scholarly journals Security-Oriented Network Architecture

2021 ◽  
Vol 2021 ◽  
pp. 1-16
Author(s):  
Weiyu Jiang ◽  
Bingyang Liu ◽  
Chuang Wang ◽  
Xue Yang
Keyword(s):  
Network Architecture ◽  
Denial Of Service ◽  
Comprehensive Analysis ◽  
Distributed Denial Of Service ◽  
Arms Races ◽  
Network Attacks ◽  
Security Issues ◽  
Man In The Middle ◽  
Ip Spoofing ◽  
End To End

Internet benefits societies by constantly connecting devices and transmitting data across the world. However, due to the lack of architectural built-in security, the pervasive network attacks faced by the entire information technology are considered to be unending and inevitable. As Internet evolves, security issues are regularly fixed according to a patch-like strategy. Nevertheless, the patch-like strategy generally results in arms races and passive situations, leaving an endless lag in both existing and emerging attacking surface. In this paper, we present NAIS (Network Architecture with Intrinsic Security)—a network architecture towards trustworthiness and security. By solving stubborn security issues like IP spoofing, MITM (man-in-the-middle) attacks, and DDoS (distributed denial of service) attacks at architectural level, NAIS is envisioned to provide the most secure end-to-end communication in the network layer. This paper first presents a comprehensive analysis of network security at Internet range. Then, the system design of NAIS is elaborated with particular design philosophies and four security techniques. Such philosophies and techniques intertwine internally and contribute to a communication environment with authenticity, privacy, accountability, confidentiality, integrity, and availability. Finally, we evaluate the security functionalities on the packet forwarding performance, demonstrating that NAIS can efficiently provide security and trustworthiness in Internet end-to-end communication.

SDN-Based Secure Architecture for IoT

2020 ◽  
Vol 11 (4) ◽  
pp. 1-16
Author(s):  
Shailendra Mishra
Keyword(s):  
Denial Of Service ◽  
Network Size ◽  
Distributed Denial Of Service ◽  
Security Issues ◽  
Network Load ◽  
Security Challenges ◽  
Man In The Middle ◽  
Attack Scenario ◽  
Gain Access ◽  
Security Of Iot

Internet of things (IoT) means connecting things through the internet. The growing market for IoT also attracts malicious individuals trying to gain access to the marketplace. Security issues are among the most significant worries in companies that rely on the cloud of things to do business. SDN-based architecture has improved the security of IoT networks. The centralized controller is responsible for managing the critical network's operations, and growing the network size increases the network load in the controller. Controllers in SDN-based architecture are still facing security challenges such as unauthorized access, configuration issues, distributed denial of service (DDoS) attacks, and a man-in-the-middle (MITM) attacks. The attack scenario and security of SDN-based IoT networks are evaluated in this research. The simulation results show that the proposed approach and security solutions are fast and effective in mitigating the attacks.

Potential Security Issues in a Peer-to-Peer Network from a Database Perspective

2011 ◽  
pp. 131-144
Author(s):  
Sridhar Asvathanarayanan
Keyword(s):  
Denial Of Service ◽  
Database Security ◽  
Vital Role ◽  
Peer To Peer ◽  
Peer Networks ◽  
Distributed Denial Of Service ◽  
Security Issues ◽  
Peer Network ◽  
Peer To Peer Networks ◽  
Peer To Peer Network

Computing strategies have constantly undergone changes, from being completely centralized to client-servers and now to peer-to-peer networks. Databases on peer-to-peer networks offer significant advantages in terms of providing autonomy to data owners, to store and manage the data that they work with and, at the same time, allow access to others. The issue of database security becomes a lot more complicated and the vulnerabilities associated with databases are far more pronounced when considering databases on a peer-to-peer network. Issues associated with database security in a peer-to-peer environment could be due to file sharing, distributed denial of service, and so forth, and trust plays a vital role in ensuring security. The components of trust in terms of authentication, authorization, and encryption offer methods to ensure security.

Analysis of Issues in SDN Security and Solutions

2018 ◽  
pp. 217-239
Author(s):  
Ankur Dumka ◽  
Hardwari Lal Mandoria ◽  
Anushree Sah
Keyword(s):  
Network Topology ◽  
Network Architecture ◽  
Denial Of Service ◽  
Network Services ◽  
Software Defined Network ◽  
Denial Of Service Attack ◽  
Man In The Middle ◽  
Service Attack ◽  
Topology Information ◽  
The Given

The chapter surveys the analysis of all the security aspects of software-defined network and determines the areas that are prone to security attacks in the given software-defined network architecture. If the fundamental network topology information is poisoned, all the dependent network services will become immediately affected, causing catastrophic problems like host location hijacking attack, link fabrication attack, denial of service attack, man in the middle attack. These attacks affect the following features of SDN: availability, performance, integrity, and security. The flexibility in the programmability of control plane has both acted as a bane as well as a boon to SDN. Like the ARP poisoning in the legacy networks, there are several other vulnerabilities in the SDN architecture as well.

