Secure Cloud Controlled Software Defined Radio Network For Bandwidth Allocation

The purpose of this research is to investigate the impact of mobility of wireless devices for opportunistic spectrum access and communications using National Instrument Universal Software Radio Peripherals devices. The overall system utilizes software defined radio networks for frequency allocation, cloud connectivity to maintain up-to-date information, and moving target defense as a security mechanism. Each USRP device sends its geolocation to query the spectrum database for idle channels. The cloud cluster was designed for complex data storage and allocation using a smart load balancer to offer ultra-security to users. This project also explores the advantages of data protection and security through moving target defense. To achieve this, the system would use an array of antennas to split the data into different parts and transmit them across separate antennas. This research provides the design to each of the mentioned projects for the implementation of a fully developed system

Detailed Review on The Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks in Software Defined Networks (SDNs) and Defense Strategies

The development of Software Defined Networking (SDN) has altered the landscape of computer networking in recent years. Its scalable architecture has become a blueprint for the design of several advanced future networks. To achieve improve and efficient monitoring, control and management capabilities of the network, software defined networks differentiate or decouple the control logic from the data forwarding plane. As a result, logical control is centralized solely in the controller. Due to the centralized nature, SDNs are exposed to several vulnerabilities such as Spoofing, Flooding, and primarily Denial of Service (DoS) and Distributed Denial of Service (DDoS) among other attacks. In effect, the performance of SDN degrades based on these attacks. This paper presents a comprehensive review of several DoS and DDoS defense/mitigation strategies and classifies them into distinct classes with regards to the methodologies employed. Furthermore, suggestions were made to enhance current mitigation strategies accordingly

Edge Learning for 6G-enabled Internet of Things: A Comprehensive Survey of Vulnerabilities, Datasets, and Defenses

The ongoing deployment of the fifth generation (5G) wireless networks constantly reveals limitations concerning its original concept as a key driver of Internet of Everything (IoE) applications. These 5G challenges are behind worldwide efforts to enable future networks, such as sixth generation (6G) networks, to efficiently support sophisticated applications ranging from autonomous driving capabilities to the Metaverse. Edge learning is a new and powerful approach to training models across distributed clients while protecting the privacy of their data. This approach is expected to be embedded within future network infrastructures, including 6G, to solve challenging problems such as resource management and behavior prediction. This survey article provides a holistic review of the most recent research focused on edge learning vulnerabilities and defenses for 6G-enabled IoT. We summarize the existing surveys on machine learning for 6G IoT security and machine learning-associated threats in three different learning modes: centralized, federated, and distributed. Then, we provide an overview of enabling emerging technologies for 6G IoT intelligence. Moreover, we provide a holistic survey of existing research on attacks against machine learning and classify threat models into eight categories, including backdoor attacks, adversarial examples, combined attacks, poisoning attacks, Sybil attacks, byzantine attacks, inference attacks, and dropping attacks. In addition, we provide a comprehensive and detailed taxonomy and a side-by-side comparison of the state-of-the-art defense methods against edge learning vulnerabilities. Finally, as new attacks and defense technologies are realized, new research and future overall prospects for 6G-enabled IoT are discussed

