4,993 research outputs found
Know Your Enemy: Stealth Configuration-Information Gathering in SDN
Software Defined Networking (SDN) is a network architecture that aims at
providing high flexibility through the separation of the network logic from the
forwarding functions. The industry has already widely adopted SDN and
researchers thoroughly analyzed its vulnerabilities, proposing solutions to
improve its security. However, we believe important security aspects of SDN are
still left uninvestigated. In this paper, we raise the concern of the
possibility for an attacker to obtain knowledge about an SDN network. In
particular, we introduce a novel attack, named Know Your Enemy (KYE), by means
of which an attacker can gather vital information about the configuration of
the network. This information ranges from the configuration of security tools,
such as attack detection thresholds for network scanning, to general network
policies like QoS and network virtualization. Additionally, we show that an
attacker can perform a KYE attack in a stealthy fashion, i.e., without the risk
of being detected. We underline that the vulnerability exploited by the KYE
attack is proper of SDN and is not present in legacy networks. To address the
KYE attack, we also propose an active defense countermeasure based on network
flows obfuscation, which considerably increases the complexity for a successful
attack. Our solution offers provable security guarantees that can be tailored
to the needs of the specific network under consideratio
Finding any Waldo: zero-shot invariant and efficient visual search
Searching for a target object in a cluttered scene constitutes a fundamental
challenge in daily vision. Visual search must be selective enough to
discriminate the target from distractors, invariant to changes in the
appearance of the target, efficient to avoid exhaustive exploration of the
image, and must generalize to locate novel target objects with zero-shot
training. Previous work has focused on searching for perfect matches of a
target after extensive category-specific training. Here we show for the first
time that humans can efficiently and invariantly search for natural objects in
complex scenes. To gain insight into the mechanisms that guide visual search,
we propose a biologically inspired computational model that can locate targets
without exhaustive sampling and generalize to novel objects. The model provides
an approximation to the mechanisms integrating bottom-up and top-down signals
during search in natural scenes.Comment: Number of figures: 6 Number of supplementary figures: 1
The case for absolute ligand discrimination : modeling information processing and decision by immune T cells
Some cells have to take decision based on the quality of surroundings
ligands, almost irrespective of their quantity, a problem we name "absolute
discrimination". An example of absolute discrimination is recognition of
not-self by immune T Cells. We show how the problem of absolute discrimination
can be solved by a process called "adaptive sorting". We review several
implementations of adaptive sorting, as well as its generic properties such as
antagonism. We show how kinetic proofreading with negative feedback implements
an approximate version of adaptive sorting in the immune context. Finally, we
revisit the decision problem at the cell population level, showing how
phenotypic variability and feedbacks between population and single cells are
crucial for proper decision
Detection of Distributed Denial of Service Attacks Carried Out by Botnets in Software-Defined Networks
Recent years witnessed a surge in network traffic due to the emergence of new
online services, causing periodic saturation and complexity problems.
Additionally, the growing number of IoT devices further compounds the problem.
Software Defined Network (SDN) is a new architecture which offers innovative
advantages that help to reduce saturation problems. Despite its benefits, SDNs
not only can be affected by traditional attacks but also introduce new security
challenges. In this context, Distributed Denial of Service (DDoS) is one of the
most important attacks that can damage an SDN network's normal operation.
Furthermore, if these attacks are executed using botnets, they can use
thousands of compromised devices to disrupt critical online services. This
paper proposes a framework for detecting DDoS attacks generated by a group of
botnets in an SDN network. The framework is implemented using open-source tools
such as Mininet and OpenDaylight and tested in a centralized network topology
using BYOB and SNORT. The results demonstrate real-time attack identification
by implementing an intrusion detection mechanism in the victim client. Our
proposed solution offers quick and effective detection of DDoS attacks in SDN
networks. The framework can successfully differentiate the type of attack with
high accuracy in a short tim
The cognitive neuroscience of visual working memory
Visual working memory allows us to temporarily maintain and manipulate visual information in order to solve a task. The study of the brain mechanisms underlying this function began more than half a century ago, with Scoville and Milner’s (1957) seminal discoveries with amnesic patients. This timely collection of papers brings together diverse perspectives on the cognitive neuroscience of visual working memory from multiple fields that have traditionally been fairly disjointed: human neuroimaging, electrophysiological, behavioural and animal lesion studies, investigating both the developing and the adult brain
Interactive visualization of event logs for cybersecurity
Hidden cyber threats revealed with new visualization software Eventpa
- …