Heru Pranata,Leon Andretti Abdillah,Usman Ependi

DOI: https://doi.org/10.48550/arXiv.1508.05457

2015-08-22

Abstract:Development of information technology, especially in the field of computer network allows the exchange of information faster and more complex and the data that is exchanged can vary. Security of data on communication in the network is a major thing. Secure socket layer (SSL) is the solution to the problem, but further research on the security of the SSL protocol transactions should be done to determine the extent of SSL can secure the data on the network. When the computer sends data across the network, the data is transmitted in packets. Sniffing is a technique of monitoring of every packet traversing the network. Security threat presented by sniffers is their ability to capture all incoming and outgoing packets through the network, which includes the passwords, usernames and other sensitive issues. Packet sniffer captures the data addressed to other devices, which will then be stored for later analysis later. Sniffing can also be used by system administrators to monitor the network and solve problems in the network.

Cryptography and Security

Ishaan Lodha,Lakshana Kolur,K. Sree Hari,Honnavalli Prasad

DOI: https://doi.org/10.1007/978-981-15-2612-1_70

2019-11-30

Abstract:The Internet of Things (IoT) is an exploding market as well as a important focus area for research. Security is a major issue for IoT products and solutions, with several massive problems that are still commonplace in the field. In this paper, we have successfully minimized the risk of data eavesdropping and tampering over the network by securing these communications using the concept of tunneling. We have implemented this by connecting a router to the internet via a Virtual Private network while using PPTP and L2TP as the underlying protocols for the VPN and exploring their cost benefits, compatibility and most importantly, their feasibility. The main purpose of our paper is to try to secure IoT networks without adversely affecting the selling point of IoT.

Networking and Internet Architecture

Meiad Jrad Hamood Aljrad,Kawther Al-Dhlan

DOI: https://doi.org/10.20428/jst.v27i2.2055

2023-02-28

Journal of Science and Technology

Abstract:Although the Internet of Things (IoT) developers view human users as the weakest cybersecurity link and potentially a deciding factor in IoT security, IoT devices are exposed to a variety of security flaws and vulnerabilities, which most social engineers take advantage of to launch several data-collection attacks. For various purposes, this study looked at improving data security on MySQL databases and web pages by using TSL encryption protocols and the two algorithms (RSA & AES) that correlate with the Internet of Things environment and enable user authentication. The implementation was done on the proposed models and encryption methods used. This study aimed to protect the information that is shared on the Internet and connect IoT devices in a secure environment. The results revealed that the proposed study increased the level of protection with the help of complex conditions specified when registering the user and protecting it against attacks. As a result, one of the most important events that came true is the existence of cybersecurity. It is expected that this research will enhance the understanding of the IoT environment and exploit social engineering attacks to impose security on the IoT environment and preserve the rights of human users.

Dr. Timur Mirzoev,Stacey White

DOI: https://doi.org/10.48550/arXiv.1404.2172

2014-04-08

Abstract:This study investigates the role of the client isolation technology Public Secure Packet Forwarding (PSPF) in defending 802.11 wireless (Wi-Fi) clients, connected to a public wireless access point, from Address Resolution Protocol (ARP)cache poisoning attacks, or ARP spoofing. Exploitation of wireless attack vectors such as these have been on the rise and some have made national and international news. Although client isolation technologies are common place in most wireless access points, they are rarely enabled by default. Since an average user generally has a limited understanding of IP networking concepts, it is rarely enabled during access point configurations. Isolating wireless clients from one another on unencrypted wireless networks is a simple and potentially effective way of protection. The purpose of this research is to determine if a commonly available and easily implementable wireless client isolation security technology, such as PSPF, is an effective method for defending wireless clients against attacks.

Networking and Internet Architecture,Cryptography and Security

Sondy Kumajas,Julius Sasukul,Alexander Siwi,Hellena Saruan

DOI: https://doi.org/10.62711/ijite.v1i2.41

2022-03-24

Abstract:This study discusses the security analysis of Wireless Local Area Network (Wireless LAN) in the Community against external attacks on the Wireless Protected Access (WPA), Web Proxy, and Virtual Private Network (VPN) protocols, used to attack LAN. Three types of software are used as attackers, namely, Network Stumbler, Aircrack and Wireshark attackers. The software is used on the laptop at a distance of 5m to 25m from the Wireless LAN access point. From the experimental results, it can be seen that the fastest response time by the WPA Protocol was given by the Network Stumbler attacker, followed by Aircrack and Wireshark.

