinned by an Event-Driven Architecture (EDA) and a functional-oriented analysis model, enabling modular, scalable, and responsive message handling over WebSocket connections. We describe the end-to-end encryption lifecycle-RSA-protected AES key negotiation, AES-encrypted message exchange, and

2025

In today's modern age of Internet, gifted by technology, for verification of user, Password is used. Password is a collection of different characters exists in ASCII code (Text Based) or set of different control signal which is generated based on biological impression of human being (Biometrics). Existing work shows that both Text based password and Graphical password suffer socio-economic problems and internal security issues. By considering this issue, a new security method, Enhanced Authentication scheme using Dynamic Password (EDAP), has been proposed with two-fold; first fold uses Ratings (of Color or Alphabets) for user verification and the second fold uses mathematical matrix for dynamic password generation. In every login of session, user feeds new password, which is completely shielded from various attacks. KeywordsDynamic Password, Rating, Matrix, List (python), Security, Dictionary attack, Brute force, Authentication, optimal,

2025

WiMAX IEEE 802.16 is stated as worldwide interoperability for microwave access intended to facilitate the interoperation and adaptation of wireless MAN. WiMAX is capable of providing high data output and low delays in different modes of operation. For these reasons WiMAX is useful in organizational and end-client structures. Before the last upgrade in the standard of WiMAX i.e., privacy and key management version 2 (PKMv2) WiMAX was not considered fully secure. The standard cannot handle the security threats associated with MAC and physical layers even after mutually authenticating the base station and mobile station. There are two objectives for WiMAX security, first is to improve privacy over the wireless link and second obligation is delivering access control effectively to the network. To achieve these objectives a better key management scheme and effective security model of WiMAX must be designed. From security perspective the Identity Based Cryptography (IBC) has advantages in...

2025, Journal of telecommunications and information technology

: In this paper, a framework for recognizing network traffic in order to detect anomalies is proposed. We propose to combine and correlate parameters from different layers in order to detect 0-day attacks and reduce False Positives. Moreover, we propose to combine statistical and signal-based features. The major contribution of this paper are: novel framework for network security based on the correlation approach as well as new signal based algorithm for intrusion detection using Matching Pursuit.

2025

In this paper, a framework for recognizing network traffic in order to detect anomalies is proposed. We propose to combine and correlate parameters from different layers in order to detect 0-day attacks and reduce false positives. Moreover, we propose to combine statistical and signal-based features. The major contribution of this paper are: novel framework for network security based on the correlation approach as well as new signal based algorithm for intrusion detection using matching pursuit.

2025

There is a critical need for organizations to share data within and across infospheres and form coalitions so that analysts could examine the data, mine the data, and make effective decisions. Each organization could share information within its infosphere. An infosphere may consist of the data, applications and services that are needed for its operation. Organizations may share data with one another across what is called a global infosphere that spans multiple infospheres. It is critical that the war fighters get timely information. Furthermore, secure data and information sharing is an important requirement. The challenge is for data processing techniques to meet timing constraints and at the same time ensure that security is maintained. This proposal addresses information operations across infospheres. We first describe secure timely data sharing across infospheres and then focus on Role-based access control and Usage control in such an environment. Our goal is to send timely inf...

2025

Recent Botnets such as Conficker, Kraken and Torpig have used DNS based domain fluxing for command-and-control, where each Bot queries for existence of a series of domain names and the owner has to register only one such domain name. In... more

2025, International Journal of Computer Science & Engineering Survey

; IDS is a defensive-aggressive system to protect information, verifying and responding to occurring attacks on computer systems and networks. This paper discusses different topics including presenting some strategies against IDSs to passing from them; this leads to improving detection level and performance of IDS; also, this paper considers some intrusion tools, new attacks patterns and tracking prevention techniques. In addition, it discusses vulnerabilities, security holes and IDSs' structural and systemic problems to eliminating defects, reducing penetrates and correcting their behavior. Finally, it leads to increasing the functionality coefficient of IDSs, promoting the security level of computer systems and networks, increasing the trust of authorized users. So, the proposed methods in this paper can apply to improving the IDSs by using inverse engineering methods.

