Van Heerden, R
Full Text Available according to the relevant types of attack scenarios depicted in the ontology. The two network attack instances are the Distributed Denial of Service attack on SpamHaus in 2013 and the theft of 42 million Rand ($6.7 million) from South African Postbank...
Van Heerden, RP
Full Text Available of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example, after the launch of a DDOS (Distributed Denial of Service) attack, zombie computers may still connect to the target...-scrap- value-of-a-hacked-pc-revisited/ . Lancor, L., & Workman, R. (2007). Using Google Hacking to Enhance Defense Strategies. ACM SIGCSE Bulletin, 39 (1), 491-495. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed Denial of Service...
Andrey L. Kozik
Full Text Available Computer network attacks (CNA is a no doubt actual theoretical and practical topic today. Espionage, public and private computer-systems disruptions committed by states have been a real life. States execute CNA's involving its agents or hiring private hacker groups. However, the application of lex lata remains unclear in practice and still undeveloped in doctrine. Nevertheless the international obligations, which states have accepted under the UN Charter and other treaties as well as customs - with any related exemptions and reservations - are still in force and create a legal framework, which one cannot ignore. Taking into account the intensity level or the consequences of a CNA the later could be considered as an unfriendly, but legal doing, or, as a use of force (prohibited under the article 2(4 of the UN Charter, or - in the case the proper threshold is taken - as an armed attack (which gives the victim-state the right to use force in self-defence under the customs and the article 51 of the UN Charter. Researches in the field of lex lata applicability to the CNAs could highlight gaps and week points of the nowadays legal regime. The subject is on agenda in western doctrine, and it is a pity - not in Russian one - the number of publication here is still unsatisfied. The article formulates issues related to CNAs and the modern international legal regime. The author explores the definition, legal volume of the term CNA, highlights main issues, which have to be analyzed from the point of the contemporary law.
...) vulnerable to computer network attack (CNA). Mission command and control can reduce the impact of the loss of command and control, but it can not overcome the vast and complex array of threats...
.... PDD-63 alerts the nation to prepare for impending cyber attacks. This paper examines the nature, scale, and likelihood of cyber attacks posited in PDD-63 and finds that the country does not face an imminent "electronic Pearl Harbor...
Nunes Leal Franqueira, V.
An important aspect of IT security governance is the proactive and continuous identification of possible attacks in computer networks. This is complicated due to the complexity and size of networks, and due to the fact that usually network attacks are performed in several steps. This thesis proposes
.... For the Commanders-in-Chief (CINCs), computer networking has proven especially useful in maintaining contact and sharing data with elements forward deployed as well as with host nation governments and agencies...
.... This paper will discuss current computer network defense and attack policy in the context of ends, ways and means, explain what is lacking in current policy and offer recommendations for improvement...
... (as opposed to physical and other forms of attack) . Information based attacks are attacks that can be carried out from anywhere in the world, while sipping cappuccino at an Internet cafe' or while enjoying the comfort of a living room armchair...
.... Such attacks are particularly problematic because they take place in a "virtual cyber world" that lacks the social, economic, legal, and physical barriers and protections that control and limit crime in the material world. Research outcomes include basic theory, a modeling framework for Internet worms and email viruses, a sensor for user profiling, and a simple protocol for enhancing wireless security.
Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct
The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.
Ahmad Shokuh Saljoughi
Full Text Available Today, cloud computing has become popular among users in organizations and companies. Security and efficiency are the two major issues facing cloud service providers and their customers. Since cloud computing is a virtual pool of resources provided in an open environment (Internet, cloud-based services entail security risks. Detection of intrusions and attacks through unauthorized users is one of the biggest challenges for both cloud service providers and cloud users. In the present study, artificial intelligence techniques, e.g. MLP Neural Network sand particle swarm optimization algorithm, were used to detect intrusion and attacks. The methods were tested for NSL-KDD, KDD-CUP datasets. The results showed improved accuracy in detecting attacks and intrusions by unauthorized users.
interpretive consideration. See Vienna Convention, supra note 51, art. 31(3). 69 On economic sanctions, see Paul Szasz , The Law of Economic Sanctions...COMPUTER NETWORK ATTACK AND THE USE OF FORCE IN INTERNATIONAL LAW : THOUGHTS ON A NORMATIVE FRAMEWORK MICHAEL N...Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law , no person shall be subject to a
Mohammad Nurul Afsar Shaon
Full Text Available A wormhole attack is one of the most critical and challenging security threats for wireless sensor networks because of its nature and ability to perform concealed malicious activities. This paper proposes an innovative wormhole detection scheme to detect wormhole attacks using computational intelligence and an artificial neural network (ANN. Most wormhole detection schemes reported in the literature assume the sensors are uniformly distributed in a network, and, furthermore, they use statistical and topological information and special hardware for their detection. However, these schemes may perform poorly in non-uniformly distributed networks, and, moreover, they may fail to defend against “out of band” and “in band” wormhole attacks. The aim of the proposed research is to develop a detection scheme that is able to detect all kinds of wormhole attacks in both uniformly and non-uniformly distributed sensor networks. Furthermore, the proposed research does not require any special hardware and causes no significant network overhead throughout the network. Most importantly, the probable location of the malicious nodes can be identified by the proposed ANN based detection scheme. We evaluate the efficacy of the proposed detection scheme in terms of detection accuracy, false positive rate, and false negative rate. The performance of the proposed algorithm is also compared with other machine learning techniques (i.e. SVM and regularized nonlinear logistic regression (LR based detection models. The simulation results show that proposed ANN based algorithm outperforms the SVM or LR based detection schemes in terms of detection accuracy, false positive rate, and false negative rates.
Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills, and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between
Full Text Available Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack. In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker.
Dejan V. Vuletić
Full Text Available Computer systems are a critical component of the human society in the 21st century. Economic sector, defense, security, energy, telecommunications, industrial production, finance and other vital infrastructure depend on computer systems that operate at local, national or global scales. A particular problem is that, due to the rapid development of ICT and the unstoppable growth of its application in all spheres of the human society, their vulnerability and exposure to very serious potential dangers increase. This paper analyzes some typical attacks on computer systems.
Full Text Available Usually, the existence of a complex network is considered an advantage feature and efforts are made to increase its robustness against an attack. However, there exist also harmful and/or malicious networks, from social ones like spreading hoax, corruption, phishing, extremist ideology, and terrorist support up to computer networks spreading computer viruses or DDoS attack software or even biological networks of carriers or transport centers spreading disease among the population. New attack strategy can be therefore used against malicious networks, as well as in a worst-case scenario test for robustness of a useful network. A common measure of robustness of networks is their disintegration level after removal of a fraction of nodes. This robustness can be calculated as a ratio of the number of nodes of the greatest remaining network component against the number of nodes in the original network. Our paper presents a combination of heuristics optimized for an attack on a complex network to achieve its greatest disintegration. Nodes are deleted sequentially based on a heuristic criterion. Efficiency of classical attack approaches is compared to the proposed approach on Barabási-Albert, scale-free with tunable power-law exponent, and Erdős-Rényi models of complex networks and on real-world networks. Our attack strategy results in a faster disintegration, which is counterbalanced by its slightly increased computational demands.
Bimal Kumar Mishra
Full Text Available SEIQR (Susceptible, Exposed, Infectious, Quarantined, and Recovered models for the transmission of malicious objects with simple mass action incidence and standard incidence rate in computer network are formulated. Threshold, equilibrium, and their stability are discussed for the simple mass action incidence and standard incidence rate. Global stability and asymptotic stability of endemic equilibrium for simple mass action incidence have been shown. With the help of Poincare Bendixson Property, asymptotic stability of endemic equilibrium for standard incidence rate has been shown. Numerical methods have been used to solve and simulate the system of differential equations. The effect of quarantine on recovered nodes is analyzed. We have also analyzed the behavior of the susceptible, exposed, infected, quarantine, and recovered nodes in the computer network.
in with our everyday life. This future is visible to everyone nowadays: terms like smartphone, cloud, sensor, network etc. are widely known and used in our everyday life. But what about the security of such systems. Ubiquitous computing devices can be limited in terms of energy, computing power and memory...... attacker remain somehow undened and still under extensive investigation. This Thesis explores the nature of the ubiquitous attacker with a focus on how she interacts with the physical world and it denes a model that captures the abilities of the attacker. Furthermore a quantitative implementation...
Presby, Timothy D
.... With the United States engaged in counter-insurgency operations against terrorist groups, synchronizing the effects of CNA with more traditional forms of kinetic attacks, as well as other instruments...
Shen, Dan; Chen, Genshe; Cruz, Jr., , Jose B; Blasch, Erik; Kruger, Martin
.... The protection and defense against cyber attacks to computer network is becoming inadequate as the hacker knowledge sophisticates and as the network and each computer system become more complex...
Van Heerden, R
Full Text Available The modern complexity of network attacks and their counter-measures (cyber operations) requires detailed planning. This paper presents a Network Attack Planning ontology which is aimed at providing support for planning such network operations within...
Trabelsi, Zouheir; Al Braiki, Arwa; Mathew, Sujith Samuel
The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laborat
Li, Yongcheng; Liu, Shumei; Yu, Yao; Cao, Ting
The security problem of computer network system is becoming more and more serious. The fundamental reason is that there are security vulnerabilities in the network system. Therefore, it’s very important to identify and reduce or eliminate these vulnerabilities before they are attacked. In this paper, we are interested in joint node and link attacks and propose a vulnerability evaluation method based on the overall connectivity of the network to defense this attack. Especially, we analyze the attack cost problem from the attackers’ perspective. The purpose is to find the set of least costs for joint links and nodes, and their deletion will lead to serious network connection damage. The simulation results show that the vulnerable elements obtained from the proposed method are more suitable for the attacking idea of the malicious persons in joint node and link attack. It is easy to find that the proposed method has more realistic protection significance.
Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.
enclave, as shown in Figure 11, is a common design for many secure networks. Different variations of a cyber-attack scenario can be rehearsed based...achieved a greater degree of success against multiple variations of an enemy network. E. ATTACK TYPES A primary goal of this thesis is to define and...2013.  R. Goldberg , “Architectural principles for virtual computer systems,” Ph.D. dissertation, Dept. of Comp. Sci., Harvard Univ., Cambridge
Wagner, Christoph; Eiselt, Michael; Grobe, Klaus
WDM-PON systems regained interest as low-cost solution for metro and access networks. We present a comparative analysis of resilience of wavelength-selective and wavelength-routed architectures against crosstalk attackers. We compare the vulnerability of these architectures against attacks...
Full Text Available Cloud computing is a new way of integrating a set of old technologies to implement a new paradigm that creates an avenue for users to have access to shared and configurable resources through internet on-demand. This system has many common characteristics with distributed systems, hence, the cloud computing also uses the features of networking. Thus the security is the biggest issue of this system, because the services of cloud computing is based on the sharing. Thus, a cloud computing environment requires some intrusion detection systems (IDSs for protecting each machine against attacks. The aim of this work is to present a classification of attacks threatening the availability, confidentiality and integrity of cloud resources and services. Furthermore, we provide literature review of attacks related to the identified categories. Additionally, this paper also introduces related intrusion detection models to identify and prevent these types of attacks.
Dejan Milan Tepšić
Full Text Available Security of wireless computer networks was initially secured with the WEP security protocol, which relies on the RC4 encryption algorithm and the CRC algorithm to check the integrity. The basic problems of the WEP are a short initialization vector, unsafe data integrity checking, using a common key, the lack of mechanisms for management and exchange of keys, the lack of protection from the endless insertion of the same package into the network, the lack of authentication of access points and the like. The consequences of these failures are easy attacks against the WEP network, namely their complete insecurity. Therefore, the work began on the IEEE 802.11i protocol, which should radically improve the security of wireless networks. Since the development of a protocol lasted, the WPA standard was released to offset the security gap caused by the WEP. The WPA also relies on RC4 and CRC algorithms, but brings temporary keys and the MIC algorithm for data integrity. The 802.1X authentication was introduced and common keys are no longer needed, since it is possible to use an authentication server. The length of the initialization vector was increased and the vector is obtained based on the packet serial number, in order to prevent the insertion of the same packet into the network. The weakness of the WPA security mechanism is the use of a common key. WPA2 (802.11i later appeared. Unlike the WPA mechanism that worked on old devices with the replacement of software, WPA2 requires new network devices that can perform AES encryption. AES replaces the RC4 algorithm and delivers much greater security. Data integrity is protected by encryption. Despite progress, there are still weaknesses in wireless networks. Attacks for denial of service are possible as well as spoofing package headers attacks. For now, it is not advisable to use wireless networks in environments where unreliability and unavailability are not tolerated. Introduction In the entire history of
Motter, Adilson E.; Lai, Ying-Cheng
We live in a modern world supported by large, complex networks. Examples range from financial markets to communication and transportation systems. In many realistic situations the flow of physical quantities in the network, as characterized by the loads on nodes, is important. We show that for such networks where loads can redistribute among the nodes, intentional attacks can lead to a cascade of overload failures, which can in turn cause the entire or a substantial part of the network to collapse. This is relevant for real-world networks that possess a highly heterogeneous distribution of loads, such as the Internet and power grids. We demonstrate that the heterogeneity of these networks makes them particularly vulnerable to attacks in that a large-scale cascade may be triggered by disabling a single key node. This brings obvious concerns on the security of such systems.
Sibai, Faisal M.
There has been a constant growing security concern with insider attacks on network accessible computer systems. Users with power credentials can do almost anything they want with the systems they own with very little control or oversight. Most breaches occurring nowadays by power users are considered legitimate access and not necessarily…
Aziz, Farhan M.
LTE/LTE-A networks have been successfully providing advanced broadband services to millions of users worldwide. Lately, it has been suggested to use LTE networks for mission-critical applications like public safety, smart grid and military communications. We have previously shown that LTE networks are vulnerable to Denial-of-Service (DOS) and loss of service attacks from smart jammers. In this paper, we extend our previous work on resilience of LTE networks to wideband multipath fading channel, SINR estimation in frequency domain and computation of utilities based on observable parameters under the framework of single-shot and repeated games with asymmetric information. In a single-shot game formulation, network utility is severely compromised at its solutions, i.e. at the Nash Equilibria (NE). We propose evolved repeated-game strategy algorithms to combat smart jamming attacks that can be implemented in existing deployments using current technology. © 2015 IEEE.
Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet
Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.
Kornbluth, Yosef; Barach, Gilad; Tuchman, Yaakov; Kadish, Benjamin; Cwilich, Gabriel; Buldyrev, Sergey V.
We study the cascading failure of networks due to overload, using the betweenness centrality of a node as the measure of its load following the Motter and Lai model. We study the fraction of survived nodes at the end of the cascade pf as a function of the strength of the initial attack, measured by the fraction of nodes p that survive the initial attack for different values of tolerance α in random regular and Erdös-Renyi graphs. We find the existence of a first-order phase-transition line pt(α ) on a p -α plane, such that if p pt , pf is large and the giant component of the network is still present. Exactly at pt, the function pf(p ) undergoes a first-order discontinuity. We find that the line pt(α ) ends at a critical point (pc,αc) , in which the cascading failures are replaced by a second-order percolation transition. We find analytically the average betweenness of nodes with different degrees before and after the initial attack, we investigate their roles in the cascading failures, and we find a lower bound for pt(α ) . We also study the difference between localized and random attacks.
N. U. Ahmed
Full Text Available In this paper, we construct a new dynamic model for the Token Bucket (TB algorithm used in computer networks and use systems approach for its analysis. This model is then augmented by adding a dynamic model for a multiplexor at an access node where the TB exercises a policing function. In the model, traffic policing, multiplexing and network utilization are formally defined. Based on the model, we study such issues as (quality of service QoS, traffic sizing and network dimensioning. Also we propose an algorithm using feedback control to improve QoS and network utilization. Applying MPEG video traces as the input traffic to the model, we verify the usefulness and effectiveness of our model.
Sun, Yanqiang; Wang, Xiaodong; Zhou, Xingming
Classical jamming attack models in the time domain have been proposed, such as constant jammer, random jammer, and reactive jammer. In this letter, we consider a new problem: given k jammers, how does the attacker minimize the pair-wise connectivity among the nodes in a Wireless Sensor Network (WSN)? We call this problem k-Jammer Deployment Problem (k-JDP). To the best of our knowledge, this is the first attempt at considering the position-critical jamming attack against wireless sensor network. We mainly make three contributions. First, we prove that the decision version of k-JDP is NP-complete even in the ideal situation where the attacker has full knowledge of the topology information of sensor network. Second, we propose a mathematical formulation based on Integer Programming (IP) model which yields an optimal solution. Third, we present a heuristic algorithm HAJDP, and compare it with the IP model. Numerical results show that our heuristic algorithm is computationally efficient.
Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.
means of their computer information systems. Disrupt - This type of attack focuses on disrupting as “attackers might surreptitiously reprogram enemy...by reprogramming the computers that control distribution within the power grid. A disruption attack introduces disorder and inhibits the effective...between commanders. The use of methodologies is widespread and done subconsciously to assist individuals in decision making. The processes that
Safarik, Jakub; Voznak, Miroslav; Mehic, Miralem; Partila, Pavol; Mikulec, Martin
Various types of monitoring mechanism allow us to detect and monitor behavior of attackers in VoIP networks. Analysis of detected malicious traffic is crucial for further investigation and hardening the network. This analysis is typically based on statistical methods and the article brings a solution based on neural network. The proposed algorithm is used as a classifier of attacks in a distributed monitoring network of independent honeypot probes. Information about attacks on these honeypots is collected on a centralized server and then classified. This classification is based on different mechanisms. One of them is based on the multilayer perceptron neural network. The article describes inner structure of used neural network and also information about implementation of this network. The learning set for this neural network is based on real attack data collected from IP telephony honeypot called Dionaea. We prepare the learning set from real attack data after collecting, cleaning and aggregation of this information. After proper learning is the neural network capable to classify 6 types of most commonly used VoIP attacks. Using neural network classifier brings more accurate attack classification in a distributed system of honeypots. With this approach is possible to detect malicious behavior in a different part of networks, which are logically or geographically divided and use the information from one network to harden security in other networks. Centralized server for distributed set of nodes serves not only as a collector and classifier of attack data, but also as a mechanism for generating a precaution steps against attacks.
The growing complexity of interactions between computers and networks makes the subject of network security a very interesting one. As our dependence on the services provided by computing networks grows, so does our investment in such technology. In this situation, there is a greater risk of occurrence of targeted malicious attacks on computers…
Full Text Available In wireless networks, an attacker can tune a receiver and tap the communication between two nodes. Whether or not some meaningful information is obtained by tapping a wireless connection depends on the transmission scheme. In this paper, we design some secure network coding by combining information-theoretic approaches with cryptographic approaches. It ensures that the wiretapper cannot get any meaningful information no matter how many channels are wiretapped. In addition, if each source packet is augmented with a hash symbol which is computed from a simple nonlinear polynomial function of the data symbols, then the probability of detecting the modification is very high.
Saha, Sudip; Vullinati, Anil K.; Halappanavar, Mahantesh; Chatterjee, Samrat
We investigate efficient security control methods for protecting against vulnerabilities in networked systems. A large number of interdependent vulnerabilities typically exist in the computing nodes of a cyber-system; as vulnerabilities get exploited, starting from low level ones, they open up the doors to more critical vulnerabilities. These cannot be understood just by a topological analysis of the network, and we use the attack graph abstraction of Dewri et al. to study these problems. In contrast to earlier approaches based on heuristics and evolutionary algorithms, we study rigorous methods for quantifying the inherent vulnerability and hardening cost for the system. We develop algorithms with provable approximation guarantees, and evaluate them for real and synthetic attack graphs.
Be cautious of any unexpected messages containing web links even if they appear to come from known contacts. If you happen to click on such a link and if your permission is requested to run or install software, always decline it. Several computers at CERN have recently been broken into by attackers who have tricked users of Instant Messaging applications (e.g. MSN, Yahoo Messenger, etc.) into clicking on web links which appeared to come from known contacts. The links appeared to be photos from ‘friends’ and requested software to be installed. In practice, attacker software was installed and the messages did not come from real contacts. In the past such fake messages were mainly sent by email but now a wider range of applications are being targeted, including Instant Messaging. Cybercriminals are making growing use of fake messages to try to trick you into clicking on Web links which will help them to install malicious software on your computer. Anti-virus software cann...
Gao, Yan-Li; Chen, Shi-Ming; Nie, Sen; Ma, Fei; Guan, Jun-Jie
The robustness of complex networks under attacks largely depends on the structure of a network and the nature of the attacks. Previous research on interdependent networks has focused on two types of initial attack: random attack and degree-based targeted attack. In this paper, a deliberate attack function is proposed, where six kinds of deliberate attacking strategies can be derived by adjusting the tunable parameters. Moreover, the robustness of four types of interdependent networks (BA-BA, ER-ER, BA-ER and ER-BA) with different coupling modes (random, positive and negative correlation) is evaluated under different attacking strategies. Interesting conclusions could be obtained. It can be found that the positive coupling mode can make the vulnerability of the interdependent network to be absolutely dependent on the most vulnerable sub-network under deliberate attacks, whereas random and negative coupling modes make the vulnerability of interdependent network to be mainly dependent on the being attacked sub-network. The robustness of interdependent network will be enhanced with the degree-degree correlation coefficient varying from positive to negative. Therefore, The negative coupling mode is relatively more optimal than others, which can substantially improve the robustness of the ER-ER network and ER-BA network. In terms of the attacking strategies on interdependent networks, the degree information of node is more valuable than the betweenness. In addition, we found a more efficient attacking strategy for each coupled interdependent network and proposed the corresponding protection strategy for suppressing cascading failure. Our results can be very useful for safety design and protection of interdependent networks.
Van Heerden, RP
Full Text Available Computer network attacks are difficult to simulate due to the damage they may cause to live networks and the complexity required simulating a useful network. We constructed a virtualised network within a vSphere ESXi environment which is able...
Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.
Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)
Full Text Available Cloud computing is a trending technology, as it reduces the cost of running a business. However, many companies are skeptic moving about towards cloud due to the security concerns. Based on the Cloud Security Alliance report, Denial of Service (DoS attacks are among top 12 attacks in the cloud computing. Therefore, it is important to develop a mechanism for detection and prevention of these attacks. The aim of this paper is to evaluate Support Vector Machine (SVM algorithm in creating the model for classification of DoS attacks and normal network behaviors. The study was performed in several phases: a attack simulation, b data collection, cfeature selection, and d classification. The proposedmodel achieved 100% classification accuracy with true positive rate (TPR of 100%. SVM showed outstanding performance in DoS attack detection and proves that it serves as a valuable asset in the network security area.
Full Text Available Wireless sensor networks are now used in various fields. The information transmitted in the wireless sensor networks is very sensitive, so the security issue is very important. DOS (denial of service attacks are a fundamental threat to the functioning of wireless sensor networks. This paper describes some of the most common DOS attacks and potential methods of protection against them. The case study shows one of the most frequent attacks on wireless sensor networks – the interference attack. In the introduction of this paper authors assume that the attack interference can cause significant obstruction of wireless sensor networks. This assumption has been proved in the case study through simulation scenario and simulation results.
Kang, Sin Bok; Han, Eon Suk [Korea Atomic Energy Research Institute, Taejon (Korea, Republic of)
Recently, as the computer hardware and communications are developed, the data exchange through inter-networking has been highlighted and the data is being recognized as a great asset. Most of the organizations, businesses and enterprises are open to the external world-computer communication networks, attention must be focused on the securities of the information infrastructure. A government organization has been developing 'Circuits Analyzers', and 'Hacker-Tracking Program' and is struggling to track down sneakers. In this report, we analyze the contents of the cases where the communication network has been invaded, from the past up until now in Korea. This report also contains the result of a study on E-mail security, for the protection of KAERI Integrated Management Information System under which utilizes the CALS concepts and web services. (Author)
Kang, Sin Bok; Han, Eon Suk
Recently, as the computer hardware and communications are developed, the data exchange through inter-networking has been highlighted and the data is being recognized as a great asset. Most of the organizations, businesses and enterprises are open to the external world-computer communication networks, attention must be focused on the securities of the information infrastructure. A government organization has been developing 'Circuits Analyzers', and 'Hacker-Tracking Program' and is struggling to track down sneakers. In this report, we analyze the contents of the cases where the communication network has been invaded, from the past up until now in Korea. This report also contains the result of a study on E-mail security, for the protection of KAERI Integrated Management Information System under which utilizes the CALS concepts and web services. (Author)
Wu, J; Deng, H Z; Tan, Y J; Zhu, D Z
We study the vulnerability of complex networks under intentional attack with incomplete information, which means that one can only preferentially attack the most important nodes among a local region of a network. The known random failure and the intentional attack are two extreme cases of our study. Using the generating function method, we derive the exact value of the critical removal fraction f c of nodes for the disintegration of networks and the size of the giant component. To validate our model and method, we perform simulations of intentional attack with incomplete information in scale-free networks. We show that the attack information has an important effect on the vulnerability of scale-free networks. We also demonstrate that hiding a fraction of the nodes information is a cost-efficient strategy for enhancing the robustness of complex networks
Heerden , Renier ,; Pieterse , Heloise; Irwin , Barry
Part 4: Section 3: ICT for Peace and War; International audience; This paper presents eight of the most significant computer hacking events (also known as computer attacks). These events were selected because of their unique impact, methodology, or other properties. A temporal computer attack model is presented that can be used to model computer based attacks. This model consists of the following stages: Target Identification, Reconnaissance, Attack, and Post-Attack Reconnaissance stages. The...
Aziz, Farhan M.; Shamma, Jeff S.; Stuber, Gordon L.
Commercial LTE networks are being studied for mission-critical applications, such as public safety and smart grid communications. In this paper, LTE networks are shown vulnerable to Denial-of-Service (DOS) and loss of service attacks from smart
Diaz, Alvaro; Sanchez, Pablo
The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.
Diaz, Alvaro; Sanchez, Pablo
The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710
Van Heerden, RP
Full Text Available ) or to the target?s reputation. The Residue sub-phase refers to damage or artefacts of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example after the launch of a DDOS..., A. (1995). Hacking theft of $10 million from citibank revealed. Retrieved 10/10, 2011, from http://articles.latimes.com/1995-08-19/business/fi-36656_1_citibank-system Hurley, E. (2004). SCO site succumbs to DDoS attack. Retrieved 10/10, 2011, from...
Kumar, K. E. Naresh; Waheed, Mohd. Abdul; Basappa, K. Kari
Do In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink node without maintaining any routing state in the sensor nodes is possible. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many sensor network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called packet leashes, for detecting and thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes.
Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata
Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maxi...
Full Text Available The paper outlines a bioinspired approach named “network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed prosedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine nessesary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described.
Shorov, Andrey; Kotenko, Igor
The paper outlines a bioinspired approach named "network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed procedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine necessary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described.
Wang Xingang; Guan Shuguang; Lai, Choy Heng
It is well known that heterogeneous networks are vulnerable to the intentional removal of a small fraction of highly connected or loaded nodes, implying that to protect the network effectively, the important nodes should be allocated more defense resource than the others. However, if too much resource is allocated to the few important nodes, the numerous less-important nodes will be less protected, which if attacked together can still lead to devastating damage. A natural question is therefore how to efficiently distribute the limited defense resource among the network nodes such that the network damage is minimized against any attack strategy. In this paper, taking into account the factor of attack cost, the problem of network security is reconsidered in terms of efficient network defense against cost-based attacks. The results show that, for a general complex network, there exists an optimal distribution of the defense resource with which the network is best protected from cost-based attacks. Furthermore, it is found that the configuration of the optimal defense is dependent on the network parameters. Specifically, networks of larger size, sparser connection and more heterogeneous structure will more likely benefit from the defense optimization.
Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For
The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial...... and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally...... to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes....
Full Text Available In modern warfare it is no longer sufficient to only focus on physical attacks and counter-measures; the threat against cyber networks is becoming increasingly significant. Modern military forces have to provide counter measures against...
Wang, Liang-Min; Shi, Yang
Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by d...
Bukhanov, D. G.; Polyakov, V. M.
The paper considers an approach to intrusion detection systems using a neural network of adaptive resonant theory. It suggests the structure of an intrusion detection system consisting of two types of program modules. The first module manages connections of user applications by preventing the undesirable ones. The second analyzes the incoming network traffic parameters to check potential network attacks. After attack detection, it notifies the required stations using a secure transmission channel. The paper describes the experiment on the detection and recognition of network attacks using the test selection. It also compares the obtained results with similar experiments carried out by other authors. It gives findings and conclusions on the sufficiency of the proposed approach. The obtained information confirms the sufficiency of applying the neural networks of adaptive resonant theory to analyze network traffic within the intrusion detection system.
Many international terrorist groups now actively use computers and the Internet to communicate, and several may develop or acquire the necessary technical skills to direct a coordinated attack against...
Safarik, Jakub; Slachta, Jiri
The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.
...) attacks targeting its management and media access protocols Computer simulation models have proven to be effective tools in the study of cause and effect in numerous fields This thesis involved the design and implementation of a IEEE 8O2.11-based simulation model using OMNeT++, to investigate the effects of different types of DoS attacks on a IEEE 8O2.11 network, and the effectiveness of corresponding countermeasures.
Zheng, Bojin; Huang, Dan; Li, Deyi; Chen, Guisheng; Lan, Wenfei
It is a mainstream idea that scale-free network would be fragile under the selective attacks. Internet is a typical scale-free network in the real world, but it never collapses under the selective attacks of computer viruses and hackers. This phenomenon is different from the deduction of the idea above because this idea assumes the same cost to delete an arbitrary node. Hence this paper discusses the behaviors of the scale-free network under the selective node attack with different cost. Through the experiments on five complex networks, we show that the scale-free network is possibly robust under the selective node attacks; furthermore, the more compact the network is, and the larger the average degree is, then the more robust the network is; with the same average degrees, the more compact the network is, the more robust the network is. This result would enrich the theory of the invulnerability of the network, and can be used to build robust social, technological and biological networks, and also has the potential to find the target of drugs.
Mikalas, Antonis; Komninos, Nikos; Prasad, Neeli R.
In this chapter, we present techniques to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. In the _rst part, we describe client puzzle techniques that are based on the idea of computationally exhausting a malicious user when he attempts to launch an attack. In the ......In this chapter, we present techniques to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. In the _rst part, we describe client puzzle techniques that are based on the idea of computationally exhausting a malicious user when he attempts to launch an attack....... In the second part we are introducing some basic principles of game theory and we discuss how game theoretical frameworks can protect computer networks. Finally, we show techniques that combine client puzzles with game theory in order to provide DoS and DDoS resilience....
Full Text Available WSNs (Wireless Sensor Networks comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs
Qabulio, M.; Malkani, Y.A.
WSNs (Wireless Sensor Networks) comprise a large number of small, inexpensive, low power and memory constrained sensing devices (called sensor nodes) that are densely deployed to measure a given physical phenomenon. Since WSNs are commonly deployed in a hostile and unattended environment, it is easy for an adversary to physically capture one or more legitimate sensor nodes, re-program and redeploy them in the network. As a result, the adversary becomes able to deploy several identical copies of physically captured nodes in the network in order to perform illegitimate activities. This type of attack is referred to as Node Replication Attack or Clone Node Attack. By launching node replication attack, an adversary can easily get control on the network which consequently is the biggest threat to confidentiality, integrity and availability of data and services. Thus, detection and prevention of node replication attack in WSNs has become an active area of research and to date more than two dozen schemes have been proposed, which address this issue. In this paper, we present a comprehensive review, classification and comparative analysis of twenty five of these schemes which help to detect and/or prevent node replication attack in WSNs. (author)
Kamuru, Harshitha; Nijim, Mais
In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no firewall can prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be gathered. This information gathering typically takes the form of various types of scans to determine available hosts, networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a machine can be located by port scans. Screens cover a wide variety of attack traffic
Aziz, Farhan M.; Shamma, Jeff S.; Stuber, Gordon L.
communications. We have previously shown that LTE networks are vulnerable to Denial-of-Service (DOS) and loss of service attacks from smart jammers. In this paper, we extend our previous work on resilience of LTE networks to wideband multipath fading channel
Robertazzi, Thomas G
This book gives a broad look at both fundamental networking technology and new areas that support it and use it. It is a concise introduction to the most prominent, recent technological topics in computer networking. Topics include network technology such as wired and wireless networks, enabling technologies such as data centers, software defined networking, cloud and grid computing and applications such as networks on chips, space networking and network security. The accessible writing style and non-mathematical treatment makes this a useful book for the student, network and communications engineer, computer scientist and IT professional. • Features a concise, accessible treatment of computer networking, focusing on new technological topics; • Provides non-mathematical introduction to networks in their most common forms today;< • Includes new developments in switching, optical networks, WiFi, Bluetooth, LTE, 5G, and quantum cryptography.
sufficient base of knowledge in information technology can be assumed to be working on some form of computer network warfare, even if only defensive in...the Defense Information Infrastructure (DII) to attack. Transmission Control Protocol/ Internet Protocol (TCP/IP) networks are inherently resistant to...aims to create this part of information superiority, and computer network defense is one of its fundamental components. Most of these efforts center
Xin, Liangxiao; Starobinski, David; Noubir, Guevara
We unveil the existence of a vulnerability in Wi-Fi, which allows an adversary to remotely launch a Denial-of-Service (DoS) attack that propagates both in time and space. This vulnerability stems from a coupling effect induced by hidden nodes. Cascading DoS attacks can congest an entire network and do not require the adversary to violate any protocol. We demonstrate the feasibility of such attacks through experiments with real Wi-Fi cards, extensive ns-3 simulations, and theoretical analysis....
Full Text Available Many complex systems can be described by networks, in which the constituent components are represented by vertices and the connections between the components are represented by edges between the corresponding vertices. A fundamental issue concerning complex networked systems is the robustness of the overall system to the failure of its constituent parts. Since the degree to which a networked system continues to function, as its component parts are degraded, typically depends on the integrity of the underlying network, the question of system robustness can be addressed by analyzing how the network structure changes as vertices are removed. Previous work has considered how the structure of complex networks change as vertices are removed uniformly at random, in decreasing order of their degree, or in decreasing order of their betweenness centrality. Here we extend these studies by investigating the effect on network structure of targeting vertices for removal based on a wider range of non-local measures of potential importance than simply degree or betweenness. We consider the effect of such targeted vertex removal on model networks with different degree distributions, clustering coefficients and assortativity coefficients, and for a variety of empirical networks.
