The spread of information networks in communities and organizations have led to a daily huge volume of information exchange between different networks which, of course, has resulted in new threats to the national organizations. It can be said that information security has become today one of the most challenging areas. In other words, defects and disadvantages of computer network security address irreparable damage for enterprises. Therefore, identification of security threats and ways of dealing with them is essential. But the question raised in this regard is that what are the strategies and policies to deal with security threats that must be taken to ensure the security of computer networks? In this context, the present study intends to do a review of the literature by using earlier researches and library approach, to provide security solutions in the face of threats to their computer networks. The results of this research can lead to more understanding of security threats and ways to deal with them and help to implement a secure information platform.
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Analytical survey of active intrusion detection techniques in mobile ad hoc n...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Intrusion detection and anomaly detection system using sequential pattern miningeSAT Journals
Abstract
Nowadays the security methods from password protected access up to firewalls which are used to secure the data as well as the networks from attackers. Several times these types of security methods are not enough to protect data. We can consider the use of Intrusion Detection Systems (IDS) is the one way to secure the data on critical systems. Most of the research work is going on the effectiveness and exactness of the intrusion detection, but these attempts are for the detection of the intrusions at the operating system and network level only. It is unable to detect the unexpected behavior of systems due to malicious transactions in databases. The method used for spotting any interferes on the information in the form of database known as database intrusion detection. It relies on enlisting the execution of a transaction. After that, if the recognized pattern is aside from those regular patterns actual is considered as an intrusion. But the identified problem with this process is that the accuracy algorithm which is used may not identify entire patterns. This type of challenges can affect in two ways. 1) Missing of the database with regular patterns. 2) The detection process neglects some new patterns. Therefore we proposed sequential data mining method by using new Modified Apriori Algorithm. The algorithm upturns the accurateness and rate of pattern detection by the process. The Apriori algorithm with modifications is used in the proposed model.
Keywords — Anomaly Detection, Modified Apriori Algorithm, Misuse detection, Sequential Pattern Mining
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...ijtsrd
Millions of people worldwide have Internet access today. Intrusion detection technology is a modern wave of information technology monitoring devices to deter malicious activities. Malware development malicious software is a vital problem when it comes to designing intrusion detection systems IDS . The key challenge is to recognize unknown and hidden malware, because malware writers use various evasion techniques to mask information to avoid IDS detection. Malicious attacks have become more sophisticated and Furthermore, threats to security have increased, including a zero day attack on internet users. Through the use of IT in our daily lives, computer security has become critical. Cyber threats are becoming more complex and pose growing challenges when it comes to successful intrusion detection. Failure to prevent invading information, such as data privacy, integrity and availability can undermine the credibility of security services. Specific intrusion detection approaches were proposed in the literature to combat computer security threats. This paper consists of a literature survey of the IDS that uses program algorithms to use specific data collection and forensic techniques in real time. Data mining techniques for cyber research are introduced in support of intrusion detection. Mohammed I. Alghamdi "An Assessment of Intrusion Detection System (IDS) and Data-Set Overview: A Comprehensive Review of Recent Works" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-2 , February 2021, URL: https://www.ijtsrd.com/papers/ijtsrd35730.pdf Paper Url: https://www.ijtsrd.com/computer-science/computer-security/35730/an-assessment-of-intrusion-detection-system-ids-and-dataset-overview-a-comprehensive-review-of-recent-works/mohammed-i-alghamdi
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms.
For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Analytical survey of active intrusion detection techniques in mobile ad hoc n...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Intrusion detection and anomaly detection system using sequential pattern miningeSAT Journals
Abstract
Nowadays the security methods from password protected access up to firewalls which are used to secure the data as well as the networks from attackers. Several times these types of security methods are not enough to protect data. We can consider the use of Intrusion Detection Systems (IDS) is the one way to secure the data on critical systems. Most of the research work is going on the effectiveness and exactness of the intrusion detection, but these attempts are for the detection of the intrusions at the operating system and network level only. It is unable to detect the unexpected behavior of systems due to malicious transactions in databases. The method used for spotting any interferes on the information in the form of database known as database intrusion detection. It relies on enlisting the execution of a transaction. After that, if the recognized pattern is aside from those regular patterns actual is considered as an intrusion. But the identified problem with this process is that the accuracy algorithm which is used may not identify entire patterns. This type of challenges can affect in two ways. 1) Missing of the database with regular patterns. 2) The detection process neglects some new patterns. Therefore we proposed sequential data mining method by using new Modified Apriori Algorithm. The algorithm upturns the accurateness and rate of pattern detection by the process. The Apriori algorithm with modifications is used in the proposed model.
Keywords — Anomaly Detection, Modified Apriori Algorithm, Misuse detection, Sequential Pattern Mining
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...ijtsrd
Millions of people worldwide have Internet access today. Intrusion detection technology is a modern wave of information technology monitoring devices to deter malicious activities. Malware development malicious software is a vital problem when it comes to designing intrusion detection systems IDS . The key challenge is to recognize unknown and hidden malware, because malware writers use various evasion techniques to mask information to avoid IDS detection. Malicious attacks have become more sophisticated and Furthermore, threats to security have increased, including a zero day attack on internet users. Through the use of IT in our daily lives, computer security has become critical. Cyber threats are becoming more complex and pose growing challenges when it comes to successful intrusion detection. Failure to prevent invading information, such as data privacy, integrity and availability can undermine the credibility of security services. Specific intrusion detection approaches were proposed in the literature to combat computer security threats. This paper consists of a literature survey of the IDS that uses program algorithms to use specific data collection and forensic techniques in real time. Data mining techniques for cyber research are introduced in support of intrusion detection. Mohammed I. Alghamdi "An Assessment of Intrusion Detection System (IDS) and Data-Set Overview: A Comprehensive Review of Recent Works" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-2 , February 2021, URL: https://www.ijtsrd.com/papers/ijtsrd35730.pdf Paper Url: https://www.ijtsrd.com/computer-science/computer-security/35730/an-assessment-of-intrusion-detection-system-ids-and-dataset-overview-a-comprehensive-review-of-recent-works/mohammed-i-alghamdi
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms.
For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.
1. Cyber Ethics and Cyber Crime
2. Security in Social Media & Risk of Child Internet
3. Social media in Schools and photo privacy
4. Risk of OSNs and Security, Privacy of Facebook
5. Risk and Security of Social Networking site Facebook and Twitter
6. Risk analysis of Government and Online Transaction
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
Network security is a dynamic art, with dangers appearing as fast as black hats can exploit vulnerabilities. While there are basic “golden rules” which can make life difficult for the bad guys, it remains a challenge to keep networks secure. John Chambers, Executive Chairman of Cisco, famously said “there are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. The question for most organizations isn’t if they’re going to be breached, but how quickly they can isolate and mitigate the threat. In this paper, we’ll examine best practices for effective cybersecurity – from both a proactive (access hardening) and reactive (threat isolation and mitigation) perspective. We’ll address how network automation can help minimize cyberattacks by closing vulnerability gaps and how it can improve incident response times in the event of a cyberthreat. Finally, we’ll lay a vision for continuous network security, to explore how machine-to-machine automation may deliver an auto-securing and self-healing network.
Go to www.esgjrconsultinginc.com
Mobile Ad hoc Networks (MANETs) are wireless networks consisted of mobile free nodes that can move anywhere at any time without the need to any fixed infrastructure or any centralized administration. In this category of networks existing nodes must rely on each other to play the role of routers or switches instead of using central ones. The self-organized nature of such environments made MANETs vulnerable against many security threats. As a result, providing security requirements in MANETs is one of the most interesting challenges in such a network. In this group of networks, the use of cryptographic solutions is one of the most interesting security issues. The importance of this scientific area in MANETs is more drastic by considering that mentioned schemes must be lightweight enough to be appropriate for resource constrained platforms in such environment. This paper has tried to represent the position of cryptographic issues in MANETs. Moreover, security issues in mobile Ad hoc networks beside of different classes of public key cryptosystems have been introduced.