Kinjal Shah,Satya Prakash Ghrera,Alok Thaker

DOI: https://doi.org/10.5121/ijdps.2012.3319

2012-06-08

Abstract:VoIP (Voice over Internet Protocol) is a growing technology during last decade. It provides the audio, video streaming facility on successful implementation in the network. However, it provides the text transport facility over the network. Due to implementation of it the cost effective solution, it can be developed for the intercommunication among the employees of a prestigious organization. The proposed idea has been implemented on the audio streaming area of the VoIP technology. In the audio streaming, the security vulnerabilities are possible on the VoIP server during communication between two parties. In the proposed model, first the VoIP system has been implemented with IVR (Interactive Voice Response) as a case study and with the implementation of the security parameters provided to the asterisk server which works as a VoIP service provider. The asterisk server has been configured with different security parameters like VPN server, Firewall iptable rules, Intrusion Detection and Intrusion Prevention System. Every parameter will be monitored by the system administrator of the VoIP server along with the MySQL database. The system admin will get every update related to the attacks on the server through Mail server attached to the asterisk server. The main beauty of the proposed system is VoIP server alone is configured as a VoIP server, IVR provider, Mail Server with IDS and IPS, VPN server, connection with database server in a single asterisk server inside virtualization environment. The VoIP system is implemented for a Local Area Network inside the university system

Networking and Internet Architecture

Ellen Dolan,Riya Widayanti

DOI: https://doi.org/10.34306/ijcitsm.v2i1.93

2022-03-23

International Journal of Cyber and IT Service Management

Abstract:Because of the growing number of apps that use client servers, both desktop and WEB applications, each user must learn a large number of user ids and passwords, because each application requires authentication in order to use it for security reasons. Furthermore, the development of network media, both wired and wireless, is accelerating. In the scenarios stated above, RADIUS (Remote Authentication Dial-In User Service) technology is required since the RADIUS approach allows a user to utilize a single user id to access several applications, both desktop and web-based. The RADIUS protocol may be used with both wired and wireless media.

Marcel Maatkamp,Martin van Delden,Nhien An LeKhac

DOI: https://doi.org/10.13140/RG.2.1.1412.0720

2016-02-24

Abstract:Protecting computer systems handling possible sensitive information is of the utmost importance. Those systems are typically air-gapped with data diodes to assure that no information can physically flow back. Traditional computer protocols like HTTP or SOAP which are normally used to transport information between computers are typical bi-directional communication protocols and are thus unsuitable to be used over a data diode. Currently the only commercially available protocols over a data diode sold by vendors are file-based protocols. Other protocols can be custom made but are expensive and proprietary. There are currently no open source solutions to stream data in a generic way over a data diode other than those file-based solutions. Purpose of the dissertation is to research if open source technology can be used to mirror the contents of a messagebus over a data diode to get a cost effective security-proof and almost maintenance-free solution. and to further research if this technology can be used to transfer not only plain text data but also data sensitive by nature by using end-to-end encryption so that this information could even be admitted as evidence. Method used to validate the research is a practical case study that shows how a sensor stream can send unencrypted and encrypted events over a data diode of arbitrary size via a message bus which are transparently and securely transferred and re-emitted internally without any kind of configuration management. Results show that it is indeed possible to successfully mirror data from a Message Bus over a data diode and it is thus worthwhile to further invest in this technology.

Networking and Internet Architecture,Cryptography and Security

Jamil Abedalrahim Jamil Alsayaydeh,Irianto,Mohanad Faeq Ali,Mohammed Nasser Mohammed Al-Andoli,Safarudin Gazali Herawan

DOI: https://doi.org/10.1109/access.2024.3361407

IF: 3.9

2024-02-10

IEEE Access

Abstract:In applications related to smart cities, the Internet of Things (IoT) promotes service scalability regardless of variations in user density. Many customers require several safety procedures to supply reliable and effective application services. Undependable user identity was the cause of the current case of Permanent Denial of Service (PDoS). The article discusses service-dependent application authentication (SRAA), a defense against PDoS attacks, in the context of smart cities. This authentication method uses the controlled access distribution mechanism to provide application security. The user application's link connectivity and synchronization capabilities with the user device are used in the monitored access distribution. Backpropagation (BP) learning is used to find errors in the user device, implementation, and verification connections. BP learning minimizes the given weights using the anomaly learned from the initial access distribution phase. The anomaly has been identified in order of earlier training eras to enable coordinated authorization for the distributed services. PDoS causes fewer weights to become disconnected from the service, diminishing the number of service failures for linked devices. The experimental findings have been implemented, and the suggested SRAA model lowers computation overhead by 18.14% and false rate by 10.96%, access success by 9.07%, authenticating duration by 15.38% and synchronization failure by 8.94% compared to other existing models.