scholarly journals Detection and Prevention Algorithm of DDoS Attack Over the IOT Networks

TEM Journal ◽  
2020 ◽  
pp. 899-906
Keyword(s):  
Denial Of Service ◽  
The Other ◽  
High Rate ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Huge Number ◽  
Security Issues ◽  
Ddos Attack ◽  
Legitimate User ◽  
The Impact

One of the most notorious security issues in the IoT is the Distributed Denial of Service (DDoS) attack. Using a large number of agents, DDoS attack floods the host server with a huge number of requests causing interrupting and blocking the legitimate user requests. This paper proposes a detection and prevention algorithm for DDoS attacks. It is divided into two parts, one for detecting the DDoS attack in the IoT end devices and the other for mitigating the impact of the attack placed on the border router. Also, it has the ability to differentiate the High-rate from the Lowrate DDoS attack accurately and defend against these two types of attacks. It is implemented and tested against different scenarios to dissect their efficiency in detecting and mitigating the DDoS attack.

scholarly journals String Matching untuk Mendeteksi Serangan Sniffing (ARP Spoofing) pada IDS Snort

2020 ◽  
Vol 1 (2) ◽  
pp. 44-49
Author(s):  
Ilham Firdaus ◽  
Januar Al Amien ◽  
Soni Soni
Keyword(s):  
Computer Network ◽  
Denial Of Service ◽  
String Matching ◽  
Network Attacks ◽  
Test Application ◽  
Man In The Middle ◽  
Black Box Testing ◽  
Arp Spoofing ◽  
Computer Network Attacks ◽  
Sniffing Technique

Sniffing technique (ARP Spoofing) is an attack that sends fake ARP packets or ARP packets that have been modified according to the network address attacker's to poison the victim's ARP cache table. ARP spoofing attack is a dangerous attack because it can monitor the activities of victims in searching the browser and can steal social logins, office and other accounts. This attack supports the occurrence of other computer network attacks such as Denial of service, Man in the middle attack, host impersonating and others. Sniffing attacks are generally found in places that provide public Wi-Fi such as campus, libraries, cafes, and others. IDS Snort can detect sniffing attacks (Arp Spoofing). String Matching Method KMP algorithm is applied to detect attacks on snort logging files to provide alerts (messages) to users. Tests carried out are black box testing to test application functionality, and accuracy testing. All application functionality was successful, and testing the accuracy of the match between manual calculations for string matching and accurate application.

scholarly journals Survey of DoS/DDoS attacks in IoT

2021 ◽  
Vol 3 (1) ◽  
pp. 23-28
Author(s):  
Rozan Khader ◽  
Derar Eleyan
Keyword(s):  
Smart Cities ◽  
Denial Of Service ◽  
Wearable Devices ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Iot Security ◽  
Counter Measures ◽  
Security Issues ◽  
Iot Devices ◽  
Internet Of Thing

The term internet of thing (IoT) has gained much popularity in the last decade. Which can be defined as various connected devices over the internet. IoT has rapidly  spread to include all aspects of our lives. For instance, smart houses, smart cities, and variant wearable devices. IoT devices work to do their desired goals, which is to develop a person life with his/her minimal involvement. At the same time, IoT devices have many weaknesses, which attackers exploit to affect these devices security. Denial of Service (DoS) and Distributed Denial of Service (DDoS) are considered the most common attacks that strike IoT security. The main aim of these attacks is to make victim systems down and inaccessible for legitimate users by malicious malware. This paper objective is to discuss and review security issues related to DoS/DDoS Attacks and their counter measures i.e. prevention based on IoT devices layers structure.

scholarly journals Blockchain Mechanism and Symmetric Encryption in A Wireless Sensor Network

Sensors ◽  
2020 ◽  
Vol 20 (10) ◽  
pp. 2798 ◽  
Author(s):  
Alma E. Guerrero-Sanchez ◽  
Edgar A. Rivas-Araiza ◽  
Jose Luis Gonzalez-Cordoba ◽  
Manuel Toledano-Ayala ◽  
Andras Takacs
Keyword(s):  
Wireless Sensor Network ◽  
Sensor Network ◽  
Denial Of Service ◽  
Wireless Sensor ◽  
Smart Devices ◽  
Distributed Denial Of Service ◽  
Symmetric Encryption ◽  
Decentralized System ◽  
Man In The Middle ◽  
The Internet Of Things

