249 research outputs found
Exploratory study to explore the role of ICT in the process of knowledge management in an Indian business environment
In the 21st century and the emergence of a digital economy, knowledge and the knowledge base economy are rapidly growing. To effectively be able to understand the processes involved in the creating, managing and sharing of knowledge management in the business environment is critical to the success of an organization. This study builds on the previous research of the authors on the enablers of knowledge management by identifying the relationship between the enablers of knowledge management and the role played by information communication technologies (ICT) and ICT infrastructure in a business setting. This paper provides the findings of a survey collected from the four major Indian cities (Chennai, Coimbatore, Madurai and Villupuram) regarding their views and opinions about the enablers of knowledge management in business setting. A total of 80 organizations participated in the study with 100 participants in each city. The results show that ICT and ICT infrastructure can play a critical role in the creating, managing and sharing of knowledge in an Indian business environment
Recommended from our members
A Comprehensive Survey of Voice over IP Security Research
We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems
The enablers and implementation model for mobile KMS in Australian healthcare
In this research project, the enablers in implementing mobile KMS in Australian regional healthcare will be investigated, and a validated framework and guidelines to assist healthcare in implementing mobile KMS will also be proposed with both qualitative and quantitative approaches. The outcomes for this study are expected to improve the understanding the enabling factors in implementing mobile KMS in Australian healthcare, as well as provide better guidelines for this process
Secure Service Provisioning (SSP) Framework for IP Multimedia Subsystem (IMS)
Mit dem Erscheinen mobiler Multimediadienste, wie z. B. Unified Messaging, Click-to-Dial-Applikationen, netzwerkübergeifende Multimedia-Konferenzen und nahtlose Multimedia-Streming-Dienste, begann die Konvergenz von mobilen Kommunikationsetzen und Festnetzen, begleitet von der Integration von Sprach- und Datenkommunikations-Übertragungstechnik Diese Entwicklungen bilden die Voraussetzung für die Verschmelzung des modernen Internet auf der einen Seite mit der Telekommunikation im klassischen Sinne auf der anderen. Das IP Multimedia-Subsystem (IMS) darf hierbei als die entscheidende Next-Generation-Service-Delivery-Plattform in einer vereinheitlichten Kommunikationswelt angesehen werden. Seine Architektur basiert auf einem modularen Design mit offenen Schnittstellen und bietet dedizierte Voraussetzungen zur Unterstützung von Multimedia-Diensten auf der Grundlage der Internet-Protokolle. Einhergehend mit dieser aufkommenden offenen Technologie stellen sich neue Sicherheits-Herausforderungen in einer vielschichtigen Kommunikationsinfrastruktur, im Wesentlichen bestehend aus dem Internet Protokoll (IP), dem SIP-Protokoll (Session Initiation Protocol) und dem Real-time Transport Protokoll (RTP). Die Zielsetzung des Secure Service Provisioning-Systems (SSP) ist, mögliche Angriffsszenarien und Sicherheitslücken in Verbindung mit dem IP Multimedia Subsystem zu erforschen und Sicherheitslösungen, wie sie von IETF, 3GPP und TISPAN vorgeschlagen werden, zu evaluieren. Im Rahmen dieser Forschungsarbeit werden die Lösungen als Teil des SSP-Systems berücksichtigt, mit dem Ziel, dem IMS und der Next-Generation-SDP einen hinreichenden Schutz zu garantieren. Dieser Teil, der als Sicherheitsschutzstufe 1 bezeichnet wird, beinhaltet unter anderem Maßnahmen zur Nutzer- und Netzwerk-Authentifizierung, die Autorisierung der Nutzung von Multimediadiensten und Vorkehrungen zur Gewährleistung der Geheimhaltung und Integrität von Daten im Zusammenhang mit dem Schutz vor Lauschangriffen, Session-Hijacking- und Man-in-the-Middle-Angriffen. Im nächsten Schritt werden die Beschränkungen untersucht, die für die Sicherheitsschutzstufe 1 charakteristisch sind und Maßnahmen zu Verbesserung des Sicherheitsschutzes entwickelt. Die entsprechenden Erweiterungen der Sicherheitsschutzstufe 1 führen zu einem Intrusion Detection and Prevention-System (IDP), das Schutz vor Denial-of-Service- (DoS) / Distributed-Denial-of-Service (DDoS)-Angriffen, missbräuchlicher Nutzung und Täuschungsversuchen in IMS-basierten Netzwerken bietet. Weder 3GPP noch TISPAN haben bisher Lösungen für diesen Bereich spezifiziert. In diesem Zusammenhang können die beschriebenen Forschungs- und Entwicklungsarbeiten einen Beitrag zur Standardisierung von Lösungen zum Schutz vor DoS- und DDoS-Angriffen in IMS-Netzwerken leisten. Der hier beschriebene Ansatz basiert auf der Entwicklung