Biblio

Found 330 results

Filters: Keyword is Monitoring  [Clear All Filters]
2020-05-15
Fan, Renshi, Du, Gaoming, Xu, Pengfei, Li, Zhenmin, Song, Yukun, Zhang, Duoli.  2019.  An Adaptive Routing Scheme Based on Q-learning and Real-time Traffic Monitoring for Network-on-Chip. 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID). :244—248.
In the Network on Chip (NoC), performance optimization has always been a research focus. Compared with the static routing scheme, dynamical routing schemes can better reduce the data of packet transmission latency under network congestion. In this paper, we propose a dynamical Q-learning routing approach with real-time monitoring of NoC. Firstly, we design a real-time monitoring scheme and the corresponding circuits to record the status of traffic congestion for NoC. Secondly, we propose a novel method of Q-learning. This method finds an optimal path based on the lowest traffic congestion. Finally, we dynamically redistribute network tasks to increase the packet transmission speed and balance the traffic load. Compared with the C-XY routing and DyXY routing, our method achieved improvement in terms of 25.6%-49.5% and 22.9%-43.8%.
2020-04-10
Repetto, M., Carrega, A., Lamanna, G..  2019.  An architecture to manage security services for cloud applications. 2019 4th International Conference on Computing, Communications and Security (ICCCS). :1—8.
The uptake of virtualization and cloud technologies has pushed novel development and operation models for the software, bringing more agility and automation. Unfortunately, cyber-security paradigms have not evolved at the same pace and are not yet able to effectively tackle the progressive disappearing of a sharp security perimeter. In this paper, we describe a novel cyber-security architecture for cloud-based distributed applications and network services. We propose a security orchestrator that controls pervasive, lightweight, and programmable security hooks embedded in the virtual functions that compose the cloud application, pursuing better visibility and more automation in this domain. Our approach improves existing management practice for service orchestration, by decoupling the management of the business logic from that of security. We also describe the current implementation stage for a programmable monitoring, inspection, and enforcement framework, which represents the ground technology for the realization of the whole architecture.
2020-03-16
Yadav, Geeta, Paul, Kolin.  2019.  Assessment of SCADA System Vulnerabilities. 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1737–1744.
SCADA system is an essential component for automated control and monitoring in many of the Critical Infrastructures (CI). Cyber-attacks like Stuxnet, Aurora, Maroochy on SCADA systems give us clear insight about the damage a determined adversary can cause to any country's security, economy, and health-care systems. An in-depth analysis of these attacks can help in developing techniques to detect and prevent attacks. In this paper, we focus on the assessment of SCADA vulnerabilities from the widely used National Vulnerability Database (NVD) until May 2019. We analyzed the vulnerabilities based on severity, frequency, availability, integrity and confidentiality impact, and Common Weaknesses. The number of reported vulnerabilities are increasing yearly. Approximately 89% of the attacks are the network exploits severely impacting availability of these systems. About 19% of the weaknesses are due to buffer errors due to the use of insecure and legacy operating systems. We focus on finding the answer to four key questions that are required for developing new technologies for securing SCADA systems. We believe this is the first study of its kind which looks at correlating SCADA attacks with publicly available vulnerabilities. Our analysis can provide security researchers with useful insights into SCADA critical vulnerabilities and vulnerable components, which need attention. We also propose a domain-specific vulnerability scoring system for SCADA systems considering the interdependency of the various components.
2020-02-17
Ganguly, Pallab, Nasipuri, Mita, Dutta, Sourav.  2019.  Challenges of the Existing Security Measures Deployed in the Smart Grid Framework. 2019 IEEE 7th International Conference on Smart Energy Grid Engineering (SEGE). :1–5.