2025, 2011 6th International Conference on Risks and Security of Internet and Systems (CRiSIS)

Packet classification is the process of matching multiple packet header fields against a possibly large set of filters to find a matching rule. Packet classification was implemented in several application areas such as service differentiation, firewalls, QoS and secure routing. In this paper, we extend the firewall session table to speed up QoS marking process, and thus, to save QoS Classification time. Our proposed algorithm and system have been implemented in the kernel of NetBSD. Experimental tests show that the new implementation can save about 10 μsec per packet if a QoS classification of 10000 filters is used. Moreover, the new implementation needs just less than 0.5 μsec to mark packet regardless of the size of the filtering rules. To evaluate the performance of our new implementation with respect to the QoS characteristics, we measured four important QoS metrics (throughput, packet loss rate, delay and jitter) and compared them with the classical implementation. We finally demonstrate that a significant enhancement is remarked using our new algorithm.

2025, IEEE Access

Domain generation algorithms (DGAs) have become commonplace in malware that seeks to establish command and control communication between an infected machine and the botmaster. DGAs dynamically and consistently generate large volumes of malicious domain names, only a few of which are registered by the botmaster, within a short time window around their generation time, and subsequently resolved when the malware on the infected machine tries to access them. Deep neural networks that can classify domain names as benign or malicious are of great interest in the real-time defense against DGAs. In contrast with traditional machine learning models, deep networks do not rely on human engineered features. Instead, they can learn features automatically from data, provided that they are supplied with sufficiently large amounts of suitable training data. Obtaining cleanly labeled ground truth data is difficult and time consuming. Heuristically labeled data could potentially provide a source of training data for weakly supervised training of DGA detectors. We propose a set of heuristics for automatically labeling domain names monitored in real traffic, and then train and evaluate classifiers with the proposed heuristically labeled dataset. We show through experiments on a dataset with 50 million domain names that such heuristically labeled data is very useful in practice to improve the predictive accuracy of deep learning-based DGA classifiers, and that these deep neural networks significantly outperform a random forest classifier with human engineered features.

2025, IEEE Access

2025, J. Inf. Hiding Multim. Signal Process.

Botnet consists of one or more command and control servers (C&C Servers) and infected computers (bots), where the communication between the two parties often goes through a commonly used network protocol, such as HTTP. Web-based botnet attacks become more serious and popular recently, as hacker takes advantage of the HTTP connections hiding the malicious transmissions in a vast amount of normal traffic that is not easily detectable. In addition, integrating with fast-flux domain technology, botnet attack may use a web server to issue attack command and fast-flux to extend the lifespan of the malicious website. Fast-flux domain also achieves stealth by preventing users from making direct contact with the malicious websites. Thus, fast-flux domain technology is a cloak technology preferred by hackers, as it is often able to circumvent the detection based on filter or blacklist. Therefore, this study not only attempts to conduct anomalous flow analysis on web botnets, but also explores...

2025, A Case Study on the Impact of Game Modding on Mobile Gaming

The rapid rise of mobile gaming has led to a growing interest in game modification, particularly in the context of popular games like Carrom Pool. This paper explores the phenomenon of mod APKs within mobile gaming, using Carrom Pool as a case study. Modded versions of the game offer players access to premium features, unlimited resources, and ad-free gameplay, providing an enhanced experience. However, the use of these mods raises ethical and legal concerns, such as bypassing in-app purchases and exposing devices to security risks. This study examines both the benefits and drawbacks of game modding, considering its impact on players and the gaming ecosystem. Through a critical lens, we analyze the role of mod APKs in mobile gaming and the broader implications for the industry, encouraging a more nuanced understanding of the practice.

2025, Dr Omondi James Okeda

continuous assessment of cybersecurity threats. Wireless Local Area Networks (WLANs) play a pivotal role in facilitating connectivity within university campuses. However, the increasing prevalence of cyber threats underscores the urgent need for a fortified security framework tailored to these environments. This analysis delves into the existing vulnerabilities faced by university WLANs, identifying critical security challenges such as unauthorized access, data breaches, and inadequate authentication measures. Key findings reveal that while many institutions employ standard security protocols such as WPA2, these approaches may not adequately safeguard against sophisticated attacks. The study evaluates several existing security frameworks, pointing out their limitations, including scalability issues and a lack of real-time threat response capabilities.