M. Saud Khan
Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Identity based attacks such as spoofing and sybil not only compromise the network but also slow down its performance. This paper proposes a low complexity sybil attack detection scheme, that is, based on signed response (SRES authentication mechanism developed for Global System for Mobile (GSM communications. A probabilistic model is presented which analyzes the proposed authentication mechanism for its probability of sybil attack. The paper also presents a simulation based comparative analysis of the existing sybil attack schemes with respect to the proposed scheme. It is observed that the proposed sybil detection scheme exhibits lesser computational cost and power consumption as compared to the existing schemes for the same sybil detection performance.
Aziz, Farhan M.
Commercial LTE networks are being studied for mission-critical applications, such as public safety and smart grid communications. In this paper, LTE networks are shown vulnerable to Denial-of-Service (DOS) and loss of service attacks from smart jammers, who may employ simple narrowband jamming techniques to attack without any need to hack the network or its users. We modeled the utilities of jamming and anti-jamming actions played by the jammer and the network under the framework of single-shot and repeated Bayesian games. In a single-shot game formulation the only Nash Equilibria (NE) are pure strategy equilibria at which network utility is severely compromised. We propose a repeated-game learning and strategy algorithm for the network that outperforms single-shot games by a significant margin. Furthermore, all of our proposed actions and algorithms can be implemented with current technology.
Vladislav D. Veksler; Norbou Buchler; Blaine E. Hoffman; Daniel N. Cassenti; Char Sample; Shridat Sugrim
Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision li...
Full Text Available Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by discussing and comparing the communication cost and detection probability with some existing methods.
Techniques for network-based intrusion detection have been evolving for years, and the focus of most research is on detection algorithms, although networks are distributed and dynamically managed nowadays. A data processing framework is required that allows to embed multiple detection techniques and to provide data with the needed aggregation levels. Within that framework, this work concentrates on methods that improve the interoperability of intrusion detection techniques and focuses on data...
Hasegawa, Takehisa; Masuda, Naoki
We study the effect of vaccination on the robustness of networks against propagating attacks that obey the susceptible–infected–removed model. By extending the generating function formalism developed by Newman (2005 Phys. Rev. Lett. 95 108701), we analytically determine the robustness of networks that depends on the vaccination parameters. We consider the random defense where nodes are vaccinated randomly and the degree-based defense where hubs are preferentially vaccinated. We show that, when vaccines are inefficient, the random graph is more robust against propagating attacks than the scale-free network. When vaccines are relatively efficient, the scale-free network with the degree-based defense is more robust than the random graph with the random defense and the scale-free network with the random defense
Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun
Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.
Safarik, Jakub; Voznak, MIroslav; Rezac, Filip; Partila, Pavol; Tomala, Karel
There are many ways of getting real data about malicious activity in a network. One of them relies on masquerading monitoring servers as a production one. These servers are called honeypots and data about attacks on them brings us valuable information about actual attacks and techniques used by hackers. The article describes distributed topology of honeypots, which was developed with a strong orientation on monitoring of IP telephony traffic. IP telephony servers can be easily exposed to various types of attacks, and without protection, this situation can lead to loss of money and other unpleasant consequences. Using a distributed topology with honeypots placed in different geological locations and networks provides more valuable and independent results. With automatic system of gathering information from all honeypots, it is possible to work with all information on one centralized point. Communication between honeypots and centralized data store use secure SSH tunnels and server communicates only with authorized honeypots. The centralized server also automatically analyses data from each honeypot. Results of this analysis and also other statistical data about malicious activity are simply accessible through a built-in web server. All statistical and analysis reports serve as information basis for an algorithm which classifies different types of used VoIP attacks. The web interface then brings a tool for quick comparison and evaluation of actual attacks in all monitored networks. The article describes both, the honeypots nodes in distributed architecture, which monitor suspicious activity, and also methods and algorithms used on the server side for analysis of gathered data.
Springer Brief Basics of Computer Networking provides a non-mathematical introduction to the world of networks. This book covers both technology for wired and wireless networks. Coverage includes transmission media, local area networks, wide area networks, and network security. Written in a very accessible style for the interested layman by the author of a widely used textbook with many years of experience explaining concepts to the beginner.
Urias, Vincent; Stout, William M. S.; Loverro, Caleb
A method and apparatus for protecting virtual machines. A computer system creates a copy of a group of the virtual machines in an operating network in a deception network to form a group of cloned virtual machines in the deception network when the group of the virtual machines is accessed by an adversary. The computer system creates an emulation of components from the operating network in the deception network. The components are accessible by the group of the cloned virtual machines as if the group of the cloned virtual machines was in the operating network. The computer system moves network connections for the group of the virtual machines in the operating network used by the adversary from the group of the virtual machines in the operating network to the group of the cloned virtual machines, enabling protecting the group of the virtual machines from actions performed by the adversary.
Collins, Michael Joseph
The simplest conceptual model of cybersecurity implicitly views attackers and defenders as acting in isolation from one another: an attacker seeks to penetrate or disrupt a system that has been protected to a given level, while a defender attempts to thwart particular attacks. Such a model also views all non-malicious parties as having the same goal of preventing all attacks. But in fact, attackers and defenders are interacting parts of the same system, and different defenders have their own individual interests: defenders may be willing to accept some risk of successful attack if the cost of defense is too high. We have used game theory to develop models of how non-cooperative but non-malicious players in a network interact when there is a substantial cost associated with effective defensive measures. Although game theory has been applied in this area before, we have introduced some novel aspects of player behavior in our work, including: (1) A model of how players attempt to avoid the costs of defense and force others to assume these costs; (2) A model of how players interact when the cost of defending one node can be shared by other nodes; and (3) A model of the incentives for a defender to choose less expensive, but less effective, defensive actions.
Annibale, A; Coolen, A C C; Bianconi, G
We study the resilience of complex networks against attacks in which nodes are targeted intelligently, but where disabling a node has a cost to the attacker which depends on its degree. Attackers have to meet these costs with limited resources, which constrains their actions. A network's integrity is quantified in terms of the efficacy of the process that it supports. We calculate how the optimal attack strategy and the most attack-resistant network degree statistics depend on the node removal cost function and the attack resources. The resilience of networks against intelligent attacks is found to depend strongly on the node removal cost function faced by the attacker. In particular, if node removal costs increase sufficiently fast with the node degree, power law networks are found to be more resilient than Poissonian ones, even against optimized intelligent attacks. For cost functions increasing quadratically in the node degrees, intelligent attackers cannot damage the network more than random damages would.
Gelenbe, Erol; Gellman, Michael; Loukas, George
Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.
Full Text Available Social network analysis aims to obtain relational data from social systems to identify leaders, roles, and communities in order to model profiles or predict a specific behavior in users’ network. Preserving anonymity in social networks is a subject of major concern. Anonymity can be compromised by disclosing senders’ or receivers’ identity, message content, or sender-receiver relationships. Under strongly incomplete information, a statistical disclosure attack is used to estimate the network and node characteristics such as centrality and clustering measures, degree distribution, and small-world-ness. A database of email networks in 29 university faculties is used to study the method. A research on the small-world-ness and Power law characteristics of these email networks is also developed, helping to understand the behavior of small email networks.
Portela, Javier; García Villalba, Luis Javier; Silva Trujillo, Alejandra Guadalupe; Sandoval Orozco, Ana Lucila; Kim, Tai-Hoon
Social network analysis aims to obtain relational data from social systems to identify leaders, roles, and communities in order to model profiles or predict a specific behavior in users’ network. Preserving anonymity in social networks is a subject of major concern. Anonymity can be compromised by disclosing senders’ or receivers’ identity, message content, or sender-receiver relationships. Under strongly incomplete information, a statistical disclosure attack is used to estimate the network and node characteristics such as centrality and clustering measures, degree distribution, and small-world-ness. A database of email networks in 29 university faculties is used to study the method. A research on the small-world-ness and Power law characteristics of these email networks is also developed, helping to understand the behavior of small email networks. PMID:27809275
Milovanov, Alexander; Bukshpun, Leonid; Pradhan, Ranjit
A new intelligent mechanism is presented to protect networks against the new generation of cyber attacks. This mechanism integrates TCP/UDP/IP protocol stack protection and attacker/intruder deception to eliminate existing TCP/UDP/IP protocol stack vulnerabilities. It allows to detect currently undetectable, highly distributed, low-frequency attacks such as distributed denial-of-service (DDoS) attacks, coordinated attacks, botnet, and stealth network reconnaissance. The mechanism also allows insulating attacker/intruder from the network and redirecting the attack to a simulated network acting as a decoy. As a result, network security personnel gain sufficient time to defend the network and collect the attack information. The presented approach can be incorporated into wireless or wired networks that require protection against known and the new generation of cyber attacks.
Nielsen, Søren Holbech; Parsons, Simon
The hitherto most abstract, and hence general, argumentation system, is the one described by Dung in a paper from 1995. This framework does not allow for joint attacks on arguments, but in a recent paper we adapted it to support such attacks, and proved that this adapted framework enjoyed the same...... formal properties as that of Dung. One problem posed by Dung's original framework, which was neglected for some time, is how to compute preferred extensions of the argumentation systems. However, in 2001, in a paper by Doutre and Mengin, a procedure was given for enumerating preferred extensions...... for these systems. In this paper we propose a method for enumerating preferred extensions of the potentially more complex systems, where joint attacks are allowed. The method is inspired by the one given by Doutre and Mengin....
Hafiz Abid Mahmood Malik
Full Text Available Dengue virus infection is one of those epidemic diseases that require much consideration in order to save the humankind from its unsafe impacts. According to the World Health Organization (WHO, 3.6 billion individuals are at risk because of the dengue virus sickness. Researchers are striving to comprehend the dengue threat. This study is a little commitment to those endeavors. To observe the robustness of the dengue network, we uprooted the links between nodes randomly and targeted by utilizing different centrality measures. The outcomes demonstrated that 5% targeted attack is equivalent to the result of 65% random assault, which showed the topology of this complex network validated a scale-free network instead of random network. Four centrality measures (Degree, Closeness, Betweenness, and Eigenvector have been ascertained to look for focal hubs. It has been observed through the results in this study that robustness of a node and links depends on topology of the network. The dengue epidemic network presented robust behaviour under random attack, and this network turned out to be more vulnerable when the hubs of higher degree have higher probability to fail. Moreover, representation of this network has been projected, and hub removal impact has been shown on the real map of Gombak (Malaysia.
Ranjeeth Kumar Sundararajan
Full Text Available In wireless sensor network (WSN, the sensors are deployed and placed uniformly to transmit the sensed data to a centralized station periodically. So, the major threat of the WSN network layer is sinkhole attack and it is still being a challenging issue on the sensor networks, where the malicious node attracts the packets from the other normal sensor nodes and drops the packets. Thus, this paper proposes an Intrusion Detection System (IDS mechanism to detect the intruder in the network which uses Low Energy Adaptive Clustering Hierarchy (LEACH protocol for its routing operation. In the proposed algorithm, the detection metrics, such as number of packets transmitted and received, are used to compute the intrusion ratio (IR by the IDS agent. The computed numeric or nonnumeric value represents the normal or malicious activity. As and when the sinkhole attack is captured, the IDS agent alerts the network to stop the data transmission. Thus, it can be a resilient to the vulnerable attack of sinkhole. Above all, the simulation result is shown for the proposed algorithm which is proven to be efficient compared with the existing work, namely, MS-LEACH, in terms of minimum computational complexity and low energy consumption. Moreover, the algorithm was numerically analyzed using TETCOS NETSIM.
This article describes a computer network system that connects several microcomputers to a single disk drive and one copy of software. Many schools are switching to networks as a cheaper and more efficient means of computer instruction. Teachers may be faced with copywriting problems when reproducing programs. (DF)
Meditch, James S
Computer- Communication Networks presents a collection of articles the focus of which is on the field of modeling, analysis, design, and performance optimization. It discusses the problem of modeling the performance of local area networks under file transfer. It addresses the design of multi-hop, mobile-user radio networks. Some of the topics covered in the book are the distributed packet switching queuing network design, some investigations on communication switching techniques in computer networks and the minimum hop flow assignment and routing subject to an average message delay constraint
Lazos, L; Poovendran, Radha; Meadows, C; Syverson, P; Chang, L. W
We study the problem of characterizing the wormhole attack, an attack that can be mounted on a wide range of wireless network protocols without compromising any cryptographic quantity or network node...
Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata
Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.
Manes, Gavin W.; Dawkins, J.; Shenoi, Sujeet; Hale, John C.
Converged network security is extremely challenging for several reasons; expanded system and technology perimeters, unexpected feature interaction, and complex interfaces all conspire to provide hackers with greater opportunities for compromising large networks. Preventive security services and architectures are essential, but in and of themselves do not eliminate all threat of compromise. Attack management systems mitigate this residual risk by facilitating incident detection, analysis and response. There are a wealth of attack detection and response tools for IP networks, but a dearth of such tools for wireless and public telephone networks. Moreover, methodologies and formalisms have yet to be identified that can yield a common model for vulnerabilities and attacks in converged networks. A comprehensive attack management system must coordinate detection tools for converged networks, derive fully-integrated attack and network models, perform vulnerability and multi-stage attack analysis, support large-scale attack visualization, and orchestrate strategic responses to cyber attacks that cross network boundaries. We present an architecture that embodies these principles for attack management. The attack management system described engages a suite of detection tools for various networking domains, feeding real-time attack data to a comprehensive modeling, analysis and visualization subsystem. The resulting early warning system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.
This book explains how to see one's own network through the eyes of an attacker, to understand their techniques and effectively protect against them. Through Python code samples the reader learns to code tools on subjects such as password sniffing, ARP poisoning, DNS spoofing, SQL injection, Google harvesting and Wifi hacking. Furthermore the reader will be introduced to defense methods such as intrusion detection and prevention systems and log file analysis by diving into code.
Parras, Juan; Zazo, Santiago
We study a wireless sensor network using CSMA/CA in the MAC layer under a backoff attack: some of the sensors of the network are malicious and deviate from the defined contention mechanism. We use Bianchi's network model to study the impact of the malicious sensors on the total network throughput, showing that it causes the throughput to be unfairly distributed among sensors. We model this conflict using game theory tools, where each sensor is a player. We obtain analytical solutions and propose an algorithm, based on Regret Matching, to learn the equilibrium of the game with an arbitrary number of players. Our approach is validated via simulations, showing that our theoretical predictions adjust to reality.
Full Text Available We study a wireless sensor network using CSMA/CA in the MAC layer under a backoff attack: some of the sensors of the network are malicious and deviate from the defined contention mechanism. We use Bianchi’s network model to study the impact of the malicious sensors on the total network throughput, showing that it causes the throughput to be unfairly distributed among sensors. We model this conflict using game theory tools, where each sensor is a player. We obtain analytical solutions and propose an algorithm, based on Regret Matching, to learn the equilibrium of the game with an arbitrary number of players. Our approach is validated via simulations, showing that our theoretical predictions adjust to reality.
Full Text Available Wormhole attack is a challenging security threat to wireless sensor networks which results in disrupting most of the routing protocols as this attack can be triggered in different modes. In this paper, WRHT, a wormhole resistant hybrid technique, is proposed, which can detect the presence of wormhole attack in a more optimistic manner than earlier techniques. WRHT is based on the concept of watchdog and Delphi schemes and ensures that the wormhole will not be left untreated in the sensor network. WRHT makes use of the dual wormhole detection mechanism of calculating probability factor time delay probability and packet loss probability of the established path in order to find the value of wormhole presence probability. The nodes in the path are given different ranking and subsequently colors according to their behavior. The most striking feature of WRHT consists of its capacity to defend against almost all categories of wormhole attacks without depending on any required additional hardware such as global positioning system, timing information or synchronized clocks, and traditional cryptographic schemes demanding high computational needs. The experimental results clearly indicate that the proposed technique has significant improvement over the existing wormhole attack detection techniques.
Tyra, Adam; Li, Jingtao; Shang, Yilun; Jiang, Shuo; Zhao, Yanjun; Xu, Shouhuai
Robustness of complex networks has been extensively studied via the notion of site percolation, which typically models independent and non-adaptive attacks (or disruptions). However, real-life attacks are often dependent and/or adaptive. This motivates us to characterize the robustness of complex networks, including non-interdependent and interdependent ones, against dependent and adaptive attacks. For this purpose, dependent attacks are accommodated by L-hop percolation where the nodes within some L-hop (L ≥ 0) distance of a chosen node are all deleted during one attack (with L = 0 degenerating to site percolation). Whereas, adaptive attacks are launched by attackers who can make node-selection decisions based on the network state in the beginning of each attack. The resulting characterization enriches the body of knowledge with new insights, such as: (i) the Achilles' Heel phenomenon is only valid for independent attacks, but not for dependent attacks; (ii) powerful attack strategies (e.g., targeted attacks and dependent attacks, dependent attacks and adaptive attacks) are not compatible and cannot help the attacker when used collectively. Our results shed some light on the design of robust complex networks.
Traffic models in computer networks can be described as a complicated system. These systems show non-linear features and to simulate behaviours of these systems are also difficult. Before implementing network equipments users wants to know capability of their computer network. They do not want the servers to be overloaded during temporary traffic peaks when more requests arrive than the server is designed for. As a starting point for our study a non-linear system model of network traffic is established to exam behaviour of the network planned. The paper presents setting up a non-linear simulation model that helps us to observe dataflow problems of the networks. This simple model captures the relationship between the competing traffic and the input and output dataflow. In this paper, we also focus on measuring the bottleneck of the network, which was defined as the difference between the link capacity and the competing traffic volume on the link that limits end-to-end throughput. We validate the model using measurements on a working network. The results show that the initial model estimates well main behaviours and critical parameters of the network. Based on this study, we propose to develop a new algorithm, which experimentally determines and predict the available parameters of the network modelled.
With the continuous development of network technology and the rapid spread of the Internet, computer networks have been around the world every corner. However, the network attacks frequently occur. The ARP protocol vulnerability is one of the most common vulnerabilities in the TCP / IP four-layer architecture. The network protocol vulnerabilities can lead to the intrusion and attack of the information system, and disable or disable the normal defense function of the system . At present, ARP spoofing Trojans spread widely in the LAN, the network security to run a huge hidden danger, is the primary threat to LAN security. In this paper, the author summarizes the research status and the key technologies involved in ARP protocol, analyzes the formation mechanism of ARP protocol vulnerability, and analyzes the feasibility of the attack technique. Based on the summary of the common defensive methods, the advantages and disadvantages of each defense method. At the same time, the current defense method is improved, and the advantage of the improved defense algorithm is given. At the end of this paper, the appropriate test method is selected and the test environment is set up. Experiment and test are carried out for each proposed improved defense algorithm.
Full Text Available Broadcasting is one of the essential features in the Internet Protocol Ver 4 (IPv4. Attackers often exploit this feature of the IP protocol to launch several attacks against a network or an individual host. Attackers may either be a part of a Local Area Network (LAN or outside a LAN to launch these attacks. There are numerous papers available in the literature to solve problems resulting from IP broadcasting. However, all these solutions target a specific problem that results from IP broadcasting. Furthermore, these solutions use either a computationally-intensive cryptographic scheme, the a priori relation between the host and the network or a modified protocol stack at every host. In this paper, we provide a seamless and transparent solution to eliminate IP broadcasting and thus eliminate all problems related to IP broadcasting. Our proposed solution is crypto-free and does not need any modification to the protocol stack.
...) Integrated Tactical Warning and Attack Assessment (ITW/AA) system. These subsystems provide critical strategic surveillance and attack warning and assessment information to United States and Canadian leaders...
Program MNE Montenegro PPS-m-n Path-Portfolio-Selection problem where the defender can select a set of m paths and the attacker can destroy n arcs in...where power plants are represented by nodes. Such a node could fail, causing a chain reaction and blackout. An example for a network with arc...deliberate and un- intentional failures. An unintentional failure is a random failure that just happens, e.g., a power plant goes down because of age. A
Mitchell, Dr. William L.
This paper examines the last 8 years of development and application of Attack the Network (AtN) intelligence methodologies for creating shared situational understanding of complex battlespace environment and the development of deliberate targeting frameworks. It will present a short history...... of their development, how they are integrated into operational planning through strategies of deliberate targeting for modern operations. The paper will draw experience and case studies from Iraq, Syria, and Afghanistan and will offer some lessons learned as well as insight into the future of these methodologies....... Including their possible application on a national security level for managing longer strategic endeavors....
Appel, J.A.; Avery, P.; Chartrand, G.
This note summarizes the work of the Offline Computing and Networking Group. The report is divided into two sections; the first deals with the computing and networking requirements and the second with the proposed way to satisfy those requirements. In considering the requirements, we have considered two types of computing problems. The first is CPU-intensive activity such as production data analysis (reducing raw data to DST), production Monte Carlo, or engineering calculations. The second is physicist-intensive computing such as program development, hardware design, physics analysis, and detector studies. For both types of computing, we examine a variety of issues. These included a set of quantitative questions: how much CPU power (for turn-around and for through-put), how much memory, mass-storage, bandwidth, and so on. There are also very important qualitative issues: what features must be provided by the operating system, what tools are needed for program design, code management, database management, and for graphics
Raja, K Nirmal; Beno, M Marsaline
Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.
This volume provides the audience with an updated, in-depth and highly coherent material on the conceptually appealing and practically sound information technology of Computational Intelligence applied to the analysis, synthesis and evaluation of social networks. The volume involves studies devoted to key issues of social networks including community structure detection in networks, online social networks, knowledge growth and evaluation, and diversity of collaboration mechanisms. The book engages a wealth of methods of Computational Intelligence along with well-known techniques of linear programming, Formal Concept Analysis, machine learning, and agent modeling. Human-centricity is of paramount relevance and this facet manifests in many ways including personalized semantics, trust metric, and personal knowledge management; just to highlight a few of these aspects. The contributors to this volume report on various essential applications including cyber attacks detection, building enterprise social network...
Full Text Available Due to the unattended nature and poor security guarantee of the wireless sensor networks (WSNs, adversaries can easily make replicas of compromised nodes, and place them throughout the network to launch various types of attacks. Such an attack is dangerous because it enables the adversaries to control large numbers of nodes and extend the damage of attacks to most of the network with quite limited cost. To stop the node replica attack, we propose a location similarity-based detection scheme using deployment knowledge. Compared with prior solutions, our scheme provides extra functionalities that prevent replicas from generating false location claims without deploying resource-consuming localization techniques on the resource-constraint sensor nodes. We evaluate the security performance of our proposal under different attack strategies through heuristic analysis, and show that our scheme achieves secure and robust replica detection by increasing the cost of node replication. Additionally, we evaluate the impact of network environment on the proposed scheme through theoretic analysis and simulation experiments, and indicate that our scheme achieves effectiveness and efficiency with substantially lower communication, computational, and storage overhead than prior works under different situations and attack strategies.
Full Text Available The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.
Sun, Fuxiong; Pi, Juntao; Lv, Jin; Cao, Tian
Network security risk assessment technology can be found in advance of the network problems and related vulnerabilities, it has become an important means to solve the problem of network security. Based on attack graph and Markov chain, this paper provides a Network Security Risk Assessment Model (NSRAM). Based on the network infiltration tests, NSRAM generates the attack graph by the breadth traversal algorithm. Combines with the international standard CVSS, the attack probability of atomic nodes are counted, and then the attack transition probabilities of ones are calculated by Markov chain. NSRAM selects the optimal attack path after comprehensive measurement to assessment network security risk. The simulation results show that NSRAM can reflect the actual situation of network security objectively.
Vladislav D. Veksler
Full Text Available Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior via techniques such as model tracing and dynamic parameter fitting.
Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine E.; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat
Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting. PMID:29867661
Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat
Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.
Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For
To enhance the performance of single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed, which enable a set of IDS nodes to communicate with each other. In such a distributed network, insider attacks like collusion attacks are the main threat...... to advanced insider attacks in practical deployment. In this paper, we design a novel type of collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way. In the evaluation, we explore the attack performance under both simulated...... and real network environments. Experimental results indicate that under our attack, malicious nodes can send malicious responses to normal requests while maintaining their trust values....
Full Text Available Communication and information computer networks connect the world in ways that make globalization more natural and inequity more subtle. As educators, we look at these phenomena holistically analyzing them from the realist’s view, thus exploring tensions, (in equity and (injustice, and from the idealist’s view, thus embracing connectivity, convergence and development of a collective consciousness. In an increasingly market- driven world we find examples of openness and human generosity that are based on networks, specifically the Internet. After addressing open movements in publishing, software industry and education, we describe the possibility of a dialectic equilibrium between globalization and indigenousness in view of ecologically designed future smart networks
Somani, Gaurav; Gaur, Manoj Singh; Sanghi, Dheeraj; Conti, Mauro; Buyya, Rajkumar
Security issues related to the cloud computing are relevant to various stakeholders for an informed cloud adoption decision. Apart from data breaches, the cyber security research community is revisiting the attack space for cloud-specific solutions as these issues affect budget, resource management, and service quality. Distributed Denial of Service (DDoS) attack is one such serious attack in the cloud space. In this paper, we present developments related to DDoS attack mitigation solutions i...
Full Text Available Cloud Computing is a computing model that allows ubiquitous, convenient and on-demand access to a shared pool of highly configurable resources (e.g., networks, servers, storage, applications and services. Denial-of-Service (DoS and Distributed Denial-of-Service (DDoS attacks are serious threats to the Cloud services’ availability due to numerous new vulnerabilities introduced by the nature of the Cloud, such as multi-tenancy and resource sharing. In this paper, new types of DoS and DDoS attacks in Cloud Computing are explored, especially the XML-DoS and HTTP-DoS attacks, and some possible detection and mitigation techniques are examined. This survey also provides an overview of the existing defense solutions and investigates the experiments and metrics that are usually designed and used to evaluate their performance, which is helpful for the future research in the domain.
Liu, Penghui; Liu, Jing
Recently, coevolution between strategy and network structure has been established as a rule to resolve social dilemmas and reach optimal situations for cooperation. Many follow-up researches have focused on studying how coevolution helps networks reorganize to deter the defectors and many coevolution methods have been proposed. However, the robustness of the coevolution rules against attacks have not been studied much. Since attacks may directly influence the original evolutionary process of cooperation, the robustness should be an important index while evaluating the quality of a coevolution method. In this paper, we focus on investigating the robustness of an elementary coevolution method in resolving the prisoner's dilemma game upon the interdependent networks. Three different types of time-independent attacks, named as edge attacks, instigation attacks and node attacks have been employed to test its robustness. Through analyzing the simulation results obtained, we find this coevolution method is relatively robust against the edge attack and the node attack as it successfully maintains cooperation in the population over the entire attack range. However, when the instigation probability of the attacked individuals is large or the attack range of instigation attack is wide enough, coevolutionary rule finally fails in maintaining cooperation in the population.
Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani
Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.
Udaya Suriya Raj Kumar Dhamodharan
Full Text Available Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method with MAP (message authentication and passing for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.
Full Text Available The intrusion detection system (IDS is an important network security tool for securing computer and network systems. It is able to detect and monitor network traffic data. Snort IDS is an open-source network security tool. It can search and match rules with network traffic data in order to detect attacks, and generate an alert. However, the Snort IDS can detect only known attacks. Therefore, we have proposed a procedure for improving Snort IDS rules, based on the association rules data mining technique for detection of network probe attacks. We employed the MIT-DARPA 1999 data set for the experimental evaluation. Since behavior pattern traffic data are both normal and abnormal, the abnormal behavior data is detected by way of the Snort IDS. The experimental results showed that the proposed Snort IDS rules, based on data mining detection of network probe attacks, proved more efficient than the original Snort IDS rules, as well as icmp.rules and icmp-info.rules of Snort IDS. The suitable parameters for the proposed Snort IDS rules are defined as follows: Min_sup set to 10%, and Min_conf set to 100%, and through the application of eight variable attributes. As more suitable parameters are applied, higher accuracy is achieved.
Shabir Ahmad Sofi
Full Text Available Ad Hoc wireless sensor network (WSN is a collection of nodes that do not need to rely on predefined infrastructure to keep the network connected. The level of security and performance are always somehow related to each other, therefore due to limited resources in WSN, cryptographic methods for securing the network against attacks is not feasible. Byzantine attacks disrupt the communication between nodes in the network without regard to its own resource consumption. This paper discusses the performance of cluster based WSN comparing LEACH with Advanced node based clusters under byzantine attacks. This paper also proposes an algorithm for detection and isolation of the compromised nodes to mitigate the attacks by non-cryptographic means. The throughput increases after using the algorithm for isolation of the malicious nodes, 33% in case of Gray Hole attack and 62% in case of Black Hole attack.
Bouckaert, Stefan; Vanhie-Van Gerwen, Jono; Moerman, Ingrid; Phillips, Stephen; Wilander, Jerker
The benchmarking concept is not new in the field of computing or computer networking. With “benchmarking tools”, one usually refers to a program or set of programs, used to evaluate the performance of a solution under certain reference conditions, relative to the performance of another solution. Since the 1970s, benchmarking techniques have been used to measure the performance of computers and computer networks. Benchmarking of applications and virtual machines in an Infrastructure-as-a-Servi...
Cyber attacks on a hospital's computer network is a new crime to be reckoned with. Should your hospital consider internet insurance? The author explains this new phenomenon and presents a risk assessment for determining network vulnerabilities.
Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...
Full text: The responsibility of the Network Group covers: - providing central services like WWW, DNS (Domain Name Server), mail, etc.; - maintenance and support of the Local Area Networks,; - operation of the Wide Area Networks (LAN); - the support of the central UNIX servers and desktop workstations; - VAX/VMS cluster operation and support. The two-processor HP-UNIX K-200 and 6-processor SGI Challenge XL servers were delivering stable services to our users. Both servers were upgraded during the past year. SGI Challenge received additional 256 MB of memory. It was necessary in order to get all benefits of true 64-bit architecture of the SGI IRIX 6.2. The upgrade of our HP K-200 server were problematic so we decided to buy a new powerful machine and join the old and new machine via the fast network. Besides these main servers we have more than 30 workstations from IBM, DEC, HP, SGI and SUN. We observed a real race in PC technology in the past year. Intel processors deliver currently a performance that is comparable with HP or SUN workstations at very low costs. These CPU power is especially visible under Linux that is free Unix-like operating system. The clusters of cheap PC computers should be seriously considered in planning the computing power for the future experiments. The CPU power was further decentralized-smaller but powerful computers cover growing computing demands of our work-groups creating a small ''local computing centers''. The stable network and the concept of central services plays the essential role in this scenario. Unfortunately the network performance for the international communications is persistently unacceptable. We believe that attempts to join the European Quantum project is the only way to achieve the reasonable international network performance. In these plan polish scientific community will gain 34 Mbps international link. The growing costs of the ''real meetings'' give us no alternative to ''virtual meetings'' via the network in the
Liu Zonghua; Lai Yingcheng; Ye Nong
We consider growing networks with algebraic preferential attachment and address two questions: (1) what is the effect of temporal fluctuations in the number of new links acquired by the network? and (2) what is the network tolerance against random failures and intentional attacks? We find that the fluctuations generally have little effect on the network properties, although they lead to a plateau behavior for small degrees in the connectivity distribution. Formulas are derived for the evolution and distribution of the network connectivity, which are tested by numerical simulations. Numerical study of the effect of failures and attacks suggests that networks constructed under algebraic preferential attachment are more robust than scale-free networks
Gong Baihua; Liu Jun; Huang Liang; Yang Kongqing; Yang Lei
In this paper, we studied range-based attacks on links in geographically constrained scale-free networks and found that there is a continuous switching of roles of short- and long-range attacks on links when tuning the geographical constraint strength. Our results demonstrate that the geography has a significant impact on the network efficiency and security; thus one can adjust the geographical structure to optimize the robustness and the efficiency of the networks. We introduce a measurement of the impact of links on the efficiency of the network, and an effective attacking strategy is suggested
Persistent computer security vulnerabilities may expose U.S. critical infrastructure and government computer systems to possible cyber attack by terrorists, possibly affecting the economy or other areas of national security...
Kamaev, V. A.; Finogeev, A. G.; Finogeev, A. A.; Parygin, D. S.
The effectiveness of automated process control systems (APCS) and supervisory control and data acquisition systems (SCADA) information security depends on the applied protection technologies of transport environment data transmission components. This article investigates the problems of detecting attacks in wireless sensor networks (WSN) of SCADA systems. As a result of analytical studies, the authors developed the detailed classification of external attacks and intrusion detection in sensor networks and brought a detailed description of attacking impacts on components of SCADA systems in accordance with the selected directions of attacks.
Full Text Available The openness nature of wireless networks allows adversaries to easily launch variety of spoofing attacks and causes havoc in network performance. Recent approaches used Received Signal Strength (RSS traces, which only detect spoofing attacks in mobile wireless networks. However, it is not always desirable to use these methods as RSS values fluctuate significantly over time due to distance, noise and interference. In this paper, we discusses a novel approach, Mobile spOofing attack DEtection and Localization in WIireless Networks (MODELWIN system, which exploits location information about nodes to detect identity-based spoofing attacks in mobile wireless networks. Also, this approach determines the number of attackers who used the same node identity to masquerade as legitimate device. Moreover, multiple adversaries can be localized accurately. By eliminating attackers the proposed system enhances network performance. We have evaluated our technique through simulation using an 802.11 (WiFi network and an 802.15.4 (Zigbee networks. The results prove that MODELWIN can detect spoofing attacks with a very high detection rate and localize adversaries accurately.
Full Text Available Abstract Several techniques of theoretical digital investigation are presented in the literature but most of them are unsuitable to cope with attacks in wireless networks, especially in Mobile Ad hoc and Sensor Networks (MASNets. In this article, we propose a formal approach for digital investigation of security attacks in wireless networks. We provide a model for describing attack scenarios in a wireless environment, and system and network evidence generated consequently. The use of formal approaches is motivated by the need to avoid ad hoc generation of results that impedes the accuracy of analysis and integrity of investigation. We develop an inference system that integrates the two types of evidence, handles incompleteness and duplication of information in them, and allows possible and provable actions and attack scenarios to be generated. To illustrate the proposal, we consider a case study dealing with the investigation of a remote buffer overflow attack.
