Zang Li,Wenyuan Xu,Robert D. Miller,Wade Trappe

DOI: https://doi.org/10.1145/1161289.1161297

2006-01-01

Abstract:Although conventional cryptographic security mechanisms are essential to the overall problem of securing wireless networks, these techniques do not directly leverage the unique properties of the wireless domain to address security threats. The properties of the wireless medium are a powerful source of domain-specific information that can complement and enhance traditional security mechanisms. In this paper, we propose to utilize the fact that the radio channel decorre-lates rapidly in space, time and frequency in order to to establish new forms of authentication and confidentiality that operate at the physical layer and can be used to facilitate cross-layer security paradigms. Specifically, for authentication services, we illustrate two channel probing techniques that can be used to verify the authenticity of a transmitter. Similarly, for confidentiality, we examine several strategies for establishing shared secrets/keys between two communicators using the wireless medium. These strategies range from extracting keys from channel state information, to utilizing the channel variability to secretly disseminate keys. We then validate the feasibility of using physical layer techniques for securing wireless systems by presenting results from experiments involving the USRP/GNURadio software defined radio platform.

Haifeng Zhou,Chunming Wu,Ming Jiang,Boyang Zhou,Wen Gao,Tingting Pan,Min Huang

DOI: https://doi.org/10.1109/mcom.2015.7081074

IF: 9.03

2015-01-01

IEEE Communications Magazine

Abstract:The past few years have witnessed revolutionary advances in network technology. Along with new techniques such as SDN come lots of new network security challenges. Conventional network security mechanisms are incompetent to overcome these challenges, since they are built on a static network configuration that facilitates attackers in finding the weaknesses of a network. In this article, we conceive a novel conceptual network security mechanism, the evolving defense mechanism (EDM), to resolve current and future security problems. EDM is based on a bio-inspired idea of network configuration variations. According to the security requirements of the system, the user, and the network security state, EDM selects an efficient network configuration variation strategy to prevent corresponding security threats. Combined with SDN implementation, EDM resolves security problems from a new angle and is capable of evolving with new network security technology. We sketch a way to implement EDM and present its reference framework, which serves as an ecosystem and coexisting environment for various kinds of network configuration variations. The proposed mechanism avoids the deficiency of conventional mechanisms and has potential to cope with emerging security threats.

Lan Luo,Zhiguang Qin,Juan A. Wang

2009-01-01

Abstract:In the different kind of scale networks, the security issue has to be designed as both active and intelligent structure for suitable various operated environments. There are some block cipher algorithms used in the top layer but none published block ciphers are announced only design for the certain layer. So the intelligent application of different secure levels block ciphers for TCP/IP structure besides SSL, IPsec, WEP is this paper's approach. The standardized security protocol of block cipher is oriented to the public level, which is seldom considered basing on the different secure situation in Internet. The scalable and flexible block cipher application is another approach to currently secure standard. In order to expend networks member number easily, the machine learning and experts system are combined as an intelligent function in the design.

Jeppe Fredsgaard Blaabjerg,Aslan Askarov

DOI: https://doi.org/10.48550/arXiv.2106.12934

2021-06-24

Programming Languages

Abstract:Traffic analysis attacks pose a major risk for online security. Distinctive patterns in communication act as fingerprints, enabling adversaries to de-anonymise communicating parties or to infer sensitive information. Despite the attacks being known for decades, practical solution are scarce. Network layer countermeasures have relied on black box padding schemes that require significant overheads in latency and bandwidth to mitigate the attacks, without fundamentally preventing them, and the problem has received little attention in the language-based information flow literature. Language-based methods provide a strong foundation for fundamentally addressing security issues, but previous work has overwhelmingly assumed that interactive programs communicate over secure channels, where messages are undetectable by unprivileged adversaries. This assumption is too strong for online communication where packets can be trivially observed by eavesdropping. In this paper we introduce SELENE, a small language for principled, provably secure communication over channels where packets are publicly observable, and we demonstrate how our program level defence can reduce the latency and bandwidth overheads induced compared with program-agnostic defence mechanisms. We believe that our results constitute a step towards practical, secure online communication.