computer science, information systems,telecommunications,engineering, electrical & electronic

Amilia Anggraeni,Jafaruddin Gusti Amri Ginting,Syariful Ikhwan

DOI: https://doi.org/10.20895/infotel.v14i4.813

2022-11-01

JURNAL INFOTEL

Abstract:Computer networks are built to achieve the main goal of communicating with each other . During the transmission process, it is expected that information can be conveyed quickly, efficiently and safely. Network security serves to avoid damage or even data loss caused by attacker activities during the communication process. Security aspects that need to be maintained in data information are Confidentiality, Integrity and Availability. Intrusion Prevention System is a solution that can maintain network security from various attacks. The Intrusion Prevention System will act as a protector on the network by detecting and preventing suspicious traffic on nodes in a network. The Intrusion Prevention System in its implementation has several tools which are used in this study, namely Snort and IPTables. Testing is done by performing attacks on the Web Server. The attacks carried out are Port Scanning, DDoS attacks and Brute Force. The results of this study are based on the CIA Triad with the three attacks having different characteristics in terms of cause and effect. On the defense side, Port Scanning and Brute Force can be easily prevented by IPS, but in DDoS attacks there are differences in results between drop and reject rule. In a DDoS attack with an action drop rule, it can recover the web server in 160 seconds while the action reject rule can be restored at 145 seconds which normally can be recovered in a DDoS attack in 165 seconds. The IPS server can also reduce resources when there is a DDoS attack by 9.2% .

Ruhul Amin,Isha Pali,Venkatasamy Sureshkumar

DOI: https://doi.org/10.1016/j.jisa.2020.102729

IF: 4.96

2021-05-01

Journal of Information Security and Applications

Abstract:<p>Software-Defined Network (SDN) improves the performance of the network model by managing the whole system through a programmed software. Nowadays, the concept of SDN can be applied in several application areas such as Wireless Sensor Network (WSN), Internet of Things (IoT) communications, cloud–fog computing, Vehicular Ad-hoc Networks (VANETs), etc. To improve the overall network performance, we have integrated SDN technology in the VANET system for Vehicle to Vehicle(V2V) communication. Security is a major concern in the SDN enabled VANET system. The main objective of this paper is to design an authentication protocol which will establish a common session key for secure communication. Further, this paper provides a solution to protect against the RSU compromisation attack which is always a challenging task. The simulation using the Scyther tool confirms that all the private information is being protected during the protocol run. Moreover, informal security analysis shows that the protocol has no security weaknesses. Besides, the proposed protocol achieves better performance in the aspect of security features and also in terms of computation and communication overheads.</p>

computer science, information systems

Rayco William,Ikhwan Ruslianto,Uray Ristian

DOI: https://doi.org/10.24114/cess.v8i1.40258

2023-01-21

Abstract:Server is a center for providing services and storing data in a computer network. A server is managed by server administrator who has a duty of monitoring security server. While on duty, there are deficiencies in detecting attacks, the slow information about the attacks, and how to handle attacks on the server. In this research, a server security system was created by implementing an Intrusion Prevention System (IPS) based on website and mobile applications. Attack detection focuses on ICMP and TCP port attacks with the latency time when the system responds to an attack is 99,89 ms (very good). The attack handling system was successfully carried out using Iptables against the attacker's IP that detected by the Suricata system through the website and mobile applications, to be given action which is divided into Drop, Reject and Accept. Administrators can quickly take the necessary precautions after receiving an automatic notification when the server is under attack via Telegram with an average speed is 3.41second. The ping attack, port scanning and ping of death (DoS) attacks resulted in an increase in the performance load on the local server with the initial conditions of CPU performance ranging from 10-19%, increasing when a ping attack occurred to 21,6%, memory 41,7%, and disk 19,6%. Port scanning increased by 85,9% CPU, memory 41,9%, and disk 20,3%. Ping of death increased CPU 90,4%, memory 42,9%, and disk 20,8%. Based on the tests that have been done, an excessive increase is found in the ping of death attack which results in server performance increasing to 90,4%, if the attack occurs for a long time then the server condition will be hang (damaged).

