Search results for: Home network security

Authors: K. Geetha, P. Thangaraj

Abstract:

Mobile Ad Hoc Networks (MANETs) is a collection of mobile devices forming a communication network without infrastructure. MANET is vulnerable to security threats due to network’s limited security, dynamic topology, scalability and the lack of central management. The Quality of Service (QoS) routing in such networks is limited by network breakage caused by node mobility or nodes energy depletions. The impact of node mobility on trust establishment is considered and its use to propagate trust through a network is investigated in this paper. This work proposes an enhanced Associativity Based Routing (ABR) with Fuzzy based Trust (Fuzzy- ABR) routing protocol for MANET to improve QoS and to mitigate network attacks.

Keywords: Mobile Ad hoc Networks (MANET), Associativity Based Routing (ABR), Fuzzy based Computed Trust.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2516

Authors: Dewan Md. Farid, Nouria Harbi, Emna Bahri, Mohammad Zahidur Rahman, Chowdhury Mofizur Rahman

Abstract:

Recently, information security has become a key issue in information technology as the number of computer security breaches are exposed to an increasing number of security threats. A variety of intrusion detection systems (IDS) have been employed for protecting computers and networks from malicious network-based or host-based attacks by using traditional statistical methods to new data mining approaches in last decades. However, today's commercially available intrusion detection systems are signature-based that are not capable of detecting unknown attacks. In this paper, we present a new learning algorithm for anomaly based network intrusion detection system using decision tree algorithm that distinguishes attacks from normal behaviors and identifies different types of intrusions. Experimental results on the KDD99 benchmark network intrusion detection dataset demonstrate that the proposed learning algorithm achieved 98% detection rate (DR) in comparison with other existing methods.

Keywords: Detection rate, decision tree, intrusion detectionsystem, network security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3560

Authors: J. Dubois, P. Jreije

Abstract:

Internet security attack could endanger the privacy of World Wide Web users and the integrity of their data. The attack can be carried out on today's most secure systems- browsers, including Netscape Navigator and Microsoft Internet Explorer. There are too many types, methods and mechanisms of attack where new attack techniques and exploits are constantly being developed and discovered. In this paper, various types of internet security attack mechanisms are explored and it is pointed out that when different types of attacks are combined together, network security can suffer disastrous consequences.

Keywords: DoS, internet attacks, router attack, security, trojan, virus, worm, XSS.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2063

Authors: Mayada AlMeghari

Abstract:

Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature (DWS) Framework. The aim of using the middleware in the proposed DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.

Keywords: Middleware, parallel computing, data warehouse, security, group-key, high performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 275

Authors: Z.M. Hanapi, M. Ismail, K. Jumari, M. Mahdavi

Abstract:

Routing security is a major concerned in Wireless Sensor Network since a large scale of unattended nodes is deployed in ad hoc fashion with no possibility of a global addressing due to a limitation of node-s memory and the node have to be self organizing when the systems require a connection with the other nodes. It becomes more challenging when the nodes have to act as the router and tightly constrained on energy and computational capabilities where any existing security mechanisms are not allowed to be fitted directly. These reasons thus increasing vulnerabilities to the network layer particularly and to the whole network, generally. In this paper, a Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing is presented where a dynamic time is used for collection window to collect Clear to Send (CTS) control packet in order to find an appropriate hoping node. The DWIGF is expected to minimize a chance to select an attacker as the hoping node that caused by a blackhole attack that happen because of the CTS rushing attack, which promise a good network performance with high packet delivery ratios.

Keywords: sensor, security, routing, attack, random.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1361

Authors: Supachai Tangwongsan, Labhidhorn Pangphuthipong

Abstract:

This research work proposes a model of network security systems aiming to prevent production system in a data center from being attacked by intrusions. Conceptually, we introduce a decoy system as a part of the security system for luring intrusions, and apply network intrusion detection (NIDS), coupled with the decoy system to perform intrusion prevention. When NIDS detects an activity of intrusions, it will signal a redirection module to redirect all malicious traffics to attack the decoy system instead, and hence the production system is protected and safe. However, in a normal situation, traffic will be simply forwarded to the production system as usual. Furthermore, we assess the performance of the model with various bandwidths, packet sizes and inter-attack intervals (attacking frequencies).