Intelligent Network Surveillance Technology for APT Attack DetectionsAM Publications,India
Recently, long-term, advanced cyber-attacks targeting a specific enterprise or organization have been occurring again. These attacks occur over a long period and bypass detection by security systems unlike the existing attack pattern. For such reason, they create problems such as delayed real-time response and detection after damages have already been incurred. This paper introduces the design of technology that applies real-time network traffic monitoring to detect unknown functional cyber-attack on the network. Specifically, the algorithm was verified and evaluated in terms of performance in an actual commercial environment. Cyber-attack detection performance is expected to be improved by enhancing the algorithm and processing large volumes of traffic
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
Network infrastructures have played important part in most daily communications for business industries,
social networking, government sectors and etc. Despites the advantages that came from such
functionalities, security threats have become a daily struggle. One major security threat is hacking.
Consequently, security experts and researchers have suggested possible security solutions such as
Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and
Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason
behind that, there is a few researches that examine the behavior of hackers. This paper formally and
practically examines in details the behavior of hackers and their targeted environments. Moreover, this
paper formally examines the properties of one essential pre-hacking step called scanning and highlights its
importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in
most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
Intrusion Detection System (IDS) is meant to be a software application which monitors the network or system activities and finds if any malicious operations occur. Tremendous growth and usage of internet raises concerns about how to protect and communicate the digital information in a safe manner. Nowadays, hackers use different types of attacks for getting the valuable information. Many intrusion detection techniques, methods and algorithms help to detect these attacks. This main objective of this paper
is to provide a complete study about the definition of intrusion detection, history, life cycle, types of intrusion detection methods, types of attacks, different tools and techniques, research needs, challenges and
applications.
WoMaster's new White Paper introduces Cyber Security features according to IEC62443 standard and proposes solutions for new cyber risks of industry 4.0.
This presentation delves into the many cybersecurty risks that plague the healthcare industry and how these risks can be mitigated with the help of security solutions that Seqrite offers.
EFFECTIVE MALWARE DETECTION APPROACH BASED ON DEEP LEARNING IN CYBER-PHYSICAL...ijcsit
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyberphysical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyber-
physical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
1. Cyber Ethics and Cyber Crime
2. Security in Social Media & Risk of Child Internet
3. Social media in Schools and photo privacy
4. Risk of OSNs and Security, Privacy of Facebook
5. Risk and Security of Social Networking site Facebook and Twitter
6. Risk analysis of Government and Online Transaction
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
Network security is a dynamic art, with dangers appearing as fast as black hats can exploit vulnerabilities. While there are basic “golden rules” which can make life difficult for the bad guys, it remains a challenge to keep networks secure. John Chambers, Executive Chairman of Cisco, famously said “there are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. The question for most organizations isn’t if they’re going to be breached, but how quickly they can isolate and mitigate the threat. In this paper, we’ll examine best practices for effective cybersecurity – from both a proactive (access hardening) and reactive (threat isolation and mitigation) perspective. We’ll address how network automation can help minimize cyberattacks by closing vulnerability gaps and how it can improve incident response times in the event of a cyberthreat. Finally, we’ll lay a vision for continuous network security, to explore how machine-to-machine automation may deliver an auto-securing and self-healing network.
Go to www.esgjrconsultinginc.com
Mobile Ad hoc Networks (MANETs) are wireless networks consisted of mobile free nodes that can move anywhere at any time without the need to any fixed infrastructure or any centralized administration. In this category of networks existing nodes must rely on each other to play the role of routers or switches instead of using central ones. The self-organized nature of such environments made MANETs vulnerable against many security threats. As a result, providing security requirements in MANETs is one of the most interesting challenges in such a network. In this group of networks, the use of cryptographic solutions is one of the most interesting security issues. The importance of this scientific area in MANETs is more drastic by considering that mentioned schemes must be lightweight enough to be appropriate for resource constrained platforms in such environment. This paper has tried to represent the position of cryptographic issues in MANETs. Moreover, security issues in mobile Ad hoc networks beside of different classes of public key cryptosystems have been introduced.
Intelligent Network Surveillance Technology for APT Attack DetectionsAM Publications,India
Recently, long-term, advanced cyber-attacks targeting a specific enterprise or organization have been occurring again. These attacks occur over a long period and bypass detection by security systems unlike the existing attack pattern. For such reason, they create problems such as delayed real-time response and detection after damages have already been incurred. This paper introduces the design of technology that applies real-time network traffic monitoring to detect unknown functional cyber-attack on the network. Specifically, the algorithm was verified and evaluated in terms of performance in an actual commercial environment. Cyber-attack detection performance is expected to be improved by enhancing the algorithm and processing large volumes of traffic
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
Network infrastructures have played important part in most daily communications for business industries,
social networking, government sectors and etc. Despites the advantages that came from such
functionalities, security threats have become a daily struggle. One major security threat is hacking.
Consequently, security experts and researchers have suggested possible security solutions such as
Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and
Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason
behind that, there is a few researches that examine the behavior of hackers. This paper formally and
practically examines in details the behavior of hackers and their targeted environments. Moreover, this
paper formally examines the properties of one essential pre-hacking step called scanning and highlights its
importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in
most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
Intrusion Detection System (IDS) is meant to be a software application which monitors the network or system activities and finds if any malicious operations occur. Tremendous growth and usage of internet raises concerns about how to protect and communicate the digital information in a safe manner. Nowadays, hackers use different types of attacks for getting the valuable information. Many intrusion detection techniques, methods and algorithms help to detect these attacks. This main objective of this paper
is to provide a complete study about the definition of intrusion detection, history, life cycle, types of intrusion detection methods, types of attacks, different tools and techniques, research needs, challenges and
applications.
WoMaster's new White Paper introduces Cyber Security features according to IEC62443 standard and proposes solutions for new cyber risks of industry 4.0.
This presentation delves into the many cybersecurty risks that plague the healthcare industry and how these risks can be mitigated with the help of security solutions that Seqrite offers.
EFFECTIVE MALWARE DETECTION APPROACH BASED ON DEEP LEARNING IN CYBER-PHYSICAL...ijcsit
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyberphysical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
Cyber-physical Systems based on advanced networks interact with other networks through wireless
communication to enhance interoperability, dynamic mobility, and data supportability. The vast data is
managed through a cloud platform, vulnerable to cyber-attacks. It will threaten the customers in terms of
privacy and security as third-party users should authenticate the network. If it fails, it will create extensive
damage and threat to the established network and makes the hacker malfunction the network services
efficiently. This paper proposes a DL-based CPS approach to identify and mitigate the malware cyber-
physical system attack of Denial of Service (DoS) and Distributed Denial of Service (DDoS) as it ensures
adequate decision support. At the same time, the trusted user nodes are connected to the network. It helps
to improve the privacy and authentication of the network by improving the data accuracy and Quality of
Service (QoS) in the network. Here the analysis is determined on the proposed system to improve the
network reliability and security compared to some of the existing SVM-based and Apriori-based detection
approaches.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
Challenges and Security Issues in Future IT Infrastructure ComponentsMubashir Ali
Over the past 2 decades, the information technology infrastructure has gone through an exponential change with the introduction and evolution of new technologies and trends. Organizations previously having their data on-premise and their infrastructure comprising of multiple server machines on multiple server racks and dedicated client personal computers (PCs) are moving towards cloud computing & virtualization to Smartphone and tablets. This rapid advancement and constant change, although increasing productivity for the organizations is resulting in a rising number of challenges and security issues for the organizations, their managers, IT administrators and technology architects. This paper discusses the future IT infrastructure components and the challenges & security issues that arise after their implementation that needs to be taken care of in order to get the full advantage of IT.
