Enabling an Anatomic View to Investigate Honeypot Systems: A Survey

A honeypot is a type of security facility deliberately created to be probed, attacked, and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behavior of attackers, and in particular, unknown attacks. For the past 17 years plenty of effort has been invested in the research and development of honeypot techniques, and they have evolved to be an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying a wide set of honeypots, the two essential elements of honeypots—the decoy and the captor—are captured and presented, together with two abstract organizational forms—independent and cooperative—where these two elements can be integrated. A novel decoy and captor (D-C) based taxonomy is proposed for the purpose of studying and classifying the various honeypot techniques. An extensive set of independent and cooperative honeypot projects and research that cover these techniques is surveyed under the taxonomy framework. Furthermore, two subsets of features from the taxonomy are identified, which can greatly influence the honeypot performances. These two subsets of features are applied to a number of typical independent and cooperative honeypots separately in order to validate the taxonomy and predict the honeypot development trends

A situational awareness model for data analysis on 5G mobile networks : the SELFNET analyzer framework

Tesis inédita de la Universidad Complutense de Madrid, Facultad de Informática, Departamento de Ingeniería del Software e Inteligencia Artificial, leída el 14-07-2017Se espera que las redes 5G provean un entorno seguro, con able y de alto rendimiento con interrupciones m nimas en la provisi on de servicios avanzados de red, sin importar la localizaci on del dispositivo o cuando el servicio es requerido. Esta nueva generaci on de red ser a capaz de proporcionar altas velocidades, baja latencia y mejor Calidad de Servicio (QoS) comparado con las redes actuales Long Term Evolution (LTE). Para proveer estas capacidades, 5G propone la combinaci on de tecnolog as avanzadas tales como Redes De nidas por Software (SDN), Virtualizaci on de las Funciones de Red (NFV), Redes auto-organizadas (SON) e Inteligencia Arti cial. De manera especial, 5G ser a capaz de solucionar o mitigar cambios inesperados o problemas t picos de red a trav es de la identi caci on de situaciones espec cas, tomando en cuenta las necesidades del usuario y los Acuerdos de Nivel de Servicio (SLAs). Actualmente, los principales operadores de red y la comunidad cient ca se encuentran trabajando en estrategias para facilitar el an alisis de datos y el proceso de toma de decisiones cuando eventos espec cos comprometen la salud de las redes 5G. Al mismo tiempo, el concepto de Conciencia Situacional (SA) y los modelos de gesti on de incidencias aplicados a redes 5G est an en etapa temprana de desarrollo. La idea principal detr as de estos conceptos es prevenir o mitigar situaciones nocivas de manera reactiva y proactiva. En este contexto, el proyecto Self-Organized Network Management in Virtualized and Software De ned Networks (SELFNET) combina los conceptos de SDN, NFV and SON para proveer un marco de gesti on aut onomo e inteligente para redes 5G. SELFNET resuelve problemas comunes de red, mientras mejora la calidad de servicio (QoS) y la Calidad de Experiencia (QoE) de los usuarios nales...5G networks hope to provide a secure, reliable and high-performance environment with minimal disruptions in the provisioning of advanced network services, regardless the device location or when the service is required. This new network generation will be able to deliver ultra-high capacity, low latency and better Quality of Service (QoS) compared with current Long Term Evolution (LTE) networks. In order to provide these capabilities, 5G proposes the combination of advanced technologies such as Software De ned Networking (SDN), Network Function Virtualization (NFV), Self-organized Networks (SON) or Arti cial Intelligence. In particular, 5G will be able to face unexpected changes or network problems through the identi cation of speci c situations, taking into account the user needs and the Service Level Agreements (SLAs). Nowadays, the main telecommunication operators and community research are working in strategies to facilitate the data analysis and decision-making process when unexpected events compromise the health in 5G Networks. Meanwhile, the concept of Situational Awareness (SA) and incident management models applied to 5G Networks are also in an early stage. The key idea behind these concepts is to mitigate or prevent harmful situations in a reactive and proactive way. In this context, Self-Organized Network Management in Virtualized and Software De ned Networks Project (SELFNET) combines SDN, NFV and SON concepts to provide a smart autonomic management framework for 5G networks. SELFNET resolves common network problems, while improving the QoS and Quality of Experience (QoE) of end users...Depto. de Ingeniería de Software e Inteligencia Artificial (ISIA)Fac. de InformáticaTRUEunpu

Toward Software-Defined Networking-Based IoT Frameworks: A Systematic Literature Review, Taxonomy, Open Challenges and Prospects

Internet of Things (IoT) is characterized as one of the leading actors for the next evolutionary stage in the computing world. IoT-based applications have already produced a plethora of novel services and are improving the living standard by enabling innovative and smart solutions. However, along with its rapid adoption, IoT technology also creates complex challenges regarding the management of IoT networks due to its resource limitations (computational power, energy, and security). Hence, it is urgently needed to refine the IoT-based application’s architectures to robustly manage the overall IoT infrastructure. Software-defined networking (SDN) has emerged as a paradigm that offers software-based controllers to manage hardware infrastructure and traffic flow on a network effectively. SDN architecture has the potential to provide efficient and reliable IoT network management. This research provides a comprehensive survey investigating the published studies on SDN-based frameworks to address IoT management issues in the dimensions of fault tolerance, energy management, scalability, load balancing, and security service provisioning within the IoT networks. We conducted a Systematic Literature Review (SLR) on the research studies (published from 2010 to 2022) focusing on SDN-based IoT management frameworks. We provide an extensive discussion on various aspects of SDN-based IoT solutions and architectures. We elaborate a taxonomy of the existing SDN-based IoT frameworks and solutions by classifying them into categories such as network function virtualization, middleware, OpenFlow adaptation, and blockchain-based management. We present the research gaps by identifying and analyzing the key architectural requirements and management issues in IoT infrastructures. Finally, we highlight various challenges and a range of promising opportunities for future research to provide a roadmap for addressing the weaknesses and identifying the benefits from the potentials offered by SDN-based IoT solutions

Flow Delegation: Flow Table Capacity Bottleneck Mitigation for Software-defined Networks

This dissertation introduces flow delegation, a novel concept to deal with flow table capacity bottlenecks in Software-defined Networks (SDNs). Such bottlenecks occur when SDN switches provide insufficient flow table capacity which can lead to performance degradation and/or network failures. Flow delegation addresses this well-known problem by automatically relocating flow rules from a bottlenecked switch to neighboring switches with spare capacity. Different from existing work, this new approach can be used on-demand in a transparent fashion, i.e., without changes to the network applications or other parts of the infrastructure. The thesis presents a system design and architecture capable of dealing with the numerous practical challenges associated with flow delegation, introduces suitable algorithms to efficiently mitigate bottlenecks taking future knowledge and multiple objectives into account and studies feasibility, performance, overhead, and scalability of the new approach covering different scenarios

Journal of Telecommunications and Information Technology, 2017, nr 1

kwartalni