An improved port knocking authentication framework for mobile cloud computing

The latest developments in mobile cloud computing (MCC) have changed user's priorities for computing. However, the change towards MCC brings new challenges to cloud service providers and administrators. Authentication is one among the challenges categorized in the classification of security issues for MCC. Port knocking authentication method eliminates user's collaboration during the authentication process. Thus, such technique has the potential to be applied on the MCC environment which can ensure reliable communication. However, current port knocking authentication techniques lack of addressing the issue of knock-sequence length. It is challenging to deploy appropriate length sequence for port knocking authentication for the reason that shorter length knock sequence degrades security, whereas, deploying longer length sequence involves performance issues in terms of time and buffer management. This paper proposes a dynamic length port knocking authentication framework which addresses the issue of security degradation and optimizes performance in terms of time up and buffer managment. We employ MikroTik RouterOS for the evaluation of the proposed technique. Analysis of the results shows that dynamic length port knocking authentication technique improves performance in terms of time up to 23% and buffer management up to 28% by reducing the imposed load. Furthermore, by deploying dynamic length (DL) and pool of length (PoL), the proposed method reveals high security, which decreases the probability of hacking knock-sequence near to zero for a number of parallel authentication requests. Hence, dynamic length port knocking authentication technique provides an optimal solution for reliable communication in MCC

Hybrid Spread-Spectrum TCP for Combating Fraudulent Cyber Activities against Reconnaissance Attacks

The inefficiencies of current intrusion detection system against fraudulent cyber activities attracts the attention of computer gurus, also known as “hackers” to exploit known weakness on a particular host or network. These hackers are expert programmers who mainly focus on how the Internet works, and they interact with each other to know its strengths and weaknesses. Then they develop advanced tools which an average attacker with little background can use to know the liveness, reachability and running service on the network. Once an attacker identifies these details, he can accurately launch an effective attack and get maximum benefit out of it with less probability of attack detection. In this paper, a system that opens ports on a firewall by generating a connection attempt on a set of pre-specified closed ports is established. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host that sent the connection attempts to connect over specific port(s). This conceals and protects network services which are running on the computer

A Modified Hybrid Port Knocking Technique for Host Authentication A Review

The main objective is to develop and assess the performance of a replacement PK technique, which may avert all kinds of port attacks and meets all network security necessities. Port knock is a crucial conception to secure services provided by the servers. By a predefined port knock sequence server establish whether or not the request could be a legitimate request for a service. The new technique uti lizes three acknowledge ideas, these are: port - knocking (PK), steganography, and mutual authentication, therefore, it mentioned because the hybrid port - knocking (HPK) technique. It are often used for host authentication to form native services invisible from port scanning, giv e an additional layer of security. During this paper presents analyzing the network sec urity concept of Port knock and assess their quality as firewall authentication mechanisms for gap network ports or activity bound actions on servers. This paper is developing and evaluating the performance of a replacement proposed modified hybrid port kn ock (MHPK) technique with proposed encryption/decryption technique. The planned technique is to stop completely different - different kinds of port attack and fulfill the complete security demand for network. Planned technique is that the combination of 4 i deas, this are port knocks (PK), symmetric key encryption/decryption, steganography and mutual authentication. Primarily it the improved modification of hybrid port knocking therefore; it observed because the modified hybrid port - knocking (MHPK) technique

Design and Build a Network Security System Using Port Knocking, DMZ and IDS Techniques at SMA Negeri 1 Warungkiara

The network security system of SMA Negeri 1 Warungkiara needs improvement to be more effective in safeguarding data integrity and confidentiality. Currently, it only relies on a filter rule security, which is not robust enough to fend off hacker attacks. Therefore, advanced security techniques such as Port Knocking, DMZ, and IDS are required. Port Knocking serves as additional authentication by accessing ports in a specific sequence to prevent unauthorized access. DMZ is used to isolate the internal network from direct attacks. IDS is used to detect suspicious activities and alert the administrator. The system was tested against various attacks such as port scanning, DDoS, and Ping of Death, and it was proven to reduce server resource usage from 34% to 6%. The test results show that this security system provides strong protection and preserves the integrity and confidentiality of data within the school network