2025, Journal of Cyber security

A quick response code is a barcode that allows users to instantly access information via a digital device. Quick response codes store data as pixels in a square-shaped grid. QR codes are prone to cyber-attacks. This assault exploits human vulnerabilities, as users can scarcely discern what is concealed in the quick response code prior to usage. The aim of the study was to investigate Quick Response code attack types and the detection techniques. To achieve the objective, 50 relevant studies published between the year 2010 and 2024 were identified. The articles were obtained from the Institute of Electrical and Electronics Engineers, Elsevier, Springer, Science Direct, Wiley, Association of Computing Machinery, and Google Scholar. From the study, Quick Response-Quick Response attacks, Quick Response code payment attacks, Quick Response code counterfeiting, and QR code information leakage have been identified as potential Quick Response code security threats. Barcodes can be maliciously used to run different attacks such as phishing, pharming, malware propagation, cross-site scripting, and Structured Query Language/command injection and reader applications attacks. To mitigate against Quick Response code attacks, various techniques such as cryptographic schemes, machine learning, artificial intelligence, two-factor authentication, One-time password, and mutual authentication schemes have been used. Users must remain vigilant when scanning Quick Response codes and take steps to verify their legitimacy. More research is needed to develop automated detection techniques that can authenticate QR codes and detect malicious URLs or malware in real time.

2025, … Workshop (Network Flow Analysis for Security …

Networks are becoming increasingly complex, and the number of different applications running over them is grow-ing proportionally. No longer can a system/network admin-istrator realisitically be aware of every application on every machine... more

2025

There has been significant interest recently in designing reputation systems to address the problem of file authenticity in P2P networks. However, many of the systems proposed make different assumptions, and cannot easily be compared. The development of a model to evaluate such systems is imperative to quantitatively study such reputation systems. In this paper, we outline several major research issues in developing a model and metrics to evaluate reputation systems for file authenticity.

2025, IEEE Local Computer Network Conference

Peer-to-peer (P2P) networks have shown great potentials in providing a wide range of services starting from simple file sharing to distributed computing. However, P2P systems present ominous threats due to its anonymous and dynamic nature. One feasible way to minimize the threats is to evaluate the trust and reputation of the interacting peers. Trust models have often been deployed in determining the trust of peers in the network with the view to avoiding the malicious ones. Most of the existing trust models can successfully isolate malicious peers when the peers behave in a predictable way while others even fail to do so. On the other hand, these models suffer greatly when peers start to behave in a unpredictable way. Moreover, these models are ineffective in providing quick response to a peer's dynamic personality. To cope with such strategically altering behavior we present in this paper, a feedback based fast adaptive trust model which takes into account various factors in computing the trust of peers including recent trend, historical trend, sudden deviation of trust and so on. Simulations show that our model compared to other existing models can effectively identify and isolate the dynamic behavioral change of malicious peers.

2025

Prediction is widely researched area in data mining domain due to its applications. There are many traditional quantitative forecasting techniques, such as ARIMA, exponential smoothing, etc. which achieved higher success rate in the forecasting but it would be useful to study the performance of alternative models such as machine learning methods. This paper gives performance measures of various machine learning algorithms used for prediction. The goal is to find how different machine learning algorithms gives performance when applied to different types of datasets.

2025, International Journal of Electrical and Computer Engineering (IJECE)

Data exchange has been rapidly increased recently by increasing the use of mobile networks. Sharing information (text, image, audio and video) over unsecured mobile network channels is liable for attacking and stealing. Encryption techniques are the most suitable methods to protect information from hackers. Hill cipher algorithm is one of symmetric techniques, it has a simple structure and fast computations, but weak security because sender and receiver need to use and share the same private key within a non-secure channel. Therefore, a novel hybrid encryption approach between elliptic curve cryptosystem and hill cipher (ECCHC) is proposed in this paper to convert Hill Cipher from symmetric technique (private key) to asymmetric one (public key) and increase its security and efficiency and resist the hackers. Thus, no need to share the secret key between sender and receiver and both can generate it from the private and public keys. Therefore, the proposed approach presents a new cont...

