WorldWideScience

Sample records for network security configuration

  1. DESAIN DAN IMPLEMENTASI NETWORKING SECURITY MEMANFAATKAN SECURITY CONFIGURATION WIZARD (SCW)

    OpenAIRE

    Zakir Supratman

    2017-01-01

    The security problem and data privacy are one of the most important aspect from information system. The operation system of Microsoft Windows Server 2008 gives some new facilities; including thing that relates to the security aspect is Windows Firewall with Advanced Security. With that facilities enable the user to make individual rules that suitable with the security need of network. In this observation it is discussed about how to develop the network of security with the use of ...

  2. Secure Message Distribution Scheme with Configurable Privacy in Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    Li, Yahui; Ma, Jianfeng; Moon, Sangjae

    Security and privacy of wireless sensor networks are key research issues recently. Most existing researches regarding wireless sensor networks security consider homogenous sensor networks. To achieve better security and performance, we adopt a heterogeneous wireless sensor network (HWSN) model that consists of physically different types of sensor nodes. This paper presents a secure message distribution scheme with configurable privacy for HWSNs, which takes advantage of powerful high-end sensor nodes. The scheme establishes a message distribution topology in an efficient and secure manner. The sensor node only need generate one signature for all the messages for all the users, which can greatly save the communication and computation cost of the sensor node. On the other hand, the user can only know the messages that let him know based on a pre-set policy, which can meet the requirement of the privacy. We show that the scheme has small bandwidth requirements and it is resilient against the node compromise attack.

  3. Secure Protocol and IP Core for Configuration of Networking Hardware IPs in the Smart Grid

    Directory of Open Access Journals (Sweden)

    Marcelo Urbina

    2018-02-01

    Full Text Available Nowadays, the incorporation and constant evolution of communication networks in the electricity sector have given rise to the so-called Smart Grid, which is why it is necessary to have devices that are capable of managing new communication protocols, guaranteeing the strict requirements of processing required by the electricity sector. In this context, intelligent electronic devices (IEDs with network architectures are currently available to meet the communication, real-time processing and interoperability requirements of the Smart Grid. The new generation IEDs include an Field Programmable Gate Array (FPGA, to support specialized networking switching architectures for the electric sector, as the IEEE 1588-aware High-availability Seamless Redundancy/Parallel Redundancy Protocol (HSR/PRP. Another advantage to using an FPGA is the ability to update or reconfigure the design to support new requirements that are being raised to the standards (IEC 61850. The update of the architecture implemented in the FPGA can be done remotely, but it is necessary to establish a cyber security mechanism since the communication link generates vulnerability in the case the attacker gains physical access to the network. The research presented in this paper proposes a secure protocol and Intellectual Property (IP core for configuring and monitoring the networking IPs implemented in a Field Programmable Gate Array (FPGA. The FPGA based implementation proposed overcomes this issue using a light Layer-2 protocol fully implemented on hardware and protected by strong cryptographic algorithms (AES-GCM, defined in the IEC 61850-90-5 standard. The proposed secure protocol and IP core are applicable in any field where remote configuration over Ethernet is required for IP cores in FPGAs. In this paper, the proposal is validated in communications hardware for Smart Grids.

  4. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  5. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  6. Windows 2012 Server network security securing your Windows network systems and infrastructure

    CERN Document Server

    Rountree, Derrick

    2013-01-01

    Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

  7. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  8. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  9. Network configuration management : paving the way to network agility.

    Energy Technology Data Exchange (ETDEWEB)

    Maestas, Joseph H.

    2007-08-01

    Sandia networks consist of nearly nine hundred routers and switches and nearly one million lines of command code, and each line ideally contributes to the capabilities of the network to convey information from one location to another. Sandia's Cyber Infrastructure Development and Deployment organizations recognize that it is therefore essential to standardize network configurations and enforce conformance to industry best business practices and documented internal configuration standards to provide a network that is agile, adaptable, and highly available. This is especially important in times of constrained budgets as members of the workforce are called upon to improve efficiency, effectiveness, and customer focus. Best business practices recommend using the standardized configurations in the enforcement process so that when root cause analysis results in recommended configuration changes, subsequent configuration auditing will improve compliance to the standard. Ultimately, this minimizes mean time to repair, maintains the network security posture, improves network availability, and enables efficient transition to new technologies. Network standardization brings improved network agility, which in turn enables enterprise agility, because the network touches all facets of corporate business. Improved network agility improves the business enterprise as a whole.

  10. Securing Personal Network Clusters

    NARCIS (Netherlands)

    Jehangir, A.; Heemstra de Groot, S.M.

    2007-01-01

    A Personal Network is a self-organizing, secure and private network of a user’s devices notwithstanding their geographic location. It aims to utilize pervasive computing to provide users with new and improved services. In this paper we propose a model for securing Personal Network clusters. Clusters

  11. Network Security Visualization

    Science.gov (United States)

    1999-09-27

    Internet Scanner 5.2 User Guide for Windows NT”, Internet Security Systems, Inc., 1998. “SBIR Topic AF97-043 Network Security Visualization...to the Server application to import into the NSV system database data that gets queried from ISS Internet Security Scanner 5.4. Objective #5 was... Internet Security Scanner scan of a live network and imported through a Cartridge component. The data was accessed through the Server component and

  12. Security for multihop wireless networks

    CERN Document Server

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  13. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  14. Network Security Visualization

    National Research Council Canada - National Science Library

    1999-01-01

    The application of interactive, three-dimensional viewing techniques to the representation of security-related, computer network status and events is expected to improve the timeliness and efficiency...

  15. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  16. Home Network Security

    NARCIS (Netherlands)

    Scholten, Johan; van Dijk, H.W.

    2008-01-01

    Service discovery and secure and safe service usage are essential elements in the deployment of home and personal networks. Because no system administrator is present, setup and daily operation of such a network has to be automated as much as possible with a high degree of user friendliness. To

  17. Network security risk level

    Directory of Open Access Journals (Sweden)

    Emil BURTESCU

    2006-01-01

    Full Text Available The advantages of the existence of a computers network within any company with pretensions are obvious. But the construction and the existence of a network without meeting some minimum security requirements, although it would be preferable to be optimal, can lead to bad functioning in the performance of the company’s business. The vulnerability of a grouping, such as a network, is given by the weakest point in its competence. The establishing of the risk level of each component of the network, and implicitly of the grouping, is highly necessary

  18. Gross anatomy of network security

    Science.gov (United States)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  19. Quality and food network configuration

    DEFF Research Database (Denmark)

    Kjeldsen, Chris; Noe, Egon

    The aim of the paper is to analyze how the emergence of distinct quality conventions relates to particular network relations within two selected Danish organic dairy enterprises. The paper starts out from the assumption that the distinct qualities, which distinguish organic food, can be viewed...... is thus extremely important and even more so if the product chain in question is a ‘high-quality’ food chain of a relatively high level of complexity, such as an organic food network. Analytically, our main focus is on the relation between network structure and the qualities mediated from cow to cup....... The paper is based on case studies of two Danish dairy enterprises (Thise Dairy and Arla Foods), which all operate within the Danish 'high-quality' and organic food market....

  20. Network perimeter security building defense in-depth

    CERN Document Server

    Riggs, Cliff

    2003-01-01

    PREFACEWho is this Book For?The Path to Network SecurityWho Should Read This Book?MANAGING NETWORK SECURITYThe Big Picture: Security Policies from A to ZAdministrative CountermeasuresPhysical CountermeasuresTechnological CountermeasuresCreating the Security Standards DocumentCreating the Configuration Guide DocumentPulling it All Together: Sample Security Policy CreationProteris Security Standards and ProceduresTHE NETWORK STACK AND SECURITYConnecting the NetworkProtocolsServers and HostsCRYPTOGRAPHY AND VPN TERMINOLOGYKeysCertificatesHashingDigital SignaturesCommon Encryption AlgorithmsSplit

  1. Network configuration of global R&D networks

    DEFF Research Database (Denmark)

    Hansen, Zaza Nadja Lee; Srai, Jagjit Singh

    2011-01-01

    Companies are increasingly globalising their R&D activities, both within the firms and with external partners, with consequent implications for their interaction with manufacturing operations. Previous research in R&D networks has focused on coordination, governance and support elements. However......, network configuration of global R&D has tended to focus on strategic elements with limited attention given operational effectiveness, or to interfaces with downstream manufacturing operations. Within OM literature, the drivers of configuration of global networks within, engineering, production, supply...

  2. Campus network security model study

    Science.gov (United States)

    Zhang, Yong-ku; Song, Li-ren

    2011-12-01

    Campus network security is growing importance, Design a very effective defense hacker attacks, viruses, data theft, and internal defense system, is the focus of the study in this paper. This paper compared the firewall; IDS based on the integrated, then design of a campus network security model, and detail the specific implementation principle.

  3. Wireless Network Penetration Testing and Security Auditing

    Directory of Open Access Journals (Sweden)

    Wang Shao-Long

    2016-01-01

    Full Text Available IEEE802.11 wireless wireless networks have security issues that are vulnerable to a variety of attacks. Due to using radio to transport data, attackers can bypass firewalls, sniff sensitive information, intercept packets and send malicious packets. Security auditing and penetration testing is expected to ensure wireless networks security. The contributions of this work are analyzed the vulnerability and types of attacks pertaining to IEEE 802.11 WLAN, performed well known attacks in a laboratory environment to conduct penetration tests to confirm whether our wireless network is hackable or not. WAIDPS is configured as auditing tool to view wireless attacks, such as WEP/WPA/WPA2 cracking, rouge access points, denial of service attack. WAIDPS is designed to detect wireless intrusion with additional features. Penetration testing and auditing will mitigate the risk and threatening to protect WALN.

  4. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  5. Installing and configuring security mechanisms: Freeradius-MySQL, Freeradius-LDAP, PAM/USB Modules, LinOTP

    OpenAIRE

    Νισκόπουλος, Νικόλαος Α.

    2012-01-01

    This master thesis is a compilation of instructions- "how to" guides in order to install and configure security mechanisms that are of crucial importance considering the numerous threats any system administrator has to confront during his daily obligations. The first security mechanism that has been installed and configured was Freeradius combined with MySQL database in Ubuntu 11.10 operating system. The freeradius was installed to a local network and wan configured to authenticate users stor...

  6. Techniques for Modelling Network Security

    OpenAIRE

    Lech Gulbinovič

    2012-01-01

    The article compares modelling techniques for network security, including the theory of probability, Markov processes, Petri networks and application of stochastic activity networks. The paper introduces the advantages and disadvantages of the above proposed methods and accepts the method of modelling the network of stochastic activity as one of the most relevant. The stochastic activity network allows modelling the behaviour of the dynamic system where the theory of probability is inappropri...

  7. Secure positioning in wireless networks

    DEFF Research Database (Denmark)

    Capkun, Srdjan; Hubaux, Jean-Pierre

    2006-01-01

    So far, the problem of positioning in wireless networks has been studied mainly in a non-adversarial settings. In this work, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call...... Verifiable Multilateration. We then show how this mechanism can be used to secure positioning in sensor networks. We analyze our system through simulations....

  8. Security in wireless sensor networks

    CERN Document Server

    Oreku, George S

    2016-01-01

    This monograph covers different aspects of sensor network security including new emerging technologies. The authors present a mathematical approach to the topic and give numerous practical examples as well as case studies to illustrate the theory. The target audience primarily comprises experts and practitioners in the field of sensor network security, but the book may also be beneficial for researchers in academia as well as for graduate students.

  9. Security Evaluation of Wireless Network Access Points

    Directory of Open Access Journals (Sweden)

    Kalniņš Rūdolfs

    2017-05-01

    Full Text Available The paper focuses on the real-world usage of IEEE 802.11 wireless network encryption and Wi-Fi Protected Setup (WPS function. A brief history on the development of encryption methods and WPS is given. Wireless scanning of 802.11 networks in a capital city has been performed, and the results of it have been analysed. To ascertain the knowledge about the security of wireless networks of the average user, an online survey has been conducted. To test the security of encryption methods and WPS function, practical attacks against private test wireless networks have been made. The authors conclude that the safest way to set up 802.11 network with a pre-shared key is to use Wi-Fi Protected Access 2 (WPA2 encryption without support for WPS function. Statistics in Riga shows that networks are often configured otherwise and thus vulnerable to attacks. Survey results prove that respondents are not well informed regarding the security of wireless networks.

  10. Network Security Is Manageable

    Science.gov (United States)

    Roberts, Gary

    2006-01-01

    An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

  11. Securing underwater wireless communication networks

    OpenAIRE

    Domingo Aladrén, Mari Carmen

    2011-01-01

    Underwater wireless communication networks are particularly vulnerable to malicious attacks due to the high bit error rates, large and variable propagation delays, and low bandwidth of acoustic channels. The unique characteristics of the underwater acoustic communication channel, and the differences between underwater sensor networks and their ground-based counterparts require the development of efficient and reliable security mechanisms. In this article, a compl...

  12. Security evaluation of Unix networks

    OpenAIRE

    Brown, Thomas L.

    1993-01-01

    Approved for public release, distribution is unlimited. In recent years, computer networks have significantly increased in both complexity and number, and these networks are attractive targets for attack and intrusion. Unix networks being managed by the government and providing access to unclassified sensitive information are particularly vulnerable to attack. Ensuring the security of sensitive information will be one of the single most important management issues in computer/information s...

  13. Semantic Security Methods for Software-Defined Networks

    Directory of Open Access Journals (Sweden)

    Ekaterina Ju. Antoshina

    2017-01-01

    Full Text Available Software-defined networking is a promising technology for constructing communication networks where the network management is the software that configures network devices. This contrasts with the traditional point of view where the network behaviour is updated by manual configuration uploading to devices under control. The software controller allows dynamic routing configuration inside the net depending on the quality of service. However, there must be a proof that ensures that every network flow is secure, for example, we can define security policy as follows: confidential nodes can not send data to the public segment of the network. The paper shows how this problem can be solved by using a semantic security model. We propose a method that allows us to construct semantics that captures necessary security properties the network must follow. This involves the specification that states allowed and forbidden network flows. The specification is then modeled as a decision tree that may be reduced. We use the decision tree for semantic construction that captures security requirements. The semantic can be implemented as a module of the controller software so the correctness of the control plane of the network can be ensured on-the-fly. 

  14. Wireless network security theories and applications

    CERN Document Server

    Chen, Lei; Zhang, Zihong

    2013-01-01

    Wireless Network Security Theories and Applications discusses the relevant security technologies, vulnerabilities, and potential threats, and introduces the corresponding security standards and protocols, as well as provides solutions to security concerns. Authors of each chapter in this book, mostly top researchers in relevant research fields in the U.S. and China, presented their research findings and results about the security of the following types of wireless networks: Wireless Cellular Networks, Wireless Local Area Networks (WLANs), Wireless Metropolitan Area Networks (WMANs), Bluetooth

  15. Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

    Energy Technology Data Exchange (ETDEWEB)

    Orvis, W J; Krystosek, P; Smith, J

    2002-11-27

    With more and more people working at home and connecting to company networks via the Internet, the risk to company networks to intrusion and theft of sensitive information is growing. Working from home has many positive advantages for both the home worker and the company they work for. However, as companies encourage people to work from home, they need to start considering the interaction of the employee's home network and the company network he connects to. This paper discusses problems and solutions related to protection of home computers from attacks on those computers via the network connection. It does not consider protection of those systems from people who have physical access to the computers nor does it consider company laptops taken on-the-road. Home networks are often targeted by intruders because they are plentiful and they are usually not well secured. While companies have departments of professionals to maintain and secure their networks, home networks are maintained by the employee who may be less knowledgeable about network security matters. The biggest problems with home networks are that: Home networks are not designed to be secure and may use technologies (wireless) that are not secure; The operating systems are not secured when they are installed; The operating systems and applications are not maintained (for security considerations) after they are installed; and The networks are often used for other activities that put them at risk for being compromised. Home networks that are going to be connected to company networks need to be cooperatively secured by the employee and the company so they do not open up the company network to intruders. Securing home networks involves many of the same operations as securing a company network: Patch and maintain systems; Securely configure systems; Eliminate unneeded services; Protect remote logins; Use good passwords; Use current antivirus software; and Moderate your Internet usage habits. Most of these

  16. Introduction to network security

    CERN Document Server

    Jacobson, Douglas

    2008-01-01

    … Students can easily understand how things work thanks to the different figures/definitions … students can see the different steps taken to build a secure environment and avoid most of the usual mistakes. … A website (http://www.dougj.net/textbook) is provided to support the book, where the reader can find additional content, like instructor materials, slides to support the book, on-line tutorials, help to start the programming parts. It is not mandatory at all to understand the book, but it is a really nice addition. … the book is really well written, and easily understandable without lackin

  17. 76 FR 67750 - Homeland Security Information Network Advisory Committee

    Science.gov (United States)

    2011-11-02

    ... SECURITY Homeland Security Information Network Advisory Committee AGENCY: Department of Homeland Security... Applicants for Appointment to Homeland Security Information Network Advisory Committee. SUMMARY: The Secretary of Homeland Security has determined that the renewal of the Homeland Security Information Network...

  18. A Security Architecture for Health Information Networks

    OpenAIRE

    Kailar, Rajashekar

    2007-01-01

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set t...

  19. Security-Enhanced Push Button Configuration for Home Smart Control.

    Science.gov (United States)

    Han, Junghee; Park, Taejoon

    2017-06-08

    With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment.

  20. Security Investment in Contagious Networks.

    Science.gov (United States)

    Hasheminasab, Seyed Alireza; Tork Ladani, Behrouz

    2018-01-16

    Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players. © 2018 Society for Risk Analysis.

  1. A security architecture for health information networks.

    Science.gov (United States)

    Kailar, Rajashekar; Muralidhar, Vinod

    2007-10-11

    Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

  2. 75 FR 2433 - Special Conditions: Boeing Model 747-8/-8F Airplanes, Systems and Data Networks Security...

    Science.gov (United States)

    2010-01-15

    ... Security--Protection of Airplane Systems and Data Networks From Unauthorized External Access AGENCY... external systems and networks may result in security vulnerabilities to the airplane's systems. The... network sources. The architecture and network configuration may allow the exploitation of network security...