Songchang Jin,Songhe Jin,Shuqiang Yang,Xiang Zhu

DOI: https://doi.org/10.11591/telkomnika.v11i6.2666

2013-01-01

Abstract:With the rapid development of computer science and technology, network attack and defense has become an important research topic in the field of information security. Teaching on network attack and defense technology in universities and research institutions has a very strong experimental characteristic, but due to the special nature and the destructive characteristic of network attack and defense technology, it is difficult to carry out experiments. In this paper, we designed and implemented a parallel and distributed network security experiments platform on which experiments can be carried out through a web interface and network simulation scripts. We believe that it is also an excellent platform for teaching courses in operating systems and networking. The results of experiments in this paper show that the platform could provide the laboratory personnels with independent experimental environment, perfect experimental control functions, excellent data collection and analysis services, etc. DOI: http://dx.doi.org/10.11591/telkomnika.v11i6.2666

Ehab R. Mohamed,Heba M. Mansour,Osama M. El-Komy,,,

DOI: https://doi.org/10.54216/fpa.120101

2023-01-01

Abstract:In this paper, to protect software-defined networks (SDN) from various ARP attacks, we implement a three-dimensional algorithm (TDA). The main objective of TDA is to limit the methods by which attackers can breach SDN privacy and to prevent the three main types of ARP attacks, such as ARP flooding, ARP spoofing, and ARP broadcasting. This work discusses the three different ARP attack types, which are broken down into five different scenarios, and how the proposed solution detects and mitigates each one. We simulated the five attack scenarios by creating five Python scripts utilizing the Scapy library. And then we applied an efficient TDA to restrict the five scenarios of ARP attacks more efficiently and faster than existing methods. TDA provides the Ryu controller with a modified module to detect and mitigate these types of attacks, using a three-dimensional secure channel to analyze incoming ARP packets, which works as a filter that analyzes and filters incoming ARP packets from malicious ones, and then giving the controller the choice to forward or drop the packet. To simulate our investigation and apply our proposed solution, we used a Mininet emulator. To evaluate TDA, we calculated the delay times, accuracy controller's throughput, bandwidth, and other metrics. The results that we showed after applying TDA 100 times on our test scenarios indicate that the accuracy is 99.9% for the three stages and that the detection and mitigation times are very short compared to the existing solutions, which are that the minimum detection time is only from 0.1ms to 3.6ms, and the minimum mitigation time is only from 0.3ms to 2.9ms. We evaluated our algorithm by other important metrics such as controller bandwidth, which ranged from 18 GB/sec to 17.7 GB/sec in the cases before and after the attack and 16.5GB/sec in the case of attack; controller throughput, which recorded 1.72GB/sec in the case under the attack and reached 2.11GB/sec in the case after defense; and CPU utilization, which recorded 30.4% during the attack and reduced to 0.3% after mitigation. These metrics proved that our algorithm achieved the highest efficiency compared to other work in this field.

Aamir Shahzad,Malrey Lee,Neal Naixue Xiong,Gisung Jeong,Young-Keun Lee,Jae-Young Choi,Abdul Wheed Mahesar,Iftikhar Ahmad

DOI: https://doi.org/10.3390/s16030322

2016-03-03

Abstract:In Industrial systems, Supervisory control and data acquisition (SCADA) system, the pseudo-transport layer of the distributed network protocol (DNP3) performs the functions of the transport layer and network layer of the open systems interconnection (OSI) model. This study used a simulation design of water pumping system, in-which the network nodes are directly and wirelessly connected with sensors, and are monitored by the main controller, as part of the wireless SCADA system. This study also intends to focus on the security issues inherent in the pseudo-transport layer of the DNP3 protocol. During disassembly and reassembling processes, the pseudo-transport layer keeps track of the bytes sequence. However, no mechanism is available that can verify the message or maintain the integrity of the bytes in the bytes received/transmitted from/to the data link layer or in the send/respond from the main controller/sensors. To properly and sequentially keep track of the bytes, a mechanism is required that can perform verification while bytes are received/transmitted from/to the lower layer of the DNP3 protocol or the send/respond to/from field sensors. For security and byte verification purposes, a mechanism needs to be proposed for the pseudo-transport layer, by employing cryptography algorithm. A dynamic choice security buffer (SB) is designed and employed during the security development. To achieve the desired goals of the proposed study, a pseudo-transport layer stack model is designed using the DNP3 protocol open library and the security is deployed and tested, without changing the original design.

