2,226 research outputs found
Determining wireless local area network (WLAN) vulnerabilities on academic network
The advancement and proliferation of wireless local area network nowadays have driven for an alarm on the whole network operation.The concern applies to both business and academic computer network environments.This paper describes our research and experiences in performing network vulnerabilities analysis in academic local area network.The research uses network vulnerability analysis methodology to perform vulnerability analysis on Academic and Administration building. From the analysis, the overall network security level can be determined.Remedies and solution to counter any vulnerability can also be prescribed and this will reduce network vulnerability threat to academic local area network
Survey and Systematization of Secure Device Pairing
Secure Device Pairing (SDP) schemes have been developed to facilitate secure
communications among smart devices, both personal mobile devices and Internet
of Things (IoT) devices. Comparison and assessment of SDP schemes is
troublesome, because each scheme makes different assumptions about out-of-band
channels and adversary models, and are driven by their particular use-cases. A
conceptual model that facilitates meaningful comparison among SDP schemes is
missing. We provide such a model. In this article, we survey and analyze a wide
range of SDP schemes that are described in the literature, including a number
that have been adopted as standards. A system model and consistent terminology
for SDP schemes are built on the foundation of this survey, which are then used
to classify existing SDP schemes into a taxonomy that, for the first time,
enables their meaningful comparison and analysis.The existing SDP schemes are
analyzed using this model, revealing common systemic security weaknesses among
the surveyed SDP schemes that should become priority areas for future SDP
research, such as improving the integration of privacy requirements into the
design of SDP schemes. Our results allow SDP scheme designers to create schemes
that are more easily comparable with one another, and to assist the prevention
of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications
Surveys & Tutorials 2017 (Volume: PP, Issue: 99
Improving Dependability of Networks with Penalty and Revocation Mechanisms
Both malicious and non-malicious faults can dismantle computer networks. Thus, mitigating faults at various layers is essential in ensuring efficient and fair network resource utilization. In this thesis we take a step in this direction and study several ways to deal with faults by means of penalties and revocation mechanisms in networks that are lacking a centralized coordination point, either because of their scale or design.
Compromised nodes can pose a serious threat to infrastructure, end-hosts and services. Such malicious elements can undermine the availability and fairness of networked systems. To deal with such nodes, we design and analyze protocols enabling their removal from the network in a fast and a secure way. We design these protocols for two different environments. In the former setting, we assume that there are multiple, but independent trusted points in the network which coordinate other nodes in the network. In the latter, we assume that all nodes play equal roles in the network and thus need to cooperate to carry out common functionality. We analyze these solutions and discuss possible deployment scenarios.
Next we turn our attention to wireless edge networks. In this context, some nodes, without being malicious, can still behave in an unfair manner. To deal with the situation, we propose several self-penalty mechanisms. We implement the proposed protocols employing a commodity hardware and conduct experiments in real-world environments. The analysis of data collected in several measurement rounds revealed improvements in terms of higher fairness and throughput. We corroborate the results with simulations and an analytic model. And finally, we discuss how to measure fairness in dynamic settings, where nodes can have heterogeneous resource demands
Factors Impacting Key Management Effectiveness in Secured Wireless Networks
The use of a Public Key Infrastructure (PKI) offers a cryptographic solution that can overcome many, but not all, of the MANET security problems. One of the most critical aspects of a PKI system is how well it implements Key Management. Key Management deals with key generation, key storage, key distribution, key updating, key revocation, and certificate service in accordance with security policies over the lifecycle of the cryptography. The approach supported by traditional PKI works well in fixed wired networks, but it may not appropriate for MANET due to the lack of fixed infrastructure to support the PKI. This research seeks to identify best practices in securing networks which may be applied to new network architectures
Defense in Depth Network Perimeter Security
Defense in depth network perimeter security has always be a topic of discussion for a long time as an efficient way of mitigating cyber-attacks. While there are no 100% mitigating method against cyber-attacks, a layered defense in depth network perimeter security can be used to mitigate against cyber-attacks. Research have shown a massive growth in cyber-crimes and there are limited number of cyber security expert to counter this attacks. EIU as an institution is taking up the responsibility of producing cyber security graduates with the new Master of Science in Cyber Security program that started in Fall 2017.
This research is aim at designing and developing a defense in depth network perimeter security that will be used for laboratory practices to learn and simulate cyber security activity and its mitigation. The research is complemented with the design of ten laboratory practices to give expertise to the students in the equipment used in the design. The designed topology comprises of two sites, connected via IPSec site to site VPN over an unsecure internet connection. A public testing webserver is placed at the DMZ which is to be used to invite hackers to attack the design system for the purpose of detecting, preventing and learning cyber-attack mechanisms
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
A Practical guide to understanding wireless networking concepts, security protocols, attack, and safer deployment schemes
With the explosion of wireless networks appearing in buildings, business and educational campuses, and even homes; security is a large concern in order to prevent attempted intrusions and malicious attacks from the retrieval of confidential data. Wireless Fidelity, Wi-Fi for short, does provide security in the form called Wired Equivalent Privacy otherwise simply known as WEP. However cases documenting WEP\u27s security mechanism being breached in legitimate and illegitimate cases have been published and are readily available on the Internet. While wireless networks provide the freedom of mobility for users, this also allows potential hackers to eavesdrop on unsuspecting wireless users. Or worse, one could potentially hijack an access point and gain unauthorized access past the wireless network and then into the wired internal network. Thus an intruder who has hijacked an access point will be able to access critical data while hiding safely outside the building. Knowledge and understanding of wireless networks and of its security is a necessary step to be learnt if wireless networks are to be deployed securely especially in congested urban settings
Optimal Witnessing of Healthcare IoT Data Using Blockchain Logging Contract
Verification of data generated by wearable sensors is increasingly becoming
of concern to health service providers and insurance companies. There is a need
for a verification framework that various authorities can request a
verification service for the local network data of a target IoT device. In this
paper, we leverage blockchain as a distributed platform to realize an on-demand
verification scheme. This allows authorities to automatically transact with
connected devices for witnessing services. A public request is made for witness
statements on the data of a target IoT that is transmitted on its local
network, and subsequently, devices (in close vicinity of the target IoT) offer
witnessing service.
Our contributions are threefold: (1) We develop a system architecture based
on blockchain and smart contract that enables authorities to dynamically avail
a verification service for data of a subject device from a distributed set of
witnesses which are willing to provide (in a privacy-preserving manner) their
local wireless measurement in exchange of monetary return; (2) We then develop
a method to optimally select witnesses in such a way that the verification
error is minimized subject to monetary cost constraints; (3) Lastly, we
evaluate the efficacy of our scheme using real Wi-Fi session traces collected
from a five-storeyed building with more than thirty access points,
representative of a hospital. According to the current pricing schedule of the
Ethereum public blockchain, our scheme enables healthcare authorities to verify
data transmitted from a typical wearable device with the verification error of
the order 0.01% at cost of less than two dollars for one-hour witnessing
service.Comment: 12 pages, 12 figure
- …