Full Text Available Wireless Sensor Networks comprised of several tiny sensor nodes which are densely deployed over the region to monitor the environmental conditions. These sensor nodes have certain design issues out of which security is the main predominant factor as it effects the whole lifetime of network. DDoS Distributed denial of service attack floods unnecessary packets in the sensor network. A review on DDoS attacks and their prevention techniques have been done in this paper.
Vicat-Blanc, Pascale; Guillier, Romaric; Soudan, Sebastien
"Computing Networks" explores the core of the new distributed computing infrastructures we are using today: the networking systems of clusters, grids and clouds. It helps network designers and distributed-application developers and users to better understand the technologies, specificities, constraints and benefits of these different infrastructures' communication systems. Cloud Computing will give the possibility for millions of users to process data anytime, anywhere, while being eco-friendly. In order to deliver this emerging traffic in a timely, cost-efficient, energy-efficient, and
GENGE BELA; SIATERLIS CHRISTOS
The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of these systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we use our previously developed framework to study the effects of coordinated cyber attacks against NICS. Coordinated attacks rely on several infected hosts to disrupt the ...
Full Text Available Smart meters are one of the key components of intelligent power grids. Wireless mesh networks based on smart meters could provide customer-oriented information on electricity use to the operational control systems, which monitor power grid status and estimate electric power demand. Using this information, an operational control system could regulate devices within the smart grid in order to provide electricity in a cost-efficient manner. Ensuring the availability of the smart meter mesh network is therefore a critical factor in securing the soundness of an intelligent power system. Wormhole attacks can be one of the most difficult-to-address threats to the availability of mesh networks, and although many methods to nullify wormhole attacks have been tried, these have been limited by high computational resource requirements and unnecessary overhead, as well as by the lack of ability of such methods to respond to attacks. In this paper, an effective defense mechanism that both detects and responds to wormhole attacks is proposed. In the proposed system, each device maintains information on its neighbors, allowing each node to identify replayed packets. The effectiveness and efficiency of the proposed method is analyzed in light of additional computational message and memory complexities.
Li, Rui-qi; Sun, Shi-wen; Ma, Yi-lin; Wang, Li; Xia, Cheng-yi
In order to deeply understand the complex interdependent systems, it is of great concern to take clustering coefficient, which is an important feature of many real-world systems, into account. Previous study mainly focused on the impact of clustering on interdependent networks under random attacks, while we extend the study to the case of the more realistic attacking strategy, targeted attack. A system composed of two interdependent scale-free networks with tunable clustering is provided. The effects of coupling strength and coupling preference on attack vulnerability are explored. Numerical simulation results demonstrate that interdependent links between two networks make the entire system much more fragile to attacks. Also, it is found that clustering significantly increases the vulnerability of interdependent scale-free networks. Moreover, for fully coupled network, disassortative coupling is found to be most vulnerable to random attacks, while the random and assortative coupling have little difference. Additionally, enhancing coupling strength can greatly enhance the fragility of interdependent networks against targeted attacks. These results can not only improve the deep understanding of structural complexity of complex systems, but also provide insights into the guidance of designing resilient infrastructures.
Full Text Available An intrusion detection system (IDS helps to identify different types of attacks in general, and the detection rate will be higher for some specific category of attacks. This paper is designed on the idea that each IDS is efficient in detecting a specific type of attack. In proposed Multiple IDS Unit (MIU, there are five IDS units, and each IDS follows a unique algorithm to detect attacks. The feature selection is done with the help of genetic algorithm. The selected features of the input traffic are passed on to the MIU for processing. The decision from each IDS is termed as local decision. The fusion unit inside the MIU processes all the local decisions with the help of majority voting rule and makes the final decision. The proposed system shows a very good improvement in detection rate and reduces the false alarm rate.
Full Text Available To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector, and a conventional JAM (Jammed Area Mapping service with one reroute.
Baras, J. S; Cardenas, A. A; Ramezani, V
.... The directionality of the change in a network flow is assumed to have an objective or target. The particular problem of detecting distributed denial of service attacks from distributed observations is presented as a working framework...
Full Text Available The attack actions analysis for Ad Hoc networks can provide a reference for the design security mechanisms. This paper presents an analysis method of security of Ad Hoc networks based on Stochastic Game Nets (SGN. This method can establish a SGN model of Ad Hoc networks and calculate to get the Nash equilibrium strategy. After transforming the SGN model into a continuous-time Markov Chain (CTMC, the security of Ad Hoc networks can be evaluated and analyzed quantitatively by calculating the stationary probability of CTMC. Finally, the Matlab simulation results show that the probability of successful attack is related to the attack intensity and expected payoffs, but not attack rate.
Kim, Mihui; Chae, Kijoon
To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio) and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector), and a conventional JAM (Jammed Area Mapping) service with one reroute.
Van Heerden, R
Full Text Available of an impending net- work attack, and occur before any real damage has occurred. Popular reconnaissance actions include network mapping and scanning with tools such as Nmap and Nessus. Google and other search engines can also be used to identify potential weak.... ? Reconnaissance: Using well-known search engines to search for potential weak- nesses in the Windows operating system and Microsoft Outlook. ? Ramp-up: Writing the I-LOVE-YOU worm code. ? Damage: The spreading the I-LOVE-YOU worm via e-mail. It led...
Malloy, Ian J.
The purpose of this research is to synthesize basic and fundamental findings in quantum computing, as applied to the attack and defense of conventional computer networks. The concept focuses on uses of radio waves as a shield for, and attack against traditional computers. A logic bomb is analogous to a landmine in a computer network, and if one was to implement it as non-trivial mitigation, it will aid computer network defense. As has been seen in kinetic warfare, the use of landmines has been devastating to geopolitical regions in that they are severely difficult for a civilian to avoid triggering given the unknown position of a landmine. Thus, the importance of understanding a logic bomb is relevant and has corollaries to quantum mechanics as well. The research synthesizes quantum logic phase shifts in certain respects using the Dynamic Data Exchange protocol in software written for this work, as well as a C-NOT gate applied to a virtual quantum circuit environment by implementing a Quantum Fourier Transform. The research focus applies the principles of coherence and entanglement from quantum physics, the concept of expert systems in artificial intelligence, principles of prime number based cryptography with trapdoor functions, and modeling radio wave propagation against an event from unknown parameters. This comes as a program relying on the artificial intelligence concept of an expert system in conjunction with trigger events for a trapdoor function relying on infinite recursion, as well as system mechanics for elliptic curve cryptography along orbital angular momenta. Here trapdoor both denotes the form of cipher, as well as the implied relationship to logic bombs.
Alzahrani, Bander A.; Reed, Martin J.; Vassilakis, Vassilios G.
Line Speed Publish/Subscribe Inter-networking (LIPSIN) is one of the proposed forwarding mechanisms in Information Centric Networking (ICN). It is a stateless source-routing approach based on Bloom filters. However, it has been shown that LIPSIN is vulnerable to brute-force attacks which may lead to distributed denial-of-service (DDoS) attacks and unsolicited messages. In this work, we propose a new forwarding approach that maintains the advantages of Bloom filter based forwarding while allow...
Full Text Available One of the most common attacks against Wireless Sensor Networks is the wormhole attack. In this attack, the enemy deploys two malicious nodes in two different areas of the network and establishes a high-speed dedicated channel between these two. This will cause the normal nodes in two different areas wrongly think that they are two-hop neighbors. Therefore, this attack will greatly affect the routing algorithms. In this paper, a new distributed algorithm is provided to deal with the wormhole attack. The main idea of the proposed algorithm is to discover separate routes between pairs of two-hop neighboring nodes. The proposed algorithm was implemented and evaluated in terms of true and false detection rate by performing a series of experiments and the results were compared with the base algorithm. The test results showed that the proposed algorithm has desirable efficacy.
Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For
Traditionally, an isolated intrusion detection system (IDS) is vulnerable to various types of attacks. In order to enhance IDS performance, collaborative intrusion detection networks (CIDNs) are developed through enabling a set of IDS nodes to communicate with each other. Due to the distributed...... network architecture, insider attacks are one of the major threats. In the literature, challenge-based trust mechanisms have been built to identify malicious nodes by evaluating the satisfaction levels between challenges and responses. However, such mechanisms rely on two major assumptions, which may...... result in a weak threat model. In this case, CIDNs may be still vulnerable to advanced insider attacks in real-world deployment. In this paper, we propose a novel collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way...
Marzuoli, Annalisa; Rasetti, Mario
We expand a set of notions recently introduced providing the general setting for a universal representation of the quantum structure on which quantum information stands. The dynamical evolution process associated with generic quantum information manipulation is based on the (re)coupling theory of SU (2) angular momenta. Such scheme automatically incorporates all the essential features that make quantum information encoding much more efficient than classical: it is fully discrete; it deals with inherently entangled states, naturally endowed with a tensor product structure; it allows for generic encoding patterns. The model proposed can be thought of as the non-Boolean generalization of the quantum circuit model, with unitary gates expressed in terms of 3nj coefficients connecting inequivalent binary coupling schemes of n + 1 angular momentum variables, as well as Wigner rotations in the eigenspace of the total angular momentum. A crucial role is played by elementary j-gates (6j symbols) which satisfy algebraic identities that make the structure of the model similar to 'state sum models' employed in discretizing topological quantum field theories and quantum gravity. The spin network simulator can thus be viewed also as a Combinatorial QFT model for computation. The semiclassical limit (large j) is discussed
Michalas, Antonis; Komninos, Nikos; Prasad, Neeli R.
This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks...... in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly....
Dao, Nhu-Ngoc; Kim, Joongheon; Park, Minho; Cho, Sungrae
The convergent communication network will play an important role as a single platform to unify heterogeneous networks and integrate emerging technologies and existing legacy networks. Although there have been proposed many feasible solutions, they could not become convergent frameworks since they mainly focused on converting functions between various protocols and interfaces in edge networks, and handling functions for multiple services in core networks, e.g., the Multi-protocol Label Switching (MPLS) technique. Software-defined networking (SDN), on the other hand, is expected to be the ideal future for the convergent network since it can provide a controllable, dynamic, and cost-effective network. However, SDN has an original structural vulnerability behind a lot of advantages, which is the centralized control plane. As the brains of the network, a controller manages the whole network, which is attractive to attackers. In this context, we proposes a novel solution called adaptive suspicious prevention (ASP) mechanism to protect the controller from the Denial of Service (DoS) attacks that could incapacitate an SDN. The ASP is integrated with OpenFlow protocol to detect and prevent DoS attacks effectively. Our comprehensive experimental results show that the ASP enhances the resilience of an SDN network against DoS attacks by up to 38%.
Full Text Available In the research on network security, distinguishing the vulnerable components of networks is very important for protecting infrastructures systems. Here, we probe how to identify the vulnerable nodes of complex networks in cascading failures, which was ignored before. Concerned with random attack (RA and highest load attack (HL on nodes, we model cascading dynamics of complex networks. Then, we introduce four kinds of weighting methods to characterize the nodes of networks including Barabási-Albert scale-free networks (SF, Watts-Strogatz small-world networks (WS, Erdos-Renyi random networks (ER, and two real-world networks. The simulations show that, for SF networks under HL attack, the nodes with small value of the fourth kind of weight are the most vulnerable and the ones with small value of the third weight are also vulnerable. Also, the real-world autonomous system with power-law distribution verifies these findings. Moreover, for WS and ER networks under both RA and HL attack, when the nodes have low tolerant ability, the ones with small value of the fourth kind of weight are more vulnerable and also the ones with high degree are easier to break down. The results give us important theoretical basis for digging the potential safety loophole and making protection strategy.
File characteristics: Data file; 1 file. Physical description: 1 computer diskette; 3 1/2 in.; high density; 2.0MB. System requirements: Mac; Word. This technical report has been developed to address the survivability of telecommunications networks including services. It responds to the need for a common understanding of, and assessment techniques for network survivability, availability, integrity, and reliability. It provides a basis for designing and operating telecommunication networks to user expectations for network survivability.
Understanding and Designing Computer Networks considers the ubiquitous nature of data networks, with particular reference to internetworking and the efficient management of all aspects of networked integrated data systems. In addition it looks at the next phase of networking developments; efficiency and security are covered in the sections dealing with data compression and data encryption; and future examples of network operations, such as network parallelism, are introduced.A comprehensive case study is used throughout the text to apply and illustrate new techniques and concepts as th
Peterson, Larry L
This best-selling and classic book teaches you the key principles of computer networks with examples drawn from the real world of network and protocol design. Using the Internet as the primary example, the authors explain various protocols and networking technologies. Their systems-oriented approach encourages you to think about how individual network components fit into a larger, complex system of interactions. Whatever your perspective, whether it be that of an application developer, network administrator, or a designer of network equipment or protocols, you will come away with a "big pictur
Prasad, Neeli R.; Giannetsos, T.; Dimitriou, T.
describe the wormhole attack, a severe routing attack against sensor networks that is particularly challenging to defend against. We detail its characteristics and study its effects on the successful operation of a sensor network. We present state-of-the-art research for addressing wormhole related...... the possibility of using more sophisticated methods, like intrusion detection systems, to achieve a more complete and autonomic defense mechanism against wormhole attackers. We present our work on intrusion detection and introduce a lightweight IDS framework, called LIDeA, designed for wireless sensor networks....... LIDeA is based on a distributed architecture, in which nodes overhear their neighboring nodes and collaborate with each other in order to successfully detect an intrusion. We conclude by highlighting how such a system can be used for defending against wormhole attackers....
Full Text Available The detection of DDoS attacks is an important topic in the field of network security. The occurrence of software defined network (SDN (Zhang et al., 2018 brings up some novel methods to this topic in which some deep learning algorithm is adopted to model the attack behavior based on collecting from the SDN controller. However, the existing methods such as neural network algorithm are not practical enough to be applied. In this paper, the SDN environment by mininet and floodlight (Ning et al., 2014 simulation platform is constructed, 6-tuple characteristic values of the switch flow table is extracted, and then DDoS attack model is built by combining the SVM classification algorithms. The experiments show that average accuracy rate of our method is 95.24% with a small amount of flow collecting. Our work is of good value for the detection of DDoS attack in SDN.
Nirmal Raja, K; Maraline Beno, M
In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.
Cardenas, Alvaro A
.... In this thesis, the author will focus on the detection of three attack scenarios: the spreading of active worms throughout the Internet, distributed denial of service attacks, and routing attacks to wireless ad hoc networks...
Full Text Available The infrastructure-less nature and mobility of nodes in mobile ad-hoc network (MANET make it to be very susceptible to various attacks. Besides, owing to its flexibility and simplicity, there is no predefined time or permission set for nodes to leave or join the network and each node can act as a client or server. Nevertheless, securing communication between nodes has become a challenging problem than in other types of network. Attacks in MANET range into different categories. Black hole attack is one of the attacks that has been addressed by many researchers in the recent years. It does occur when a harmful mobile node called black hole becomes a part of the network and tries to use its malicious behaviors by sending fake route reply packets (RREP for any received route request packets (RREQ. When these faked packets arrive to the source node, it does reply to them by sending data packet via the established route. Once the packets are received by the black hole, it drops them before reaching the destination. Hence, preventing the source node from reaching the intended destination. In this paper, we present an overview of a wide range of techniques suggested in the literature for detecting and preventing black hole attacks in mobile ad hoc network. Additionally, the effect of each approach on the network performance is also presented.
Koederitz, W.L.; Macon, B.S.
One of the major methods for getting the most productivity and benefits from computer usage is networking. However, for those who are contemplating a change from stand-alone computers to a network system, the investigation of actual networks in use presents a paradox: network systems can be highly productive and beneficial; at the same time, these networks can create many complex, frustrating problems. The issue becomes a question of whether the benefits of networking are worth the extra effort and cost. In response to this issue, the authors review in this paper the implementation and management of an actual network in the LSU Petroleum Engineering Department. The network, which has been in operation for four years, is large and diverse (50 computers, 2 sites, PC's, UNIX RISC workstations, etc.). The benefits, costs, and method of operation of this network will be described, and an effort will be made to objectively weigh these elements from the point of view of the average computer user
Bricha, Naji; Nourelfath, Mustapha
This article develops a game-theoretical model to deal with the protection of facilities, in the context of the capacitated fixed-charge location and capacity acquisition problem. A set of investment alternatives is available for direct protection of facilities. Furthermore, extra-capacity of neighbouring functional facilities can be used after attacks to avoid the backlog of demands and backorders. The proposed model considers a non-cooperative two-period game between the players, and an algorithm is presented to determine the equilibrium solution and the optimal defender strategy under capacity constraints. A method is developed to evaluate the utilities of the defender and the attacker. The benefit of the proposed approach is illustrated using a numerical example. The defence strategy of our model is compared to other strategies, and the obtained results clearly indicate the superiority of our model in finding the best trade-off between direct protection investment and extra-capacity deployment
.... The military's use of computer networked information systems is thus a critical strength. These systems are then critical vulnerabilities because they may lack adequate protection and are open to enemy attack...
attack is also similar to those that rely on misbehaving receivers and optimistic ACKs to bypass flow control protocol mechanisms –. In particular...thank the anonymous reviewers for their feedback and suggestions, Damon McCoy for discussions about misbehaving receivers and authenticated signals...ping-o-death. html.  S. Savage, N. Cardwell, D. Wetherall, and T. Anderson, “TCP Con- gestion Control with a Misbehaving Receiver,” ACM SIGCOMM CCR
Li, Xuran; Wang, Qiu; Dai, Hong-Ning; Wang, Hao
Eavesdropping attack is one of the most serious threats in industrial crowdsensing networks. In this paper, we propose a novel anti-eavesdropping scheme by introducing friendly jammers to an industrial crowdsensing network. In particular, we establish a theoretical framework considering both the probability of eavesdropping attacks and the probability of successful transmission to evaluate the effectiveness of our scheme. Our framework takes into account various channel conditions such as path loss, Rayleigh fading, and the antenna type of friendly jammers. Our results show that using jammers in industrial crowdsensing networks can effectively reduce the eavesdropping risk while having no significant influence on legitimate communications.
Kraus, Rob; Borkin, Mike; Alpern, Naomi
Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat
Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum
H. Paugam-Moisy; S.M. Bohte (Sander); G. Rozenberg; T.H.W. Baeck (Thomas); J.N. Kok (Joost)
htmlabstractAbstract Spiking Neuron Networks (SNNs) are often referred to as the 3rd gener- ation of neural networks. Highly inspired from natural computing in the brain and recent advances in neurosciences, they derive their strength and interest from an ac- curate modeling of synaptic interactions
Elena Vladimirovna Doynikova
Full Text Available The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems. Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios.
Full Text Available In this paper, we present a technique that detects both false positive and false negative attacks in statistical filtering-based wireless sensor networks. In statistical filtering scheme, legitimate reports are repeatedly verified en route before they reach the base station, which causes heavy energy consumption. While the original statistical filtering scheme detects only false reports, our proposed method promises to detect both attacks.
Banković, Zorana; Fraga, David; Moya, José M; Vallejo, Juan Carlos
As wireless sensor networks are usually deployed in unattended areas, security policies cannot be updated in a timely fashion upon identification of new attacks. This gives enough time for attackers to cause significant damage. Thus, it is of great importance to provide protection from unknown attacks. However, existing solutions are mostly concentrated on known attacks. On the other hand, mobility can make the sensor network more resilient to failures, reactive to events, and able to support disparate missions with a common set of sensors, yet the problem of security becomes more complicated. In order to address the issue of security in networks with mobile nodes, we propose a machine learning solution for anomaly detection along with the feature extraction process that tries to detect temporal and spatial inconsistencies in the sequences of sensed values and the routing paths used to forward these values to the base station. We also propose a special way to treat mobile nodes, which is the main novelty of this work. The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques. These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion. The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.
Zhang Zheng-Zhen; Xu Wen-Jun; Lin Jia-Ru; Zeng Shang-You
In this study, the robustness of small-world networks to three types of attack is investigated. Global efficiency is introduced as the network coefficient to measure the robustness of a small-world network. The simulation results prove that an increase in rewiring probability or average degree can enhance the robustness of the small-world network under all three types of attack. The effectiveness of simultaneously increasing both rewiring probability and average degree is also studied, and the combined increase is found to significantly improve the robustness of the small-world network. Furthermore, the combined effect of rewiring probability and average degree on network robustness is shown to be several times greater than that of rewiring probability or average degree individually. This means that small-world networks with a relatively high rewiring probability and average degree have advantages both in network communications and in good robustness to attacks. Therefore, simultaneously increasing rewiring probability and average degree is an effective method of constructing realistic networks. Consequently, the proposed method is useful to construct efficient and robust networks in a realistic scenario. (interdisciplinary physics and related areas of science and technology)
Presents insight into the social behaviour of animals (including the study of animal tracks and learning by members of the same species). This book provides web-based evidence of social interaction, perceptual learning, information granulation and the behaviour of humans and affinities between web-based social networks
This textbook presents the mathematical theory and techniques necessary for analyzing and modeling high-performance global networks, such as the Internet. The three main building blocks of high-performance networks are links, switching equipment connecting the links together, and software employed at the end nodes and intermediate switches. This book provides the basic techniques for modeling and analyzing these last two components. Topics covered include, but are not limited to: Markov chains and queuing analysis, traffic modeling, interconnection networks and switch architectures and buffering strategies. · Provides techniques for modeling and analysis of network software and switching equipment; · Discusses design options used to build efficient switching equipment; · Includes many worked examples of the application of discrete-time Markov chains to communication systems; · Covers the mathematical theory and techniques necessary for ana...
A. Tajari Siahmarzkooh
Full Text Available In this paper, we provide an approach to detect network dictionary attacks using a data set collected as flows based on which a clustered graph is resulted. These flows provide an aggregated view of the network traffic in which the exchanged packets in the network are considered so that more internally connected nodes would be clustered. We show that dictionary attacks could be detected through some parameters namely the number and the weight of clusters in time series and their evolution over the time. Additionally, the Markov model based on the average weight of clusters,will be also created. Finally, by means of our suggested model, we demonstrate that artificial clusters of the flows are created for normal and malicious traffic. The results of the proposed approach on CAIDA 2007 data set suggest a high accuracy for the model and, therefore, it provides a proper method for detecting the dictionary attack.
Quann, John; Belford, Peter
The paper discusses the issue of electronic vulnerability of computer based systems supporting NASA Goddard Space Flight Center (GSFC) by unauthorized users. To test the security of the system and increase security awareness, NYMA, Inc. employed computer 'hackers' to attempt to infiltrate the system(s) under controlled conditions. Penetration procedures, methods, and descriptions are detailed in the paper. The procedure increased the security consciousness of GSFC management to the electronic vulnerability of the system(s).
Scotti, Vincent, Jr.
This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.
Amin, Faisal Mohammad; Hougaard, Anders; Magon, Stefano
OBJECTIVE: To investigate resting-state functional connectivity in the salience network (SN), the sensorimotor network (SMN), and the default mode network (DMN) during migraine attacks induced by pituitary adenylate cyclase-activating polypeptide-38 (PACAP38). METHODS: In a double-blind, randomized...... connectivity with the bilateral opercular part of the inferior frontal gyrus in the SN. In SMN, there was increased connectivity with the right premotor cortex and decreased connectivity with the left visual cortex. Several areas showed increased (left primary auditory, secondary somatosensory, premotor......, and visual cortices) and decreased (right cerebellum and left frontal lobe) connectivity with DMN. We found no resting-state network changes after VIP (n = 15). CONCLUSIONS: PACAP38-induced migraine attack is associated with altered connectivity of several large-scale functional networks of the brain....
Ben Charhi Youssef
Full Text Available This paper is an extension of work originally presented in SYSCO CONF.We extend our previous work by presenting the initial results of the implementation of intrusion detection based on risk assessment on cloud computing. The idea focuses on a novel approach for detecting cyber-attacks on the cloud environment by analyzing attacks pattern using risk assessment methodologies. The aim of our solution is to combine evidences obtained from Intrusion Detection Systems (IDS deployed in a cloud with risk assessment related to each attack pattern. Our approach presents a new qualitative solution for analyzing each symptom, indicator and vulnerability analyzing impact and likelihood of distributed and multi-steps attacks directed to cloud environments. The implementation of this approach will reduce the number of false alerts and will improve the performance of the IDS.
Li, Chun-Hsien; Yang, Suh-Yuh
Synchronization is one of the most important features observed in large-scale complex networks of interacting dynamical systems. As is well known, there is a close relation between the network topology and the network synchronizability. Using the coupled Hindmarsh–Rose neurons with community structure as a model network, in this paper we explore how failures of the nodes due to random errors or intentional attacks affect the synchronizability of community networks. The intentional attacks are realized by removing a fraction of the nodes with high values in some centrality measure such as the centralities of degree, eigenvector, betweenness and closeness. According to the master stability function method, we employ the algebraic connectivity of the considered community network as an indicator to examine the network synchronizability. Numerical evidences show that the node failure strategy based on the betweenness centrality has the most influence on the synchronizability of community networks. With this node failure strategy for a given network with a fixed number of communities, we find that the larger the degree of communities, the worse the network synchronizability; however, for a given network with a fixed degree of communities, we observe that the more the number of communities, the better the network synchronizability.
Clymer, B.; Collins, S. A., Jr.
The design for an optical switching system for minicomputers that uses an optical spatial light modulator such as a Hughes liquid crystal light valve is presented. The switching system is designed to connect 80 minicomputers coupled to the switching system by optical fibers. The system has two major parts: the connection system that connects the data lines by which the computers communicate via a two-dimensional optical matrix array and the control system that controls which computers are connected. The basic system, the matrix-based connecting system, and some of the optical components to be used are described. Finally, the details of the control system are given and illustrated with a discussion of timing.
Computers, for all their speed and efficiency, have their foibles and failings. Until the advent of minicomputers, users often had to supervise their programs personally to make sure they executed correctly. Minicomputers could take over some of these chores, but they were too expensive to be dedicated to any but the most vital services. Inexpensive, easily programmed microcomputers are easing this limitation, and permitting a flood of new applications. 3 figures
Full Text Available The increased use of structured overlay network for a variety of applications has attracted a lot of attention from both research community and attackers. However, the structural constraints, open nature (anybody can join and anybody may leave, and unreliability of its participant nodes significantly affect the performance of these applications and make it vulnerable to a variety of attacks such as eclipse, Sybil, and churn. One attack to compromise the service availability in overlay network is intentional churn (join/leave attack, where a large number of malicious users will join and leave the overlay network so frequently that the entire structure collapses and becomes unavailable. The focus of this paper is to provide a new robust, efficient, and scalable hierarchical overlay architecture that will counter these attacks by providing a structure that can accommodate the fleeting behaviour of nodes without causing much structural inconsistencies. The performance evaluation showed that the proposed architecture has more failure resilience and self-organization as compared to chord based architecture. Experimental results have demonstrated that the effect of failures on an overlay is proportional to the size of failure.
Chavez, Adrian R.; Stout, William M. S.; Hamlet, Jason R.; Lee, Erik James; Martin, Mitchell Tyler
The various technologies presented herein relate to determining a network attack is taking place, and further to adjust one or more network parameters such that the network becomes dynamically configured. A plurality of machine learning algorithms are configured to recognize an active attack pattern. Notification of the attack can be generated, and knowledge gained from the detected attack pattern can be utilized to improve the knowledge of the algorithms to detect a subsequent attack vector(s). Further, network settings and application communications can be dynamically randomized, wherein artificial diversity converts control systems into moving targets that help mitigate the early reconnaissance stages of an attack. An attack(s) based upon a known static address(es) of a critical infrastructure network device(s) can be mitigated by the dynamic randomization. Network parameters that can be randomized include IP addresses, application port numbers, paths data packets navigate through the network, application randomization, etc.
Chow, Edward; Madan, Herbert; Peterson, John
Data-driven dynamic switching enables high speed data transfer. Proposed hyperswitch network based on mixed static and dynamic topologies. Routing header modified in response to congestion or faults encountered as path established. Static topology meets requirement if nodes have switching elements that perform necessary routing header revisions dynamically. Hypercube topology now being implemented with switching element in each computer node aimed at designing very-richly-interconnected multicomputer system. Interconnection network connects great number of small computer nodes, using fixed hypercube topology, characterized by point-to-point links between nodes.
Mish, W. H.
Local Area Networking of DEC and IBM computers within the structure of the ISO-OSI Seven Layer Reference Model at a raw signaling speed of 1 Mops or greater are discussed. After an introduction to the ISO-OSI Reference Model nd the IEEE-802 Draft Standard for Local Area Networks (LANs), there follows a detailed discussion and comparison of the products available from a variety of manufactures to perform this networking task. A summary of these products is presented in a table.
Koch, Christof; Luo, Jin; Mead, Carver; Hutchinson, James
Recent developments in the theory of early vision are described which lead from the formulation of the motion problem as an ill-posed one to its solution by minimizing certain 'cost' functions. These cost or energy functions can be mapped onto simple analog and digital resistive networks. It is shown how the optical flow can be computed by injecting currents into resistive networks and recording the resulting stationary voltage distribution at each node. These networks can be implemented in cMOS VLSI circuits and represent plausible candidates for biological vision systems.
AN INTRODUCTION TO COMPUTER NETWORKS is a comprehensive text book which is focused and designed to elaborate the technical contents in the light of TCP/IP reference model exploring both digital and analog data communication. Various communication protocols of different layers are discussed along with their pseudo-code. This book covers the detailed and practical information about the network layer alongwith information about IP including IPV6, OSPF, and internet multicasting. It also covers TCP congestion control and emphasizes on the basic principles of fundamental importance concerning the technology and architecture and provides detailed discussion of leading edge topics of data communication, LAN & Network Layer.
Knudsen, Lars Ramkilde; Raddum, H
Recently it was shown (by J. Patarin) how to distinguish a general five-round Feistel network from a random permutation using O(2/sup 3n/2/) chosen plaintexts or O(2/sup 7n/4/) known plaintexts. The present authors report improvement of these results and a distinguisher is presented which uses ro...
Blumrich, Matthias A [Ridgefield, CT; Coteus, Paul W [Yorktown Heights, NY; Chen, Dong [Croton On Hudson, NY; Gara, Alan [Mount Kisco, NY; Giampapa, Mark E [Irvington, NY; Heidelberger, Philip [Cortlandt Manor, NY; Hoenicke, Dirk [Ossining, NY; Takken, Todd E [Brewster, NY; Steinmacher-Burow, Burkhard D [Wernau, DE; Vranas, Pavlos M [Bedford Hills, NY
A system and method for enabling high-speed, low-latency global collective communications among interconnected processing nodes. The global collective network optimally enables collective reduction operations to be performed during parallel algorithm operations executing in a computer structure having a plurality of the interconnected processing nodes. Router devices ate included that interconnect the nodes of the network via links to facilitate performance of low-latency global processing operations at nodes of the virtual network and class structures. The global collective network may be configured to provide global barrier and interrupt functionality in asynchronous or synchronized manner. When implemented in a massively-parallel supercomputing structure, the global collective network is physically and logically partitionable according to needs of a processing algorithm.
Kauffman, L.; Lomonaco, S. Jr.
We review the q-deformed spin network approach to Topological Quantum Field Theory and apply these methods to produce unitary representations of the braid groups that are dense in the unitary groups. The simplest case of these models is the Fibonacci model, itself universal for quantum computation. We here formulate these braid group representations in a form suitable for computation and algebraic work. (authors)
Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo
Dacer, Marc; Kargl, Frank; König, Hartmut; Valdes, Alfonso
This report documents the program and the outcomes of Dagstuhl Seminar 14292 “Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures”. The main objective of the seminar was to discuss new approaches and ideas for securing industrial control systems. It
Full Text Available The node replication attack is one of the notorious attacks that can be easily launched by adversaries in wireless sensor networks. A lot of literatures have studied mitigating the node replication attack in static wireless sensor networks. However, it is more difficult to detect the replicas in mobile sensor networks because of their node mobility. Considering the limitations of centralized detection schemes for static wireless sensor networks, a few distributed solutions have been recently proposed. Some existing schemes identified replicated attacks by sensing mobile nodes with identical ID but different locations. To facilitate the discovery of contradictory conflicts, we propose a hybrid local and global detection method. The local detection is performed in a local area smaller than the whole deployed area to improve the meeting probability of contradictory nodes, while the distant replicated nodes in larger area can also be efficiently detected by the global detection. The complementary two levels of detection achieve quick discovery by searching of the replicas with reasonable overhead.
Full Text Available Vehicular Ad Hoc Networks (VANETs are rapidly gaining attention due to the diversity of services that they can potentially offer. However, VANET communication is vulnerable to numerous security threats such as Distributed Denial of Service (DDoS attacks. Dealing with these attacks in VANET is a challenging problem. Most of the existing DDoS detection techniques suffer from poor accuracy and high computational overhead. To cope with these problems, we present a novel Multivariant Stream Analysis (MVSA approach. The proposed MVSA approach maintains the multiple stages for detection DDoS attack in network. The Multivariant Stream Analysis gives unique result based on the Vehicle-to-Vehicle communication through Road Side Unit. The approach observes the traffic in different situations and time frames and maintains different rules for various traffic classes in various time windows. The performance of the MVSA is evaluated using an NS2 simulator. Simulation results demonstrate the effectiveness and efficiency of the MVSA regarding detection accuracy and reducing the impact on VANET communication.
Latif, Rabia; Abbas, Haider; Assar, Saïd
Wireless Body Area Networks (WBANs) have emerged as a promising technology that has shown enormous potential in improving the quality of healthcare, and has thus found a broad range of medical applications from ubiquitous health monitoring to emergency medical response systems. The huge amount of highly sensitive data collected and generated by WBAN nodes requires an ascendable and secure storage and processing infrastructure. Given the limited resources of WBAN nodes for storage and processing, the integration of WBANs and cloud computing may provide a powerful solution. However, despite the benefits of cloud-assisted WBAN, several security issues and challenges remain. Among these, data availability is the most nagging security issue. The most serious threat to data availability is a distributed denial of service (DDoS) attack that directly affects the all-time availability of a patient's data. The existing solutions for standalone WBANs and sensor networks are not applicable in the cloud. The purpose of this review paper is to identify the most threatening types of DDoS attacks affecting the availability of a cloud-assisted WBAN and review the state-of-the-art detection mechanisms for the identified DDoS attacks.