  3. Continuous Security and Configuration Monitoring of HPC Clusters

    Energy Technology Data Exchange (ETDEWEB)

    Garcia-Lomeli, H. D. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Bertsch, A. D. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Fox, D. M. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2015-05-08

    Continuous security and configuration monitoring of information systems has been a time consuming and laborious task for system administrators at the High Performance Computing (HPC) center. Prior to this project, system administrators had to manually check the settings of thousands of nodes, which required a significant number of hours rendering the old process ineffective and inefficient. This paper explains the application of Splunk Enterprise, a software agent, and a reporting tool in the development of a user application interface to track and report on critical system updates and security compliance status of HPC Clusters. In conjunction with other configuration management systems, the reporting tool is to provide continuous situational awareness to system administrators of the compliance state of information systems. Our approach consisted of the development, testing, and deployment of an agent to collect any arbitrary information across a massively distributed computing center, and organize that information into a human-readable format. Using Splunk Enterprise, this raw data was then gathered into a central repository and indexed for search, analysis, and correlation. Following acquisition and accumulation, the reporting tool generated and presented actionable information by filtering the data according to command line parameters passed at run time. Preliminary data showed results for over six thousand nodes. Further research and expansion of this tool could lead to the development of a series of agents to gather and report critical system parameters. However, in order to make use of the flexibility and resourcefulness of the reporting tool the agent must conform to specifications set forth in this paper. This project has simplified the way system administrators gather, analyze, and report on the configuration and security state of HPC clusters, maintaining ongoing situational awareness. Rather than querying each cluster independently, compliance checking

  4. APIs for QoS configuration in Software Defined Networks

    DEFF Research Database (Denmark)

    Caba, Cosmin Marius; Soler, José

    2015-01-01

    such as configuration of devices, ports, queues, etc. An Application Programming Interface (API) for dynamic configuration of QoS resources in the network devices is implemented herein, by using the capabilities of OVSDB. Further, the paper demonstrates the possibility to create network services with coarse granularity...... on top of the fine granular services exposed by the QoS configuration API at the SDNC. A series of tests emphasize the capabilities and the performance of the implemented QoS configuration API....

  5. Security and the networked society

    CERN Document Server

    Gregory, Mark

    2013-01-01

    This book examines technological and social events during 2011 and 2012, a period that saw the rise of the hacktivist, the move to mobile platforms, and the ubiquity of social networks. It covers key technological issues such as hacking, cyber-crime, cyber-security and cyber-warfare, the internet, smart phones, electronic security, and information privacy. This book traces the rise into prominence of these issues while also exploring the resulting cultural reaction. The authors' analysis forms the basis of a discussion on future technological directions and their potential impact on society. T

  6. Basic security measures for IEEE 802.11 wireless networks

    Directory of Open Access Journals (Sweden)

    Oscar P. Sarmiento

    2010-05-01

    Full Text Available This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnera-bilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educational simulation tool written in C++ Builder for facilitating the unders-tanding of this protocol at academic level. Two practical cases of wireless security configurations using Cisco net-working equipment are also presented: configuring and enabling WPA-Personal and WPA2-Personal (these being security options used by TKIP and AES, respectively.

  7. Basic security measures for IEEE 802.11 wireless networks

    Directory of Open Access Journals (Sweden)

    Oscar P. Sarmiento

    2008-05-01

    Full Text Available This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnera-bilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educational simulation tool written in C++ Builder for facilitating the unders-tanding of this protocol at academic level. Two practical cases of wireless security configurations using Cisco net-working equipment are also presented: configuring and enabling WPA-Personal and WPA2-Personal (these being security options used by TKIP and AES, respectively.

  8. Network model of security system

    Directory of Open Access Journals (Sweden)

    Adamczyk Piotr

    2016-01-01

    Full Text Available The article presents the concept of building a network security model and its application in the process of risk analysis. It indicates the possibility of a new definition of the role of the network models in the safety analysis. Special attention was paid to the development of the use of an algorithm describing the process of identifying the assets, vulnerability and threats in a given context. The aim of the article is to present how this algorithm reduced the complexity of the problem by eliminating from the base model these components that have no links with others component and as a result and it was possible to build a real network model corresponding to reality.

  9. District Heating Network Design and Configuration Optimization with Genetic Algorithm

    DEFF Research Database (Denmark)

    Li, Hongwei; Svendsen, Svend

    2013-01-01

    and the pipe friction and heat loss formulations are non-linear. In order to find the optimal district heating network configuration, genetic algorithm which handles the mixed integer nonlinear programming problem is chosen. The network configuration is represented with binary and integer encoding...

  10. An Implementation of a Network Configuration Management System ...

    African Journals Online (AJOL)

    The job of the network administrator becomes difficult as the number of hosts in a computer network increase. Network management requires the network administrator to have vital configuration information about hosts so as to provide viable solutions. In situations where the hosts span a large area or in several buildings as ...

  11. Virtual Private Lan Services Over IP/MPLS Networks and Router Configurations

    Directory of Open Access Journals (Sweden)

    Pınar KIRCI

    2015-06-01

    Full Text Available The rising number of users and ever growing traffic rates over the networks reveal the need of higher bandwidth and transmission rates. At every packet transmission process, routers need to route the packets by looking at the routing tables, this fact leads to an increase at the load of the routers and at the amount of time consumed during the processes. Today, users need high level security, faster data transmission and easy managed network structures because of the increasing technology usage. MPLS network structures can provide these requirements with their QoS feature. In our work, at first a topology structure is constructed with the routers that are used in Alcatel-Lucent laboratories. OSPF (Open Shortest Path First routing protocol and MPLS (Multiprotocol Label Switching technologies are used over the topology. Afterwards, E-pipe (Ethernet Pipe and VPLS (Virtual private LAN services configurations are performed over the routers. To illustrate the current network data traffic, three tests are performed in the study. Routers’ configurations are performed by Secure-CRT and still developing i-Gen software. With i-Gen, many routers’ configurations can be performed with a user friendly interface. Instead of performing the configurations one by one with Secure CRT, the user can perform the routers’ configurations easily by entering the needed values for the system with i-Gen software. So, with the new and developing i-Gen software, the users’ workload is minimized and streamlined. In our work, Secure-CRT software which is mostly preferred for router configurations at Windows operating system and i-Gen software which is developed by Alcatel-Lucent are considered. Both of the router configuration softwares are worked on and gained results are expounded. Consequently, instead of using time consuming Secure-CRT software, with utilizing new developed i-Gen software, the users’ work load is minimized.

  12. A Survey of Sensor Network Security

    OpenAIRE

    Vaseashta, A.; S. VASEASHTA

    2008-01-01

    Sensor networks deploy sensor nodes to detect and monitor environmental events and interactions. Existing sensor networks focus on communication within the bounds of resource restrained sensor nodes at the expense of security. In this paper, a review of sensor network components, architectures, algorithms and protocols aims to increase awareness of sensor network limitations and resulting strategies to ensure information security within wireless sensor networks. Because sensor networks deploy...

  13. Cloud-Based Virtual Laboratory for Network Security Education

    Science.gov (United States)

    Xu, Le; Huang, Dijiang; Tsai, Wei-Tek

    Hands-on experiments are essential for computer network security education. Existing laboratory solutions usually require significant effort to build, configure, and maintain and often do not support reconfigurability, flexibility, and scalability. This paper presents a cloud-based virtual laboratory education platform called V-Lab that provides a…

  14. Cloud-Based Virtual Laboratory for Network Security Education

    Science.gov (United States)

    Xu, Le; Huang, Dijiang; Tsai, Wei-Tek

    2014-01-01

    Hands-on experiments are essential for computer network security education. Existing laboratory solutions usually require significant effort to build, configure, and maintain and often do not support reconfigurability, flexibility, and scalability. This paper presents a cloud-based virtual laboratory education platform called V-Lab that provides a…

  15. Secure Wireless Sensor Networks: Problems and Solutions

    Directory of Open Access Journals (Sweden)

    Fei Hu

    2003-08-01

    Full Text Available As sensor networks edge closer towards wide-spread deployment, security issues become a central concern. So far, the main research focus has been on making sensor networks feasible and useful, and less emphasis was placed on security. This paper analyzes security challenges in wireless sensor networks and summarizes key issues that should be solved for achieving the ad hoc security. It gives an overview of the current state of solutions on such key issues as secure routing, prevention of denial-of-service and key management service. We also present some secure methods to achieve security in wireless sensor networks. Finally we present our integrated approach to securing sensor networks.

  16. Vehicular ad hoc network security and privacy

    CERN Document Server

    Lin, X

    2015-01-01

    Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

  17. District Heating Network Design and Configuration Optimization with Genetic Algorithm

    Directory of Open Access Journals (Sweden)

    Hongwei Li

    2013-12-01

    Full Text Available In this paper, the configuration of a district heating network which connects from the heating plant to the end users is optimized. Each end user in the network represents a building block. The connections between the heat generation plant and the end users are represented with mixed integer and the pipe friction and heat loss formulations are non-linear. In order to find the optimal district heating network configuration, genetic algorithm which handles the mixed integer nonlinear programming problem is chosen. The network configuration is represented with binary and integer encoding and is optimized in terms of the net present cost. The optimization results indicates that the optimal DH network configuration is determined by multiple factors such as the consumer heating load, the distance between the heating plant to the consumer, the design criteria regarding the pressure and temperature limitation, as well as the corresponding network heat loss.

  18. Dynamic Network Security Control Using Software Defined Networking

    Science.gov (United States)

    2016-03-24

    not subject to copyright protection in the United States. AFIT-ENG-MS-16-M-049 DYNAMIC NETWORK SECURITY CONTROL USING SOFTWARE DEFINED NETWORKING... software and tools vetted by industry leaders in networking and security. After considering the technologies previously discussed, the four components...DYNAMIC NETWORK SECURITY CONTROL USING SOFTWARE DEFINED NETWORKING THESIS Michael C. Todd, Captain, USAF AFIT-ENG-MS-16-M-049 DEPARTMENT OF THE AIR

  19. Network Security Validation Using Game Theory

    Science.gov (United States)

    Papadopoulou, Vicky; Gregoriades, Andreas

    Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

  20. Secure Service Discovery in Home Networks

    NARCIS (Netherlands)

    Scholten, Johan; van Dijk, H.W.; De Cock, Danny; Preneel, Bart; Kung, Antonio; d'Hooge, Michel

    2006-01-01

    This paper presents an architecture for secure service discovery for use in home networks. We give an overview and rationale of a cluster-based home network architecture that bridges different, often vendor specific, network technologies. We show how it integrates security, communication, and

  1. Protecting and securing networked medical devices.

    Science.gov (United States)

    Riha, Chris

    2004-01-01

    Designing, building, and maintaining a secure environment for medical devices is a critical component in health care technology management. This article will address several avenues to harden a health care information network to provide a secure enclave for medical devices.

  2. Auto-configuration protocols in mobile ad hoc networks.

    Science.gov (United States)

    Villalba, Luis Javier García; Matesanz, Julián García; Orozco, Ana Lucila Sandoval; Díaz, José Duván Márquez

    2011-01-01

    The TCP/IP protocol allows the different nodes in a network to communicate by associating a different IP address to each node. In wired or wireless networks with infrastructure, we have a server or node acting as such which correctly assigns IP addresses, but in mobile ad hoc networks there is no such centralized entity capable of carrying out this function. Therefore, a protocol is needed to perform the network configuration automatically and in a dynamic way, which will use all nodes in the network (or part thereof) as if they were servers that manage IP addresses. This article reviews the major proposed auto-configuration protocols for mobile ad hoc networks, with particular emphasis on one of the most recent: D2HCP. This work also includes a comparison of auto-configuration protocols for mobile ad hoc networks by specifying the most relevant metrics, such as a guarantee of uniqueness, overhead, latency, dependency on the routing protocol and uniformity.

  3. Quality in Supply in Project Configured Networks

    DEFF Research Database (Denmark)

    Koch, Christian; Larsen, Casper Schultz

    2006-01-01

    The paper argues that in the AEC-industry the material and knowledge supply chains are increasingly intertwined and moreover characterised by configuration by project. In such a setting creating value for the customers and the enterprises becomes dependent of the ability to organise and coordinat...... collaborative design and quality control in operations.......The paper argues that in the AEC-industry the material and knowledge supply chains are increasingly intertwined and moreover characterised by configuration by project. In such a setting creating value for the customers and the enterprises becomes dependent of the ability to organise and coordinate...... in the supply chains. That the configuration is not always successful can be demonstrated by studying the emergence of failures occurring in the supply chain. The paper presents case study work done in Danish construction where actors and causes of failures were examined upstream and downstream in the supply...

  4. Formal Verification of Security Policy Implementations in Enterprise Networks

    Science.gov (United States)

    Bera, P.; Ghosh, S. K.; Dasgupta, Pallab

    In enterprise networks, the management of security policies and their configurations becoming increasingly difficult due to complex security constraints of the organizations. In such networks, the overall organizational security policy (global policy) is defined as a collection of rules for providing service accesses between various network zones. Often, the specification of the global policy is incomplete; where all possible service access paths may not be covered explicitly by the "permit" and "deny" rules. This policy is implemented in a distributed manner through appropriate sets of access control rules (ACL rules) in the network interfaces. However, the implementation must be complete i.e., all service access paths across the network must be implemented as "permit" and "deny" ACL rules. In that case, the unspecified access paths in a given policy must be implemented as either "permit" or "deny" rules; hence there may exist multiple ACL implementations corresponding to that policy. Formally verifying that the ACL rules distributed across the network interfaces guarantees proper enforcement of the global security policy is an important requirement and a major technical challenge. The complexity of the problem is compounded by the fact that some combination of network services may lead to inconsistent hidden access paths in the network. The ACL implementations ignoring these hidden access paths may result in violation of one or more policy rules implicitly. This paper presents a formal verification framework for analyzing security policy implementations in enterprise networks. It stems from boolean modeling of the network topology, network services and security policy where the unspecified access paths are modeled as "don't-care" rules. The framework formally models the hidden access rules and incorporates them in the distributed ACL implementations for extracting a security implementation model, and finally formulates a QSAT (satisfiability of quantified boolean

  5. Optimal configuration of digital communication network

    Science.gov (United States)

    Hwang, Yong G.

    1990-12-01

    As the costs for maintaining computer communication networks are rapidly rising, it is particularly important to design the network efficiently. The objective of this thesis is to model the minimum cost design of digital communications networks and propose a heuristical solution approach to the formulated model. The minimum cost design has been modeled as a zero-one integer programming problem. The Lagrangian relaxation method and subgradient optimization procedure have been used to find reasonably good feasible solutions. Although the reliability for computer communication networks is as important as the cost factor, only the cost factor is considered in the context of this thesis.

  6. Networks and network analysis for defence and security

    CERN Document Server

    Masys, Anthony J

    2014-01-01

    Networks and Network Analysis for Defence and Security discusses relevant theoretical frameworks and applications of network analysis in support of the defence and security domains. This book details real world applications of network analysis to support defence and security. Shocks to regional, national and global systems stemming from natural hazards, acts of armed violence, terrorism and serious and organized crime have significant defence and security implications. Today, nations face an uncertain and complex security landscape in which threats impact/target the physical, social, economic

  7. System and Network Security Acronyms and Abbreviations

    Science.gov (United States)

    2009-09-01

    Systems Agency DLL dynamic link library DMA direct memory access DMZ demilitarized zone DN distinguished name DN domain name DNP Distributed...NetBIOS Network Basic Input/Output System NetBT NetBIOS over TCP/IP NFAT network forensic analysis tool NFC near field communication NFS network file...Software Reference Library NSS Network Security Services NSTB National SCADA Test Bed NSTISSC National Security Telecommunications and Information

  8. Fluxoids configurations in finite superconducting networks

    Science.gov (United States)

    Sharon, Omri J.; Haham, Noam; Shaulov, Avner A.; Yeshurun, Yosef

    2017-12-01

    Analysis of superconducting ladders consisting of rectangular loops, yields an Ising like expression for the total energy of the ladders as a function of the loops vorticities and the applied magnetic field. This expression shows that fluxoids can be treated as repulsively interacting objects driven towards the ladder center by the applied field. Distinctive repulsive interactions between fluxoids are obtained depending on the ratio l between the loops length and the common width of adjacent loops. A 'short range' and a 'long range' interactions obtained for l ≳ 1 and l ≪ 1, respectively, give rise to remarkably different fluxoid configurations. The different configurations of fluxoids in different types of ladders are illustrated by simulations.

  9. How to secure a wireless sensor network

    NARCIS (Netherlands)

    Law, Y.W.; Havinga, Paul J.M.

    2005-01-01

    The security of wireless sensor networks (WSNs) is a complex issue. While security research of WSNs is progressing at a tremendous pace, and many security techniques have been proposed, no comprehensive framework has so far emerged that attempts to tie the bits and pieces together to ease the

  10. District Heating Network Design and Configuration Optimization with Genetic Algorithm

    DEFF Research Database (Denmark)

    Li, Hongwei; Svendsen, Svend

    2011-01-01

    the heating plant location is allowed to vary. The connection between the heat generation plant and the end users can be represented with mixed integer and the pipe friction and heat loss formulations are non-linear. In order to find the optimal DH distribution pipeline configuration, the genetic algorithm...... which handles the mixed integer nonlinear programming problem was chosen. The network configuration was represented through binary and integer encoding and was optimized in terms of the net present cost (NPC). The optimization results indicated that the optimal DH network configuration is determined...

  11. Security for multi-hop wireless networks

    CERN Document Server

    Mahmoud, Mohamed M E A

    2014-01-01

    This Springer Brief discusses efficient security protocols and schemes for multi-hop wireless networks. It presents an overview of security requirements for these networks, explores challenges in securing networks and presents system models. The authors introduce mechanisms to reduce the overhead and identify malicious nodes that drop packets intentionally. Also included is a new, efficient cooperation incentive scheme to stimulate the selfish nodes to relay information packets and enforce fairness. Many examples are provided, along with predictions for future directions of the field. Security

  12. Improved security monitoring method for network bordary

    Science.gov (United States)

    Gao, Liting; Wang, Lixia; Wang, Zhenyan; Qi, Aihua

    2013-03-01

    This paper proposes a network bordary security monitoring system based on PKI. The design uses multiple safe technologies, analysis deeply the association between network data flow and system log, it can detect the intrusion activities and position invasion source accurately in time. The experiment result shows that it can reduce the rate of false alarm or missing alarm of the security incident effectively.