Keywords: Intrusion detection, Decoy, Snort, Intrusion prevention.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1699

Authors: Nada Mouchfiq, Ahmed Habbani, Chaimae Benjbara

Abstract:

The security aspect of the IoT occupies a place of great importance especially after the evolution that has known this field lastly because it must take into account the transformations and the new applications .Blockchain is a new technology dedicated to the data sharing. However, this does not work the same way in the different systems with different operating principles. This article will discuss network security using the Blockchain to facilitate the sending of messages and information, enabling the use of new processes and enabling autonomous coordination of devices. To do this, we will discuss proposed solutions to ensure a high level of security in these networks in the work of other researchers. Finally, our article will propose a method of security more adapted to our needs as a team working in the ad hoc networks, this method is based on the principle of the Blockchain and that we named ”MPR Blockchain”.

Keywords: Ad hoc networks, blockchain, MPR, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 847

Authors: M. Padmavathi, R. M. Suresh

Abstract:

Every machine plays roles of client and server simultaneously in a peer-to-peer (P2P) network. Though a P2P network has many advantages over traditional client-server models regarding efficiency and fault-tolerance, it also faces additional security threats. Users/IT administrators should be aware of risks from malicious code propagation, downloaded content legality, and P2P software’s vulnerabilities. Security and preventative measures are a must to protect networks from potential sensitive information leakage and security breaches. Bit Torrent is a popular and scalable P2P file distribution mechanism which successfully distributes large files quickly and efficiently without problems for origin server. Bit Torrent achieved excellent upload utilization according to measurement studies, but it also raised many questions as regards utilization in settings, than those measuring, fairness, and Bit Torrent’s mechanisms choice. This work proposed a block selection technique using Fuzzy ACO with optimal rules selected using ACO.

Keywords: Ant Colony Optimization (ACO), Bit Torrent, Download time, Peer-to-Peer (P2P) network, Performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2528

Authors: Ki Hyun Kim, Jang-Hee Yoo, Kyo Il Chung

Abstract:

This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exchange block, security association block, and IPsec engine block. The internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security Association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by H/W and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode.

Keywords: TCSS(Trust Channel Security System), VPN(VirtualPrivate Network), IPsec, SSL, Security Processor, Securitycommunication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2058

Authors: Othman O. Khalifa, Abdulrazzag Aburas, A. Al Bagul, Meftah Hrairi, Muhammad Shahril bin Shahbuddin, Harman bin Mat Kasa

Abstract:

Cellular communication is being widely used by all over the world. The users of handsets are increasing due to the request from marketing sector. The important aspect that has to be touch in this paper is about the security system of cellular communication. It is important to provide users with a secure channel for communication. A brief description of the new GSM cellular network architecture will be provided. Limitations of cellular networks, their security issues and the different types of attacks will be discussed. The paper will go over some new security mechanisms that have been proposed by researchers. Overall, this paper clarifies the security system or services of cellular communication using GSM. Three Malaysian Communication Companies were taken as Case study in this paper.

Keywords: GSM, Security systems, SIM CARD, IMSI, Authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2440

Authors: Chuang-Chun Chiou

Abstract:

Ageing population is a global trend; therefore the need of care service has been increasing dramatically. There are three basic forms of service delivered to the elderly: institution, community, and home. Particularly, the institutional service can be seen as an extension of medical service. The nursing home or so-called care home which is equipped with professional staff and facilities can provide a variety of service including rehabilitation service, short-term care, and long term care. Similar to hospital and other health care service, care home service do need to provide quality and cost-effective service to satisfy the dwellers. The main purpose of this paper is to show how lean thinking and service innovation can be applied to care home operation. The issues and key factors of implementing lean practice are discussed.