eines (stateful / stateless) Systems zur Erkennung und Verhinderung von Einbruchsversuchen (Intrusion Detection and Prevention System). Aus Entwicklungssicht wurde das IDP in zwei Module aufgeteilt: Das erste Modul beinhaltet die Basisfunktionen des IDP, die sich auf Flooding-Angriffe auf das IMS und ihre Kompensation richten. Ihr Ziel ist es, das IMS-Core-Netzwerk und die IMS-Ressourcen vor DoS- und DDoS-Angriffen zu schützen. Das entsprechende Modul basiert auf einer Online Stateless-Detection-Methodologie und wird aktiv, sobald die CPU-Auslastung der P-CSCF (Proxy-Call State Control Function) einen vordefinierten Grenzwert erreicht oder überschreitet. Das zweite Modul (IDP-AS) hat die Aufgabe, Angriffe, die sich gegen IMS Application Server (AS) richten abzufangen. Hierbei konzentrieren sich die Maßnahmen auf den Schutz des ISC-Interfaces zwischen IMS Core und Application Servern. Das betreffende Modul realisiert eine Stateful Detection Methodologie zur Erkennung missbräuchlicher Nutzungsaktivitäten. Während der Nutzer mit dem Application Server kommuniziert, werden dabei nutzerspezifische Zustandsdaten aufgezeichnet, die zur Prüfung der Legitimität herangezogen werden. Das IDP-AS prüft alle eingehenden Requests und alle abgehenden Responses, die von IMS Application Servern stammen oder die an IMS Application Server gerichtet sind, auf ihre Zulässigkeit im Hinblick auf die definierten Attack Rules. Mit Hilfe der Kriterien Fehlerfreiheit und Processing Delay bei der Identifikation potenzieller Angriffe wird die Leistungsfähigkeit der IDP-Module bewertet. Für die entsprechenden Referenzwerte werden hierbei die Zustände Nomallast und Überlast verglichen. Falls die Leistungsfähigkeit des IDP nicht unter den Erwartungen zurückbleibt, wird ein IDP-Prototyp zur Evaluation im Open IMS Playground des Fokus Fraunhofer 3Gb-Testbeds eingesetzt, um unter realen Einsatzbedingungen z. B. in VoIP-, Videokonferenz- , IPTV-, Presence- und Push-to-Talk-Szenarien getestet werden zu können.With the emergence of mobile multimedia services, such as unified messaging, click to dial, cross network multiparty conferencing and seamless multimedia streaming services, the fixed–mobile convergence and voice–data integration has started, leading to an overall Internet–Telecommunications merger. The IP Multimedia Subsystem (IMS) is considered as the next generation service delivery platform in the converged communication world. It consists of modular design with open interfaces and enables the flexibility for providing multimedia services over IP technology. In parallel this open based emerging technology has security challenges from multiple communication platforms and protocols like IP, Session Initiation Protocol (SIP) and Real-time Transport Protocol (RTP). The objective of Secure Service Provisioning (SSP) Framework is to cram the potential attacks and security threats to IP Multimedia Subsystem (IMS) and to explore security solutions developed by IETF, 3GPP and TISPAN. This research work incorporates these solutions into SSP Framework to secure IMS and next generation Service Delivery Platform (SDP). We define this part as level 1 security protection which includes user and network authentication, authorization to access multimedia services, providing confidentiality and integrity protection etc. against eavesdropping, session hijacking and man-in-the middle attacks etc. In the next step, we have investigated the limitations and improvements to level 1 security and proposed the enhancement and extension as level 2 security by developing Intrusion Detection and Prevention (IDP) system against Denial-of-Service (DoS)/Distributed DoS (DDoS) flooding attacks, misuses and frauds in IMS-based networks. These security threats recently have been identified by 3GPP and TISPAN but no solution is recommended and developed. Therefore our solution may be considered as recommendation in future. Our approach based on developing both stateless and stateful intrusion detection and prevention system. From development point of view, we have divided the work into two modules: the first module is IDP-Core; addressing and mitigating the flooding attacks in IMS core. Its objective is to protect the IMS resources and IMS-core entities from DoS/DDoS flooding attacks. This module based on online stateless detection methodology and activates when CPU processing load of P-CSCF (Proxy-Call State Control Function) reaches or crosses the defined threshold limit. The second module is IDP-AS; addressing and mitigating the misuse attacks facing to IMS Application Servers (AS). Its focus is to secure the ISC interface between IMS Core and Application Servers. This module is based on stateful misuse detection methodology by creating and comparing user state (partner) when he/she is communicating with application server to check whether user is