Li, Wenjuan; Meng, Weizhi; Kwok, Lam For
to exchange data with each other. Insider attacks are a great threat for such types of collaborative networks, where an attacker has the authorized access within the network. In literature, a challenge-based trust mechanism is effective at identifying malicious nodes by sending challenges. However...
Full Text Available The low-rate denial of service (LDoS attacks reduce network services capabilities by periodically sending high intensity pulse data flows. For their concealed performance, it is more difficult for traditional DoS detection methods to detect LDoS attacks; at the same time the accuracy of the current detection methods for LDoS attacks is relatively low. As the fact that LDoS attacks led to abnormal distribution of the ACK traffic, LDoS attacks can be detected by analyzing the distribution characteristics of ACK traffic. Then traditional EWMA algorithm which can smooth the accidental error while being the same as the exceptional mutation may cause some misjudgment; therefore a new LDoS detection method based on adaptive EWMA (AEWMA algorithm is proposed. The AEWMA algorithm which uses an adaptive weighting function instead of the constant weighting of EWMA algorithm can smooth the accidental error and retain the exceptional mutation. So AEWMA method is more beneficial than EWMA method for analyzing and measuring the abnormal distribution of ACK traffic. The NS2 simulations show that AEWMA method can detect LDoS attacks effectively and has a low false negative rate and a false positive rate. Based on DARPA99 datasets, experiment results show that AEWMA method is more efficient than EWMA method.
Liu, Jianhua; Yue, Guangxue; Shang, Huiliang; Li, Hongjie
The coordinator is a specific node that controls the whole network and has a significant impact on the performance in cooperative multihop ZigBee wireless sensor networks (ZWSNs). However, the malicious node attacks coordinator nodes in an effort to waste the resources and disrupt the operation of the network. Attacking leads to a failure of one round of communication between the source nodes and destination nodes. Coordinator selection is a technique that can considerably defend against attack and reduce the data delivery delay, and increase network performance of cooperative communications. In this paper, we propose an adaptive coordinator selection algorithm using game and fuzzy logic aiming at both minimizing the average number of hops and maximizing network lifetime. The proposed game model consists of two interrelated formulations: a stochastic game for dynamic defense and a best response policy using evolutionary game formulation for coordinator selection. The stable equilibrium best policy to response defense is obtained from this game model. It is shown that the proposed scheme can improve reliability and save energy during the network lifetime with respect to security. PMID:25105171
Ramos, João; Lopes, Rui J; Araújo, Duarte
The evolution of performance analysis within sports sciences is tied to technology development and practitioner demands. However, how individual and collective patterns self-organize and interact in invasive team sports remains elusive. Social network analysis has been recently proposed to resolve some aspects of this problem, and has proven successful in capturing collective features resulting from the interactions between team members as well as a powerful communication tool. Despite these advances, some fundamental team sports concepts such as an attacking play have not been properly captured by the more common applications of social network analysis to team sports performance. In this article, we propose a novel approach to team sports performance centered on sport concepts, namely that of an attacking play. Network theory and tools including temporal and bipartite or multilayered networks were used to capture this concept. We put forward eight questions directly related to team performance to discuss how common pitfalls in the use of network tools for capturing sports concepts can be avoided. Some answers are advanced in an attempt to be more precise in the description of team dynamics and to uncover other metrics directly applied to sport concepts, such as the structure and dynamics of attacking plays. Finally, we propose that, at this stage of knowledge, it may be advantageous to build up from fundamental sport concepts toward complex network theory and tools, and not the other way around.
Peng, Chaorong; Chen, Chang Wen
Malicious nodes are mounting increasingly sophisticated attacking operations on the Mobile Ad Hoc Networks (MANETs). This is mainly because the IP-based MANETs are vulnerable to attacks by various malicious nodes. However, the defense against malicious attack can be improved when a new layer of network architecture can be developed to separate true IP address from disclosing to the malicious nodes. In this paper, we propose a new algorithm to improve the defense against malicious attack (IDMA) that is based on a recently developed Assignment Router Identify Protocol (ARIP) for the clustering-based MANET management. In the ARIP protocol, we design the ARIP architecture based on the new Identity instead of the vulnerable IP addresses to provide the required security that is embedded seamlessly into the overall network architecture. We make full use of ARIP's special property to monitor gateway forward packets by Reply Request Route Packets (RREP) without additional intrusion detection layer. We name this new algorithm IDMA because of its inherent capability to improve the defense against malicious attacks. Through IDMA, a watching algorithm can be established so as to counterattack the malicious node in the routing path when it unusually drops up packets. We provide analysis examples for IDMA for the defense against a malicious node that disrupts the route discovery by impersonating the destination, or by responding with state of corrupted routing information, or by disseminating forged control traffic. The IDMA algorithm is able to counterattack the malicious node in the cases when the node lunch DoS attack by broadcast a large number of route requests, or make Target traffic congestion by delivering huge mount of data; or spoof the IP addresses and send forge packets with a fake ID to the same Target causing traffic congestion at that destination. We have implemented IDMA algorism using the GloMoSim simulator and have demonstrated its performance under a variety of
Mitra, Sushmita; Das, Ranajit; Hayashi, Yoichi
The analysis of gene regulatory networks provides enormous information on various fundamental cellular processes involving growth, development, hormone secretion, and cellular communication. Their extraction from available gene expression profiles is a challenging problem. Such reverse engineering of genetic networks offers insight into cellular activity toward prediction of adverse effects of new drugs or possible identification of new drug targets. Tasks such as classification, clustering, and feature selection enable efficient mining of knowledge about gene interactions in the form of networks. It is known that biological data is prone to different kinds of noise and ambiguity. Soft computing tools, such as fuzzy sets, evolutionary strategies, and neurocomputing, have been found to be helpful in providing low-cost, acceptable solutions in the presence of various types of uncertainties. In this paper, we survey the role of these soft methodologies and their hybridizations, for the purpose of generating genetic networks.
Mikalas, Antonis; Komninos, Nikos; Prasad, Neeli R.
This paper proposes a multiplayer game to prevent Distributed Denial of Service attack (DDoS) in ad hoc networks. The multiplayer game is based on game theory and cryptographic puzzles. We divide requests from nodes into separate groups which decreases the ability of malicious nodes to cooperate...... with one another in order to effectively make a DDoS attack. Finally, through our experiments we have shown that the total overhead of the multiplayer game as well as the the total time that each node needs to be served is affordable for devices that have limited resources and for environments like ad hoc...
Khattab M. Ali Alheeti
Full Text Available Vehicular ad hoc networks (VANETs play a vital role in the success of self-driving and semi self-driving vehicles, where they improve safety and comfort. Such vehicles depend heavily on external communication with the surrounding environment via data control and Cooperative Awareness Messages (CAMs exchanges. VANETs are potentially exposed to a number of attacks, such as grey hole, black hole, wormhole and rushing attacks. This work presents an intelligent Intrusion Detection System (IDS that relies on anomaly detection to protect the external communication system from grey hole and rushing attacks. These attacks aim to disrupt the transmission between vehicles and roadside units. The IDS uses features obtained from a trace file generated in a network simulator and consists of a feed-forward neural network and a support vector machine. Additionally, the paper studies the use of a novel systematic response, employed to protect the vehicle when it encounters malicious behaviour. Our simulations of the proposed detection system show that the proposed schemes possess outstanding detection rates with a reduction in false alarms. This safe mode response system has been evaluated using four performance metrics, namely, received packets, packet delivery ratio, dropped packets and the average end to end delay, under both normal and abnormal conditions.
El-Sayed M. El-Alfy
Full Text Available With the proliferation of wireless and mobile network infrastructures and capabilities, a wide range of exploitable vulnerabilities emerges due to the use of multivendor and multidomain cross-network services for signaling and transport of Internet- and wireless-based data. Consequently, the rates and types of cyber-attacks have grown considerably and current security countermeasures for protecting information and communication may be no longer sufficient. In this paper, we investigate a novel methodology based on multicriterion decision making and fuzzy classification that can provide a viable second-line of defense for mitigating cyber-attacks. The proposed approach has the advantage of dealing with various types and sizes of attributes related to network traffic such as basic packet headers, content, and time. To increase the effectiveness and construct optimal models, we augmented the proposed approach with a genetic attribute selection strategy. This allows efficient and simpler models which can be replicated at various network components to cooperatively detect and report malicious behaviors. Using three datasets covering a variety of network attacks, the performance enhancements due to the proposed approach are manifested in terms of detection errors and model construction times.
Gruschka, Nils; Jensen, Meiko
The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....
Puchaty, Ethan M.
In UAV-based sensor networks, an emerging area of interest is the performance of these networks under cyber attack. This study seeks to evaluate the performance trade-offs from a System-of-Systems (SoS) perspective between various UAV communications architecture options in the context two missions: tracking ballistic missiles and tracking insurgents. An agent-based discrete event simulation is used to model a sensor communication network consisting of UAVs, military communications satellites, ground relay stations, and a mission control center. Network susceptibility to cyber attack is modeled with probabilistic failures and induced data variability, with performance metrics focusing on information availability, latency, and trustworthiness. Results demonstrated that using UAVs as routers increased network availability with a minimal latency penalty and communications satellite networks were best for long distance operations. Redundancy in the number of links between communication nodes helped mitigate cyber-caused link failures and add robustness in cases of induced data variability by an adversary. However, when failures were not independent, redundancy and UAV routing were detrimental in some cases to network performance. Sensitivity studies indicated that long cyber-caused downtimes and increasing failure dependencies resulted in build-ups of failures and caused significant degradations in network performance.
He, Daojing; Chen, Chun; Chan, Sammy; Bu, Jiajun; Vasilakos, Athanasios V
Wireless medical sensor networks (MSNs) enable ubiquitous health monitoring of users during their everyday lives, at health sites, without restricting their freedom. Establishing trust among distributed network entities has been recognized as a powerful tool to improve the security and performance of distributed networks such as mobile ad hoc networks and sensor networks. However, most existing trust systems are not well suited for MSNs due to the unique operational and security requirements of MSNs. Moreover, similar to most security schemes, trust management methods themselves can be vulnerable to attacks. Unfortunately, this issue is often ignored in existing trust systems. In this paper, we identify the security and performance challenges facing a sensor network for wireless medical monitoring and suggest it should follow a two-tier architecture. Based on such an architecture, we develop an attack-resistant and lightweight trust management scheme named ReTrust. This paper also reports the experimental results of the Collection Tree Protocol using our proposed system in a network of TelosB motes, which show that ReTrust not only can efficiently detect malicious/faulty behaviors, but can also significantly improve the network performance in practice.
Meng, Weizhi; Li, Wenjuan; Xiang, Yang
and experience for both patients and healthcare workers, and the underlying network architecture to support such devices is also referred to as medical smartphone networks (MSNs). MSNs, similar to other networks, are subject to a wide range of attacks (e.g. leakage of sensitive patient information by a malicious...... insider). In this work, we focus on MSNs and present a compact but efficient trust-based approach using Bayesian inference to identify malicious nodes in such an environment. We then demonstrate the effectiveness of our approach in detecting malicious nodes by evaluating the deployment of our proposed...
Creixell, Pau; Schoof, Erwin M; Simpson, Craig D.
Cancer cells acquire pathological phenotypes through accumulation of mutations that perturb signaling networks. However, global analysis of these events is currently limited. Here, we identify six types of network-attacking mutations (NAMs), including changes in kinase and SH2 modulation, network...... and experimentally validated several NAMs, including PKCγ M501I and PKD1 D665N, which encode specificity switches analogous to the appearance of kinases de novo within the kinome. We discover mutant molecular logic gates, a drift toward phospho-threonine signaling, weakening of phosphorylation motifs, and kinase...
Full Text Available With the rapid development of WLAN, more and more schools and businesses have begun to provide the WLAN for users. However, WLAN is considerably more susceptible to MitM (man- in-the-middle attack. To overcome it, we propose a dynamic password technology named Two-way Dynamic Authentication Technology (TDAT. It uses two-factor during the initial authentication, and uses a two-way hash chain during the cross-domain authentication. TDAT effectively protects users' authentication credentials and improves users' experience. In an actual wireless network environment, we implement a MitM attack framework based on Rogue AP. Then we effectively prevent this MitM attack by using TDAT. Moreover we analyze the security of TDAT by using BAN logic.
Full Text Available In wireless network communications, radio waves travel through free space; hence, the information reaches any receiving point with appropriate radio receivers. This aspect makes the wireless networks vulnerable to various types of attacks. A true understanding of these attacks provides better ability to defend the network against the attacks, thus eliminating potential threats from the wireless systems. This work presents a series of cyberwar laboratory exercises that are designed for IEEE 802.11 wireless networks security courses. The exercises expose different aspects of violations in security such as confidentiality, privacy, availability, and integrity. The types of attacks include traffic analysis, rogue access point, MAC filtering, replay, man-in-the-middle, and denial of service attacks. For each exercise, the materials are presented as open-source tools along with descriptions of the respective methods, procedures, and penetration techniques.
Full Text Available Internal attack is a crucial security problem of WSN (wireless sensor network. In this paper, we focus on the internal attack detection which is an important way to locate attacks. We propose a state transition model, based on the continuous time Markov chain (CTMC, to study the behaviors of the sensors in a WSN under internal attack. Then we conduct the internal attack detection model as the epidemiological model. In this model, we explore the detection rate as the rate of a compromised state transition to a response state. By using the Bellman equation, the utility for the state transitions of a sensor can be written in standard forms of dynamic programming. It reveals a natural way to find the optimal detection rate that is by maximizing the total utility of the compromised state of the node (the sum of current utility and future utility. In particular, we encapsulate the current state, survivability, availability, and energy consumption of the WSN into an information set. We conduct extensive experiments and the results show the effectiveness of our solutions.
Markov networks and other probabilistic graphical modes have recently received an upsurge in attention from Evolutionary computation community, particularly in the area of Estimation of distribution algorithms (EDAs). EDAs have arisen as one of the most successful experiences in the application of machine learning methods in optimization, mainly due to their efficiency to solve complex real-world optimization problems and their suitability for theoretical analysis. This book focuses on the different steps involved in the conception, implementation and application of EDAs that use Markov networks, and undirected models in general. It can serve as a general introduction to EDAs but covers also an important current void in the study of these algorithms by explaining the specificities and benefits of modeling optimization problems by means of undirected probabilistic models. All major developments to date in the progressive introduction of Markov networks based EDAs are reviewed in the book. Hot current researc...
Otis, Jeremy R.; Berman, Dustin; Butts, Jonathan; Lopez, Juan
Industrial Control Systems (ICS) monitor and control operations associated with the national critical infrastructure (e.g., electric power grid, oil and gas pipelines and water treatment facilities). These systems rely on technologies and architectures that were designed for system reliability and availability. Security associated with ICS was never an inherent concern, primarily due to the protections afforded by network isolation. However, a trend in ICS operations is to migrate to commercial networks via TCP/IP in order to leverage commodity benefits and cost savings. As a result, system vulnerabilities are now exposed to the online community. Indeed, recent research has demonstrated that many exposed ICS devices are being discovered using readily available applications (e.g., ShodanHQ search engine and Google-esque queries). Due to the lack of security and logging capabilities for ICS, most knowledge about attacks are derived from real world incidents after an attack has already been carried out and the damage has been done. This research provides a method for introducing sensors into the ICS environment that collect information about network-based attacks. The sensors are developed using an inexpensive Gumstix platform that can be deployed and incorporated with production systems. Data obtained from the sensors provide insight into attack tactics (e.g., port scans, Nessus scans, Metasploit modules, and zero-day exploits) and characteristics (e.g., attack origin, frequency, and level of persistence). Findings enable security professionals to draw an accurate, real-time awareness of the threats against ICS devices and help shift the security posture from reactionary to preventative.
Peng, Chi Han; Yang, Yong Liang; Bao, Fan; Fink, Daniel; Yan, Dongming; Wonka, Peter; Mitra, Niloy J.
of people in a workspace. Designing such networks from scratch is challenging as even local network changes can have large global effects. We investigate how to computationally create networks starting from only high-level functional specifications
Beals, Diane E.
Discusses the use of communication on computer networks as a data source for psychological, social, and linguistic research. Differences between computer-mediated communication and face-to-face communication are described, the Beginning Teacher Computer Network is discussed, and examples of network conversations are appended. (28 references) (LRW)
...) To improve the quality of education in the existing courses related to computer networks and data communications as well as other computer science courses such programming languages and computer...
Mina Malekzadeh; M.A. Beiruti; M.H. Shahrokh Abadi
The Internet and Web have significantly transformed the world’s communication system. The capability of the Internet to instantly access information at anytime from anywhere has brought benefit for a wide variety of areas including business, government, education, institutions, medical, and entertainment services. However, the Internet has also opened up the possibilities for hackers to exploit flaws and limitations in the target networks to attack and break in without gaining physical access...
Hoang, Nguyen Phong
After carefully considering the scalability problem in Tor and exhaustively evaluating related works on AS-level adversaries, the author proposes ASmoniTor, which is an autonomous system monitor for mitigating correlation attacks in the Tor network. In contrast to prior works, which often released offline packets, including the source code of a modified Tor client and a snapshot of the Internet topology, ASmoniTor is an online system that assists end users with mitigating the threat of AS-lev...
Wang, Yu; Xie, Lin; Li, Wenjuan
Nowadays, cyber threats (e.g., intrusions) are distributed across various networks with the dispersed networking resources. Intrusion detection systems (IDSs) have already become an essential solution to defend against a large amount of attacks. With the development of cloud computing, a modern IDS...
Arachchilage, Nalin Asanka Gamagedara; Cole, Melissa
This research aims to design an educational mobile game for home computer users to prevent from phishing attacks. Phishing is an online identity theft which aims to steal sensitive information such as username, password and online banking details from victims. To prevent this, phishing education needs to be considered. Mobile games could facilitate to embed learning in a natural environment. The paper introduces a mobile game design based on a story which is simplifying and exaggerating real ...
Koudstaal, P. J.; van Gijn, J.; Lodder, J.; Frenken, W. G.; Vermeulen, M.; Franke, C. L.; Hijdra, A.; Bulens, C.
We prospectively studied clinical and computed tomographic (CT) scan findings in 79 patients with a transient ischemic attack (TIA) and a relevant cerebral infarction on CT, also known as cerebral infarction with transient signs (CITS). We compared the results with those of 527 concurrent patients
Full Text Available The existing power grid is going through a massive transformation. Smart grid technology is a radical approach for improvisation in prevailing power grid. Integration of electrical and communication infrastructure is inevitable for the deployment of Smart grid network. Smart grid technology is characterized by full duplex communication, automatic metering infrastructure, renewable energy integration, distribution automation and complete monitoring and control of entire power grid. Wireless sensor networks (WSNs are small micro electrical mechanical systems that are deployed to collect and communicate the data from surroundings. WSNs can be used for monitoring and control of smart grid assets. Security of wireless sensor based communication network is a major concern for researchers and developers. The limited processing capabilities of wireless sensor networks make them more vulnerable to cyber-attacks. The countermeasures against cyber-attacks must be less complex with an ability to offer confidentiality, data readiness and integrity. The address oriented design and development approach for usual communication network requires a paradigm shift to design data oriented WSN architecture. WSN security is an inevitable part of smart grid cyber security. This paper is expected to serve as a comprehensive assessment and analysis of communication standards, cyber security issues and solutions for WSN based smart grid infrastructure.
Please note this is a Short Discount publication. Since the first microcomputer local networks of the late 1970's and early 80's, personal computer LANs have expanded in popularity, especially since the introduction of IBMs first PC in 1981. The late 1980s has seen a maturing in the industry with only a few vendors maintaining a large share of the market. This report is intended to give the reader a thorough understanding of the technology used to build these systems ... from cable to chips ... to ... protocols to servers. The report also fully defines PC LANs and the marketplace, with in-
Full Text Available Secure localization under different forms of attack has become an essential task in wireless sensor networks. Despite the significant research efforts in detecting the malicious nodes, the problem of localization attack type recognition has not yet been well addressed. Motivated by this concern, we propose a novel exchange-based attack classification algorithm. This is achieved by a distributed expectation maximization extractor integrated with the PECPR-MKSVM classifier. First, the mixed distribution features based on the probabilistic modeling are extracted using a distributed expectation maximization algorithm. After feature extraction, by introducing the theory from support vector machine, an extensive contractive Peaceman-Rachford splitting method is derived to build the distributed classifier that diffuses the iteration calculation among neighbor sensors. To verify the efficiency of the distributed recognition scheme, four groups of experiments were carried out under various conditions. The average success rate of the proposed classification algorithm obtained in the presented experiments for external attacks is excellent and has achieved about 93.9% in some cases. These testing results demonstrate that the proposed algorithm can produce much greater recognition rate, and it can be also more robust and efficient even in the presence of excessive malicious scenario.
Two important aspects of the Internet, namely the properties of its topology and the characteristics of its data traffic, have attracted growing attention of the physics community. My thesis has considered problems of both aspects. First I studied the stochastic behavior of TCP, the primary algorithm governing traffic in the current Internet, in an elementary network scenario consisting of a standalone infinite-sized buffer and an access link. The effect of the fast recovery and fast retransmission (FR/FR) algorithms is also considered. I showed that my model can be extended further to involve the effect of link propagation delay, characteristic of WAN. I continued my thesis with the investigation of finite-sized semi-bottleneck buffers, where packets can be dropped not only at the link, but also at the buffer. I demonstrated that the behavior of the system depends only on a certain combination of the parameters. Moreover, an analytic formula was derived that gives the ratio of packet loss rate at the buffer to the total packet loss rate. This formula makes it possible to treat buffer-losses as if they were link-losses. Finally, I studied computer networks from a structural perspective. I demonstrated through fluid simulations that the distribution of resources, specifically the link bandwidth, has a serious impact on the global performance of the network. Then I analyzed the distribution of edge betweenness in a growing scale-free tree under the condition that a local property, the in-degree of the "younger" node of an arbitrary edge, is known in order to find an optimum distribution of link capacity. The derived formula is exact even for finite-sized networks. I also calculated the conditional expectation of edge betweenness, rescaled for infinite networks.
Brown, Robert L.
A problem in computer security is identification of attack signatures in network packets. An attack signature is a pattern of bits that characterizes a particular attack. Because there are many kinds of attacks, there are potentially many attack signatures. Furthermore, attackers may seek to avoid detection by altering the attack mechanism so that…
Parfenov, D. I.; Bolodurina, I. P.
The article presents the results of developing an approach to detecting and protecting against network attacks on the corporate infrastructure deployed on the multi-cloud platform. The proposed approach is based on the combination of two technologies: a softwareconfigurable network and virtualization of network functions. The approach for searching for anomalous traffic is to use a hybrid neural network consisting of a self-organizing Kohonen network and a multilayer perceptron. The study of the work of the prototype of the system for detecting attacks, the method of forming a learning sample, and the course of experiments are described. The study showed that using the proposed approach makes it possible to increase the effectiveness of the obfuscation of various types of attacks and at the same time does not reduce the performance of the network
... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...
Full Text Available As a kind of unwelcome, unavoidable, and malicious behavior, distributed denial of service (DDoS is an ongoing issue in today’s Internet as well as in some newly conceived future Internet architectures. Recently, a first step was made towards assessing DDoS attacks in Named Data Networking (NDN—one of the promising Internet architectures in the upcoming big data era. Among them, interest flooding attack (IFA becomes one of the main serious problems. Enlightened by the extensive study on the possibility of mitigating DDoS in today’s Internet by employing micropayments, in this paper we address the possibility of introducing economic levers, say, dynamic pricing mechanism, and so forth, for regulating IFA in NDN.
Bennett, Kevin B; Bryant, Adam; Sushereba, Christen
A prototype ecological interface for computer network defense (CND) was developed. Concerns about CND run high. Although there is a vast literature on CND, there is some indication that this research is not being translated into operational contexts. Part of the reason may be that CND has historically been treated as a strictly technical problem, rather than as a socio-technical problem. The cognitive systems engineering (CSE)/ecological interface design (EID) framework was used in the analysis and design of the prototype interface. A brief overview of CSE/EID is provided. EID principles of design (i.e., direct perception, direct manipulation and visual momentum) are described and illustrated through concrete examples from the ecological interface. Key features of the ecological interface include (a) a wide variety of alternative visual displays, (b) controls that allow easy, dynamic reconfiguration of these displays, (c) visual highlighting of functionally related information across displays, (d) control mechanisms to selectively filter massive data sets, and (e) the capability for easy expansion. Cyber attacks from a well-known data set are illustrated through screen shots. CND support needs to be developed with a triadic focus (i.e., humans interacting with technology to accomplish work) if it is to be effective. Iterative design and formal evaluation is also required. The discipline of human factors has a long tradition of success on both counts; it is time that HF became fully involved in CND. Direct application in supporting cyber analysts.
Full Text Available BACKGROUND: Transient ischemic attack (TIA is usually defined as a neurologic ischemic disorder without permanent cerebral infarction. Studies have showed that patients with TIA can have lasting cognitive functional impairment. Inherent brain activity in the resting state is spatially organized in a set of specific coherent patterns named resting state networks (RSNs, which epitomize the functional architecture of memory, language, attention, visual, auditory and somato-motor networks. Here, we aimed to detect differences in RSNs between TIA patients and healthy controls (HCs. METHODS: Twenty one TIA patients suffered an ischemic event and 21 matched HCs were enrolled in the study. All subjects were investigated using cognitive tests, psychiatric tests and functional magnetic resonance imaging (fMRI. Independent component analysis (ICA was adopted to acquire the eight brain RSNs. Then one-sample t-tests were calculated in each group to gather the spatial maps of each RSNs, followed by second level analysis to investigate statistical differences on RSNs between twenty one TIA patients and 21 controls. Furthermore, a correlation analysis was performed to explore the relationship between functional connectivity (FC and cognitive and psychiatric scales in TIA group. RESULTS: Compared with the controls, TIA patients exhibited both decreased and increased functional connectivity in default mode network (DMN and self-referential network (SRN, and decreased functional connectivity in dorsal attention network (DAN, central-executive network (CEN, core network (CN, somato-motor network (SMN, visual network (VN and auditory network (AN. There was no correlation between neuropsychological scores and functional connectivity in regions of RSNs. CONCLUSIONS: We observed selective impairments of RSN intrinsic FC in TIA patients, whose all eight RSNs had aberrant functional connectivity. These changes indicate that TIA is a disease with widely abnormal brain
Hancock, D. W.; Shirk, H. G.
In general, networking increases productivity due to the speed of transmission, easy access to remote computers, ability to share files, and increased availability of peripherals. Two different networks within the Observational Science Branch are described in detail.
Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For
To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which are utili......To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which...... are utilized by insider attacks (e.g., betrayal attacks). In our previous research, we developed a notion of intrusion sensitivity and identified that it can help improve the detection of insider attacks, whereas it is still a challenge for these nodes to automatically assign the values. In this article, we...... of intrusion sensitivity based on expert knowledge. In the evaluation, we compare the performance of three different supervised classifiers in assigning sensitivity values and investigate our trust model under different attack scenarios and in a real wireless sensor network. Experimental results indicate...
Peterson, Larry L
Computer Networks, 4E is the only introductory computer networking book written by authors who have had first-hand experience with many of the protocols discussed in the book, who have actually designed some of them as well, and who are still actively designing the computer networks today. This newly revised edition continues to provide an enduring, practical understanding of networks and their building blocks through rich, example-based instruction. The authors' focus is on the why of network design, not just the specifications comprising today's systems but how key technologies and p
B. S. Awoyemi
Full Text Available Network failures are undesirable but inevitable occurrences for most modern communication and computing networks. A good network design must be robust enough to handle sudden failures, maintain traffic flow, and restore failed parts of the network within a permissible time frame, at the lowest cost achievable and with as little extra complexity in the network as possible. Emerging next-generation (xG communication and computing networks such as fifth-generation networks, software-defined networks, and internet-of-things networks have promises of fast speeds, impressive data rates, and remarkable reliability. To achieve these promises, these complex and dynamic xG networks must be built with low failure possibilities, high network restoration capacity, and quick failure recovery capabilities. Hence, improved network restoration models have to be developed and incorporated in their design. In this paper, a comprehensive study on network restoration mechanisms that are being developed for addressing network failures in current and emerging xG networks is carried out. Open-ended problems are identified, while invaluable ideas for better adaptation of network restoration to evolving xG communication and computing paradigms are discussed.
Sun Qiong; Min Liu; Shiming Pang
With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed me...
Lu, Zhaojun; Li, Dongfang; Liu, Hailong; Gong, Mingyang; Liu, Zhenglin
Wireless sensor networks (WSNs) are an emerging technology employed in some crucial applications. However, limited resources and physical exposure to attackers make security a challenging issue for a WSN. Ring oscillator-based physical unclonable function (RO PUF) is a potential option to protect the security of sensor nodes because it is able to generate random responses efficiently for a key extraction mechanism, which prevents the non-volatile memory from storing secret keys. In order to deploy RO PUF in a WSN, hardware efficiency, randomness, uniqueness, and reliability should be taken into account. Besides, the resistance to electromagnetic (EM) analysis attack is important to guarantee the security of RO PUF itself. In this paper, we propose a novel architecture of configurable RO PUF based on exclusive-or (XOR) gates. First, it dramatically increases the hardware efficiency compared with other types of RO PUFs. Second, it mitigates the vulnerability to EM analysis attack by placing the adjacent RO arrays in accordance with the cosine wave and sine wave so that the frequency of each RO cannot be detected. We implement our proposal in XINLINX A-7 field programmable gate arrays (FPGAs) and conduct a set of experiments to evaluate the quality of the responses. The results show that responses pass the National Institute of Standards and Technology (NIST) statistical test and have good uniqueness and reliability under different environments. Therefore, the proposed configurable RO PUF is suitable to establish a key extraction mechanism in a WSN.
Miralem Mehic; Jiri Slachta; Miroslav Voznak
Denial of service (DoS) attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS) attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes o...
Klotz, Johannes; Bossert, Martin; Schober, Steffen
In this paper we present an algorithm based on the sum-product algorithm that finds elements in the preimage of a feed-forward Boolean networks given an output of the network. Our probabilistic method runs in linear time with respect to the number of nodes in the network. We evaluate our algorithm for randomly constructed Boolean networks and a regulatory network of Escherichia coli and found that it gives a valid solution in most cases.
Nunes Leal Franqueira, V.; Lopes, Raul H.C.
This paper presents an evolutionary approach for learning attack specifications that describe attack scenarios. The objective is to find vulnerabilities in computer networks which minimise the cost of an attack with maximum impact. Although we focus on Insider Threat, the proposed approach applies
The book focuses on mobile agents, which are computer programs that can autonomously migrate between network sites. This text introduces the concepts and principles of mobile agents, provides an overview of mobile agent technology, and focuses on applications in networking and distributed computing.
Hussein, Ahmed Abdulqader; Rahman, Tharek A; Leow, Chee Yen
Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks.
Full Text Available Intrusions are becoming more complicated with the recent development of adversarial techniques. To boost the detection accuracy of a separate intrusion detector, the collaborative intrusion detection network (CIDN has thus been developed by allowing intrusion detection system (IDS nodes to exchange data with each other. Insider attacks are a great threat for such types of collaborative networks, where an attacker has the authorized access within the network. In literature, a challenge-based trust mechanism is effective at identifying malicious nodes by sending challenges. However, such mechanisms are heavily dependent on two assumptions, which would cause CIDNs to be vulnerable to advanced insider attacks in practice. In this work, we investigate the influence of advanced on–off attacks on challenge-based CIDNs, which can respond truthfully to one IDS node but behave maliciously to another IDS node. To evaluate the attack performance, we have conducted two experiments under a simulated and a real CIDN environment. The obtained results demonstrate that our designed attack is able to compromise the robustness of challenge-based CIDNs in practice; that is, some malicious nodes can behave untruthfully without a timely detection.
Abdulqader Hussein, Ahmed; Rahman, Tharek A.; Leow, Chee Yen
Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks. PMID:26690159
Haldar, Kaushik; Mishra, Bimal Kumar
A mathematical model has been formulated for the analysis of a wireless epidemic on a clustered heterogeneous network. The model introduces mobility into the epidemic framework assuming that the component nodes have a tendency to be attached with a frequently visited home cluster. This underlines the inherent regularity in the mobility pattern of mobile nodes in a wireless network. The analysis focuses primarily on features that arise because of the mobility considerations compared in the larger scenario formed by the epidemic aspects. A result on the invariance of the home cluster populations with respect to time provides an important view-point of the long-term behavior of the system. The analysis also focuses on obtaining a basic threshold condition that guides the epidemic behavior of the system. Analytical as well as numerical results have also been obtained to establish the asymptotic behavior of the connected components of the network, and that of the whole network when the underlying graph turns out to be irreducible. Applications to proximity based attacks and to scenarios with high cluster density have also been outlined
Backend Distributed Datastore High-‐level Objec.ve Network Policy Perf. Metrics SNAT IP Alloca.on Controller...azure.microsoft.com/. 114  Microsoft Azure ExpressRoute. http://azure.microsoft.com/en-us/ services/expressroute/.  Mobility and Networking...Networking Technologies, Services, and Protocols; Performance of Computer and Commu- nication Networks; Mobile and Wireless Communications Systems
Network Coding (NC) is a technique that can provide benefits in many types of networks, some examples from wireless networks are: In relay networks, either the physical or the data link layer, to reduce the number of transmissions. In reliable multicast, to reduce the amount of signaling and enable......-flow coding technique. One of the key challenges of this technique is its inherent computational complexity which can lead to high computational load and energy consumption in particular on the mobile platforms that are the target platform in this work. To increase the coding throughput several...
Peng, Chi Han
Connectivity and layout of underlying networks largely determine agent behavior and usage in many environments. For example, transportation networks determine the flow of traffic in a neighborhood, whereas building floorplans determine the flow of people in a workspace. Designing such networks from scratch is challenging as even local network changes can have large global effects. We investigate how to computationally create networks starting from only high-level functional specifications. Such specifications can be in the form of network density, travel time versus network length, traffic type, destination location, etc. We propose an integer programming-based approach that guarantees that the resultant networks are valid by fulfilling all the specified hard constraints and that they score favorably in terms of the objective function. We evaluate our algorithm in two different design settings, street layout and floorplans to demonstrate that diverse networks can emerge purely from high-level functional specifications.
