Vulnerable Path Determination in mobile ad-hoc networks using Markov Model

Security threats are of major concern in information sensitive ad-hoc networks like emergency military communication networks. We propose a Proactive Information Security Management System (PISMS) framework with vulnerable path determination module (VPDM) for such mobile ad-hoc networks. The chief security officer can use it to identify the most vulnerable paths, so that they can be patched using suitable security technologies before the hackers actually attack and compromise them. Our PISMS computes (i) the probability of transitioning from each node to its adjacent neighbors, using two key indicators (angle and distance); (ii) number of steps required to reach a pre-determined destination from different sources using Markov model. The path that requires minimum number of steps to reach a destination is the most vulnerable path. This mechanism of identifying vulnerable path is incorporated as an integral part of the Information systems acquisition, development and maintenance (ISADM) module of ISMS framework ISO27001

Cyber-risk assessment and mitigation of DDoS attacks using semi-structured data models

This study attempts to mitigate DoS attacks by combining structured and unstructured data. It comprises three modules. Specifically, our cyber-risk assessment module uses input such as DDoS attack characteristics: attack intensity and duration; Massively Multiplayer Online Gaming (MMOG) platform characteristics: vulnerability counts, severity, trends, and effect of cybersecurity spending, along with web articles. Following this, we calculate the expected loss resulting from a DDoS attack on a gaming company. We conclude by suggesting cyber-risk mitigation strategies such as self-protection (technology, compliance, and legal deterrence), self-insurance, or cyber-insurance

Cyber Risk Assessment and Mitigation Using Logit and Probit Models for DDoS attacks

Hackers have been employing Distributed Denial of Service (DDoS) attacks at an unprecedented rate in recent times. In 2018, a 37% rise in such DDoS attacks, wherein traffic reached a peak size of 300 Gbps per attack was alarming. DDoS attacks hinder a business by preventing legitimate customers from accessing the firm’s cyber resources (e.g. website, cloud services, streaming quality, etc.). In this study, we aim to assess and mitigate cyber-risk by computing the probability of such DDoS attacks occurring and expected losses associated with them. We use logit and probit models along with standard distribution fitting methods to ascertain the aforesaid questions. Subsequently, we also suggest ways to mitigate cyber-risk resulting due to DDoS attacks by accepting, reducing or passing it. Our study aims to aid CTOs in deciding the best strategy to handle cyber-risk due to DDoS attacks

Performance evaluation of cooperation strategies for m-health services and applications

Health telematics are becoming a major improvement for patients’ lives, especially for disabled, elderly, and chronically ill people. Information and communication technologies have rapidly grown along with the mobile Internet concept of anywhere and anytime connection. In this context, Mobile Health (m-Health) proposes healthcare services delivering, overcoming geographical, temporal and even organizational barriers. Pervasive and m-Health services aim to respond several emerging problems in health services, including the increasing number of chronic diseases related to lifestyle, high costs in existing national health services, the need to empower patients and families to self-care and manage their own healthcare, and the need to provide direct access to health services, regardless the time and place. Mobile Health (m- Health) systems include the use of mobile devices and applications that interact with patients and caretakers. However, mobile devices have several constraints (such as, processor, energy, and storage resource limitations), affecting the quality of service and user experience. Architectures based on mobile devices and wireless communications presents several challenged issues and constraints, such as, battery and storage capacity, broadcast constraints, interferences, disconnections, noises, limited bandwidths, and network delays. In this sense, cooperation-based approaches are presented as a solution to solve such limitations, focusing on increasing network connectivity, communication rates, and reliability. Cooperation is an important research topic that has been growing in recent years. With the advent of wireless networks, several recent studies present cooperation mechanisms and algorithms as a solution to improve wireless networks performance. In the absence of a stable network infrastructure, mobile nodes cooperate with each other performing all networking functionalities. For example, it can support intermediate nodes forwarding packets between two distant nodes. This Thesis proposes a novel cooperation strategy for m-Health services and applications. This reputation-based scheme uses a Web-service to handle all the nodes reputation and networking permissions. Its main goal is to provide Internet services to mobile devices without network connectivity through cooperation with neighbor devices. Therefore resolving the above mentioned network problems and resulting in a major improvement for m-Health network architectures performances. A performance evaluation of this proposal through a real network scenario demonstrating and validating this cooperative scheme using a real m-Health application is presented. A cryptography solution for m-Health applications under cooperative environments, called DE4MHA, is also proposed and evaluated using the same real network scenario and the same m-Health application. Finally, this work proposes, a generalized cooperative application framework, called MobiCoop, that extends the incentive-based cooperative scheme for m-Health applications for all mobile applications. Its performance evaluation is also presented through a real network scenario demonstrating and validating MobiCoop using different mobile applications