Due to the rise of huge population in mankind and the large variety of upcoming utilization of power, the energy requirement has substantially increased. Smart Grid is a very important part of the Smart Cities initiative and is one of the crucial components in distribution and reconciliation of energy. Security of the smart grid infrastructure, which is an integral part of the smart grid framework, intended at transitioning the conventional power grid system into a robust, reliable, adaptable and intelligent energy utility, is an impending problem that needs to be arrested quickly. With the increasingly intensifying integration of smart devices in the smart grid infrastructure with other interconnected applications and the communication backbone is compelling both the energy users and the energy utilities to thoroughly look into the privacy and security issues of the smart grid. In this paper, we present challenges of the existing security mechanisms deployed in the smart grid framework and we tried to bring forward the unresolved problems that would highlight the security aspects of Smart Grid as a challenging area of research and development in the future.
2020-05-04
de Sá, Alan Oliveira, Carmo, Luiz Fernando Rust da C., Santos Machado, Raphael C..  2019.  Countermeasure for Identification of Controlled Data Injection Attacks in Networked Control Systems. 2019 II Workshop on Metrology for Industry 4.0 and IoT (MetroInd4.0 IoT). :455–459.
Networked Control Systems (NCS) are widely used in Industry 4.0 to obtain better management and operational capabilities, as well as to reduce costs. However, despite the benefits provided by NCSs, the integration of communication networks with physical plants can also expose these systems to cyber threats. This work proposes a link monitoring strategy to identify linear time-invariant transfer functions performed by a Man-in-the-Middle during controlled data injection attacks in NCSs. The results demonstrate that the proposed identification scheme provides adequate accuracy when estimating the attack function, and does not interfere in the plant behavior when the system is not under attack.
2020-01-13
Guanyu, Chen, Yunjie, Han, Chang, Li, Changrui, Lin, Degui, Fang, Xiaohui, Rong.  2019.  Data Acquisition Network and Application System Based on 6LoWPAN and IPv6 Transition Technology. 2019 IEEE 2nd International Conference on Electronics Technology (ICET). :78–83.
In recent years, IPv6 will gradually replace IPv4 with IPv4 address exhaustion and the rapid development of the Low-Power Wide-Area network (LPWAN) wireless communication technology. This paper proposes a data acquisition and application system based on 6LoWPAN and IPv6 transition technology. The system uses 6LoWPAN and 6to4 tunnel to realize integration of the internal sensor network and Internet to improve the adaptability of the gateway and reduce the average forwarding delay and packet loss rate of small data packet. Moreover, we design and implement the functions of device access management, multiservice data storage and affair data service by combining the C/S architecture with the actual uploaded river quality data. The system has the advantages of flexible networking, low power consumption, rich IPv6 address, high communication security, and strong reusability.
2020-03-30
Kim, Sejin, Oh, Jisun, Kim, Yoonhee.  2019.  Data Provenance for Experiment Management of Scientific Applications on GPU. 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS). :1–4.
Graphics Processing Units (GPUs) are getting popularly utilized for multi-purpose applications in order to enhance highly performed parallelism of computation. As memory virtualization methods in GPU nodes are not efficiently provided to deal with diverse memory usage patterns for these applications, the success of their execution depends on exclusive and limited use of physical memory in GPU environments. Therefore, it is important to predict a pattern change of GPU memory usage during runtime execution of an application. Data provenance extracted from application characteristics, GPU runtime environments, input, and execution patterns from runtime monitoring, is defined for supporting application management to set runtime configuration and predict an experimental result, and utilize resource with co-located applications. In this paper, we define data provenance of an application on GPUs and manage data by profiling the execution of CUDA scientific applications. Data provenance management helps to predict execution patterns of other similar experiments and plan efficient resource configuration.
2020-03-23
Qin, Peng, Tan, Cheng, Zhao, Lei, Cheng, Yueqiang.  2019.  Defending against ROP Attacks with Nearly Zero Overhead. 2019 IEEE Global Communications Conference (GLOBECOM). :1–6.