Asakawa, E; Tsuru, T [Japan National Oil Corp., Tokyo (Japan); Matsuoka, T [Japan Petroleum Exploration Co. Ltd., Tokyo (Japan)
This paper describes the trend of parallel computers used in geophysical exploration. Around 1993 was the early days when the parallel computers began to be used for geophysical exploration. Classification of these computers those days was mainly MIMD (multiple instruction stream, multiple data stream), SIMD (single instruction stream, multiple data stream) and the like. Parallel computers were publicized in the 1994 meeting of the Geophysical Exploration Society as a `high precision imaging technology`. Concerning the library of parallel computers, there was a shift to PVM (parallel virtual machine) in 1993 and to MPI (message passing interface) in 1995. In addition, the compiler of FORTRAN90 was released with support implemented for data parallel and vector computers. In 1993, networks used were Ethernet, FDDI, CDDI and HIPPI. In 1995, the OC-3 products under ATM began to propagate. However, ATM remains to be an interoffice high speed network because the ATM service has not spread yet for the public network. 1 ref.
Full Text Available In recent years, the robots, especially heavy-duty robots, have become the hardest-hit areas for targeted attacks. These attacks come from both the cyber-domain and the physical-domain. In order to improve the security of heavy-duty robots, this paper proposes a detection and mitigation mechanism which based on improved deep belief networks (IDBN and dynamic model. The detection mechanism consists of two parts: (1 IDBN security checks, which can detect targeted attacks from the cyber-domain; (2 Dynamic model and security detection, used to detect the targeted attacks which can possibly lead to a physical-domain damage. The mitigation mechanism was established on the base of the detection mechanism and could mitigate transient and discontinuous attacks. Moreover, a test platform was established to carry out the performance evaluation test for the proposed mechanism. The results show that, the detection accuracy for the attack of the cyber-domain of IDBN reaches 96.2%, and the detection accuracy for the attack of physical-domain control commands reaches 94%. The performance evaluation test has verified the reliability and high efficiency of the proposed detection and mitigation mechanism for heavy-duty robots.
Brockner, Blake; Veal, Charlie; Dowdy, Joshua; Anderson, Derek T.; Williams, Kathryn; Luke, Robert; Sheen, David
The identification followed by avoidance or removal of explosive hazards in past and/or present conflict zones is a serious threat for both civilian and military personnel. This is a challenging task as variability exists with respect to the objects, their environment and emplacement context, to name a few factors. A goal is the development of automatic or human-in-the-loop sensor technologies that leverage signal processing, data fusion and machine learning. Herein, we explore the detection of side attack explosive hazards (SAEHs) in three dimensional voxel space radar via different shallow and deep convolutional neural network (CNN) architectures. Dimensionality reduction is performed by using multiple projected images versus the raw three dimensional voxel data, which leads to noteworthy savings in input size and associated network hyperparameters. Last, we explore the accuracy and interpretation of solutions learned via random versus intelligent network weight initialization. Experiments are provided on a U.S. Army data set collected over different times, weather conditions, target types and concealments. Preliminary results indicate that deep learning can perform as good as, if not better, than a skilled domain expert, even in light of limited training data with a class imbalance.
Merve Nilay Aydın
Full Text Available Wireless Sensor Networks is consist of thousands of small and low-cost devices, which communicate over wireless medium. Due to locating in harsh environment and having limited resources, WSN is prone to various attacks. One of the most dangerous attacks threatening WSN is the sinkhole attack. In this paper, sinkhole attack is modelled on a cluster-based WSN, and a centralized detection algorithm based on the remaining energies of the nodes is proposed. The simulations were run for different values of energy thresholds and various numbers of nodes. The performance of the system was investigated over total energy consumption in the system, the number of packets arrived at base station and true detection rate of the sinkhole node(s. The results showed that the proposed method is energy-efficient and detects the malicious nodes with a 100% accuracy for all number of nodes.
Full Text Available Mobile Ad hoc Network is stated as a cluster that contains Digital data terminals and they are furnished with the wireless transceivers which are able to communicate with each other with no need of any fixed architecture or concentrated authority. Security is one of the major issues in MANETs because of vast applications such as Military Battlefields, emergency and rescue operations. In order to provide anonymous communications and to identify the malicious nodes in MANETs, many authors have proposed different secure routing protocols but each protocol have their own advantages and disadvantages. In MANTE’s each and every node in the communicating network functions like router and transmits the packets among the networking nodes for the purpose of communication. Sometimes nodes may be attacked by the malicious nodes or the legitimate node will be caught by foemen there by controlling and preventing the nodes to perform the assigned task or nodes may be corrupted due to loss of energy. So, due to these drawbacks securing the network under the presence of adversaries is an important thing. The existing protocols were designed with keeping anonymity and the identification of vicious nodes in the network as the main goal. For providing better security, the anonymity factors such as Unidentifiability and Unlinkability must be fully satisfied. Many anonymous routing schemes that concentrate on achieving anonymity are proposed in the past decade and they provides the security at different levels and also provides the privacy protection that is of different cost. In this paper we consider a protocol called Authenticated Secure Routing Protocol proposed which provides both security & anonymity. Anonymity is achieved in this protocol using Group signature. Over all by using this protocol performance in terms of throughput as well as the packet dropping rate is good compared to the other living protocols.
Kurokawa, Shinichi; Akiyama, Atsuyoshi; Katoh, Tadahiko; Kikutani, Eiji; Koiso, Haruyo; Oide, Katsunobu; Shinomoto, Manabu; Kurihara, Michio; Abe, Kenichi
Twenty-four minicomputers forming an N-to-N token-ring network control the TRISTAN accelerator complex. The computers are linked by optical fiber cables with 10 Mbps transmission speed. The software system is based on NODAL, a multicomputer interpretive language developed at the CERN SPS. The high-level services offered to the users of the network are remote execution by the EXEC, EXEC-P and IMEX commands of NODAL and uniform file access throughout the system. The network software was designed to achieve the fast response of the EXEC command. The performance of the network is also reported. Tasks that overload the minicomputers are processed on the KEK central computers. One minicomputer in the network serves as a gateway to KEKNET, which connects the minicomputer network and the central computers. The communication with the central computers is managed within the framework of the KEK NODAL system. NODAL programs communicate with the central computers calling NODAL functions; functions for exchanging data between a data set on the central computers and a NODAL variable, submitting a batch job to the central computers, checking the status of the submitted job, etc. are prepared. (orig.)
Cao, Yuan; Zhao, Xiaojin; Ye, Wenbin; Han, Qingbang; Pan, Xiaofang
Authentication is a crucial security service for the wireless sensor networks (WSNs) in versatile domains. The deployment of WSN devices in the untrusted open environment and the resource-constrained nature make the on-chip authentication an open challenge. The strong physical unclonable function (PUF) came in handy as light-weight authentication security primitive. In this paper, we present the first ring oscillator (RO) based strong physical unclonable function (PUF) with high resilience to both the electromagnetic (EM) side-channel attack and the support vector machine (SVM) modelling attack. By employing an RO based PUF architecture with the current starved inverter as the delay cell, the oscillation power is significantly reduced to minimize the emitted EM signal, leading to greatly enhanced immunity to the EM side-channel analysis attack. In addition, featuring superior reconfigurability due to the conspicuously simplified circuitries, the proposed implementation is capable of withstanding the SVM modelling attack by generating and comparing a large number of RO frequency pairs. The reported experimental results validate the prototype of a 9-stage RO PUF fabricated using standard 65 nm complementary-metal-oxide-semiconductor (CMOS) process. Operating at the supply voltage of 1.2 V and the frequency of 100 KHz, the fabricated RO PUF occupies a compact silicon area of 250 μ m 2 and consumes a power as low as 5.16 μ W per challenge-response pair (CRP). Furthermore, the uniqueness and the worst-case reliability are measured to be 50.17% and 98.30% for the working temperature range of -40∼120 ∘ C and the supply voltage variation of ±2%, respectively. Thus, the proposed PUF is applicable for the low power, low cost and secure WSN communications.
Full Text Available Due to the scattered nature of DDoS attacks and advancement of new technologies such as cloud-assisted WBAN, it becomes challenging to detect malicious activities by relying on conventional security mechanisms. The detection of such attacks demands an adaptive and incremental learning classifier capable of accurate decision making with less computation. Hence, the DDoS attack detection using existing machine learning techniques requires full data set to be stored in the memory and are not appropriate for real-time network traffic. To overcome these shortcomings, Very Fast Decision Tree (VFDT algorithm has been proposed in the past that can handle high speed streaming data efficiently. Whilst considering the data generated by WBAN sensors, noise is an obvious aspect that severely affects the accuracy and increases false alarms. In this paper, an enhanced VFDT (EVFDT is proposed to efficiently detect the occurrence of DDoS attack in cloud-assisted WBAN. EVFDT uses an adaptive tie-breaking threshold for node splitting. To resolve the tree size expansion under extreme noise, a lightweight iterative pruning technique is proposed. To analyze the performance of EVFDT, four metrics are evaluated: classification accuracy, tree size, time, and memory. Simulation results show that EVFDT attains significantly high detection accuracy with fewer false alarms.
Chan, Ke Fai Peter
Full Text Available study was performed, using the Common Open Research Emulator (CORE), to generate the necessary network simulation data. The simulation data was analysed, and then transformed into linked data. The result of the transformation is a data file that adheres...
Dalphin, John F.
The GSFC Computer Network Environment provides a broadband RF cable between campus buildings and ethernet spines in buildings for the interlinking of Local Area Networks (LANs). This system provides terminal and computer linkage among host and user systems thereby providing E-mail services, file exchange capability, and certain distributed computing opportunities. The Environment is designed to be transparent and supports multiple protocols. Networking at Goddard has a short history and has been under coordinated control of a Network Steering Committee for slightly more than two years; network growth has been rapid with more than 1500 nodes currently addressed and greater expansion expected. A new RF cable system with a different topology is being installed during summer 1989; consideration of a fiber optics system for the future will begin soon. Summmer study was directed toward Network Steering Committee operation and planning plus consideration of Center Network Environment analysis and modeling. Biweekly Steering Committee meetings were attended to learn the background of the network and the concerns of those managing it. Suggestions for historical data gathering have been made to support future planning and modeling. Data Systems Dynamic Simulator, a simulation package developed at NASA and maintained at GSFC was studied as a possible modeling tool for the network environment. A modeling concept based on a hierarchical model was hypothesized for further development. Such a model would allow input of newly updated parameters and would provide an estimation of the behavior of the network.
Unique among computer networking texts, the Seventh Edition of the popular Computer Networking: A Top Down Approach builds on the author’s long tradition of teaching this complex subject through a layered approach in a “top-down manner.” The text works its way from the application layer down toward the physical layer, motivating readers by exposing them to important concepts early in their study of networking. Focusing on the Internet and the fundamentally important issues of networking, this text provides an excellent foundation for readers interested in computer science and electrical engineering, without requiring extensive knowledge of programming or mathematics. The Seventh Edition has been updated to reflect the most important and exciting recent advances in networking.
Stoianov, [No Value; Amari, SI; Giles, CL; Gori, M; Piuri,
The paper presents an experimental study of holistic computations over distributed representations (DRs) of sequences developed by the Recurrent Autoassociative Networks (KAN). Three groups of holistic operators are studied: extracting symbols at fixed position, extracting symbols at a variable
Lakoff & Johnson, 1980) is used as a basic framework for analysing and explaining the occurrence of metaphor in the terminology used by computer networking professionals in the information technology (IT) industry. An analysis of linguistic ...
Full Text Available Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC.
Khan, Suleman; Shiraz, Muhammad; Wahab, Ainuddin Wahid Abdul; Gani, Abdullah; Han, Qi; Rahman, Zulkanain Bin Abdul
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC.
Abdul Wahab, Ainuddin Wahid; Han, Qi; Bin Abdul Rahman, Zulkanain
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC. PMID:25097880
Bemis, C.; Erskine, J.; Franey, M.; Greiner, D.; Hoehn, M.; Kaletka, M.; LeVine, M.; Roberson, R.; Welch, L.
This paper discusses: the state of computer networking within nuclear physics program; network requirements for nuclear physics; management structure; and issues of special interest to the nuclear physics program office
Ren, Shuai; Zhang, Yinfa; Wang, Jingyu; Zhang, Jumei; Rao, Xuejun; Fang, Yuanyuan
The mechanism of high power intra-channel crosstalk attack is analyzed theoretically and the conclusion that power of attack signal and crosstalk coefficient of optical switch are the main factors for which high power intra-channel have destructive effect on quality of legitimate signals is drawn. Effects of high power intra-channel crosstalk attack on quality of legitimate signals and its capability of attack propagation are investigated quantitatively by building the simulation system in VPI software. The results show that legitimate signals through the first and the second stage optical switch are affected by attack and legitimate signal through the third stage optical switch is almost unaffected by attack when power of original attack signal (OAS) is above 20dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB at optical cross connect 1 (OXC1). High power intra-channel crosstalk attack has a certain capability of attack propagation. Attack capability of OAS can be propagated to OXC3 when power of OAS is 27dB more than that of legitimate signals and crosstalk coefficient of optical switch is -20dB. We also find that the secondary attack signal (SAS) does not have capability of attack propagation.
Full Text Available Denial of service (DoS attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes of hiding data or concealing the existing covert channel. In addition, in this paper we analyzed the possibility of detection of such covert communication with the well-known statistical method. Also, we proposed the coordination mechanisms of the attack which may be used. A lot of research has been done in order to describe and prevent DDoS attacks, yet research on steganography on this field is still scarce.
displays active TCP connections, ports on which the computer is listening and their associated PID, Ethernet statistics, the IP routing table, IPv4 ...who find new ways of infiltration rendering the selection of only those few features that worked in the past history to be easily thwarted when faced
van Heerden, R
Full Text Available apparent long after an attack and even then it is sometimes only speculation. For example, the Aggressor can not be determined in a near real-time environment and for some attacks the real power behind the attack is never determined or proven. 2.1 Actor...- tigating the accuracy of various assessment methods. We classify each class as either defined, high, low or not quantifiable. For example, it may not be possi- ble to determine the instigator of an attack (Aggressor), but only that the attack has been...
The properties of computers are discussed, both as separate units and in inter-coupled systems. The main elements of modern processor thechnology are reviewed and the associated peripheral components are disscussed in the light of the prevailling rapid pace of developments. Particular emphais is given to the impact of very large scale integrated circuitry in these developments. Computer networks, and considered in some detail, including comon-carrier and local-area networks and the problem of inter-working is included in the discussion. Components of network systems and the associated technology are also among the topics treated. (orig.)
The properties of computers are discussed, both as separate units and in inter-coupled systems. The main elements of modern processor technology are reviewed and the associated peripheral components are discussed in the light of the prevailing rapid pace of developments. Particular emphasis is given to the impact of very large scale integrated circuitry in these developments. Computer networks are considered in some detail, including common-carrier and local-area networks, and the problem of inter-working is included in the discussion. Components of network systems and the associated technology are also among the topics treated.
This book introduces the concept of autonomic computing driven cooperative networked system design from an architectural perspective. As such it leverages and capitalises on the relevant advancements in both the realms of autonomic computing and networking by welding them closely together. In particular, a multi-faceted Autonomic Cooperative System Architectural Model is defined which incorporates the notion of Autonomic Cooperative Behaviour being orchestrated by the Autonomic Cooperative Networking Protocol of a cross-layer nature. The overall proposed solution not only advocates for the inc
Mohamed Abdallah Elakrat
Full Text Available This article presents a security module based on a field programmable gate array (FPGA to mitigate man-in-the-middle cyber attacks. Nowadays, the FPGA is considered to be the state of the art in nuclear power plants I&C systems due to its flexibility, reconfigurability, and maintainability of the FPGA technology; it also provides acceptable solutions for embedded computing applications that require cybersecurity. The proposed FPGA-based security module is developed to mitigate information-gathering attacks, which can be made by gaining physical access to the network, e.g., a man-in-the-middle attack, using a cryptographic process to ensure data confidentiality and integrity and prevent injecting malware or malicious data into the critical digital assets of a nuclear power plant data communication system. A model-based system engineering approach is applied. System requirements analysis and enhanced function flow block diagrams are created and simulated using CORE9 to compare the performance of the current and developed systems. Hardware description language code for encryption and serial communication is developed using Vivado Design Suite 2017.2 as a programming tool to run the system synthesis and implementation for performance simulation and design verification. Simple windows are developed using Java for physical testing and communication between a personal computer and the FPGA. Keywords: AES-128, Cyber Security, Encryption, Field Programmable Gate Array, I&C
Lacuesta, Raquel; Lloret, Jaime; Sendra, Sandra; Peñalver, Lourdes
Cloud computing helps users and companies to share computing resources instead of having local servers or personal devices to handle the applications. Smart devices are becoming one of the main information processing devices. Their computing features are reaching levels that let them create a mobile cloud computing network. But sometimes they are not able to create it and collaborate actively in the cloud because it is difficult for them to build easily a spontaneous network and configure its parameters. For this reason, in this paper, we are going to present the design and deployment of a spontaneous ad hoc mobile cloud computing network. In order to perform it, we have developed a trusted algorithm that is able to manage the activity of the nodes when they join and leave the network. The paper shows the network procedures and classes that have been designed. Our simulation results using Castalia show that our proposal presents a good efficiency and network performance even by using high number of nodes.
Mills, David L
What started with the sundial has, thus far, been refined to a level of precision based on atomic resonance: Time. Our obsession with time is evident in this continued scaling down to nanosecond resolution and beyond. But this obsession is not without warrant. Precision and time synchronization are critical in many applications, such as air traffic control and stock trading, and pose complex and important challenges in modern information networks.Penned by David L. Mills, the original developer of the Network Time Protocol (NTP), Computer Network Time Synchronization: The Network Time Protocol
Barhen, Jacob; Gulati, Sandeep
A fundamental issue which directly impacts the scalability of current theoretical neural network models to massively parallel embodiments, in both software as well as hardware, is the inherent and unavoidable concurrent asynchronicity of emerging fine-grained computational ensembles and the possible emergence of chaotic manifestations. Previous analyses attributed dynamical instability to the topology of the interconnection matrix, to parasitic components or to propagation delays. However, researchers have observed the existence of emergent computational chaos in a concurrently asynchronous framework, independent of the network topology. Researcher present a methodology enabling the effective asynchronous operation of large-scale neural networks. Necessary and sufficient conditions guaranteeing concurrent asynchronous convergence are established in terms of contracting operators. Lyapunov exponents are computed formally to characterize the underlying nonlinear dynamics. Simulation results are presented to illustrate network convergence to the correct results, even in the presence of large delays.
Full Text Available Evaluating the reliability of a network with multiple sources to multiple sinks is a critical issue from the perspective of quality management. Due to the unrealistic definition of paths of network models in previous literature, existing models are not appropriate for real-world computer networks such as the Taiwan Advanced Research and Education Network (TWAREN. This paper proposes a modified stochastic-flow network model to evaluate the network reliability of a practical computer network with multiple sources where data is transmitted through several light paths (LPs. Network reliability is defined as being the probability of delivering a specified amount of data from the sources to the sink. It is taken as a performance index to measure the service level of TWAREN. This paper studies the network reliability of the international portion of TWAREN from two sources (Taipei and Hsinchu to one sink (New York that goes through a submarine and land surface cable between Taiwan and the United States.
Sunil Kumar Gautam
Full Text Available The current scenario of information gathering and storing in secure system is a challenging task due to increasing cyber-attacks. There exists computational neural network techniques designed for intrusion detection system, which provide security to single machine and entire network's machine. In this paper, we have used two types of computational neural network models, namely, Generalized Regression Neural Network (GRNN model and Multilayer Perceptron Neural Network (MPNN model for Host based Intrusion Detection System using log files that are generated by a single personal computer. The simulation results show correctly classified percentage of normal and abnormal (intrusion class using confusion matrix. On the basis of results and discussion, we found that the Host based Intrusion Systems Model (HISM significantly improved the detection accuracy while retaining minimum false alarm rate.
Full Text Available Next-generation communication networks have become widely popular as ad-hoc networks, broadly categorized as the mobile nodes based on mobile ad-hoc networks (MANET and the vehicular nodes based vehicular ad-hoc networks (VANET. VANET is aimed at maintaining safety to vehicle drivers by begin autonomous communication with the nearby vehicles. Each vehicle in the ad-hoc network performs as an intelligent mobile node characterized by high mobility and formation of dynamic networks. The ad-hoc networks are decentralized dynamic networks that need efficient and secure communication requirements due to the vehicles being persistently in motion. These networks are more susceptible to various attacks like Warm Hole attacks, denial of service attacks and Black Hole Attacks. The paper is a novel attempt to examine and investigate the security features of the routing protocols in VANET, applicability of AODV (Ad hoc On Demand protocol to detect and tackle a particular category of network attacks, known as the Black Hole Attacks. A new algorithm is proposed to enhance the security mechanism of AODV protocol and to introduce a mechanism to detect Black Hole Attacks and to prevent the network from such attacks in which source node stores all route replies in a look up table. This table stores the sequences of all route reply, arranged in ascending order using PUSH and POP operations. The priority is calculated based on sequence number and discard the RREP having presumably very high destination sequence number. The result show that proposed algorithm for detection and prevention of Black Hole Attack increases security in Intelligent Transportation System (ITS and reduces the effect of malicious node in the VANET. NCTUNs simulator is used in this research work.
Full Text Available The Internet architecture works well for a wide variety of communication scenarios. However, its flexibility is limited because it was initially designed to provide communication links between a few static nodes in a homogeneous network and did not attempt to solve the challenges of today’s dynamic network environments. Although the Internet has evolved to a global system of interconnected computer networks, which links together billions of heterogeneous compute nodes, its static architecture remained more or less the same. Nowadays the diversity in networked devices, communication requirements, and network conditions vary heavily, which makes it difficult for a static set of protocols to provide the required functionality. Therefore, we propose a self-aware network architecture in which protocol stacks can be built dynamically. Those protocol stacks can be optimized continuously during communication according to the current requirements. For this network architecture we propose an FPGA-based execution environment called EmbedNet that allows for a dynamic mapping of network protocols to either hardware or software. We show that our architecture can reduce the communication overhead significantly by adapting the protocol stack and that the dynamic hardware/software mapping of protocols considerably reduces the CPU load introduced by packet processing.
Dolev, Shlomi; Kopeetsky, Marina
We present schemes for providing anonymous transactions while privacy and anonymity are preserved, providing user anonymous authentication in distributed networks such as the Internet. We first present a practical scheme for anonymous transactions while the transaction resolution is assisted by a Trusted Authority. This practical scheme is extended to a theoretical scheme where a Trusted Authority is not involved in the transaction resolution. Given an authority that generates for each player hard to produce evidence EVID (e. g., problem instance with or without a solution) to each player, the identity of a user U is defined by the ability to prove possession of said evidence. We use Zero-Knowledge proof techniques to repeatedly identify U by providing a proof that U has evidence EVID, without revealing EVID, therefore avoiding identity theft.
Full Text Available As the most competitive solution for next-generation network, SDN and its dominant implementation OpenFlow are attracting more and more interests. But besides convenience and flexibility, SDN/OpenFlow also introduces new kinds of limitations and security issues. Of these limitations, the most obvious and maybe the most neglected one is the flow table capacity of SDN/OpenFlow switches. In this paper, we proposed a novel inference attack targeting at SDN/OpenFlow network, which is motivated by the limited flow table capacities of SDN/OpenFlow switches and the following measurable network performance decrease resulting from frequent interactions between data and control plane when the flow table is full. To the best of our knowledge, this is the first proposed inference attack model of this kind for SDN/OpenFlow. We implemented an inference attack framework according to our model and examined its efficiency and accuracy. The evaluation results demonstrate that our framework can infer the network parameters (flow table capacity and usage with an accuracy of 80% or higher. We also proposed two possible defense strategies for the discovered vulnerability, including routing aggregation algorithm and multilevel flow table architecture. These findings give us a deeper understanding of SDN/OpenFlow limitations and serve as guidelines to future improvements of SDN/OpenFlow.
Centler, Florian; Kaleta, Christoph; di Fenizio, Pietro Speroni; Dittrich, Peter
Novel techniques are required to analyze computational models of intracellular processes as they increase steadily in size and complexity. The theory of chemical organizations has recently been introduced as such a technique that links the topology of biochemical reaction network models to their dynamical repertoire. The network is decomposed into algebraically closed and self-maintaining subnetworks called organizations. They form a hierarchy representing all feasible system states including all steady states. We present three algorithms to compute the hierarchy of organizations for network models provided in SBML format. Two of them compute the complete organization hierarchy, while the third one uses heuristics to obtain a subset of all organizations for large models. While the constructive approach computes the hierarchy starting from the smallest organization in a bottom-up fashion, the flux-based approach employs self-maintaining flux distributions to determine organizations. A runtime comparison on 16 different network models of natural systems showed that none of the two exhaustive algorithms is superior in all cases. Studying a 'genome-scale' network model with 762 species and 1193 reactions, we demonstrate how the organization hierarchy helps to uncover the model structure and allows to evaluate the model's quality, for example by detecting components and subsystems of the model whose maintenance is not explained by the model. All data and a Java implementation that plugs into the Systems Biology Workbench is available from http://www.minet.uni-jena.de/csb/prj/ot/tools.
The book is compilation of technical papers presented at International Research Symposium on Computing and Network Sustainability (IRSCNS 2016) held in Goa, India on 1st and 2nd July 2016. The areas covered in the book are sustainable computing and security, sustainable systems and technologies, sustainable methodologies and applications, sustainable networks applications and solutions, user-centered services and systems and mobile data management. The novel and recent technologies presented in the book are going to be helpful for researchers and industries in their advanced works.
Jonker, Mattijs; Sperotto, Anna; Latré, Steven; Charalambides, Marinos; François, Jérôme; Schmitt, Corinna; Stiller, Burkhard
Over the last years, Distributed Denial-of-Service (DDoS) attacks have become an increasing threat on the Internet, with recent attacks reaching traffic volumes of up to 500 Gbps. To make matters worse, web-based facilities that offer “DDoS-as-a-service‿ (i.e., Booters) allow for the layman to
Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.; Kirda, E.; Jha, S.; Balzarotti, D.
Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an
Bolzoni, D.; Etalle, S.; Hartel, P.H.; Kirda, E.; Jha, S.; Balzarotti, D.
Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attacks, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an
Bolzoni, D.; Etalle, S.; Hartel, P.H.
Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an
Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.
Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an
Meng, Weizhi; Choo, Kim-Kwang Raymond; Furnell, Steven
experts that the security of Internet-enabled medical devices is crucial, and an ongoing threat vector is insider attacks. In this paper, we focus on the identification of insider attacks in healthcare SDNs. Specifically, we survey stakeholders from 12 healthcare organizations (i.e., two hospitals and two...
Hendriks, Luuk; Velan, Petr; de O. Schmidt, Ricardo; de Boer, Pieter-Tjerk; Pras, Aiko; Tuncer, Daphne; Koch, Robert; Badonne, Rémi; Stiller, Burkhard
With a vastly different header format, IPv6 introduces new vulnerabilities not possible in IPv4, potentially requiring new detection algorithms. While many attacks specific to IPv6 have proven to be possible and are described in the literature, no detection solutions for these attacks have been
Analysis, assessment, and data management are core competencies for operation research analysts. This volume addresses a number of issues and developed methods for improving those skills. It is an outgrowth of a conference held in April 2013 at the Hellenic Military Academy, and brings together a broad variety of mathematical methods and theories with several applications. It discusses directions and pursuits of scientists that pertain to engineering sciences. It is also presents the theoretical background required for algorithms and techniques applied to a large variety of concrete problems. A number of open questions as well as new future areas are also highlighted. This book will appeal to operations research analysts, engineers, community decision makers, academics, the military community, practitioners sharing the current “state-of-the-art,” and analysts from coalition partners. Topics covered include Operations Research, Games and Control Theory, Computational Number Theory and Information Securi...
Lippmann, Richard; Ingols, K. W
This report reviews past research papers that describe how to construct attack graphs, how to use them to improve security of computer networks, and how to use them to analyze alerts from intrusion detection systems...
Full Text Available This paper introduces several hands-on projects that have been used to motivate students in learning various computer networking concepts. These projects are shown to be very useful and applicable to the learners’ daily tasks and activities such as emailing, Web browsing, and online shopping and banking, and lead to an unexpected byproduct, self-motivation.
various classification modes (decision trees, rulesets, boosting, softening thresholds) regarding the classification accuracy and the time required to create the classifier. We showed how to use our VBS tool to obtain per-flow, per-application, and per-content statistics of traffic in computer networks...
Schivo, Stefano; Leijten, Jeroen; Karperien, Marcel; Post, Janine N.; Prignet, Claude
Because of the numerous entities interacting, the complexity of the networks that regulate cell fate makes it impossible to analyze and understand them using the human brain alone. Computational modeling is a powerful method to unravel complex systems. We recently described the development of a
Wen-Jung Hsin, PhD
This paper introduces several hands-on projects that have been used to motivate students in learning various computer networking concepts. These projects are shown to be very useful and applicable to the learners’ daily tasks and activities such as emailing, Web browsing, and online shopping and banking, and lead to an unexpected byproduct, self-motivation.
Full Text Available While the mechanism of reputation aggregation proves to be an effective scheme for indicating an individual’s trustworthiness and further identifying malicious ones in mobile social networks, it is vulnerable to collusive attacks from malicious nodes of collaborative frauds. To conquer the challenge of detecting collusive attacks and then identifying colluders for the reputation system in mobile social networks, a fuzzy collusive attack detection mechanism (FCADM is proposed based on nodes’ social relationships, which comprises three parts: trust schedule, malicious node selection, and detection traversing strategy. In the first part, the trust schedule provides the calculation method of interval valued fuzzy social relationships and reputation aggregation for nodes in mobile social networks; further, a set of fuzzy valued factors, that is, item judgment factor, node malicious factor, and node similar factor, is given for evaluating the probability of collusive fraud happening and identifying single malicious nodes in the second part; and moreover, a detection traversing strategy is given based on random walk algorithm under the perspectives of fuzzy valued nodes’ trust schedules and proposed malicious factors. Finally, our empirical results and analysis show that the proposed mechanism in this paper is feasible and effective.
Daskin, Anmer; Grama, Ananth; Kais, Sabre
Comparative analyses of graph-structured datasets underly diverse problems. Examples of these problems include identification of conserved functional components (biochemical interactions) across species, structural similarity of large biomolecules, and recurring patterns of interactions in social networks. A large class of such analyses methods quantify the topological similarity of nodes across networks. The resulting correspondence of nodes across networks, also called node alignment, can be used to identify invariant subgraphs across the input graphs. Given graphs as input, alignment algorithms use topological information to assign a similarity score to each -tuple of nodes, with elements (nodes) drawn from each of the input graphs. Nodes are considered similar if their neighbors are also similar. An alternate, equivalent view of these network alignment algorithms is to consider the Kronecker product of the input graphs and to identify high-ranked nodes in the Kronecker product graph. Conventional methods such as PageRank and HITS (Hypertext-Induced Topic Selection) can be used for this purpose. These methods typically require computation of the principal eigenvector of a suitably modified Kronecker product matrix of the input graphs. We adopt this alternate view of the problem to address the problem of multiple network alignment. Using the phase estimation algorithm, we show that the multiple network alignment problem can be efficiently solved on quantum computers. We characterize the accuracy and performance of our method and show that it can deliver exponential speedups over conventional (non-quantum) methods.
Full Text Available The proposed mechanism for jamming attack detection for wireless sensor networks is novel in three respects: firstly, it upgrades the jammer to include versatile military jammers; secondly, it graduates from the existing node-centric detection system to the network-centric system making it robust and economical at the nodes, and thirdly, it tackles the problem through fuzzy inference system, as the decision regarding intensity of jamming is seldom crisp. The system with its high robustness, ability to grade nodes with jamming indices, and its true-detection rate as high as 99.8%, is worthy of consideration for information warfare defense purposes.
Bouyeddou, Benamar; Harrou, Fouzi; Sun, Ying; Kadri, Benamar
Accurate detection of cyber-attacks plays a central role in safeguarding computer networks and information systems. This paper addresses the problem of detecting SYN flood attacks, which are the most popular Denial of Service (DoS) attacks. Here, we
Full Text Available Due to the loosely coupled property of cloud computing environments, no node has complete knowledge of the system. For this reason, detecting a Sybil attack in cloud computing environments is a non‐trivial task. In such a dynamic system, the use of algorithms based on tree or ring structures for collecting the global state of the system has unfortunate downsides, that is, the structure should be re‐constructed in the presence of node joining and leaving. In this paper, we propose an unstructured Sybil attack detection algorithm in cloud computing environments. Our proposed algorithm uses one‐to‐one communication primitives rather than broadcast primitives and, therefore, the message complexity can be reduced. In our algorithmic design, attacker nodes forging multiple identities are effectively detected by normal nodes with the fail‐stop signature scheme. We show that, regardless of the number of attacker nodes, our Sybil attack detection algorithm is able to reach consensus.
Jean C Coulombe
Full Text Available As it is getting increasingly difficult to achieve gains in the density and power efficiency of microelectronic computing devices because of lithographic techniques reaching fundamental physical limits, new approaches are required to maximize the benefits of distributed sensors, micro-robots or smart materials. Biologically-inspired devices, such as artificial neural networks, can process information with a high level of parallelism to efficiently solve difficult problems, even when implemented using conventional microelectronic technologies. We describe a mechanical device, which operates in a manner similar to artificial neural networks, to solve efficiently two difficult benchmark problems (computing the parity of a bit stream, and classifying spoken words. The device consists in a network of masses coupled by linear springs and attached to a substrate by non-linear springs, thus forming a network of anharmonic oscillators. As the masses can directly couple to forces applied on the device, this approach combines sensing and computing functions in a single power-efficient device with compact dimensions.
Swiler, Laura Painton [Albuquerque, NM; Phillips, Cynthia A [Albuquerque, NM
A computer system analysis tool and method that will allow for qualitative and quantitative assessment of security attributes and vulnerabilities in systems including computer networks. The invention is based on generation of attack graphs wherein each node represents a possible attack state and each edge represents a change in state caused by a single action taken by an attacker or unwitting assistant. Edges are weighted using metrics such as attacker effort, likelihood of attack success, or time to succeed. Generation of an attack graph is accomplished by matching information about attack requirements (specified in "attack templates") to information about computer system configuration (contained in a configuration file that can be updated to reflect system changes occurring during the course of an attack) and assumed attacker capabilities (reflected in "attacker profiles"). High risk attack paths, which correspond to those considered suited to application of attack countermeasures given limited resources for applying countermeasures, are identified by finding "epsilon optimal paths."
