The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we present a novel model and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX. Then, we use clustering algorithms to select interesting information to explore in a visualization panel. The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant...
Network virtualization provides a flexible solution to reduce costs, share network resources and improve recovery time upon failure. An important part of virtual network management consists in migrating them in order to optimize resource allocation and react to link failures. However, the migration process might entail the loss of security properties in the virtual network, such as confidentiality...
Over the years, system calls (syscalls) have become an increasingly popular data source for host intrusion detection systems (HIDS). This is partly due to their strong security semantic implications. As syscalls conform to a program's control-flow graph, a deviation in a syscall sequence may imply a deviation in a program's control-flow graph. This is useful for detecting the control-flow hijacking...
Cyber attacks are a critical threat to government infrastructure, commercial enterprises and personal devices. When belligerents attack cyber systems, they need to spread laterally to reach high value targets and communicate with their command and control sites. Intuitively, a layered defense including intrusion detection systems will limit the adversary's exploitation of the target. We apply lessons...
Software Defined Networking (SDN) has proved to be a promising approach for creating next generation software based network ecosystems. It has provided us with a centralized network provision, a holistic management plane and a well-defined level of abstraction. But, at the same time brings forth new security and management challenges. Research in the field of SDN is primarily focused on reconfiguration,...
The advances made in the field of IoT in recent years implore us to take a closer look at the security challenges it presents. Due to its ubiquitous nature and high heterogeneity of the connected devices and communication protocols a novel approach must be taken. This papers aim is to make a brief review of the work done in the areas of Negative Selection and Danger Theory and to do a comparative...
Fog Computing (FC) has extended the services of cloud computing to the edge of the network. It inherits some of the characteristics from cloud computing but FC also have some distinguished features such as geo-distribution, location awareness and low latency. Along with the inherited characteristics, it also inherits the issues and problems of cloud computing like energy efficiency, resource management...
The creation of intrusion detection systems for IoT scenarios presents various challenges. One of them being the need for an implementation of unsupervised learning and decision making in the detection syste1m. The algorithm presented in this paper is capable of definitively identifying a large percentage of possible intrusions as true or false without the need of operator input. Our proposal is based...
The IoT (Internet of Things) is one of the primary reasons for the massive growth in the number of connected devices to the Internet, thus leading to an increased volume of traffic in the core network. Fog and edge computing are becoming a solution to handle IoT traffic by moving timesensitive processing to the edge of the network, while using the conventional cloud for historical analysis and long-term...
Advanced computer security systems rely on a host of detectors that examine anomalies, or known signatures, to qualify network traffic. Anomaly detectors usually come at greater cost in resources over signature detectors spurring the desire to translate anomalies into identifiable signatures. Automatic Signature Generation (ASG) attempts to automate the process of creating signatures to describe newly...
This article is about study of honeypots. In this work, we use some honeypot sensors deployment and analysis to identify, currently, what are the main attacks and security breaches explored by attackers to compromise systems. For example, a common server or service exposed to the Internet can receive a million of hits per day, but sometimes would not be easy to identify the difference between legitimate...
Nowadays, more and more Internet-of-Things (IoT) smart products, interconnected through various wireless communication technologies (Wifi, Bluetooth, Zigbee, Z-wave, etc.) are integrated in daily life, especially in homes, factories, cities, etc. Such IoT technologies have become very attractive with a large variety of new services offered to improve the quality of life of the endusers or to create...
Honeypots have been largely used to capture and investigate malicious behavior through deliberately sacrificing their own resources in order to be attacked. Hybrid honeypot architectures consisting of frontends and backends are widely used in the research area, specially due to the benefits of their high scalability and fidelity for detailed attacking data collection. A hybrid honeypot system often...
Security issues in the IoT based CPS are exacerbated with human participation in CPHS due to the vulnerabilities in both the technologies and the human involvement. A holistic framework to mitigate security threats in the IoT-based CPHS environment is presented to mitigate these issues. We have developed threat model involving human elements in the CPHS environment. Research questions, directions,...
With rapid advancement in telecommunication sub-domains like Internet of Things (IoT), Internet of Energy (IoE), Internet of Vehicles (IoV), Next Generation Networks (5G) and Big Data, the strength, intensity and effectiveness of intruders is also evolving. Intruders are ready to challenge modern advancement in the domain of electronic warfare. The traditional TCP/IP protocol stack does not have the...
Insider attacks in which misbehaving Virtual Machines (VMs) take part of the cloud system and learn about its internal vulnerabilities constitute a major threat against cloud resources and infrastructure. This demands setting up continuous and comprehensive security arrangements to restrict the effects of such attacks. However, limited security resources prohibit full detection coverage on all VMs...
According to CISCO 2016 Annual Report Security, firewalls are the most commonly used security tools by enterprises (65 percent) in the use of security defenses versus different threading's. In the scope of Information technologies, threads have been evolved and have diversified. However, and for this reason, is important detect and identify them, preventing anomalous behavior on networks. New methods...
Smart grid introduces a wealth of promising applications for upcoming fifth-generation mobile networks (5G), enabling households and utility companies to establish a two-way digital communications dialogue, which can benefit both of them. The utility can monitor real-time consumption of end users and take proper measures (e.g., real-time pricing) to shape their consumption profile or to plan enough...
Web applications commonly provide a high attack surface. In today's world of high impact attacks, protecting them against both known and unknown attacks becomes more important than ever. We present an approach of machine learning based anomaly detection to flexibly detect anomalous requests. Our approach leverages long short-term memory (LSTM) neural networks to learn a detailed model of normal requests...
Device identification has been considered as a main trend to maintain security in wireless communications. Specific characteristics of different components of transmitters have been recently exploited as their RF fingerprints. In this paper, a new method is presented to uniquely identify a transmitter using a phase locking mechanism. In the proposed method, a Phase-Locked Loop is used to lock on the...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.