  13. Security-Enhanced Autonomous Network Management for Space Networking Project

    Data.gov (United States)

    National Aeronautics and Space Administration — Intelligent Automation Inc. (IAI) proposes an innovative Security-Enhanced Autonomous Network Management (SEANM) scheme for reliable communication in space...

  14. Configurable computing for high-security/high-performance ambient systems

    OpenAIRE

    Gogniat, Guy; Bossuet, Lilian; Burleson, Wayne

    2005-01-01

    This paper stresses why configurable computing is a promising target to guarantee the hardware security of ambient systems. Many works have focused on configurable computing to demonstrate its efficiency but as far as we know none have addressed the security issue from system to circuit levels. This paper recalls main hardware attacks before focusing on issues to build secure systems on configurable computing. Two complementary views are presented to provide a guide for security and main issues ...

  15. BackTrack testing wireless network security

    CERN Document Server

    Cardwell, Kevin

    2013-01-01

    Written in an easy-to-follow step-by-step format, you will be able to get started in next to no time with minimal effort and zero fuss.BackTrack: Testing Wireless Network Security is for anyone who has an interest in security and who wants to know more about wireless networks.All you need is some experience with networks and computers and you will be ready to go.

  16. Biometrics for home networks security

    KAUST Repository

    Ansari, Imran Shafique

    2009-01-01

    Hacking crimes committed to the home networks are increasing. Advanced network protection is not always possible for the home networks. In this paper we will study the ability of using biometric systems for authentication in home networks. ©2009 IEEE.

  17. Mining social networks and security informatics

    CERN Document Server

    Özyer, Tansel; Rokne, Jon; Khoury, Suheil

    2013-01-01

    Crime, terrorism and security are in the forefront of current societal concerns. This edited volume presents research based on social network techniques showing how data from crime and terror networks can be analyzed and how information can be extracted. The topics covered include crime data mining and visualization; organized crime detection; crime network visualization; computational criminology; aspects of terror network analyses and threat prediction including cyberterrorism and the related area of dark web; privacy issues in social networks; security informatics; graph algorithms for soci

  18. 48 CFR 352.239-70 - Standard for security configurations.

    Science.gov (United States)

    2010-10-01

    ... configure its computers that contain HHS data with the applicable Federal Desktop Core Configuration (FDCC) (see http://nvd.nist.gov/fdcc/index.cfm) and ensure that its computers have and maintain the latest operating system patch level and anti-virus software level. Note: FDCC is applicable to all computing...

  19. Teaching Network Security with IP Darkspace Data

    Science.gov (United States)

    Zseby, Tanja; Iglesias Vázquez, Félix; King, Alistair; Claffy, K. C.

    2016-01-01

    This paper presents a network security laboratory project for teaching network traffic anomaly detection methods to electrical engineering students. The project design follows a research-oriented teaching principle, enabling students to make their own discoveries in real network traffic, using data captured from a large IP darkspace monitor…

  20. On Delay and Security in Network Coding

    Science.gov (United States)

    Dikaliotis, Theodoros K.

    2013-01-01

    In this thesis, delay and security issues in network coding are considered. First, we study the delay incurred in the transmission of a fixed number of packets through acyclic networks comprised of erasure links. The two transmission schemes studied are routing with hop-by-hop retransmissions, where every node in the network simply stores and…

  1. Bayesian networks and food security - An introduction

    NARCIS (Netherlands)

    Stein, A.

    2004-01-01

    This paper gives an introduction to Bayesian networks. Networks are defined and put into a Bayesian context. Directed acyclical graphs play a crucial role here. Two simple examples from food security are addressed. Possible uses of Bayesian networks for implementation and further use in decision

  2. Analyzing security protocols in hierarchical networks

    DEFF Research Database (Denmark)

    Zhang, Ye; Nielson, Hanne Riis

    2006-01-01

    Validating security protocols is a well-known hard problem even in a simple setting of a single global network. But a real network often consists of, besides the public-accessed part, several sub-networks and thereby forms a hierarchical structure. In this paper we first present a process calculus...

  3. Introduction to security and network forensics

    CERN Document Server

    Buchanan, William J

    2011-01-01

    Introduction to Security ObjectivesThe Industrial and the Information AgeCIA and AAAProtecting against IntrudersUsers, Systems, and DataServices, Role-Based Security, and Cloud ComputingSecurity and Forensic ComputingISO 27002RisksRisk Management/AvoidanceSecurity PoliciesDefi ning the PolicyExample RisksDefense-in-DepthGateways and DMZ (Demilitarized Zones)Layered Model and SecurityEncryption and a Layered Approach to DefenseSoftware Tutorial-Data Packet CaptureOnline ExercisesNetworkSims ExercisesChapter LectureReferencesIntrusion Detection Systems ObjectivesIntroductionTypes of IntrusionAtt

  4. The Security Research of Digital Library Network

    Science.gov (United States)

    Zhang, Xin; Song, Ding-Li; Yan, Shu

    Digital library is a self-development needs for the modern library to meet the development requirements of the times, changing the way services and so on. digital library from the hardware, technology, management and other aspects to objective analysis of the factors of threats to digital library network security. We should face up the problems of digital library network security: digital library network hardware are "not hard", the technology of digital library is relatively lag, digital library management system is imperfect and other problems; the government should take active measures to ensure that the library funding, to enhance the level of network hardware, to upgrade LAN and prevention technology, to improve network control technology, network monitoring technology; to strengthen safety management concepts, to prefect the safety management system; and to improve the level of security management modernization for digital library.

  5. Auto-Configuration Protocols in Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Julián García Matesanz

    2011-03-01

    Full Text Available The TCP/IP protocol allows the different nodes in a network to communicate by associating a different IP address to each node. In wired or wireless networks with infrastructure, we have a server or node acting as such which correctly assigns IP addresses, but in mobile ad hoc networks there is no such centralized entity capable of carrying out this function. Therefore, a protocol is needed to perform the network configuration automatically and in a dynamic way, which will use all nodes in the network (or part thereof as if they were servers that manage IP addresses. This article reviews the major proposed auto-configuration protocols for mobile ad hoc networks, with particular emphasis on one of the most recent: D2HCP. This work also includes a comparison of auto-configuration protocols for mobile ad hoc networks by specifying the most relevant metrics, such as a guarantee of uniqueness, overhead, latency, dependency on the routing protocol and uniformity.

  6. Auto-Configuration Protocols in Mobile Ad Hoc Networks

    Science.gov (United States)

    Villalba, Luis Javier García; Matesanz, Julián García; Orozco, Ana Lucila Sandoval; Díaz, José Duván Márquez

    2011-01-01

    The TCP/IP protocol allows the different nodes in a network to communicate by associating a different IP address to each node. In wired or wireless networks with infrastructure, we have a server or node acting as such which correctly assigns IP addresses, but in mobile ad hoc networks there is no such centralized entity capable of carrying out this function. Therefore, a protocol is needed to perform the network configuration automatically and in a dynamic way, which will use all nodes in the network (or part thereof) as if they were servers that manage IP addresses. This article reviews the major proposed auto-configuration protocols for mobile ad hoc networks, with particular emphasis on one of the most recent: D2HCP. This work also includes a comparison of auto-configuration protocols for mobile ad hoc networks by specifying the most relevant metrics, such as a guarantee of uniqueness, overhead, latency, dependency on the routing protocol and uniformity. PMID:22163814

  7. Automated Analysis of Security in Networking Systems

    DEFF Research Database (Denmark)

    Buchholtz, Mikael

    2004-01-01

    It has for a long time been a challenge to built secure networking systems. One way to counter this problem is to provide developers of software applications for networking systems with easy-to-use tools that can check security properties before the applications ever reach the marked. These tools...... will both help raise the general level of awareness of the problems and prevent the most basic flaws from occurring. This thesis contributes to the development of such tools. Networking systems typically try to attain secure communication by applying standard cryptographic techniques. In this thesis...... attacks, and attacks launched by insiders. Finally, the perspectives for the application of the analysis techniques are discussed, thereby, coming a small step closer to providing developers with easy- to-use tools for validating the security of networking applications....

  8. Security Issues in Networks with Internet Access

    National Research Council Canada - National Science Library

    Landwehr, Carl E; Goldschlag, David M

    1997-01-01

    .... The principles are illustrated by describing the security issues a hypothetical company faces as the networks that support its operations evolve from strictly private, through a mix of Internet...

  9. An Overview of Computer Network security and Research Technology

    OpenAIRE

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  10. A Security Architecture for Personal Networks

    NARCIS (Netherlands)

    Jehangir, A.; Heemstra de Groot, S.M.

    2006-01-01

    Abstract Personal Network (PN) is a new concept utilizing pervasive computing to meet the needs of the user. As PNs edge closer towards reality, security becomes an important concern since any vulnerability in the system will limit its practical use. In this paper we introduce a security

  11. BGP-Based Routing Configuration Management for Multidomain Mobile Networks

    Science.gov (United States)

    2010-09-01

    extend the network management system to exterior routing configuration in dynamically changed topology. 1.0 INTRODUCTION Routing in the Internet ...in is mostly based on BGP protocol [1]. The Internet is in fact the composition of autonomous systems (AS), each of them is independently...Bruin, O. Bonaventure, Open Issues in Interdomain Routing: A Survey, IEEE Network Magazine,Volume 19, 11.2005 [7] D. Street, Global Information Grid

  12. Network security with openSSL cryptography for secure communications

    CERN Document Server

    Viega, John; Chandra, Pravir

    2002-01-01

    Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

  13. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi

  14. Securing Mobile Networks in an Operational Setting

    Science.gov (United States)

    Ivancic, William D.; Stewart, David H.; Bell, Terry L.; Paulsen, Phillip E.; Shell, Dan

    2004-01-01

    This paper describes a network demonstration and three month field trial of mobile networking using mobile-IPv4. The network was implemented as part of the US Coast Guard operational network which is a ".mil" network and requires stringent levels of security. The initial demonstrations took place in November 2002 and a three month field trial took place from July through September of 2003. The mobile network utilized encryptors capable of NSA-approved Type 1 algorithms, mobile router from Cisco Systems and 802.11 and satellite wireless links. This paper also describes a conceptual architecture for wide-scale deployment of secure mobile networking in operational environments where both private and public infrastructure is used. Additional issues presented include link costs, placement of encryptors and running routing protocols over layer-3 encryption devices.

  15. Wireless Network Security Vulnerabilities and Concerns

    Science.gov (United States)

    Mushtaq, Ahmad

    The dilemma of cyber communications insecurity has existed all the times since the beginning of the network communications. The problems and concerns of unauthorized access and hacking has existed form the time of introduction of world wide web communication and Internet's expansion for popular use in 1990s, and has remained till present time as one of the most important issues. The wireless network security is no exception. Serious and continuous efforts of investigation, research and development has been going on for the last several decades to achieve the goal of provision of 100 percent or full proof security for all the protocols of networking architectures including the wireless networking. Some very reliable and robust strategies have been developed and deployed which has made network communications more and more secure. However, the most desired goal of complete security has yet to see the light of the day. The latest Cyber War scenario, reported in the media of intrusion and hacking of each other's defense and secret agencies between the two super powers USA and China has further aggravated the situation. This sort of intrusion by hackers between other countries such as India and Pakistan, Israel and Middle East countries has also been going on and reported in the media frequently. The paper reviews and critically examines the strategies already in place, for wired network. Wireless Network Security and also suggests some directions and strategies for more robust aspects to be researched and deployed.

  16. Secure Data Network System (SDNS) network, transport, and message security protocols

    Science.gov (United States)

    Dinkel, C.

    1990-03-01

    The Secure Data Network System (SDNS) project, implements computer to computer communications security for distributed applications. The internationally accepted Open Systems Interconnection (OSI) computer networking architecture provides the framework for SDNS. SDNS uses the layering principles of OSI to implement secure data transfers between computer nodes of local area and wide area networks. Four security protocol documents developed by the National Security Agency (NSA) as output from the SDNS project are included. SDN.301 provides the framework for security at layer 3 of the OSI Model. Cryptographic techniques to provide data protection for transport connections or for connectionless-mode transmission are described in SDN.401. Specifications for message security service and protocol are contained in SDN.701. Directory System Specifications for Message Security Protocol are covered in SDN.702.

  17. Secure multimedia browser over network

    Science.gov (United States)

    Lian, Shiguo; Liu, Zhongxuan; Wang, Jinwei; Ren, Zhen; Wang, Haila

    2006-05-01

    In this paper, a secure multimedia browsing scheme is proposed, which is constructed based on perceptual multimedia encryption and secure key distribution. In this scheme, multimedia data are encrypted perceptually under the control of user key and quality factor. This encryption process combining with Advanced Video Coding (AVC) is of low cost, and keeps file format unchanged. The key distribution scheme deals with user input, authenticates users, and controls the secure multimedia sharing process. Thus, only the users who have registered can obtain multimedia data. And they can be classified into several types according to their payment. The analyses and experimental results show that it is suitable for secure multimedia applications such as Video-on-Demand (VOD) system, Audio-on-Demand (AOD) system, pay-TV, videoconferencing systems, wireless or mobile multimedia, and so on.

  18. Multi-cultural network security

    Energy Technology Data Exchange (ETDEWEB)

    Stevens, D.F.

    1996-04-01

    Education and awareness are widely acknowledged to be among the fundamental issues of Internet security, but only in the sense of making Internet users more security conscious. For the Internet to achieve its promise as an information highway, however, a complementary education effort is needed. If adequate Internet security is to be achieved, we must also increase the awareness of the professional security community of the requirements, attitudes, and habits of the many different cultures that participate in the Internet. Discussions of {open_quotes}the Internet{close_quotes} encourage the misapprehension that there is a single, uniform user community instead of a loose alliance of many cultures that differ in many fundamental aspects. This is true even if we limit our consideration to ethical cultures. At this Workshop alone we have representatives of administrative and military cultures, Governmental and commercial cultures, profit-cultures and non-profit cultures, research and operational cultures. Internet cultures are united in their desire to exploit the connectivity, flexibility, and rapidity of communication provided by the net, but differ greatly in their motivations, their attitudes towards authority, their willingness to cooperate within their own communities, their interest in technical arcana, and the patience with which they will put up with - or the enthusiasm with which they will embrace - the growing list of procedures deemed necessary for acceptable security. They even differ in how they define {open_quotes}acceptable security{close_quotes}.

  19. Risk Mitigation in Triadic Network Configurations within a Servitized Context

    DEFF Research Database (Denmark)

    Raja, Jawwad; Roehrich, Jens

    2014-01-01

    Purpose: This paper examines risk mitigation for a servitizing organisation and its supply network configuration. This is an area of research that has not been adequately explored to date within a servitization context. In particular, the paper examines triadic configurations using an agency...... that behavior-based controls, combined with information, are a key contributory factor in mitigating risk within triadic network structures. Research limitations/implications: This research is limited to one in-depth case study, within the truck industry. Whilst this represents an appropriate approach given...... the exploratory nature of the study, there is a need for further empirical research across different industries. Originality/value: Theoretical insights are gleaned through the application of agency theory as a lens to understand risk mitigation within supply networks within the context of servitization....

  20. Array Configuration and Channel Model of MIMO Sensor for Home Security

    OpenAIRE

    Yamada, Hiroyoshi; Tanaka, Kei; Yamaguchi, Yoshio

    2011-01-01

    This report discusses MIMO system as home security sensor. MIMO propagation channel is very sensitive to the environmental change. The proposed radio sensor called MIMO sensor utilizes this feature to detect events for home security. We report fundamental results for evaluation of array configuration and propagation channel.

  1. Modelling, Synthesis, and Configuration of Networks-on-Chips

    DEFF Research Database (Denmark)

    Stuart, Matthias Bo

    This thesis presents three contributions in two different areas of network-on-chip and system-on-chip research: Application modelling and identifying and solving different optimization problems related to two specific network-on-chip architectures. The contribution related to application modelling...... is an analytical method for deriving the worst-case traffic pattern caused by an application and the cache-coherence protocol in a cache-coherent shared-memory system. The contributions related to network-on-chip optimization problems consist of two parts: The development and evaluation of six heuristics...... for solving the network synthesis problem in the MANGO network-on-chip, and the identification and formalization of the ReNoC configuration problem together with three heuristics for solving it....

  2. Complex networks: Dynamics and security

    Indian Academy of Sciences (India)

    We study a mechanism for cascades in complex networks by constructing a model incorporating the flows of information and physical quantities in the network. Using this model we can also show that the cascading phenomenon can be understood as a phase transition in terms of the key parameter characterizing the node ...

  3. Complex networks: Dynamics and security

    Indian Academy of Sciences (India)

    a node, has an exponential tail, in contrast to the algebraic one that characterizes scale-free networks recently discovered in a variety of real-world situations [3,4]. Scale-free networks are heterogeneous as their connectivity can vary significantly from node to node and a considerable number of links can be associated with ...

  4. Process query systems for network security monitoring

    Science.gov (United States)

    Berk, Vincent; Fox, Naomi

    2005-05-01

    In this paper we present the architecture of our network security monitoring infrastructure based on a Process Query System (PQS). PQS offers a new and powerful way of efficiently processing data streams, based on process descriptions that are submitted as queries. In this case the data streams are familiar network sensors, such as Snort, Netfilter, and Tripwire. The process queries describe the dynamics of network attacks and failures, such as worms, multistage attacks, and router failures. Using PQS the task of monitoring enterprise class networks is simplified, offering a priority-based GUI to the security administrator that clearly outlines events that require immediate attention. The PQS-Net system is deployed on an unsecured production network; the system has successfully detected many diverse attacks and failures.

  5. Security management based on trust determination in cognitive radio networks

    Science.gov (United States)

    Li, Jianwu; Feng, Zebing; Wei, Zhiqing; Feng, Zhiyong; Zhang, Ping

    2014-12-01

    Security has played a major role in cognitive radio networks. Numerous researches have mainly focused on attacking detection based on source localization and detection probability. However, few of them took the penalty of attackers into consideration and neglected how to implement effective punitive measures against attackers. To address this issue, this article proposes a novel penalty mechanism based on cognitive trust value. The main feature of this mechanism has been realized by six functions: authentication, interactive, configuration, trust value collection, storage and update, and punishment. Data fusion center (FC) and cluster heads (CHs) have been put forward as a hierarchical architecture to manage trust value of cognitive users. Misbehaving users would be punished by FC by declining their trust value; thus, guaranteeing network security via distinguishing attack users is of great necessity. Simulation results verify the rationality and effectiveness of our proposed mechanism.

