The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Cloud users have little visibility into the performance characteristics and utilization of the physical machines underpinning the virtualized cloud resources they use. This uncertainty forces users and researchers to reverse engineer the inner workings of cloud systems in order to understand and optimize the conditions their applications operate. At Massachusetts Open Cloud (MOC), as a public cloud...
Recent advances in hardware and software of cloud computing are putting tremendous pressure on the administrators who manage these resources to provide uninterrupted services. Monitoring cloud computing plays a significant role in enhancing the quality of cloud computing services. Regular monitoring may help to adaptively scale resource utilization and determine service problems. It also helps to...
This demo showcases some of the capabilities foreseen for the security infrastructure designed by the H2020 SHIELD project. SHIELD exploits NFV for adaptive monitoring of an IT infrastructure and for feeding the data to an analytics engine to detect attacks in real time. An intelligent reaction system is then activated to reconfigure the SDN/NFV infrastructure so that the attacks are thwarted. The...
In this paper, we propose two simple and practically feasible countermeasures to address the Route Spoofing and Resource Exhaustion attacks in Software Defined Networking (SDN) scenarios. For Route Spoofing attack, we introduce a new technique called “selective blocking” which blocks an adversary node to use a genuine user's active routes, and for Resource Exhaustion attack, we propose a “periodic...
With the advent of smart devices and lowering prices of sensing devices, adoption of Internet of Things (IoT) is gaining momentum. These IoT devices come with greater threat of being attacked or compromised that could lead to Denial of Service (DoS) and Distributed Denial of Service (DDoS). The high volume of IoT devices with high level of heterogeneity, magnify the possibility of security threats...
Remote patient monitoring systems (RMS) have gained increasing popularity in recent years. RMS have great potential to improve medical services by providing more affordable, timely, and accessible care. This paper describes an effective low-cost RMS that is readily deployable. The system targets chronic disease patients and attempts to reduce patient visits to the hospital and healthcare costs. The...
Software-defined networking (SDN) addresses pressing networking problems such as network virtualization and data center complexity. By separating the control plane from the data plane, SDN introduces a new abstraction layer. This new abstraction layer is typically implemented by means of a so-called SDN controller. SDN applications can interact with the controller to ensure network functionality....
Wireless Sensor Networks present several advantages when compared to wired ones, among them, the low consumption and simplicity of installation. In some cases, energy consumption may be so low as to allow the use of energy harvesting techniques, as in the case of EnOcean protocol. In other networks, it is necessary to meet specific requirements, such as in industrial ones, where communication must...
The accuracy provided by traditional sampling-based monitoring approaches, such as NetFlow, is increasingly being considered insufficient to meet the requirements of today's networks. By summarizing all traffic for specific statistics of interest, sketch-based alternatives have been shown to achieve higher levels of accuracy for the same cost. Existing switches, however, lack the necessary capability...
The trend towards the digitalization of our homes is motivated by the development of hardware and software platforms that have been researched in recent years. As in the Internet of Things, building a single, global platform that enables communication with a myriad of devices for home automation is virtually impossible. The platform proposed in this work deals, in isolation, with the problems in each...
The reports from last years outline the fact that the web crawlers (robots, bots) activities generate more than a half of web traffic on Internet. Web robots can be good (used for example by search engines) or bad (for bypassing security solutions, scraping, spamming or hacking), but usually all take up the internet bandwidth and can cause damage to businesses that rely on web traffic or content....
Cameras and other sensors are increasingly deployed for private space monitoring applications such as home monitoring, assisted/enhanced living and child monitoring. Since these cameras capture highly sensitive information and transfer it over public communication infrastructures, security and privacy is a major concern. This work presents a secure camera device along with a secure data delivery and...
Attack graphs constitute a powerful security tool aimed at modelling the many ways in which an attacker may compromise different assets in a network. Despite their usefulness in several security-related activities (e.g. hardening, monitoring, forensics), the complexity of these graphs can massively grow as the network becomes denser and larger, thus defying their practical usability. In this presentation,...
A unidirectional security gateway is a network system in which data can travel in only one direction. Therefore, the system are used in protecting the safety and reliability of various critical infrastructures. Most of all, it has to be deployed with send and receive transceivers disconnected for one direction to ensure information security. In this paper, we introduce a unidirectional security gateway...
Cyber-physical systems (CPS) are interconnections of heterogeneous hardware and software components (e.g., sensors, actuators, physical systems/processes, computational nodes and controllers, and communication subsystems). Increasing network connectivity of CPS computational nodes facilitates maintenance and on-demand reprogrammability and reduces operator workload. However, such increasing connectivity...
Cloud providers have an incomplete view of their hosted virtual infrastructures managed by a Cloud Management System (CMS) and a Software Defined Network (SDN) controller. For various security reasons (e.g. isolation verification, modeling attack paths in the network), it is necessary to know which virtual machines can interact via network protocols. This requires building a connectivity graph between...
Threats within the network are a security risk with which you deal daily. Due to this, the use of more complex means of security than the Firewall should be considered to perform the analysis of the traffic behavior of the network by means of devices of next generation such as Systems of Detection and Prevention of Intrusions (IDPS). This article presents a comparison of commercial systems and open...
We present an approach to tracking the behaviour of an attacker on a decoy system, where the decoy communicates with the real system only through low energy bluetooth. The result is a low-cost solution that does not interrupt the live system, while limiting potential damage. The attacker has no way to detect that they are being monitored, while their actions are being logged for further investigation...
Development and operation of multi-cloud applications, i.e. applications which consume and orchestrate services from multiple independent Cloud Service Providers, are challenging topics nowadays. Systematically addressing security assurance in such applications is an additional issue, unsolved at state of art. This paper introduces the MUSA DevOps approach to holistic security assurance in multi-cloud...
Fraud prevention in the banking sphere is a very important type of activity which can cover a whole range of fraud schemes — both from employees and customers. The article studies the existing technologies for realization of the system of security control over functioning of POS networks in real time and analyzes them in detail. Besides, the concept of the system of monitoring and analysis of threats...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.