Keywords: Lean, Service improvement, SERVQUAL, Care home service.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3116

Authors: Dewan Md. Farid, Nouria Harbi, Suman Ahmmed, Md. Zahidur Rahman, Chowdhury Mofizur Rahman

Abstract:

Network security attacks are the violation of information security policy that received much attention to the computational intelligence society in the last decades. Data mining has become a very useful technique for detecting network intrusions by extracting useful knowledge from large number of network data or logs. Naïve Bayesian classifier is one of the most popular data mining algorithm for classification, which provides an optimal way to predict the class of an unknown example. It has been tested that one set of probability derived from data is not good enough to have good classification rate. In this paper, we proposed a new learning algorithm for mining network logs to detect network intrusions through naïve Bayesian classifier, which first clusters the network logs into several groups based on similarity of logs, and then calculates the prior and conditional probabilities for each group of logs. For classifying a new log, the algorithm checks in which cluster the log belongs and then use that cluster-s probability set to classify the new log. We tested the performance of our proposed algorithm by employing KDD99 benchmark network intrusion detection dataset, and the experimental results proved that it improves detection rates as well as reduces false positives for different types of network intrusions.

Keywords: Clustering, detection rate, false positive, naïveBayesian classifier, network intrusion detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5495

Authors: Kyi Lin Lin Kyaw

Abstract:

Nowadays, we are facing with network threats that cause enormous damage to the Internet community day by day. In this situation, more and more people try to prevent their network security using some traditional mechanisms including firewall, Intrusion Detection System, etc. Among them honeypot is a versatile tool for a security practitioner, of course, they are tools that are meant to be attacked or interacted with to more information about attackers, their motives and tools. In this paper, we will describe usefulness of low-interaction honeypot and high-interaction honeypot and comparison between them. And then we propose hybrid honeypot architecture that combines low and high -interaction honeypot to mitigate the drawback. In this architecture, low-interaction honeypot is used as a traffic filter. Activities like port scanning can be effectively detected by low-interaction honeypot and stop there. Traffic that cannot be handled by low-interaction honeypot is handed over to high-interaction honeypot. In this case, low-interaction honeypot is used as proxy whereas high-interaction honeypot offers the optimal level realism. To prevent the high-interaction honeypot from infections, containment environment (VMware) is used.

Keywords: Low-interaction honeypot, High-interactionhoneypot, VMware, Proxy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2897

Authors: A. Andreasyan, C. Connors

Abstract:

The Elliptic Curve Digital Signature algorithm-based X509v3 certificates are becoming more popular due to their short public and private key sizes. Moreover, these certificates can be stored in Internet of Things (IoT) devices, with limited resources, using less memory and transmitted in network security protocols, such as Internet Key Exchange (IKE), Transport Layer Security (TLS) and Secure Shell (SSH) with less bandwidth. The proposed method gives another advantage, in that it increases the performance of the above-mentioned protocols in terms of key exchange by saving one scalar multiplication operation.

Keywords: Cryptography, elliptic curve digital signature algorithm, key exchange, network security protocols.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 523

Authors: Helder Adão, Rui Antunes, Frederico Grilo

Abstract:

This paper describes the project and development of a very low-cost and small electronic prototype, especially designed for monitoring and controlling existing home automation alarm systems (intruder, smoke, gas, flood, etc.), via TCP/IP, with a typical web browser. Its use will allow home owners to be immediately alerted and aware when an alarm event occurs, and being also able to interact with their home automation alarm system, disarming, arming and watching event alerts, with a personal wireless Wi-Fi PDA or smartphone logged on to a dedicated predefined web page, and using also a PC or Laptop.

Keywords: Alarm Systems, Home Automation, Web-Server, TCP/IP.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3156

Authors: E. Golden Julie, E. Sahaya Rose Vigita, S. Tamil Selvi

Abstract:

Wireless sensor network is vulnerable to a wide range of attacks. Recover secrecy after compromise, to develop technique that can detect intrusions and able to resilient networks that isolates the point(s) of intrusion while maintaining network connectivity for other legitimate users. To define new security metrics to evaluate collaborative intrusion resilience protocol, by leveraging the sensor mobility that allows compromised sensors to recover secure state after compromise. This is obtained with very low overhead and in a fully distributed fashion using extensive simulations support our findings.

