The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This Paper proposes Web application-oriented active threat awareness model and analyzes the threat features of Web application, which is used for threat intelligence analysis, association analysis and data-driven anomaly detection. So in this paper, we mainly study the threat feature design and selection problem in the web application, which will be used for threat awareness system to improve the...
Credible BGP (C-BGP) is a lightweight alternative to secure BGP. Its main design objective is to address signature verification costs and deployment challenges associated with S-BGP. To this end, C-BGP defines a control layer of trusted ASes that is comprised of major Autonomous Systems (ASes) in the network. In this environment a non-trusted AS has to verify only the signatures of intermediate ASes...
The cyber security exposure of resilient systems is frequently described as an attack surface. A larger surface area indicates increased exposure to threats and a higher risk of compromise. Ad-hoc addition of dynamic proactive defenses to distributed systems may inadvertently increase the attack surface. This can lead to cyber friendly fire, a condition in which adding superfluous or incorrectly configured...
LTE (Long Term Evolution) is the latest cellular communications standard to provide advanced mobile services that go beyond traditional voice and short messaging traffic. Mobility networks are experiencing a drastic evolution with the advent of Machine to Machine (M2M) systems and the Internet of Things (IoT), which is expected to result in billions of connected devices in the near future. In parallel,...
Intrusion Detection System (IDS) is the process of monitoring the events that occur in a system or network and process them for possible intrusions where as Intrusion Prevention System (IPS) has the capability to attempt to stop such possible intrusions. Combining the two systems will result in IDPS which not only detects the attacks but also prevent such attacks to occur in the networks. Distributed...
Due to extensive use of various network services and web based applications and heterogeneous organizational security requirements, enterprise network configuration is becoming very complex that imposes high operational workload on both regular and experienced administrators. This complexity extensively reduces overall network assurability and usability which in turn make the network vulnerable to...
The worm is still one of the most serious threat to the Network security. The logical worm propagation model could characterize the propagation of Internet worms more exactly, and could be more helpful to carry out the worm protection, detection and suppression technology research. In the initial phase of this paper, a heterogeneous network oriented worm propagation model namely Enhanced-AAWP was...
Our network infrastructure is exposed to persistent threats of DDoS and many unknown attacks. These threats threaten the availability of ISP's network and services. This paper proposes network-based anomalous traffic detection method and presents an anomalous traffic detection system, its architecture and main function blocks. Every five minutes, traffic information and security events are gathered...
In IPv6 network, before configuring any address, a node must perform Duplicate Address Detection (DAD) to ensure the address is unique on link. However, original DAD is unreliable and vulnerable. In this article, a pull model DAD is designed, which achieves improvements both in reliability and security through changing the solicitation model. Comparing with SEcure Neighbor Discovery (SEND), this proposal...
Attack graphs can reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromise of given critical resources. In order to resolve the current emergence methods of generating attack graphs is difficult to apply to the large-scale complex network system; this paper presents a scalable, bidirectional-based search strategy to generate attack...
Syslog audit acts an important role in keeping host secure. This paper studied Host-based syslog, and constructed a secure state model for host performing normally from the angle of anomaly detection. Through deep research on syslog protocol, a log collection tool was created for collecting remote or local host syslog. Because different segments of syslog imply different system information, the model...
This study is focus on SIP of VoIP, and simulated and analysed by NS2. In addition, because of the security issues are the main factor to affect its popularization, and the DDOS attack has become one of the more serious issues in VoIP network security domain. Therefore this research carries on the simulation analysis to various types attack by NS2, and further discusses under the DDoS attack between...
Mobile ad hoc networks allow to create very dynamic communication systems, which are independent from any fixed infrastructure. One of the most important issues regarding the management of an ad hoc network is the configuration of the system according to the way users move. Since a centralized control structure does not exist, we need to determine how the IP addresses must be assigned to the nodes...
As the number of VoIP users increase and as the deployment of SIP devices gains ground, security has risen as a potential issue worthy of our consideration. VoIP is an application running on the data network and as such, inherits the security issues common to IP. The man-in-the-middle (MitM) attacks and the denial of service (DoS) attacks are the hackneyed and evil cyber attacks in the IP which can...
In P2P systems, it is important to guarantee the efficiency and security of message routing between the source and the destination. Unfortunately, malicious attackers can easily insert a lot of nodes they controlled, and disturb the message routing between honest nodes. In order to counter such attacks, secure routing protocols which ensure successful message routing are needed. Furthermore, it is...
This paper describes the approach and preliminary results from the research project EUX2010sec. The project works closely with Voice-over-IP (VoIP) companies and users. It aims at providing better security of open source VoIP installations. The work towards this goal is organized by gathering researchers and practitioners around several scientific activities that range from security modeling and verification...
In this paper, we propose a secure binding update authentication scheme in FMIPv6 for wireless vehicular networks. The scheme guarantees mutual authentication, secrecy, and integrity based on pre-authentication. We analyze the security of the binding update authentication scheme and the security requirements using AVISPA Tool that supports a rigorous analysis of security.
This study is focus on SIP of VoIP, and simulated and analysed by NS2. In addition, because of the security issues are the main factor to affect its popularization, and the DDOS attack has become one of the more serious issues in VoIP network security domain. Therefore this research carries on the simulation analysis to various types attack by NS2, and further discusses under the DDoS attack between...
The extensible authentication protocol (EAP), which is typically used over wireless LANs and point-to-point links, allows a server to request authentication information from a client. The protocol for carrying authentication for network access (PANA) is designed to transport EAP messages over IP networks. This paper presents a formal coloured Petri net model and analysis of PANA, focusing on the initial...
The demand for group communications to supply a same service to customer is increasing lately, and thus the support for group oriented multicast service is necessary. For this, an internet accepts IP multicast as a standard protocol. IP multicast can increase network efficiency by decreasing unneeded data stream with the help of network replication model, but its security is weak since it uses opened...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.