2025, International Journal of Engineering & Technology

Application uses URL as contribution for Web Application Vulnerabilities recognition. if the length of URL is too long then it will consume more time to scan the URL (Ain Zubaidah et.al 2014).Existing system can notice the web pages but not overall web application. This application will test for URL of any length using String matching algorithm. To avoid XSS and CSRF and detect attacks that try to sidestep program upheld arrangements by white list and DOM sandboxing techniques (Elias Athanasopoulos et.al.2012). The web application incorporates a rundown of cryptographic hashes of legitimate (trusted) client side contents. In the event that there is a cryptographic hash for the content in the white list. On the off chance that the hash is discovered the content is viewed as trusted or not trusted. This application makes utilization of SHA-1 for making a message process. The web server stores reliable scripts inside div or span HTML components that are attribute as reliable. DOM sandb...

2025

Peer-to-peer file-sharing networks are currently receiving much attention as a means of sharing and distributing information. However, as recent experience with P2P networks such as Gnutella shows, the anonymous, open nature of these networks offers an almost ideal environment for the spread of self-replicating inauthentic files. We describe an algorithm to decrease the number of downloads of inauthentic files in a peer-to-peer file-sharing network that assigns each peer a unique global reputation value, based on the peer's history of uploads. We present a distributed and secure method to compute global reputation values, based on Power iteration. By having peers use these global reputation values to choose the peers from whom they download, the network effectively identifies malicious peers and isolates them from the network. In simulations, this reputation system has been shown to significantly decrease the number of inauthentic files on the network, even under a variety of conditions where malicious peers cooperate in an attempt to deliberately subvert the system.

2025, Proceedings of 2nd International Conference on Computing Technologies, Tools and Applications

In today's information and technological age, the Internet provides resources that offer easy and efficient solutions for tasks but also poses threats such as privacy theft and data breaches. This work proposes the design of an Intrusion Detection System (IDS) utilizing the Snort tool to improve network security. The research reviews past studies on IDS, while the methodology discusses the implementation of the Waterfall Model for development. Results include the study's preliminary conclusions, system use case diagrams, and details on the creation and examination of prototypes. The recommendations section provides ideas for potential future changes. The final section reviews the project phases and highlights the successes of the project, including the development of a Linux-based Network Intrusion Detection System using Snort IDS to enhance network security.

2025, 2012 20th IEEE International Conference on Network Protocols (ICNP)

The TCP/IP architecture was originally designed without taking security measures into consideration. Over the years, it has been subjected to many attacks, which has led to many patches to counter them. Our investigations into the fundamental principles of networking have shown that carefully following an abstract model of Interprocess Communication (IPC) addresses many problems [1]. Guided by this IPC principle, we designed a clean-slate Recursive INternet Architecture (RINA) [2]. In this paper, we show how, without the aid of cryptographic techniques, the bare-bones architecture of RINA can resist most of the security attacks faced by TCP/IP. We also show how hard it is for an intruder to compromise RINA. Then, we show how RINA inherently supports security policies in a more manageable, on-demand basis, in contrast to the rigid, piecemeal approach of TCP/IP.

2025

Netgres is a distributed system for securely storing passwords and secrets across multiple personal devices. It creates a private network using an individual's own devices, aiming to provide the accessibility of cloud-based password managers while maintaining personal control over data storage. The system priorities privacy by ensuring that user data stays on their devices, without the need for third-party servers. Netgres operates as an open source project, with transparent, community-driven development. The project is motivated by the need to have a personal secret store, where data never leaves the user's own devices, and is fully encrypted at rest and in transit. Netgres aims to avoid the issues associated with cloud-based password managers, by providing a solution that does not rely on third-party intervention or central databases.