Keywords: WSN security, intrusion resilience, compromised sensors, mobility.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1715

Authors: C. N. Vanitha, M. Usha

Abstract:

In a real world scenario, the viability of the sensor networks has been proved by standardizing the technologies. Wireless sensor networks are vulnerable to both electronic and physical security breaches because of their deployment in remote, distributed, and inaccessible locations. The compromised sensor nodes send malicious data to the base station, and thus, the total network effectiveness will possibly be compromised. To detect and seclude the Route modifiers, a neural network based Pattern Learning predictor (PLP) is presented. This algorithm senses data at any node on present and previous patterns obtained from the en-route nodes. The eminence of any node is upgraded by their predicted and reported patterns. This paper propounds a solution not only to detect the route modifiers, but also to seclude the malevolent nodes from the network. The simulation result proves the effective performance of the network by the presented methodology in terms of energy level, routing and various network conditions.

Keywords: Neural networks, pattern learning, security, wireless sensor networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1253

Authors: D. Satish Kumar, S. Karthik

Abstract:

A dual tiered network model is designed to overcome the problem of energy alert and fault tolerance. This model minimizes the delay time and overcome failure of links. Performance analysis of the dual tiered network model is studied in this paper where the CA and LS schemes are compared with DEO optimal. We then evaluate  the Integrated Network Topological Control and Key Management (INTK) Schemes, which was proposed to add security features of the wireless sensor networks. Clustering efficiency, level of protections, the time complexity is some of the parameters of INTK scheme that were analyzed. We then evaluate the Cluster based Energy Competent n-coverage scheme (CEC n-coverage scheme) to ensure area coverage for wireless sensor networks.

Keywords: CEC n-coverage scheme, Clustering efficiency, Dual tired network, Wireless sensor networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1632

Authors: L. Sellami, D. Idoughi, P. F. Tiako

Abstract:

Cloud computing provides infrastructure to the enterprise through the Internet allowing access to cloud services at anytime and anywhere. This pervasive aspect of the services, the distributed nature of data and the wide use of information make cloud computing vulnerable to intrusions that violate the security of the cloud. This requires the use of security mechanisms to detect malicious behavior in network communications and hosts such as intrusion detection systems (IDS). In this article, we focus on the detection of intrusion into the cloud sing IDSs. We base ourselves on client authentication in the computing cloud. This technique allows to detect the abnormal use of ubiquitous service and prevents the intrusion of cloud computing. This is an approach based on client authentication data. Our IDS provides intrusion detection inside and outside cloud computing network. It is a double protection approach: The security user node and the global security cloud computing.

Keywords: Cloud computing, intrusion detection system, privacy, trust.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1052

Authors: Joo-Hyung Oh, Dongwan Kang, JunHyung Cho, Chaetae Im

Abstract:

As the mobile Internet has become widespread in recent years, communication based on mobile networks is increasing. As a result, security threats have been posed with regard to the abnormal traffic of mobile networks, but mobile security has been handled with focus on threats posed by mobile malicious codes, and researches on security threats to the mobile network itself have not attracted much attention. In mobile networks, the IP address of the data packet is a very important factor for billing purposes. If one mobile terminal use an incorrect IP address that either does not exist or could be assigned to another mobile terminal, billing policy will cause problems. We monitor and analyze 3G mobile data networks traffics for a period of time and finds some abnormal IP packets. In this paper, we analyze the reason for abnormal IP packets on 3G Mobile Data Networks. And we also propose an algorithm based on IP address table that contains addresses currently in use within the mobile data network to detect abnormal IP packets.