Zied Ben Houidi,Dario Rossi

DOI: https://doi.org/10.1016/j.comcom.2022.06.035

2022-07-25

Abstract:Boosted by deep learning, natural language processing (NLP) techniques have recently seen spectacular progress, mainly fueled by breakthroughs both in representation learning with word embeddings (e.g. word2vec) as well as novel architectures (e.g. transformers). This success quickly invited researchers to explore the use of NLP techniques to other fields, such as computer programming languages, with the promise to automate tasks in software programming (bug detection, code synthesis, code repair, cross language translation etc.). By extension, NLP has potential for application to network configuration languages as well, for instance considering tasks such as network configuration verification, synthesis, and cross-vendor translation. In this paper, we survey recent advances in deep learning applied to programming languages, for the purpose of code verification, synthesis and translation: in particularly, we review their training requirements and expected performance, and qualitatively assess whether similar techniques can benefit corresponding use-cases in networking.

Networking and Internet Architecture

Rui Xu,Gaolei Li,Zhaohui Yang,Mingzhe Chen,Yuchen Liu,Jianhua Li

DOI: https://doi.org/10.1109/wcnc57260.2024.10570800

2024-01-01

Abstract:Semantic communication has emerged as a revolutionary paradigm within wireless edge networks, showcasing remarkable communication efficiency. In contrast to traditional bit-level communication systems, semantic communication systems exhibit superior effectiveness and precision, particularly in scenarios characterized by low signal-to-noise ratios (SNR). Nonetheless, the privacy of semantic communication poses a critical challenge that demands attention. Once the attacker intercepts the semantic information through continuous eaves-dropping, the private data would be leaked under adversarial environment. Moreover, in low SNR scenario, joint optimization of anti -eavesdropping and privacy reconstruction has not yet been studied, coupled with the intricate nature of designing a cross-layer semantic protection strategy. To address this concern, this paper presents a covert and reliable semantic communication (CRSC) framework via full-duplex receiver to counter continuous eavesdropper by concealing the entire transmission process. Furthermore, a newly-defined metric, namely covert semantic throughput (CST), is introduced to quantify the system's performance. Furthermore, we formulate the maximization of average CST during the semantic transmission period as a multi-constraint optimization problem. Subsequently, we propose a reinforcement learning (RL)-empowered adaptation algorithm to address the formulated problem. Through simulation results, the effectiveness and feasibility of proposed CRSC framework are demonstrated, with an observed maximum average CST improvement of up to 42% compared to conventional communication systems in the low SNR scenario.

WM Li,ZT Li

DOI: https://doi.org/10.1117/12.572744

2005-01-01

Abstract:The wide use of network improves security risks, but the traditional network security tools are single-functional and they are difficult to extend and manage. These security tools can't fulfill the need of users. The paper presents a network security oriented language: NSL (Network Security Language). The language provides a common abstract layer of all kinds of security application. It can be used to construct multifunctional, distributed and extendable security applications, satisfying various and emergent security requirements. The paper describes its network oriented structures, features and three security mechanisms. The NSL interpreter implementation is also analyzed by the performance test. At last, the paper puts forward improving work which will be done in the future.

Chang Liu,Xiaohui Xie,Xinggong Zhang,Yong Cui

2024-04-29

Abstract:The networking field is characterized by its high complexity and rapid iteration, requiring extensive expertise to accomplish network tasks, ranging from network design, configuration, diagnosis and security. The inherent complexity of these tasks, coupled with the ever-changing landscape of networking technologies and protocols, poses significant hurdles for traditional machine learning-based methods. These methods often struggle to generalize and automate complex tasks in networking, as they require extensive labeled data, domain-specific feature engineering, and frequent retraining to adapt to new scenarios. However, the recent emergence of large language models (LLMs) has sparked a new wave of possibilities in addressing these challenges. LLMs have demonstrated remarkable capabilities in natural language understanding, generation, and reasoning. These models, trained on extensive data, can benefit the networking domain. Some efforts have already explored the application of LLMs in the networking domain and revealed promising results. By reviewing recent advances, we present an abstract workflow to describe the fundamental process involved in applying LLM for Networking. We introduce the highlights of existing works by category and explain in detail how they operate at different stages of the workflow. Furthermore, we delve into the challenges encountered, discuss potential solutions, and outline future research prospects. We hope that this survey will provide insight for researchers and practitioners, promoting the development of this interdisciplinary research field.