Unified Description for Network Information Hiding Methods

Until now hiding methods in network steganography have been described in arbitrary ways, making them difficult to compare. For instance, some publications describe classical channel characteristics, such as robustness and bandwidth, while others describe the embedding of hidden information. We introduce the first unified description of hiding methods in network steganography. Our description method is based on a comprehensive analysis of the existing publications in the domain. When our description method is applied by the research community, future publications will be easier to categorize, compare and extend. Our method can also serve as a basis to evaluate the novelty of hiding methods proposed in the future.Comment: 24 pages, 7 figures, 1 table; currently under revie

Lightweight edge authentication for software defined networks

OpenFlow is considered as the most known protocol for Software Defined Networking (SDN). The main drawback of OpenFlow is the lack of support of new header definitions, which is required by network operators to apply new packet encapsulations. While SDN’s logically centralized control plane could enhance network security by providing global visibility of the network state, it still has many side effects. The intelligent controllers that orchestrate the dumb switches are overloaded and become prone to failure. Delegating some level of control logic to the edge or, to be precise, the switches can offload the controllers from local state based decisions that do not require global network wide knowledge. Thus, this paper, to the best of our knowledge, is the first to propose the delegation of typical security functions from specialized middleboxes to the data plane. We leverage the opportunities offered by programming protocol-independent packet processors (P4) language to present two authentication techniques to assure that only legitimate nodes are able to access the network. The first technique is the port knocking and the second technique is the One-Time Password. Our experimental results indicate that our proposed techniques improve the network overall availability by offloading the controller as well as reducing the traffic in the network without noticeable negative impact on switches’ performance

An authentication protocol based on chaos and zero knowledge proof

Port Knocking is a method for authenticating clients through a closed stance firewall, and authorising their requested actions, enabling severs to offer services to authenticated clients, without opening ports on the firewall. Advances in port knocking have resulted in an increase in complexity in design, preventing port knocking solutions from realising their potential. This paper proposes a novel port knocking solution, named Crucible, which is a secure method of authentication, with high usability and features of stealth, allowing servers and services to remain hidden and protected. Crucible is a stateless solution, only requiring the client memorise a command, the server's IP and a chosen password. The solution is forwarded as a method for protecting servers against attacks ranging from port scans, to zero-day exploitation. To act as a random oracle for both client and server, cryptographic hashes were generated through chaotic systems

Defensa en profundidad en sistemas de control de accesos mediante autenticación continua

La seguridad de los sistemas de información depende, en gran medida, de que el proceso de control de accesos funcione correctamente. Pero, en los modelos clásicos, la identidad del operador sólo se autentica en momentos puntuales. Tras décadas de implantación de dispositivos móviles en la sociedad [2], se encuentran presentes en prácticamente todos los procesos de negocio, pero estos activos sufren de debilidades en la gestión de su seguridad: no se ubican en perímetros de red bien definidos y bastionables, son más susceptibles de ser robados, etc.; y en un modelo clásico de control de accesos, una vez iniciada la sesión, careceríamos de medidas para combatir estas amenazas. Activar el proceso de autenticación periódicamente sería molesto y contraproducente, pero mediante biometría conductual (i.e., caracterizando la identidad de un usuario por cómo se comporta con el sistema), sí podría implementarse un sistema que validase la identidad del operador sin interferir en su sesión de trabajo: un sistema de autenticación continua. En esta tesis se aborda cómo la autenticación continua puede ayudar a mitigar los riesgos comentados, convirtiéndose en una tecnología diferenciadora al implantar medidas de defensa en profundidad en los sistemas de control de accesos. Al no existir un criterio claro para definir la autenticación continua, en primer lugar se ha desarrollado un estudio sistemático de la literatura, que permite caracterizar este área de investigación. En el segundo artículo se plantea un caso de uso, donde se refuerza la seguridad de un sistema distribuido aplicando principios de la autenticación continua; evidenciando al mismo tiempo las carencias de los sistemas dinámicos, y acotando la definición de autenticación continua. Finalmente, se estudia, experimentalmente, el rendimiento de 7 algoritmos supervisados de clasificación en el ámbito de la autenticación continua. Este estudio, junto con los resultados previos, sirve de soporte a la toma de decisiones en la implantación de la autenticación continua. Fija una base homogénea de conocimiento, que permite comparar las particularidades de estos algoritmos en el procesado de datos de biometría conductual, y discute su utilidad en función de los requisitos del sistema de control de accesos. Esta tesis evidencia que el uso de autenticación continua contribuye a la defensa en profundidad de los sistemas de control de accesos, especialmente, aunque exclusivamente, a la de aquellos con un operador cuya sesión de trabajo debe ser autenticada