Evaluation of Security Availability of Data Components for A Renewable Energy Micro Smart Grid System

In this thesis, we study the development and security testing of photovoltaic data collection system. With the introduction of the smart grid concept, a lot of research has been done on the communication aspect of energy production and distribution throughout the power network. For Smart Grid, Internet is used as the communication medium for specific required services and for data collection. Despite all the advantages of the Smart Grid infrastructure, there is also some security concern regarding the vulnerabilities associated with internet access. In this thesis, we consider security testing of the two most popular and globally deployed web server platforms Apache running on Red Had Linux 5 and IIS on Windows Server 2008, and their performance under Distributed Denial of Service Attacks. Furthermore we stress test the data collection services provided by MySQL running on both Windows and Linux Servers when it is also under DDoS attacks

Ethical Hacking Using Penetration Testing

This thesis provides details of the hardware architecture and the software scripting, which are employed to demonstrate penetration testing in a laboratory setup. The architecture depicts an organizational computing asset or an environment.¬¬¬ With the increasing number of cyber-attacks throughout the world, the network security is becoming an important issue. This has motivated a large number of “ethical hackers” to indulge and develop methodologies and scripts to defend against the security attacks. As it is too onerous to maintain and monitor attacks on individual hardware and software in an organization, the demand for the new ways to manage security systems invoked the idea of penetration testing. Many research groups have designed algorithms depending on the size, type and purpose of application to secure networks [55]. In this thesis, we create a laboratory setup replicating an organizational infrastructure to study penetration testing on real time server-client atmosphere. To make this possible, we have used Border Gateway Protocol (BGP) as routing protocol as it is widely used in current networks. Moreover, BGP exhibits few vulnerabilities of its own and makes the security assessment more promising. Here, we propose (a) computer based attacks and (b) actual network based attacks including defense mechanisms. The thesis, thus, describes the way penetration testing is accomplished over a desired BGP network. The procedural generation of the packets, exploit, and payloads involve internal and external network attacks. In this thesis, we start with the details of all sub-fields in the stream of penetration testing, including their requirements and outcomes. As an informative and learning research, this thesis discusses the types of attacks over the routers, switches and physical client machines. Our work also deals with the limitations of the implementation of the penetration testing, discussing over the vulnerabilities of the current standards in the technology. Furthermore, we consider the possible methodologies that require attention in order to accomplish most efficient outcomes with the penetration testing. Overall, this work has provided a great learning opportunity in the area of ethical hacking using penetration testing

Controlled DDoS Attack on IPv4/IPv6 Network Using Distributed Computing Infrastructure

The paper focuses on design, background and experimental results of real environment of DDoS attacks. The experimental testbed is based on employment of a tool for IT automation to perform DDoS attacks under monitoring. DDoS attacks are still serious threat in both IPv4 and IPv6 networks and creation of simple tool to test the network for DDoS attack and to allow evaluation of vulnerabilities and DDoS countermeasures of the networks is necessary. In proposed testbed, Ansible orchestration tool is employed to perform and coordinate DDoS attacks. Ansible is a powerful tool and simplifies the implementation of the test environment. Moreover, no special hardware is required for the attacks execution, the testbed uses existing infrastructure in an organization. The case study of implementation of this environment shows straightforwardness to create a testbed comparable with a botnet with ten thousand bots. Furthermore, the experimental results demonstrate the potential of the proposed environment and present the impact of the attacks on particular target servers in IPv4 and IPv6 networks

Security Vulnerability Evaluation of Popular Personal Firewalls and Operating Systems

In this thesis, experimental evaluation of security vulnerabilities has been performed under DoS attacks for popular personal firewalls from McAfee, Norton and Kaspersky; and for operating systems namely Apple’s Leopard and SnowLeopard, and Microsoft’s Windows XP and Windows 7. Our experimental results show that the firewalls and operating systems behave differently under a given DoS attack. Some of the firewalls crashed under certain DoS attacks especially when they were configured to prevent and block packets belonging to such attacks. Operating systems evaluated in this thesis were also found to have different built-in security capabilities, and some of them even crashed under certain DoS attacks requiring forced reboot of the system. Comparative performance of firewalls and operating systems under DoS attacks has been presented

Security Analysis of a Blockchain Network

Blockchains have gained popularity due to their versatility and wide range of application. Blockchains are a decentralized data structure guaranteeing integrity and non-repudiation of data We use this to secure provenance meta-data. A blockchain can be seen as a distributed database, or a public ledger of transactions or digital events that have occurred and have been shared among participating parties. A consensus is required to verify each transaction. Blockchains are finding use in cryptocurrencies, academics, clinical trials, healthcare and agriculture. However, like other networks, we need to verify the robustness and availability of the blockchain networks. In this thesis, we leverage existing Denial of Service and Distributed Denial of Service [D/DoS] attacks as a tool to evaluate our proposed blockchain technology, Scrybe, for robustness. First, we check its performance in presence of Transmission Control Protocol [TCP]- based flooding attacks such as SYN Flooding and its variants. We also optimize TCP kernel parameters to improve the utility of syn cookies as a measure against SYN floods. Second, we evaluate malicious miner attempts to exclude client transactions by stalling the mining process and verify that consensus is reached as long as there is at least one honest miner in the network. The underlying algorithm of Scrybe is our novel Lightweight Mining [LWM] algorithm. Our technology guarantees the properties of data integrity and non-repudiation with minimal resource requirements. It introduces a way to mine new blocks in the blockchain, which is not a resource hungry Proof-of-Work [PoW] as required in many present-day cryptocurrency applications