61,118 research outputs found
The Challenges in SDN/ML Based Network Security : A Survey
Machine Learning is gaining popularity in the network security domain as many
more network-enabled devices get connected, as malicious activities become
stealthier, and as new technologies like Software Defined Networking (SDN)
emerge. Sitting at the application layer and communicating with the control
layer, machine learning based SDN security models exercise a huge influence on
the routing/switching of the entire SDN. Compromising the models is
consequently a very desirable goal. Previous surveys have been done on either
adversarial machine learning or the general vulnerabilities of SDNs but not
both. Through examination of the latest ML-based SDN security applications and
a good look at ML/SDN specific vulnerabilities accompanied by common attack
methods on ML, this paper serves as a unique survey, making a case for more
secure development processes of ML-based SDN security applications.Comment: 8 pages. arXiv admin note: substantial text overlap with
arXiv:1705.0056
A ReRAM Physically Unclonable Function (ReRAM PUF)-based Approach to Enhance Authentication Security in Software Defined Wireless Networks
The exponentially increasing number of ubiquitous wireless devices connected
to the Internet in Internet of Things (IoT) networks highlights the need for a
new paradigm of data flow management in such large-scale networks under
software defined wireless networking (SDWN). The limited power and computation
capability available at IoT devices as well as the centralized management and
decision-making approach in SDWN introduce a whole new set of security threats
to the networks. In particular, the authentication mechanism between the
controllers and the forwarding devices in SDWNs is a key challenge from both
secrecy and integrity aspects. Conventional authentication protocols based on
public key infrastructure (PKI) are no longer sufficient for these networks
considering the large-scale and heterogeneity nature of the networks as well as
their deployment cost, and security vulnerabilities due to key distribution and
storage. We propose a novel security protocol based on physical unclonable
functions (PUFs) known as hardware security primitives to enhance the
authentication security in SDWNs. In this approach, digital PUFs are developed
using the inherent randomness of the nanomaterials of Resistive Random Access
Memory (ReRAM) that are embedded in most IoT devices to enable a secure
authentication and access control in these networks. These PUFs are developed
based on a novel approach of multi-states, in which the natural drifts due to
the physical variations in the environment are predicted to reduce the
potential errors in challenge-response pairs of PUFs being tested in different
situations. We also proposed a PUF-based PKI protocol to secure the controller
in SDWNs. The performance of the developed ReRAM-based PUFs are evaluated in
the experimental results.Comment: 16 pages, 10 figures, submitted to Springer International Journal of
Wireless Information Network
Formal methods and software engineering for DL. Security, safety and productivity for DL systems development
Deep Learning (DL) techniques are now widespread and being integrated into
many important systems. Their classification and recognition abilities ensure
their relevance for multiple application domains. As machine-learning that
relies on training instead of algorithm programming, they offer a high degree
of productivity. But they can be vulnerable to attacks and the verification of
their correctness is only just emerging as a scientific and engineering
possibility. This paper is a major update of a previously-published survey,
attempting to cover all recent publications in this area. It also covers an
even more recent trend, namely the design of domain-specific languages for
producing and training neural nets.Comment: Submitted to IEEE-CCECE201
A Survey on Software-Defined VANETs: Benefits, Challenges, and Future Directions
The evolving of Fifth Generation (5G) networks isbecoming more readily
available as a major driver of the growthof new applications and business
models. Vehicular Ad hocNetworks (VANETs) and Software Defined Networking
(SDN)represent the key enablers of 5G technology with the developmentof next
generation intelligent vehicular networks and applica-tions. In recent years,
researchers have focused on the integrationof SDN and VANET, and look at
different topics related to thearchitecture, the benefits of software-defined
VANET servicesand the new functionalities to adapt them. However, securityand
robustness of the complete architecture is still questionableand have been
largely negleted. Moreover, the deployment andintegration of novel entities and
several architectural componentsdrive new security threats and
vulnerabilities.In this paper, first we survey the state-of-the-art SDN
basedVehicular ad-hoc Network (SDVN) architectures for their net-working
infrastructure design, functionalities, benefits, and chal-lenges. Then we
discuss these SDVN architectures against majorsecurity threats that violate the
key security services such asavailability, confidentiality, authentication, and
data integrity.We also propose different countermeasures to these
threats.Finally, we discuss the lessons learned with the directions offuture
research work towards provisioning stringent security andprivacy solutions in
future SDVN architectures. To the best of ourknowledge, this is the first
comprehensive work that presents sucha survey and analysis on SDVNs in the era
of future generationnetworks (e.g., 5G, and Information centric networking)
andapplications (e.g., intelligent transportation system, and IoT-enabled
advertising in VANETs).Comment: 17 pages, 2 figure
A Roadmap Towards Resilient Internet of Things for Cyber-Physical Systems
The Internet of Things (IoT) is a ubiquitous system connecting many different
devices - the things - which can be accessed from the distance. The
cyber-physical systems (CPS) monitor and control the things from the distance.
As a result, the concepts of dependability and security get deeply intertwined.