Full Text Available This paper introduces novel attack detection approaches on mobile and wireless device security and network which consider temporal relations between internet packets. In this paper we first present a field selection technique using a Genetic Algorithm and generate a Packet-based Mining Association Rule from an original Mining Association Rule for Support Vector Machine in mobile and wireless network environment. Through the preprocessing with PMAR, SVM inputs can account for time variation between packets in mobile and wireless network. Third, we present Gaussian observation Hidden Markov Model to exploit the hidden relationships between packets based on probabilistic estimation. In our G-HMM approach, we also apply G-HMM feature reduction for better initialization. We demonstrate the usefulness of our SVM and G-HMM approaches with GA on MIT Lincoln Lab datasets and a live dataset that we captured on a real mobile and wireless network. Moreover, experimental results are verified by -fold cross-validation test.
Full Text Available A denial of service attack (DOS is any type of attack on a networking structure to disable a server from servicing its clients. Attacks range from sending millions of requests to a server in an attempt to slow it down, flooding a server with large packets of invalid data, to sending requests with an invalid or spoofed IP address. In this paper we show the implementation and analysis of three main types of attack: Ping of Death, TCP SYN Flood, and Distributed DOS. The Ping of Death attack will be simulated against a Microsoft Windows 95 computer. The TCP SYN Flood attack will be simulated against a Microsoft Windows 2000 IIS FTP Server. Distributed DOS will be demonstrated by simulating a distribution zombie program that will carry the Ping of Death attack. This paper will demonstrate the potential damage from DOS attacks and analyze the ramifications of the damage.
Dmitry Anatolevich Melnikov
Full Text Available This paper proposes attacks on the network synchronization systems counteraction technique, method, algorithm and realizable aspects. The network synchronization systems are included in information technology systems or networks. This method is implemented in software and hardware device (means «MARSH! 3.0» providing trusted session.
Bricha, Naji; Nourelfath, Mustapha
A crucial issue in today's critical supply chains is how to protect facilities against intentional attacks, since it has become unacceptable to ignore the high impact of low probability disruptions caused by these attacks. This article develops a game-theoretical model to deal with the protection of facilities, in the context of the uncapacitated fixed-charge location problem. Given a set of investment alternatives for protecting the facilities against identified threats, the objective is to select the optimal defence strategy. The attacker is considered as a player who tries to maximise the expected damage while weighing against the attacks expenditures. The conflict on facilities vulnerability is modelled using the concept of contest. The vulnerability of a facility is defined by its destruction probability. Contest success functions determine the vulnerability of each facility dependent on the relative investments of the defender and the attacker on each facility, and on the characteristics of the contest. A method is developed to evaluate the utilities of the players (i.e., the defender and the attacker). This method evaluates many expected costs, including the cost needed to restore disabled facilities, the backorder cost, and the cost incurred because of the increase in transportation costs after attacks. In fact, when one or several facilities are unavailable, transportation costs will increase since reassigned customers may receive shipments from facilities which are farther away. The model considers a non-cooperative two-period game between the players, and an algorithm is presented to determine the equilibrium solution and the optimal defence strategy. An illustrative example is presented. The approach is compared to other suggested strategies, and some managerial insights are provided in the context of facility location
Zadeh, Lofti A.
The past few years have witnessed a rapid growth of interest in a cluster of modes of modeling and computation which may be described collectively as soft computing. The distinguishing characteristic of soft computing is that its primary aims are to achieve tractability, robustness, low cost, and high MIQ (machine intelligence quotient) through an exploitation of the tolerance for imprecision and uncertainty. Thus, in soft computing what is usually sought is an approximate solution to a precisely formulated problem or, more typically, an approximate solution to an imprecisely formulated problem. A simple case in point is the problem of parking a car. Generally, humans can park a car rather easily because the final position of the car is not specified exactly. If it were specified to within, say, a few millimeters and a fraction of a degree, it would take hours or days of maneuvering and precise measurements of distance and angular position to solve the problem. What this simple example points to is the fact that, in general, high precision carries a high cost. The challenge, then, is to exploit the tolerance for imprecision by devising methods of computation which lead to an acceptable solution at low cost. By its nature, soft computing is much closer to human reasoning than the traditional modes of computation. At this juncture, the major components of soft computing are fuzzy logic (FL), neural network theory (NN), and probabilistic reasoning techniques (PR), including genetic algorithms, chaos theory, and part of learning theory. Increasingly, these techniques are used in combination to achieve significant improvement in performance and adaptability. Among the important application areas for soft computing are control systems, expert systems, data compression techniques, image processing, and decision support systems. It may be argued that it is soft computing, rather than the traditional hard computing, that should be viewed as the foundation for artificial
Sevgi, L; CCN2005; Complex computing networks: Brain-like and wave-oriented electrodynamic algorithms
This book uniquely combines new advances in the electromagnetic and the circuits&systems theory. It integrates both fields regarding computational aspects of common interest. Emphasized subjects are those methods which mimic brain-like and electrodynamic behaviour; among these are cellular neural networks, chaos and chaotic dynamics, attractor-based computation and stream ciphers. The book contains carefully selected contributions from the Symposium CCN2005. Pictures from the bestowal of Honorary Doctorate degrees to Leon O. Chua and Leopold B. Felsen are included.
Khundrakpam Johnson Singh
Full Text Available Distributed denial-of-service (DDoS attack is one of the major threats to the web server. The rapid increase of DDoS attacks on the Internet has clearly pointed out the limitations in current intrusion detection systems or intrusion prevention systems (IDS/IPS, mostly caused by application-layer DDoS attacks. Within this context, the objective of the paper is to detect a DDoS attack using a multilayer perceptron (MLP classification algorithm with genetic algorithm (GA as learning algorithm. In this work, we analyzed the standard EPA-HTTP (environmental protection agency-hypertext transfer protocol dataset and selected the parameters that will be used as input to the classifier model for differentiating the attack from normal profile. The parameters selected are the HTTP GET request count, entropy, and variance for every connection. The proposed model can provide a better accuracy of 98.31%, sensitivity of 0.9962, and specificity of 0.0561 when compared to other traditional classification models.
Ida, Katsumi; Nakanishi, Hideya
This report describes the development of a computer network that uses the Integrated Service Digital Network (ISDN) for real-time analysis of experimental plasma physics and nuclear fusion research. Communication speed, 64/128kbps (INS64) or 1.5Mbps (INS1500) per connection, is independent of how busy the network is. When INS-1500 is used, the communication speed, which is proportional to the public telephone connection fee, can be dynamically varied from 64kbps to 1472kbps (depending on how much data are being transferred using the Bandwidth-on-Demand (BOD) function in the ISDN Router. On-demand dial-up and time-out disconnection reduce the public telephone connection fee by 10%-97%. (author)
Travieso, Gonzalo; Ruggiero, Carlos Antônio; Bruno, Odemir Martinez; Costa, Luciano da Fontoura
Cloud computing has become an important means to speed up computing. One problem influencing heavily the performance of such systems is the choice of nodes as servers responsible for executing the clients’ tasks. In this article we report how complex networks can be used to model such a problem. More specifically, we investigate the performance of the processing respectively to cloud systems underlaid by Erdős–Rényi (ER) and Barabási-Albert (BA) topology containing two servers. Cloud networks involving two communities not necessarily of the same size are also considered in our analysis. The performance of each configuration is quantified in terms of the cost of communication between the client and the nearest server, and the balance of the distribution of tasks between the two servers. Regarding the latter, the ER topology provides better performance than the BA for smaller average degrees and opposite behaviour for larger average degrees. With respect to cost, smaller values are found in the BA topology irrespective of the average degree. In addition, we also verified that it is easier to find good servers in ER than in BA networks. Surprisingly, balance and cost are not too much affected by the presence of communities. However, for a well-defined community network, we found that it is important to assign each server to a different community so as to achieve better performance. (paper: interdisciplinary statistical mechanics )
With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.
Kochedykov, S. S.; Noev, A. N.; Dushkin, A. V.; Gubin, I. A.
On the basis of the mathematical graph theory, the method of optimum switching of infocommunication networks in the conditions of cyber attacks is developed. The idea of representation of a set of possible ways on the graph in the form of the multilevel tree ordered by rules of algebra of a logic theory is the cornerstone of a method. As a criterion of optimization, the maximum of network transmission capacity to which assessment Ford- Falkerson's theorem is applied is used. The method is realized in the form of a numerical algorithm, which can be used not only for design, but also for operational management of infocommunication networks in conditions of violation of the functioning of their switching centers.
Wyman, Douglas J.
The topics discussed include the following: patrol car automation, mobile computer network, network requirements, network design overview, MCN mobile network software, MCN hub operation, mobile satellite software, hub satellite software, the benefits of patrol car automation, the benefits of satellite mobile computing, and national law enforcement satellite.
With the development of the current era, computer network and large data gradually become part of the people's life, people use the computer to provide convenience for their own life, but at the same time there are many network information problems has to pay attention. This paper analyzes the information security of computer network based on "big data" analysis, and puts forward some solutions.
Mkuzangwe, Nenekazi NP
Full Text Available decision tree which is one of the well-known machine learning techniques. The results indicate that the performance difference, in terms of predicting the proportion of attacks in the data, of the proposed system with respect to the decision tree...
Dao, Nhu-Ngoc; Kim, Joongheon; Park, Minho; Cho, Sungrae
The convergent communication network will play an important role as a single platform to unify heterogeneous networks and integrate emerging technologies and existing legacy networks. Although there have been proposed many feasible solutions, they could not become convergent frameworks since they mainly focused on converting functions between various protocols and interfaces in edge networks, and handling functions for multiple services in core networks, e.g., the Multi-protocol Label Switchi...
Yang, Zhi-Cheng; Kourtis, Stefanos; Chamon, Claudio; Mucciolo, Eduardo R.; Ruckenstein, Andrei E.
We develop a tensor network technique that can solve universal reversible classical computational problems, formulated as vertex models on a square lattice [Nat. Commun. 8, 15303 (2017), 10.1038/ncomms15303]. By encoding the truth table of each vertex constraint in a tensor, the total number of solutions compatible with partial inputs and outputs at the boundary can be represented as the full contraction of a tensor network. We introduce an iterative compression-decimation (ICD) scheme that performs this contraction efficiently. The ICD algorithm first propagates local constraints to longer ranges via repeated contraction-decomposition sweeps over all lattice bonds, thus achieving compression on a given length scale. It then decimates the lattice via coarse-graining tensor contractions. Repeated iterations of these two steps gradually collapse the tensor network and ultimately yield the exact tensor trace for large systems, without the need for manual control of tensor dimensions. Our protocol allows us to obtain the exact number of solutions for computations where a naive enumeration would take astronomically long times.
Warhus, J.; Castleton, R.; Lanning, S.
Testing and quality assurance of large numbers of firing systems are an essential part of the development of the Tactical Airfield Attack Munition (TAAM). A computerized test and data acquisition system has been developed to make the testing and quality assurance workload manageable. The system hardware utilizes an LSI-11/23 computer, a Tektronix 7612 transient digitizer, and various other programmable instruments and power supplies. The system is capable of measuring and analyzing mechanical shock and fireset transient waveforms, automating testing sequences, and making records and comparisons of the test results. The system architecture is flexible for general purpose firing system development work
Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.
Gonsalves, Paul G.; Dougherty, Edward T.
The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.
Full Text Available Nowadays, the real-world systems are usually subject to various complexities such as parameter uncertainties, time-delays, and nonlinear disturbances. For networked systems, especially large-scale systems such as multiagent systems and systems over sensor networks, the complexities are inevitably enhanced in terms of their degrees or intensities because of the usage of the communication networks. Therefore, it would be interesting to (1 examine how this kind of network-enhanced complexities affects the control or filtering performance; and (2 develop some suitable approaches for controller/filter design problems. In this paper, we aim to survey some recent advances on the performance analysis and synthesis with three sorts of fashionable network-enhanced complexities, namely, fading measurements, event-triggered mechanisms, and attack behaviors of adversaries. First, these three kinds of complexities are introduced in detail according to their engineering backgrounds, dynamical characteristic, and modelling techniques. Then, the developments of the performance analysis and synthesis issues for various networked systems are systematically reviewed. Furthermore, some challenges are illustrated by using a thorough literature review and some possible future research directions are highlighted.
Masudur Rahman; Wah Man Cheung
Cloud computing has been considered as one of the crucial and emerging networking technology, which has been changed the architecture of computing in last few years. Despite the security concerns of protecting data or providing continuous service over cloud, many organisations are considering different types cloud services as potential solution for their business. We are researching on cloud computing security issues and potential cost effective solution for cloud service providers. In our fi...
Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang
A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.
Koiso, H.; Abe, K.; Akiyama, A.; Katoh, T.; Kikutani, E.; Kurihara, N.; Kurokawa, S.; Oide, K.; Shinomoto, M.
An N-to-N token ring network of twenty-four minicomputers controls the TRISTAN accelerator complex. The computers are linked by optical fiber cables with 10 Mbps transmission speed. The software system is based on the NODAL, a multi-computer interpreter language developed at CERN SPS. Typical messages exchanged between computers are NODAL programs and NODAL variables transmitted by the EXEC and the REMIT commands. These messages are exchanged as a cluster of packets whose maximum size is 512 bytes. At present, eleven minicomputers are connected to the network and the total length of the ring is 1.5 km. In this condition, the maximum attainable throughput is 980 kbytes/s. The response of a pair of an EXEC and a REMIT transactions which transmit a NODAL array A and one line of program 'REMIT A' and immediately remit the A is measured to be 95+0.039/chi/ ms, where /chi/ is the array size in byte. In ordinary accelerator operations, the maximum channel utilization is 2%, the average packet length is 96 bytes and the transmission rate is 10 kbytes/s
Kizza, Joseph Migga
In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ
In recent years information and communication technologies have gained significant importance in the social sciences. Because there is such rapid growth of knowledge, methods and computer infrastructure, research can now seamlessly connect interdisciplinary fields such as business process management, data processing and mathematics. This study presents some of the latest results, practices and state-of-the-art approaches in network analysis, machine learning, data mining, data clustering and classifications in the contents of social sciences. It also covers various real-life examples such as t
In smart grids, managing and controlling power operations are supported by information and communication technology (ICT) and supervisory control and data acquisition (SCADA) systems. The increasing adoption of new ICT assets in smart grids is making smart grids vulnerable to cyber threats, as well as raising numerous concerns about the adequacy of current security approaches. As a single act of penetration is often not sufficient for an attacker to achieve his/her goal, multistage cyb...
not improved over three iterations of relaxation. In the heuristic , the current upper bound represents the best found feasible solution that does not...nested loops in the 167 algorithm which represent the outer and inner decompositions of the DAD CSP problem instance. Since our heuristic ...path problem. We merge the attacker model with Lagrangian relaxation of the operator model into a single formulation that can obtain fast heuristic
Zhendong Wu; Mengru Cai; Siyu Liang
With the rapid development of WLAN, more and more schools and businesses have begun to provide the WLAN for users. However, WLAN is considerably more susceptible to MitM (man- in-the-middle) attack. To overcome it, we propose a dynamic password technology named Two-way Dynamic Authentication Technology (TDAT). It uses two-factor during the initial authentication, and uses a two-way hash chain during the cross-domain authentication. TDAT effectively protects users' authentication credentials a...
Ji, Xingpei; Wang, Bo; Liu, Dichen; Dong, Zhaoyang; Chen, Guo; Zhu, Zhenshan; Zhu, Xuedong; Wang, Xunting
Whether the realistic electrical cyber-physical interdependent networks will undergo first-order transition under random failures still remains a question. To reflect the reality of Chinese electrical cyber-physical system, the "partial one-to-one correspondence" interdependent networks model is proposed and the connectivity vulnerabilities of three realistic electrical cyber-physical interdependent networks are analyzed. The simulation results show that due to the service demands of power system the topologies of power grid and its cyber network are highly inter-similar which can effectively avoid the first-order transition. By comparing the vulnerability curves between electrical cyber-physical interdependent networks and its single-layer network, we find that complex network theory is still useful in the vulnerability analysis of electrical cyber-physical interdependent networks.
Full Text Available Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.
Fischer, Briana D.; Lato, Anita M.
Approved for public release; distribution is unlimited In contrast to traditional networks, Software Defined Networking (SDN) allows the programming of network functions via an Application Programming Interface (API). The ability to implement the APIs in software is advantageous for traffic manipulation in SDN. With automated logic being programmed into a centralized component of the SDN, network operators are presented with new and scalable methods for traffic manipulation. Enterprises an...
Bhavana Butani; Piyush Kumar Shukla; Sanjay Silakari
Wireless sensor networks (WSNs) are novel large-scale wireless networks that consist of distributed, self organizing, low-power, low-cost, tiny sensor devices to cooperatively collect information through infrastructure less wireless networks. These networks are envisioned to play a crucial role in variety of applications like critical military surveillance applications, forest fire monitoring, commercial applications such as building security monitoring, traffic surveillance, habitat monitori...
Falcon, Rafael; Koeppen, Mario
This book emphasizes the increasingly important role that Computational Intelligence (CI) methods are playing in solving a myriad of entangled Wireless Sensor Networks (WSN) related problems. The book serves as a guide for surveying several state-of-the-art WSN scenarios in which CI approaches have been employed. The reader finds in this book how CI has contributed to solve a wide range of challenging problems, ranging from balancing the cost and accuracy of heterogeneous sensor deployments to recovering from real-time sensor failures to detecting attacks launched by malicious sensor nodes and enacting CI-based security schemes. Network managers, industry experts, academicians and practitioners alike (mostly in computer engineering, computer science or applied mathematics) benefit from the spectrum of successful applications reported in this book. Senior undergraduate or graduate students may discover in this book some problems well suited for their own research endeavors. USP: Presents recent advances and fu...
Abdul Hanan Abdullah
Full Text Available Computer system security has become a major concern over the past few years. Attacks, threasts or intrusions, against computer system and network have become commonplace events. However, there are some system devices and other tools that are available to overcome the threat of these attacks. Currently, cyber attack is a major research and inevitable. This paper presents some steps of penetration in FreeBSD operating system, some tools and new steps to attack used in this experiment, probes for reconnaissance, guessing password via brute force, gaining privilege access and flooding victim machine to decrease availability. All these attacks were executed and infiltrate within the environment of Intrusion Threat Detection Universiti Teknologi Malaysia (ITD UTM data set. This work is expected to be a reference for practitioners to prepare their systems from Internet attacks.
Soeda, Akihito; Kinjo, Yoshiyuki; Turner, Peter S.; Murao, Mio
In order to investigate distributed quantum computation under restricted network resources, we introduce a quantum computation task over the butterfly network where both quantum and classical communications are limited. We consider deterministically performing a two-qubit global unitary operation on two unknown inputs given at different nodes, with outputs at two distinct nodes. By using a particular resource setting introduced by M. Hayashi [Phys. Rev. A 76, 040301(R) (2007)], which is capable of performing a swap operation by adding two maximally entangled qubits (ebits) between the two input nodes, we show that unitary operations can be performed without adding any entanglement resource, if and only if the unitary operations are locally unitary equivalent to controlled unitary operations. Our protocol is optimal in the sense that the unitary operations cannot be implemented if we relax the specifications of any of the channels. We also construct protocols for performing controlled traceless unitary operations with a 1-ebit resource and for performing global Clifford operations with a 2-ebit resource.
Abe, F.; Yuasa, F.
'Distributed Computing and Network' is one of hot topics in the field of computing. Recent progress in the computer technology is providing new paradigm for computing even in High Energy Physics. Particularly the workstation based computer system is opening new active field of computer application to sciences. The major topics discussed in this symposium are distributed computing and wide area research network for domestic and international link. The two days symposium provided so enough topics to foresee the next direction of our computing environment. 70 people have got together to discuss on these interesting thema as well as information exchange on the computer technologies. (J.P.N.)
This thesis describes a compositional framework for developing situation awareness applications: applications that provide ongoing information about a user's changing environment. The thesis describes how the framework is used to develop a situation awareness application for earthquakes. The applications are implemented as Cloud computing services connected to sensors and actuators. The architecture and design of the Cloud services are described and measurements of performance metrics are provided. The thesis includes results of experiments on earthquake monitoring conducted over a year. The applications developed by the framework are (1) the CSN---the Community Seismic Network---which uses relatively low-cost sensors deployed by members of the community, and (2) SAF---the Situation Awareness Framework---which integrates data from multiple sources, including the CSN, CISN---the California Integrated Seismic Network, a network consisting of high-quality seismometers deployed carefully by professionals in the CISN organization and spread across Southern California---and prototypes of multi-sensor platforms that include carbon monoxide, methane, dust and radiation sensors.
Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka
This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.
Tan, Zhiyuan; Jamdagni, Aruna; He, Xiangjian; Nanda, Priyadarsi; Liu, Ren Ping
Interconnected systems, such as Web servers, database servers, cloud computing servers and so on, are now under threads from network attackers. As one of most common and aggressive means, denial-of-service (DoS) attacks cause serious impact on these computing systems. In this paper, we present a DoS
Computer networking is the order of the day in this Information and Communication Technology (ICT) age. Although a network can be through a wireless device most local connections are done using cables. There are three main computer-networking cables namely coaxial cable, unshielded twisted pair cable and the optic ...
Full Text Available In this work, we model the sensor networks as an unsupervised learning and clustering process. We classify nodes according to its static distribution to form known class densities (CCPD. These densities are chosen from specific cross-layer features which maximizes lifetime of power-aware routing algorithms. To circumvent computational complexities of a power-ware communication STACK we introduce path-loss models at the nodes only for high density deployments. We study the cluster heads and formulate the data handling capacity for an expected deployment and use localized probability models to fuse the data with its side information before transmission. So each cluster head has a unique Pmax but not all cluster heads have the same measured value. In a lossless mode if there are no faults in the sensor network then we can show that the highest probability given by Pmax is ambiguous if its frequency is ≤ n/2 otherwise it can be determined by a local function. We further show that the event detection at the cluster heads can be modelled with a pattern 2m and m, the number of bits can be a correlated pattern of 2 bits and for a tight lower bound we use 3-bit Huffman codes which have entropy < 1. These local algorithms are further studied to optimize on power, fault detection and to maximize on the distributed routing algorithm used at the higher layers. From these bounds in large network, it is observed that the power dissipation is network size invariant. The performance of the routing algorithms solely based on success of finding healthy nodes in a large distribution. It is also observed that if the network size is kept constant and the density of the nodes is kept closer then the local pathloss model effects the performance of the routing algorithms. We also obtain the maximum intensity of transmitting nodes for a given category of routing algorithms for an outage constraint, i.e., the lifetime of sensor network.
The evolution of the Internet has a great impact on a big part of the population. People use it to communicate, query information, receive news, work, and as entertainment. Its extraordinary usefulness as a communication media made the number of applications and technological resources explode. However, that network expansion comes at the cost of an important power consumption. If the power consumption of telecommunication networks and data centers is considered as the power consumption of a country, it would rank at the 5 th place in the world. Furthermore, the number of servers in the world is expected to grow by a factor of 10 between 2013 and 2020. This context motivates us to study techniques and methods to allocate cloud computing resources in an optimal way with respect to cost, quality of service (QoS), power consumption, and environmental impact. The results we obtained from our test cases show that besides minimizing capital expenditures (CAPEX) and operational expenditures (OPEX), the response time can be reduced up to 6 times, power consumption by 30%, and CO2 emissions by a factor of 60. Cloud computing provides dynamic access to IT resources as a service. In this paradigm, programs are executed in servers connected to the Internet that users access from their computers and mobile devices. The first advantage of this architecture is to reduce the time of application deployment and interoperability, because a new user only needs a web browser and does not need to install software on local computers with specific operating systems. Second, applications and information are available from everywhere and with any device with an Internet access. Also, servers and IT resources can be dynamically allocated depending on the number of users and workload, a feature called elasticity. This thesis studies the resource management of cloud computing networks and is divided in three main stages. We start by analyzing the planning of cloud computing networks to get a
Milind. J. Joshi; Bhaskar Vijayrao patil
Today's enterprise networks are distributed to different geographical locations and applications are more centrally located, information represents the most important asset. With the growing number of data communication services, channels and available software applications, data are processed in large quantities and in a more efficient manner. This technological enhancement offers new flexible opportunities also measure security threats poses in the networks. These threats can external or In...
Neeraj A. Sharma
Full Text Available Computing technology has evolved in such dramatic ways that a child can use such technology and their features. Internet is one such technology which allows peripheral devices to be connected to each other creating a network to share information. In the same way information can be attacked. In this paper we will be discussing the different types of cyber-attack that recently took place in Fiji. Common attacks discussed in this review paper are phishing email scams website defacement and skimming. Apart from common preventative methods some novel recommendations have been made. We believe the Fiji experiences and recommendations will assist technology users prepare better against such attacks.
... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...
Analyzes concepts, technologies and challenges related to mobile computing and networking. Defines basic concepts of cellular systems. Describes the evolution of wireless technologies that constitute the foundations of mobile computing and ubiquitous networking. Presents characterization and issues of mobile computing. Analyzes economical and…
Bier, Vicki M.; Hausken, Kjell
To study the effects of intentional attacks on transportation systems, we consider drivers who choose the more time-efficient of two arcs (possibly of different lengths). Both arcs are subjected to traffic congestion, and also to interdiction or blockage (e.g., by a terrorist attack). The model has three types of strategic actors: the government; the terrorist; and potential drivers. The government protects travel, while the terrorist interdicts travel, along the two arcs. Drivers choose the arc that gives the shortest travel time, and cannot choose an interdicted arc. The drivers have reservation travel times, such that if the actual travel time will exceed an individual driver's reservation travel time, that driver would prefer not to travel; the reservation travel times are allowed to vary among drivers. The objective function of the master problem, which the government minimizes and the terrorist maximizes, is the sum of the total travel time plus the reservation travel times of the non-travelers. Each potential driver decides endogenously whether to travel, according to whether the actual travel time is greater or lesser than that driver's reservation travel time
Hartono, R.; Widyawan; Wibowo, S. B.; Purnomo, A.; Hartatik
There are two methods of building communication using wireless media. The first method is building a base infrastructure as an intermediary between users. Problems that arise on this type of network infrastructure is limited space to build any network physical infrastructure and also the cost factor. The second method is to build an ad hoc network between users who will communicate. On ad hoc network, each user must be willing to send data from source to destination for the occurrence of a communication. One of network protocol in Ad Hoc, Ad hoc on demand Distance Vector (AODV), has the smallest overhead value, easier to adapt to dynamic network and has small control message. One AODV protocol’s drawback is route finding process’ security for sending the data. In this research, AODV protocol is optimized by determining Expanding Ring Search (ERS) best value. Random topology is used with variation in the number of nodes: 25, 50, 75, 100, 125 and 150 with node’s speed of 10m/s in the area of 1000m x 1000m on flooding network condition. Parameters measured are Throughput, Packet Delivery Ratio, Average Delay and Normalized Routing Load. From the test results of AODV protocol optimization with best value of Expanding Ring Search (ERS), throughput increased by 5.67%, packet delivery ratio increased by 5.73%, and as for Normalized Routing Load decreased by 4.66%. ERS optimal value for each node’s condition depending on the number of nodes on the network.
Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D.
In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems. PMID:27463718
Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis
Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impractica......Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error......-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees...... are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase...
Kvatadze, R.; Modebadze, Z.
Status of network and computing infrastructure and available services for research and education community of Georgia are presented. Research and Educational Networking Association - GRENA provides the following network services: Internet connectivity, network services, cyber security, technical support, etc. Computing resources used by the research teams are located at GRENA and at major state universities. GE-01-GRENA site is included in European Grid infrastructure. Paper also contains information about programs of Learning Center and research and development projects in which GRENA is participating.
Sergey Petrovich Evseev
Full Text Available Protocols of information protection in computer networks and systems are investigated. The basic types of threats of infringement of the protection arising from the use of computer networks are classified. The basic mechanisms, services and variants of realization of cryptosystems for maintaining authentication, integrity and confidentiality of transmitted information are examined. Their advantages and drawbacks are described. Perspective directions of development of cryptographic transformations for the maintenance of information protection in computer networks and systems are defined and analyzed.
This book aims to examine innovation in the fields of computer engineering and networking. The book covers important emerging topics in computer engineering and networking, and it will help researchers and engineers improve their knowledge of state-of-art in related areas. The book presents papers from The Proceedings of the 2013 International Conference on Computer Engineering and Network (CENet2013) which was held on July 20-21, in Shanghai, China.
Datacenter networks provide the communication substrate for large parallel computer systems that form the ecosystem for high performance computing (HPC) systems and modern Internet applications. The design of new datacenter networks is motivated by an array of applications ranging from communication intensive climatology, complex material simulations and molecular dynamics to such Internet applications as Web search, language translation, collaborative Internet applications, streaming video and voice-over-IP. For both Supercomputing and Cloud Computing the network enables distributed applicati
Tsuneizumi, T. (Chubu Electric Power Co. Inc., Nagoya (Japan)); Shimomura, S.; Miyamura, N. (Fuji Electric Co. Ltd., Tokyo (Japan))
A computer network for electric power control system was developed that is applied with the open systems interconnection (OSI), an international standard for communications protocol. In structuring the OSI network, a direct session layer was accessed from the operation functions when high-speed small-capacity information is transmitted. File transfer, access and control having a function of collectively transferring large-capacity data were applied when low-speed large-capacity information is transmitted. A verification test for the realtime computer network (RCN) mounting regulation was conducted according to a verification model using a mini-computer, and a result that can satisfy practical performance was obtained. For application interface, kernel, health check and two-route transmission functions were provided as a connection control function, so were transmission verification function and late arrival abolishing function. In system mounting pattern, dualized communication server (CS) structure was adopted. A hardware structure may include a system to have the CS function contained in a host computer and a separate installation system. 5 figs., 6 tabs.
Chen, Zhen; Du, Wen-Bo; Cao, Xian-Bin; Zhou, Xing-Lian
Cascading failure is one of the most central topics in the field of complex networks. In this paper, the cascading failure model is extended to the case of interdependent networks, and the effect of coupling preference on systems robustness is intensively investigated. It is found that the performance of coupling preference on robustness is dependent on coupling probability. Disassortative coupling is more robust for sparse coupling while assortative coupling performs better for dense coupling. We provide an explanation for this constructive phenomenon via examining cascading process from the microscopic point of view. Our work can be useful to the design and optimization of interdependent networked systems.
Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho
A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks).
Full Text Available Spectrum sensing is the first step to overcome the spectrum scarcity problem in Cognitive Radio Networks (CRNs wherein all unutilized subbands in the radio environment are explored for better spectrum utilization. Adversary nodes can threaten these spectrum sensing results by launching passive and active attacks that prevent legitimate nodes from using the spectrum efficiently. Securing the spectrum sensing process has become an important issue in CRNs in order to ensure reliable and secure spectrum sensing and fair management of resources. In this paper, a novel collaborative approach during spectrum sensing process is proposed. It monitors the behavior of sensing nodes and identifies the malicious and misbehaving sensing nodes. The proposed approach measures the node’s sensing reliability using a value called belief level. All the sensing nodes are grouped into a specific number of clusters. In each cluster, a sensing node is selected as a cluster head that is responsible for collecting sensing-reputation reports from different cognitive nodes about each node in the same cluster. The cluster head analyzes information to monitor and judge the nodes’ behavior. By simulating the proposed approach, we showed its importance and its efficiency for achieving better spectrum security by mitigating multiple passive and active attacks.
Full Text Available Mobile Ad hoc Networks (MANETs rely on the cooperation of all participating nodes to provide the fundamental operations such as routing and data forwarding. However, due to the open structure and scarcely available battery-based energy, node misbehaviors may exist.. One such routing misbehavior is that some selfish nodes will participate in the route discovery and maintenance processes but refuse to forward data packets. This paper pointed out Energy based selfish nodes (EBSN where these selfish nodes tend to use the network but do not cooperate, saving battery life for their own communications ,. We present a simulation study of the effects of Energy based selfish nodes (EBSN on DSR routing protocol and its impact over network performance in terms of throughput and delay of a mobile ad hoc network where a defined percentage of nodes were misbehaving.
The convenience of IEEE 8O2.11-based wireless access networks has led to widespread deployment in the consumer, industrial and military sectors However, this use is predicated on an implicit assumption of confidentiality...
Full Text Available The self-organizing nature of the Mobile Ad hoc Networks (MANETs provide a communication channel anywhere, anytime without any pre-existing network infrastructure. However, it is exposed to various vulnerabilities that may be exploited by the malicious nodes. One such malicious behavior is introduced by blackhole nodes, which can be easily introduced in the network and, in turn, such nodes try to crumble the working of the network by dropping the maximum data under transmission. In this paper, a new protocol is proposed which is based on the widely used Ad hoc On-Demand Distance Vector (AODV protocol, Enhanced Secure Trusted AODV (ESTA, which makes use of multiple paths along with use of trust and asymmetric cryptography to ensure data security. The results, based on NS-3 simulation, reveal that the proposed protocol is effectively able to counter the blackhole nodes in three different scenarios.
In order to provide hassle-free connection options many wireless local area network (WLAN) providers choose to have their networks completely open. In other words there is no password required in order to connect. Such open configurations do not provide any security features on the wireless medium, but are often implemented with other solutions as captive portals. A captive portal forces a Hypertext Transfer Protocol (HTTP) client to see a certain webpage, usually for authentication purposes....
that separates it from the networks of today’s world . As Stallings (2013) describes, “current networks are vertically integrated, meaning that the data...cause overpopulation of flow tables increasing processing rate on the switch (Zarek, 2012). More specifically, premature evictions result 16 in...Mininet demonstrated our proof of concept but was not sufficient for real world implementation. Our overall goal was to grab an HTTP response packet
Anass RGHIOUI; Anass KHANNOUS; Mohammed BOUHORMA
RPL (Routing Protocol for Low-power and lossy networks) is a specific routing protocol designed to optimize 6LoWPAN (IPv6 over Low power Wireless Personal Area Network) operation. As 6LoWPAN suffers from resource constraints on battery, processor, memory and bandwidth, it affects the performance of the RPL protocol. From security point of view, this will make RPL vulnerable to several threats directly or indirectly. Thus, cryptographic systems are not sufficient to protect the RPL from intern...