2025, Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead

Good security metrics are required to make good decisions about how to design security countermeasures, to choose between alternative security architectures, and to improve security during operations. Therefore, in essence, measurement can be viewed as a decision aid. The lack of sound practical security metrics is severely hampering progress in the development of secure systems. The Cyberspace Security Econometrics System (CSES) offers the following advantages over traditional measurement systems: (1) CSES reflects the variances that exist amongst different stakeholders of the same system. Different stakeholders will typically attach different stakes to the same requirement or service (e.g., a service may be provided by an information technology system or process control system, etc.). ( ) For a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. The same stakeholder may attach different stakes to satisfying different requirements within the overall system specification. (3) For a given compound specification (e.g., combination(s) of commercial off the shelf software and/or hardware), CSES reflects the variance that may exist amongst the

2025, USING ELLIPTIC CURVE CRYPTOGRAPHY FOR AUTHENTICATION AND KEY EXCHANGE IN CONSTRAINED INTERNET OF THINGS NETWORKS

It is anticipated that billions of objects will be interconnected with the rise of the Internet of Things, leading to the evolution of the Internet for the upcoming generation. Various applications have been created in different sectors such as health, logistics, industry, and military in recent years. The techniques created for IoT are still in a nascent stage and encounter numerous hurdles. The primary concern is the security issue. These devices are a significant target due to the numerous conveniences offered by the Internet of Things. These gadgets will maintain continuous communication with one other (M2M) and with people (M2H). It is crucial to ensure the safe transmission of key information about people and the environment throughout this communication. Today's security approaches cannot be integrated into Internet of Things networks because of constraints such as limited RAM, ROM ratio, low bandwidth, poor computing power, and low energy supply. The DTLS protocol, created by IETF, utilizes symmetric encryption and may not be suitable for Class-0 and Class-1 devices that require asymmetric encryption. This study examines the security measures in place and the data is securely exposed to the internet using Elliptic Curve Cryptography, then compared with other studies.

2025, 2011 Eighth International Conference on Information Technology: New Generations

In this paper, we introduce Collabra, a distributed intrusion detection platform based on Xen hypervisors to maintain the security of the cloud based on virtualized network. While the concept of virtual machine monitor (VMM) signifies implementing an abstraction layer between the underlying host and the guest operating system (OS) to enforce security, its kernel is required to be free of vulnerabilities that intruders can use to compromise the host. In Xen, guest applications make resource requests through the hyper-call API to transfer the privilege to the VMM kernel for executing privileged operations. On a cloud scale, there exist hundreds of VM networks and thousands of guest operating systems (OSes) running on virtual domains. There is every possibility of intruders trying to misuse the hyper-call interface to compromise guest OS kernels and finally the host OS kernel itself. Sophisticated attacks can be launched in the distributed and collaborative style thereby bypassing most current intrusion detection systems. Collabra acts as a filtering layer which is completely integrated with every VMM. It scans through each call by incorporating integrity checking and collaborative detection mechanisms. It exists in multiple instances, and acts concurrently over a VMM network interacting with other instances to detect (possibly collaborative) attacks and prevent illicit access to the VMM and the host. An admin version of Collabra exists on a privileged domain in the VM network to perform filtering of malicious add-ons to hyper-calls at the guest OS level itself before routing the call to the VMM.

2025, Proceedings of the 2011 American Control Conference

Security is an important issue in networked control systems, but has not received sufficient attention. The fundamental step for realizing a security protocol for networked control systems is to establish a secret key between the sensor and controller. Traditional approaches for key establishment such as the Public Key Infrastructure (PKI) usually incur significant overhead. In this paper, the common information of the physical system state is exploited for the key establishment between the sensor and the controller. In this scheme, the controller takes an action that causes the system state to change, which can be observed by the sensor. The controller and the sensor will then exchange messages to find the common random bits in the predicted and observed system states, respectively. The secret key will be generated from the common bits. The theoretical bound for the rate of generating common bits is analyzed using information theoretic analysis. This key establishment scheme is implemented on a remote controlled inverted pendulum. Experiments show that the proposed algorithm can generate tens of common bits per second.

2025, International Journal of Computer Sciences and Engineering

The Physical servers utilized as a part of IT are under-used. The better usage of these servers can be accomplished utilizing virtualization innovation. Virtualization strategies make numerous allotments which are secluded with each other called virtual machines. Each virtual machine (visitor) runs their own working framework. The asset apportioned for these VMs may neglect to execute an application in view of asset struggle or un accessibility of assets. This inspires towards live migration of virtual machines. The live migration duplicates the running VM from source host to goal have consistently utilizing TCP as transport protocol. This manuscript assesses execution of TCP in live migration of KVM based virtual machines. The adaptability in UDP which drives the fixation can likewise be utilized for this migration.

