The Methods to Improve Quality of Service by Accounting Secure Parameters

A solution to the problem of ensuring quality of service, providing a greater number of services with higher efficiency taking into account network security is proposed. In this paper, experiments were conducted to analyze the effect of self-similarity and attacks on the quality of service parameters. Method of buffering and control of channel capacity and calculating of routing cost method in the network, which take into account the parameters of traffic multifractality and the probability of detecting attacks in telecommunications networks were proposed. The both proposed methods accounting the given restrictions on the delay time and the number of lost packets for every type quality of service traffic. During simulation the parameters of transmitted traffic (self-similarity, intensity) and the parameters of network (current channel load, node buffer size) were changed and the maximum allowable load of network was determined. The results of analysis show that occurrence of overload when transmitting traffic over a switched channel associated with multifractal traffic characteristics and presence of attack. It was shown that proposed methods can reduce the lost data and improve the efficiency of network resources.Comment: 10 pages, 1 figure, 1 equation, 1 table. arXiv admin note: text overlap with arXiv:1904.0520

Smart Intrusion Detection System for DMZ

Prediction of network attacks and machine understandable security vulnerabilities are complex tasks for current available Intrusion Detection System [IDS]. IDS software is important for an enterprise network. It logs security information occurred in the network. In addition, IDSs are useful in recognizing malicious hack attempts, and protecting it without the need for change to client‟s software. Several researches in the field of machine learning have been applied to make these IDSs better a d smarter. In our work, we propose approach for making IDSs more analytical, using semantic technology. We made a useful semantic connection between IDSs and National Vulnerability Databases [NVDs], to make the system semantically analyzed each attack logged, so it can perform prediction about incoming attacks or services that might be in danger. We built our ontology skeleton based on standard network security. Furthermore, we added useful classes and relations that are specific for DMZ network services. In addition, we made an option to mallow the user to update the ontology skeleton automatically according to the network needs. Our work is evaluated and validated using four different methods: we presented a prototype that works over the web. Also, we applied KDDCup99 dataset to the prototype. Furthermore,we modeled our system using queuing model, and simulated it using Anylogic simulator. Validating the system using KDDCup99 benchmark shows good results law false positive attacks prediction. Modeling the system in a queuing model allows us to predict the behavior of the system in a multi-users system for heavy network traffic

Multi-Layer Cyber-Physical Security and Resilience for Smart Grid

The smart grid is a large-scale complex system that integrates communication technologies with the physical layer operation of the energy systems. Security and resilience mechanisms by design are important to provide guarantee operations for the system. This chapter provides a layered perspective of the smart grid security and discusses game and decision theory as a tool to model the interactions among system components and the interaction between attackers and the system. We discuss game-theoretic applications and challenges in the design of cross-layer robust and resilient controller, secure network routing protocol at the data communication and networking layers, and the challenges of the information security at the management layer of the grid. The chapter will discuss the future directions of using game-theoretic tools in addressing multi-layer security issues in the smart grid.Comment: 16 page

Security Configuration Management in Intrusion Detection and Prevention Systems

Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defense against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. IDPSs can be network or host-based and can collaborate in order to provide better detection of malicious traffic. Although several IDPS systems have been proposed, their appropriate con figuration and control for e effective detection/ prevention of attacks and efficient resource consumption is still far from trivial. Another concern is related to the slowing down of system performance when maximum security is applied, hence the need to trade o between security enforcement levels and the performance and usability of an enterprise information system. In this dissertation, we present a security management framework for the configuration and control of the security enforcement mechanisms of an enterprise information system. The approach leverages the dynamic adaptation of security measures based on the assessment of system vulnerability and threat prediction, and provides several levels of attack containment. Furthermore, we study the impact of security enforcement levels on the performance and usability of an enterprise information system. In particular, we analyze the impact of an IDPS con figuration on the resulting security of the network, and on the network performance. We also analyze the performance of the IDPS for different con figurations and under different traffic characteristics. The analysis can then be used to predict the impact of a given security con figuration on the prediction of the impact on network performance

A survey of denial-of-service and distributed denial of service attacks and defenses in cloud computing

Cloud Computing is a computingmodel that allows ubiquitous, convenient and on-demand access to a shared pool of highly configurable resources (e.g., networks, servers, storage, applications and services). Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious threats to the Cloud services’ availability due to numerous new vulnerabilities introduced by the nature of the Cloud, such as multi-tenancy and resource sharing. In this paper, new types of DoS and DDoS attacks in Cloud Computing are explored, especially the XML-DoS and HTTP-DoS attacks, and some possible detection and mitigation techniques are examined. This survey also provides an overview of the existing defense solutions and investigates the experiments and metrics that are usually designed and used to evaluate their performance, which is helpful for the future research in the domain