SECURITY AND PRIVACY AWARE PROGRAMMING MODEL FOR IOT APPLICATIONS IN CLOUD EN...ijccsa
The introduction of Internet of Things (IoT) applications into daily life has raised serious privacy concerns
among consumers, network service providers, device manufacturers, and other parties involved. This paper
gives a high-level overview of the three phases of data collecting, transmission, and storage in IoT systems
as well as current privacy-preserving technologies. The following elements were investigated during these
three phases:(1) Physical and data connection layer security mechanisms(2) Network remedies(3)
Techniques for distributing and storing data. Real-world systems frequently have multiple phases and
incorporate a variety of methods to guarantee privacy. Therefore, for IoT research, design, development,
and operation, having a thorough understanding of all phases and their technologies can be beneficial. In
this Study introduced two independent methodologies namely generic differential privacy (GenDP) and
Cluster-Based Differential privacy ( Cluster-based DP) algorithms for handling metadata as intents and
intent scope to maintain privacy and security of IoT data in cloud environments. With its help, we can
virtual and connect enormous numbers of devices, get a clearer understanding of the IoT architecture, and
store data eternally. However, due of the dynamic nature of the environment, the diversity of devices, the
ad hoc requirements of multiple stakeholders, and hardware or network failures, it is a very challenging
task to create security-, privacy-, safety-, and quality-aware Internet of Things apps. It is becoming more
and more important to improve data privacy and security through appropriate data acquisition. The
proposed approach resulted in reduced loss performance as compared to Support Vector Machine (SVM) ,
Random Forest (RF) .
Novel authentication framework for securing communication in internet-of-things IJECEIAES
Internet-of-Things (IoT) offers a big boon towards a massive network of connected devices and is considered to offer coverage to an exponential number of the smart appliance in the very near future. Owing to the nascent stage of evolution of IoT, it is shrouded by security loopholes because of various reasons. Review of existing research-based solution highlights the usage of conventional cryptographic-based solution over the traditional mechanism of data forwarding process between IoT nodes and gateway. The proposed system presents a novel solution to this problem by a model that is capable of performing a highly secured and cost-effective authentication process. The proposed system introduces Authentication Using Signature (AUS) as well as Security with Complexity Reduction (SCR) for the purpose to resist participation of any form of unknown threats. The outcome of the model shows better security strength with faster response time and energy saving of the IoT nodes.
Internet of things: review, architecture and applicationsCSITiaesprime
Devices linked to the internet of things (IoT) may communicate with one another in several settings. Furthermore, rather of relying on an existing centralized system, users may develop their own network by using wireless capabilities. This kind of network is known as a wireless mobile ad hoc network. The mobile ad-hoc network (MANET) enables IoT devices to connect with one another in an unstructured networked environment. IoT devices may connect, establish linkages, and share data on a continuous basis. In this system, the cloud's purpose is to store and analyze data acquired from IoT devices. One of the most significant challenges in cloud computing has been identified as information security, and its resolution will result in an even bigger increase in cloud computing usage and popularity in the future. Finally, the goal of this project is to create a framework for facilitating communication between IoT devices in a Cloud and MANET context. Our major contribution is a ground-breaking research initiative that combines cloud computing with the MANET and connects the internet of things. This research might be used to the IoT in the future.
A new algorithm to enhance security against cyber threats for internet of thi...IJECEIAES
One major problem is detecting the unsuitability of traffic caused by a distributed denial of services (DDoS) attack produced by third party nodes, such as smart phones and other handheld Wi-Fi devices. During the transmission between the devices, there are rising in the number of cyber attacks on systems by using negligible packets, which lead to suspension of the services between source and destination, and can find the vulnerabilities on the network. These vulnerable issues have led to a reduction in the reliability of networks and a reduction in consumer confidence. In this paper, we will introduce a new algorithm called rout attack with detection algorithm (RAWD) to reduce the affect of any attack by checking the packet injection, and to avoid number of cyber attacks being received by the destination and transferred through a determined path or alternative path based on the problem. The proposed algorithm will forward the real time traffic to the required destination from a new alternative backup path which is computed by it before the attacked occurred. The results have showed an improvement when the attack occurred and the alternative path has used to make sure the continuity of receiving the data to the main destination without any affection.
An efficient security framework for intrusion detection and prevention in int...IJECEIAES
Over the past few years, the internet of things (IoT) has advanced to connect billions of smart devices to improve quality of life. However, anomalies or malicious intrusions pose several security loopholes, leading to performance degradation and threat to data security in IoT operations. Thereby, IoT security systems must keep an eye on and restrict unwanted events from occurring in the IoT network. Recently, various technical solutions based on machine learning (ML) models have been derived towards identifying and restricting unwanted events in IoT. However, most ML-based approaches are prone to miss-classification due to inappropriate feature selection. Additionally, most ML approaches applied to intrusion detection and prevention consider supervised learning, which requires a large amount of labeled data to be trained. Consequently, such complex datasets are impossible to source in a large network like IoT. To address this problem, this proposed study introduces an efficient learning mechanism to strengthen the IoT security aspects. The proposed algorithm incorporates supervised and unsupervised approaches to improve the learning models for intrusion detection and mitigation. Compared with the related works, the experimental outcome shows that the model performs well in a benchmark dataset. It accomplishes an improved detection accuracy of approximately 99.21%.
A signature-based data security and authentication framework for internet of...IJECEIAES
Internet of things (IoT) is the next big revolution in modernized network technologies connecting a massive number of heterogeneous smart appliances and physical objects. Owing to these technologies' novelty, various issues are characterized by security concerns are the most prioritized issue. A review of existing security approaches highlights that they are very particular about the solution towards a specific attack and cannot resist any unknown attacker. Therefore, this manuscript presents a novel computational model that introduces a unique authentication process using a simplified encryption strategy. The simulated study outcome shows that the proposed system offers efficient security and efficient data transmission performance in the presence of an unknown adversary. Hence, the study outcome exhibits better effects than frequently used security solutions when implemented in a vulnerable IoT environment.
A Survey on Security and Privacy Issues in Edge Computing-Assisted Internet o...DESMOND YUEN
Internet of Things (IoT) is an innovative paradigm
envisioned to provide massive applications that are now part of
our daily lives. Millions of smart devices are deployed within
complex networks to provide vibrant functionalities including
communications, monitoring, and controlling of critical infrastructures. However, this massive growth of IoT devices and the corresponding huge data traffic generated at the edge of the network created additional burdens on the state-of-the-art
centralized cloud computing paradigm due to the bandwidth and
resources scarcity. Hence, edge computing (EC) is emerging as
an innovative strategy that brings data processing and storage
near to the end users, leading to what is called EC-assisted IoT.
Although this paradigm provides unique features and enhanced
quality of service (QoS), it also introduces huge risks in data security and privacy aspects. This paper conducts a comprehensive survey on security and privacy issues in the context of EC-assisted IoT. In particular, we first present an overview of EC-assisted IoT including definitions, applications, architecture, advantages, and challenges. Second, we define security and privacy in the context of EC-assisted IoT. Then, we extensively discuss the major classifications of attacks in EC-assisted IoT and provide possible solutions and countermeasures along with the related research efforts. After that, we further classify some security and privacy issues as discussed in the literature based on security services and based on security objectives and functions. Finally, several open challenges and future research directions for secure EC-assisted IoT paradigm are also extensively provided.
CICS: Cloud–Internet Communication Security Framework for the Internet of Sma...AlAtfat
— The internet of smart devices is a network of intelligent gadgets
with sensors, programs, Wi-Fi and communication network connections. These
devices store the data in cloud and process data outside the device using the
proposed Cloud-Internet communication framework. These devices can
communicate with other devices using the proposed framework. However, there
are many challenges for communication security among the internet of smart
devices. The Cloud can store the device data with security, reliability, privacy
and service availability. The communication Security has been raised as one of
the most critical issues of cloud computing where resolving such an issue would
result in a constant growth in the use and popularity of cloud computing. Our
purpose of this study is to create a framework for providing the communication
security among smart devices network for the internet of things using cloud
computing. Our main contribution links a new study for providing
communication security for the internet of smart devices using the cloud-Internet
framework. This study can be helpful for communication security problem in the
framework of the Internet of Things. The proposed study generates a new
framework for solving the issue of communication security among internet of
smart devices.