DEDA: An algorithm for early detection of topology attacks in the internet of things

The internet of things (IoT) is used in domestic, industrial as well as mission-critical systems including homes, transports, power plants, industrial manufacturing and health-care applications. Security of data generated by such systems and IoT systems itself is very critical in such applications. Early detection of any attack targeting IoT system is necessary to minimize the damage. This paper reviews security attack detection methods for IoT Infrastructure presented in the state-of-the-art. One of the major entry points for attacks in IoT system is topology exploitation. This paper proposes a distributed algorithm for early detection of such attacks with the help of predictive descriptor tables. This paper also presents feature selection from topology control packet fields. The performance of the proposed algorithm is evaluated using an extensive simulation carried out in OMNeT++. Performance parameter includes accuracy and time required for detection. Simulation results presented in this paper show that the proposed algorithm is effective in detecting attacks ahead in time

Ambient Intelligence in Healthcare: A State-of-the-Art

Information technology advancement leads to an innovative paradigm called Ambient Intelligence (AmI). A digital environment is employed along with AmI to enable individuals to be aware to their behaviors, needs, emotions and gestures. Several applications of the AmI systems in healthcare environment attract several researchers. AmI is considered one of the recent technologies that support hospitals, patients, and specialists for personal healthcare with the aid of artificial intelligence techniques and wireless sensor networks. The improvement in the wearable devices, mobile devices, embedded software and wireless technologies open the doors to advanced applications in the AmI paradigm. The WSN and the BAN collect medical data to be used for the progress of the intelligent systems adapted inevitably. The current study outlines the AmI role in healthcare concerning with its relational and technological nature. Health

Contributions to Wireless multi-hop networks : Quality of Services and Security concerns