The increasing level of dynamicity, heterogeneity, and complexity adds to the
system's vulnerability, and challenges its ability to react to faults. This
paper summarizes state-of-the-art of existing work on anomaly detection,
fault-tolerance and self-healing, and adds a number of other methods applicable
to achieve resilience in an IoT. We particularly focus on non-intrusive methods
ensuring data integrity in the network. Furthermore, this paper presents the
main challenges in building a resilient IoT for CPS which is crucial in the era
of smart CPS with enhanced connectivity (an excellent example of such a system
is connected autonomous vehicles). It further summarizes our solutions,
work-in-progress and future work to this topic to enable "Trustworthy IoT for
CPS". Finally, this framework is illustrated on a selected use case: A smart
sensor infrastructure in the transport domain.Comment: preprint (2018-10-29
A Survey on Resilient Machine Learning
Machine learning based system are increasingly being used for sensitive tasks
such as security surveillance, guiding autonomous vehicle, taking investment
decisions, detecting and blocking network intrusion and malware etc. However,
recent research has shown that machine learning models are venerable to attacks
by adversaries at all phases of machine learning (eg, training data collection,
training, operation). All model classes of machine learning systems can be
misled by providing carefully crafted inputs making them wrongly classify
inputs. Maliciously created input samples can affect the learning process of a
ML system by either slowing down the learning process, or affecting the
performance of the learned mode, or causing the system make error(s) only in
attacker's planned scenario. Because of these developments, understanding
security of machine learning algorithms and systems is emerging as an important
research area among computer security and machine learning researchers and
practitioners. We present a survey of this emerging area in machine learning
Data Management in Industry 4.0: State of the Art and Open Challenges
Information and communication technologies are permeating all aspects of
industrial and manufacturing systems, expediting the generation of large
volumes of industrial data. This article surveys the recent literature on data
management as it applies to networked industrial environments and identifies
several open research challenges for the future. As a first step, we extract
important data properties (volume, variety, traffic, criticality) and identify
the corresponding data enabling technologies of diverse fundamental industrial
use cases, based on practical applications. Secondly, we provide a detailed
outline of recent industrial architectural designs with respect to their data
management philosophy (data presence, data coordination, data computation) and
the extent of their distributiveness. Then, we conduct a holistic survey of the
recent literature from which we derive a taxonomy of the latest advances on
industrial data enabling technologies and data centric services, spanning all
the way from the field level deep in the physical deployments, up to the cloud
and applications level. Finally, motivated by the rich conclusions of this
critical analysis, we identify interesting open challenges for future research.
The concepts presented in this article thematically cover the largest part of
the industrial automation pyramid layers. Our approach is multidisciplinary, as
the selected publications were drawn from two fields; the communications,
networking and computation field as well as the industrial, manufacturing and
automation field. The article can help the readers to deeply understand how
data management is currently applied in networked industrial environments, and
select interesting open research opportunities to pursue
Attacking Machine Learning models as part of a cyber kill chain
Machine learning is gaining popularity in the network security domain as many
more network-enabled devices get connected, as malicious activities become
stealthier, and as new technologies like Software Defined Networking emerge.
Compromising machine learning model is a desirable goal. In fact, spammers have
been quite successful getting through machine learning enabled spam filters for
years. While previous works have been done on adversarial machine learning,
none has been considered within a defense-in-depth environment, in which
correct classification alone may not be good enough. For the first time, this
paper proposes a cyber kill-chain for attacking machine learning models
together with a proof of concept. The intention is to provide a high level
attack model that inspire more secure processes in
research/design/implementation of machine learning based security solutions.Comment: 8 page
Machine Learning Aided Static Malware Analysis: A Survey and Tutorial
Malware analysis and detection techniques have been evolving during the last
decade as a reflection to development of different malware techniques to evade
network-based and host-based security protections. The fast growth in variety
and number of malware species made it very difficult for forensics
investigators to provide an on time response. Therefore, Machine Learning (ML)
aided malware analysis became a necessity to automate different aspects of
static and dynamic malware investigation. We believe that machine learning
aided static analysis can be used as a methodological approach in technical
Cyber Threats Intelligence (CTI) rather than resource-consuming dynamic malware
analysis that has been thoroughly studied before. In this paper, we address
this research gap by conducting an in-depth survey of different machine
learning methods for classification of static characteristics of 32-bit
malicious Portable Executable (PE32) Windows files and develop taxonomy for
better understanding of these techniques. Afterwards, we offer a tutorial on
how different machine learning techniques can be utilized in extraction and
analysis of a variety of static characteristic of PE binaries and evaluate
accuracy and practical generalization of these techniques. Finally, the results
of experimental study of all the method using common data was given to
demonstrate the accuracy and complexity. This paper may serve as a stepping
stone for future researchers in cross-disciplinary field of machine learning
aided malware forensics.Comment: 37 Page
Reconfigurable Wireless Networks
Driven by the advent of sophisticated and ubiquitous applications, and the
ever-growing need for information, wireless networks are without a doubt
steadily evolving into profoundly more complex and dynamic systems. The user
demands are progressively rampant, while application requirements continue to
expand in both range and diversity. Future wireless networks, therefore, must
be equipped with the ability to handle numerous, albeit challenging
requirements. Network reconfiguration, considered as a prominent network
paradigm, is envisioned to play a key role in leveraging future network
performance and considerably advancing current user experiences. This paper
presents a comprehensive overview of reconfigurable wireless networks and an
in-depth analysis of reconfiguration at all layers of the protocol stack. Such
networks characteristically possess the ability to reconfigure and adapt their
hardware and software components and architectures, thus enabling flexible
delivery of broad services, as well as sustaining robust operation under highly
dynamic conditions. The paper offers a unifying framework for research in
reconfigurable wireless networks. This should provide the reader with a
holistic view of concepts, methods, and strategies in reconfigurable wireless
networks. Focus is given to reconfigurable systems in relatively new and
emerging research areas such as cognitive radio networks, cross-layer
reconfiguration and software-defined networks. In addition, modern networks
have to be intelligent and capable of self-organization. Thus, this paper
discusses the concept of network intelligence as a means to enable
reconfiguration in highly complex and dynamic networks. Finally, the paper is
supported with several examples and case studies showing the tremendous impact
of reconfiguration on wireless networks.Comment: 28 pages, 26 figures; Submitted to the Proceedings of the IEEE (a
special issue on Reconfigurable Systems
- …