Privacy-aware secured discrete framework in wireless sensor networkIJECEIAES
Rapid expansion of wireless sensor network-internet of things (WSN-IoT) in terms of application and technologies has led to wide research considering efficiency and security aspects. Considering the efficiency approach such as data aggregation along with consensus mechanism has been one of the efficient and secure approaches, however, privacy has been one of major concern and it remains an open issue due to low classification and high misclassification rate. This research work presents the privacy and reliable aware discrete (PRD-aggregation) framework to protect and secure the privacy of the node. It works by initializing the particular variable for each node and defining the threshold; further nodes update their state through the functions, and later consensus is developed among the sensor nodes, which further updates. The novelty of PRD is discretized transmission for efficiency and security. PRD-aggregation offers reliability through efficient termination criteria and avoidance of transmission failure. PRD-aggregation framework is evaluated considering the number of deceptive nodes for securing the node in the network. Furthermore, comparative analysis proves the marginal improvisation in terms of discussed parameter against the existing protocol.
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
In recent years, the number of end users connected to the internet of things (IoT) has increased, and we have witnessed the emergence of the cloud computing paradigm. These users utilize network resources to meet their quality of service (QoS) requirements, but traditional networks are not configured to backing maximum of scalability, real-time data transfer, and dynamism, resulting in numerous challenges. This research presents a new platform of IoT architecture that adds the benefits of two new technologies: software-defined networking and fog paradigm. Software-defined networking (SDN) refers to a centralized control layer of the network that enables sophisticated methods for traffic control and resource allocation. So, fog paradigm allows for data to be analyzed and managed at the edge of the network, making it suitable for tasks that require low and predictable delay. Thus, this research provides an in-depth view of the platform organize and performance of its base ingredients, as well as the potential uses of the suggested platform in various applications.
Content-Based Image Retrieval (CBIR) systems have been used for the searching of relevant images in various research areas. In CBIR systems features such as shape, texture and color are used. The extraction of features is the main step on which the retrieval results depend. Color features in CBIR are used as in the color histogram, color moments, conventional color correlogram and color histogram. Color space selection is used to represent the information of color of the pixels of the query image. The shape is the basic characteristic of segmented regions of an image. Different methods are introduced for better retrieval using different shape representation techniques; earlier the global shape representations were used but with time moved towards local shape representations. The local shape is more related to the expressing of result instead of the method. Local shape features may be derived from the texture properties and the color derivatives. Texture features have been used for images of documents, segmentation-based recognition,and satellite images. Texture features are used in different CBIR systems along with color, shape, geometrical structure and sift features.
The cyber attacks have become most prevalent in the past few years. During this time, attackers have discovered new vulnerabilities to carry out malicious activities on the internet. Both the clients and the servers have been victimized by the attackers. Clickjacking is one of the attacks that have been adopted by the attackers to deceive the innocuous internet users to initiate some action. Clickjacking attack exploits one of the vulnerabilities existing in the web applications. This attack uses a technique that allows cross domain attacks with the help of userinitiated clicks and performs unintended actions. This paper traces out the vulnerabilities that make a website vulnerable to clickjacking attack and proposes a solution for the same.
Performance Analysis of Audio and Video Synchronization using Spreaded Code D...Eswar Publications
The audio and video synchronization plays an important role in speech recognition and multimedia communication. The audio-video sync is a quite significant problem in live video conferencing. It is due to use of various hardware components which introduces variable delay and software environments. The objective of the synchronization is used to preserve the temporal alignment between the audio and video signals. This paper proposes the audio-video synchronization using spreading codes delay measurement technique. The performance of the proposed method made on home database and achieves 99% synchronization efficiency. The audio-visual
signature technique provides a significant reduction in audio-video sync problems and the performance analysis of audio and video synchronization in an effective way. This paper also implements an audio- video synchronizer and analyses its performance in an efficient manner by synchronization efficiency, audio-video time drift and audio-video delay parameters. The simulation result is carried out using mat lab simulation tools and simulink. It is automatically estimating and correcting the timing relationship between the audio and video signals and maintaining the Quality of Service.
Due to the availability of complicated devices in industry, models for consumers at lower cost of resources are developed. Home Automation systems have been developed by several researchers. The limitations of home automation includes complexity in architecture, higher costs of the equipment, interface inflexibility. In this paper as we have proposed, the working protocol of PIC 16F72 technology is which is secure, cost efficient, flexible that leads to the development of efficient home automation systems. The system is operational to control various home appliances like fans, Bulbs, Tube light. The following paper describes about components used and working of all components connected. The home automation system makes use of Android app entitled “Home App” which gives
flexibility and easy to use GUI.
Semantically Enchanced Personalised Adaptive E-Learning for General and Dysle...Eswar Publications
E-learning plays an important role in providing required and well formed knowledge to a learner. The medium of e- learning has achieved advancement in various fields such as adaptive e-learning systems. The need for enhancing e-learning semantically can enhance the retrieval and adaptability of the learning curriculum. This paper provides a semantically enhanced module based e-learning for computer science programme on a learnercentric perspective. The learners are categorized based on their proficiency for providing personalized learning environment for users. Learning disorders on the platform of e-learning still require lots of research. Therefore, this paper also provides a personalized assessment theoretical model for alphabet learning with learning objects for
children’s who face dyslexia.
Agriculture plays an important role in the economy of our country. Over 58 percent of the rural households depend on the agriculture sector as their means of livelihood. Agriculture is one of the major contributors to Gross Domestic Product(GDP). Seeds are the soul of agriculture. This application helps in reducing the time for the researchers as well as farmers to know the seedling parameters. The application helps the farmers to know about the percentage of seedlings that will grow and it is very essential in estimating the yield of that particular crop. Manual calculation may lead to some error, to minimize that error, the developed app is used. The scientist and farmers require the app to know about the physiological seed quality parameters and to take decisions regarding their farming activities. In this article a desktop app for seed germination percentage and vigour index calculation are developed in PHP scripting language.
What happens when adaptive video streaming players compete in time-varying ba...Eswar Publications
Competition among adaptive video streaming players severely diminishes user-QoE. When players compete at a bottleneck link many do not obtain adequate resources. This imbalance eventually causes ill effects such as screen flickering and video stalling. There have been many attempts in recent years to overcome some of these problems. However, added to the competition at the bottleneck link there is also the possibility of varying network bandwidth which can make the situation even worse. This work focuses on such a situation. It evaluates current heuristic adaptive video players at a bottleneck link with time-varying bandwidth conditions. Experimental setup includes the TAPAS player and emulated network conditions. The results show PANDA outperforms FESTIVE, ELASTIC and the Conventional players.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
Spreading Trade Union Activities through Cyberspace: A Case StudyEswar Publications
This report present the outcome of an investigative research conducted to examine the modu-operandi of academic staff union of polytechnics (ASUP) YabaTech. The investigation covered the logistics and cost implication for spreading union activities among members. It was discovered that cost of management and dissemination of information to members was at high side, also logistics problem constitutes to loss of information in transit hence cut away some members from union activities. To curtail the problem identified, we proposed the
design of secure and dynamic website for spreading union activities among members and public. The proposed system was implemented using HTML5 technology, interface frameworks like Bootstrap and j query which enables the responsive feature of the application interface. The backend was designed using PHPMYSQL. It was discovered from the evaluation of the new system that cost of managing information has reduced considerably, and logistic problems identified in the old system has become a forgotten issue.
Identifying an Appropriate Model for Information Systems Integration in the O...Eswar Publications
Nowadays organizations are using information systems for optimizing processes in order to increase coordination and interoperability across the organizations. Since Oil and Gas Industry is one of the large industries in whole of the world, there is a need to compatibility of its Information Systems (IS) which consists three categories of systems: Field IS, Plant IS and Enterprise IS to create interoperability and approach the
optimizing processes as its result. In this paper we introduce the different models of information systems integration, identify the types of information systems that are using in the upstream and downstream sectors of petroleum industry, and finally based on expert’s opinions will identify a suitable model for information systems integration in this industry.
