The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Neighbor Discovery Protocol (NDP) is significant in mobile network, which enables mobile node randomly access to foreign network by Stateless Link Address Autoconfiguration (SLAAC). However, the NDP initially offers no protection mechanism and is prone to address spoofing and Denial of Service (DoS). Secure Neighbor Discovery Protocol (SeNDP) is proposed to solve these NDP threats. Recently there...
Tracing IP packets to their sources, known as IP-Traceback, is a critical task in defending against IP spoofing and DoS attacks. There are several solutions to traceback to the origin of the attack. However, all these solutions require either all routers or ISPs to support the same IP-Traceback mechanism. To address this limitation, we propose an IP-Traceback approach at the level of autonomous systems,...
Distributed Denial of Service (DDoS) flooding attacks are one of the biggest challenges to the availability of online services today. These DDoS attacks overwhelm the victim with huge volume of traffic and render it incapable of performing normal communication or crashes it completely. If there are delays in detecting the flooding attacks, nothing much can be done except to manually disconnect the...
Identity management (IdM) systems employ Identity Providers (IdPs), as guardians of users' critical information. However, Distributed Denial-of-Service (DDoS) attacks can make IdPs operations unavailable, compromising legitimate users. In the literature, the main countermeasures against DDoS attacks are based on either the application of external resources to extend the system lifetime (replication)...
Penetration testing helps to secure networks, and highlights the security issues. In this paper investigate different aspects of penetration testing including tools, attack methodologies, and defense strategies. More specifically, we performed different penetration tests using a private networks, devices, and virtualized systems and tools. We predominately used tools within the Kali Linux suite. The...
Security and the confidentiality during the data transfer are the important metric in the network design. A group of sequential actions to assure the data confidentiality refers the intrusion. Intrusion in network gathers the information related to unauthorized access, and the exploitation of several vulnerabilities raised by attacks. This paper presents the detailed survey of strategies involved...
A Mobile Ad hoc Network (MANET) consists of a group of mobile nodes that can move abruptly in and out the network. MANET has several special specifications including, non-fixed infrastructure, the absence of a central administration, limited bandwidth, and limited energy. Merging two MANETs is a situation that can occur frequently because of mobility. Due to the nature of MANET, it is vulnerable to...
This paper proposes new firewall for protecting smartphone from cyber threats. The key idea is to offload firewall functions to OpenFlow-capable wireless access points (APs). The widespread use of smartphones requires protection against cyber threats targeted to the device. Our research group therefore explored the suitable protection schemes and found that the OpenFlow-capable APs are able to facilitate...
IP Telephony or simply Voice over IP (VoIP) is technology that enables real time voice communications over packet switched networks using TCP/IP. This technology is booming and its deployment is very complex. VoIP is often deployed in an open environment; therefore, it is subject to the same threats, e.g., denial-of-service attacks (DoS), frequently seen on the Internet. Given this, our first objective...
Accidents of information leakage and system hacking caused by identity theft in the organization/company have happened frequently. Many companies make a lot of efforts to prevent account theft such as access control, multi-factor authentication, encryption, and response to malicious code. It is not easy to apply them to the company because of less efficiency and inconvenience. In this paper, countermeasure...
Customers trust is the most important factor for an organization success. This trust only builds if customers receive unhindered services from their vendors. A major threat in successfully building a customer-vendor trust relationship exists in the form of Distributed Denial of Service attacks. These attacks have become more evasive and complex with time such that existing security mechanisms are...
Information security deals with a large number of subjects like spoofed message detection, audio processing, video surveillance and cyber-attack detections. However the biggest threat for the homeland security is cyber-attacks. Distributed Denial of Service attack is one among them. Interconnected systems such as database server, web server, cloud computing servers etc., are now under threads from...
Securing communication is a comprehensive challenge due to the increasing of threats and attacks to network security. By knowing the various of threats and attacks, we can collect broad data from the network, by using honeypot. Implemented honeypot uses low-interaction type that is honeyd and other supporting software such as apache2 and bind9. Based on the research, honeypot is successfully giving...
Industrial control system (ICS) security has been a topic of research for several years now and the growing interconnectedness with enterprise systems (ES) is exacerbating the existing issues. Research efforts, however, are impeded by the lack of data that integrate both types of systems. This paper presents an empirical analysis of malicious activities aimed at integrated ICS and ES environment using...
Security of any distributed system is not only complex in nature, it also needs much more attention as most of the applications being used and developed in recent past are on distributed platform. Denial of Service (DoS) attack causes drop in quality of service and may also reach to entire absence of service for some ‘real’ users. Identifying some users as attackers also need appropriate algorithm...
There has been a rampant surge in compromise of consumer grade small scale routers in the last couple of years. Attackers are able to manipulate the Domain Name Space (DNS) settings of these devices hence making them capable of initiating different man-in-the-middle attacks. By this study we aim to explore and comprehend the current state of these attacks. Focusing on the Indian Autonomous System...
Although some security threats were taken into consideration in the IPv6 design, DDoS attacks still exist in the IPv6 networks. The main difficulty to counter the DDoS attacks is to trace the source of such attacks, as the attackers often use spoofed source IP addresses to hide their identity. This makes the IP traceback schemes very relevant to the security of the IPv6 networks. Given that most of...
Distributed denial of service (DDoS) attacks have caused tremendous damage to ISPs and online services. They can be divided into attacks using spoofed IPs and attacks using real IPs (botnet). Among them the attacks from real IPs are much harder to mitigate since the attack traffic can be fabricated to be similar to legitimate traffic. The corresponding DDoS defence strategies proposed in past few...
Protecting publicly available servers in internet today is a serious challenge, especially when encountering Distributed denial-of-service (DDoS) attacks. In traditional internet, there is narrow scope of choices one can take when ingress traffic overloads physical connection limits. This paper proposes Firewall as a service in internet service providers (ISP) networks allowing end users to request...
We statistically investigated the total A-resource record (RR) based DNS query request packet traffic from the campus network system to the top domain DNS server in a university during January 1st to December 31st, 2014. The obtained results are: (1) we found significant query keyword based entropy changes in the total DNS query request traffic at February 5th, 2014. (2) In the total A-RR based DNS...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.