Secure and Efficient Distributed Relay-Based Rekeying Algorithm for Group Communication in Mobile Multihop Relay Network

In mobile multihop relay (MMR) networks, Relay multicast rekeying algorithm (RMRA) is meant to ensure secure multicast communication and selective updating of keys in MMR networks. However, in RMRA, the rekeying is carried out after a specific interval of time, which cannot ensure the security for multicast communication on joining the member. Secondly, the rekeying scheme generates a huge communication overhead on the serving multihop relay base station (MR-BS) on frequent joining of members. Lastly, there is nothing about when a member left the group communication. Thus, the rekeying scheme of RMRA fails to provide forward and backward secrecy and also is not scalable. To solve this problem, an improved rekeying scheme based on broadcasting a new seed value on joining and leaving of a member for updating the ongoing key management is proposed. The proposed scheme solves the issue of forward and backward secrecy and the scalability in a very simplified way. The forward and backward secrecy of the proposed scheme has been extensively validated by formal method using rank theorem. Furthermore, mathematical derivation showed that the proposed scheme out-performed the RMRA in terms of communication cost and complexity

Real-time edge analytics and concept drift computation for efficient deep learning from spectrum data

Cloud managed wireless network resource configuration platforms are being developed for efficient network utilization. These platforms can improve their performance by utilizing real-time edge analytics of key wireless metrics, such as wireless channel utilization (CU). This paper demonstrates a real-time spectrum edge analytics system which utilizes field programmable gate array (FPGA) to process in real-time hundreds of millions of streaming inphase and quadrature (IQ) samples per second. It computes not only mean and maximum values of CU but also computes histograms to obtain probability distribution of CU values. It sends in real-time these descriptive statistics to an entity which collects these statistics and utilises them to train a deep learning model for prediction of future CU values. Even though utilization in a wireless channel can often exhibit stable seasonal patterns, they can be affected by uncertain usage events, such as sudden increase/decrease in channel usage within a certain time period. Such changes can unpredictably drift concept of CU data (underlying distribution of incoming CU data) over time. In general, concept drift can deteriorate the prediction performance of deep learning models which in turn can impact the performance of cloud managed resource allocation solution. This paper also demonstrates a real-time concept drift computation method which measures the changes in the probability distribution of CU data. Our implemented demonstration includes: 1) spectrum analytics and concept drift computation device which is realized in practical implementation by prototyping it on a low-cost ZedBoard with AD9361 RF transceiver attached to it. ZedBoard is equipped with a Xilinx Zynq-7000 system on chip; 2) a laptop which is connected to the Zedboard and it provides graphical real-time displays of computed CU values, CU histograms, and concept drift computation values. A laptop is also used to develop a deep learning based model for prediction of future CU values. For the INFOCOM we will show a live demonstration of the complete prototyped system in which the device performs real-time computations in an unlicensed frequency channel following the implemented algorithms on the FPGA of a Zedboard

Effective way to defend the hypervisor attacks in cloud computing

Nowadays, the organizations are emphasizing on the security and resilient aspect of the cloud computing to protect the privacy and confidentiality of their data information. However, the hypervisor attack remains a hot issue by the cloud user even though enormous research have accomplished to inhibit the vulnerabilities in the virtualized cloud environment.Therefore, we have proposed the Virtual Machines and Hypervisor Intrusion Detection System, VMHIDS as our technique in detecting and preventing the hypervisor attacks in the virtualized cloud environment. The VMHIDS has adopted several features from the other techniques by inspecting the tasks frequently which then prevent suspicious event occur. Through the VMHIDS, the hypervisor attack is mitigated

An inquiry into the lunar interior: A nonlinear inversion of the Apollo lunar seismic data

This study discusses in detail the inversion of the Apollo lunar seismic data and the question of how to analyze the results. The well-known problem of estimating structural parameters (seismic velocities) and other parameters crucial to an understanding of a planetary body from a set of arrival times is strongly nonlinear. Here we consider this problem from the point of view of Bayesian statistics using a Markov chain Monte Carlo method. Generally, the results seem to indicate a somewhat thinner crust with a thickness around 45 km as well as a more detailed lunar velocity structure, especially in the middle mantle, than obtained in earlier studies. Concerning the moonquake locations, the shallow moonquakes are found in the depth range 50–220 km, and the majority of deep moonquakes are concentrated in the depth range 850–1000 km, with what seems to be an apparently rather sharp lower boundary. In wanting to further analyze the outcome of the inversion for specific features in a statistical fashion, we have used credible intervals, twodimensional marginals, and Bayesian hypothesis testing. Using this form of hypothesis testing, we are able to decide between the relative importance of any two hypotheses given data, prior information, and the physical laws that govern the relationship between model and data, such as having to decide between a thin crust of 45 km and a thick crust as implied by the generally assumed value of 60 km. We obtain a Bayes factor of 4.2, implying that a thinner crust is strongly favored

Defending Malicious Script Attacks Using Machine Learning Classifiers

Theweb application has become a primary target for cyber criminals by injecting malware especially JavaScript to performmalicious activities for impersonation. Thus, it becomes an imperative to detect such malicious code in real time before any malicious activity is performed. This study proposes an efficient method of detecting previously unknown malicious java scripts using an interceptor at the client side by classifying the key features of the malicious code. Feature subset was obtained by using wrapper method for dimensionality reduction. Supervisedmachine learning classifiers were used on the dataset for achieving high accuracy. Experimental results show that our method can efficiently classify malicious code from benign code with promising results