2025

The growth of cyber security competition is increase in Indonesia; it is organized by private institutions or university level. This cyber competition will encourage students and community to increase their level of knowledge in protecting the infrastructure by cracker. However, most institution do not prepare the insfrastruture as an internship for students to learn ethical hacking. So, sometimes hacking activity will make the operational disturbed. Institution need to have an isolated network as an arena for study ethical hacking. In this paper, we design a lab for making lab simulation so that red team and blue team can join together in one network. The network topology model which we provide also support scoring automatic for judging the cyber competition. This scoring system will help the white team to control and monitor the competition.

2025

This study explores the strategic dynamics within interconnected systems by integrating game theory with complex networks. It presents a static zero-sum game model to analyze attack and defense strategies in such networks. Investigating three strategies for attackers and defenders-random, degree centrality, and betweenness centrality-the study examines Nash equilibrium under equal resource assumptions. Analyzing the payoff matrix and players' responses identifies the dominant strategy as combining random attacks and betweenness-based defenses.

2024, International Conference on Autonomic and Autonomous Systems

Today's computer systems are under relentless attack from cyber attackers armed with sophisticated vulnerability search and exploit development toolkits. To protect against such threats, we are developing FUZZBUSTER, an automated system that provides adaptive immunity against a wide variety of cyber threats. FUZZBUSTER reacts to observed attacks and proactively searches for never-before-seen vulnerabilities. FUZZBUSTER uses a suite of fuzz testing and vulnerability assessment tools to find or verify the existence of vulnerabilities. Then FUZZBUSTER conducts additional tests to characterize the extent of the vulnerability, identifying ways it can be triggered. After characterizing a vulnerability, FUZZBUSTER synthesizes and applies an adaptation to prevent future exploits.

2024, 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS)

With the inception of IPv6 it is possible to assign a unique ID to each device on planet. Recently, wireless sensor networks and traditional IP networks are more tightly integrated using IPv6 and 6LoWPAN. Real-world deployments of WSN demand secure communication. The receiver should be able to verify that sensor data is generated by trusted nodes and/or it may also be necessary to encrypt sensor data in transit. Available IPv6 protocol stacks can use IPsec to secure data exchanges. Thus, it is desirable to extend 6LoWPAN such that IPsec communication with IPv6 nodes is possible. It is beneficial to use IPsec because the existing end-points on the Internet do not need to be modified to communicate securely with the WSN. Moreover, using IPsec, true end-to-end security is implemented and the need for a trustworthy gateway is removed. In this demo we will show the usage of our implemented lightweight IPsec. We will show how IPsec ensures end-toend security between an IP enabled sensor networks and the traditional Internet. This is the first compressed lightweight design, implementation, and evaluation of a 6LoWPAN extension for IPsec. This demo complements the full paper that will appear in the parent conference, DCOSS'11.

2024

The Secure Sockets Layer SSL protocol is analyzed using a nite-state enumeration tool called Mur'. The analysis is presented using a sequence of incremental approximations to the SSL 3.0 handshake protocol. Each simpli ed protocol is modelchecked" using Mur', with the next protocol in the sequence obtained by correcting errors that Mur' nds automatically. This process identi es the main shortcomings in SSL 2.0 that led to the design of SSL 3.0, as well as a few anomalies in the protocol that is used t o r esume a session in SSL 3.0. In addition to some insight into SSL, this study demonstrates the feasibility of using formal methods to analyze commercial protocols.

2024, IEEE Transactions on Systems, Man and Cybernetics, Part B (Cybernetics)

A novel multilevel hierarchical Kohonen Net (K-Map) for an intrusion detection system is presented. Each level of the hierarchical map is modeled as a simple winner-take-all K-Map. One significant advantage of this multilevel hierarchical K-Map is its computational efficiency. Unlike other statistical anomaly detection methods such as nearest neighbor approach, K-means clustering or probabilistic analysis that employ distance computation in the feature space to identify the outliers, our approach does not involve costly point-to-point computation in organizing the data into clusters. Another advantage is the reduced network size. We use the classification capability of the K-Map on selected dimensions of data set in detecting anomalies. Randomly selected subsets that contain both attacks and normal records from the KDD Cup 1999 benchmark data are used to train the hierarchical net. We use a confidence measure to label the clusters. Then we use the test set from the same KDD Cup 1999 benchmark to test the hierarchical net. We show that a hierarchical K-Map in which each layer operates on a small subset of the feature space is superior to a single-layer K-Map operating on the whole feature space in detecting a variety of attacks in terms of detection rate as well as false positive rate.