Link-and Node-Disjoint Evaluation of the Ad Hoc on Demand Multi-path Distance...Eswar Publications
This work illustrates the AOMDV routing protocol. Its ancestor, the AODV routing protocol is also described. This tutorial demonstrates how forward and reverse paths are created by the AOMDV routing protocol. Loop free paths formulation is described, together with node and link disjoint paths. Finally, the performance of the AOMDV routing protocol is investigated along link and node disjoint paths. The WSN with the AOMDV routing protocol using link disjoint paths is better than the WSN with the AOMDV routing protocol using node disjoint paths for energy consumption.
Bridging Centrality: Identifying Bridging Nodes in Transportation NetworkEswar Publications
To identify the importance of node of a network, several centralities are used. Majority of these centrality measures are dominated by components' degree due to their nature of looking at networks’ topology. We propose a centrality to identification model, bridging centrality, based on information flow and topological aspects. We apply bridging centrality on real world networks including the transportation network and show that the nodes distinguished by bridging centrality are well located on the connecting positions between highly connected regions. Bridging centrality can discriminate bridging nodes, the nodes with more information flowed through them and locations between highly connected regions, while other centrality measures cannot.
Now a days we are living in an era of Information Technology where each and every person has to become IT incumbent either intentionally or unintentionally. Technology plays a vital role in our day to day life since last few decades and somehow we all are depending on it in order to obtain maximum benefit and comfort. This new era equipped with latest advents of technology, enlightening world in the form of Internet of Things (IoT). Internet of things is such a specified and dignified domain which leads us to the real world scenarios where each object can perform some task while communicating with some other objects. The world with full of devices, sensors and other objects which will communicate and make human life far better and easier than ever. This paper provides an overview of current research work on IoT in terms of architecture, a technology used and applications. It also highlights all the issues related to technologies used for IoT, after the literature review of research work. The main purpose of this survey is to provide all the latest technologies, their corresponding
trends and details in the field of IoT in systematic manner. It will be helpful for further research.
Automatic Monitoring of Soil Moisture and Controlling of Irrigation SystemEswar Publications
In past couple of decades, there is immediate growth in field of agricultural technology. Utilization of proper method of irrigation by drip is very reasonable and proficient. A various drip irrigation methods have been proposed, but they have been found to be very luxurious and dense to use. The farmer has to maintain watch on irrigation schedule in the conventional drip irrigation system, which is different for different types of crops. In remotely monitored embedded system for irrigation purposes have become a new essential for farmer to accumulate his energy, time and money and will take place only when there will be requirement of water. In this approach, the soil test for chemical constituents, water content, and salinity and fertilizer requirement data collected by wireless and processed for better drip irrigation plan. This paper reviews different monitoring systems and proposes an automatic monitoring system model using Wireless Sensor Network (WSN) which helps the farmer to improve the yield.
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelEswar Publications
With the advent of cloud computing the big data has emerged as a very crucial technology. The certain type of cloud provides the consumers with the free services like storage, computational power etc. This paper is intended to make use of infrastructure as a service where the storage service from the public cloud providers is going to leveraged by an individual or organization. The paper will emphasize the model which can be used by anyone without any cost. They can store the confidential data without any type of security issue, as the data will be altered
in such a way that it cannot be understood by the intruder if any. Not only that but the user can retrieve back the original data within no time. The proposed security model is going to effectively and efficiently provide a robust security while data is on cloud infrastructure as well as when data is getting migrated towards cloud infrastructure or vice versa.
Impact of Technology on E-Banking; Cameroon PerspectivesEswar Publications
The financial services industry is experiencing rapid changes in services delivery and channels usage, and financial companies and users of financial services are looking at new technologies as they emerge and deciding whether or not to embrace them and the new opportunities to save and manage enormous time, cost and stress.
There is no doubt about the favourable and manifold impact of technology on e-banking as pictured in this review paper, almost all banks are with the least and most access e-banking Technological equipments like ATMs and Cards. On the other Hand cheap and readily available technology has opened a favourable competition in ebanking services business with a lot of wide range competitors competing with Commercial Banks in Cameroon in providing digital financial services.
Classification Algorithms with Attribute Selection: an evaluation study using...Eswar Publications
Attribute or feature selection plays an important role in the process of data mining. In general the data set contains more number of attributes. But in the process of effective classification not all attributes are relevant.
Attribute selection is a technique used to extract the ranking of attributes. Therefore, this paper presents a comparative evaluation study of classification algorithms before and after attribute selection using Waikato Environment for Knowledge Analysis (WEKA). The evaluation study concludes that the performance metrics of the classification algorithm, improves after performing attribute selection. This will reduce the work of processing irrelevant attributes.
Mining Frequent Patterns and Associations from the Smart meters using Bayesia...Eswar Publications
In today’s world migration of people from rural areas to urban areas is quite common. Health care services are one of the most challenging aspect that is must require to the people with abnormal health. Advancements in the technologies lead to build the smart homes, which contains various sensor or smart meter devices to automate the process of other electronic device. Additionally these smart meters can be able to capture the daily activities of the patients and also monitor the health conditions of the patients by mining the frequent patterns and
association rules generated from the smart meters. In this work we proposed a model that is able to monitor the activities of the patients in home and can send the daily activities to the corresponding doctor. We can extract the frequent patterns and association rules from the log data and can predict the health conditions of the patients and can give the suggestions according to the prediction. Our work is divided in to three stages. Firstly, we used to record the daily activities of the patient using a specific time period at three regular intervals. Secondly we applied the frequent pattern growth for extracting the association rules from the log file. Finally, we applied k means clustering for the input and applied Bayesian network model to predict the health behavior of the patient and precautions will be given accordingly.
Network as a Service Model in Cloud Authentication by HMAC AlgorithmEswar Publications
Resource pooling on internet-based accessing on use as pay environmental technology and ruled in IT field is the
cloud. Present, in every organization has trusted the web, however, the information must flow but not hold the
data. Therefore, all customers have to use the cloud. While the cloud progressing info by securing-protocols. Third
party observing and certain circumstances directly stale in flow and kept of packets in the virtual private cloud.
Global security statistics in the year 2017, hacking sensitive information in cloud approximately maybe 75.35%,
and the world security analyzer said this calculation maybe reached to 100%. For this cause, this proposed
research work concentrates on Authentication-Message-Digest-Key with authentication in routing the Network as
a Service of packets in OSPF (Open Shortest Path First) implementing Cloud with GNS3 has tested them to
securing from attackers.
Microstrip patch antennas are recently used in wireless detection applications due to their low power consumption, low cost, versatility, field excitation, ease of fabrication etc. The microstrip patch antennas are also called as printed antennas which is suffer with an array elements of antenna and narrow bandwidth. To overcome the above drawbacks, Flame Retardant Material is used as the substrate. Rectangular shape of microstrip patch antenna with FR4 material as the substrate which is more suitable for the explosive detection applications. The proposed printed antenna was designed with the dimension of 60 x 60 mm2. FR-4 material has a dielectric constant value of 4.3 with thickness 1.56 mm, length and width 60 mm and 60 mm respectively. One side of the substrate contains the ground plane of dimensions 60 x60 mm2 made of copper and the other side of the substrate contains the patch which have dimensions 34 x 29 mm2 and thickness 0.03mm which is also made of copper. RMPA without slot, Vertical slot RMPA, Double horizontal slot RMPA and Centre slot RMPA structures were
designed and the performance of the antennas were analysed with various parameters such as gain, directivity, Efield, VSWR and return loss. From the performance analysis, double horizontal slot RMPA antenna provides a better result and it provides maximum gain (8.61dB) and minimum return loss (-33.918dB). Based on the E-field excitation value the SEMTEX explosive material is detected and it was simulated using CST software.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Epistemic Interaction - tuning interfaces to provide information for AI support
Security Solutions against Computer Networks Threats
1. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 01 Pages: 2576-2581 (2015) ISSN: 0975-0290
2576
Security Solutions against Computer Networks
Threats
Fatemeh Soleimani Roozbahani
PhD Candidate for IT Management, Islamic Azad University, Science and Research Branch of Tehran, Iran
Email: Fa.Solaymani@gmail.com
Reihaneh Azad
Master Student of IT Management, Farabi Institute of Higher Education, Karaj, Iran
Email: Azad.mit92@hotmail.com
----------------------------------------------------------------------ABSTRACT-----------------------------------------------------------
The spread of information networks in communities and organizations have led to a daily huge volume of
information exchange between different networks which, of course, has resulted in new threats to the national
organizations. It can be said that information security has become today one of the most challenging areas. In
other words, defects and disadvantages of computer network security address irreparable damage for enterprises.
