Adaptive conflict-free optimization of rule sets for network security packet filtering devices

Packet filtering and processing rules management in firewalls and security gateways has become commonplace in increasingly complex networks. On one side there is a need to maintain the logic of high level policies, which requires administrators to implement and update a large amount of filtering rules while keeping them conflict-free, that is, avoiding security inconsistencies. On the other side, traffic adaptive optimization of large rule lists is useful for general purpose computers used as filtering devices, without specific designed hardware, to face growing link speeds and to harden filtering devices against DoS and DDoS attacks. Our work joins the two issues in an innovative way and defines a traffic adaptive algorithm to find conflict-free optimized rule sets, by relying on information gathered with traffic logs. The proposed approach suits current technology architectures and exploits available features, like traffic log databases, to minimize the impact of ACO development on the packet filtering devices. We demonstrate the benefit entailed by the proposed algorithm through measurements on a test bed made up of real-life, commercial packet filtering devices

Investigating Open Issues in Swarm Intelligence for Mitigating Security Threats in MANET

The area of Mobile Adhoc Network (MANET) has being a demanded topic of research for more than a decade because of its attractive communication features associated with various issues. This paper primarily discusses on the security issues, which has been still unsolved after abundant research work. The paper basically stresses on the potential features of Swarm Intelligence (SI) and its associated techniques to mitigate the security issues. Majority of the previous researches based on SI has used Ant Colony Optimization (ACO) or Particle Swarm Optimization (PSO) extensively. Elaborated discussion on SI with respect to trust management, authentication, and attack models are made with support of some of the recent studies done in same area. The paper finally concludes by discussing the open issues and problem identification of the review

A Novel Method of Enhancing Security Solutions and Energy Efficiency of IoT Protocols

Mobile Ad-hoc Networks (MANET’s) are wireless networks that are capable of operating without any fixed infrastructure. MANET routing protocols must adhere to strict secrecy, integrity, availability and non-repudiation criteria. In MANETs, attacks are roughly categorised into two types: active and passive. An active attack attempts to modify or remove data being transferred across a network. On the other hand, passive attack does not modify or erase the data being sent over the network. The majority of routing protocols for MANETs were built with little regard for security and are therefore susceptible to a variety of assaults. Routing technologies such as AODV and dynamic source routing are quite common. Both however are susceptible to a variety of network layer attacks, including black holes, wormholes, rushing, byzantine, information disclosure. The mobility of the nodes and the open architecture in which the nodes are free to join or leave the network keep changing the topology of the network. The routing in such scenarios becomes a challenging task since it has to take into account the constraints of resources of mobile devices. In this  an analysis of these protocols indicates that, though proactive routing protocols maintain a route to every destination and have low latency, they suffer from high routing overheads and inability to keep up with the dynamic topology in a large sized network. The reactive routing protocols in contrast have low routing overheads, better throughput and higher packet delivery ratio. AODVACO-PSO-DHKE Methodology boosts throughput by 10% while reducing routing overhead by 7%, latency by 8% and energy consumption by 5%. To avoid nodes always being on, a duty cycle procedure that's also paired with the hybrid method is used ACO-FDR PSO is applied to a 100-node network and NS-3 is used to measure various metrics such as throughput, latency, overhead, energy consumption and packet delivery ratio

A Novel Method of Enhancing Security Solutions and Energy Efficiency of IoT Protocols

Mobile Ad-hoc Networks (MANET’s) are wireless networks that are capable of operating without any fixed infrastructure. MANET routing protocols must adhere to strict secrecy, integrity, availability and non-repudiation criteria. In MANETs, attacks are roughly categorised into two types: active and passive. An active attack attempts to modify or remove data being transferred across a network. On the other hand, passive attack does not modify or erase the data being sent over the network. The majority of routing protocols for MANETs were built with little regard for security and are therefore susceptible to a variety of assaults. Routing technologies such as AODV and dynamic source routing are quite common. Both however are susceptible to a variety of network layer attacks, including black holes, wormholes, rushing, byzantine, information disclosure. The mobility of the nodes and the open architecture in which the nodes are free to join or leave the network keep changing the topology of the network. The routing in such scenarios becomes a challenging task since it has to take into account the constraints of resources of mobile devices. In this an analysis of these protocols indicates that, though proactive routing protocols maintain a route to every destination and have low latency, they suffer from high routing overheads and inability to keep up with the dynamic topology in a large sized network. The reactive routing protocols in contrast have low routing overheads, better throughput and higher packet delivery ratio. AODVACO-PSO-DHKE Methodology boosts throughput by 10% while reducing routing overhead by 7%, latency by 8% and energy consumption by 5%. To avoid nodes always being on, a duty cycle procedure that's also paired with the hybrid method is used ACO-FDR PSO is applied to a 100-node network and NS-3 is used to measure various metrics such as throughput, latency, overhead, energy consumption and packet delivery ratio

Artificial intelligence (AI) methods in optical networks: A comprehensive survey

Producción CientíficaArtificial intelligence (AI) is an extensive scientific discipline which enables computer systems to solve problems by emulating complex biological processes such as learning, reasoning and self-correction. This paper presents a comprehensive review of the application of AI techniques for improving performance of optical communication systems and networks. The use of AI-based techniques is first studied in applications related to optical transmission, ranging from the characterization and operation of network components to performance monitoring, mitigation of nonlinearities, and quality of transmission estimation. Then, applications related to optical network control and management are also reviewed, including topics like optical network planning and operation in both transport and access networks. Finally, the paper also presents a summary of opportunities and challenges in optical networking where AI is expected to play a key role in the near future.Ministerio de Economía, Industria y Competitividad (Project EC2014-53071-C3-2-P, TEC2015-71932-REDT