2024, 2010 IEEE International Conference on Data Mining Workshops

2024, IEEE Transactions on Parallel and Distributed Systems

Peer to peer (P2P) e-commerce applications exist at the edge of the Internet with vulnerabilities to passive and active attacks. These attacks have pushed away potential business firms and individuals whose aim is to get the best benefit in e-commerce with minimal losses. The attacks occur during interactions between the trading peers as a transaction takes place. In this paper, we propose how to address Sybil attack, which is a kind of active attack. The peers can have bogus and multiple identity to fake their own ones. Most existing work, which concentrates on social networks and trusted certification, has not been able to prevent Sybil attack peers from participating in transactions. Our work exploits the neighbor similarity trust relationship to address Sybil attack. In this approach, referred to as Sybil Trust, duplicated Sybil attack peers can be recognized as the neighbor peers become acquainted and hence more trusted to each other. Security and performance analysis shows Sybil attack can be minimized by our proposed neighbor similarity trust.

2024, IEEE Security & Privacy Magazine

loud computing has generated significant interest in both academia and industry, but it's still an evolving paradigm. Essentially, it aims to consolidate the economic utility model with the evolutionary development of many existing approaches and computing technologies, including distributed services, applications, and information infrastructures consisting of pools of computers, networks, and storage resources. Confusion exists in IT communities about how a cloud differs from existing models and how these differences affect its adoption. Some see a cloud as a novel technical revolution, while others consider it a natural evolution of technology, economy, and culture. 1 Nevertheless, cloud computing is an important paradigm, with the potential to significantly reduce costs through optimization and increased operating and economic efficiencies. 1,2 Furthermore, cloud computing could significantly enhance collaboration, agility, and scale, thus enabling a truly global computing model over the Internet infrastructure. However, without appropriate security and privacy solutions designed for clouds, this potentially revolutionizing computing paradigm could become a huge failure. Several surveys of potential cloud adopters indicate that security and privacy is the primary concern hindering its adoption. 3 This article illustrates the unique issues of cloud computing that exacerbate security and privacy challenges in clouds. 4 We also discuss various approaches to address these challenges and explore the future work needed to provide a trustworthy cloud computing environment. Cloud Computing: Definition and Features Although several researchers have tried to define cloud computing, no single, agreed-upon definition exists yet. The US National Institute of Standards and Technology (NIST, http://csrc.nist.gov) defines it as follows: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three delivery models, and four deployment models.

2024, Anais do 7. Congresso Brasileiro de Redes Neurais

Muitos desafios são enfrentados pelos profissionais da área de segurança em redes para proteger seus sistemas, impedindo ou minimizando o risco de serem violados através de ações maliciosas ou acesso não autorizado. Pesquisadores e analistas de rede têm trabalhado em conjunto para a obtenção de sistemas de detecção de intrusos mais eficientes, capazes de identificar e sinalizar ameaças cada vez mais inteligentes e audaciosas. A proposta deste trabalho é apresentar o progresso do desenvolvimento de uma ferramenta de detecção de ataque baseada no uso da rede neural Hamming Net para processar assinaturas de ataque e identificar conteúdo malicioso em pacotes de rede TCP/IP. Neste artigo são apresentados o projeto da aplicação intitulada ANNIDA-Artificial Neural Network in Intrusion Detection Application, a arquitetura da rede neural empregada, bem como os resultados obtidos. Adicionalmente, são comentadas as possíveis alterações da ferramenta para os projetos futuros.

2024, International Journal of Scientific & Engineering Research Volume 13, Issue 3, March-2022 296 ISSN 2229-5518

Because of the high complexities issues in the Internet of Things and its applications, there is a need to propose an appropriate security model that would help in managing and controlling it. This paper critically examined Rijndael’s... more