Allara, David L; Hasslacher, Brosl
Random boolean networks (RBNs) have been studied theoretically and computationally in order to be able to use their remarkable self-healing and large basins of altercation properties as quantum computing architectures, especially...
Mieso, K Denko
Full Text Available Mobile ad hoc networks (MANETs are dynamic mobile networks that can be formed in the absence of any pre-existing communication infrastructure. In addition to node mobility, a MANET is characterized by limited resources such as bandwidth, battery power, and storage space. The underlying assumption in MANETs is that the intermediate nodes cooperate in forwarding packets. However, this assumption does not hold in commercial and emerging civilian applications. MANETs are vulnerable to Denial of Service (DoS due to their salient characteristics. There is a need to provide an incentive mechanism that can provide cooperation among nodes in the network and improve overall network performance by reducing DoS attacks. In this paper, we propose a reputation-based incentive mechanism for detecting and preventing DoS attacks. DoS attacks committed by selfish and malicious nodes were investigated. Our scheme motivates nodes to cooperate and excludes them from the network only if they fail to do so. We evaluated the performance of our scheme using the packet delivery ratio, the routing and communication overhead, and misbehaving node detection in a discrete event-simulation environment. The results indicate that a reputation-based incentive mechanism can significantly reduce the effect of DoS attacks and improve performance in MANETs.
Newman, M. E.; Forrest, Stephanie; Balthrop, Justin
Many computer viruses spread via electronic mail, making use of computer users' email address books as a source for email addresses of new victims. These address books form a directed social network of connections between individuals over which the virus spreads. Here we investigate empirically the structure of this network using data drawn from a large computer installation, and discuss the implications of this structure for the understanding and prevention of computer virus epidemics.
As the number and variety of computers within Los Alamos Scientific Laboratory's Central Computer Facility grows, the need for a standard, high-speed intercomputer interface has become more apparent. This report details the development of a High-Speed Parallel Interface from conceptual through implementation stages to meet current and future needs for large-scle network computing within the Integrated Computer Network. 4 figures
The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...
Full Text Available Security in cloud computing is the ultimate question that every potential user studies before adopting it. Among the important points that the provider must ensure is that the Cloud will be available anytime the consumer tries to access it. Generally, the Cloud is accessible via the Internet, what makes it subject to a large variety of attacks. Today, the most striking cyber-attacks are the flooding DoS and its variant DDoS. This type of attacks aims to break down the availability of a service to its legitimate clients. In this paper, we underline the most used techniques to stand up against DoS flooading attacks in the Cloud.
administrator whenever a system binary file (such as the ps, login , or ls program) is modified. Normal users have no legitimate reason to alter these files...development of EMERALD , which combines statistical anomaly detection from NIDES with signature verification. Specification-based intrusion detection...the creation of a single host that can act as many hosts. Daemons that provide network services—including telnetd, ftpd, and login — display banners
Infrastructure Mapping over Transport Software - Defined Networks (T- SDN )”, IEEE/OSA OFC, 2014 (invited for a special issue of OSA/IEEE JOCN) 23. L. Liu, J...Ji and C. Qiao “Survivable Virtual Infrastructure Mapping with Shared Protection in Transport Software - Defined Networks (T- SDNs )”, OECC, 2014. 25. S...483-493, 2014. 21. Z. Ye, X. Li, A. N. Patel, P. N. Ji, X. Cao, C. Qiao, “Upgrade-aware Virtual Infrastructure Mapping in Software - Defined Elastic
solution does not provide more network flow than the undefended attacker’s solution. (However, our tool stores alternate, runner -up solutions that often...approximate real WMNs. 51 LIST OF REFERENCES Alderson, D.L., Brown, G.G., & Carlyle, W.M. (2014). Assessing and improving operational resilience
Watts & Strogatz , 1998), or scale-free communities (Lancichinetti & Fortunato, 2009)), a size (25, 50 or 100 nodes) and a density (0.01, 0.02, 0.05...D. J. & Strogatz , S. H., 1998. Collective dynamics of ’small-world’ networks. Nature, 4 June, Volume 393, pp. 440-442. 13. Wu, J., Deng, H.-Z
Mohd. Diansyah, Tengku.; Faisal, Ilham; Perdana, Adidtya; Octaviani Sembiring, Boni; Hidayati Sinaga, Tantri
Security issues become one of the important aspects of a network, especially a network security on the server. These problems underlie the need to build a system that can detect threats from parties who do not have access rights (hackers) that are by building a security system honeypot. A Honeypot is a diversion of intruders' attention, in order for intruders to think that it has managed to break down and retrieve data from a network, when in fact the data is not important and the location is isolated. A way to trap or deny unauthorized use of effort in an information system. One type of honeypot is honeyd. Honeyd is a low interaction honeypot that has a smaller risk compared to high interaction types because the interaction with the honeypot does not directly involve the real system. The purpose of the implementation of honeypot and firewall, firewall is used on Mikrotik. Can be used as an administrative tool to view reports of Honeyd generated activity and administrators can also view reports that are stored in the logs in order to assist in determining network security policies.
PROF. OLIVER OSUAGWA
Jun 1, 2015 ... integrity and availability of the services rendered on VoIP networks. In this paper, the various ... described in  and , denial of service in , eavesdropping ..... distributed denial of service (DDoS) ,. . •. Session initiation ...
Computational Intelligence: Synergies of Fuzzy Logic, Neural Networks and Evolutionary Computing presents an introduction to some of the cutting edge technological paradigms under the umbrella of computational intelligence. Computational intelligence schemes are investigated with the development of a suitable framework for fuzzy logic, neural networks and evolutionary computing, neuro-fuzzy systems, evolutionary-fuzzy systems and evolutionary neural systems. Applications to linear and non-linear systems are discussed with examples. Key features: Covers all the aspect
This dissertation covers the two major parts of my PhD research on statistical physics and complex networks: i) modeling a new type of attack -- localized attack, and investigating robustness of complex networks under this type of attack; ii) discovering the clustering structure in complex networks and its influence on the robustness of coupled networks. Complex networks appear in every aspect of our daily life and are widely studied in Physics, Mathematics, Biology, and Computer Science. One important property of complex networks is their robustness under attacks, which depends crucially on the nature of attacks and the structure of the networks themselves. Previous studies have focused on two types of attack: random attack and targeted attack, which, however, are insufficient to describe many real-world damages. Here we propose a new type of attack -- localized attack, and study the robustness of complex networks under this type of attack, both analytically and via simulation. On the other hand, we also study the clustering structure in the network, and its influence on the robustness of a complex network system. In the first part, we propose a theoretical framework to study the robustness of complex networks under localized attack based on percolation theory and generating function method. We investigate the percolation properties, including the critical threshold of the phase transition pc and the size of the giant component Pinfinity. We compare localized attack with random attack and find that while random regular (RR) networks are more robust against localized attack, Erdoḧs-Renyi (ER) networks are equally robust under both types of attacks. As for scale-free (SF) networks, their robustness depends crucially on the degree exponent lambda. The simulation results show perfect agreement with theoretical predictions. We also test our model on two real-world networks: a peer-to-peer computer network and an airline network, and find that the real-world networks
Mar 5, 2018 ... Abstract- Wireless Sensor Networks (WSNs) consist of a large number of ... have limited energy and memory capacity . The computation of ..... Access (TDMA) schedules for the data transmission time slots. Here the attacker ...
Radovanovic, Igor; van Etten, Wim; Taniman, R.O.; Kleinkiskamp, Ronny
In this paper we present new optical local area networks for fiber-to-the-desk application. Presented networks are expected to bring a solution for having optical fibers all the way to computers. To bring the overall implementation costs down we have based our networks on short-wavelength optical
Alexey A. Efimenko
Full Text Available The article presents the main approaches to cloud computing infrastructure based on the SDN network in present data processing centers (DPC. The main indexes of management effectiveness of network infrastructure of DPC are determined. The examples of solutions for the creation of virtual network devices are provided.
Verschuren, J.; Degen, A.J.G.; Veugen, P.J.M.
A few decades ago, most computers were stand-alone machines: they were able to process information using their own resources. Later, computer systems were connected to each other enabling a computer system to exchange data with another computer and to use resources of another computer. With the
This book aims to examine innovation in the fields of computer engineering and networking. The book covers important emerging topics in computer engineering and networking, and it will help researchers and engineers improve their knowledge of state-of-art in related areas. The book presents papers from the 4th International Conference on Computer Engineering and Networks (CENet2014) held July 19-20, 2014 in Shanghai, China. · Covers emerging topics for computer engineering and networking · Discusses how to improve productivity by using the latest advanced technologies · Examines innovation in the fields of computer engineering and networking
Bogdanov, Andrey; Kavun, Elif Bilge; Tischhauser, Elmar
An accurate estimation of the success probability and data complexity of linear cryptanalysis is a fundamental question in symmetric cryptography. In this paper, we propose an efficient reconfigurable hardware architecture to compute the success probability and data complexity of Matsui's Algorithm...... block lengths ensures that any empirical observations are not due to differences in statistical behavior for artificially small block lengths. Rather surprisingly, we observed in previous experiments a significant deviation between the theory and practice for Matsui's Algorithm 2 for larger block sizes...
Schwemmer, Michael A; Fairhall, Adrienne L; Denéve, Sophie; Shea-Brown, Eric T
While spike timing has been shown to carry detailed stimulus information at the sensory periphery, its possible role in network computation is less clear. Most models of computation by neural networks are based on population firing rates. In equivalent spiking implementations, firing is assumed to be random such that averaging across populations of neurons recovers the rate-based approach. Recently, however, Denéve and colleagues have suggested that the spiking behavior of neurons may be fundamental to how neuronal networks compute, with precise spike timing determined by each neuron's contribution to producing the desired output (Boerlin and Denéve, 2011; Boerlin et al., 2013). By postulating that each neuron fires to reduce the error in the network's output, it was demonstrated that linear computations can be performed by networks of integrate-and-fire neurons that communicate through instantaneous synapses. This left open, however, the possibility that realistic networks, with conductance-based neurons with subthreshold nonlinearity and the slower timescales of biophysical synapses, may not fit into this framework. Here, we show how the spike-based approach can be extended to biophysically plausible networks. We then show that our network reproduces a number of key features of cortical networks including irregular and Poisson-like spike times and a tight balance between excitation and inhibition. Lastly, we discuss how the behavior of our model scales with network size or with the number of neurons "recorded" from a larger computing network. These results significantly increase the biological plausibility of the spike-based approach to network computation. We derive a network of neurons with standard spike-generating currents and synapses with realistic timescales that computes based upon the principle that the precise timing of each spike is important for the computation. We then show that our network reproduces a number of key features of cortical networks
Full Text Available An airflow in the first four generations of the tracheobronchial tree was simulated by the 1D model of incompressible fluid flow through the network of the elastic tubes coupled with 0D models of lumped alveolar components, which aggregates parts of the alveolar volume and smaller airways, extended with convective transport model throughout the lung and alveolar components which were combined with the model of oxygen and carbon dioxide transport between the alveolar volume and the averaged blood compartment during pathological respiratory conditions. The novel features of this work are 1D reconstruction of the tracheobronchial tree structure on the basis of 3D segmentation of the computed tomography (CT data; 1D−0D coupling of the models of 1D bronchial tube and 0D alveolar components; and the alveolar gas exchange model. The results of our simulations include mechanical ventilation, breathing patterns of severely ill patients with the cluster (Biot and periodic (Cheyne-Stokes respirations and bronchial asthma attack. The suitability of the proposed mathematical model was validated. Carbon dioxide elimination efficiency was analyzed in all these cases. In the future, these results might be integrated into research and practical studies aimed to design cyberbiological systems for remote real-time monitoring, classification, prediction of breathing patterns and alveolar gas exchange for patients with breathing problems.
Neil, Joshua Charles
Creation of new edges in a network may be used as an indication of a potential attack on the network. Historical data of a frequency with which nodes in a network create and receive new edges may be analyzed. Baseline models of behavior among the edges in the network may be established based on the analysis of the historical data. A new edge that deviates from a respective baseline model by more than a predetermined threshold during a time window may be detected. The new edge may be flagged as potentially anomalous when the deviation from the respective baseline model is detected. Probabilities for both new and existing edges may be obtained for all edges in a path or other subgraph. The probabilities may then be combined to obtain a score for the path or other subgraph. A threshold may be obtained by calculating an empirical distribution of the scores under historical conditions.
Mohapatra, Durga; Konar, Amit; Chakraborty, Aruna
Advanced Computing, Networking and Informatics are three distinct and mutually exclusive disciplines of knowledge with no apparent sharing/overlap among them. However, their convergence is observed in many real world applications, including cyber-security, internet banking, healthcare, sensor networks, cognitive radio, pervasive computing amidst many others. This two-volume proceedings explore the combined use of Advanced Computing and Informatics in the next generation wireless networks and security, signal and image processing, ontology and human-computer interfaces (HCI). The two volumes together include 148 scholarly papers, which have been accepted for presentation from over 640 submissions in the second International Conference on Advanced Computing, Networking and Informatics, 2014, held in Kolkata, India during June 24-26, 2014. The first volume includes innovative computing techniques and relevant research results in informatics with selective applications in pattern recognition, signal/image process...
Mohammed, F.A.; Omar, A.A.; Ayad, N.M.A.; Madkour, M.A.I.; Ibrahim, M.K.
Many of computer networks have been studied different trends regarding the network architecture and the various protocols that govern data transfers and guarantee a reliable communication among all a hierarchical network structure has been proposed to provide a simple and inexpensive way for the realization of a reliable real-time computer network. In such architecture all computers in the same level are connected to a common serial channel through intelligent nodes that collectively control data transfers over the serial channel. This level of computer network can be considered as a local area computer network (LACN) that can be used in nuclear power plant control system since it has geographically dispersed subsystems. network expansion would be straight the common channel for each added computer (HOST). All the nodes are designed around a microprocessor chip to provide the required intelligence. The node can be divided into two sections namely a common section that interfaces with serial data channel and a private section to interface with the host computer. This part would naturally tend to have some variations in the hardware details to match the requirements of individual host computers. fig 7
Pyle, Ryan; Rosenbaum, Robert
Randomly connected networks of excitatory and inhibitory spiking neurons provide a parsimonious model of neural variability, but are notoriously unreliable for performing computations. We show that this difficulty is overcome by incorporating the well-documented dependence of connection probability on distance. Spatially extended spiking networks exhibit symmetry-breaking bifurcations and generate spatiotemporal patterns that can be trained to perform dynamical computations under a reservoir computing framework.
Pyle, Ryan; Rosenbaum, Robert
Randomly connected networks of excitatory and inhibitory spiking neurons provide a parsimonious model of neural variability, but are notoriously unreliable for performing computations. We show that this difficulty is overcome by incorporating the well-documented dependence of connection probability on distance. Spatially extended spiking networks exhibit symmetry-breaking bifurcations and generate spatiotemporal patterns that can be trained to perform dynamical computations under a reservoir computing framework.
Alfimenkov, A.V.; Vagov, V.A.; Vajdkhadze, F.
New high-speed local computer network, where intelligent network adapter (NA) is used as hardware base, is developed in the JINR Neutron Physics Laboratory to increase operation efficiency and data transfer rate. NA consists of computer bus interface, cable former, microcomputer segment designed for both program realization of channel-level protocol and organization of bidirectional transfer of information through direct access channel between monochannel and computer memory with or witout buffering in NA operation memory device
Ismail, Mohd Nazri
In 21st century, convergences of technologies and services in heterogeneous environment have contributed multi-traffic. This scenario will affect computer network on learning system in higher educational Institutes. Implementation of various services can produce different types of content and quality. Higher educational institutes should have a good computer network infrastructure to support usage of various services. The ability of computer network should consist of i) higher bandwidth; ii) ...
Mohapatra, Durga; Chaki, Nabendu
Advanced Computing, Networking and Informatics are three distinct and mutually exclusive disciplines of knowledge with no apparent sharing/overlap among them. However, their convergence is observed in many real world applications, including cyber-security, internet banking, healthcare, sensor networks, cognitive radio, pervasive computing amidst many others. This two volume proceedings explore the combined use of Advanced Computing and Informatics in the next generation wireless networks and security, signal and image processing, ontology and human-computer interfaces (HCI). The two volumes together include 132 scholarly articles, which have been accepted for presentation from over 550 submissions in the Third International Conference on Advanced Computing, Networking and Informatics, 2015, held in Bhubaneswar, India during June 23–25, 2015.
Rezac, Filip; Voznak, Miroslav; Safarik, Jakub; Partila, Pavol; Tomala, Karel
This article deals about embedded SIP communication server with an easy integration into the computer network based on open source solutions and its effective defense against the most frequent attack in the present - Denial of Service. The article contains brief introduction into the Bright Embedded Solution for IP Telephony - BESIP and describes the most common types of DoS attacks, which are applied on SIP elements of the VoIP infrastructure including the results of defensive mechanism that has been designed.
Tan, Zhiyuan; Jamdagni, Aruna; Nanda, Priyadarsi; He, Xiangjian; Liu, Ren Ping; Jia, Wenjing; Yeh, Wei-chang
Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This
Traffic monitoring and analysis can be done for multiple different reasons: to investigate the usage of network resources, assess the performance of network applications, adjust Quality of Service (QoS) policies in the network, log the traffic to comply with the law, or create realistic models of traffic for academic purposes. We define the objective of this thesis as finding a way to evaluate the performance of various applications in a high-speed Internet infrastructure. To satisfy the obje...
Kim, Jang Gwon; Gu, Chang Hoe
This textbook is composed of twelve chapters, which are communication network introduction, foundation of data communication, data link control, circuit switching system, packet switching system, multiple access communication system, protocol and architecture, LAN, MAN communication network, integrated service digital network, internet and Asymmetric digital subscriber Line and Wireless Local Loop. Each chapter has the introduction of the technique, structure, function and practice problems. It also has the appendix on electricity and communication standards organization, characteristic table and glossary.
In communication networks, fair sharing of resources is an important issue for one main reason. The growth of network capacity is in general not matching the rapid growth of traffic. Consequently, the resources consumed by each user have to be limited. This implies that users cannot always be assigned the end-to-end bandwidth they ask for. Instead, the limited network resources should be distributed to users in a way that assures fair end-to-end bandwidth assignment among them. Obtaini...
Full Text Available Network computing seeks to utilize the aggregate resources of many networked computers to solve a single problem. In so doing it is often possible to obtain supercomputer performance from an inexpensive local area network. The drawback is that network computing is complicated and error prone when done by hand, especially if the computers have different operating systems and data formats and are thus heterogeneous. The heterogeneous network computing environment (HeNCE is an integrated graphical environment for creating and running parallel programs over a heterogeneous collection of computers. It is built on a lower level package called parallel virtual machine (PVM. The HeNCE philosophy of parallel programming is to have the programmer graphically specify the parallelism of a computation and to automate, as much as possible, the tasks of writing, compiling, executing, debugging, and tracing the network computation. Key to HeNCE is a graphical language based on directed graphs that describe the parallelism and data dependencies of an application. Nodes in the graphs represent conventional Fortran or C subroutines and the arcs represent data and control flow. This article describes the present state of HeNCE, its capabilities, limitations, and areas of future research.
Full Text Available U radu su obrađene metode napada, oblici ugrožavanja i vrste pretnji kojima su izložene računarske mreže, kao i moguće metode i tehnička rešenja za zaštitu mreža. Analizirani su efekti pretnji kojima mogu biti izložene računarske mreže i informacije koje se preko njih prenose. Opisana su određena tehnička rešenja koja obezbeđuju potreban nivo zaštite računarskih mreža, kao i mere za zaštitu informacija koje se preko njih prenose. Navedeni su standardi koji se odnose na metode i procedure kriptozaštite informacija u računarskim mrežama. U radu je naveden primer zaštite jedne lokalne računarske mreže. / In this paper different methods of attacks, threats and different forms of dangers to the computer networks are described. The possible models and technical solutions for networks protection are also given. The effects of threats directed to the computer networks and their information are analyzed certain technical solutions that provide necessary protection level of the computer networks as well as measures for information protection are also described. The standards for methods and security procedure for the information in computer networks are enlisted. There is also an example of protecting one local data network (in this paper.
Kleinhans, M.; van Kreveld, M.J.; Ophelders, T.A.E.; Sonke, W.M.; Speckmann, B.; Verbeek, K.A.B.; Aronov, Boris; Katz, Matthew
Drainage networks on terrains have been studied extensively from an algorithmic perspective. However, in drainage networks water flow cannot bifurcate and hence they do not model braided rivers (multiple channels which split and join, separated by sediment bars). We initiate the algorithmic study of
Kleinhans, Maarten; van Kreveld, M.J.; Ophelders, Tim; Sonke, Willem; Speckmann, Bettina; Verbeek, Kevin
Drainage networks on terrains have been studied extensively from an algorithmic perspective. However, in drainage networks water flow cannot bifurcate and hence they do not model braided rivers (multiple channels which split and join, separated by sediment bars). We initiate the algorithmic study of
Drew, Wilfred, Jr.
Discusses the use of wireless technology in academic libraries. Topics include wireless networks; standards (IEEE 802.11); wired versus wireless; why libraries implement wireless technology; wireless local area networks (WLANs); WLAN security; examples of wireless use at Indiana State University and Morrisville College (New York); and useful…
Meng, Tianhui; Li, Xiaofan; Zhang, Sha; Zhao, Yubin
Wireless sensor networks (WSNs) have recently gained popularity for a wide spectrum of applications. Monitoring tasks can be performed in various environments. This may be beneficial in many scenarios, but it certainly exhibits new challenges in terms of security due to increased data transmission over the wireless channel with potentially unknown threats. Among possible security issues are timing attacks, which are not prevented by traditional cryptographic security. Moreover, the limited energy and memory resources prohibit the use of complex security mechanisms in such systems. Therefore, balancing between security and the associated energy consumption becomes a crucial challenge. This paper proposes a secure scheme for WSNs while maintaining the requirement of the security-performance tradeoff. In order to proceed to a quantitative treatment of this problem, a hybrid continuous-time Markov chain (CTMC) and queueing model are put forward, and the tradeoff analysis of the security and performance attributes is carried out. By extending and transforming this model, the mean time to security attributes failure is evaluated. Through tradeoff analysis, we show that our scheme can enhance the security of WSNs, and the optimal rekeying rate of the performance and security tradeoff can be obtained.
Brown, D L
Many complex systems of importance to the U.S. Department of Energy consist of networks of discrete components. Examples are cyber networks, such as the internet and local area networks over which nearly all DOE scientific, technical and administrative data must travel, the electric power grid, social networks whose behavior can drive energy demand, and biological networks such as genetic regulatory networks and metabolic networks. In spite of the importance of these complex networked systems to all aspects of DOE's operations, the scientific basis for understanding these systems lags seriously behind the strong foundations that exist for the 'physically-based' systems usually associated with DOE research programs that focus on such areas as climate modeling, fusion energy, high-energy and nuclear physics, nano-science, combustion, and astrophysics. DOE has a clear opportunity to develop a similarly strong scientific basis for understanding the structure and dynamics of networked systems by supporting a strong basic research program in this area. Such knowledge will provide a broad basis for, e.g., understanding and quantifying the efficacy of new security approaches for computer networks, improving the design of computer or communication networks to be more robust against failures or attacks, detecting potential catastrophic failure on the power grid and preventing or mitigating its effects, understanding how populations will respond to the availability of new energy sources or changes in energy policy, and detecting subtle vulnerabilities in large software systems to intentional attack. This white paper outlines plans for an aggressive new research program designed to accelerate the advancement of the scientific basis for complex networked systems of importance to the DOE. It will focus principally on four research areas: (1) understanding network structure, (2) understanding network dynamics, (3) predictive modeling and simulation for complex
Many complex systems of importance to the U.S. Department of Energy consist of networks of discrete components. Examples are cyber networks, such as the internet and local area networks over which nearly all DOE scientific, technical and administrative data must travel, the electric power grid, social networks whose behavior can drive energy demand, and biological networks such as genetic regulatory networks and metabolic networks. In spite of the importance of these complex networked systems to all aspects of DOE's operations, the scientific basis for understanding these systems lags seriously behind the strong foundations that exist for the 'physically-based' systems usually associated with DOE research programs that focus on such areas as climate modeling, fusion energy, high-energy and nuclear physics, nano-science, combustion, and astrophysics. DOE has a clear opportunity to develop a similarly strong scientific basis for understanding the structure and dynamics of networked systems by supporting a strong basic research program in this area. Such knowledge will provide a broad basis for, e.g., understanding and quantifying the efficacy of new security approaches for computer networks, improving the design of computer or communication networks to be more robust against failures or attacks, detecting potential catastrophic failure on the power grid and preventing or mitigating its effects, understanding how populations will respond to the availability of new energy sources or changes in energy policy, and detecting subtle vulnerabilities in large software systems to intentional attack. This white paper outlines plans for an aggressive new research program designed to accelerate the advancement of the scientific basis for complex networked systems of importance to the DOE. It will focus principally on four research areas: (1) understanding network structure, (2) understanding network dynamics, (3) predictive modeling and simulation for complex networked systems
The Phoebus project investigated algorithms, protocols, and middleware infrastructure to improve end-to-end performance in high speed, dynamic networks. The Phoebus system essentially serves as an adaptation point for networks with disparate capabilities or provisioning. This adaptation can take a variety of forms including acting as a provisioning agent across multiple signaling domains, providing transport protocol adaptation points, and mapping between distributed resource reservation paradigms and the optical network control plane. We have successfully developed the system and demonstrated benefits. The Phoebus system was deployed in Internet2 and in ESnet, as well as in GEANT2, RNP in Brazil and over international links to Korea and Japan. Phoebus is a system that implements a new protocol and associated forwarding infrastructure for improving throughput in high-speed dynamic networks. It was developed to serve the needs of large DOE applications on high-performance networks. The idea underlying the Phoebus model is to embed Phoebus Gateways (PGs) in the network as on-ramps to dynamic circuit networks. The gateways act as protocol translators that allow legacy applications to use dedicated paths with high performance.
Todd Vollmer; Milos Manic
An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.
"Massive quantities of data will soon begin flowing from the largest scientific instrument ever built into an internationl network of computer centers, including one operated jointly by the University of Chicago and Indiana University." (2 pages)
Mrs. Amandeep Kaur
This paper highlights some of the basic concepts of QoS. The major research areas of Quality of Service Computer Networks are highlighted. The paper also compares some of the current QoS Routing techniques.
Husain, A.; Haugen, P. R.; Hutcheson, L. D.; Warrior, J.; Murray, N.; Beatty, M.
In the development of future data management systems, such as the NASA Space Station, a major problem represents the design and implementation of a high performance communication network which is self-correcting and repairing, flexible, and evolvable. To obtain the goal of designing such a network, it will be essential to incorporate distributed adaptive network control techniques. The present paper provides an outline of the functional and communication network requirements for the Space Station data management system. Attention is given to the mathematical representation of the operations being carried out to provide the required functionality at each layer of communication protocol on the model. The possible implementation of specific communication functions in optics is also considered.
Mangaroo, Jewellean; Smith, Bob; Glasser, Jay; Littell, Arthur; Saba, Virginia
Networking as a social entity has important implications for maximizing computer resources for improved utilization in nursing. This paper describes the one process of networking of complementary resources at three institutions. Prairie View A&M University, Texas A&M University and the University of Texas School of Public Health, which has effected greater utilization of computers at the college. The results achieved in this project should have implications for nurses, users, and consumers in...
AFRL-AFOSR-VA-TR-2017-0102 Integrated Optoelectronic Networks for Application- Driven Multicore Computing Sudeep Pasricha COLORADO STATE UNIVERSITY...AND SUBTITLE Integrated Optoelectronic Networks for Application-Driven Multicore Computing 5a. CONTRACT NUMBER 5b. GRANT NUMBER FA9550-13-1-0110 5c...and supportive materials with innovative architectural designs that integrate these components according to system-wide application needs. 15
The development and dissemination of science materials can be associated with technical delivery systems such as the Unified Network for Informatics in Teacher Education (UNITE). The UNITE project was designed to investigate ways for using computer networking to improve communications and collaboration among university schools of education and…
Atkins, D. E.; Olsen, Leslie A.
Presents an overview of the Computer-Aided Engineering Network (CAEN) of the University of Michigan. Describes its arrangement of workstations, communication networks, and servers. Outlines the factors considered in hardware and software decision making. Reviews the program's impact on students. (ML)
Bishop, Ann Peterson
Presents selected results from an empirical investigation into the use of computer networks in aerospace engineering based on data from a national mail survey. The need for user-based studies of electronic networking is discussed, and a copy of the questionnaire used in the survey is appended. (Contains 46 references.) (LRW)
Campana, S; The ATLAS collaboration; Jezequel, S; Negri, G; Serfon, C; Ueda, I
The ATLAS computing infrastructure was designed many years ago based on the assumption of rather limited network connectivity between computing centres. ATLAS sites have been organized in a hierarchical model, where only a static subset of all possible network links can be exploited and a static subset of well connected sites (CERN and the T1s) can cover important functional roles such as hosting master copies of the data. The pragmatic adoption of such simplified approach, in respect of a more relaxed scenario interconnecting all sites, was very beneficial during the commissioning of the ATLAS distributed computing system and essential in reducing the operational cost during the first two years of LHC data taking. In the mean time, networks evolved far beyond this initial scenario: while a few countries are still poorly connected with the rest of the WLCG infrastructure, most of the ATLAS computing centres are now efficiently interlinked. Our operational experience in running the computing infrastructure in ...
Steinberger, Jessica; Sperotto, Anna; Baier, Harald; Pras, Aiko
Over recent years, network-based attacks have become to one of the top causes of network infrastructure and service outages. To counteract a network-based attack, an approach is to move mitigation from the target network to the networks of Internet Service Providers (ISP). However, it remains
location costs of a LRP. Berger, Coullard, and Daskin (2007) utilized a set-partitioning- based formulation of an uncapacitated location-routing...EMPLOYMENT OF A DEEP SEAWEB ACOUSTIC NETWORK FOR SUBMARINE COMMUNICATIONS AT SPEED AND DEPTH USING A DEFENDER-ATTACKER- DEFENDER MODEL by Andrew D...Hendricksen September 2013 Thesis Advisor: W. Matthew Carlyle Thesis Co-Advisor: Joseph A . Rice Second Reader: Robert E. Burks THIS PAGE
Danet, A.; Mirica, M.; Constantinescu, S.
The general computer network of Horia Hulubei National Institute for Physics and Nuclear Engineering (IFIN-HH), as part of RNC (Romanian National Computer Network for scientific research and technological development), offers the Romanian physics research community an efficient and cost-effective infrastructure to communicate and collaborate with fellow researchers abroad, and to collect and exchange the most up-to-date information in their research area. RNC is the national project co-ordinated and established by the Ministry of Research and Technology targeted on the following main objectives: - setting up a technical and organizational infrastructure meant to provide national and international electronic services for the Romanian scientific research community; - providing a rapid and competitive tool for the exchange information in the framework of R-D community; - using the scientific and technical data bases available in the country and offered by the national networks from other countries through international networks; - providing a support for information, documentation, scientific and technical co-operation. The guiding principle in elaborating the project of general computer network of IFIN-HH was to implement an open system based on OSI standards without technical barriers in communication between different communities using different computing hardware and software. The major objectives achieved in 1997 in the direction of developing the general computer network of IFIN-HH (over 250 computers connected) were: - connecting all the existing and newly installed computer equipment and providing an adequate connectivity; - providing the usual Internet services: e-mail, ftp, telnet, finger, gopher; - providing access to the World Wide Web resources; - providing on-line statistics of IP traffic (input and output) of each node of the domain computer network; - improving the performance of the connection with the central node RNC. (authors)
Živković, Ivan S; Stanimirović, Predrag S; Wei, Yimin
Two linear recurrent neural networks for generating outer inverses with prescribed range and null space are defined. Each of the proposed recurrent neural networks is based on the matrix-valued differential equation, a generalization of dynamic equations proposed earlier for the nonsingular matrix inversion, the Moore-Penrose inversion, as well as the Drazin inversion, under the condition of zero initial state. The application of the first approach is conditioned by the properties of the spectrum of a certain matrix; the second approach eliminates this drawback, though at the cost of increasing the number of matrix operations. The cases corresponding to the most common generalized inverses are defined. The conditions that ensure stability of the proposed neural network are presented. Illustrative examples present the results of numerical simulations.
Ido, Shunji; Hasebe, Hiroki
Parallel programming is applied to multiple processors connected in Ethernet. Data exchanges between tasks located in each processing element are realized by two ways. One is socket which is standard library on recent UNIX operating systems. Another is a network connecting software, named as Parallel Virtual Machine (PVM) which is a free software developed by ORNL, to use many workstations connected to network as a parallel computer. This paper discusses the availability of parallel computing using network and UNIX workstations and comparison between specialized parallel systems (Transputer and iPSC/860) in a Monte Carlo simulation which generally shows high parallelization ratio. (author)
Keller, James M; Fogel, David B
This book covers the three fundamental topics that form the basis of computational intelligence: neural networks, fuzzy systems, and evolutionary computation. The text focuses on inspiration, design, theory, and practical aspects of implementing procedures to solve real-world problems. While other books in the three fields that comprise computational intelligence are written by specialists in one discipline, this book is co-written by current former Editor-in-Chief of IEEE Transactions on Neural Networks and Learning Systems, a former Editor-in-Chief of IEEE Transactions on Fuzzy Systems, and the founding Editor-in-Chief of IEEE Transactions on Evolutionary Computation. The coverage across the three topics is both uniform and consistent in style and notation. Discusses single-layer and multilayer neural networks, radial-basi function networks, and recurrent neural networks Covers fuzzy set theory, fuzzy relations, fuzzy logic interference, fuzzy clustering and classification, fuzzy measures and fuzz...
D. Zambrano (Davide); R.B.P. Nusselder (Roeland); H.S. Scholte; S.M. Bohte (Sander)
textabstractArtificial Neural Networks (ANNs) are bio-inspired models of neural computation that have proven highly effective. Still, ANNs lack a natural notion of time, and neural units in ANNs exchange analog values in a frame-based manner, a computationally and energetically inefficient form of
Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda
The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.
Felsen, Leopold B; Russer, Peter
This monograph proposes a systematic and rigorous treatment of electromagnetic field representations in complex structures. The book presents new strong models by combining important computational methods. This is the last book of the late Leopold Felsen.