Return-Oriented Programming (ROP) is a sophisticated exploitation technique that is able to drive target applications to perform arbitrary unintended operations by constructing a gadget chain reusing existing small code sequences (gadgets) collected across the entire code space. In this paper, we propose to address ROP attacks from a different angle-shrinking available code space at runtime. We present ROPStarvation , a generic and transparent ROP countermeasure that defend against all types of ROP attacks with almost zero run-time overhead. ROPStarvation does not aim to completely stop ROP attacks, instead it attempts to significantly increase the bar by decreasing the possibility of launching a successful ROP exploit in reality. Moreover, shrinking available code space at runtime is lightweight that makes ROPStarvation practical for being deployed with high performance requirement. Results show that ROPStarvation successfully reduces the code space of target applications by 85%. With the reduced code segments, ROPStarvation decreases the probability of building a valid ROP gadget chain by 100% and 83% respectively, with the assumptions that whether the adversary knows the vulnerable applications are protected by ROPStarvation . Evaluations on the SPEC CPU2006 benchmark show that ROPStarvation introduces nearly zero (0.2% on average) run-time performance overhead.
Rustgi, Pulkit, Fung, Carol.  2019.  Demo: DroidNet - An Android Permission Control Recommendation System Based on Crowdsourcing. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :737–738.
Mobile and web application security, particularly the areas of data privacy, has raised much concerns from the public in recent years. Most applications, or apps for short, are installed without disclosing full information to users and clearly stating what the application has access to, which often raises concern when users become aware of unnecessary information being collected. Unfortunately, most users have little to no technical expertise in regards to what permissions should be turned on and can only rely on their intuition and past experiences to make relatively uninformed decisions. To solve this problem, we developed DroidNet, which is a crowd-sourced Android recommendation tool and framework. DroidNet alleviates privacy concerns and presents users with high confidence permission control recommendations based on the decision from expert users who are using the same apps. This paper explains the general framework, principles, and model behind DroidNet while also providing an experimental setup design which shows the effectiveness and necessity for such a tool.
2020-02-17
Liu, Zhikun, Gui, Canzhi, Ma, Chao.  2019.  Design and Verification of Integrated Ship Monitoring Network with High Reliability and Zero-Time Self-Healing. 2019 Chinese Control And Decision Conference (CCDC). :2348–2351.
The realization principle of zero-time self-healing network communication technology is introduced. According to the characteristics of ship monitoring, an integrated ship monitoring network is designed, which integrates the information of ship monitoring equipment. By setting up a network performance test environment, the information delay of self-healing network switch is tested, and the technical characteristics of "no packet loss" are verified. Zero-time self-healing network communication technology is an innovative technology in the design of ship monitoring network. It will greatly reduce the laying of network cables, reduce the workload of information upgrade and transformation of ships, and has the characteristics of continuous maintenance of the network. It has a wide application prospect.
2019-11-26
Chen, Qiu-Liang, Bai, Jia-Ju, Jiang, Zu-Ming, Lawall, Julia, Hu, Shi-Min.  2019.  Detecting Data Races Caused by Inconsistent Lock Protection in Device Drivers. 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER). :366-376.
Data races are often hard to detect in device drivers, due to the non-determinism of concurrent execution. According to our study of Linux driver patches that fix data races, more than 38% of patches involve a pattern that we call inconsistent lock protection. Specifically, if a variable is accessed within two concurrently executed functions, the sets of locks held around each access are disjoint, at least one of the locksets is non-empty, and at least one of the involved accesses is a write, then a data race may occur.In this paper, we present a runtime analysis approach, named DILP, to detect data races caused by inconsistent lock protection in device drivers. By monitoring driver execution, DILP collects the information about runtime variable accesses and executed functions. Then after driver execution, DILP analyzes the collected information to detect and report data races caused by inconsistent lock protection. We evaluate DILP on 12 device drivers in Linux 4.16.9, and find 25 real data races.
2020-04-13
Wadsworth, Anthony, Thanoon, Mohammed I., McCurry, Charles, Sabatto, Saleh Zein.  2019.  Development of IIoT Monitoring and Control Security Scheme for Cyber Physical Systems. 2019 SoutheastCon. :1–5.