performing legitimate or illegitimate action with attacks rules. The IDP-AS also compared the incoming request and outgoing response to and from IMS Application Servers with the defined attacks rules. In the performance analysis, the processing delay and attacks detection accuracy of both Intrusion Detection and Prevention (IDP) modules have been measured at Fraunhofer FOKUS IMS Testbed which is developed for research purpose. The performance evaluation based on normal and overload conditions scenarios. The results showed that the processing delay introduced by both IDP modules satisfied the standard requirements and did not cause retransmission of SIP REGISTER and INVITE requests. The developed prototype is under testing phase at Fraunhofer FOKUS 3Gb Testbed for evaluation in real world communication scenarios like VoIP, video conferencing, IPTV, presence, push-to-talk etc
A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions
One of the significant challenges that smart grid networks face is
cyber-security. Several studies have been conducted to highlight those security
challenges. However, the majority of these surveys classify attacks based on
the security requirements, confidentiality, integrity, and availability,
without taking into consideration the accountability requirement. In addition,
some of these surveys focused on the Transmission Control Protocol/Internet
Protocol (TCP/IP) model, which does not differentiate between the application,
session, and presentation and the data link and physical layers of the Open
System Interconnection (OSI) model. In this survey paper, we provide a
classification of attacks based on the OSI model and discuss in more detail the
cyber-attacks that can target the different layers of smart grid networks
communication. We also propose new classifications for the detection and
countermeasure techniques and describe existing techniques under each category.
Finally, we discuss challenges and future research directions
Comparative Analysis Based on Survey of DDOS Attacks’ Detection Techniques at Transport, Network, and Application Layers
Distributed Denial of Service (DDOS) is one of the most prevalent attacks and can be executed in diverse ways using various tools and codes. This makes it very difficult for the security researchers and engineers to come up with a rigorous and efficient security methodology. Even with thorough research, analysis, real time implementation, and application of the best mechanisms in test environments, there are various ways to exploit the smallest vulnerability within the system that gets overlooked while designing the defense mechanism. This paper presents a comprehensive survey of various methodologies implemented by researchers and engineers to detect DDOS attacks at network, transport, and application layers using comparative analysis. DDOS attacks are most prevalent on network, transport, and application layers justifying the need to focus on these three layers in the OSI model
Intelligent network intrusion detection using an evolutionary computation approach
With the enormous growth of users\u27 reliance on the Internet, the need for secure and reliable computer networks also increases. Availability of effective automatic tools for carrying out different types of network attacks raises the need for effective intrusion detection systems.
Generally, a comprehensive defence mechanism consists of three phases, namely, preparation, detection and reaction. In the preparation phase, network administrators aim to find and fix security vulnerabilities (e.g., insecure protocol and vulnerable computer systems or firewalls), that can be exploited to launch attacks. Although the preparation phase increases the level of security in a network, this will never completely remove the threat of network attacks. A good security mechanism requires an Intrusion Detection System (IDS) in order to monitor security breaches when the prevention schemes in the preparation phase are bypassed. To be able to react to network attacks as fast as possible, an automatic detection system is of paramount importance. The later an attack is detected, the less time network administrators have to update their signatures and reconfigure their detection and remediation systems. An IDS is a tool for monitoring the system with the aim of detecting and alerting intrusive activities in networks. These tools are classified into two major categories of signature-based and anomaly-based. A signature-based IDS stores the signature of known attacks in a database and discovers occurrences of attacks by monitoring and comparing each communication in the network against the database of signatures. On the other hand, mechanisms that deploy anomaly detection have a model of normal behaviour of system and any significant deviation from this model is reported as anomaly.
