Optimal Layout of Multicast Groups Using Network Embedded Multicast Security in Ad Hoc Sensor Networks

This paper considers the security of sensor network applications. Our approach creates multicast regions that use symmetric key cryptography for communications. Each multicast region contains a single keyserver that is used to perform key management and maintain the integrity of a multicast region. Communications between two multicast regions is performed by nodes that belong to both regions. To ease the network management burden, it is desirable for the networks to self-organize into regions and dynamically select their keyservers. This paper shows how to determine the number of keyservers (k) to use and the size in the number of hops (h) of their multicast regions. We find that power consumption issues provide a natural trade-off that determines optimal values for these parameters. Analysis of one application shows an increase in system security with 70-80% less power overhead than existing security approaches

GC-367 A Comparative Study of Virtual Network Architectures for Cloud Computing Environments

Virtual networks have emerged as a promising solution for creating customized network topologies that can meet the specific needs of different cloud environments. In this project, we present a comparative study of three different virtual network architectures for cloud computing environments. We compare these architectures based on a set of criteria, including performance, scalability, flexibility, and security. Our evaluation shows that all three virtual network architectures have their advantages and disadvantages. The choice of virtual network architecture depends on the specific needs and requirements of the cloud environment. Our evaluation provides insights into the trade-offs between different virtual network architectures and can inform the design and implementation of virtual networks for cloud computing environment

Optimal virtual water flows for improved food security in water-scarce countries

This is the final version. Available on open access from Nature Research via the DOI in this recordThe worsening water scarcity has imposed a significant stress on food production in many parts of the world. This stress becomes more critical when countries seek self-sufficiency. A literature review shows that food self-sufficiency has not been assessed as the main factor in determining the optimal cultivation patterns. However, food self-sufficiency is one of the main policies of these countries and requires the most attention and concentration. Previous works have focused on the virtual water trade to meet regional food demand and to calculate trade flows. The potential of the trade network can be exploited to improve the cropping pattern to ensure food and water security. To this end, and based on the research gaps mentioned, this study develops a method to link intra-country trade networks, food security, and total water footprints (WFs) to improve food security. The method is applied in Iran, a water-scarce country. The study shows that 781 × 106 m3 of water could be saved by creating a trade network. Results of the balanced trade network are input to a multi-objective optimization model to improve cropping patterns based on the objectives of achieving food security and preventing water crises. The method provides 400 management scenarios to improve cropping patterns considering 51 main crops in Iran. Results show a range of improvements in food security (19–45%) and a decrease in WFs (2–3%). The selected scenario for Iran would reduce the blue water footprint by 1207 × 106 m3, and reduce the cropland area by 19 × 103 ha. This methodology allows decision makers to develop policies that achieve food security under limited water resources in arid and semi-arid regions.Iran National Science FoundationCenter for International Scientific Studies and Collaboration (CISSC), Ministry of Science, Research and Technolog

Social Network Effects on Productivity and Job Security: Evidence From the Adoption of a Social Networking Tool

By studying the change in employees\u27 network positions before and after the introduction of a social networking tool, I find that information-rich networks (low in cohesion and rich in structural holes), enabled by social media, have a positive effect on various work outcomes. Contrary to the notion that network positions are difficult to alter, I show that social media can induce a change in network structure, one from which individuals can derive economic benefits. In addition, I consider two intermediate mechanisms by which an information-rich network is theorized to improve work performance—information diversity and social communication—and quantify their effects on productivity and job security. Analysis shows that productivity, as measured by billable revenue, is more associated with information diversity than with social communication. However, the opposite is true for job security. Social communication is more correlated with reduced layoff risks than with information diversity. This, in turn, suggests that information-rich networks enabled through the use of social media can drive both work performance and job security, but that there is a trade-off between engaging in social communication and gathering diverse information

ANEX: Automated Network Exploitation through Penetration Testing

Cyber attacks are a growing concern in our modern world, making security evaluation a critical venture. Penetration testing, the process of attempting to compromise a computer network with controlled tests, is a proven method of evaluating a system\u27s security measures. However, penetration tests, and preventive security analysis in general, require considerable investments in money, time, and labor, which can cause them to be overlooked. Alternatively, automated penetration testing programs are used to conduct a security evaluation with less user effort, lower cost, and in a shorter period of time than manual penetration tests. The trade-off is that automated penetration testing tools are not as effective as manual tests. They are not as flexible as manual testing, cannot discover every vulnerability, and can lead to a false sense of security. The development of better automated tools can help organizations quickly and frequently know the state of their security measures and can help improve the manual penetration testing process by accelerating repetitive tasks without sacrificing results. This thesis presents Automated Network Exploitation through Penetration Testing (ANEX), an automated penetration testing system designed to infiltrate a computer network and map paths from a compromised network machine to a specified target machine. Our goal is to provide an effective security evaluation solution with minimal user involvement that is easily deployable in an existing system. ANEX demonstrates that important security information can be gathered through automated tools based solely on free-to-use programs. ANEX can also enhance the manual penetration testing process by quickly accumulating information about each machine to develop more focused testing procedures. Our results show that we are able to successfully infiltrate multiple network levels and exploit machines not directly accessible to our testing machine with mixed success. Overall, our design shows the efficacy of utilizing automated and open-source tools for penetration testing

MEASURED SECURITY FEATURES IMPLEMENTATION IN CLOUD ENVIRONMENT

Cloud computing encompasses a set of IT based Services, delivered by a third party provider who owns the infrastructure and provided to customers over a network. It is now one of the fastest growing technologies of the IT trade for business. Thus the high flexibility and portability of cloud have raised numerous security concerns. Security issue in cloud computing has become the vital reason of impeding its development. This work shows a concern on the security element in cloud environment for small business addressing their shortcomings and finding solutions for it. Measured security features have been implemented by developing a secured data encryption, exchange and decryption infrastructure resulting in a data security model

Crime Scene Re-investigation: A Postmortem Analysis of Game Account Stealers' Behaviors

As item trading becomes more popular, users can change their game items or money into real money more easily. At the same time, hackers turn their eyes on stealing other users game items or money because it is much easier to earn money than traditional gold-farming by running game bots. Game companies provide various security measures to block account- theft attempts, but many security measures on the user-side are disregarded by users because of lack of usability. In this study, we propose a server-side account theft detection system base on action sequence analysis to protect game users from malicious hackers. We tested this system in the real Massively Multiplayer Online Role Playing Game (MMORPG). By analyzing users full game play log, our system can find the particular action sequences of hackers with high accuracy. Also, we can trace where the victim accounts stolen money goes.Comment: 7 pages, 8 figures, In Proceedings of the 15th Annual Workshop on Network and Systems Support for Games (NetGames 2017

Practical Provably Secure Multi-node Communication

We present a practical and provably-secure multimode communication scheme in the presence of a passive eavesdropper. The scheme is based on a random scheduling approach that hides the identity of the transmitter from the eavesdropper. This random scheduling leads to ambiguity at the eavesdropper with regard to the origin of the transmitted frame. We present the details of the technique and analyze it to quantify the secrecy-fairness-overhead trade-off. Implementation of the scheme over Crossbow Telosb motes, equipped with CC2420 radio chips, shows that the scheme can achieve significant secrecy gain with vanishing outage probability. In addition, it has significant overhead advantage over direct extensions to two-nodes schemes. The technique also has the advantage of allowing inactive nodes to leverage sleep mode to further save energy.Comment: Proceedings of the IEEE International Conference on Computing, Networking and Communications (ICNC 2014