Industry 4.0 or the fourth industrial revolution encapsulates future industry development trends to achieve more intelligent manufacturing processes, including reliance on Cyber Physical Systems (CPS). The increase in online access and control given by the incorporation of CPSs introduces a new challenge securing the operations of the CPS in that they are not supported by standard security protocols. This paper describes a process used to effectively protect the operations of an IIoT system by implementing security protocols on the CPS within the IIoT. A series of predefined boundary conditions of the safety critical parameters for which a heating and cooling CPS can safely operate within were established. If the CPS is commended to operate outside of these boundaries, it will disconnect from all external communication network and default to some pre-defined safe-operation mode until the system has been evaluated locally by an administrator and released from the safe-mode. This method was tested and validated by establishing a sample IIoT and CPS testbed setup which monitor and control the temperature of a target environment. An attack was initiated to force the target environment outside of the determined safety-critical parameters. The system responded by disabling all network ports and defaulted to the safe-operation mode established previously.
2020-02-17
Ullah, N., Ali, S. M., Khan, B., Mehmood, C. A., Anwar, S. M., Majid, M., Farid, U., Nawaz, M. A., Ullah, Z..  2019.  Energy Efficiency: Digital Signal Processing Interactions Within Smart Grid. 2019 International Conference on Engineering and Emerging Technologies (ICEET). :1–6.
Smart Grid (SG) is regarded as complex electrical power system due to massive penetration of Renewable Energy Resources and Distribution Generations. The implementation of adjustable speed drives, advance power electronic devices, and electric arc furnaces are incorporated in SG (the transition from conventional power system). Moreover, SG is an advance, automated, controlled, efficient, digital, and intelligent system that ensures pertinent benefits, such as: (a) consumer empowerment, (b) advanced communication infrastructure, (c) user-friendly system, and (d) supports bi-directional power flow. Digital Signal Processing (DSP) is key tool for SG deployment and provides key solutions to a vast array of complex SG challenges. This research provides a comprehensive study on DSP interactions within SG. The prominent challenges posed by conventional grid, such as: (a) monitoring and control, (b) Electric Vehicles infrastructure, (c) cyber data injection attack, (d) Demand Response management and (e) cyber data injection attack are thoroughly investigated in this research.
Moquin, S. J., Kim, SangYun, Blair, Nicholas, Farnell, Chris, Di, Jia, Mantooth, H. Alan.  2019.  Enhanced Uptime and Firmware Cybersecurity for Grid-Connected Power Electronics. 2019 IEEE CyberPELS (CyberPELS). :1–6.
A distributed energy resource prototype is used to show cybersecurity best practices. These best practices include straightforward security techniques, such as encrypted serial communication. The best practices include more sophisticated security techniques, such as a method to evaluate and respond to firmware integrity at run-time. The prototype uses embedded Linux, a hardware-assisted monitor, one or more digital signal processors, and grid-connected power electronics. Security features to protect communication, firmware, power flow, and hardware are developed. The firmware run-time integrity security is presently evaluated, and shown to maintain power electronics uptime during firmware updating. The firmware run-time security feature can be extended to allow software rejuvenation, multi-mission controls, and greater flexibility and security in controls.
Eckhart, Matthias, Ekelhart, Andreas, Weippl, Edgar.  2019.  Enhancing Cyber Situational Awareness for Cyber-Physical Systems through Digital Twins. 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1222–1225.