This thesis aims at addressing the major issues in the process of developing signature based IDSs. These are: i) their dependency on experts to create signatures, ii) the complexity of their models, iii) the inflexibility of their models, and iv) their inability to adapt to the changes in the real environment and detect new attacks. To meet the requirements of a good IDS, computational intelligence methods have attracted considerable interest from the research community.
This thesis explores a solution to automatically generate compact rulesets for network intrusion detection utilising evolutionary computation techniques. The proposed framework is called ESR-NID (Evolving Statistical Rulesets for Network Intrusion Detection). Using an interval-based structure, this method can be deployed for any continuous-valued input data. Therefore, by choosing appropriate statistical measures (i.e. continuous-valued features) of network trafc as the input to ESRNID, it can effectively detect varied types of attacks since it is not dependent on the signatures of network packets.
In ESR-NID, several innovations in the genetic algorithm were developed to keep the ruleset small. A two-stage evaluation component in the evolutionary process takes the cooperation of rules into consideration and results into very compact, easily understood rulesets. The effectiveness of this approach is evaluated against several sources of data for both detection of normal and abnormal behaviour. The results are found to be comparable to those achieved using other machine learning methods from both categories of GA-based and non-GA-based methods. One of the significant advantages of ESR-NIS is that it can be tailored to specific problem domains and the characteristics of the dataset by the use of different fitness and performance functions. This makes the system a more flexible model compared to other learning techniques. Additionally, an IDS must adapt itself to the changing environment with the least amount of configurations. ESR-NID uses an incremental learning approach as new flow of traffic become available. The incremental learning approach benefits from less required storage because it only keeps the generated rules in its database. This is in contrast to the infinitely growing size of repository of raw training data required for traditional learning
Securing the Edges of IoT Networks: a Scalable SIP DDoS Defense Framework with VNF, SDN, and Blockchain
An unintended consequence of the global deployment of IoT devices is that they provide a fertile breeding ground for IoT botnets. An adversary can take advantage of an IoT botnet to launch DDoS attacks against telecommunication services. Due to the magnitude of such an attack, legacy security systems are not able to provide adequate protection. The impact ranges from loss of revenue for businesses to endangering public safety.
This risk has prompted academia, government, and industry to reevaluate the existing de- fence model. The current model relies on point solutions and the assumption that adversaries and their attacks are readily identifiable. But adversaries have challenged this assumption, building a botnet from thousands of hijacked IoT devices to launch DDoS attacks. With bot- net DDoS attacks there are no clear boundary where the attacks originate and what defensive measures to use.
The research question is: in what ways programmable networks could defend against Session Initiation Protocol (SIP) Distributed Denial-of-Service (DDoS) flooding attacks from IoT botnets? My significant and original contribution to the knowledge is a scalable and collaborative defence framework that secures the edges of IoT networks with Virtual Network Function (VNF), Software-Defined Networking (SDN), and Blockchain technology to prevent, detect, and mitigate SIP DDoS flooding attacks from IoT botnets.
Successful experiments were performed using VNF, SDN, and Blockchain. Three kinds of SIP attacks (scan, brute force, and DDoS) were launched against a VNF running on a virtual switch and each was successfully detected and mitigated. The SDN controller gathers threat intelligence from the switch where the attacks originate and installs them as packet filtering rules on all switches in the organisation. With the switches synchronised, the same botnet outbreak is prevented from attacking other parts of the organisation. A distributed application scales this framework further by writing the threat intelligence to a smart contract on the Ethereum Blockchain so that it is available for external organisations. The receiving organisation retrieves the threat intelligence from the smart contract and installs them as packet filtering rules on their switches. In this collaborative framework, attack detection/mitigation efforts by one organisation can be leveraged as attack prevention efforts by other organisations in the community
Applied Metaheuristic Computing
For decades, Applied Metaheuristic Computing (AMC) has been a prevailing optimization technique for tackling perplexing engineering and business problems, such as scheduling, routing, ordering, bin packing, assignment, facility layout planning, among others. This is partly because the classic exact methods are constrained with prior assumptions, and partly due to the heuristics being problem-dependent and lacking generalization. AMC, on the contrary, guides the course of low-level heuristics to search beyond the local optimality, which impairs the capability of traditional computation methods. This topic series has collected quality papers proposing cutting-edge methodology and innovative applications which drive the advances of AMC
- …