Networking and Internet Architecture,Artificial Intelligence

Mina Cecilie Wøien,Ferhat Ozgur Catak,Murat Kuzlu,Umit Cali

2024-07-12

Abstract:In recent years, neural networks have been used to implement symmetric cryptographic functions for secure communications. Extending this domain, the proposed approach explores the application of asymmetric cryptography within a neural network framework to safeguard the exchange between two communicating entities, i.e., Alice and Bob, from an adversarial eavesdropper, i.e., Eve. It employs a set of five distinct cryptographic keys to examine the efficacy and robustness of communication security against eavesdropping attempts using the principles of elliptic curve cryptography. The experimental setup reveals that Alice and Bob achieve secure communication with negligible variation in security effectiveness across different curves. It is also designed to evaluate cryptographic resilience. Specifically, the loss metrics for Bob oscillate between 0 and 1 during encryption-decryption processes, indicating successful message comprehension post-encryption by Alice. The potential vulnerability with a decryption accuracy exceeds 60\%, where Eve experiences enhanced adversarial training, receiving twice the training iterations per batch compared to Alice and Bob.

Cryptography and Security,Artificial Intelligence

Yudong Huang,Hongyang Du,Xinyuan Zhang,Dusit Niyato,Jiawen Kang,Zehui Xiong,Shuo Wang,Tao Huang

DOI: https://doi.org/10.48550/arXiv.2311.17474

2023-11-29

Networking and Internet Architecture

Abstract:The rapid evolution of network technologies and the growing complexity of network tasks necessitate a paradigm shift in how networks are designed, configured, and managed. With a wealth of knowledge and expertise, large language models (LLMs) are one of the most promising candidates. This paper aims to pave the way for constructing domain-adapted LLMs for networking. Firstly, we present potential LLM applications for vertical network fields and showcase the mapping from natural language to network language. Then, several enabling technologies are investigated, including parameter-efficient finetuning and prompt engineering. The insight is that language understanding and tool usage are both required for network LLMs. Driven by the idea of embodied intelligence, we propose the ChatNet, a domain-adapted network LLM framework with access to various external network tools. ChatNet can reduce the time required for burdensome network planning tasks significantly, leading to a substantial improvement in efficiency. Finally, key challenges and future research directions are highlighted.

Qi Qin,Yankai Rong,Guoshun Nan,Shaokang Wu,Xuefei Zhang,Qimei Cui,Xiaofeng Tao

2023-04-20

Abstract:Deep learning based semantic communication(DLSC) systems have shown great potential of making wireless networks significantly more efficient by only transmitting the semantics of the data. However, the open nature of wireless channel and fragileness of neural models cause DLSC systems extremely vulnerable to various attacks. Traditional wireless physical layer key (PLK), which relies on reciprocal channel and randomness characteristics between two legitimate users, holds the promise of securing DLSC. The main challenge lies in generating secret keys in the static environment with ultra-low/zero rate. Different from prior efforts that use relays or reconfigurable intelligent surfaces (RIS) to manipulate wireless channels, this paper proposes a novel physical layer semantic encryption scheme by exploring the randomness of bilingual evaluation understudy (BLEU) scores in the field of machine translation, and additionally presents a novel semantic obfuscation mechanism to provide further physical layer protections. Specifically, 1) we calculate the BLEU scores and corresponding weights of the DLSC system. Then, we generate semantic keys (SKey) by feeding the weighted sum of the scores into a hash function. 2) Equipped with the SKey, our proposed subcarrier obfuscation is able to further secure semantic communications with a dynamic dummy data insertion mechanism. Experiments show the effectiveness of our method, especially in the static wireless environment.

Cryptography and Security

Luca Caviglione

DOI: https://doi.org/10.3390/app11041641

2021-02-11

Applied Sciences

Abstract:Network covert channels are increasingly used to endow malware with stealthy behaviors, for instance to exfiltrate data or to orchestrate nodes of a botnet in a cloaked manner. Unfortunately, the detection of such attacks is difficult as network covert channels are often characterized by low data rates and defenders do not know in advance where the secret information has been hidden. Moreover, neutralization or mitigation are hard tasks, as they require to not disrupt legitimate flows or degrade the quality perceived by users. As a consequence, countermeasures are tightly coupled to specific channel architectures, leading to poorly generalizable and often scarcely scalable approaches. In this perspective, this paper investigates trends and challenges in the development of countermeasures against the most popular network covert channels. To this aim, we reviewed the relevant literature by considering approaches that can be effectively deployed to detect general injection mechanisms or threats observed in the wild. Emphasis has been put on enlightening trajectories that should be considered when engineering mitigation techniques or planning the research to face the increasing wave of information-hiding-capable malware. Results indicate that many works are extremely specialized and an effective strategy for taming security risks caused by network covert channels may benefit from high-level and general approaches. Moreover, mechanisms to prevent the exploitation of ambiguities should be already considered in early design phases of both protocols and services.