The goal of the Active System Area Networks (ASAN) project is to develop hardware and software technologies for the implementation of active system area networks (ASANs). The use of the term ''active'' refers to the ability of the network interfaces to perform application-specific as well as system level computations in addition to their traditional role of data transfer. This project adopts the view that the network infrastructure should be an active computational entity capable of supporting certain classes of computations that would otherwise be performed on the host CPUs. The result is a unique network-wide programming model where computations are dynamically placed within the host CPUs or the NIs depending upon the quality of service demands and network/CPU resource availability. The projects seeks to demonstrate that such an approach is a better match for data intensive network-based applications and that the advent of low-cost powerful embedded processors and configurable hardware makes such an approach economically viable and desirable.
Biberman, Aleksandr; Bergman, Keren
Enabled by silicon photonic technology, optical interconnection networks have the potential to be a key disruptive technology in computing and communication industries. The enduring pursuit of performance gains in computing, combined with stringent power constraints, has fostered the ever-growing computational parallelism associated with chip multiprocessors, memory systems, high-performance computing systems and data centers. Sustaining these parallelism growths introduces unique challenges for on- and off-chip communications, shifting the focus toward novel and fundamentally different communication approaches. Chip-scale photonic interconnection networks, enabled by high-performance silicon photonic devices, offer unprecedented bandwidth scalability with reduced power consumption. We demonstrate that the silicon photonic platforms have already produced all the high-performance photonic devices required to realize these types of networks. Through extensive empirical characterization in much of our work, we demonstrate such feasibility of waveguides, modulators, switches and photodetectors. We also demonstrate systems that simultaneously combine many functionalities to achieve more complex building blocks. We propose novel silicon photonic devices, subsystems, network topologies and architectures to enable unprecedented performance of these photonic interconnection networks. Furthermore, the advantages of photonic interconnection networks extend far beyond the chip, offering advanced communication environments for memory systems, high-performance computing systems, and data centers. (review article)
Jin, Dezhe Z.; Seung, H. Sebastian
Neural networks with recurrent connections are sometimes regarded as too slow at computation to serve as models of the brain. Here we analytically study a counterexample, a network consisting of N integrate-and-fire neurons with self excitation, all-to-all inhibition, instantaneous synaptic coupling, and constant external driving inputs. When the inhibition and/or excitation are large enough, the network performs a winner-take-all computation for all possible external inputs and initial states of the network. The computation is done very quickly: As soon as the winner spikes once, the computation is completed since no other neurons will spike. For some initial states, the winner is the first neuron to spike, and the computation is done at the first spike of the network. In general, there are M potential winners, corresponding to the top M external inputs. When the external inputs are close in magnitude, M tends to be larger. If M>1, the selection of the actual winner is strongly influenced by the initial states. If a special relation between the excitation and inhibition is satisfied, the network always selects the neuron with the maximum external input as the winner
Lin, Geng; Devine, Mac
The confluence of technology advancements and business developments in Broadband Internet, Web services, computing systems, and application software over the past decade has created a perfect storm for cloud computing. The "cloud model" of delivering and consuming IT functions as services is poised to fundamentally transform the IT industry and rebalance the inter-relationships among end users, enterprise IT, software companies, and the service providers in the IT ecosystem (Armbrust et al., 2009; Lin, Fu, Zhu, & Dasmalchi, 2009).
The Fusion Energy Division of the Oak Ridge National Laboratory (ORNL) operated by Union Carbide Corporation Nuclear Division (UCC-ND) is primarily involved in the investigation of problems related to the use of controlled thermonuclear fusion as an energy source. The Fusion Energy Division supports investigations of experimental fusion devices and related fusion theory. This memo provides a brief overview of the computing environment in the Fusion Energy Division and the computing support provided to the experimental effort and theory research
is between one and two orders-of-magnitude more efficient than current heralded multiphoton sources based on spontaneous parametric downconversion...expected to perform tasks intractable for a classical computer, yet requiring minimal non-classical resources as compared to full- scale quantum computers...implementations to date employed sources based on inefficient processes—spontaneous parametric downconversion—that only simulate heralded single
Computer networks represent a valuable resource for accessing information. Just as the computer has revolutionized the ability to process and analyze information, networks have and will continue to revolutionize data collection and access. A number of services are in routine use that would not be possible without the presence of an (inter)national computer network (which will be referred to as the internet). Services such as electronic mail, remote terminal access, and network file transfers are almost a required part of any large scientific/research organization. These services only represent a small fraction of the potential uses of the internet; however, the remainder of this paper discusses some of these uses and some technological developments that may influence these uses
Yee, Jason W
... organization's leadership can intervene and prevent the attack. Previous studies have shown that the person's behavior will generally change, and it is possible that social network analysis could be used to observe those changes...
Wilton, M. E.; Murtaugh, J. P.
Program solves problem of an arbitrarily connected one dimensional compressible flow network with pumping in the channels and momentum balancing at flow junctions. Program includes pressure drop calculations for impingement flow and flow through pin fin arrangements, as currently found in many air cooled turbine bucket and vane cooling configurations.
Mohapatra, Durga; Nagar, Atulya; Sahoo, Manmath
The book is a collection of high-quality peer-reviewed research papers presented in the first International Conference on Signal, Networks, Computing, and Systems (ICSNCS 2016) held at Jawaharlal Nehru University, New Delhi, India during February 25–27, 2016. The book is organized in to two volumes and primarily focuses on theory and applications in the broad areas of communication technology, computer science and information security. The book aims to bring together the latest scientific research works of academic scientists, professors, research scholars and students in the areas of signal, networks, computing and systems detailing the practical challenges encountered and the solutions adopted.
Full Text Available CX, a network-based computational exchange, is presented. The system's design integrates variations of ideas from other researchers, such as work stealing, non-blocking tasks, eager scheduling, and space-based coordination. The object-oriented API is simple, compact, and cleanly separates application logic from the logic that supports interprocess communication and fault tolerance. Computations, of course, run to completion in the presence of computational hosts that join and leave the ongoing computation. Such hosts, or producers, use task caching and prefetching to overlap computation with interprocessor communication. To break a potential task server bottleneck, a network of task servers is presented. Even though task servers are envisioned as reliable, the self-organizing, scalable network of n- servers, described as a sibling-connected height-balanced fat tree, tolerates a sequence of n-1 server failures. Tasks are distributed throughout the server network via a simple "diffusion" process. CX is intended as a test bed for research on automated silent auctions, reputation services, authentication services, and bonding services. CX also provides a test bed for algorithm research into network-based parallel computation.
Full Text Available Wireless sensor network refers to a group of sensors, linked by a wireless medium to perform distributed sensing task. The primary interest is their capability in monitoring the physical environment through the deployment of numerous tiny, intelligent, wireless networked sensor nodes. Our interest consists of a sensor network, which includes a few specialized nodes called processing elements that can perform some limited computational capabilities. In this paper, we propose a model called SPLAI that allows the network to compute a finite element problem where the processing elements are modeled as the nodes in the linear triangular approximation problem. Our model also considers the case of some failures of the sensors. A simulation model to visualize this network has been developed using C++ on the Windows environment.
Mezgár, István; Rauschecker, Ursula
Manufacturing enterprises have to organize themselves into effective system architectures forming different types of Networked Enterprises (NE) to match fast changing market demands. Cloud Computing (CC) is an important up to date computing concept for NE, as it offers significant financial and technical advantages beside high-level collaboration possibilities. As cloud computing is a new concept the solutions for handling interoperability, portability, security, privacy and standardization c...
This paper studies the design and analysis of networked multiagent predictive control systems via cloud computing. A cloud predictive control scheme for networked multiagent systems (NMASs) is proposed to achieve consensus and stability simultaneously and to compensate for network delays actively. The design of the cloud predictive controller for NMASs is detailed. The analysis of the cloud predictive control scheme gives the necessary and sufficient conditions of stability and consensus of closed-loop networked multiagent control systems. The proposed scheme is verified to characterize the dynamical behavior and control performance of NMASs through simulations. The outcome provides a foundation for the development of cooperative and coordinative control of NMASs and its applications.
Patro, S.; Kolarik, W.J. [Texas Tech Univ., Lubbock, TX (United States). Dept. of Industrial Engineering
With increasing competition in the global market, more and more stringent quality standards and specifications are being demands at lower costs. Manufacturing applications of computing power are becoming more common. The application of neural networks to identification and control of dynamic processes has been discussed. The limitations of using neural networks for control purposes has been pointed out and a different technique, evolutionary computation, has been discussed. The results of identifying and controlling an unstable, dynamic process using evolutionary computation methods has been presented. A framework for an integrated system, using both neural networks and evolutionary computation, has been proposed to identify the process and then control the product quality, in a dynamic, multivariable system, in real-time.
Wang, Ching-Hao; Mehta, Pankaj
Biophysics fundamentally constrains the computations that cells can carry out. Here, we derive fundamental bounds on the computational capacity of biochemical signaling networks that utilize post-translational modifications (e.g. phosphorylation). To do so, we combine ideas from the statistical physics of disordered systems and the observation by Tony Pawson and others that the biochemistry underlying protein-protein interaction networks is combinatorial and modular. Our results indicate that the computational capacity of signaling networks is severely limited by the energetics of binding and the need to achieve specificity. We relate our results to one of the theoretical pillars of statistical learning theory, Cover's theorem, which places bounds on the computational capacity of perceptrons. PM and CHW were supported by a Simons Investigator in the Mathematical Modeling of Living Systems Grant, and NIH Grant No. 1R35GM119461 (both to PM).
Full Text Available A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000 model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks.
tut quiz present Tutorial Quiz Presentation Interactive Media Element This interactive tutorial the two sub-classes of computer attackers: amateurs and professionals. It provides valuable insight into the nature of necessary protection measure for information assets. CS3600 Information Assurance: Introduction to Computer Security Course
Ahn, Sul-Ah; Jung, Youngim
The research activities of the computational physicists utilizing high performance computing are analyzed by bibliometirc approaches. This study aims at providing the computational physicists utilizing high-performance computing and policy planners with useful bibliometric results for an assessment of research activities. In order to achieve this purpose, we carried out a co-authorship network analysis of journal articles to assess the research activities of researchers for high-performance computational physics as a case study. For this study, we used journal articles of the Scopus database from Elsevier covering the time period of 2004-2013. We extracted the author rank in the physics field utilizing high-performance computing by the number of papers published during ten years from 2004. Finally, we drew the co-authorship network for 45 top-authors and their coauthors, and described some features of the co-authorship network in relation to the author rank. Suggestions for further studies are discussed.
Thomas, Valerie L.; Wakim, Nagi T.
The evolution of computer networking technology has lead to the establishment of a massive networking infrastructure which interconnects various types of computing resources at many government, academic, and corporate institutions. A large segment of this infrastructure has been developed to facilitate information exchange and resource sharing within the scientific community. The National Aeronautics and Space Administration (NASA) supports both the development and the application of computer networks which provide its community with access to many valuable multi-disciplinary scientific information systems and on-line databases. Recognizing the need to extend the benefits of this advanced networking technology to the under-represented community, the National Space Science Data Center (NSSDC) in the Space Data and Computing Division at the Goddard Space Flight Center has developed the Minority University-Space Interdisciplinary Network (MU-SPIN) Program: a major networking and education initiative for Historically Black Colleges and Universities (HBCUs) and Minority Universities (MUs). In this paper, we will briefly explain the various components of the MU-SPIN Program while highlighting how, by providing access to scientific information systems and on-line data, it promotes a higher level of collaboration among faculty and students and NASA scientists.
Some findings of a study concerning a computer based control and monitoring system for the proposed ISABELLE Intersecting Storage Accelerator are presented. Requirements for development and implementation of such a system are discussed. An architecture is proposed where the system components are partitioned along functional lines. Implementation of some conceptually significant components is reviewed
Lu, Lu; Xu, Zhengguo; Wang, Wenhai; Sun, Youxian
Over the past few years, fault detection for computer networks has attracted extensive attentions for its importance in network management. Most existing fault detection methods are based on active probing techniques which can detect the occurrence of faults fast and precisely. But these methods suffer from the limitation of traffic overhead, especially in large scale networks. To relieve traffic overhead induced by active probing based methods, a new fault detection method, whose key is to divide the detection process into multiple stages, is proposed in this paper. During each stage, only a small region of the network is detected by using a small set of probes. Meanwhile, it also ensures that the entire network can be covered after multiple detection stages. This method can guarantee that the traffic used by probes during each detection stage is small sufficiently so that the network can operate without severe disturbance from probes. Several simulation results verify the effectiveness of the proposed method
Wei, Sixiao; Zhang, Hanlin; Chen, Genshe; Shen, Dan; Yu, Wei; Pham, Khanh D.; Blasch, Erik P.; Cruz, Jose B.
With the explosive growth of network technologies, insider attacks have become a major concern to business operations that largely rely on computer networks. To better detect insider attacks that marginally manipulate network traffic over time, and to recover the system from attacks, in this paper we implement a temporal-based detection scheme using the sequential hypothesis testing technique. Two hypothetical states are considered: the null hypothesis that the collected information is from benign historical traffic and the alternative hypothesis that the network is under attack. The objective of such a detection scheme is to recognize the change within the shortest time by comparing the two defined hypotheses. In addition, once the attack is detected, a server migration-based system recovery scheme can be triggered to recover the system to the state prior to the attack. To understand mitigation of insider attacks, a multi-functional web display of the detection analysis was developed for real-time analytic. Experiments using real-world traffic traces evaluate the effectiveness of Detection System and Recovery (DeSyAR) scheme. The evaluation data validates the detection scheme based on sequential hypothesis testing and the server migration-based system recovery scheme can perform well in effectively detecting insider attacks and recovering the system under attack.
Networking and Information Technology Research and Development, Executive Office of the President — U.S.research and development R and D in computing, communications, and information technologies has enabled unprecedented scientific and engineering advances,...
an CnRlni-.Cj , qui ost utilis6 pour Xcuerrcpind iot q~eol CNQ on a un ’R(E~ .gui ost utilisAs pour damr-ndor la~~~~~~ ~ rernmsinLeWmot ulCP] Lea...function can result in the lailure of that tunction and cause the m.. s,.: iot , to be abandoned. For a safety critical function there is an add.iional...Controller; AP-101 interface. 30-6 ENABLE TO SRIALMANCHESTER MODULATOR CONVERTER ENCODER IDRIVER ]J .I BUS CONTROLLER - NETWORK INTERFACE Figure 5. Bus
Holsopple, Jared; Yang, Shanchieh; Argauer, Brian
Much research has been put forth towards detection, correlating, and prediction of cyber attacks in recent years. As this set of research progresses, there is an increasing need for contextual information of a computer network to provide an accurate situational assessment. Typical approaches adopt contextual information as needed; yet such ad hoc effort may lead to unnecessary or even conflicting features. The concept of virtual terrain is, therefore, developed and investigated in this work. Virtual terrain is a common representation of crucial information about network vulnerabilities, accessibilities, and criticalities. A virtual terrain model encompasses operating systems, firewall rules, running services, missions, user accounts, and network connectivity. It is defined as connected graphs with arc attributes defining dynamic relationships among vertices modeling network entities, such as services, users, and machines. The virtual terrain representation is designed to allow feasible development and maintenance of the model, as well as efficacy in terms of the use of the model. This paper will describe the considerations in developing the virtual terrain schema, exemplary virtual terrain models, and algorithms utilizing the virtual terrain model for situation and threat assessment.
have been proposed to get around these problems ranging from pruning the state space of the kth order models  to using mixtures of Markov chains [40...demonstrate this, below are the top four results for the query java coffee . 71 SCORE CATEGORY...4.0189 Shopping/Food/Beverages/Coffee_and_Tea/ Coffee /Espresso 3.8427 Shopping/Food/Beverages/Coffee_and_Tea/ Coffee /Espresso 2.3447 Computers
The Wireless Identification and Sensing Platform (WISP) is the first of a new class of RF-powered sensing and computing systems. Rather than being powered by batteries, these sensor systems are powered by radio waves that are either deliberately broadcast or ambient. Enabled by ongoing exponential improvements in the energy efficiency of microelectronics, RF-powered sensing and computing is rapidly moving along a trajectory from impossible (in the recent past), to feasible (today), toward practical and commonplace (in the near future). This book is a collection of key papers on RF-powered sensing and computing systems including the WISP. Several of the papers grew out of the WISP Challenge, a program in which Intel Corporation donated WISPs to academic applicants who proposed compelling WISP-based projects. The book also includes papers presented at the first WISP Summit, a workshop held in Berkeley, CA in association with the ACM Sensys conference, as well as other relevant papers. The book provides ...
Ramratan Ahirwal; Leeladhar Mahour
In Wireless mobile Ad Hoc Networks (MANET) every node functions as transmitter, router and data sink is network without infrastructure. Detecting malicious nodes in an open ad-hoc network in whichparticipating nodes have no previous security associations presents a number of challenges not faced by traditional wired networks. Traffic monitoring in wired networks is usually performed at switches,routers and gateways, but an ad-hoc network does not have these types of network elements where the...
Full Text Available In this study, we present a highly configurable neuromorphic computing substrate and use it for emulating several types of neural networks. At the heart of this system lies a mixed-signal chip, with analog implementations of neurons and synapses and digital transmission of action potentials. Major advantages of this emulation device, which has been explicitly designed as a universal neural network emulator, are its inherent parallelism and high acceleration factor compared to conventional computers. Its configurability allows the realization of almost arbitrary network topologies and the use of widely varied neuronal and synaptic parameters. Fixed-pattern noise inherent to analog circuitry is reduced by calibration routines. An integrated development environment allows neuroscientists to operate the device without any prior knowledge of neuromorphic circuit design. As a showcase for the capabilities of the system, we describe the successful emulation of six different neural networks which cover a broad spectrum of both structure and functionality.
Pfeil, Thomas; Grübl, Andreas; Jeltsch, Sebastian; Müller, Eric; Müller, Paul; Petrovici, Mihai A; Schmuker, Michael; Brüderle, Daniel; Schemmel, Johannes; Meier, Karlheinz
In this study, we present a highly configurable neuromorphic computing substrate and use it for emulating several types of neural networks. At the heart of this system lies a mixed-signal chip, with analog implementations of neurons and synapses and digital transmission of action potentials. Major advantages of this emulation device, which has been explicitly designed as a universal neural network emulator, are its inherent parallelism and high acceleration factor compared to conventional computers. Its configurability allows the realization of almost arbitrary network topologies and the use of widely varied neuronal and synaptic parameters. Fixed-pattern noise inherent to analog circuitry is reduced by calibration routines. An integrated development environment allows neuroscientists to operate the device without any prior knowledge of neuromorphic circuit design. As a showcase for the capabilities of the system, we describe the successful emulation of six different neural networks which cover a broad spectrum of both structure and functionality.
Accurate detection of cyber-attacks plays a central role in safeguarding computer networks and information systems. This paper addresses the problem of detecting SYN flood attacks, which are the most popular Denial of Service (DoS) attacks. Here, we compare the detection capacity of three commonly monitoring charts namely, a Shewhart chart, a Cumulative Sum (CUSUM) control chart and exponentially weighted moving average (EWMA) chart, in detecting SYN flood attacks. The comparison study is conducted using the publicly available benchmark datasets: the 1999 DARPA Intrusion Detection Evaluation Datasets.
Dimmler, D.G.; Greenlaw, N.; Kelley, M.A.; Potter, D.W.; Rankowitz, S.; Stubblefield, F.W.
A computer network for real-time data acquisition, monitoring and control of a series of experiments at the Brookhaven High Flux Beam Reactor has been developed and has been set into routine operation. This reactor experiment control facility presently services nine neutron spectrometers and one x-ray diffractometer. Several additional experiment connections are in progress. The architecture of the facility is based on a distributed function network concept. A statement of implementation and results is presented
Genot, Anthony J; Fujii, Teruo; Rondelez, Yannick
Cells rely on limited resources such as enzymes or transcription factors to process signals and make decisions. However, independent cellular pathways often compete for a common molecular resource. Competition is difficult to analyze because of its nonlinear global nature, and its role remains unclear. Here we show how decision pathways such as transcription networks may exploit competition to process information. Competition for one resource leads to the recognition of convex sets of patterns, whereas competition for several resources (overlapping or cascaded regulons) allows even more general pattern recognition. Competition also generates surprising couplings, such as correlating species that share no resource but a common competitor. The mechanism we propose relies on three primitives that are ubiquitous in cells: multiinput motifs, competition for a resource, and positive feedback loops.
Olsen, Anders Brødløs; Fitzek, Frank H. P.; Koch, Peter
In this work the idea of cooperation is applied to wireless communication systems. It is generally accepted that energy consumption is a significant design constraint for mobile handheld systems. We propose a novel method of cooperative task computing by distributing tasks among terminals over...... the unreliable wireless link. Principles of multi–processor energy aware task scheduling are used exploiting performance scalable technologies such as Dynamic Voltage Scaling (DVS). We introduce a novel mechanism referred to as D2VS and here it is shown by means of simulation that savings of 40% can be achieved....
... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...
... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...
7 ) AU2 o NAVA TUNDEWATER SY$TEMS CENTER NEWPORT RI F/G 9/2 UIS RIBUT E 0 COMPUTIN G N LTWORK FOR REAL - TIME SYSTEMS .(U) UASSIFIED NOV Al 6 1...MORAIS - UT 92 dLEVEL c A Distributed Computing Network for Real - Time Systems . 11 -1 Gordon E/Morson I7 y tm- ,r - t "en t As J 2 -p .. - 7 I’ cNaval...NUMBER TD 5932 / N 4. TITLE mand SubotI. S. TYPE OF REPORT & PERIOD COVERED A DISTRIBUTED COMPUTING NETWORK FOR REAL - TIME SYSTEMS 6. PERFORMING ORG
The computation of phylogenetic trees on the same set of species that are based on different orthologous genes can lead to incongruent trees. One possible explanation for this behavior are interspecific hybridization events recombining genes of different species. An important approach to analyze such events is the computation of hybridization networks. This work presents the first algorithm computing the hybridization number as well as a set of representative hybridization networks for multiple binary phylogenetic input trees on the same set of taxa. To improve its practical runtime, we show how this algorithm can be parallelized. Moreover, we demonstrate the efficiency of the software Hybroscale, containing an implementation of our algorithm, by comparing it to PIRNv2.0, which is so far the best available software computing the exact hybridization number for multiple binary phylogenetic trees on the same set of taxa. The algorithm is part of the software Hybroscale, which was developed specifically for the investigation of hybridization networks including their computation and visualization. Hybroscale is freely available(1) and runs on all three major operating systems. Our simulation study indicates that our approach is on average 100 times faster than PIRNv2.0. Moreover, we show how Hybroscale improves the interpretation of the reported hybridization networks by adding certain features to its graphical representation.
Liu, Yuze; Li, Hui; Ji, Yuefeng
With the development of big data and cloud computing technology, the traditional software-defined network is facing new challenges (e.g., ubiquitous accessibility, higher bandwidth, more flexible management and greater security). This paper proposes a new service-oriented software defined optical network architecture, including a resource layer, a service abstract layer, a control layer and an application layer. We then dwell on the corresponding service providing method. Different service ID is used to identify the service a device can offer. Finally, we experimentally evaluate that proposed service providing method can be applied to transmit different services based on the service ID in the service-oriented software defined optical network.
Krylov, V.A.; Pisarenko, V.P.
Methods of modeling complex power networks with short circuits in the networks are described. The methods are implemented in integrated computation programs for short circuit currents and equivalents in electrical networks with a large number of branch points (up to 1000) on a computer with a limited on line memory capacity (M equals 4030 for the computer).
Gerard, F M
Virtually all of the experiments conducted at CERN use minicomputers today; some simply acquire data and store results on magnetic tape while others actually control experiments and help to process the resulting data. Currently there are more than two hundred minicomputers being used in the laboratory. In order to provide the minicomputer users with access to facilities available on mainframes and also to provide intercommunication between various experimental minicomputers, CERN opted for a packet switching network back in 1975. It was decided to use Modcomp II computers as switching nodes. The only software to be taken was a communications-oriented operating system called Maxcom. Today eight Modcomp II 16-bit computers plus six newer Classic minicomputers from Modular Computer Services have been purchased for the CERNET data communications networks. The current configuration comprises 11 nodes connecting more than 40 user machines to one another and to the laboratory's central computing facility. (0 refs).
Lu, Jingyang; Li, Lun; Chen, Genshe; Shen, Dan; Pham, Khanh; Blasch, Erik
In this paper, a Cognitive Radio Network (CRN) based on artificial intelligence is proposed to distribute the limited radio spectrum resources more efficiently. The CRN framework can analyze the time-sensitive signal data close to the signal source using fog computing with different types of machine learning techniques. Depending on the computational capabilities of the fog nodes, different features and machine learning techniques are chosen to optimize spectrum allocation. Also, the computing nodes send the periodic signal summary which is much smaller than the original signal to the cloud so that the overall system spectrum source allocation strategies are dynamically updated. Applying fog computing, the system is more adaptive to the local environment and robust to spectrum changes. As most of the signal data is processed at the fog level, it further strengthens the system security by reducing the communication burden of the communications network.
Abbott, L. W.
The dispersed sensor processing mesh (DSPM) is an experimental, ultra-reliable, fault-tolerant computer communications network that exhibits an organic-like ability to regenerate itself after suffering damage. The regeneration is accomplished by two routines - grow and repair. This paper discusses the DSPM concept for achieving fault tolerance and provides a brief description of the mechanization of both the experiment and the six-node experimental network. The main topic of this paper is the system performance of the growth algorithm contained in the grow routine. The characteristics imbued to DSPM by the growth algorithm are also discussed. Data from an experimental DSPM network and software simulation of larger DSPM-type networks are used to examine the inherent limitation on growth time by the growth algorithm and the relationship of growth time to network size and topology.
Andrey Alexeevich Chechulin
Full Text Available The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.
Proceedings of The National Conference on Artificial Intelligence , pages 181-184, The American Association for Aritificial Intelligence , Pittsburgh...Intermediary Resource: Intelligent Executive Computer Communication John Lyman and Carla J. Conaway University of California at Los Angeles for Contracting...Include Security Classification) Interim Report: Distributed Problem Solving: Adaptive Networks With a Computer Intermediary Resource: Intelligent
Mary Violeta Bar
The computational intelligence techniques are used in problems which can not be solved by traditional techniques when there is insufficient data to develop a model problem or when they have errors.Computational intelligence, as he called Bezdek (Bezdek, 1992) aims at modeling of biological intelligence. Artificial Neural Networks( ANNs) have been applied to an increasing number of real world problems of considerable complexity. Their most important advantage is solving problems that are too c...
Kratochvil, D.; Sood, D.; Verostko, A.
During the last decade, NASA LeRC's Communication Program has conducted a series of telecommunications forecasting studies to project trends and requirements and to identify critical telecommunications technologies that must be developed to meet future requirements. The Government Networks Division of Contel Federal Systems has assisted NASA in these studies, and the current study builds upon these earlier efforts. The current major thrust of the NASA Communications Program is aimed at developing the high risk, advanced, communications satellite and terminal technologies required to significantly increase the capacity of future communications systems. Also, major new technological, economic, and social-political events and trends are now shaping the communications industry of the future. Therefore, a re-examination of future telecommunications needs and requirements is necessary to enable NASA to make management decisions in its Communications Program and to ensure the proper technologies and systems are addressed. This study, through a series of Task Orders, is helping NASA define the likely communication service needs and requirements of the future and thereby ensuring that the most appropriate technology developments are pursued.
Archer, Charles J.; Pinnow, Kurt W.; Wallenfelt, Brian P.
Methods, parallel computers, and products are provided for identifying failure in a tree network of a parallel computer. The parallel computer includes one or more processing sets including an I/O node and a plurality of compute nodes. For each processing set embodiments include selecting a set of test compute nodes, the test compute nodes being a subset of the compute nodes of the processing set; measuring the performance of the I/O node of the processing set; measuring the performance of the selected set of test compute nodes; calculating a current test value in dependence upon the measured performance of the I/O node of the processing set, the measured performance of the set of test compute nodes, and a predetermined value for I/O node performance; and comparing the current test value with a predetermined tree performance threshold. If the current test value is below the predetermined tree performance threshold, embodiments include selecting another set of test compute nodes. If the current test value is not below the predetermined tree performance threshold, embodiments include selecting from the test compute nodes one or more potential problem nodes and testing individually potential problem nodes and links to potential problem nodes.
Stanimirović, Predrag S; Zivković, Ivan S; Wei, Yimin
This paper presents a recurrent neural network (RNN) for computing the Drazin inverse of a real matrix in real time. This recurrent neural network (RNN) is composed of n independent parts (subnetworks), where n is the order of the input matrix. These subnetworks can operate concurrently, so parallel and distributed processing can be achieved. In this way, the computational advantages over the existing sequential algorithms can be attained in real-time applications. The RNN defined in this paper is convenient for an implementation in an electronic circuit. The number of neurons in the neural network is the same as the number of elements in the output matrix, which represents the Drazin inverse. The difference between the proposed RNN and the existing ones for the Drazin inverse computation lies in their network architecture and dynamics. The conditions that ensure the stability of the defined RNN as well as its convergence toward the Drazin inverse are considered. In addition, illustrative examples and examples of application to the practical engineering problems are discussed to show the efficacy of the proposed neural network.
Graves, Alex; Wayne, Greg; Reynolds, Malcolm; Harley, Tim; Danihelka, Ivo; Grabska-Barwińska, Agnieszka; Colmenarejo, Sergio Gómez; Grefenstette, Edward; Ramalho, Tiago; Agapiou, John; Badia, Adrià Puigdomènech; Hermann, Karl Moritz; Zwols, Yori; Ostrovski, Georg; Cain, Adam; King, Helen; Summerfield, Christopher; Blunsom, Phil; Kavukcuoglu, Koray; Hassabis, Demis
Artificial neural networks are remarkably adept at sensory processing, sequence learning and reinforcement learning, but are limited in their ability to represent variables and data structures and to store data over long timescales, owing to the lack of an external memory. Here we introduce a machine learning model called a differentiable neural computer (DNC), which consists of a neural network that can read from and write to an external memory matrix, analogous to the random-access memory in a conventional computer. Like a conventional computer, it can use its memory to represent and manipulate complex data structures, but, like a neural network, it can learn to do so from data. When trained with supervised learning, we demonstrate that a DNC can successfully answer synthetic questions designed to emulate reasoning and inference problems in natural language. We show that it can learn tasks such as finding the shortest path between specified points and inferring the missing links in randomly generated graphs, and then generalize these tasks to specific graphs such as transport networks and family trees. When trained with reinforcement learning, a DNC can complete a moving blocks puzzle in which changing goals are specified by sequences of symbols. Taken together, our results demonstrate that DNCs have the capacity to solve complex, structured tasks that are inaccessible to neural networks without external read-write memory.
Alemberti, A.; Graziosi, G.; Mini, G.; Susco, M.
Thermohydraulic networks are I-D systems characterized by a small number of basic components (pumps, valves, heat exchangers, etc) connected by pipes and limited spatially by a defined number of boundary conditions (tanks, atmosphere, etc). The network system is simulated by the well known computer program RELAPS/mod3. Information concerning the network geometry component behaviour, initial and boundary conditions are usually supplied to the RELAPS code using an ASCII input file by means of 'input cards'. CATNET (Computer Aided Thermalhydraulic NETwork) is a graphically user interface that, under specific user guidelines which completely define its range of applicability, permits a very high level of standardization and simplification of the RELAPS/mod3 input deck development process as well as of the output processing. The characteristics of the components (pipes, valves, pumps etc), defining the network system can be entered through CATNET. The CATNET interface is provided by special functions to compute form losses in the most typical bending and branching configurations. When the input of all system components is ready, CATNET is able to generate the RELAPS/mod3 input file. Finally, by means of CATNET, the RELAPS/mod3 code can be run and its output results can be transformed to an intuitive display form. The paper presents an example of application of the CATNET interface as well as the latest developments which greatly simplified the work of the users and allowed to reduce the possibility of input errors. (authors)
Full Text Available Extracellular matrix (ECM strongly influences cellular behaviors, including cell proliferation, adhesion, and particularly migration. In cancer, the rigidity of the stromal collagen environment is thought to control tumor aggressiveness, and collagen alignment has been linked to tumor cell invasion. While the mechanical properties of collagen at both the single fiber scale and the bulk gel scale are quite well studied, how the fiber network responds to local stress or deformation, both structurally and mechanically, is poorly understood. This intermediate scale knowledge is important to understanding cell-ECM interactions and is the focus of this study. We have developed a three-dimensional elastic collagen fiber network model (bead-and-spring model and studied fiber network behaviors for various biophysical conditions: collagen density, crosslinker strength, crosslinker density, and fiber orientation (random vs. prealigned. We found the best-fit crosslinker parameter values using shear simulation tests in a small strain region. Using this calibrated collagen model, we simulated both shear and tensile tests in a large linear strain region for different network geometry conditions. The results suggest that network geometry is a key determinant of the mechanical properties of the fiber network. We further demonstrated how the fiber network structure and mechanics evolves with a local formation, mimicking the effect of pulling by a pseudopod during cell migration. Our computational fiber network model is a step toward a full biomechanical model of cellular behaviors in various ECM conditions.
These notes for DTU course 02220, Concurrent Programming, give an introduction to computer networks, with focus on the modern Internet. Basic Internet protocols such as IP, TCP and UDP are presented, and two Internet application protocols, SMTP and HTTP, are described in some detail. Techniques...
Momeni, B.; Kharrazi, M.
Computer networks courses are hard to teach as there are many details in the protocols and techniques involved that are difficult to grasp. Employing programming assignments as part of the course helps students to obtain a better understanding and gain further insight into the theoretical lectures. In this paper, the Partov simulation engine and…
Sanchez, R.F.; Edwards, R.M.
A state-of-the-art UNIX network compatible controller and UNIX host workstation with MATLAB/SIMULINK software were used to develop, implement, and validate a digital reactivity calculation. An objective of the development was to determine why a Macintosh-based reactivity computer reactivity output drifted intolerably
The role of data centers and computers are vital for the future of our data-centric society. Historically the performance of data-centers is increasing with a factor 100-1000 every ten years and as a result of this the capacity of the data-center communication network has to scale accordingly. This