  6. Campus Area Network Wi-Fi Security

    Directory of Open Access Journals (Sweden)

    Arjun K. Pillay

    2017-07-01

    Full Text Available Wireless connectivity devices such as mobile phones and laptops are being increasingly used by University students to access learning resources on campus networks and the Internet. Each of the mobile devices offers security protocols for connection to a Wi-Fi router. This paper presents an overview of Wi-Fi security and recommendations in relation to free Wi-Fi service at The University of Fiji.

  7. A improved Network Security Situation Awareness Model

    Directory of Open Access Journals (Sweden)

    Li Fangwei

    2015-08-01

    Full Text Available In order to reflect the situation of network security assessment performance fully and accurately, a new network security situation awareness model based on information fusion was proposed. Network security situation is the result of fusion three aspects evaluation. In terms of attack, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed. In terms of vulnerability, a improved Common Vulnerability Scoring System (CVSS was raised and maked the assessment more comprehensive. In terms of node weights, the method of calculating the combined weights and optimizing the result by Sequence Quadratic Program (SQP algorithm which reduced the uncertainty of fusion was raised. To verify the validity and necessity of the method, a testing platform was built and used to test through evaluating 2000 DAPRA data sets. Experiments show that the method can improve the accuracy of evaluation results.

  8. Global operations networks in motion: Managing configurations and capabilities

    DEFF Research Database (Denmark)

    Slepniov, Dmitrij; Wæhrens, Brian Vejrum; Jørgensen, Claus

    2010-01-01

    In the past, the ‘Made in the World’ label, although capturing what may lie ahead, seemed awkward and futuristic. Today, it has become a reality. An ample array of global products are built up of numerous components and modules manufactured by global networks of differentiated partners rather than...... within the boundaries of one national entity. The purpose of this paper is to contribute to bridging the empirical gap in the area of global operations networks and provide insights into how they change over time. The paper is based on the cases of three Danish companies and their global operations...... networks. It finds a number of common patterns highlighting organizational effects and managerial challenges faced by the companies regarding rapid changes in their networks configurations and capabilities. The paper details the variables determining these changes and suggests how the on-going interplay...

  9. Wireless sensors in heterogeneous networked systems configuration and operation middleware

    CERN Document Server

    Cecilio, José

    2014-01-01

    This book presents an examination of the middleware that can be used to configure and operate heterogeneous node platforms and sensor networks. The middleware requirements for a range of application scenarios are compared and analysed. The text then defines middleware architecture that has been integrated in an approach demonstrated live in a refinery. Features: presents a thorough introduction to the major concepts behind wireless sensor networks (WSNs); reviews the various application scenarios and existing middleware solutions for WSNs; discusses the middleware mechanisms necessary for hete

  10. A Configurable Sensor Network Applied to Ambient Assisted Living

    Directory of Open Access Journals (Sweden)

    Juan J. Villacorta

    2011-11-01

    Full Text Available The rising older people population has increased the interest in Ambient Assisted Living systems. This article presents a system for monitoring the disabled or older persons developed from an existing surveillance system. The modularity and adaptability characteristics of the system allow an easy adaptation for a different purpose. The proposed system uses a network of sensors capable of motion detection that includes fall warning, identification of persons and a configurable control system which allows its use in different scenarios.

  11. Security Modeling on the Supply Chain Networks

    Directory of Open Access Journals (Sweden)

    Marn-Ling Shing

    2007-10-01

    Full Text Available In order to keep the price down, a purchaser sends out the request for quotation to a group of suppliers in a supply chain network. The purchaser will then choose a supplier with the best combination of price and quality. A potential supplier will try to collect the related information about other suppliers so he/she can offer the best bid to the purchaser. Therefore, confidentiality becomes an important consideration for the design of a supply chain network. Chen et al. have proposed the application of the Bell-LaPadula model in the design of a secured supply chain network. In the Bell-LaPadula model, a subject can be in one of different security clearances and an object can be in one of various security classifications. All the possible combinations of (Security Clearance, Classification pair in the Bell-LaPadula model can be thought as different states in the Markov Chain model. This paper extends the work done by Chen et al., provides more details on the Markov Chain model and illustrates how to use it to monitor the security state transition in the supply chain network.

  12. Optimal Configuration of Virtual Links for Avionics Network Systems

    Directory of Open Access Journals (Sweden)

    Dongha An

    2015-01-01

    Full Text Available As the bandwidth and scalability constraints become important design concerns in airborne networks, a new technology, called Avionics Full Duplex Switched Ethernet (AFDX, has been introduced and standardized as a part 7 in ARNIC 664. However, since previous research interests for AFDX are mainly bounded for analyzing the response time where flows information is given, configuration problem for both Maximum Transmission Unit (MTU and Bandwidth Allocation Gap (BAG over virtual links in AFDX networks has not been addressed yet even though it has great impact on required bandwidth. Thus, in this paper, we present two configuration approaches to set MTU and BAG values on virtual links efficiently while meeting the requirement of AFDX. The first is to search available feasible configuration (MTU, BAG pairs to satisfy application requirements as well as AFDX switch constraints, and the second is to get an optimal pair to minimize required bandwidth through well-known branch-and-bound algorithm. We analyze the complexity of the proposed algorithm and then evaluate the proposed algorithm by simulation. Finally, we prove that the proposed schemes are superior to general approach in the aspects of speed and required bandwidth in AFDX networks.

  13. The research of computer network security and protection strategy

    Science.gov (United States)

    He, Jian

    2017-05-01

    With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

  14. Keystone Business Models for Network Security Processors

    Directory of Open Access Journals (Sweden)

    Arthur Low

    2013-07-01

    Full Text Available Network security processors are critical components of high-performance systems built for cybersecurity. Development of a network security processor requires multi-domain experience in semiconductors and complex software security applications, and multiple iterations of both software and hardware implementations. Limited by the business models in use today, such an arduous task can be undertaken only by large incumbent companies and government organizations. Neither the “fabless semiconductor” models nor the silicon intellectual-property licensing (“IP-licensing” models allow small technology companies to successfully compete. This article describes an alternative approach that produces an ongoing stream of novel network security processors for niche markets through continuous innovation by both large and small companies. This approach, referred to here as the "business ecosystem model for network security processors", includes a flexible and reconfigurable technology platform, a “keystone” business model for the company that maintains the platform architecture, and an extended ecosystem of companies that both contribute and share in the value created by innovation. New opportunities for business model innovation by participating companies are made possible by the ecosystem model. This ecosystem model builds on: i the lessons learned from the experience of the first author as a senior integrated circuit architect for providers of public-key cryptography solutions and as the owner of a semiconductor startup, and ii the latest scholarly research on technology entrepreneurship, business models, platforms, and business ecosystems. This article will be of interest to all technology entrepreneurs, but it will be of particular interest to owners of small companies that provide security solutions and to specialized security professionals seeking to launch their own companies.

  15. Secure data networks for electrical distribution applications

    OpenAIRE

    Laverty, David M.; O'Raw, John B.; Li, Kang; Morrow, D. John

    2015-01-01

    Smart Grids are characterized by the application of information communication technology (ICT) to solve electrical energy challenges. Electric power networks span large geographical areas, thus a necessary component of many Smart Grid applications is a wide area network (WAN). For the Smart Grid to be successful, utilities must be confident that the communications infrastructure is secure. This paper describes how a WAN can be deployed using WiMAX radio technology to provide high bandwidth co...

  16. Techniques Used in String Matching for Network Security

    OpenAIRE

    Jamuna Bhandari

    2014-01-01

    String matching also known as pattern matching is one of primary concept for network security. In this area the effectiveness and efficiency of string matching algorithms is important for applications in network security such as network intrusion detection, virus detection, signature matching and web content filtering system. This paper presents brief review on some of string matching techniques used for network security.

  17. The use of Wireless Sensor Network for increasing airport security

    Directory of Open Access Journals (Sweden)

    Jakub Kraus

    2013-11-01

    Full Text Available This article focuses on the use of wireless sensor networks for airport security, respectively using sensor networks as a replacement or add-on to existing security measures. The article describes the sensor network and its possible application to various airport objects and financial analysis of the perimeter security with wireless sensor network.

  18. Laboratory Experiments for Network Security Instruction

    Science.gov (United States)

    Brustoloni, Jose Carlos

    2006-01-01

    We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an…

  19. Network and Database Security: Regulatory Compliance, Network, and Database Security - A Unified Process and Goal

    Directory of Open Access Journals (Sweden)

    Errol A. Blake

    2007-12-01

    Full Text Available Database security has evolved; data security professionals have developed numerous techniques and approaches to assure data confidentiality, integrity, and availability. This paper will show that the Traditional Database Security, which has focused primarily on creating user accounts and managing user privileges to database objects are not enough to protect data confidentiality, integrity, and availability. This paper is a compilation of different journals, articles and classroom discussions will focus on unifying the process of securing data or information whether it is in use, in storage or being transmitted. Promoting a change in Database Curriculum Development trends may also play a role in helping secure databases. This paper will take the approach that if one make a conscientious effort to unifying the Database Security process, which includes Database Management System (DBMS selection process, following regulatory compliances, analyzing and learning from the mistakes of others, Implementing Networking Security Technologies, and Securing the Database, may prevent database breach.

  20. Security-Enhanced Autonomous Network Management

    Science.gov (United States)

    Zeng, Hui

    2015-01-01

    Ensuring reliable communication in next-generation space networks requires a novel network management system to support greater levels of autonomy and greater awareness of the environment and assets. Intelligent Automation, Inc., has developed a security-enhanced autonomous network management (SEANM) approach for space networks through cross-layer negotiation and network monitoring, analysis, and adaptation. The underlying technology is bundle-based delay/disruption-tolerant networking (DTN). The SEANM scheme allows a system to adaptively reconfigure its network elements based on awareness of network conditions, policies, and mission requirements. Although SEANM is generically applicable to any radio network, for validation purposes it has been prototyped and evaluated on two specific networks: a commercial off-the-shelf hardware test-bed using Institute of Electrical Engineers (IEEE) 802.11 Wi-Fi devices and a military hardware test-bed using AN/PRC-154 Rifleman Radio platforms. Testing has demonstrated that SEANM provides autonomous network management resulting in reliable communications in delay/disruptive-prone environments.

  1. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  2. Network Security: Policies and Guidelines for Effective Network Management

    Directory of Open Access Journals (Sweden)

    Jonathan Gana KOLO

    2008-12-01

    Full Text Available Network security and management in Information and Communication Technology (ICT is the ability to maintain the integrity of a system or network, its data and its immediate environment. The various innovations and uses to which networks are being put are growing by the day and hence are becoming complex and invariably more difficult to manage by the day. Computers are found in every business such as banking, insurance, hospital, education, manufacturing, etc. The widespread use of these systems implies crime and insecurity on a global scale. In addition, the tremendous benefits brought about by Internet have also widened the scope of crime and insecurity at an alarming rate. Also, ICT has fast become a primary differentiator for institution/organization leaders as it offers effective and convenient means of interaction with each other across the globe. This upsurge in the population of organizations depending on ICT for business transaction has brought with it a growing number of security threats and attacks on poorly managed and secured networks primarily to steal personal data, particularly financial information and password.This paper therefore proposes some policies and guidelines that should be followed by network administrators in organizations to help them ensure effective network management and security of ICT facilities and data.

  3. Bot armies as threats to network security

    Science.gov (United States)

    Banks, Sheila B.; Stytz, Martin R.

    2007-04-01

    "Botnets", or "bot armies", are large groups of remotely controlled malicious software. Bot armies pose one of the most serious security threats to all networks. Botnets, remotely controlled and operated by botmasters or botherders, can launch massive denial of service attacks, multiple penetration attacks, or any other malicious network activity on a massive scale. While bot army activity has, in the past, been limited to fraud, blackmail, and other forms of criminal activity, their potential for causing large-scale damage to the entire internet; for launching large-scale, coordinated attacks on government computers and networks; and for large-scale, coordinated data gathering from thousands of users and computers on any network has been underestimated. This paper will not discuss how to build bots but the threats they pose. In a "botnet" or "bot army", computers can be used to spread spam, launch denial-of-service attacks against Web sites, conduct fraudulent activities, and prevent authorized network traffic from traversing the network. In this paper we discuss botnets and the technologies that underlie this threat to network and computer security. The first section motivates the need for improved protection against botnets, their technologies, and for further research about botnets. The second contains background information about bot armies and their key underlying technologies. The third section presents a discussion of the types of attacks that botnets can conduct and potential defenses against them. The fourth section contains a summary and suggestions for future research and development.

  4. The Analysis of SARDANA HPON Networks Using the HPON Network Configurator

    Directory of Open Access Journals (Sweden)

    Rastislav Roka

    2013-01-01

    Full Text Available NG-PON systems present optical access infrastructures to support various applications of the many service providers. In the near future, we can expect NG-PON technologies with different motivations for developing of HPON networks. The HPON is a hybrid passive optical network in a way that utilizes on a physical layer both TDM and WDM multiplexing principles together. The HPON network utilizes similar or soft revised topologies as TDM-PON architectures. In this second paper, requirements for the SARDANA HPON networks are introduced. A main part of the paper is dedicated to presentation of the HPON network configurator that allows configurating and analyzing the SARDANA HPON characteristics from a viewpoint of various specific network parameters. Finally, a short introduction to the comparison of the SARDANA and SUCCESS HPON networks based on simulation results is presented.

  5. The Analysis of SUCCESS HPON Networks Using the HPON Network Configurator

    Directory of Open Access Journals (Sweden)

    Rastislav Roka

    2013-01-01

    Full Text Available NG-PON systems present optical access infrastructures to support various applications of the many service providers. In the near future, we can expect NG-PON technologies with different motivations for developing of HPON networks. The HPON is a hybrid passive optical network in a way that utilizes on a physical layer both TDM and WDM multiplexing principles together. The HPON network utilizes similar or soft revised topologies as TDM-PON architectures. In this first paper, design requirements for SUCCESS HPON networks are introduced. A main part of the paper is dedicated to presentation of the HPON network configurator that allows configurating and analyzing the SUCCESS HPON characteristics from a viewpoint of various specific network parameters. Finally, a short introduction to the comparison of the SUCCESS and SARDANA HPON networks based on simulation results is presented.

  6. Survey of current technologies for network security; Network security gijutsu no genjo

    Energy Technology Data Exchange (ETDEWEB)

    Matsui, S.

    2000-05-01

    The Internet and technologies derived from it are indispensable for business today. As the Internet have became a commodity, and number of cracking activities have grown rapidly, network security has become serious matter. This paper presents a survey of current technologies for network security. First a summary of current research trend in cryptography, IPSec, intrusion detection system, next generation firewall, and performance management. Then detailed description on intrusion detection system and next generation firewall will be given. (author)

  7. Security management of next generation telecommunications networks and services

    CERN Document Server

    Jacobs, Stuart

    2014-01-01

    This book will cover network management security issues and currently available security mechanisms by discussing how network architectures have evolved into the contemporary NGNs which support converged services (voice, video, TV, interactive information exchange, and classic data communications). It will also analyze existing security standards and their applicability to securing network management. This book will review 21st century security concepts of authentication, authorization, confidentiality, integrity, nonrepudiation, vulnerabilities, threats, risks, and effective approaches to enc

  8. Extending a configuration model to find communities in complex networks

    Science.gov (United States)

    Jin, Di; He, Dongxiao; Hu, Qinghua; Baquero, Carlos; Yang, Bo

    2013-09-01

    Discovery of communities in complex networks is a fundamental data analysis task in various domains. Generative models are a promising class of techniques for identifying modular properties from networks, which has been actively discussed recently. However, most of them cannot preserve the degree sequence of networks, which will distort the community detection results. Rather than using a blockmodel as most current works do, here we generalize a configuration model, namely, a null model of modularity, to solve this problem. Towards decomposing and combining sub-graphs according to the soft community memberships, our model incorporates the ability to describe community structures, something the original model does not have. Also, it has the property, as with the original model, that it fixes the expected degree sequence to be the same as that of the observed network. We combine both the community property and degree sequence preserving into a single unified model, which gives better community results compared with other models. Thereafter, we learn the model using a technique of nonnegative matrix factorization and determine the number of communities by applying consensus clustering. We test this approach both on synthetic benchmarks and on real-world networks, and compare it with two similar methods. The experimental results demonstrate the superior performance of our method over competing methods in detecting both disjoint and overlapping communities.

  9. Wireless Local Area Network (WLAN) Vulnerability Assessment and Security

    National Research Council Canada - National Science Library

    Kessel, Adam; Goodwin, Shane

    2005-01-01

    The proliferation of wireless computer equipment and Local Area Networks (LANs) create an increasingly common and growing threat to Marine Corps Network infrastructure and communication security (COMSEC...

  10. The Design and Analysis of Virtual Network Configuration for a Wireless Mobile ATM Network

    Science.gov (United States)

    Bush, Stephen F.

    1999-05-01

    This research concentrates on the design and analysis of an algorithm referred to as Virtual Network Configuration (VNC) which uses predicted future states of a system for faster network configuration and management. VNC is applied to the configuration of a wireless mobile ATM network. VNC is built on techniques from parallel discrete event simulation merged with constraints from real-time systems and applied to mobile ATM configuration and handoff. Configuration in a mobile network is a dynamic and continuous process. Factors such as load, distance, capacity and topology are all constantly changing in a mobile environment. The VNC algorithm anticipates configuration changes and speeds the reconfiguration process by pre-computing and caching results. VNC propagates local prediction results throughout the VNC enhanced system. The Global Positioning System is an enabling technology for the use of VNC in mobile networks because it provides location information and accurate time for each node. This research has resulted in well defined structures for the encapsulation of physical processes within Logical Processes and a generic library for enhancing a system with VNC. Enhancing an existing system with VNC is straight forward assuming the existing physical processes do not have side effects. The benefit of prediction is gained at the cost of additional traffic and processing. This research includes an analysis of VNC and suggestions for optimization of the VNC algorithm and its parameters.

