A survey of intrusion detection techniques in Cloud

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks

An SDN-based Approach For Defending Against Reflective DDoS Attacks

Distributed Reflective Denial of Service (DRDoS) attacks are an immanent threat to Internet services. The potential scale of such attacks became apparent in March 2018 when a memcached-based attack peaked at 1.7 Tbps. Novel services built upon UDP increase the need for automated mitigation mechanisms that react to attacks without prior knowledge of the actual application protocols used. With the flexibility that software-defined networks offer, we developed a new approach for defending against DRDoS attacks; it not only protects against arbitrary DRDoS attacks but is also transparent for the attack target and can be used without assistance of the target host operator. The approach provides a robust mitigation system which is protocol-agnostic and effective in the defense against DRDoS attacks

Resiliency of Smart Power Meters to Common Security Attacks

AbstractThe development of Smart Grid power systems is gaining momentum in many countries leading to massive deployment of smart meters to realize the envisioned benefits. However, there are several concerns among the consumer communities and the service providers with respect to information security when it comes to the deployment of smart meters. This paper attempts to address the main challenge related to smart grid information security by examining the resiliency of smart meters to security threats and attacks. Several common information security attacks are being used to study their impact on the performance of smart meters in a controlled laboratory environment. Results obtained showed drastic effect on the functionality of smart meters and their associated data gathering servers

Cross-validation based man-in-the-middle attack protection

A thesis submitted to the University of Bedfordshire, in fulfilment of the requirements for the degree of Master of Science by researchIn recent years, computer network has widely used in almost all areas of our social life. It has been profoundly changing the way of our living. However, various network attacks have become an increasingly problem at the same time. In local area networks, Man-in-the-Middle attack, as one kind of ARP attack, is the most common attack. This research implemented a cross-validation based Man-in-the-Middle attack protection method (CVP). This approach enables a host to check whether another host that responds the initialising host with an ARP reply packet is genuine. It then allows the ARP cache table of the initialising hosts to be updated with the MAC address and IP address pairs of the genuine host and to place the MAC address of inauthentic hosts into a blacklist. This research introduced ARP and ICMP firstly, including the structure of ARP and ICMP packets, and their workflows. Secondly, this research discussed the types of ARP attacks and the existing ARP attacks protection methods, including their principles, applicable environment, advantages and disadvantages. Then, this research proposed and implemented a cross-validation based Man-in-the-Middle attack protection method. Simulations and experiments were performed to examine the effect of CVP method. The results show the effectiveness of the proposed cross-validation based method in protecting network from Man-in-the-Middle attack. Compared with the existing Man-in-the-Middle attack protection methods, CVP requires no extra devices and administration, leading to more secure local area networks and low cost. It also has made a “tabu” to attackers. That is, it places the MAC address of attackers into a blacklist. So they will be identified immediately if they try to attack the network again

Computer Network Routing Challenges Associated to Tackle Resolution Protocol

Computer networks are very important in today�s scenario. They have changed the way we do business and the way we live. There are several protocols that help us to establish these networks. The most widely used network protocol is ARP (Address Resolution Protocol) which is used to find the physical address of the node when its internet address is known. In this paper we have discussed the weaknesses of this protocol and have proposed various methods of active detection and prevention of ARP poisoning(spoofing) based Man-in- the-Middle(MitM) attacks on switched Ethernet LAN�s, Denial-of-service (DoS), session hijacking etc. We have implemented tools and defense mechanisms such as central server on a network or subnets, encryption of data traffic etc. that help us to reduce these spoofing attacks