6,608 research outputs found
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
APHRODITE: an Anomaly-based Architecture for False Positive Reduction
We present APHRODITE, an architecture designed to reduce false positives in
network intrusion detection systems. APHRODITE works by detecting anomalies in
the output traffic, and by correlating them with the alerts raised by the NIDS
working on the input traffic. Benchmarks show a substantial reduction of false
positives and that APHRODITE is effective also after a "quick setup", i.e. in
the realistic case in which it has not been "trained" and set up optimall
DoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms - A Survey
Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks are typically explicit attempts to exhaust victim2019;s bandwidth or disrupt legitimate users2019; access to services. Traditional architecture of internet is vulnerable to DDoS attacks and it provides an opportunity to an attacker to gain access to a large number of compromised computers by exploiting their vulnerabilities to set up attack networks or Botnets. Once attack network or Botnet has been set up, an attacker invokes a large-scale, coordinated attack against one or more targets. Asa result of the continuous evolution of new attacks and ever-increasing range of vulnerable hosts on the internet, many DDoS attack Detection, Prevention and Traceback mechanisms have been proposed, In this paper, we tend to surveyed different types of attacks and techniques of DDoS attacks and their countermeasures. The significance of this paper is that the coverage of many aspects of countering DDoS attacks including detection, defence and mitigation, traceback approaches, open issues and research challenges
SecMon: End-to-End Quality and Security Monitoring System
The Voice over Internet Protocol (VoIP) is becoming a more available and
popular way of communicating for Internet users. This also applies to
Peer-to-Peer (P2P) systems and merging these two have already proven to be
successful (e.g. Skype). Even the existing standards of VoIP provide an
assurance of security and Quality of Service (QoS), however, these features are
usually optional and supported by limited number of implementations. As a
result, the lack of mandatory and widely applicable QoS and security guaranties
makes the contemporary VoIP systems vulnerable to attacks and network
disturbances. In this paper we are facing these issues and propose the SecMon
system, which simultaneously provides a lightweight security mechanism and
improves quality parameters of the call. SecMon is intended specially for VoIP
service over P2P networks and its main advantage is that it provides
authentication, data integrity services, adaptive QoS and (D)DoS attack
detection. Moreover, the SecMon approach represents a low-bandwidth consumption
solution that is transparent to the users and possesses a self-organizing
capability. The above-mentioned features are accomplished mainly by utilizing
two information hiding techniques: digital audio watermarking and network
steganography. These techniques are used to create covert channels that serve
as transport channels for lightweight QoS measurement's results. Furthermore,
these metrics are aggregated in a reputation system that enables best route
path selection in the P2P network. The reputation system helps also to mitigate
(D)DoS attacks, maximize performance and increase transmission efficiency in
the network.Comment: Paper was presented at 7th international conference IBIZA 2008: On
Computer Science - Research And Applications, Poland, Kazimierz Dolny
31.01-2.02 2008; 14 pages, 5 figure
A novel algorithm for software defined networks model to enhance the quality of services and scalability in wireless network
Software defined networks (SDN) have replaced the traditional network architecture by separating the control from forwarding planes. SDN technology utilizes computer resources to provide worldwide effective service than the aggregation of single internet resources usage. Breakdown while resource allocation is a major concern in cloud computing due to the diverse and highly complex architecture of resources. These resources breakdowns cause delays in job completion and have a negative influence on attaining quality of service (QoS). In order to promote error-free task scheduling, this study represents a promising fault-tolerance scheduling technique. For optimum QoS, the suggested restricted Boltzmann machine (RBM) approach takes into account the most important characteristics like current consumption of the resources and rate of failure. The proposed approach's efficiency is verified using the MATLAB toolbox by employing widely used measures such as resource consumption, average processing time, throughput and rate of success
- …