Ce document résume mes travaux de recherche conduits au cours de ces 6 dernières années. Le principal sujet de recherche de mes contributions est la conception et l’évaluation des solutions pour les réseaux sans fil multi-sauts en particulier les réseaux mobiles adhoc (MANETs), les réseaux véhiculaires ad hoc (VANETs), et les réseaux de capteurs sans fil (WSNs). La question clé de mes travaux de recherche est la suivante : « comment assurer un transport des données e cace en termes de qualité de services (QoS), de ressources énergétiques, et de sécurité dans les réseaux sans fil multi-sauts? » Pour répondre à cette question, j’ai travaillé en particulier sur les couches MAC et réseau et utilisé une approche inter-couches.Les réseaux sans fil multi-sauts présentent plusieurs problèmes liés à la gestion des ressources et au transport des données capable de supporter un grand nombre de nœuds, et d’assurer un haut niveau de qualité de service et de sécurité.Dans les réseaux MANETs, l’absence d’infrastructure ne permet pas d’utiliser l’approche centralisée pour gérer le partage des ressources, comme l’accès au canal.Contrairement au WLAN (réseau sans fil avec infrastructure), dans les réseaux Ad hoc les nœuds voisins deviennent concurrents et il est di cile d’assurer l’équité et l’optimisation du débit. La norme IEEE802.11 ne prend pas en compte l’équité entre les nœuds dans le contexte des MANETs. Bien que cette norme propose di érents niveaux de transmission, elle ne précise pas comment allouer ces débits de manière e cace. En outre, les MANETs sont basés sur le concept de la coopération entre les nœuds pour former et gérer un réseau. Le manque de coopération entre les nœuds signifie l’absence de tout le réseau. C’est pourquoi, il est primordial de trouver des solutions pour les nœuds non-coopératifs ou égoïstes. Enfin, la communication sans fil multi-sauts peut participer à l’augmentation de la couverture radio. Les nœuds de bordure doivent coopérer pour transmettre les paquets des nœuds voisins qui se trouvent en dehors de la zone de couverture de la station de base.Dans les réseaux VANETs, la dissémination des données pour les applications de sureté est un vrai défi. Pour assurer une distribution rapide et globale des informations, la méthode de transmission utilisée est la di usion. Cette méthode présente plusieurs inconvénients : perte massive des données due aux collisions, absence de confirmation de réception des paquets, non maîtrise du délai de transmission, et redondance de l’information. De plus, les applications de sureté transmettent des informations critiques, dont la fiabilité et l’authenticité doivent être assurées.Dans les réseaux WSNs, la limitation des ressources (bande passante, mémoire, énergie, et capacité de calcul), ainsi que le lien sans fil et la mobilité rendent la conception d’un protocole de communication e cace di cile. Certaines applications nécessitent un taux important de ressources (débit, énergie, etc) ainsi que des services de sécurité, comme la confidentialité et l’intégrité des données et l’authentification mutuelle. Ces paramètres sont opposés et leur conciliation est un véritable défi. De plus, pour transmettre de l’information, certaines applications ont besoin de connaître la position des nœuds dans le réseau. Les techniques de localisation sou rent d’un manque de précision en particulier dans un environnement fermé (indoor), et ne permettent pas de localiser les nœuds dans un intervalle de temps limité. Enfin, la localisation des nœuds est nécessaire pour assurer le suivi d’objet communicant ou non. Le suivi d’objet est un processus gourmand en énergie, et requiert de la précision.Pour répondre à ces défis, nous avons proposé et évalué des solutions, présentées de la manière suivante : l’ensemble des contributions dédiées aux réseaux MANETs est présenté dans le deuxième chapitre. Le troisième chapitre décrit les solutions apportées dans le cadre des réseaux VANETs. Enfin, les contributions liées aux réseaux WSNs sont présentées dans le quatrième chapitre

A systematic literature review on insider threats

Insider threats is the most concerned cybersecurity problem which is poorly addressed by widely used security solutions. Despite the fact that there have been several scientific publications in this area, but from our innovative study classification and structural taxonomy proposals, we argue to provide the more information about insider threats and defense measures used to counter them. While adopting the current grounded theory method for a thorough literature evaluation, our categorization's goal is to organize knowledge in insider threat research. Along with an analysis of major recent studies on detecting insider threats, the major goal of the study is to develop a classification of current types of insiders, levels of access, motivations behind it, insider profiling, security properties, and methods they use to attack. This includes use of machine learning algorithm, behavior analysis, methods of detection and evaluation. Moreover, actual incidents related to insider attacks have also been analyzed

The Analysis of Student Performance Using Data Mining

This paper presents the study of data mining in the education industry to model the performance for students enrolled in university. Two algorithms of data mining were used. Firstly, a descriptive task based on the K-means algorithm was utilized to select several student clusters. Secondly, a classification task supported two classification techniques, known as decision tree and Naïve Bayes, to predict the dropout because of poor performance in a student’s first four semesters. The student academic data collected during the admission process of those students were used to train and test the models, which were assessed using a cross-validation technique. Experimental results show that the prediction of drop out student is improved, and student performance is monitored when the data from the previous academic enrollment are added