The Internet of Things (IoT) paradigm allows the connection and exchange of information between millions of smart devices. This paradigm grows and develops exponentially as do the risks and attacks on IoT infrastructures. Security, privacy, reliability, and autonomy are the most important requirements in IoT Systems. If these issues are not guaranteed, the IoT system could be susceptible to malicious users and malicious use. In centralized IoT systems, attacks and risks are greater, especially when data is transmitted between devices and shared with other organizations. To avoid these types of situations, this work presents a decentralized system that guarantees the autonomy and security of an IoT system. The proposed methodology helps to protect data integrity and availability based on the security advantages provided by blockchain and the use of cryptographic tools. The accuracy of the proposed methodology was measured on a temperature and humidity sensing IoT-based Wireless Sensor Network (WSN). The obtained results prove that the proposal fulfils the main requirements of an IoT system. It is autonomous, secure to share and send information between devices and users, has privacy, it is reliable, and the information is available in the infrastructure. Furthermore, this research demonstrates that the proposal is less susceptible to the most frequent attacks against IoT systems, such as linking attack, man in the middle, and Distributed Denial of Service (DDoS) attack.

DeepDetect: Detection of Distributed Denial of Service Attacks Using Deep Learning

2019 ◽  
Vol 63 (7) ◽  
pp. 983-994 ◽  
Author(s):  
Muhammad Asad ◽  
Muhammad Asim ◽  
Talha Javed ◽  
Mirza O Beg ◽  
Hasan Mujtaba ◽  
...  
Keyword(s):  
Neural Network ◽  
Network Architecture ◽  
Denial Of Service ◽  
Smart Devices ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Application Layer ◽  
Tangible Computing ◽  
Network Bandwidth ◽  
Feed Forward Back Propagation

Abstract At the advent of advanced wireless technology and contemporary computing paradigms, Distributed Denial of Service (DDoS) attacks on Web-based services have not only increased exponentially in number, but also in the degree of sophistication; hence the need for detecting these attacks within the ocean of communication packets is extremely important. DDoS attacks were initially projected toward the network and transport layers. Over the years, attackers have shifted their offensive strategies toward the application layer. The application layer attacks are potentially more detrimental and stealthier because of the attack traffic and the benign traffic flows being indistinguishable. The distributed nature of these attacks is difficult to combat as they may affect tangible computing resources apart from network bandwidth consumption. In addition, smart devices connected to the Internet can be infected and used as botnets to launch DDoS attacks. In this paper, we propose a novel deep neural network-based detection mechanism that uses feed-forward back-propagation for accurately discovering multiple application layer DDoS attacks. The proposed neural network architecture can identify and use the most relevant high level features of packet flows with an accuracy of 98% on the state-of-the-art dataset containing various forms of DDoS attacks.

Potential Security Issues in a Peer-to-Peer Network from a Database Perspective

2008 ◽  
pp. 1070-1079
Author(s):  
Sridhar Asvathanarayanan
Keyword(s):  
Denial Of Service ◽  
Database Security ◽  
Vital Role ◽  
Peer To Peer ◽  
Peer Networks ◽  
Distributed Denial Of Service ◽  
Security Issues ◽  
Peer Network ◽  
Peer To Peer Networks ◽  
Peer To Peer Network

Computing strategies have constantly undergone changes, from being completely centralized to client-servers and now to peer-to-peer networks. Databases on peer-to-peer networks offer significant advantages in terms of providing autonomy to data owners, to store and manage the data that they work with and, at the same time, allow access to others. The issue of database security becomes a lot more complicated and the vulnerabilities associated with databases are far more pronounced when considering databases on a peer-to-peer network. Issues associated with database security in a peer-to-peer environment could be due to file sharing, distributed denial of service, and so forth, and trust plays a vital role in ensuring security. The components of trust in terms of authentication, authorization, and encryption offer methods to ensure security.

Security Issues in Mobile Wireless Networks

2016 ◽  
pp. 49-77
Author(s):  
Arif Sari
Keyword(s):  
Wireless Networks ◽  
Wireless Ad Hoc Networks ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Mobile Wireless Networks ◽  
Distributed Denial Of Service ◽  
Mobile Wireless ◽  
Security Issues ◽  
Methods And Techniques ◽  
Hoc Networks

The varieties of studies in literature have been addressed by the researchers to solve security problems of Mobile Wireless Ad Hoc Networks (MANET) against denial of service (DoS) and distributed denial of service (DDoS) attacks. Attackers have proposed variety of methods and techniques by considering weaknesses of the wireless nature of the channels and specific characteristics of mobile wireless networks. This chapter evaluates variety of attacks proposed in the literature against MANET by classifying variety of security strategies and mechanisms proposed by the researchers. The algorithms are discussed and explained separately. All these attacks are classified in different categories and security strategies proposed by the researchers have been explained.

Sign in / Sign up

Export Citation Format

Share Document