scholarly journals Hybrid Network Defense Model Based on Fuzzy Evaluation

2014 ◽  
Vol 2014 ◽  
pp. 1-12 ◽  
Author(s):  
Ying-Chiang Cho ◽  
Jen-Yi Pan
Keyword(s):  
Network Security ◽  
Test Subject ◽  
Cyber Attacks ◽  
Hybrid Network ◽  
Security Architecture ◽  
Fuzzy Evaluation ◽  
Distributed Network ◽  
Network Defense ◽  
Security Technologies ◽  
Defense Model

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network’s existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter’s inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture.

scholarly journals Using statistical traffic analysis to calculate the confidential means of information transmission

2021 ◽  
pp. 118-125
Author(s):  
Нух Таха Насіф
Keyword(s):  
Network Security ◽  
Stochastic Systems ◽  
Cyber Attacks ◽  
Hybrid Network ◽  
Security Systems ◽  
Security Technologies ◽  
Detection Systems ◽  
Centralized Management ◽  
Markov Decision ◽  
Partially Observable

The article considers the modeling of security problems in the Internet as stochastic systems. This allows you to find flaws in existing security systems and offer new solutions. Studying the vulnerabilities of existing security tools can prevent cyber-attacks from taking advantage of weak systems. New, flexible and adaptive security schemes are necessary for emerging security threats elimination. A hybrid network security scheme, including intrusion detection systems and baits, scattered throughout the network is proposed. This combines the advantages of two security technologies. Honeypot is an activity-based network security system that can be a logical addition to the passive detection policies used by the IDS. This integration forces us to balance the safety indicators compared to costs, planning the operation of the device for the proposed system. Formulation of planning problems as a decentralized partially observable Markov decision-making process (DEC-POMDP) allows to make decisions in a distributed manner on each device without the need of centralized management.

Cyber threat assessment via attack scenario simulation using an integrated adversary and network modeling approach

2017 ◽  
Vol 15 (1) ◽  
pp. 13-29 ◽  
Author(s):  
Stephen Moskal ◽  
Shanchieh Jay Yang ◽  
Michael E Kuhl
Keyword(s):  
Network Security ◽  
Threat Assessment ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Network Defense ◽  
Knowledge Based ◽  
Attack Scenario ◽  
Cyber Threat ◽  
Scenarios Simulation ◽  
System Configurations

Existing research on cyber threat assessment focuses on analyzing the network vulnerabilities and producing possible attack graphs. Cyber attacks in real-world enterprise networks, however, vary significantly due to not only network and system configurations, but also the attacker’s strategies. This work proposes a cyber-based attacker behavior model (ABM) in conjunction with the Cyber Attack Scenario and Network Defense Simulator to model the interaction between the network and the attackers. The ABM leverages a knowledge-based design and factors in the capability, opportunity, intent, preference, and Cyber Attack Kill Chain integration to model various types of attackers. By varying the types of attackers and the network configurations, and simulating their interactions, we present a method to measure the overall network security against cyber attackers under different scenarios. Simulation results based on four attacker types on two network configurations are shown to demonstrate how different attacker behaviors may lead to different ways to penetrate a network, and how a single misconfiguration may impact network security.

Network Security-Related Technology Research and Implementation

2013 ◽  
Vol 433-435 ◽  
pp. 1720-1723
Author(s):  
Jun Ruan ◽  
Pan Zhang ◽  
Hong Bi Ding
Keyword(s):  
Network Security ◽  
Social Development ◽  
Computer Network ◽  
Rapid Development ◽  
Social Attention ◽  
Global Information ◽  
Network Technology ◽  
Technology Research ◽  
Network Interconnection ◽  
Security Technologies

With the rapid development of computer network technology, global information has become mega-trend of modern social development. But due to all kinds of defects existing in the network itself and variety and openness of network interconnection form, network security has become the focus of social attention. So in this paper, a lot of current advanced network security technologies and products are used in order to make network security, which is under the general principles of network security situation.

scholarly journals Overview on MTD technology based on game theory

2020 ◽  
Vol 309 ◽  
pp. 02012
Author(s):  
Yan Sun ◽  
Weifeng Ji ◽  
Jiang Weng ◽  
Beiying Zhao
Keyword(s):  
Game Theory ◽  
Network Security ◽  
Future Development ◽  
Evolutionary Games ◽  
Defense Behavior ◽  
Markov Games ◽  
Network Defense ◽  
Decision Method ◽  
Development Direction ◽  
Mobile Target

Mobile target defense (MTD) is a research hotspot in the field of network security. The decision method of network defense based on game theory is an important technique to guide MTD to make the optimal defense behavior in different network environments (GT-MTD). A lot of related work has been put forward in this field. In this paper, we focus on the scope and field of GT-MTD, systematically introduce the application scenarios of MTD in combination with four different game theory models of classical games (static games, signal games), Markov games, differential games or evolutionary games, and put forward the future development direction. There are some new views and explanations on the research of GT-MTD.

Enhanced Security for Network Communication With Proposed IS-IS Protocol

2019 ◽  
pp. 269-290
Author(s):  
Onder Onursal ◽  
Arif Sari
Keyword(s):  
Network Security ◽  
Literature Review ◽  
Routing Protocol ◽  
Task Force ◽  
Network Protocols ◽  
Cyber Attacks ◽  
Network Communication ◽  
Critical Survey ◽  
Link State ◽  
Intermediate System

This chapter is a literature review of intermediate system to intermediate system (IS-IS) routing protocol to provide basic security mechanisms against cyber-attacks and enhance network security. IS-IS was originally developed by the International Organization for Standardization (ISO) as a link state routing protocol. It was first built with the ability to route CLNPs or connectionless network protocols according to the OSI standard equal to IP. IS-IS is also developed so that it can accommodate routing for any layer three-based protocol. Internet Engineering Task Force (IETF) in 1990 specified the support for IP and introduced IPv6 extensions in 2000. IS-IS protocol implementation was written as modules in order for it to be distributed freely and easily installed on the GNU routing software. SourceForge.net supported the project and gave access for developers to easily contribute to the project. The chapter elaborates the ISIS routing protocol for network security and proposes a critical survey on security routing protocols.

Sign in / Sign up

Export Citation Format

Share Document