58,613 research outputs found
Network security
In a variety of settings, some payoff-relevant item spreads along a network of connected individuals. In some cases, the item will benefit those who receive it (for example, a music download, a stock tip, news about a new research funding source, etc.) while in other cases the impact may be negative (for example, viruses, both biological and electronic, financial contagion, and so on). Often, good and bad items may propagate along the same networks, so individuals must weigh the costs and benefits of being more or less connected to the network. The situation becomes more complicated (and more interesting) if individuals can also put effort into security, where security can be thought of as a screening technology that allows an individual to keep getting the benefits of network connectivity while blocking out the bad items. Drawing on the network literatures in economics, epidemiology, and applied math, we formulate a model of network security that can be used to study individual incentives to expand and secure networks and characterize properties of a symmetric equilibrium.social networks; network security; network robustness; contagion; random graphs
Biometrics and Network Security
This paper examines the techniques used in the two categories of biometric techniques (physiological and behavioral) and considers some of the applications for biometric technologies. Common physiological biometrics include finger characteristics (fingertip [fingerprint], thumb, finger length or pattern), palm (print or topography), hand geometry, wrist vein, face, and eye (retina or iris). Behavioral biometrics include voiceprints, keystroke dynamics, and handwritten signatures
Wireless Lan Network Security Method Wep (Wired Equivalent Privacy)
Scientific writing is about the WEP configuration on the WLAN network with RC4 encryption. The problem that arises is related aspects network security threats, strategic security and confidentiality of data in the network computer, the definition of encryption, definition kriptography algorithm, and algorithm functions
Learning to Customize Network Security Rules
Security is a major concern for organizations who wish to leverage cloud
computing. In order to reduce security vulnerabilities, public cloud providers
offer firewall functionalities. When properly configured, a firewall protects
cloud networks from cyber-attacks. However, proper firewall configuration
requires intimate knowledge of the protected system, high expertise and
on-going maintenance.
As a result, many organizations do not use firewalls effectively, leaving
their cloud resources vulnerable. In this paper, we present a novel supervised
learning method, and prototype, which compute recommendations for firewall
rules. Recommendations are based on sampled network traffic meta-data (NetFlow)
collected from a public cloud provider. Labels are extracted from firewall
configurations deemed to be authored by experts. NetFlow is collected from
network routers, avoiding expensive collection from cloud VMs, as well as
relieving privacy concerns.
The proposed method captures network routines and dependencies between
resources and firewall configuration. The method predicts IPs to be allowed by
the firewall. A grouping algorithm is subsequently used to generate a
manageable number of IP ranges. Each range is a parameter for a firewall rule.
We present results of experiments on real data, showing ROC AUC of 0.92,
compared to 0.58 for an unsupervised baseline. The results prove the hypothesis
that firewall rules can be automatically generated based on router data, and
that an automated method can be effective in blocking a high percentage of
malicious traffic.Comment: 5 pages, 5 figures, one tabl
Outsmarting Network Security with SDN Teleportation
Software-defined networking is considered a promising new paradigm, enabling
more reliable and formally verifiable communication networks. However, this
paper shows that the separation of the control plane from the data plane, which
lies at the heart of Software-Defined Networks (SDNs), introduces a new
vulnerability which we call \emph{teleportation}. An attacker (e.g., a
malicious switch in the data plane or a host connected to the network) can use
teleportation to transmit information via the control plane and bypass critical
network functions in the data plane (e.g., a firewall), and to violate security
policies as well as logical and even physical separations. This paper
characterizes the design space for teleportation attacks theoretically, and
then identifies four different teleportation techniques. We demonstrate and
discuss how these techniques can be exploited for different attacks (e.g.,
exfiltrating confidential data at high rates), and also initiate the discussion
of possible countermeasures. Generally, and given today's trend toward more
intent-based networking, we believe that our findings are relevant beyond the
use cases considered in this paper.Comment: Accepted in EuroSP'1
- …