Ibrahim A. Alwhbi,Cliff C. Zou,Reem N. Alharbi

DOI: https://doi.org/10.3390/s24113509

IF: 3.9

2024-05-31

Sensors

Abstract:Encryption is a fundamental security measure to safeguard data during transmission to ensure confidentiality while at the same time posing a great challenge for traditional packet and traffic inspection. In response to the proliferation of diverse network traffic patterns from Internet-of-Things devices, websites, and mobile applications, understanding and classifying encrypted traffic are crucial for network administrators, cybersecurity professionals, and policy enforcement entities. This paper presents a comprehensive survey of recent advancements in machine-learning-driven encrypted traffic analysis and classification. The primary goals of our survey are two-fold: First, we present the overall procedure and provide a detailed explanation of utilizing machine learning in analyzing and classifying encrypted network traffic. Second, we review state-of-the-art techniques and methodologies in traffic analysis. Our aim is to provide insights into current practices and future directions in encrypted traffic analysis and classification, especially machine-learning-based analysis.

engineering, electrical & electronic,instruments & instrumentation,chemistry, analytical

Ayman M. Bahaa-Eldin

DOI: https://doi.org/10.48550/arXiv.1401.3592

2014-01-15

Abstract:This thesis aims to use intelligent systems to extend and improve performance and security of cryptographic techniques. Genetic algorithms framework for cryptanalysis problem is addressed. A novel extension to the differential cryptanalysis using genetic algorithm is proposed and a fitness measure based on the differential characteristics of the cipher being attacked is also proposed. The complexity of the proposed attack is shown to be less than quarter of normal differential cryptanalysis of the same cipher by applying the proposed attack to both the basic Substitution Permutation Network and the Feistel Network. The basic models of modern block ciphers are attacked instead of actual cipher to prove that the attack is applicable to other ciphers vulnerable to differential cryptanalysis. A new attack for block cipher based on the ability of neural networks to perform an approximation of mapping is proposed. A complete problem formulation is explained and implementation of the attack on some hypothetical Feistel cipher not vulnerable to differential or linear attacks is presented. A new block cipher based on the neural networks is proposed. A complete cipher structure is given and a key scheduling is also shown. The main properties of neural network being able to perform mapping between large dimension domains in a very fast and a very small memory compared to S-Boxes is used as a base for the cipher.

Neural and Evolutionary Computing,Cryptography and Security

Yi Zhao,Ke Xu,Qi Li,Haiyang Wang,Dan Wang,Min Zhu

DOI: https://doi.org/10.1007/s11432-021-3463-9

2022-01-01

Science China Information Sciences

Abstract:Although deep learning technologies have been widely exploited in many fields, they are vulnerable to adversarial attacks by adding small perturbations to legitimate inputs to fool targeted models. However, few studies have focused on intelligent networking in such an adversarial environment, which can pose serious security threats. In fact, while challenging intelligent networking, adversarial environments also bring about opportunities. In this paper, we, for the first time, simultaneously analyze the challenges and opportunities that the adversarial environment brings to intelligent networking. Specifically, we focus on challenges that the adversarial environment will pose on the existing intelligent networking. Furthermore, we investigate frameworks and approaches that combine adversarial machine learning with intelligent networking to solve the existing deficiencies of intelligent networking. Finally, we summarize the issues, including opportunities and challenges, which can allow researchers to focus on intelligent networking in adversarial environments.