Operators of cyber-physical systems (CPSs) need to maintain awareness of the cyber situation in order to be able to adequately address potential issues in a timely manner. For instance, detecting early symptoms of cyber attacks may speed up the incident response process and mitigate consequences of attacks (e.g., business interruption, safety hazards). However, attaining a full understanding of the cyber situation may be challenging, given the complexity of CPSs and the ever-changing threat landscape. In particular, CPSs typically need to be continuously operational, may be sensitive to active scanning, and often provide only limited in-depth analysis capabilities. To address these challenges, we propose to utilize the concept of digital twins for enhancing cyber situational awareness. Digital twins, i.e., virtual replicas of systems, can run in parallel to their physical counterparts and allow deep inspection of their behavior without the risk of disrupting operational technology services. This paper reports our work in progress to develop a cyber situational awareness framework based on digital twins that provides a profound, holistic, and current view on the cyber situation that CPSs are in. More specifically, we present a prototype that provides real-time visualization features (i.e., system topology, program variables of devices) and enables a thorough, repeatable investigation process on a logic and network level. A brief explanation of technological use cases and outlook on future development efforts completes this work.
2020-02-24
Ahmadi-Assalemi, Gabriela, al-Khateeb, Haider M., Epiphaniou, Gregory, Cosson, Jon, Jahankhani, Hamid, Pillai, Prashant.  2019.  Federated Blockchain-Based Tracking and Liability Attribution Framework for Employees and Cyber-Physical Objects in a Smart Workplace. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3). :1–9.
The systematic integration of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) into the supply chain to increase operational efficiency and quality has also introduced new complexities to the threat landscape. The myriad of sensors could increase data collection capabilities for businesses to facilitate process automation aided by Artificial Intelligence (AI) but without adopting an appropriate Security-by-Design framework, threat detection and response are destined to fail. The emerging concept of Smart Workplace incorporates many CPS (e.g. Robots and Drones) to execute tasks alongside Employees both of which can be exploited as Insider Threats. We introduce and discuss forensic-readiness, liability attribution and the ability to track moving Smart SPS Objects to support modern Digital Forensics and Incident Response (DFIR) within a defence-in-depth strategy. We present a framework to facilitate the tracking of object behaviour within Smart Controlled Business Environments (SCBE) to support resilience by enabling proactive insider threat detection. Several components of the framework were piloted in a company to discuss a real-life case study and demonstrate anomaly detection and the emerging of behavioural patterns according to objects' movement with relation to their job role, workspace position and nearest entry or exit. The empirical data was collected from a Bluetooth-based Proximity Monitoring Solution. Furthermore, a key strength of the framework is a federated Blockchain (BC) model to achieve forensic-readiness by establishing a digital Chain-of-Custody (CoC) and a collaborative environment for CPS to qualify as Digital Witnesses (DW) to support post-incident investigations.
2020-01-21
Saadeh, Huda, Almobaideen, Wesam, Sabri, Khair Eddin, Saadeh, Maha.  2019.  Hybrid SDN-ICN Architecture Design for the Internet of Things. 2019 Sixth International Conference on Software Defined Systems (SDS). :96–101.
Internet of Things (IoT) impacts the current network with many challenges due to the variation, heterogeneity of its devices and running technologies. For those reasons, monitoring and controlling network efficiently can rise the performance of the network and adapts network techniques according to environment measurements. This paper proposes a new privacy aware-IoT architecture that combines the benefits of both Information Centric Network (ICN) and Software Defined Network (SDN) paradigms. In this architecture controlling functionalities are distributed over multiple planes: operational plane which is considered as smart ICN data plane with Controllers that control local clusters, tactical plane which is an Edge environment to take controlling decisions based on small number of clusters, and strategic plane which is a cloud controlling environment to make long-term decision that affects the whole network. Deployment options of this architecture is discussed and SDN enhancement due to in-network caching is evaluated.
2020-02-10
Ben Othmane, Lotfi, Jamil, Ameerah-Muhsina, Abdelkhalek, Moataz.  2019.  Identification of the Impacts of Code Changes on the Security of Software. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:569–574.
Companies develop their software in versions and iterations. Ensuring the security of each additional version using code review is costly and time consuming. This paper investigates automated tracing of the impacts of code changes on the security of a given software. To this end, we use call graphs to model the software code, and security assurance cases to model the security requirements of the software. Then we relate assurance case elements to code through the entry point methods of the software, creating a map of monitored security functions. This mapping allows to evaluate the security requirements that are affected by code changes. The approach is implemented in a set of tools and evaluated using three open-source ERP/E-commerce software applications. The limited evaluation showed that the approach is effective in identifying the impacts of code changes on the security of the software. The approach promises to considerably reduce the security assessment time of the subsequent releases and iterations of software, keeping the initial security state throughout the software lifetime.