A dynamic method of detecting malicious scripts using classifiers

Due to the increasing importance of Internet in every aspect of our life, the World Wide Web which is accessed by end users through web browsers is becoming the next platform for criminal or individual with the malicious intent to conduct malicious activities either for personal or economic gains. Malicious scripts work as a primary source of infection for malicious software or also known as malware. This paper proposes an efficient method of detecting malicious scripts by employing an interceptor on the client side by using a set of supervised and unsupervised classifiers. The proposed method will be implemented to achieve high detection rate with low false alarms and minimal performance overheads. © 2017 American Scientific Publishers All rights reserved

Preventing DoS Attacks in IoT Using AES

The Internet of Things (IoT) is significant in today’s development of mobile networks enabling to obtain information from the environment, devices, and appliances. A number of applications have been implemented in various kinds of technologies. IoT has high exposure to security attacks and threats. There are several requirements in terms of security. Confidentiality is one of the major concerns in the wireless network. Integrity and availability are key issues along with the confidentiality. This research focuses on identifying the attacks that can occur in IoT. Packet filtering and patches method were used to secure the network and mitigate mentioned attacks but these techniques are not capable of achieving security in IoT. This paper uses Advanced Encryption Standard (AES) to address these mentioned security issues. Official AES version uses the standard for secret key encryption. However, several problems and attacks still occur with the implementation of this original AES. We modified AES by adding white box and the doubling of the AES encryption. We also replaced the Substitute-Byte (S-Box) in the conventional AES with the white box. The significance of a white box is where the whole AES cipher decomposed into round functions. While doubling the process of AES gives difficulty to the attacker or malware to interrupt the network or system. From the algorithms, our proposed solutions can control DoS attack on IoT and any other miniature devices

MS-ADS: multistage spectrogram image-based anomaly detection system for IoT security.

The innovative computing idea of Internet-of-Things (IoT) architecture has gained tremendous popularity over the last decade, resulting in an exponential increase in the connected devices and the data processed in the IoT networks. Since IoT devices collect a massive amount of sensitive information exchanged over the traditional internet, security has become a prime concern due to the more frequent generation of network anomalies. A network-based anomaly detection system can provide the much-needed efficient security solution to the IoT network by detecting anomalies at the network entry points through constant traffic monitoring. Despite enormous efforts by researchers, these detection systems still suffer from lower detection accuracy in detecting anomalies and generate a high false alarm rate and false-negative rate in classifying network traffic. To this end, this paper proposes an efficient Multistage Spectrogram image-based network Anomaly Detection System (MS-ADS) using a deep convolution neural network that utilizes a short-time Fourier Transform to transform flow features into spectrogram images. The results demonstrate that the proposed method achieves high detection accuracy of 99.98% with a reduction in the false alarm rate to 0.006% in classifying network traffic. Also, the proposed scheme improves predicting the anomaly instances by 0.75% to 4.82%, comparing the benchmark methodologies to exhibit its efficiency for the IoT network. To minimize the computational and training cost for the model re-training phase, the proposed solution demonstrates that only 40500 network flows from the dataset suffice to achieve a detection accuracy of 99.5%

TPAAD: two‐phase authentication system for denial of service attack detection and mitigation using machine learning in software‐defined network.

Software-defined networking (SDN) has received considerable attention and adoption owing to its inherent advantages, such as enhanced scalability, increased adaptability, and the ability to exercise centralized control. However, the control plane of the system is vulnerable to denial-of-service (DoS) attacks, which are a primary focus for attackers. These attacks have the potential to result in substantial delays and packet loss. In this study, we present a novel system called Two-Phase Authentication for Attack Detection that aims to enhance the security of SDN by mitigating DoS attacks. The methodology utilized in our study involves the implementation of packet filtration and machine learning classification techniques, which are subsequently followed by the targeted restriction of malevolent network traffic. Instead of completely deactivating the host, the emphasis lies on preventing harmful communication. Support vector machine and K-nearest neighbours algorithms were utilized for efficient detection on the CICDoS 2017 dataset. The deployed model was utilized within an environment designed for the identification of threats in SDN. Based on the observations of the banned queue, our system allows a host to reconnect when it is no longer contributing to malicious traffic. The experiments were run on a VMware Ubuntu, and an SDN environment was created using Mininet and the RYU controller. The results of the tests demonstrated enhanced performance in various aspects, including the reduction of false positives, the minimization of central processing unit utilization and control channel bandwidth consumption, the improvement of packet delivery ratio, and the decrease in the number of flow requests submitted to the controller. These results confirm that our Two-Phase Authentication for Attack Detection architecture identifies and mitigates SDN DoS attacks with low overhead

A Spectrogram Image-Based Network Anomaly Detection System Using Deep Convolutional Neural Network

The dynamics of computer networks have changed rapidly over the past few years due to a tremendous increase in the volume of the connected devices and the corresponding applications. This growth in the network’s size and our dependence on it for all aspects of our life have therefore resulted in the generation of many attacks on the network by malicious parties that are either novel or the mutations of the older attacks. These attacks pose many challenges for network security personnel to protect the computer and network nodes and corresponding data from possible intrusions. A network intrusion detection system (NIDS) can act as one of the efficient security solutions by constantly monitoring the network traffic to secure the entry points of a network. Despite enormous efforts by researchers, NIDS still suffers from a high false alarm rate (FAR) in detecting novel attacks. In this paper, we propose a novel NIDS framework based on a deep convolution neural network that utilizes network spectrogram images generated using the short-time Fourier transform. To test the efficiency of our proposed solution, we evaluated it using the CIC-IDS2017 dataset. The experimental results have shown about 2.5% - 4% improvement in accurately detecting intrusions compared to other deep learning (DL) algorithms while at the same time reducing the FAR by 4.3%-6.7% considering binary classification scenario. We also observed its efficiency for a 7-class classification scenario by achieving almost 98.75% accuracy with 0.56% - 3.72% improvement compared to other DL methodologies