Therefore, identification of security threats and ways of dealing with them is essential. But the question raised in
this regard is that what are the strategies and policies to deal with security threats that must be taken to ensure
the security of computer networks? In this context, the present study intends to do a review of the literature by
using earlier researches and library approach, to provide security solutions in the face of threats to their
computer networks. The results of this research can lead to more understanding of security threats and ways to
deal with them and help to implement a secure information platform.
Keywords - Computer Network, Security, Threats.
-------------------------------------------------------------------------------------------------------------------------------------------------
Date of Submission: June 26, 2015 Date of Acceptance: July 17, 2015
-------------------------------------------------------------------------------------------------------------------------------------------------
1. INTRODUCTION
The increasing development of communication and
information technology has doubled the need for exchange
of information and data [1] the emergence of computer
networks in all industries in the 70’s improve the
production of knowledge and gave it a high acceleration.
Since then, the individual wisdom has turned into plural
wisdom and the private thoughts of intellectuals became
the great minds of the elite Global Village [2]. According
to the statistics, from 2020 onwards, human knowledge
will be doubled every 72 days [3]. The cost of information
processing is cheap today and communication costs are
decreasing as the world’s exchanging is increasing [4].
The role of information in organizations therefore can be
clearly seen as one of the most vital assets [5].
With the development of the Internet and its use in
different dimensions, organizations and institutions have
faced invasion with new issues related to information
security and computer networks [6] in a way that
technology information industry and communication are
looking for security solutions for these networks [7]. So it
can be said that security in the real world in individual and
social scale is a dynamic concept interpreted by the effect
of the new national and international opportunities and
threats [8] and a secure network must be protected against
intentional and unintentional attack and have a good
response time, availability or high readiness, reliability or
high reputation, integrity and be flawless and provide
scalability as well as accurate information [7]. The
vulnerability of computer networks as IT infrastructure, is
one of the major problems in this area [9] and the intensive
competition and the increasing volume of data traffic, have
had the telecommunications providers to reload and
review the existing network [10]. Vizandan et al. (2011)
controlling vulnerabilities and security threats have been
considered one of the most serious issues [11]. Azarpour
et al (2012) have also mention the acceptable level of
security as a key requirement for a lot of people who use
computer networks in earnest [12]. The question that
arises is: what solutions and technologies should be taken
into account against computer network threats to ensure
the security and confidentiality of information on
individuals and organizations?
Given the necessity and in order to respond to the
mentioned question, the current study aims to use library
approach and reviewing the earlier investigations to
provide solutions for securing computer networks. The
results of this study can be used to identify the threats to
network security to implement an effective and secure
computer platform.
2. THEORETICAL FOUNDATIONS OF RESEARCH
2.1 Computer Networks
The term network means a set of serial lines that are used
to connect the terminals to large computers [13]. Thus, the
definition of the computer network is a set of independent
computers that are connected to a single technology. Two
computers are connected to each other when they can
exchange information [14]. Basically a computer network
consists of two or more computers and peripherals such as
printers, scanners, etc. that are directly related to share
hardware, software and information resources [12].
Computer networks are classified according to various
factors including: longitude, interconnection, management
and architecture [15]. Some computer networks are called
2. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 01 Pages: 2576-2581 (2015) ISSN: 0975-0290
2577
local area network or LAN (network within home, office
buildings, health care facilities, or in academia),
metropolitan area network, or MAN (in a geographic area
such as a city or metropolitan provinces) and wide Area
Network or WAN (wide area network for the geographic
area like a state). WAN networks are formed from LAN’s
in several different ways, which are connected by routers.
The Internet is a final WAN [16]. Fig 1 shows an image of
computer networks [17]:
Fig 1 - Computer Networks[17].
2.2 Computer Security
Computer security is a generic name for a set of tools
designed to protect data and thwart hackers [18]. This
concept includes many aspects of physical protection
equipment to protect the electronic bits and bytes that
make up the network information [19]. Computer security
has four main key goals which include confidentiality,
accuracy, privacy and availability [20].
Confidentiality: This term covers a related
concept:
Confidentiality of information ensures that private
and confidential information is not accessible to
unauthorized persons.
Privacy: ensures the information which have
been collected and saved by people is accessible
by them and who this information can be
revealed to.
Accuracy: The term covers two related concepts:
Accuracy of the information ensures that data and
applications are allowed to change only on a
specific procedure.
Accuracy System ensures that a desired function
runs in the correct manner, free from deliberate or
inadvertent unauthorized manipulation.
Availability: ensures that the system works
quickly and does not exclude authorized users
[21].
3. RESEARCH HISTORY
Security of computer networks is a complex problem that
is considered by managers of organizational centers more
and more every day [22]. A lot of research has been done
in this regard. Among these Hojaji’s study (2008) can be
noted which has provided security framework for services
in next generation networks, from his perspective, the
simple and traditional infrastructure replacing with
integrated and multilayered infrastructure will make the
service network operators face security challenges and
data privacy issues and suppliers from this platform are
exposed to new risks [10]. Vizendan et al (2011) have
investigated the symmetric encryption algorithms which
have many applications in the secure network and
communications infrastructure [11]. Azarpour et al (2012)
also examined the importance of Honey Pot technology in
establishing network security and how the hackers have
been trapped by network specialists [12]. Results from
Javadzadeh et al (2013) investigation for design and
construction of the knowledge of systems expert for
network security test suggest lack of a proper user
interface, the interaction between humans and computers
has been the problem [9]. Gholipour et al (2014) also
provide a process for testing the security of web-based
intranet applications. In their opinion, security test must be
precisely done based on a rigorous process that he and his
colleagues proposed in 10 stages [8]. Results from the
Sayana investigation (2003) on the approach on network
security audits indicate that good security will not be
achieved only through high investments and the use of
sophisticated tools, but this area requires an information
system able to point the systematic management of
security devices through a well-defined processes
[23]. Alabady (2009) in a research on the design and
implementation of network security has presented a
checklist that assesses the amount of network security and
confidential data [24]. Daya (2010) in an article entitled
Network Security has the history and importance of
network security in the future. In his opinion to deal with
security threats in the future, network security needs to
rapidly changing [20].
4. NETWORK SECURITY
Network security is a process in which the security of a
network against internal and external threats is supplied to
better meet the organization's set of security mechanisms
and provide safe and reliable network that is called a
secure computer network [25]. In fact, security is a series
of security dimensions designed to express and manage
specific aspects of network security [7]. Security thinking
in network is to achieve three important factors that
together constitute the security triangle. These include
confidentiality and trusteeship, integrity and being
constantly available. The three basic principles form the
information security in the network or outside it so that all
necessary measures taken for the security of the network
or the equipment made, are all due to the need to apply
these three parameters in the maintenance and
exchange [12].
3. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 01 Pages: 2576-2581 (2015) ISSN: 0975-0290
2578
5. THREATS AND SECURITY VULNERABILITIES IN
COMPUTER SECURITY
When talking about network threats, these threats can be
events or people that lead to harm any network
data. Network threats can be natural, such as wind,
lightning, flooding, or may be accidental, such as
accidental deletion of files [26]. Threats to the security of
information systems can be classified in three main
categories of disclosure of confidential information (the
threat of disclosure), damage to the integrity of
information (the threat of manipulation) and the lack of
information (damaging services threats)[27]. From one
perspective, attacks are divided into two categories:
passive and active and in another perspective they can be
divided in destructive and nondestructive categories and in
another views they can be classified on their basis. The
common attacks on the network are as follows [28]:
Stop service attack (DOS): In this type of attack
other users can use the resources and information
and communication. This type of attack is active
and can be used by internal and external users.