Keywords: WCDMA, 3G, Abnormal IP address, Mobile Data Network Attack

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2292

Authors: Byung-Ik Kim, Hong-Koo Kang, Tae-Jin Lee, Hae-Ryong Park

Abstract:

Cyber terrors against specific enterprises or countries have been increasing recently. Such attacks against specific targets are called advanced persistent threat (APT), and they are giving rise to serious social problems. The malicious behaviors of APT attacks mostly affect websites and penetrate enterprise networks to perform malevolent acts. Although many enterprises invest heavily in security to defend against such APT threats, they recognize the APT attacks only after the latter are already in action. This paper discusses the characteristics of APT attacks at each step as well as the strengths and weaknesses of existing malicious code detection technologies to check their suitability for detecting APT attacks. It then proposes a network-based malicious behavior detection algorithm to protect the enterprise or national networks.

Keywords: Advanced Persistent Threat, Malware, Network Security, Network Packet, Exploit Kits.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1511

Authors: Eric P. Jiang

Abstract:

As the Internet continues to grow at a rapid pace as the primary medium for communications and commerce and as telecommunication networks and systems continue to expand their global reach, digital information has become the most popular and important information resource and our dependence upon the underlying cyber infrastructure has been increasing significantly. Unfortunately, as our dependency has grown, so has the threat to the cyber infrastructure from spammers, attackers and criminal enterprises. In this paper, we propose a new machine learning based network intrusion detection framework for cyber security. The detection process of the framework consists of two stages: model construction and intrusion detection. In the model construction stage, a semi-supervised machine learning algorithm is applied to a collected set of network audit data to generate a profile of normal network behavior and in the intrusion detection stage, input network events are analyzed and compared with the patterns gathered in the profile, and some of them are then flagged as anomalies should these events are sufficiently far from the expected normal behavior. The proposed framework is particularly applicable to the situations where there is only a small amount of labeled network training data available, which is very typical in real world network environments.

Keywords: classification, data analysis and mining, network intrusion detection, semi-supervised learning.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1751

Authors: V. Uma Rani, K. Soma Sundaram

Abstract:

The major challenge faced by wireless sensor networks is security. Because of dynamic and collaborative nature of sensor networks the connected sensor devices makes the network unusable. To solve this issue, a trust model is required to find malicious, selfish and compromised insiders by evaluating trust worthiness sensors from the network. It supports the decision making processes in wireless sensor networks such as pre key-distribution, cluster head selection, data aggregation, routing and self reconfiguration of sensor nodes. This paper discussed the kinds of trust model, trust metrics used to address attacks by monitoring certain behavior of network. It describes the major design issues and their countermeasures of building trust model. It also discusses existing trust models used in various decision making process of wireless sensor networks.

Keywords: Attacks, Security, Trust, Trust model, Wireless sensor network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4519

Authors: S. Padmapriya

Abstract:

Vehicular Adhoc Networks (VANETs), a subset of Mobile Adhoc Networks (MANETs), refers to a set of smart vehicles used for road safety. This vehicle provides communication services among one another or with the Road Side Unit (RSU). Security is one of the most critical issues related to VANET as the information transmitted is distributed in an open access environment. As each vehicle is not a source of all messages, most of the communication depends on the information received from other vehicles. To protect VANET from malicious action, each vehicle must be able to evaluate, decide and react locally on the information received from other vehicles. Therefore, message verification is more challenging in VANET because of the security and privacy concerns of the participating vehicles. To overcome security threats, we propose Monitoring Algorithm that detects malicious nodes based on the pre-selected threshold value. The threshold value is compared with the distrust value which is inherently tagged with each vehicle. The proposed Monitoring Algorithm not only detects malicious vehicles, but also isolates the malicious vehicles from the network. The proposed technique is simulated using Network Simulator2 (NS2) tool. The simulation result illustrated that the proposed Monitoring Algorithm outperforms the existing algorithms in terms of malicious node detection, network delay, packet delivery ratio and throughput, thereby uplifting the overall performance of the network.

Keywords: VANET, security, malicious vehicle detection, threshold value, distrust value.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1225

Authors: Nafise Fareghzadeh

Abstract:

Web services provide significant new benefits for SOAbased applications, but they also expose significant new security risks. There are huge number of WS security standards and processes. At present, there is still a lack of a comprehensive approach which offers a methodical development in the construction of secure WS-based SOA. Thus, the main objective of this paper is to address this needs, presenting a comprehensive method for Web Services Security guaranty in SOA. The proposed method defines three stages, Initial Security Analysis, Architectural Security Guaranty and WS Security Standards Identification. These facilitate, respectively, the definition and analysis of WS-specific security requirements, the development of a WS-based security architecture and the identification of the related WS security standards that the security architecture must articulate in order to implement the security services.