Mecanismos dinâmicos de segurança para redes softwarizadas e virtualizadas

The relationship between attackers and defenders has traditionally been asymmetric, with attackers having time as an upper hand to devise an exploit that compromises the defender. The push towards the Cloudification of the world makes matters more challenging, as it lowers the cost of an attack, with a de facto standardization on a set of protocols. The discovery of a vulnerability now has a broader impact on various verticals (business use cases), while previously, some were in a segregated protocol stack requiring independent vulnerability research. Furthermore, defining a perimeter within a cloudified system is non-trivial, whereas before, the dedicated equipment already created a perimeter. This proposal takes the newer technologies of network softwarization and virtualization, both Cloud-enablers, to create new dynamic security mechanisms that address this asymmetric relationship using novel Moving Target Defense (MTD) approaches. The effective use of the exploration space, combined with the reconfiguration capabilities of frameworks like Network Function Virtualization (NFV) and Management and Orchestration (MANO), should allow for adjusting defense levels dynamically to achieve the required security as defined by the currently acceptable risk. The optimization tasks and integration tasks of this thesis explore these concepts. Furthermore, the proposed novel mechanisms were evaluated in real-world use cases, such as 5G networks or other Network Slicing enabled infrastructures.A relação entre atacantes e defensores tem sido tradicionalmente assimétrica, com os atacantes a terem o tempo como vantagem para conceberem uma exploração que comprometa o defensor. O impulso para a Cloudificação do mundo torna a situação mais desafiante, pois reduz o custo de um ataque, com uma padronização de facto sobre um conjunto de protocolos. A descoberta de uma vulnerabilidade tem agora um impacto mais amplo em várias verticais (casos de uso empresarial), enquanto anteriormente, alguns estavam numa pilha de protocolos segregados que exigiam uma investigação independente das suas vulnerabilidades. Além disso, a definição de um perímetro dentro de um sistema Cloud não é trivial, enquanto antes, o equipamento dedicado já criava um perímetro. Esta proposta toma as mais recentes tecnologias de softwarização e virtualização da rede, ambas facilitadoras da Cloud, para criar novos mecanismos dinâmicos de segurança que incidem sobre esta relação assimétrica utilizando novas abordagens de Moving Target Defense (MTD). A utilização eficaz do espaço de exploração, combinada com as capacidades de reconfiguração de frameworks como Network Function Virtualization (NFV) e Management and Orchestration (MANO), deverá permitir ajustar dinamicamente os níveis de defesa para alcançar a segurança necessária, tal como definida pelo risco actualmente aceitável. As tarefas de optimização e de integração desta tese exploram estes conceitos. Além disso, os novos mecanismos propostos foram avaliados em casos de utilização no mundo real, tais como redes 5G ou outras infraestruturas de Network Slicing.Programa Doutoral em Engenharia Informátic

ESTABLISHING A STANDARD SCIENTIFIC GUIDELINE FOR THE EVALUATION AND ADOPTION OF MULTI-TENANT DATABASE

A thesis submitted in partial fulfilment of the requirements of the University of Wolverhampton for the degree of Doctor of Philosophy.A Multi-tenant database (MTD) is a way of deploying a Database as a Service (DaaS). A multi-tenant database refers to a principle where a single instance of a Database Management System (DBMS) runs on a server, serving multiple clients organisations (tenants). This technology has helped to discard the large-scale investments in hardware and software resources, in upgrading them regularly and in expensive licences of application software used on in-house hosted database systems. This is gaining momentum with significant increase in the number of organisations ready to take advantage of the technology. The benefits of MTD are potentially enormous but for any organisation to venture into its adoption, there are some salient factors which must be well understood and examined before venturing into the concept. This research examines these factors, different models of MTD, consider the requirements and challenges of implementing MTDs. Investigation of the degree of impact each of these factors has on the adoption of MTD is conducted in this research which focused mainly on public organisations. The methodology adopted in undertaking this study is a mixed method which involved both qualitative and quantitative research approaches. These strategies are used here to cover statistics (quantifiable data) and experts’ knowledge and experiences (abstract data) in order to satisfactorily achieve the aim and objectives and complete the research. Following the involvement of these strategies, a framework was developed and further refined after a second survey was carried out with a quantitative approach. This framework will help prospective tenants to make informed decisions about the adoption of the concept. The research also considers the direction of decisions about MTDs in situations where two or more factors are combined. A new MTD framework is presented that improves the decision making process of MTD adoption. Also, an Expert System (ES) is developed from the framework which was validated via a survey and analysed with the aid of SPSS software. The findings from the validation indicated that the framework is valuable and suitable for use in practice since majority of respondents accepted the research findings and recommendations for success. Likewise, the ES was validated with majority of participants accepting it and embracing the high level of its friendliness

Building an Emulation Environment for Cyber Security Analyses of Complex Networked Systems

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly growing, and the testing and experimentation of cyber defense solutions requires the availability of separate, test environments that best emulate the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, thus enabling the study of cyber defense strategies under real and controllable traffic and attack scenarios. In this paper, we propose a methodology that makes use of a combination of techniques of network and security assessment, and the use of cloud technologies to build an emulation environment with adjustable degree of affinity with respect to actual reference networks or planned systems. As a byproduct, starting from a specific study case, we collected a dataset consisting of complete network traces comprising benign and malicious traffic, which is feature-rich and publicly available