  11. Identifying the Key Weaknesses in Network Security at Colleges.

    Science.gov (United States)

    Olsen, Florence

    2000-01-01

    A new study identifies and ranks the 10 security gaps responsible for most outsider attacks on college computer networks. The list is intended to help campus system administrators establish priorities as they work to increase security. One network security expert urges that institutions utilize multiple security layers. (DB)

  12. Computer network security and cyber ethics

    CERN Document Server

    Kizza, Joseph Migga

    2014-01-01

    In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

  13. Security Aspects of an Enterprise-Wide Network Architecture.

    Science.gov (United States)

    Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

    1999-01-01

    Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

  14. Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

    Science.gov (United States)

    Ivancic, William D.; Paulsen, Phillip E.

    2004-01-01

    The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and

  15. Social networking mining, visualization, and security

    CERN Document Server

    Dehuri, Satchidananda; Wang, Gi-Nam

    2014-01-01

    With the proliferation of social media and on-line communities in networked world a large gamut of data has been collected and stored in databases. The rate at which such data is stored is growing at a phenomenal rate and pushing the classical methods of data analysis to their limits. This book presents an integrated framework of recent empirical and theoretical research on social network analysis based on a wide range of techniques from various disciplines like data mining, social sciences, mathematics, statistics, physics, network science, machine learning with visualization techniques, and security. The book illustrates the potential of multi-disciplinary techniques in various real life problems and intends to motivate researchers in social network analysis to design more effective tools by integrating swarm intelligence and data mining.  

  16. Quantum photonic network and physical layer security.

    Science.gov (United States)

    Sasaki, Masahide; Endo, Hiroyuki; Fujiwara, Mikio; Kitamura, Mitsuo; Ito, Toshiyuki; Shimizu, Ryosuke; Toyoshima, Morio

    2017-08-06

    Quantum communication and quantum cryptography are expected to enhance the transmission rate and the security (confidentiality of data transmission), respectively. We study a new scheme which can potentially bridge an intermediate region covered by these two schemes, which is referred to as quantum photonic network. The basic framework is information theoretically secure communications in a free space optical (FSO) wiretap channel, in which an eavesdropper has physically limited access to the main channel between the legitimate sender and receiver. We first review a theoretical framework to quantify the optimal balance of the transmission efficiency and the security level under power constraint and at finite code length. We then present experimental results on channel characterization based on 10 MHz on-off keying transmission in a 7.8 km terrestrial FSO wiretap channel.This article is part of the themed issue 'Quantum technology for the 21st century'. © 2017 The Author(s).

  17. Quantum photonic network and physical layer security

    Science.gov (United States)

    Sasaki, Masahide; Endo, Hiroyuki; Fujiwara, Mikio; Kitamura, Mitsuo; Ito, Toshiyuki; Shimizu, Ryosuke; Toyoshima, Morio

    2017-06-01

    Quantum communication and quantum cryptography are expected to enhance the transmission rate and the security (confidentiality of data transmission), respectively. We study a new scheme which can potentially bridge an intermediate region covered by these two schemes, which is referred to as quantum photonic network. The basic framework is information theoretically secure communications in a free space optical (FSO) wiretap channel, in which an eavesdropper has physically limited access to the main channel between the legitimate sender and receiver. We first review a theoretical framework to quantify the optimal balance of the transmission efficiency and the security level under power constraint and at finite code length. We then present experimental results on channel characterization based on 10 MHz on-off keying transmission in a 7.8 km terrestrial FSO wiretap channel. This article is part of the themed issue 'Quantum technology for the 21st century'.

  18. Security and privacy preserving in social networks

    CERN Document Server

    Chbeir, Richard

    2013-01-01

    This volume aims at assessing the current approaches and technologies, as well as to outline the major challenges and future perspectives related to the security and privacy protection of social networks. It provides the reader with an overview of the state-of-the art techniques, studies, and approaches as well as outlining future directions in this field. A wide range of interdisciplinary contributions from various research groups ensures for a balanced and complete perspective.

  19. The Network's Data Security Risk Analysis

    Directory of Open Access Journals (Sweden)

    Emil BURTESCU

    2008-01-01

    Full Text Available Establishing the networks security risk can be a very difficult operation especially for the small companies which, from financial reasons can't appeal at specialist in this domain, or for the medium or large companies that don't have experience. The following method proposes not to use complex financial calculus to determine the loss level and the value of impact making the determination of risk level a lot easier.

  20. Home-Network Security Model in Ubiquitous Environment

    OpenAIRE

    Dong-Young Yoo; Jong-Whoi Shin; Jin-Young Choi

    2007-01-01

    Social interest and demand on Home-Network has been increasing greatly. Although various services are being introduced to respond to such demands, they can cause serious security problems when linked to the open network such as Internet. This paper reviews the security requirements to protect the service users with assumption that the Home-Network environment is connected to Internet and then proposes the security model based on the requirement. The proposed security mode...

  1. Security and Privacy Preservation in Human-Involved Networks

    Science.gov (United States)

    Asher, Craig; Aumasson, Jean-Philippe; Phan, Raphael C.-W.

    This paper discusses security within human-involved networks, with a focus on social networking services (SNS). We argue that more secure networks could be designed using semi-formal security models inspired from cryptography, as well as notions like that of ceremony, which exploits human-specific abilities and psychology to assist creating more secure protocols. We illustrate some of our ideas with the example of the SNS Facebook.

  2. Implantable Medical Devices; Networking Security Survey

    Directory of Open Access Journals (Sweden)

    Siamak Aram

    2016-08-01

    Full Text Available The industry of implantable medical devices (IMDs is constantly evolving, which is dictated by the pressing need to comprehensively address new challenges in the healthcare field. Accordingly, IMDs are becoming more and more sophisticated. Not long ago, the range of IMDs’ technical capacities was expanded, making it possible to establish Internet connection in case of necessity and/or emergency situation for the patient. At the same time, while the web connectivity of today’s implantable devices is rather advanced, the issue of equipping the IMDs with sufficiently strong security system remains unresolved. In fact, IMDs have relatively weak security mechanisms which render them vulnerable to cyber-attacks that compromise the quality of IMDs’ functionalities. This study revolves around the security deficiencies inherent to three types of sensor-based medical devices; biosensors, insulin pump systems and implantable cardioverter defibrillators. Manufacturers of these devices should take into consideration that security and effectiveness of the functionality of implants is highly dependent on the design. In this paper, we present a comprehensive study of IMDs’ architecture and specifically investigate their vulnerabilities at networking interface.

  3. 78 FR 7797 - Homeland Security Information Network Advisory Committee (HSINAC)

    Science.gov (United States)

    2013-02-04

    ... SECURITY Homeland Security Information Network Advisory Committee (HSINAC) AGENCY: OPS/OCIO, DHS. ACTION: Committee Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Information Network Advisory Committee (HSIN AC) will meet on February 27th-28th, 2013 in Washington, DC. The...

  4. Security challenges for energy-harvesting wireless sensor networks

    DEFF Research Database (Denmark)

    Di Mauro, Alessio; Papini, Davide; Dragoni, Nicola

    2012-01-01

    With the recent introduction of Energy-Harvesting nodes, security is gaining more and more importance in sensor networks. By exploiting the ability of scavenging energy from the surrounding environment, the lifespan of a node has drastically increased. This is one of the reason why security needs...... networks. Finally, we present and discuss existing security solutions for EH-WSNs....

  5. Secure Network-Centric Aviation Communication (SNAC)

    Science.gov (United States)

    Nelson, Paul H.; Muha, Mark A.; Sheehe, Charles J.

    2017-01-01

    The existing National Airspace System (NAS) communications capabilities are largely unsecured, are not designed for efficient use of spectrum and collectively are not capable of servicing the future needs of the NAS with the inclusion of new operators in Unmanned Aviation Systems (UAS) or On Demand Mobility (ODM). SNAC will provide a ubiquitous secure, network-based communications architecture that will provide new service capabilities and allow for the migration of current communications to SNAC over time. The necessary change in communication technologies to digital domains will allow for the adoption of security mechanisms, sharing of link technologies, large increase in spectrum utilization, new forms of resilience and redundancy and the possibly of spectrum reuse. SNAC consists of a long term open architectural approach with increasingly capable designs used to steer research and development and enable operating capabilities that run in parallel with current NAS systems.

  6. Electrokinetic confinement of axonal growth for dynamically configurable neural networks

    Science.gov (United States)

    Honegger, Thibault; Scott, Mark A.; Yanik, Mehmet F.; Voldman, Joel

    2013-01-01

    Axons in the developing nervous system are directed via guidance cues, whose expression varies both spatially and temporally, to create functional neural circuits. Existing methods to create patterns of neural connectivity in vitro use only static geometries, and are unable to dynamically alter the guidance cues imparted on the cells. We introduce the use of AC electrokinetics to dynamically control axonal growth in cultured rat hippocampal neurons. We find that the application of modest voltages at frequencies on the order of 105 Hz can cause developing axons to be stopped adjacent to the electrodes while axons away from the electric fields exhibit uninhibited growth. By switching electrodes on or off, we can reversibly inhibit or permit axon passage across the electrodes. Our models suggest that dielectrophoresis is the causative AC electrokinetic effect. We make use of our dynamic control over axon elongation to create an axon-diode via an axon-lock system that consists of a pair of electrode `gates' that either permit or prevent axons from passing through. Finally, we developed a neural circuit consisting of three populations of neurons, separated by three axon-locks to demonstrate the assembly of a functional, engineered neural network. Action potential recordings demonstrate that the AC electrokinetic effect does not harm axons, and Ca2+ imaging demonstrated the unidirectional nature of the synaptic connections. AC electrokinetic confinement of axonal growth has potential for creating configurable, directional neural networks. PMID:23314575

  7. Assessment of New Hub-and-spoke and Point-to-point Airline Network Configurations

    NARCIS (Netherlands)

    Alderighi, M.; Cento, A.; Nijkamp, P.; Rietveld, P.

    2007-01-01

    This paper aims to provide new measures of airline network configuration with a view to analyse effectively the complexity of modern carriers' network design. It studies network configurations in the airline sector by taking into account both spatial and temporal dimensions. The spatial dimension is

  8. Survey on Security Issues in Vehicular Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    Bassem Mokhtar

    2015-12-01

    Full Text Available Vehicular Ad hoc NETworks are special case of ad hoc networks that, besides lacking infrastructure, communicating entities move with various accelerations. Accordingly, this impedes establishing reliable end-to-end communication paths and having efficient data transfer. Thus, VANETs have different network concerns and security challenges to get the availability of ubiquitous connectivity, secure communications, and reputation management systems which affect the trust in cooperation and negotiation between mobile networking entities. In this survey, we discuss the security features, challenges, and attacks of VANETs, and we classify the security attacks of VANETs due to the different network layers.

  9. Security and trust in online social networks

    CERN Document Server

    Carminati, Barbara; Viviani, Marco; Viviani, Marco; Carminati, Barbara

    2013-01-01

    The enormous success and diffusion that online social networks (OSNs) are encountering nowadays is vastly apparent. Users' social interactions now occur using online social media as communication channels; personal information and activities are easily exchanged both for recreational and business purposes in order to obtain social or economic advantages. In this scenario, OSNs are considered critical applications with respect to the security of users and their resources, for their characteristics alone: the large amount of personal information they manage, big economic upturn connected to thei

  10. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  11. Resistance and Security Index of Networks: Structural Information Perspective of Network Security.

    Science.gov (United States)

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-06-03

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks.

  12. Configuring a context-aware middleware for Wireless Sensor Networks.

    Science.gov (United States)

    Gámez, Nadia; Cubo, Javier; Fuentes, Lidia; Pimentel, Ernesto

    2012-01-01

    In the Future Internet, applications based on Wireless Sensor Networks will have to support reconfiguration with minimum human intervention, depending on dynamic context changes in their environment. These situations create a need for building these applications as adaptive software and including techniques that allow the context acquisition and decisions about adaptation. However, contexts use to be made up of complex information acquired from heterogeneous devices and user characteristics, making them difficult to manage. So, instead of building context-aware applications from scratch, we propose to use FamiWare, a family of middleware for Ambient Intelligence specifically designed to be aware of contexts in sensor and smartphone devices. It provides both, several monitoring services to acquire contexts from devices and users, and a context-awareness service to analyze and detect context changes. However, the current version of FamiWare does not allow the automatic incorporation related to the management of new contexts into the FamiWare family. To overcome this shortcoming, in this work, we first present how to model the context using a metamodel to define the contexts that must to be taken into account in an instantiation of FamiWare for a certain Ambient Intelligence system. Then, to configure a new context-aware version of FamiWare and to generate code ready-to-install within heterogeneous devices, we define a mapping that automatically transforms metamodel elements defining contexts into elements of the FamiWare family, and we also use the FamiWare configuration process to customize the new context-aware variant. Finally, we evaluate the benefits of our process, and we analyze both that the new version of the middleware works as expected and that it manages the contexts in an efficient way.

  13. Configuring a Context-Aware Middleware for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Ernesto Pimentel

    2012-06-01

    Full Text Available In the Future Internet, applications based on Wireless Sensor Networks will have to support reconfiguration with minimum human intervention, depending on dynamic context changes in their environment. These situations create a need for building these applications as adaptive software and including techniques that allow the context acquisition and decisions about adaptation. However, contexts use to be made up of complex information acquired from heterogeneous devices and user characteristics, making them difficult to manage. So, instead of building context-aware applications from scratch, we propose to use FamiWare, a family of middleware for Ambient Intelligence specifically designed to be aware of contexts in sensor and smartphone devices. It provides both, several monitoring services to acquire contexts from devices and users, and a context-awareness service to analyze and detect context changes. However, the current version of FamiWare does not allow the automatic incorporation related to the management of new contexts into the FamiWare family. To overcome this shortcoming, in this work, we first present how to model the context using a metamodel to define the contexts that must to be taken into account in an instantiation of FamiWare for a certain Ambient Intelligence system. Then, to configure a new context-aware version of FamiWare and to generate code ready-to-install within heterogeneous devices, we define a mapping that automatically transforms metamodel elements defining contexts into elements of the FamiWare family, and we also use the FamiWare configuration process to customize the new context-aware variant. Finally, we evaluate the benefits of our process, and we analyze both that the new version of the middleware works as expected and that it manages the contexts in an efficient way.

  14. Gsm Networks: A Review Of Security Threats And Mitigation Measures

    African Journals Online (AJOL)

    Gsm Networks: A Review Of Security Threats And Mitigation Measures. ... Information Manager (The) ... This paper investigates the security measures used in GSM networks which include Authentication, Encryption, Equipment Identification and Subscriber Identity Confidentiality, as well as the manifestation of network ...

  15. Analysis and Comparison on Novel Sensor Network Security Access Technology

    Directory of Open Access Journals (Sweden)

    Ping LIU

    2014-01-01

    Full Text Available The article introduces against technical defects of traditional network access control system, detail NAC, NAP, UAC and TNC four kinds of new network security access technology, and this article analyzes and compares them. Security framework for wireless sensor networks SPINS defines the mechanism and algorithm of complete and effective in confidentiality, point-to-point message authentication, integrity, authentication, broadcast authentication.

  16. Do governance choices matter in health care networks?: an exploratory configuration study of health care networks

    Science.gov (United States)

    2013-01-01

    Background Health care networks are widely used and accepted as an organizational form that enables integrated care as well as dealing with complex matters in health care. However, research on the governance of health care networks lags behind. The research aim of our study is to explore the type and importance of governance structure and governance mechanisms for network effectiveness. Methods The study has a multiple case study design and covers 22 health care networks. Using a configuration view, combinations of network governance and other network characteristics were studied on the level of the network. Based on interview and questionnaire data, network characteristics were identified and patterns in the data looked for. Results Neither a dominant (or optimal) governance structure or mechanism nor a perfect fit among governance and other characteristics were revealed, but a number of characteristics that need further study might be related to effective networks such as the role of governmental agencies, legitimacy, and relational, hierarchical, and contractual governance mechanisms as complementary factors. Conclusions Although the results emphasize the situational character of network governance and effectiveness, they give practitioners in the health care sector indications of which factors might be more or less crucial for network effectiveness. PMID:23800334

  17. Do governance choices matter in health care networks?: an exploratory configuration study of health care networks.

    Science.gov (United States)

    Willem, Annick; Gemmel, Paul

    2013-06-24

    Health care networks are widely used and accepted as an organizational form that enables integrated care as well as dealing with complex matters in health care. However, research on the governance of health care networks lags behind. The research aim of our study is to explore the type and importance of governance structure and governance mechanisms for network effectiveness. The study has a multiple case study design and covers 22 health care networks. Using a configuration view, combinations of network governance and other network characteristics were studied on the level of the network. Based on interview and questionnaire data, network characteristics were identified and patterns in the data looked for. Neither a dominant (or optimal) governance structure or mechanism nor a perfect fit among governance and other characteristics were revealed, but a number of characteristics that need further study might be related to effective networks such as the role of governmental agencies, legitimacy, and relational, hierarchical, and contractual governance mechanisms as complementary factors. Although the results emphasize the situational character of network governance and effectiveness, they give practitioners in the health care sector indications of which factors might be more or less crucial for network effectiveness.

  18. 78 FR 71631 - Committee Name: Homeland Security Information Network Advisory Committee (HSINAC)

    Science.gov (United States)

    2013-11-29

    ... SECURITY Committee Name: Homeland Security Information Network Advisory Committee (HSINAC) AGENCY... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Information Network... Homeland Security Information Network Advisory Committee (HSINAC) is an advisory body to the Homeland...

  19. Securing confidentiality in PON and HFC networks

    Science.gov (United States)

    Koulouris, John; Koulouris, A.

    1998-09-01

    In Some kind of networks like PON (Passive Optical Networks) and HFC (Hybrid Fiber Coaxial) networks, the information from the central station (headend) to the terminals is broadcast to all of them. So each one of them besides its own data gets also the data destined for the others. Under these conditions privacy and confidentiality do not exist. The usual way to overcome this drawback is conventional encryption of the data between headend and terminals. This method besides making the communication procedure more complex, has also the drawback that traffic data cannot be protected, since the destination field of each cell cannot be encrypted. Here another method is presented which, although not encryption in the conventional meaning of the term, secures a high degree of individuality and confidentiality. The basic idea is to use different multiplexing patterns for each connection so that each terminal can demultiplex only its own data. The method is suited for the high data speed of the PON networks and maybe preferable to conventional encryption.