Keywords: Kernel, Repository, Security Standards, WS Security Policy, WS specification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1386

Authors: Hae Young Lee, Tae Ho Cho

Abstract:

In many sensor network applications, sensor nodes are deployed in open environments, and hence are vulnerable to physical attacks, potentially compromising the node's cryptographic keys. False sensing report can be injected through compromised nodes, which can lead to not only false alarms but also the depletion of limited energy resource in battery powered networks. Ye et al. proposed a statistical en-route filtering scheme (SEF) to detect such false reports during the forwarding process. In this scheme, the choice of a security threshold value is important since it trades off detection power and overhead. In this paper, we propose a fuzzy logic for determining a security threshold value in the SEF based sensor networks. The fuzzy logic determines a security threshold by considering the number of partitions in a global key pool, the number of compromised partitions, and the energy level of nodes. The fuzzy based threshold value can conserve energy, while it provides sufficient detection power.

Keywords: Fuzzy logic, security, sensor network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1533

Authors: Souleymane Oumtanaga, Prosper Kimou, Kouadio Gaza Kevin

Abstract:

The security of their network remains the priorities of almost all companies. Existing security systems have shown their limit; thus a new type of security systems was born: honeypots. Honeypots are defined as programs or intended servers which have to attract pirates to study theirs behaviours. It is in this context that the leurre.com project of gathering about twenty platforms was born. This article aims to specify a model of honeypots attack. Our model describes, on a given platform, the evolution of attacks according to theirs hours. Afterward, we show the most attacked services by the studies of attacks on the various ports. It is advisable to note that this article was elaborated within the framework of the research projects on honeyspots within the LABTIC (Laboratory of Information Technologies and Communication).

Keywords: Honeypot, networks, attack, leurrecom, computer network

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1428

Authors: Raman Paranjape

Abstract:

We present a new approach to evaluation of Cyber Security in Power Systems using the method of modeling the power systems Infrastructure using software agents. Interfaces between module and the home smart meter are recognized as the primary points of intrusion.

Keywords: Power Systems, Modeling and Simulation, Agent systems.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2393

Authors: Norbik Bashah, Idris Bharanidharan Shanmugam, Abdul Manan Ahmed

Abstract:

Intrusion Detection Systems are increasingly a key part of systems defense. Various approaches to Intrusion Detection are currently being used, but they are relatively ineffective. Artificial Intelligence plays a driving role in security services. This paper proposes a dynamic model Intelligent Intrusion Detection System, based on specific AI approach for intrusion detection. The techniques that are being investigated includes neural networks and fuzzy logic with network profiling, that uses simple data mining techniques to process the network data. The proposed system is a hybrid system that combines anomaly, misuse and host based detection. Simple Fuzzy rules allow us to construct if-then rules that reflect common ways of describing security attacks. For host based intrusion detection we use neural-networks along with self organizing maps. Suspicious intrusions can be traced back to its original source path and any traffic from that particular source will be redirected back to them in future. Both network traffic and system audit data are used as inputs for both.

Keywords: Intrusion Detection, Network Security, Data mining, Fuzzy Logic.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2085

Authors: E. Tomur, R. Deregozu, T. Genc

Abstract:

In this study, we propose a network architecture for providing secure access to information resources of enterprise network from remote locations in a wireless fashion. Our proposed architecture offers a very promising solution for organizations which are in need of a secure, flexible and cost-effective remote access methodology. Security of the proposed architecture is based on Virtual Private Network technology and a special role based access control mechanism with location and time constraints. The flexibility mainly comes from the use of Internet as the communication medium and cost-effectiveness is due to the possibility of in-house implementation of the proposed architecture.

Keywords: Remote access, wireless networks, security, virtualprivate networks, RBAC.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1652