The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This paper focuses on research device management mechanisms such as routers and switches, based on the NETCONF protocol, considered user authentication mechanisms using RADIUS-server and implementation of these mechanisms in currently being developed Eltex Network OS. Reflected the main features of NETCONF protocol — Network Configuration Protocol, produced theoretical and experimental comparison...
The Internet of Things (IoT) have become popular in diverse domains because of their accessibility and mobility as well as cost-efficient manufacturing, deployment, and maintenance process. The widespread deployment of IoT devices makes them an attractive target for an attacker trying to gain unauthorized access to an IoT-based system. An adversary clones a real hardware device or compromises embedded...
Correct behaviour of X.509 certificate validation code in SSL/TLS implementations is crucial to ensure secure communication channels. Recently, there have been major efforts in testing these implementations, namely frankencerts and mucerts, which provide new ways to generate test certificates which are likely to reveal errors in the implementations of X.509 validation logic. However, it remains a...
In order to resist unauthorized access, consumer storage devices are typically protected using a low entropy password. However, storage devices are not fully protected against an adversary because the adversary can utilize an off-line dictionary attack to find the correct password and/or run an existing algorithm for resetting the existing password. In addition, a password protected device may also...
With the rapid development of e-commerce, online services have become a usual part of our lives, such as online gaming, music or software downloads, pay-per-view content, and membership fees. But the amount of money spent for these services often is only a few multiple of the smallest currency unit. These kinds of payments are called micropayment. Therefore, in the field of electronic payment, micropayment...
Secure end-to-end communication has become a necessity for many people. In this research paper we survey the most popular and widely used secure anonymous Instant Messaging (IM) services and protocols, study them from a security and anonymity point of view, and investigate how these services or protocols could be compromised.
This paper discusses background security supporting services compatible with computer systems protected by the Orthus authentication protocol. A secure password change protocol for Orthus along with implications for User session duration time-outs and long running services is also outlined. Reference is given to the protocols adaptation to encompass spontaneous randomly generated elements by the use...
Software defined network (SDN) is an emerging network architecture which offloads the control logic of the network from the underlying forwarding devices to a centralized controller. This centralized control intelligence software defines the behavior of the network. However, the programmability and centralization of the SDN architecture introduce potential security concerns. In this paper, we first...
There is an immense expectation on Software-Defined Networking (SDN) in industry as a novel approach towards potentially replacing conventional network management and control. However, SDN is not immune to security vulnerabilities which currently exist in the legacy systems or which may newly arise due to change in the network design. Since the beginning of SDN development, primary focus of research...
With Ethernet as an ubiquitous technology also emerging in industrial networks, security is becoming one of the most important aspects. Whereas IT-networks together with their security features in the office domain are subject of a dynamic change, networks in the industrial environment have a long operational time and therefore are more vulnerable to unauthorized access due to outdated hard- and software...
FELIX, the EU-Japan jointly-funded project, establishes a software defined networking (SDN) experimental facility which spans two continents and several administrative domains via dynamic transit network connections. The FELIX architectural blueprint provides an excellent example where key topics such as policy-based software-defined infrastructure instantiation is supported by resource orchestrators...
The transition from product-centric to service-centric business models presents a major challenge to industrial automation and manufacturing systems. This transition increases Machine-to-Machine connectivity among industrial devices, industrial controls systems, and factory floor devices. While initiatives like Industry 4.0 or the Industrial Internet Consortium motivate this transition, the emergence...
Media Access Layer (MAC) vulnerabilities are the primary reason for the existence of the significant number of Denial of Service (DoS) attacks in 802.11 Wi-Fi networks. In this paper we focus on the de-authentication DoS (Deauth-DoS) attack in Wi-Fi networks. In Deauth-DoS attack an attacker sends a large number of spoofed de-authentication frames to the client (s) resulting in their disconnection...
Renewable energy resources are becoming popular with mass adoption in residential and commercial applications because of gradual cost reduction along with continuous technical advancements. Photovoltaic (PV) energy is one of the biggest players of renewable energy installations although soft costs remain as a major barrier for higher penetration of PV systems. To significantly lower the soft costs...
Mobile authentication systems for mobile payment often use either the web or mobile channel individually to confirm the identity request of a remote user. Most common activity in mobile commerce is done through mobile phones. The mobile phones are vulnerable to numerous security threats due to involvement of valuable financial and personal information.
The V2G (Vehicle to Grid) communication is used for exchanging various information between EV (Electric Vehicle) and smart grid. The ISO/IEC 15118 is the typical V2G communication standard. Although many automobile companies have a developed the charging application software based on the ISO/IEC 15118 standard, there is not much software for the reliability test of the EV charging application developed...
The increasing interconnectivity of industrial control system (ICS) networks has exposed them to a wide range of security problems. In recent years, efforts from industries and research communities have been made in addressing the security issues of ICSs. However, the ICSs security for critical infrastructures is still a challenging issue today. Controller, supervisory software and control network...
The external storage using a universal serial bus (USB) communication become the most popular use for storing digital data. Application such as evidence acquisition in digital forensic area needs external storage devices that are portable, high speed of data transfer, and easy to use for collecting digital data from suspect computers. Apart from these advantages of USB storage devices, they do not...
To meet government requirements for positioning emergency services, Long Term Evolution (LTE), the latest generation of mobile communications popular in North America and Europe, incorporates the ability to ascertain the position of the user equipment via the network. This additional signaling means that there is also the chance that the user position may be vulnerable to being intercepted by unauthorized...
Programmable Logic Controllers (PLCs) are the most important components embedded in Industrial Control Systems (ICSs). ICSs have achieved highest standards in terms of efficiency and performance. As a result of that, higher portion of infrastructure in industries has been automated for the comfort of human beings. Therefore, protection of such systems is crucial. It is important to investigate the...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.