A Priority-based Fair Queuing (PFQ) Model for Wireless Healthcare System

Healthcare is a very active research area, primarily due to the increase in the elderly population that leads to increasing number of emergency situations that require urgent actions. In recent years some of wireless networked medical devices were equipped with different sensors to measure and report on vital signs of patient remotely. The most important sensors are Heart Beat Rate (ECG), Pressure and Glucose sensors. However, the strict requirements and real-time nature of medical applications dictate the extreme importance and need for appropriate Quality of Service (QoS), fast and accurate delivery of a patient’s measurements in reliable e-Health ecosystem. As the elderly age and older adult population is increasing (65 years and above) due to the advancement in medicine and medical care in the last two decades; high QoS and reliable e-health ecosystem has become a major challenge in Healthcare especially for patients who require continuous monitoring and attention. Nevertheless, predictions have indicated that elderly population will be approximately 2 billion in developing countries by 2050 where availability of medical staff shall be unable to cope with this growth and emergency cases that need immediate intervention. On the other side, limitations in communication networks capacity, congestions and the humongous increase of devices, applications and IOT using the available communication networks add extra layer of challenges on E-health ecosystem such as time constraints, quality of measurements and signals reaching healthcare centres. Hence this research has tackled the delay and jitter parameters in E-health M2M wireless communication and succeeded in reducing them in comparison to current available models. The novelty of this research has succeeded in developing a new Priority Queuing model ‘’Priority Based-Fair Queuing’’ (PFQ) where a new priority level and concept of ‘’Patient’s Health Record’’ (PHR) has been developed and integrated with the Priority Parameters (PP) values of each sensor to add a second level of priority. The results and data analysis performed on the PFQ model under different scenarios simulating real M2M E-health environment have revealed that the PFQ has outperformed the results obtained from simulating the widely used current models such as First in First Out (FIFO) and Weight Fair Queuing (WFQ). PFQ model has improved transmission of ECG sensor data by decreasing delay and jitter in emergency cases by 83.32% and 75.88% respectively in comparison to FIFO and 46.65% and 60.13% with respect to WFQ model. Similarly, in pressure sensor the improvements were 82.41% and 71.5% and 68.43% and 73.36% in comparison to FIFO and WFQ respectively. Data transmission were also improved in the Glucose sensor by 80.85% and 64.7% and 92.1% and 83.17% in comparison to FIFO and WFQ respectively. However, non-emergency cases data transmission using PFQ model was negatively impacted and scored higher rates than FIFO and WFQ since PFQ tends to give higher priority to emergency cases. Thus, a derivative from the PFQ model has been developed to create a new version namely “Priority Based-Fair Queuing-Tolerated Delay” (PFQ-TD) to balance the data transmission between emergency and non-emergency cases where tolerated delay in emergency cases has been considered. PFQ-TD has succeeded in balancing fairly this issue and reducing the total average delay and jitter of emergency and non-emergency cases in all sensors and keep them within the acceptable allowable standards. PFQ-TD has improved the overall average delay and jitter in emergency and non-emergency cases among all sensors by 41% and 84% respectively in comparison to PFQ model

Modelling and Quantitative Analysis of Performance vs Security Trade-offs in Computer Networks: An investigation into the modelling and discrete-event simulation analysis of performance vs security trade-offs in computer networks, based on combined metrics and stochastic activity networks (SANs)

Performance modelling and evaluation has long been considered of paramount importance to computer networks from design through development, tuning and upgrading. These networks, however, have evolved significantly since their first introduction a few decades ago. The Ubiquitous Web in particular with fast-emerging unprecedented services has become an integral part of everyday life. However, this all is coming at the cost of substantially increased security risks. Hence cybercrime is now a pervasive threat for today’s internet-dependent societies. Given the frequency and variety of attacks as well as the threat of new, more sophisticated and destructive future attacks, security has become more prevalent and mounting concern in the design and management of computer networks. Therefore equally important if not more so is security. Unfortunately, there is no one-size-fits-all solution to security challenges. One security defence system can only help to battle against a certain class of security threats. For overall security, a holistic approach including both reactive and proactive security measures is commonly suggested. As such, network security may have to combine multiple layers of defence at the edge and in the network and in its constituent individual nodes. Performance and security, however, are inextricably intertwined as security measures require considerable amounts of computational resources to execute. Moreover, in the absence of appropriate security measures, frequent security failures are likely to occur, which may catastrophically affect network performance, not to mention serious data breaches among many other security related risks. In this thesis, we study optimisation problems for the trade-offs between performance and security as they exist between performance and dependability. While performance metrics are widely studied and well-established, those of security are rarely defined in a strict mathematical sense. We therefore aim to conceptualise and formulate security by analogy with dependability so that, like performance, it can be modelled and quantified. Having employed a stochastic modelling formalism, we propose a new model for a single node of a generic computer network that is subject to various security threats. We believe this nodal model captures both performance and security aspects of a computer node more realistically, in particular the intertwinements between them. We adopt a simulation-based modelling approach in order to identify, on the basis of combined metrics, optimal trade-offs between performance and security and facilitate more sophisticated trade-off optimisation studies in the field. We realise that system parameters can be found that optimise these abstract combined metrics, while they are optimal neither for performance nor for security individually. Based on the proposed simulation modelling framework, credible numerical experiments are carried out, indicating the scope for further work extensions for a systematic performance vs security tuning of computer networks

An Architecture for QoS-capable Integrated Security Gateway to Protect Avionic Data Network

International audienceWhile the use of Internet Protocol (IP) in aviation allows new applications and benefits, it opens the doors for security risks and attacks. Many security mechanisms and solutions have evolved to mitigate the ever continuously increasing number of network attacks. Although these conventional solutions have solved some security problems, they also leave some security holes. Securing open and complex systems have become more and more complicated and obviously, the dependence on a single security mechanism gives a false sense of security while opening the doors for attackers. Hence, to ensure secure networks, several security mechanisms must work together in a harmonic multi-layered way. In addition, if we take QoS requirements into account, the problem becomes more complicated and necessitates in-depth reflexions. In this paper, we present the architecture of our QoS-capable integrated security gateway: a gateway that highly integrates well chosen technologies in the area of network security as well as QoS mechanisms to provide the strongest level of security for avionic data network; our main aim is to provide both multi-layered security and stable performances for critical network applications