  20. A Study on Network Configuration of Distributed Flexible Network PV System

    Science.gov (United States)

    Dakkak, Mohamed; Hatori, Kenji; Miura, Yushi; Ise, Toshifumi

    The introduction of Distributed Flexible Network Photovoltaic (DFNPV) system is going towards solving the shortcomings of stand-alone systems in remote areas. Three types of configurations of DFNPV system are studied: star, loop, and mesh. Each configuration has many subsystems, which are assumed to have the similar characteristics and location, and consist of PV panel, DC/DC converter, and dc load. Comparative study had been carried out from the viewpoint of power losses in wires, wire length, and initial cost. First of all for estimating the size of DFNPV system within acceptable voltage drop, relations between wire length, power loss, wire cost, and cable types are discussed. The problem in DFNPV System is to find the best location of the battery bank from a many viewpoints, minimum extension cost and minimum losses in wires. This paper describes how to optimize the best location of the common battery bank from the viewpoints of the cost of power losses and the extension cost. The results of optimizing configurations show that a star configuration for initial installations is most effective, in future expansion; loop network is more cost effective. In addition, the economic study shows the final cost advantage of DFNPV system, for three types of configurations over stand-alone ones.

  1. Wireless networks and security issues, challenges and research trends

    CERN Document Server

    Pathan, Al-Sakib

    2013-01-01

     “Wireless Networks and Security” provides a broad coverage of wireless security issues including cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, epidemics, security performance analysis, security issues in applications. The contributions identify various vulnerabilities in the physical layer, MAC layer, network layer, transport layer, and application layer, and focus on ways of strengthening security mechanisms and services throughout the layers. This carefully edited monograph is targeting  for researchers, post-graduate students in universities, academics, and industry practitioners or professionals.  

  2. Efficient combined security system for wireless sensor network

    Directory of Open Access Journals (Sweden)

    N.S. Fayed

    2012-11-01

    Full Text Available Wireless Sensor Networks (WSNs need effective security mechanisms because these networks deployed in hostel unattended environments. There are many parameters affect selecting the security mechanism as its speed and energy consumption. This paper presents a combined security system for WSN that enhance the speed of the network and it is energy consumption. This system combines two strong protocols, Lightweight Kerberos and Elliptic Curve Menezes–Qu–Vanstone (ECMQV. The simulation results demonstrate that the combined system can enlarge the life time for wireless sensor networks, enhance its security, and increase its speed.

  3. Security-Enhanced Push Button Configuration for Home Smart Control †

    Science.gov (United States)

    Han, Junghee; Park, Taejoon

    2017-01-01

    With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment. PMID:28594370

  4. SecMAS: Security Enhanced Monitoring and Analysis Systems for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Ding Chao

    2016-01-01

    Full Text Available The monitoring, control, and security guarantee for the communication in the wireless sensor networks (WSNs are currently treated as three independent issues and addressed separately through specialized tools. However, most cases of WSNs applications requires the network administrator change the network configuration in a very short time to response to the change of observed phenomenon with security guarantee. To meet this requirement, we propose a security enhanced monitoring and control platform named SecMAS for WSNs, which provides the real-time visualization about network states and online reconfiguration of the network properties and behaviours in a resource-efficient way. Besides, basic cryptographic primitives and part of the anomaly detection functionalities are implemented in SecMAS to enabling the secure communication in WSNs. Furthermore, we conduct experiments to evaluate the performance of SecMAS in terms of the latency, throughput, communication overhead, and the security capacity. The experimental results demonstrate that the SecMAS system achieves stable, efficient and secure data collection with lightweight quick-response network control.

  5. Evaluation of a Cyber Security System for Hospital Network.

    Science.gov (United States)

    Faysel, Mohammad A

    2015-01-01

    Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

  6. Collective Study On Security Threats In VOIP Networks

    Directory of Open Access Journals (Sweden)

    Muhammad Zulkifl Hasan

    2017-01-01

    Full Text Available The Collective study will critically evaluate the voice over internet protocol VOIP Security threats issues amp challenges in the communication over the network the solution provided by different vendors. Authors will be discussing all security issues different protocols but main focus will be on SIP protocol its implementation and vendors VOIP security system.

  7. Network Security: What Non-Technical Administrators Must Know

    Science.gov (United States)

    Council, Chip

    2005-01-01

    Now it is increasingly critical that community college leaders become involved in network security and partner with their directors of information technology (IT). Network security involves more than just virus protection software and firewalls. It involves vigilance and requires top executive support. Leaders can help their IT directors to…

  8. Secure Media Independent Handover Message Transport in Heterogeneous Networks

    Directory of Open Access Journals (Sweden)

    Cho Choong-Ho

    2009-01-01

    Full Text Available The IEEE 802.21 framework for Media Independent Handover (MIH provides seamless vertical handover support for multimode mobile terminals. MIH messages are exchanged over various wireless media between mobile terminals and access networks to facilitate seamless handover. This calls for the need to secure MIH messages against network security threats in the wireless medium. In this paper, we first analyze IPSec/IKEv2 and DTLS security solution for secure MIH message transport. We show that handover latency can be an impediment to the use of IPSec and DTLS solutions. To overcome the handover overhead and hence minimize authentication time, a new secure MIH message transport solution, referred as MIHSec in this paper, is proposed. Experimental results are obtained for MIH between WLAN and Ethernet networks and the impacts of MIH message security on the handover latency are evaluated for IPSec, DTLS, and MIHSec security solutions. The effectiveness of MIHSec is demonstrated.

  9. Critical Infrastructure Surveillance Using SecureWireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Michael Niedermeier

    2015-11-01

    Full Text Available In this work, a secure wireless sensor network (WSN for the surveillance, monitoring and protection of critical infrastructures was developed. To guarantee the security of the system, the main focus was the implementation of a unique security concept, which includes both security on the communication level, as well as mechanisms that ensure the functional safety during its operation. While there are many theoretical approaches in various subdomains of WSNs—like network structures, communication protocols and security concepts—the construction, implementation and real-life application of these devices is still rare. This work deals with these aforementioned aspects, including all phases from concept-generation to operation of a secure wireless sensor network. While the key focus of this paper lies on the security and safety features of the WSN, the detection, localization and classification capabilities resulting from the interaction of the nodes’ different sensor types are also described.

  10. Graphs for information security control in software defined networks

    Science.gov (United States)

    Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

    2017-07-01

    Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

  11. Seamless and secure communications over heterogeneous wireless networks

    CERN Document Server

    Cao, Jiannong

    2014-01-01

    This brief provides an overview of the requirements, challenges, design issues and major techniques for seamless and secure communications over heterogeneous wireless networks. It summarizes and provides detailed insights into the latest research on handoff management, mobility management, fast authentication and security management to support seamless and secure roaming for mobile clients. The reader will also learn about the challenges in developing relevant technologies and providing ubiquitous Internet access over heterogeneous wireless networks. The authors have extensive experience in im

  12. Security analysis of quantum key distribution on passive optical networks.

    Science.gov (United States)

    Lim, Kyongchun; Ko, Heasin; Suh, Changho; Rhee, June-Koo Kevin

    2017-05-15

    Needs for providing security to end users have brought installation of quantum key distribution (QKD) in one-to-many access networks such as passive optical networks. In the networks, a presence of optical power splitters makes issues for secure key rate more important. However, researches for QKD in access networks have mainly focused on implementation issues rather than protocol development for key rate enhancement. Since secure key rate is theoretically limited by a protocol, researches without protocol development cannot overcome the limit of secure key rate given by a protocol. This brings need of researches for protocol development. In this paper, we provide a new approach which provides secure key rate enhancement over the conventional protocol. Specifically, we propose the secure key rate formula in a passive optical network by extending the secure key rate formula based on the decoy-state BB84 protocol. For a passive optical network, we provide a way that incorporates cooperation across end users. Then, we show that the way can mitigate a photon number splitting (PNS) attack which is crucial in an well known decoy BB84 protocol. Especially, the proposed scheme enables multi-photon states to serve as secure keys unlike the conventional decoy BB84 protocol. Numerical simulations demonstrate that our proposed scheme outperforms the decoy BB84 protocol in secure key rate.

  13. Securing Wireless Local Area Networks with GoC PKI

    Science.gov (United States)

    2007-10-01

    networks. 2. Scope of Work The original requirement was simply to improve Internet Security (IPsec) [2] protocol authentication with the use GoC...both key management protocols and data security protocols. The Internet Security Association and Key Management Protocol (ISAKMP) [18] provides a...34 Internet Security Association and Key Management Protocol (ISAKMP)" IETF Request For Comment 2408, November 1998 [19] D. Harkins, D. Carrel, "The

  14. Securing Gateways within Clustered Power Centric Network of Nodes

    Directory of Open Access Journals (Sweden)

    Qaisar Javaid

    2016-01-01

    Full Text Available Knowledge Networks are gaining momentum within cyber world. Knowledge leads to innovation and for this reason organizations focus on research and information gathering in order to gain and improve existing knowledge. This of information era, which is primarily based on world wide web technologies, enables significantly expanded networks of people to communicate and collaborate 'virtually' across teams, across entire organizations and across the world, anytime and anywhere. Innovations in computing and telecommunications have transformed the corporations from structured and manageable types to interwoven network of blurred boundaries such as; ad hoc networks and mobile wireless networks, etc. This study explores knowledge networks in Information Technology and security leaks that are found, as well as measures that are taken to counter this menace which is coming up with optimal Secure Clustered Power Centric node network. The paper concludes these measures, evaluating and integrating them to come up with a secured network design.

  15. Supporting scalable Bayesian networks using configurable discretizer actuators

    CSIR Research Space (South Africa)

    Osunmakinde, I

    2009-04-01

    Full Text Available The authors propose a generalized model with configurable discretizer actuators as a solution to the problem of the discretization of massive numerical datasets. Their solution is based on a concurrent distribution of the actuators and uses dynamic...

  16. A cost-benefit analysis of alternative device configurations for aviation-checked baggage security screening.

    Science.gov (United States)

    Jacobson, Sheldon H; Karnani, Tamana; Kobza, John E; Ritchie, Lynsey

    2006-04-01

    The terrorist attacks of September 11, 2001 have resulted in dramatic changes in aviation security. As of early 2003, an estimated 1,100 explosive detection systems (EDS) and 6,000 explosive trace detection machines (ETD) have been deployed to ensure 100% checked baggage screening at all commercial airports throughout the United States. The prohibitive costs associated with deploying and operating such devices is a serious issue for the Transportation Security Administration. This article evaluates the cost effectiveness of the explosive detection technologies currently deployed to screen checked baggage as well as new technologies that could be used in the future. Both single-device and two-device systems are considered. In particular, the expected annual direct cost of using these devices for 100% checked baggage screening under various scenarios is obtained and the tradeoffs between using single- and two-device strategies are studied. The expected number of successful threats under the different checked baggage screening scenarios with 100% checked baggage screening is also obtained. Lastly, a risk-based screening strategy proposed in the literature is analyzed. The results reported suggest that for the existing security setup, with current device costs and probability parameters, single-device systems are less costly and have fewer expected number of successful threats than two-device systems due to the way the second device affects the alarm or clear decision. The risk-based approach is found to have the potential to significantly improve security. The cost model introduced provides an effective tool for the execution of cost-benefit analyses of alternative device configurations for aviation-checked baggage security screening.

  17. p-Cycle configuration possibilities over DRDA networks

    OpenAIRE

    Domzal, Jerzy; Wojcik, Robert; Jajszczyk, Andrzej; Santiago del Río, Pedro M.; Hernández Gutiérrez, José Alberto; Aracil, Javier

    2015-01-01

    A resilience analysis of protection cycles (p-cycle) configurations for Double Rings with Dual Attachment (DRDAs) architectures is presented in this work. DRDAs are composed of two rings with corresponding nodes connected by two separated links. There are several possible configurations of p-cycles, which may be used in DRDAs for improving link or node protection upon link failure. The values of the parameters Mean Time To Failure and Mean Time To Disconnection are analysed in the paper to sh...

  18. Network Security Hacks Tips & Tools for Protecting Your Privacy

    CERN Document Server

    Lockhart, Andrew

    2009-01-01

    This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending, and incident response.

  19. Developing security tools of WSN and WBAN networks applications

    CERN Document Server

    A M El-Bendary, Mohsen

    2015-01-01

    This book focuses on two of the most rapidly developing areas in wireless technology (WT) applications, namely, wireless sensors networks (WSNs) and wireless body area networks (WBANs). These networks can be considered smart applications of the recent WT revolutions. The book presents various security tools and scenarios for the proposed enhanced-security of WSNs, which are supplemented with numerous computer simulations. In the computer simulation section, WSN modeling is addressed using MATLAB programming language.

  20. How to estimate the signs' configuration in the directed signed social networks?

    Science.gov (United States)

    Guo, Long; Gao, Fujuan; Jiang, Jian

    2017-02-01

    Inspired by the ensemble theory in statistical mechanics, we introduce a reshuffling approach to empirical analyze signs' configuration in the directed signed social networks of Epinions and Slashdots. In our reshuffling approach, each negative link has the reshuffling probability prs to exchange its sign with another positive link chosen randomly. Many reshuffled networks with different signs' configuration are built under different prss. For each reshuffled network, the entropies of the self social status are calculated and the opinion formation of the majority-rule model is analyzed. We find that Souts reach their own minimum values and the order parameter |m* | reaches its maximum value in the networks of Epinions and Slashdots without the reshuffling operation. Namely, individuals share the homogeneous properties of self social status and dynamic status in the real directed signed social networks. Our present work provides some interesting tools and perspective to understand the signs' configuration in signed social networks, especially in the online affiliation networks.

  1. Lack of security of networked medical equipment in radiology.

    Science.gov (United States)

    Moses, Vinu; Korah, Ipeson

    2015-02-01

    OBJECTIVE. There are few articles in the literature describing the security and safety aspects of networked medical equipment in radiology departments. Most radiologists are unaware of the security issues. We review the security of the networked medical equipment of a typical radiology department. MATERIALS AND METHODS. All networked medical equipment in a radiology department was scanned for vulnerabilities with a port scanner and a network vulnerability scanner, and the vulnerabilities were classified using the Common Vulnerability Scoring System. A network sniffer was used to capture and analyze traffic on the radiology network for exposure of confidential patient data. We reviewed the use of antivirus software and firewalls on the networked medical equipment. USB ports and CD and DVD drives in the networked medical equipment were tested to see whether they allowed unauthorized access. Implementation of the virtual private network (VPN) that vendors use to access the radiology network was reviewed. RESULTS. Most of the networked medical equipment in our radiology department used vulnerable software with open ports and services. Of the 144 items scanned, 64 (44%) had at least one critical vulnerability, and 119 (83%) had at least one high-risk vulnerability. Most equipment did not encrypt traffic and allowed capture of confidential patient data. Of the 144 items scanned, two (1%) used antivirus software and three (2%) had a firewall enabled. The USB ports were not secure on 49 of the 58 (84%) items with USB ports, and the CD or DVD drive was not secure on 17 of the 31 (55%) items with a CD or DVD drive. One of three vendors had an insecure implementation of VPN access. CONCLUSION. Radiologists and the medical industry need to urgently review and rectify the security issues in existing networked medical equipment. We hope that the results of our study and this article also raise awareness among radiologists about the security issues of networked medical equipment.

  2. Self-configuration and self-optimization process in heterogeneous wireless networks.

    Science.gov (United States)

    Guardalben, Lucas; Villalba, Luis Javier García; Buiati, Fábio; Sobral, João Bosco Mangueira; Camponogara, Eduardo

    2011-01-01

    Self-organization in Wireless Mesh Networks (WMN) is an emergent research area, which is becoming important due to the increasing number of nodes in a network. Consequently, the manual configuration of nodes is either impossible or highly costly. So it is desirable for the nodes to be able to configure themselves. In this paper, we propose an alternative architecture for self-organization of WMN based on Optimized Link State Routing Protocol (OLSR) and the ad hoc on demand distance vector (AODV) routing protocols as well as using the technology of software agents. We argue that the proposed self-optimization and self-configuration modules increase the throughput of network, reduces delay transmission and network load, decreases the traffic of HELLO messages according to network's scalability. By simulation analysis, we conclude that the self-optimization and self-configuration mechanisms can significantly improve the performance of OLSR and AODV protocols in comparison to the baseline protocols analyzed.

  3. Secure Reprogramming of a Network Connected Device : Securing programmable logic controllers

    OpenAIRE

    Tesfaye, Mussie

    2012-01-01

    This is a master’s thesis project entitled “Secure reprogramming of network connected devices”. The thesis begins by providing some background information to enable the reader to understand the current vulnerabilities of network-connected devices, specifically with regard to cyber security and data integrity. Today supervisory control and data acquisition systems utilizing network connected programmable logic controllers are widely used in many industries and critical infrastructures. These n...

  4. On Using TPM for Secure Identities in Future Home Networks

    Directory of Open Access Journals (Sweden)

    Georg Carle

    2011-01-01

    Full Text Available Security should be integrated into future networks from the beginning, not as an extension. Secure identities and authentication schemes are an important step to fulfill this quest. In this article, we argue that home networks are a natural trust anchor for such schemes. We describe our concept of home networks as a universal point of reference for authentication, trust and access control, and show that our scheme can be applied to any next generation network. As home networks are no safe place, we apply Trusted Computing technology to prevent the abuse of identities, i.e., identity theft.

  5. Artificial neural networks for static security assessment

    Energy Technology Data Exchange (ETDEWEB)

    Niebur, D.; Fischl, R.