Eavesdropping: a passive attack, the attacker
hears the exchange of data, information and
messages.
Traffic Analysis: this is a passive attack; the
attacker analyzes network traffic based on the
number of packets and gains valuable
information.
Message and Data Manipulation: active attack,
the attacker disturbs the comprehensiveness and
accuracy of the information with unauthorized
changes [28].
On the other hand the vulnerability of computer networks
as IT infrastructure is one of the major problems in this
area. The majority of the vulnerabilities are due to
improperly configured software and network
organizations [9]. In general, system vulnerabilities, flaws
or weaknesses are in the design or implementation of an
information system (including the security procedures and
security controls associated with the system), which can be
through loss of confidentiality, integrity or availability, as
willingly or unwillingly adversely affect the operations or
assets of the organization [29]. In other words, the
organizations identify security merely as a technological
issue or the software and security tools do their job
properly without failure, even though the biggest source of
security disasters is human error. In other words, in most
cases users without the knowledge of what they are doing
would provide network intrusion, so that even blind people
can be deceived through typical social engineering tricks
and use their lack of knowledge to penetrate the network
abuse [30]. Table 1 summarizes the various threats and
their consequences [31]:
Table 1: Summary of Various Threats and Their
Implications [31].
Threat Domestic/Foreign Threat Consequences
E-mail
containing
virus
Foreign origin,
domestic use
Can infect system’s reading
email and subsequently
spread throughout the
organization.
Network
Virus
Foreign Can enter through
unprotected ports and affect
the entire network.
Web-based
viruses
Internal views of
external sites
Can affect the system that
does the visit and then also
affect other internal systems.
Attack on
the server
Foreign If the server is compromised
by a hacker he can gain
access to internal network
systems.
Service
rejection
attacks
Foreign If the router is attacked the
entire network can fail and
external services such as
web, email and FTP can be
cumbering.
Network
User Attack
(internal
employee)
Internal Traditional firewall network
edge can prevent the
attack. Internal segmentation
firewalls can help internal
damage.
6. WAYS OF DEALING WITH SECURITY THREATS
AND VULNERABILITIES IN COMPUTER NETWORKS
Network security is vital to restrict internal and external
threats to an organization at different levels which with
appropriate security policy, these threats can be reduced to
a minimum. In other words, prevention includes all
mechanisms and policies to limit the scope of security
incidents and threats [32]. Security policies are rules
electronically programmed and saved to control some
areas as access privileges in security [33].
6.1 The Use of Encryption Techniques
No technique has ever provided 100% security. But the
most widely used technique is encryption. Encryption is a
technique that encrypts simple data and the text and makes
it difficult to understand or interpret. Currently there are
several encryption algorithms, secret key encryption,
public key encryption and encrypted message [15]. The
encryption systems can be divided into two broad
categories: first, symmetric encryption system in which
the receiver and transmitter agree on a private key that
nobody else must know. The second type, asymmetric
encryption with a public key which’s major cause of
creation was problems related to the key encryption
distribution [11].
4. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 01 Pages: 2576-2581 (2015) ISSN: 0975-0290
2579
6.2 Layered Security
Layered Security is a combination of several security
measures to ensure that not all security measures are at
one level. So it protects the network from resources and
threats [34]. The use of layered security is to ensure that
all possible ways of attacking are blocked where
prevention is not an option, but always identifying threats
is [35].
6.2.1 Layers of Security
Layer- 1 DNS: domain name system acts like a
phone book for a computer to find the name of
the website. This system is
usually ISP Provided. But for better security
DNS server can be used.
Layer 2- Firewall: firewalls act as a filter between
the network and the outside world and scan all
the network traffic and decide what traffic is
allowed to enter or exit [34]. Firewalls also
convert internal IP to IP addresses on the Internet,
providing a more secure network. This prevents
disclosure of important information about the
structure of the network covered by the
firewall [1].
Layer 3- Network: this layer monitor signs of
external threats [34]. In this level
IDS1
and IPS 2
are used; these technologies
analyze the network traffic passing through the
firewall in more detail [1].
Layer 4- Equipment: the existence of the network
firewall can ensure the protection of information,
thus the use of firewall can ensure any of the
equipment and systems that even if the network
firewall fails the system will always be protected.
Layer 5- Users: the user layer is often the most
difficult one to manage because of the need to
strike a balance between security and
convenience. So the best way to defend the
internal threat is awareness and training.
Layer 6- Applications: the software to be
installed from a reliable source and network
operating systems and be up to date is very
important to protect newly discovered exploits.
Layer 7- Data: for increased security, data must
be encrypted and have password [34].
1
Intrusion Detection System
2
Intrusion Prevention Systems
6.3 Penetration Test
Penetration testing is the process of investigation and
discovery of vulnerabilities and security weaknesses of a
system or a computer network and the possibility of
abusing the loopholes in order to carry out illegal
activities, or sabotage the team. The test is divided into
two categories: internal and external. Internal penetration
test relates to a process in which the test team, through the
organization's internal network, assesses the weaknesses
and possibilities of taking advantage of them. In the
external penetration test the team uses the internet
remotely, and without physical presence, to assess the
possible vulnerabilities and taking advantage of them
[36]. On the other hand, the method of testing network
security software based on the variety of vulnerabilities is
very specific and it is suggested for flaws so that 10
defects are chosen, and by modeling a threatening tree it
builds the attack tree and generalizes the test sequence in
an algorith. According to the theory of defects, the method
can be applied to a case to determine the validity of its
performance [8].
6.4 Intrusion Detection Systems (IDS)
There are many reasons to use intrusion detection system
as a necessary part of the system to protect it. Many
traditional systems and applications have been developed
without security [37]. Intrusion detection is a diagnostic
procedure that attempts to identify unauthorized access to
a network or the reduction of its performance [12]. Fig 2
shows a computer network intrusion detection
system [37]:
Fig 2: IDS in the computer network [37].
Intrusion detection system is divided into two main
categories: host-based intrusion detection system (HIDS)
and network-based intrusion detection system
(NIDS). HIDS assesses the information content of
operating systems, systems and software file and NIDS
analyzes the information in network communications and
evaluates the data packets that are exchanged over the
network [38].
6.5 Intrusion prevention system (IPS)
IPS uses IDS algorithm for monitoring and allows network
traffic to pass based on technical analysis. It usually works
in different areas of the network and actively manages any
5. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 01 Pages: 2576-2581 (2015) ISSN: 0975-0290
2580
suspicious activities that can bypass firewall [39]. In fact,
this system is a device or software that detects signs of
intrusion to the network. This includes generating alarms
and intrusion blocking [40]. Generally, IPS is set into the
network and monitors the information as they pass
inside. An IPS has the ability to do more than just warning
or log its decision. In addition, the system has the ability to
be programmed to react to what the diagnosis is. This
feature makes the response much better than the IDS and
IPS [12].
7. CONCLUSION
The importance of utilizing the information in today’s
developed world will lead to security threats. It can be said
that the protection of computer network of organizations,
is important to create a competitive advantage. Results
from this study showed that threats and damage computer
networks can be any person or event that could damage
the data. Computer network attacks can be divided into
two categories: passive and active attacks or internal and
external attacks. Attacks common to computer networks,
include denial of service attacks, eavesdropping, traffic
analysis, manipulation of messages and data, e-mails
containing viruses, network viruses, Web-based virus
attacks on Web servers and RAID network users. To deal
with these threats and vulnerabilities there are
techniques that exist, including encryption techniques
where simple data is encrypted in text in such a way that it
can be difficult to understand and interpret. This will
reduce the possibility of network intrusion. On the other
hand IDS and IPS techniques control the exchange of
information in the network and prevent unauthorized
access. After the implementation of the proposed
techniques using internal and external penetration test can
ensure security implementations. In this context, and based
on the findings of this study to enhance the security of
computer networks, the following suggestions are offered:
Identifying security breaches of computer
networks
Using a combination of techniques of computer
network security
Periodical Penetration Testing
Informing users of the computer network of
common security threats
Identifying further new security threats and ways
of dealing with them
Periodically update software and network
operating systems
The above suggestions can be effectively used to create a
secure platform for organizations.