Xinying Chen,Jianping An,Zehui Xiong,Chengwen Xing,Nan Zhao,F. Richard Yu,Arumugam Nallanathan

DOI: https://doi.org/10.1109/comst.2023.3263921

IF: 35.6

2023-01-01

IEEE Communications Surveys & Tutorials

Abstract:Information security has always been a critical issue in wireless networks. Apart from other secure techniques, covert communication emerges as a potential solution to security for wireless networks owing to its high-security level. In covert communication networks, the transmitter hides the transmitted signals into environmental or artificial noise by introducing randomness to avoid detection at the warden. By eliminating the existence of transmitted signals at the warden, information security can be preserved more solidly than other secure transmission techniques, i.e., without noticing the existence. Due to the promising security protection, covert communication has been successfully utilized in tremendous wireless communication scenarios. However, fundamental challenges in its practical implementation still exist, e.g., the effectiveness of randomness utilization, the low signal-to-interference-plus-noise ratio at legitimate users, etc. In this survey, we demonstrate a comprehensive review concentrating on the applications, solutions, and future challenges of covert communications. Specifically, the covert principle and research categories are first introduced. Then, the applications in the networks with different topologies and the effective covert techniques in the existing literature are reviewed. We also discuss the potential implementation of covert communications in future networks and the open challenges.

computer science, information systems,telecommunications

Tao Chen,Kai Lei,Kuai Xu

DOI: https://doi.org/10.1109/pccc.2014.7017100

2014-01-01

Abstract:The new named data networking (NDN) has shifted the Internet from today's IP-based packet-delivery model to the name-based data retrieval model. The architecture shift from IP addresses to named data results in effective content delivery via in-networking cache and direct object retrieval. However, this shift has also created challenges and obstacles for securing data objects and providing appropriate access control on named data due to broad data replications and the loss of network perimeters. This paper designs, implements, and evaluates an encryption and probability based access control model for NDN with video streaming service as a case study. In particularly, we explore a combination of public-key cryptography and symmetric ciphers to encrypt video data for preventing unauthorized access. In addition, we build a bloom-filter probabilistic data structure for pre-filtering Interests from consumers without desired credentials. Our experimental results have demonstrated the capabilities of the proposed model for providing access control while incurring low system and performance overhead on producers and consumers.

Haijiang Xie,Jizhong Zhao

DOI: https://doi.org/10.1007/s12083-014-0287-x

IF: 3.488

2014-01-01

Peer-to-Peer Networking and Applications

Abstract:The state of art authentication schemes are tightly linked with encryption or crypto systems, which provides concrete foundations to move towards the concept of access control by confirming the user identity. However the openness of the computer network makes the identity credentials vulnerable even transmitted as cipher text especially in lots of peer-to-peer (P2P) networks. The malicious attackers can possibly steal and fake the user identity by eavesdropping, hijacking, cryptanalysis and forging. In this paper, a novel identity authentication mechanism is proposed based on the reverse usage of the Network Covert Channel (NCC) which is originally designed by attackers to create stealth communication. Different from NCC, where the packet intervals can be exploited as the data carrier to transmit the unauthorized information, we exploit such capability in Network-Covert-Channel-based Identity Authentication (NCCIA) to transmit the identity tag. By validating user identity in a covert manner, we provide a more secure authentication method compared with many existing approaches. A NCCIA demo system is designed on a FTP Platform to verify our method. The experiments demonstrate the NCCIA can prevent the attackers from eavesdropping while maintaining transmission efficiency.

Geetanjali Bihani,Julia Taylor Rayz

DOI: https://doi.org/10.48550/arXiv.2203.06512

2022-03-13

Abstract:With data privacy becoming more of a necessity than a luxury in today's digital world, research on more robust models of privacy preservation and information security is on the rise. In this paper, we take a look at Natural Language Steganography (NLS) methods, which perform information hiding in natural language systems, as a means to achieve data security as well as confidentiality. We summarize primary challenges regarding the secrecy and imperceptibility requirements of these systems and propose potential directions of improvement, specifically targeting steganographic text quality. We believe that this study will act as an appropriate framework to build more resilient models of Natural Language Steganography, working towards instilling security within natural language-based neural models.

Computation and Language

Xin Mao,Yang Liu,Song Feng Lu,You Li

DOI: https://doi.org/10.4028/www.scientific.net/aef.6-7.932

2012-01-01

Advanced Engineering Forum

Abstract:Data privacy and integrity will be the crucial and significant factors in recent times for network applications. To deal with these security problems related to symmetric and asymmetric key types have been framed. In this paper, we suggest a new secure communications solution for a secure channel that combines the digital envelopes and digital signatures and implements with symmetric key algorithm of AES and the asymmetric key algorithm of ECC. The experiment result shows it’s a more perfect choice.