    1997-12-31

    A reliable, continuous supply of electric energy is essential for the functioning of today`s complex societies. Due to a combination of increasing energy consumption and impediments of various kinds to the extension of existing electric transmission networks, these power systems are operated closer and closer to their limits. This situation requires a significantly less conservative power system operation and control regime which, in turn, is possible only by monitoring the system state in much more detail than was necessary previously. Fortunately, the large quantity of information required can be provided in many cases through recent advances in telecommunications and computing techniques. There is, however, a lack of evaluation techniques required to extract the salient information and to use it for higher-order processing. Whilst the sheer quantity of available information is always a problem, this situation is aggravated in emergency situations when rapid decisions are required. Furthermore, the behaviour of power systems is highly non-linear. Monitoring and control involves several hundred variables which are only partly available by measurements. Load demands and dynamic loads are difficult to model. Therefore models appropriate for normal situations might become invalid in emergency situations. These problems provide important motivation to explore novel data processing and programming techniques from the vast pool of artificial intelligence techniques. The following section gives a short introduction to static security assessment. (Author)

  6. The Systems Librarian: Implementing Wireless Networks without Compromising Security

    Science.gov (United States)

    Breeding, Marshall

    2005-01-01

    Many libraries are or soon will be offering Wi-Fi, also known as wireless networks. The largest perceived barriers to providing this service are concerns about security. The prime rule when deploying Wi-Fi is segregation, having a clear separation between a public wireless network and the rest of the library?s network. A number of devices can be…

  7. Customer configuration updating in a software supply network

    NARCIS (Netherlands)

    Jansen, S.R.L.

    2007-01-01

    Product software development is the activity of development, modification, reuse, re-engineering, maintenance, or any other activities that result in packaged configurations of software components or software-based services that are released for and traded in a specific market \\cite{XuBrinkkemper}.

  8. A comprehensive Network Security Risk Model for process control networks.

    Science.gov (United States)

    Henry, Matthew H; Haimes, Yacov Y

    2009-02-01

    The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

  9. Key Management for Secure Multicast over IPv6 Wireless Networks

    Directory of Open Access Journals (Sweden)

    Siddiqi Mohammad Umar

    2006-01-01

    Full Text Available Multicasting is an efficient method for transmission and routing of packets to multiple destinations using fewer network resources. Along with widespread deployment of wireless networks, secure multicast over wireless networks is an important and challenging goal. In this paper, we extend the scope of a recent new key distribution scheme to a security framework that offers a novel solution for secure multicast over IPv6 wireless networks. Our key management framework includes two scenarios for securely distributing the group key and rekey messages for joining and leaving a mobile host in secure multicast group. In addition, we perform the security analysis and provide performance comparisons between our approach and two recently published scenarios. The benefits of our proposed techniques are that they minimize the number of transmissions required to rekey the multicast group and impose minimal storage requirements on the multicast group. In addition, our proposed schemes are also very desirable from the viewpoint of transmission bandwidth savings since an efficient rekeying mechanism is provided for membership changes and they significantly reduce the required bandwidth due to key updating in mobile networks. Moreover, they achieve the security and scalability requirements in wireless networks.

  10. Security Concerns and Countermeasures in Network Coding Based Communications Systems

    DEFF Research Database (Denmark)

    Talooki, Vahid; Bassoli, Riccardo; Roetter, Daniel Enrique Lucani

    2015-01-01

    This survey paper shows the state of the art in security mechanisms, where a deep review of the current research and the status of this topic is carried out. We start by introducing network coding and its variety applications in enhancing current traditional networks. In particular, we analyze two...... key protocol types, namely, state-aware and stateless protocols, specifying the benefits and disadvantages of each one of them. We also present the key security assumptions of network coding (NC) systems as well as a detailed analysis of the security goals and threats, both passive and active....... This paper also presents a detailed taxonomy and a timeline of the different NC security mechanisms and schemes reported in the literature. Current proposed security mechanisms and schemes for NC in the literature are classified later. Finally a timeline of these mechanism and schemes is presented....

  11. Secure Multicast Routing Algorithm for Wireless Mesh Networks

    Directory of Open Access Journals (Sweden)

    Rakesh Matam

    2016-01-01

    Full Text Available Multicast is an indispensable communication technique in wireless mesh network (WMN. Many applications in WMN including multicast TV, audio and video conferencing, and multiplayer social gaming use multicast transmission. On the other hand, security in multicast transmissions is crucial, without which the network services are significantly disrupted. Existing secure routing protocols that address different active attacks are still vulnerable due to subtle nature of flaws in protocol design. Moreover, existing secure routing protocols assume that adversarial nodes cannot share an out-of-band communication channel which rules out the possibility of wormhole attack. In this paper, we propose SEMRAW (SEcure Multicast Routing Algorithm for Wireless mesh network that is resistant against all known active threats including wormhole attack. SEMRAW employs digital signatures to prevent a malicious node from gaining illegitimate access to the message contents. Security of SEMRAW is evaluated using the simulation paradigm approach.

  12. FPGA based, modular, configurable controller with fast synchronous optical network

    Energy Technology Data Exchange (ETDEWEB)

    Graczyk, R.; Pozniak, K.T.; Romaniuk, R.S. [Warsaw Univ. of Technology (Poland). Inst. of Electronic Systems

    2006-07-01

    The paper describes a configurable controller equipped with programmable VLSI FPGA circuit, universal expansion modules PMC, synchronous, optical, multi-gigabit links, commonly used industrial and computer communication interfaces, Ethernet 100TB, system of automatic initialization ACE etc. There are characterized the basic functional characteristics of the device. The possibilities of its usage in various work modes were presented. Realization of particular blocks of the device were discussed. Resulting, during the realization of this project, new hardware layer solutions were also characterized. (orig.)

  13. Enhanced Multiple Routing Configurations for Fast IP Network Recovery from Multiple Failures

    OpenAIRE

    T. Anji Kumar; Dr MHM Krishna Prasad

    2011-01-01

    Now a days, Internet plays a major role in our day to day activities e.g., for online transactions, online shopping, and other network related applications. Internet suffers from slow convergence of routing protocols after a network failure which becomes a growing problem. Multiple Routing Configurations [MRC] recovers network from single node/link failures, but does not support network from multiple node/link failures. In this paper, we propose Enhanced MRC [EMRC], to support multiple node/l...

  14. SCONES: Secure Content-Oriented Networking for Exploring Space Project

    Data.gov (United States)

    National Aeronautics and Space Administration — We envision a secure content-oriented internetwork as a natural generalization of the cache-and-forward architecture inherent in delay-tolerant networks. Using our...

  15. Measuring sustainable accessibility potential using the mobility infrastructure's network configuration

    NARCIS (Netherlands)

    Gil, J.; Read, S.

    2012-01-01

    This paper is an exploration into the analysis of public transport networks using space syntax approaches combined with concepts of sustainable accessibility. Present urban development policy aims to achieve sustainable mobility patterns, shifting mobility to soft transportation modes such as

  16. Role of physical and mental training in brain network configuration.

    Science.gov (United States)

    Foster, Philip P

    2015-01-01

    It is hypothesized that the topology of brain networks is constructed by connecting nodes which may be continuously remodeled by appropriate training. Efficiency of physical and/or mental training on the brain relies on the flexibility of networks' architecture molded by local remodeling of proteins and synapses of excitatory neurons producing transformations in network topology. Continuous remodeling of proteins of excitatory neurons is fine-tuning the scaling and strength of excitatory synapses up or down via regulation of intra-cellular metabolic and regulatory networks of the genome-transcriptome-proteome interface. Alzheimer's disease is a model of "energy cost-driven small-world network disorder" with dysfunction of high-energy cost wiring as the network global efficiency is impaired by the deposition of an informed agent, the amyloid-β, selectively targeting high-degree nodes. In schizophrenia, the interconnectivity and density of rich-club networks are significantly reduced. Training-induced homeostatic synaptogenesis-enhancement, presumably via reconfiguration of brain networks into greater small-worldness, appears essential in learning, memory, and executive functions. A macroscopic cartography of creation-removal of synaptic connections in a macro-network, and at the intra-cellular scale, micro-networks regulate the physiological mechanisms for the preferential attachment of synapses. The strongest molecular relationship of exercise and functional connectivity was identified for brain-derived neurotrophic factor (BDNF). The allele variant, rs7294919, also shows a powerful relationship with the hippocampal volume. How the brain achieves this unique quest of reconfiguration remains a puzzle. What are the underlying mechanisms of synaptogenesis promoting communications brain ↔ muscle and brain ↔ brain in such trainings? What is the respective role of independent mental, physical, or combined-mental-physical trainings? Physical practice seems to be

  17. Towards a Security Architecture for Vehicular Ad Hoc Networks

    OpenAIRE

    Plößl, Klaus; Nowey, Thomas; Mletzko, Christian

    2006-01-01

    Vehicular ad hoc networks (VANETs) have the potential to increase road safety and comfort. Especially because of the road safety functions, there is a strong demand for security in VANETs. After defining three application categories the paper outlines main security and privacy requirements in VANETs. Next, a security architecture for VANETs (SAV) is proposed that strives to satisfy the requirements. To find mechanisms applicable in the architecture a survey of existing mechanisms is given.

  18. Security-aware cooperation in cognitive radio networks

    CERN Document Server

    Zhang, Ning

    2014-01-01

    This brief investigates spectrum efficient and energy efficient strategies, known as cognitive radio networks (CRNs), to ensure secure cooperation between licensed and unlicensed users. The authors address issues of spectrum scarcity, spectrum sensing, transmission performance, trust-aware cooperation, and secure communications. Two security-aware cooperation based spectrum access schemes are presented. The first is a trust-aware cooperative framework for CRNs to improve the throughput or energy efficiency of licensed users and offer transmission opportunities to unlicensed users, taking into

  19. Role of physical and mental training in brain network configuration

    Directory of Open Access Journals (Sweden)

    Philip P. Foster

    2015-06-01

    Full Text Available Continuous remodeling of proteins of excitatory neurons is fine-tuning the scaling and strength of excitatory synapses up or down via regulation of intra-cellular metabolic and regulatory networks of the genome-transcriptome-proteome interface. Alzheimer's disease is a model of energy cost-driven small-world network disorder as the network global efficiency is impaired by the deposition of an informed agent, the amyloid-β, selectively targeting high-degree nodes. In schizophrenia, the interconnectivity and density of rich-club networks are significantly reduced. Training-induced homeostatic synaptogenesis-enhancement produces a reconfiguration of brain networks into greater small-worldness. Creation of synaptic connections in a macro-network, and, at the intra-cellular scale, micro-networks regulate the physiological mechanisms for the preferential attachment of synapses. The strongest molecular relationship of exercise and functional connectivity was identified for brain-derived neurotrophic factor (BDNF. The allele variant, rs7294919, also shows a powerful relationship with the hippocampal volume. How the brain achieves this unique quest of reconfiguration remains a puzzle. What are the underlying mechanisms of synaptogenesis promoting communications brain ↔ muscle and brain ↔ brain in such trainings? What is the respective role of independent mental, physical or combined-mental-physical trainings? Physical practice seems to be playing an instrumental role in the cognitive enhancement (brain ↔ muscle com.. However, mental training, meditation or virtual reality (films, games require only minimal motor activity and cardio-respiratory stimulation. Therefore, other potential paths (brain ↔ brain com. molding brain networks are nonetheless essential. Patients with motor neuron disease/injury (e.g. amyotrophic lateral sclerosis, traumatism also achieve successful cognitive enhancement albeit they may only elicit mental practice

  20. Assessment of Performance Measures for Security of the Maritime Transportation Network, Port Security Metrics : Proposed Measurement of Deterrence Capability

    Science.gov (United States)

    2007-01-03

    This report is the thirs in a series describing the development of performance measures pertaining to the security of the maritime transportation network (port security metrics). THe development of measures to guide improvements in maritime security ...

  1. Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking

    Directory of Open Access Journals (Sweden)

    Woosik Lee

    2017-06-01

    Full Text Available In order to build an efficient security architecture, previous studies have attempted to understand complex system architectures and message flows to detect various attack packets. However, the existing hardware-based single security architecture cannot efficiently handle a complex system structure. To solve this problem, we propose a software-defined networking (SDN policy-based scheme for an efficient security architecture. The proposed scheme considers four policy functions: separating, chaining, merging, and reordering. If SDN network functions virtualization (NFV system managers use these policy functions to deploy a security architecture, they only submit some of the requirement documents to the SDN policy-based architecture. After that, the entire security network can be easily built. This paper presents information about the design of a new policy functions model, and it discusses the performance of this model using theoretical analysis.

  2. Assessing Security in Energy-Efficient Sensor Networks

    NARCIS (Netherlands)

    Law, Y.W.; Etalle, Sandro; Dulman, S.O.; Hartel, Pieter H.; Havinga, Paul J.M.; Gritzalis, D.; De Capitani di Vimercati, S.; Samarati, P.; Katsikas, S.K.

    In the EYES project, we are investigating self-organizing, collaborative, energy-efficient sensor networks. This study is devoted to the security aspects of the project. Our contribution is three-fold: firstly, we present a survey, where we discuss the dominant issues of energy-security trade-off in

  3. Towards Secure and Privacy-Preserving Online Social Networking Services

    OpenAIRE

    Gong, Zhenqiang

    2015-01-01

    Online social networking services (e.g., Facebook, Twitter, and Blogger) bring new benefits to almost all aspects of our lives. They have completely transformed how we communicate with each other, how we process information, and how we diffuse social influence. However, these social networking services are also plagued by both conventional and emerging threats to security and privacy. For instance, two fundamental security risks are 1) users’ accounts are compromised by attackers or get lost ...

  4. PKI security in large-scale healthcare networks

    OpenAIRE

    Mantas, G.; Lymberopoulos, D.; Komninos, N.

    2012-01-01

    During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a ...

  5. COLLABORATIVE NETWORK SECURITY MANAGEMENT SYSTEM BASED ON ASSOCIATION MINING RULE

    Directory of Open Access Journals (Sweden)

    Nisha Mariam Varughese

    2014-07-01

    Full Text Available Security is one of the major challenges in open network. There are so many types of attacks which follow fixed patterns or frequently change their patterns. It is difficult to find the malicious attack which does not have any fixed patterns. The Distributed Denial of Service (DDoS attacks like Botnets are used to slow down the system performance. To address such problems Collaborative Network Security Management System (CNSMS is proposed along with the association mining rule. CNSMS system is consists of collaborative Unified Threat Management (UTM, cloud based security centre and traffic prober. The traffic prober captures the internet traffic and given to the collaborative UTM. Traffic is analysed by the Collaborative UTM, to determine whether it contains any malicious attack or not. If any security event occurs, it will reports to the cloud based security centre. The security centre generates security rules based on association mining rule and distributes to the network. The cloud based security centre is used to store the huge amount of tragic, their logs and the security rule generated. The feedback is evaluated and the invalid rules are eliminated to improve the system efficiency.

  6. Quantitative Method for Network Security Situation Based on Attack Prediction

    Directory of Open Access Journals (Sweden)

    Hao Hu

    2017-01-01

    Full Text Available Multistep attack prediction and security situation awareness are two big challenges for network administrators because future is generally unknown. In recent years, many investigations have been made. However, they are not sufficient. To improve the comprehensiveness of prediction, in this paper, we quantitatively convert attack threat into security situation. Actually, two algorithms are proposed, namely, attack prediction algorithm using dynamic Bayesian attack graph and security situation quantification algorithm based on attack prediction. The first algorithm aims to provide more abundant information of future attack behaviors by simulating incremental network penetration. Through timely evaluating the attack capacity of intruder and defense strategies of defender, the likely attack goal, path, and probability and time-cost are predicted dynamically along with the ongoing security events. Furthermore, in combination with the common vulnerability scoring system (CVSS metric and network assets information, the second algorithm quantifies the concealed attack threat into the surfaced security risk from two levels: host and network. Examples show that our method is feasible and flexible for the attack-defense adversarial network environment, which benefits the administrator to infer the security situation in advance and prerepair the critical compromised hosts to maintain normal network communication.

  7. Beijing Lightning Network (BLNET): Configuration, Function and Preliminary Results

    Science.gov (United States)

    Qie, X.; Wang, D.; Wang, Y.; Liu, M.; Tian, Y.; Lu, G.

    2015-12-01

    A regional multi-frequency-band lightning detection network in Beijing (BLNET) has been developed for both research and operational purposes. The network is employed in the experiment of Dynamic-microphysical-electrical Processes in Severe Thunderstorms and Lightning Hazards (Storm973), supported by Ministry of Science and Technology as National Key Basic Research Program of China or 973 Program. The network consisted of 16 stations in 2015 covering most part of The "Jing-Jin-Ji" (Beijing-Tianjin-Hebei) metropolis zone, one of the most developed areas in China. Four different sensors, including slow antenna, fast antenna, magnetic antenna, and VHF antenna, are integrated in each station to detect lightning radiation signals in different frequency band. The Chan algorithm and Levenberg-Marquardt method are adopted jointly in the lightning location algorithm. In addition to locate the lightning radiation pulses in two-dimension or three-dimension in different band, the charge source neutralized by the lightning discharge can be retrieved either. The theoretical horizontal error over the network is less than 200 m and the vertical error is less than 500 m over the network. The comparison of total lightning location results with corresponding radar echoes for thunderstorm cases indicates the good performance of BLNET in the severe convection surveillance. The actual two-dimensional location error in VLF/LF band, compared with a ground truth that acquired with a GPS-synchronized high-speed video camera, is about 250 m.

  8. Network Security Risk Assessment Based on Item Response Theory

    Directory of Open Access Journals (Sweden)

    Fangwei Li

    2015-08-01

    Full Text Available Owing to the traditional risk assessment method has one-sidedness and is difficult to reflect the real network situation, a risk assessment method based on Item Response Theory (IRT is put forward in network security. First of all, the novel algorithms of calculating the threat of attack and the successful probability of attack are proposed by the combination of IRT model and Service Security Level. Secondly, the service weight of importance is calculated by the three-demarcation analytic hierarchy process. Finally, the risk situation graph of service, host and network logic layer could be generated by the improved method. The simulation results show that this method can be more comprehensive consideration of factors which are affecting network security, and a more realistic network risk situation graph in real-time will be obtained.

  9. A game-theoretical approach to multimedia social networks security.

    Science.gov (United States)

    Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

    2014-01-01

    The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders.

  10. A Survey on Secure Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Shihong Zou

    2017-01-01

    Full Text Available Combining tiny sensors and wireless communication technology, wireless body area network (WBAN is one of the most promising fields. Wearable and implantable sensors are utilized for collecting the physiological data to achieve continuously monitoring of people’s physical conditions. However, due to the openness of wireless environment and the significance and privacy of people’s physiological data, WBAN is vulnerable to various attacks; thus, strict security mechanisms are required to enable a secure WBAN. In this article, we mainly focus on a survey on the security issues in WBAN, including securing internal communication in WBAN and securing communication between WBAN and external users. For each part, we discuss and identify the security goals to be achieved. Meanwhile, relevant security solutions in existing research on WBAN are presented and their applicability is analyzed.

