The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Software-Defined Networks (SDN) is an emerging area that promises to change the way we design, build, and operate network architecture. It tends to shift from traditional network architecture of proprietary based to open and programmable network architecture. However, this new innovative and improved technology also brings another security burden into the network architecture, with existing and emerging...
We describe a multi-layer security system called "Application Protected Execution" (APEx) that has an "In-VM monitoring" functionality protected by out-of-band memory created within a Virtual Machine (VM) on cloud-based nodes. The In-VM monitor functionality protects execution of security related software and is triggered by hooked system events to avoid context switched overhead...
Software-Defined Networking (SDN) benefits from the development flexibility of control-plane applications (SDN-Apps), which allows third parties to make contributions. Such flexibility may expose SDN networks to security threats, since SDN-Apps may be malicious or prone to implementation bugs. These buggy/malicious SDN-Apps may contaminate the data plane with abnormal network actions, which may not...
One challenge for engineered cyber physical systems (CPSs) is the possibility for a malicious intruder to change the data transmitted across the cyber channel as a means to degrade the performance of the physical system. In this paper, we consider a data injection attack on a cyber physical system. We propose a hybrid framework for detecting the presence of an attack and operating the plant in spite...
Software-Defined Networking (SDN) allows scalable and flexible network management without requiring expensive hardware changes. However, this technology is relatively new and creates novel security risks. In this paper, we investigate the vulnerability of link discovery service in SDN controller, which is a critical service provided by the control layer for the proper functioning of applications and...
Flow-based inspection is playing an important role in network security monitoring systems such as intrusion detection, attacks detection and so on. Traditional flow scheduling strategies are usually based on calculated hash values of input flows which is fixed for a long time. As the bandwidth grows dramatically these years, it is observed that servers handling flow inspections may be crashed due...
Application-level firewalls filter traffic based on a white list of processes that are allowed to access the network. Although they have a complete overview of the system in which they are executed, they can be easily bypassed by knowledgable attackers. In this paper we present AL-SAFE, a cloud-tailored application-level self-adaptable firewall which combines the high degree of visibility of an application-level...
With the growing interest in Software Defined Networking (SDN) and thanks to the programmability provided by SDN protocols like OpenFlow, network application developers have started implementing solutions to fit corporate needs, like firewalls, load balancers and security services. In this paper, we present a novel solution to answer those needs with usage control policies. We design a policy based...
In this present day Embedded field most of research focused is on Embedded Linux. Our focus in this paper is Sensor Networking and Automation used for domestic and industrial applications. Using Rassberry Pi 2 developing on python editor & cortex processor presents a design and prototype implementation of new home ill automation system that uses WiFi technology as a network infrastructure connecting...
Modern Industrial Control Systems (ICS) integrate advanced solutions from the field of traditional IP networks, i.e., Software-Defined Networks (SDN), in order to increase the security and resilience of communication infrastructures. Despite their clear advantages, such solutions also expose ICS to common cyber threats that may have a dramatic impact on the functioning of critical infrastructures,...
Real time detection of flow anomalies is a critical part of wide range of management and security applications in many Cloud and NFV systems. Solutions based on per-flow records have become impossible due to the increasing traffic volumes and the limited available resources such as TCAM entries and fast counters. In this paper we study a novel dynamic control mechanism that allows detecting flow anomalies...
Software-defined networks (SDNs) offer network defenders the opportunity to choose from a variety of protection techniques in response to different threats. In contrast, traditional network architectures often lack the flexibility to implement threat-specific security controls. This research was conducted on a hardware SDN test bed running custom security applications to demonstrate techniques that...
Network security management is becoming more and more complicated in recent years, considering the need of deploying more and more network security devices/middle-boxes at various locations inside the already complicated networks. A grand challenge in this situation is that current management is inflexible and the security resource utilization is not efficient. The flexible deployment and utilization...
Cloud Computing is a term which allows user to access the set applications to perform a group of functions or tasks on the internet enabled devices. The cloud has been divided into three types: private, public and hybrid which are briefly described in this paper. SaaS, IaaS and PaaS are the services of the cloud. Cloud is generally provided by the third party, thus it faces few security challenges...
The pervasive use of embedded computing systems in modern societies altogether with the industry trend towards consolidating workloads, openness and interconnectedness, have raised security, safety, and real-time concerns. Virtualization has been used as an enabler for safety and security, but research works have proven that it must be extended and improved with hardware-based security foundations...
This paper deals with a design of a system for supporting anti-hail networks. It is proposed a specific system for Romania anti-hail network which enhance the anti-hail systems with information subsystems. The system has two main components: a system for taking the decision of launch and the system for assisting the launch decision. The subsystem for taking the decision of launching addresses exclusively...
Man-in-the-Middle (MITM) attack enables an attacker to monitor the communication exchange between two parties by directing the traffic between them to pass through the attacker's machine. Most existing schemes for discovering MITM attack focus on detecting the mechanism used to direct the traffic through the attacker machine. This paper presents a new detection scheme that is based on matching the...
To meet the need of key agreement and pairwise-key creation between sensors in wireless sensor network composed of IRIS nodes, this paper presents the implementation of ECDH (elliptic curve Diffie-Hellman) key agreement scheme on IRIS nodes. We choose 6 kinds of optimization algorithms for ECDH to test and compare these optimization algorithms. By turning these optimization techniques on or off, we...
Security alerts collected under real workload conditions represent a goldmine of information to protect integrity and confidentiality of a production Cloud. Nevertheless, the volume of runtime alerts overwhelms operations teams and makes forensics hard and time consuming. This paper investigates the use of different text weighting schemes to filter an average volume of 1,000 alerts/day produced by...
One of the core properties of Software Defined Networking (SDN) is the ability for third parties to develop network applications. This introduces increased potential for innovation in networking from performance-enhanced to energy-efficient designs. In SDN, the application connects with the network via the SDN controller. A specific concern relating to this communication channel is whether an application...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.