2020-03-02
Zheng, Zhengfan, Zheng, Bo, Wu, Yuechao, Chen, Shangui.  2019.  An Integrated Safety Management System Based on Ubiquitous Internet of Things in Electricity for Smart Pumped-storage Power Stations. 2019 4th International Conference on Intelligent Green Building and Smart Grid (IGBSG). :548–551.
The safety management is an important and fundamental task in the construction and operation of pumped-storage power stations. However, because of the traditional technical framework, the relevant systems are separated from each other, leading to a lot of disadvantages in application and performance. In order to meet the requirements of smart pumped-storage power stations, an integrated safety management system (ISMS) based on ubiquitous internet of things in electricity is proposed in this paper. The ISMS is divided into five layers including data display layer, data manipulation layer, data processing layer, data transmission layer and data acquisition layer. It consists of six modules, i.e., central control module, cave access control and personnel location module, video and security monitoring module, emergency broadcasting and communication module, geological warning module, and fall protection module. All modules are integrated into a unified information platform.
2020-01-13
Potrino, Giuseppe, de Rango, Floriano, Santamaria, Amilcare Francesco.  2019.  Modeling and evaluation of a new IoT security system for mitigating DoS attacks to the MQTT broker. 2019 IEEE Wireless Communications and Networking Conference (WCNC). :1–6.
In recent years, technology use has assumed an important role in the support of human activities. Intellectual work has become the main preferred human activity, while structured activities are going to become ever more automatized for increasing their efficiency. For this reason, we assist to the diffusion of ever more innovative devices able to face new emergent problems. These devices can interact with the environment and each other autonomously, taking decisions even without human control. This is the Internet of Things (IoT) phenomenon, favored by low cost, high mobility, high interaction and low power devices. This spread of devices has become uncontrolled, but security in this context continues to increase slowly. The purpose of this work is to model and evaluate a new IoT security system. The context is based on a generic IoT system in the presence of lightweight actuator and sensor nodes exchanging messages through Message Queue Telemetry Transport (MQTT) protocol. This work aims to increase the security of this protocol at application level, particularly mitigating Denial of Service (DoS) attacks. The system is based on the use of a host Intrusion Detection System (IDS) which applies a threshold based packet discarding policy to the different topics defined through MQTT.
2020-04-06
Huang, Wei-Chiao, Yeh, Lo-Yao, Huang, Jiun-Long.  2019.  A Monitorable Peer-to-Peer File Sharing Mechanism. 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS). :1–4.
With the rise of blockchain technology, peer-to-peer network system has once again caught people's attention. Peer-to-peer (P2P) is currently being implemented on various kind of decentralized systems such as InterPlanetary File System (IPFS). However, P2P file sharing network systems is not without its flaws. Data stored in the other nodes cannot be deleted by the owner and can only be deleted by other nodes themselves. Ensuring that personal data can be completely removed is an important issue to comply with the European Union's General Data Protection Regulation (GDPR) criteria. To improve P2Ps privacy and security, we propose a monitorable peer-to-peer file sharing mechanism that synchronizes with other nodes to perform file deletion and to generate the File Authentication Code (FAC) of each IPFS nodes in order to make sure the system synchronized correctly. The proposed mechanism can integrate with a consortium Blockchain to comply with GDPR.
2020-03-16
Lin, Kuo-Sui.  2019.  A New Evaluation Model for Information Security Risk Management of SCADA Systems. 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS). :757–762.