Adrian B. Silvestre,Julina Rose DL. De Ocampo

DOI: https://doi.org/10.47772/ijriss.2023.7856

2023-01-01

International Journal of Research and Innovation in Social Science

Abstract:Wireshark is an invaluable network analysis tool, yet its traffic sniffing abilities also introduce privacy and security risks. This study analyzed Wireshark’s capabilities, cyber threats enabled through its misuse, and challenges in regulating open-source software. A literature review examined technical details, risks, and legal violations including illegal access, data theft, and denial-of-service attacks. Interviews with law enforcement uncovered constraints in prohibiting publicly accessible tools like Wireshark directly. Results highlight nuanced challenges balancing innovation and cybersecurity. Recommended strategies within these limitations include access controls, professional standards, strong legal deterrents, public awareness campaigns, and robust network defenses. Ultimately, although directly policing open-source software is problematic, thoughtful multidimensional policies can still curb misuse while preserving liberties. This synthesis of technical, legal, and policy insights provides promising paths for wisely safeguarding society amidst rapid technological change.

Stefan Machmeier

2024-07-17

Abstract:In this age of digitalization, Internet services face more attacks than ever. An attacker's objective is to exploit systems and use them for malicious purposes. Such efforts are rising as vulnerable systems can be discovered and compromised through Internet-wide scanning. One known methodology besides traditional security leverages is to learn from those who attack it. A honeypot helps to collect information about an attacker by pretending to be a vulnerable target. Thus, how honeypots can contribute to a more secure infrastructure makes an interesting topic of research. This thesis will present a honeypot solution to investigate malicious activities in heiCLOUD and show that attacks have increased significantly. To detect attackers in restricted network zones at Heidelberg University, a new concept to discover leaks in the firewall will be created. Furthermore, to consider an attacker's point of view, a method for detecting honeypots at the transport level will be introduced. Lastly, a customized OpenSSH server that works as an intermediary instance will be presented to mitigate these efforts.

Cryptography and Security

Muhamad Al Fikri,Kalamullah Ramli,Dodi Sudiana

DOI: https://doi.org/10.1088/1757-899X/1077/1/012057

2021-03-16

IOP Conference Series: Materials Science and Engineering

Abstract:In the current era, the ownership of strategic information and the ability to effectively manage it has become a significant advantage. Reflecting on the experience of attacks on strategic communications in Indonesia, including the tapping of the former President Susilo Bambang Yudhoyono's conversation through the cellular network and President Jokowi's official residence, Indonesia has begun paying more attention to security in this sector. Device X is one of the secret strategic communication tools used in Indonesia. The XYZ Agency initiated the use of this device. As of 2020, there have been 1,284 units of Device X widely used by the army, police officers, and other strategic agencies in Indonesia. In its 5 years of operation, the XYZ Agency has researched the algorithm security used in Device X. However, there has never been a study of thwe security regarding the authentication and communication protocols of this device. This research aims to make a security analysis of voice communication and authentication protocols of Device X. The research was implemented using Scyther Tool as a formal verification approach. The analysis focuses on guaranteeing the confidentiality of information and authentication with four criteria, namely, secrecy, aliveness, synchronization, and agreement. The experimental results demonstrate that the authentication and voice communication protocol of Device X satisfy the secrecy criteria for transmitted confidential information but does not satisfy the criteria of aliveness, synchronization, and agreement on several entities involved in the protocol. Thus, it can be claimed that the authentication and voice communication protocol of Device X is provably secure based on the confidentiality aspect of information but is not secure in terms of authentication.

Juan Tamalaki Ohyver,Dian W. Chandra

DOI: https://doi.org/10.35870/jtik.v7i3.845

2023-07-01

Jurnal JTIK (Jurnal Teknologi Informasi dan Komunikasi)

Abstract:Jaringan virtual dalam lingkungan Server yang tervirtualisasi menggunakan Virtual Switch untuk menghubungkan lalu lintas jaringan pada Virtual Machine dengan jaringan fisik. Akan tetapi pada masa ini serangan yang dilancarkan oleh peretas seringkali terjadi pada lingkungan Server fisik maupun virtual. Peretasan pada keamanan jaringan komputer seringkali dilakukan oleh sekelompok orang yang ingin menembus suatu keamanan sebuah sistem. Aktivitas ini bertujuan untuk mencari, mendapatkan, mengubah, dan bahkan menghapus informasi. Maka dari itu penggunaan OpenvSwitch serta penerapan NIDS di dalamnya sangat berguna untuk keamanan jaringan virtual. Pada penelitian ini dilakukan simulasi untuk mencari tau seberapa besar persentase keberhasilan NIDS dalam mendeteksi serangan DOS yang diarahkan ke OpenvSwitch. Dari hasil penelitian ini, Persentase keberhasilan Snort dalam mendeteksi serangan di pengujian ini yaitu sekitar ± 75%.