REFERENCES
[1] N. Modiri, H. Arbasi. “Providing multiple layers to
increase the layered e network security”. The first
national conference on new approaches in computer
engineering and information retrieval. Gilan. 2013.
[2] M. Rahgozar. “Computer networks”. Book of the
Month Science and Technology, pp. 98-99, 2010.
[3] Sh. Ajudanian, M. Ahmadi, S. Tabatabaei.
“Providing a model for the localization of the
strategy of defense in depth in network security and
its analysis using SWOT analysis”. The National
Conference on Science and Computer Engineering,
Najaf Abad, 2012.
[4] M. Soufi, “Providing a new innovative and
intelligent approach to use in the design of security
systems detection engine to enhance the security of
network infrastructure”. The first Conference on
computer intelligent systems and their applications,
Tehran, 2011.
[5] Processor, "IT and computer networks security
“.Processor monthly, pp. 32-36, 2012.
[6] Sakharavesh, "the role of human factors in computer
network security”. Processor Monthly, pp. 24-27,
2011.
[7] N. Mashayekhi, M. Ashoorian, M. Riahi Nasab,
“Providing the security matrix as a layer in NGN
networks" the Third National Conference on
Information and Communication Technology,
Tehran, 2008.
[8] F. Gholi Poor, N. Modiri, M. Riahi Kashani,
Providing a process for testing the security of web-
based intranet applications," the National Conference
on Advances in science, engineering and basic
electronics, Tehran, 2014.
[9] M. Javad Zadeh, M. Kangavari, S. Fathi, "to design
and build the knowledge base of expert systems for
network security test," Journal of electronic and
cyber defense, pp. 43-51, 2013.
[10]F. Hohaji, "providing a framework of security for
services in next generation networks," the Third
National Conference on Information and
Communication Technology, Tehran, 2008.
[11]A. Vizandan, A. Mir Ghadri, J. Sheykh Zadegan,
"passive defense in infrastructure communications
networks with an emphasis on the security
assessment of flow encryption algorithms," Journal
of passive defense, pp. 47-52, summer and fall of
2011.
[12]M. Azar Poor, A. Dahar, M. Jahani Mir, “the
assessment of computer network security by Honey
Pot technique in IDS & IPS systems”," journal of
information technology era, pp. 78-84, 2012.
[13]L. Peterson and B. Davie, Computer Networks: A
Systems Approach, USA: Elsevier, Inc., 2012.
[14]A. Tanenbaum and . D. Wetherall, Computer
Networks, New Jersey: Pearson Prentice Hall, 2011.
[15]Tutorials Point (I) Pvt. Ltd., Data Communication
and Computer Network, INDIA:
www.tutorialspoint.com, 2014.
[16]K. Mansfield and J. Antonakos, Computer
Networking for LANS to WANS: Hardware,
Software and Security, USA: Course Technology,
Cengage Learning, 2010.
6. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 01 Pages: 2576-2581 (2015) ISSN: 0975-0290
2581
[17]J. Migga Kizza, Computer Network Security, New
York: Springer Science+Business Media, Inc. , 2005.
[18]K. Krishnan, Computer Networks and Computer
Security, North Carolina , United States: North
Carolina State University, 2004.
[19]T. Shinder, Dr. Tom Shinder's ISA Server 2006
Migration Guide, Burlington: Elsevier, Inc., 2007.
[20]B. Daya, "Network Security: History, Importance,
and Future," University of Florida Department of
Electrical and Computer Engineering, 2010.
[21]W. Stallings, NETWORK SECURITY
ESSENTIALS: APPLICATIONS AND
STANDARDS, USA: Pearson Education, Inc. ,
2011.
[22]Network, "just when it comes to network security,"
Network Magazine, 2013.
[23]A. Sayana, "Approach to Auditing Network
Security," INFORMATION SYSTEMS CONTROL
JOURNAL, 2003.
[24]S. Alabady, "Design and Implementation of a
Network Security Model for Cooperative Network,"
International Arab Journal of e-Technology, pp. 26-
36, 2009.
[25]S. Farahmand, "IT security and computer networks,"
Processor Monthly, pp. 32-36, 2010.
[26]N. Ahmad and K. Habib, Analysis of Network
Security Threats and Vulnerabilities by Development
& Implementation of a Security Network Monitoring
Solution, Sweden : Blekinge Institute of Technology,
2010.
[27]Analysts’s information age, "the performance of
network security system in the municipality ICT,"
the information age analysts, pp. 54-55, 2011.
[28]Processor, "a security model for computer
networks," Processor Monthly, p. 39, 2014.
[29]O. Awodele, E. Enyinnaya Onuiri and S. Okolie,
"Vulnerabilities in Network Infrastructures and
Prevention/Containment Measures," in Proceedings
of Informing Science & IT Education Conference
(InSITE) , California , 2012.
[30]B. Berner, "Seven unforgivable errors in network
security,” Binesh Magazine, pp. 53-55, 2011.
[31]C. Leidigh, "Fundamental Principles of Network
Security," American Power Conversion, 2005.
[32]K. Mahmoudi, M. Ketabdari, M. Saybani, “the
identification of penetration to military systems
computer networks by anomaly detection method,"
Journal of Marine Science and Technology, pp. 17-
27, 2013.
[33]Cisco, "Network Security," Cisco Systems, 2001.
[34]FORTINET, "A Look at Layered Security,"
FORTINET High Performance Network Security,
2015.
[35]M. Kedgley, "The Art of Layered Security - Data
Protection in a Threatscape of Modern Malware," A
New Net Technologies Whitepaper, 2012 .
[36]S. Nikookar, "penetration tests in computer
networks," journal of information technology era, pp.
95-99, 2012.
[37]A. Anand and B. Patel , "An Overview on Intrusion
Detection System and Types of Attacks It Can
Detect Considering Different Protocols,"
International Journal of Advanced Research in
Computer Science and Software Engineering, pp. 94-
98, 2012.
[38]M. Sazzadul Hoque, A. Mukit and A. N. Bikas, "AN
IMPLEMENTATION OF INTRUSION
DETECTION SYSTEM USING GENETIC
ALGORITHM," International Journal of Network
Security & Its Applications (IJNSA), pp. 109-120,
2012.
[39]N. DULANOVIĆ, D. HINIĆ and D. SIMIĆ, "AN
INTRUSION PREVENTION SYSTEM AS A
PROACTIVE SECURITY MECHANISM IN
NETWORK INFRASTRUCTURE," Yugoslav
Journal of Operations Research , pp. 109-122, 2008.
[40]S. Piper, Intrusion Prevention Systems, Indiana:
Wiley Publishing, Inc., 2011 .
Biographies and Photographs
Miss. Fatemeh Soleimani Roozbahani
has obtained B.S. degree in Nuclear
Physics from Shahid Chamran University
in 2009, and has obtained Master degree
in Information Technology Management
summa cum laude with a cumulative
GPA of 19.76 [out of 20] amongst the
graduates of this major who had been graduated in 2011
from Farabi University. Presently she is pursuing Ph.D. in
Information Technology Management in SRBIA
University. Her research fields are Information Business
Intelligence, Systems Integration, Strategic Information
Systems, e- Banking, e- Commerce, Knowledge
Management and Security in Computer Networks. She is
appointed as a Lecturer in Azad University, Deptt. of
Information Technology.
Miss. Reihaneh Azad received her B.S
Degree in Computer Engineering from
Saeb University, Abhar, Iran in 2008.
She’s Master Student of IT
Management in Farabi University,
Karaj, Iran and works as software
supporter expert in Pasargad Bank
Electronic Payment Company, Tehran, Iran. Her research
interest includes E-Commerce, Information Systems,
Knowledge Management, Computer Network, Data
mining and E-Banking. She has authored 6 research papers
in proceedings & journals.