Supervisory control and data acquisition (SCADA) systems are becoming increasingly susceptible to cyber-physical attacks on both physical and cyber layers of critical information infrastructure. Failure Mode and Effects Analysis (FMEA) have been widely used as a structured method to prioritize all possible vulnerable areas (failure modes) for design review of security of information systems. However, traditional RPN based FMEA has some inherent problems. Besides, there is a lacking of application of FMEA for security in SCADAs under vague and uncertain environment. Thus, the main purpose of this study was to propose a new evaluation model, which not only intends to recover above mentioned problems, but also intends to evaluate, prioritize and correct security risk of SCADA system's threat modes. A numerical case study was also conducted to demonstrate that the proposed new evaluation model is not only capable of addressing FMEA's inherent problems but also is best suited for a semi-quantitative high level analysis of a secure SCADA's failure modes in the early design phases.
2020-05-22
Shah, Mujahid, Ahmed, Sheeraz, Saeed, Khalid, Junaid, Muhammad, Khan, Hamayun, Ata-ur-rehman.  2019.  Penetration Testing Active Reconnaissance Phase – Optimized Port Scanning With Nmap Tool. 2019 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET). :1—6.
Reconnaissance might be the longest phase, sometimes take weeks or months. The black hat makes use of passive information gathering techniques. Once the attacker has sufficient statistics, then the attacker starts the technique of scanning perimeter and internal network devices seeking out open ports and related services. In this paper we are showing traffic accountability and time to complete the specific task during reconnaissance phase active scanning with nmap tool and proposed strategies that how to deal with large volumes of hosts and conserve network traffic as well as time of the specific task.
2020-04-13
Phan, Trung V., Islam, Syed Tasnimul, Nguyen, Tri Gia, Bauschert, Thomas.  2019.  Q-DATA: Enhanced Traffic Flow Monitoring in Software-Defined Networks applying Q-learning. 2019 15th International Conference on Network and Service Management (CNSM). :1–9.
Software-Defined Networking (SDN) introduces a centralized network control and management by separating the data plane from the control plane which facilitates traffic flow monitoring, security analysis and policy formulation. However, it is challenging to choose a proper degree of traffic flow handling granularity while proactively protecting forwarding devices from getting overloaded. In this paper, we propose a novel traffic flow matching control framework called Q-DATA that applies reinforcement learning in order to enhance the traffic flow monitoring performance in SDN based networks and prevent traffic forwarding performance degradation. We first describe and analyse an SDN-based traffic flow matching control system that applies a reinforcement learning approach based on Q-learning algorithm in order to maximize the traffic flow granularity. It also considers the forwarding performance status of the SDN switches derived from a Support Vector Machine based algorithm. Next, we outline the Q-DATA framework that incorporates the optimal traffic flow matching policy derived from the traffic flow matching control system to efficiently provide the most detailed traffic flow information that other mechanisms require. Our novel approach is realized as a REST SDN application and evaluated in an SDN environment. Through comprehensive experiments, the results show that-compared to the default behavior of common SDN controllers and to our previous DATA mechanism-the new Q-DATA framework yields a remarkable improvement in terms of traffic forwarding performance degradation protection of SDN switches while still providing the most detailed traffic flow information on demand.
2020-02-17
Chen, Lu, Ma, Yuanyuan, SHAO, Zhipeng, CHEN, Mu.  2019.  Research on Mobile Application Local Denial of Service Vulnerability Detection Technology Based on Rule Matching. 2019 IEEE International Conference on Energy Internet (ICEI). :585–590.
Aiming at malicious application flooding in mobile application market, this paper proposed a method based on rule matching for mobile application local denial of service vulnerability detection. By combining the advantages of static detection and dynamic detection, static detection adopts smali abstract syntax tree as rule matching object. This static detection method has higher code coverage and better guarantees the integrity of mobile application information. The dynamic detection performs targeted hook verification on the static detection result, which improves the accuracy of the detection result and saves the test workload at the same time. This dynamic detection method has good scalability, can be upgraded with discovery and variants of the vulnerability. Through experiments, it is verified that the mobile application with this vulnerability can be accurately found in a large number of mobile applications, and the effectiveness of the system is verified.