  11. WIRELESS SENSOR NETWORKS – ARCHITECTURE, SECURITY REQUIREMENTS, SECURITY THREATS AND ITS COUNTERMEASURES

    OpenAIRE

    Ranjit Panigrahi; Kalpana Sharma; Ghose, M. K.

    2013-01-01

    Wireless Sensor Network (WSN) has a huge range of applications such as battlefield, surveillance, emergency rescue operation and smart home technology etc. Apart from its inherent constraints such as limited memory and energy resources, when deployed in hostile environmental conditions, the sensor nodes are vulnerable to physical capture and other security constraints. These constraints put security as a major challenge for the researchers in the field of computer networking. T...

  12. Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

    Science.gov (United States)

    Paramasivan, B; Kaliappan, M

    2014-01-01

    Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  13. Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    B. Paramasivan

    2014-01-01

    Full Text Available Mobile ad hoc networks (MANETs are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  14. Security Shift in Future Network Architectures

    NARCIS (Netherlands)

    Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

    2010-01-01

    In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT

  15. A Secure Communication Suite for Underwater Acoustic Sensor Networks

    Directory of Open Access Journals (Sweden)

    Angelica Lo Duca

    2012-11-01

    Full Text Available In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead.

  16. A secure communication suite for underwater acoustic sensor networks.

    Science.gov (United States)

    Dini, Gianluca; Lo Duca, Angelica

    2012-11-07

    In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead.

  17. Applying New Network Security Technologies to SCADA Systems.

    Energy Technology Data Exchange (ETDEWEB)

    Hurd, Steven A; Stamp, Jason Edwin; Duggan, David P; Chavez, Adrian R.

    2006-11-01

    Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure "traditional" IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators. 4This page intentionally left blank.

  18. A Secure Communication Suite for Underwater Acoustic Sensor Networks

    Science.gov (United States)

    Dini, Gianluca; Duca, Angelica Lo

    2012-01-01

    In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead. PMID:23202204

  19. Security of Quantum Repeater Network Operation

    Science.gov (United States)

    2016-10-03

    distribution unlimited. larger-scale disruption of the network can be effected through either physical means (e.g., entanglement with in-progress states...is equivalent to the classical Internet silently corrupting data somewhere along a network path without the benefit of hop-by-hop error detection...completely unable to communicate . This represents a new type of vulnerability in network operation, compared to classical networks. This leads us to the

  20. Hierarchical auto-configuration addressing in mobile ad hoc networks (HAAM)

    Science.gov (United States)

    Ram Srikumar, P.; Sumathy, S.

    2017-11-01

    Addressing plays a vital role in networking to identify devices uniquely. A device must be assigned with a unique address in order to participate in the data communication in any network. Different protocols defining different types of addressing are proposed in literature. Address auto-configuration is a key requirement for self organizing networks. Existing auto-configuration based addressing protocols require broadcasting probes to all the nodes in the network before assigning a proper address to a new node. This needs further broadcasts to reflect the status of the acquired address in the network. Such methods incur high communication overheads due to repetitive flooding. To address this overhead, a new partially stateful address allocation scheme, namely Hierarchical Auto-configuration Addressing (HAAM) scheme is extended and proposed. Hierarchical addressing basically reduces latency and overhead caused during address configuration. Partially stateful addressing algorithm assigns addresses without the need for flooding and global state awareness, which in turn reduces the communication overhead and space complexity respectively. Nodes are assigned addresses hierarchically to maintain the graph of the network as a spanning tree which helps in effectively avoiding the broadcast storm problem. Proposed algorithm for HAAM handles network splits and merges efficiently in large scale mobile ad hoc networks incurring low communication overheads.

  1. Securing Communication in Ambient Networks for Speech Therapy Systems

    Directory of Open Access Journals (Sweden)

    ZAHARIA, M. H.

    2007-11-01

    Full Text Available One of the most present issues of computer wireless networks is the security. Comparing with their wired counterpart, the wireless networks not only accentuate some of the well-known security vulnerabilities but they are subject of new and specific ones. Among the existing wireless networks the ad hoc ones are the most exposed to attacks and collusions due to the absence of any centralized control. The most efficient way to ensure the communication secrecy, inclusively for ad hoc wireless networks, is the cryptography. From many reasons, following from specific operating conditions, the employment of asymmetric key techniques and Public Key Infrastructure is not a realistic choice. In the networks with a large number of nodes, as wireless sensor networks, a large number of secret keys are involved in order to ensure the communication secrecy. While dynamicity is one of the essential features of mobile wireless networks, when nodes may leave or join the network and in the absence of a centralized control entity, the management of secret keys is crucial. The paper presents the main aspects of mobile wireless networks security and focuses on the key management issue in ad-hoc wireless networks.In this paper the problem of securing mobile devices used in ambient networks for speech therapy is presented. The main target consists in making various mobile devices involved in speech therapy to maintain both the confidentiality of personal data of the patient and also to avoid interference when simultaneous communicate with the control center. Due to non-technical type of user all password management will be made automatic by the control system. As result the mobile device will have a user transparent security layer added. The problem of people from isolated community treatment is also solved by this approach.

  2. Information Security of PHY Layer in Wireless Networks

    Directory of Open Access Journals (Sweden)

    Weidong Fang

    2016-01-01

    Full Text Available Since the characteristics of wireless channel are open and broadcasting, wireless networks are very vulnerable to be attacked via eavesdropping, jamming, and interference. As traditional secure technologies are not suitable for PHY layer of wireless networks, physical-layer security issues become a focus of attention. In this paper, we firstly identify and summarize the threats and vulnerabilities in PHY layer of wireless networks. Then, we give a holistic overview of PHY layer secure schemes, which are divided into three categories: spatial domain-based, time domain-based, and frequency domain-based. Along the way, we analyze the pros and cons of current secure technologies in each category. In addition, we also conclude the techniques and methods used in these categories and point out the open research issues and directions in this area.

  3. Teaching Network Security in a Virtual Learning Environment

    Science.gov (United States)

    Bergstrom, Laura; Grahn, Kaj J.; Karlstrom, Krister; Pulkkis, Goran; Astrom, Peik

    2004-01-01

    This article presents a virtual course with the topic network security. The course has been produced by Arcada Polytechnic as a part of the production team Computer Networks, Telecommunication and Telecommunication Systems in the Finnish Virtual Polytechnic. The article begins with an introduction to the evolution of the information security…

  4. Assessing Network Services and Security in Nigeria Universities ...

    African Journals Online (AJOL)

    Journal of Computer Science and Its Application ... The paper investigated sources of threats and vulnerabilities to Nigerian university computer networks and assessed the adequacy of security controls in place to ... This was with a view to enhancing the integrity of data transactions on the Universities' computer networks.

  5. On-line Configuration of Network Emulator for Intelligent Energy System Testbed Applications

    DEFF Research Database (Denmark)

    Kemal, Mohammed Seifu; Iov, Florin; Olsen, Rasmus Løvenstein

    2015-01-01

    interface for visualizing, configuring and monitoring of the emulated scenarios and a network socket linking the graphic server and network emulation server on-line. Specifically, our focus area is to build a model that gives us ability to look at some of the challenges on implementing inter...... a mechanism for on-line configuration and monitoring of heterogeneous communication technologies implemented at smart energy system testbed of Aal-borg university. It proposes a model with three main components, a network emulator used to emulate the communication scenarios using KauNet, graphical user...

  6. 32 CFR 2001.50 - Telecommunications automated information systems and network security.

    Science.gov (United States)

    2010-07-01

    ... and network security. 2001.50 Section 2001.50 National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED... network security. Each agency head shall ensure that classified information electronically accessed...

  7. Smart photonic networks and computer security for image data

    Science.gov (United States)

    Campello, Jorge; Gill, John T.; Morf, Martin; Flynn, Michael J.

    1998-02-01

    Work reported here is part of a larger project on 'Smart Photonic Networks and Computer Security for Image Data', studying the interactions of coding and security, switching architecture simulations, and basic technologies. Coding and security: coding methods that are appropriate for data security in data fusion networks were investigated. These networks have several characteristics that distinguish them form other currently employed networks, such as Ethernet LANs or the Internet. The most significant characteristics are very high maximum data rates; predominance of image data; narrowcasting - transmission of data form one source to a designated set of receivers; data fusion - combining related data from several sources; simple sensor nodes with limited buffering. These characteristics affect both the lower level network design and the higher level coding methods.Data security encompasses privacy, integrity, reliability, and availability. Privacy, integrity, and reliability can be provided through encryption and coding for error detection and correction. Availability is primarily a network issue; network nodes must be protected against failure or routed around in the case of failure. One of the more promising techniques is the use of 'secret sharing'. We consider this method as a special case of our new space-time code diversity based algorithms for secure communication. These algorithms enable us to exploit parallelism and scalable multiplexing schemes to build photonic network architectures. A number of very high-speed switching and routing architectures and their relationships with very high performance processor architectures were studied. Indications are that routers for very high speed photonic networks can be designed using the very robust and distributed TCP/IP protocol, if suitable processor architecture support is available.

  8. Quantum secured gigabit optical access networks

    Science.gov (United States)

    Fröhlich, Bernd; Dynes, James F.; Lucamarini, Marco; Sharpe, Andrew W.; Tam, Simon W.-B.; Yuan, Zhiliang; Shields, Andrew J.

    2015-12-01

    Optical access networks connect multiple endpoints to a common network node via shared fibre infrastructure. They will play a vital role to scale up the number of users in quantum key distribution (QKD) networks. However, the presence of power splitters in the commonly used passive network architecture makes successful transmission of weak quantum signals challenging. This is especially true if QKD and data signals are multiplexed in the passive network. The splitter introduces an imbalance between quantum signal and Raman noise, which can prevent the recovery of the quantum signal completely. Here we introduce a method to overcome this limitation and demonstrate coexistence of multi-user QKD and full power data traffic from a gigabit passive optical network (GPON) for the first time. The dual feeder implementation is compatible with standard GPON architectures and can support up to 128 users, highlighting that quantum protected GPON networks could be commonplace in the future.

  9. Computing properties of stable configurations of thermodynamic binding networks

    OpenAIRE

    Breik, Keenan; Prakash, Lakshmi; Thachuk, Chris; Heule, Marijn; Soloveichik, David

    2017-01-01

    Models of molecular computing generally embed computation in kinetics--the specific time evolution of a chemical system. However, if the desired output is not thermodynamically stable, basic physical chemistry dictates that thermodynamic forces will drive the system toward error throughout the computation. The Thermodynamic Binding Network (TBN) model was introduced to formally study how the thermodynamic equilibrium can be made consistent with the desired computation, and it idealizes bindin...

  10. Configuration of the Network of Seismological Stations in Kosova

    OpenAIRE

    , Zenun Elezaj

    2009-01-01

    One of the most rational forms of protection against earthquakes is certainly the seismic monitoring that should provide data for the seismic microzoning, planning and design of new structures as well as data for comparison of the input seismic design parameters with the actual data on the occurred earthquakes. From these reasons, it was decided to install a network of 8 seismological stations in the Kosovo territory that will be telemetrically connected with the central station in Prishtina ...

  11. The Network Configuration of an Object Relational Database Management System

    Science.gov (United States)

    Diaz, Philip; Harris, W. C.

    2000-01-01

    The networking and implementation of the Oracle Database Management System (ODBMS) requires developers to have knowledge of the UNIX operating system as well as all the features of the Oracle Server. The server is an object relational database management system (DBMS). By using distributed processing, processes are split up between the database server and client application programs. The DBMS handles all the responsibilities of the server. The workstations running the database application concentrate on the interpretation and display of data.

  12. Security-Enhanced Autonomous Network Management for Space Networking Project

    Data.gov (United States)

    National Aeronautics and Space Administration — NASA's Space Communications and Navigation (SCaN) program is integrating its three current agency networks: Space Network (SN), Deep Space Network (DSN), and Near...

  13. Applied network security monitoring collection, detection, and analysis

    CERN Document Server

    Sanders, Chris

    2013-01-01

    Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM. Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major di

  14. Security of Mobile Devices and Wi-Fi Networks

    OpenAIRE

    Hong, Zimeng

    2015-01-01

    Along with the progress of times and the development of science and technology, mobile devices have become more and more popular. At the same time, an increasing number of Wi-Fi networks are being built for the demand of mobile devices. Therefore, the security between mobile devices and Wi-Fi networks became a main object in the IT area. The purpose of the thesis is to analyze security threats and give relative advises for all the mobile device and Wi-Fi network users. The thesis mainly ta...

  15. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

    Science.gov (United States)

    Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

    2015-09-25

    Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  16. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas

    Directory of Open Access Journals (Sweden)

    Ze Wang

    2015-09-01

    Full Text Available Network security is one of the most important issues in mobile sensor networks (MSNs. Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA is proposed to resist malicious attacks by using mobile nodes’ dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  17. Elliptic Curve Cryptography with Security System in Wireless Sensor Networks

    Science.gov (United States)

    Huang, Xu; Sharma, Dharmendra

    2010-10-01

    The rapid progress of wireless communications and embedded micro-electro-system technologies has made wireless sensor networks (WSN) very popular and even become part of our daily life. WSNs design are generally application driven, namely a particular application's requirements will determine how the network behaves. However, the natures of WSN have attracted increasing attention in recent years due to its linear scalability, a small software footprint, low hardware implementation cost, low bandwidth requirement, and high device performance. It is noted that today's software applications are mainly characterized by their component-based structures which are usually heterogeneous and distributed, including the WSNs. But WSNs typically need to configure themselves automatically and support as hoc routing. Agent technology provides a method for handling increasing software complexity and supporting rapid and accurate decision making. This paper based on our previous works [1, 2], three contributions have made, namely (a) fuzzy controller for dynamic slide window size to improve the performance of running ECC (b) first presented a hidden generation point for protection from man-in-the middle attack and (c) we first investigates multi-agent applying for key exchange together. Security systems have been drawing great attentions as cryptographic algorithms have gained popularity due to the natures that make them suitable for use in constrained environment such as mobile sensor information applications, where computing resources and power availability are limited. Elliptic curve cryptography (ECC) is one of high potential candidates for WSNs, which requires less computational power, communication bandwidth, and memory in comparison with other cryptosystem. For saving pre-computing storages recently there is a trend for the sensor networks that the sensor group leaders rather than sensors communicate to the end database, which highlighted the needs to prevent from the man

  18. Enhanced Multiple Routing Configurations For Fast IP Network Recovery From Multiple Failures

    OpenAIRE

    T Anji Kumar & Dr MHM Krishna Prasad

    2011-01-01

    Now a days, Internet plays a major role in our day to day activities e.g., for online transactions,online shopping, and other network related applications. Internet suffers from slow convergenceof routing protocols after a network failure which becomes a growing problem. Multiple RoutingConfigurations [MRC] recovers network from single node/link failures, but does not supportnetwork from multiple node/link failures. In this paper, we propose Enhanced MRC [EMRC], tosupport multiple node/link f...

  19. Certificate Based Security Services in Adhoc Sensor Network

    OpenAIRE

    Shahin Fatima; Shish Ahmad; P. M. Khan

    2014-01-01

    The paper entitled “CERTIFICATE BASED SECURITY SERVICES IN ADHOC SENSOR NETWORK” proposed an approach in which the aim is to find the method for authentication which is more energy efficient and reduces the transmission time of the network. MANETs are of dynamic topology and have no predefined infrastructure. Due to its dynamic topology this network is prone to various kinds of vulnerable attacks. Sensor networks are battery operated and is a major concern. Methods on ID based Authentication ...

  20. Network Security via Biometric Recognition of Patterns of Gene Expression

    Science.gov (United States)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

  1. Dynamic Security Assessment Of Computer Networks In Siem-Systems

    Directory of Open Access Journals (Sweden)

    Elena Vladimirovna Doynikova

    2015-10-01

    Full Text Available The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems. Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios.

  2. Network Security via Biometric Recognition of Patterns of Gene Expression

    Science.gov (United States)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

  3. Risk, Privacy, and Security in Computer Networks

    OpenAIRE

    Årnes, Andre

    2006-01-01

    With an increasingly digitally connected society comes complexity, uncertainty, and risk. Network monitoring, incident management, and digital forensics is of increasing importance with the escalation of cybercrime and other network supported serious crimes. New laws and regulations governing electronic communications, cybercrime, and data retention are being proposed, continuously requiring new methods and tools. This thesis introduces a novel approach to real-time network risk assessmen...

  4. Single-shot secure quantum network coding on butterfly network with free public communication

    Science.gov (United States)

    Owari, Masaki; Kato, Go; Hayashi, Masahito

    2018-01-01

    Quantum network coding on the butterfly network has been studied as a typical example of quantum multiple cast network. We propose a secure quantum network code for the butterfly network with free public classical communication in the multiple unicast setting under restricted eavesdropper’s power. This protocol certainly transmits quantum states when there is no attack. We also show the secrecy with shared randomness as additional resource when the eavesdropper wiretaps one of the channels in the butterfly network and also derives the information sending through public classical communication. Our protocol does not require verification process, which ensures single-shot security.

  5. Security in RFID and sensor networks

    CERN Document Server

    Kitsos, Paris

    2009-01-01

    Security in RFIDMulti-Tag RFID Systems, L. Bolotnyy and G. RobinsAttacking RFID Systems, P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. RibagordaRFID Relay Attacks: System Analysis,Modeling, and Implementation, A. Lima, A. Miri, and M. NevinsPhysical Privacy and Security in RFID Systems, L. Bolotnyy and G. RobinsAuthentication Protocols in RFID Systems, G. Pantelic, S. Bojanic, and V. TomaševicLightweight Cryptography for Low-Cost RFID Tags, P. Peris-Lopez, J.C.

  6. Sensor data security level estimation scheme for wireless sensor networks.

    Science.gov (United States)

    Ramos, Alex; Filho, Raimir Holanda

    2015-01-19

    Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

  7. Cyber Security Research Frameworks For Coevolutionary Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Rush, George D. [Missouri Univ. of Science and Technology, Rolla, MO (United States); Tauritz, Daniel Remy [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  8. Secure collaborative system in heterogenous wireless sensor networks

    Directory of Open Access Journals (Sweden)

    M. Kasraoui

    2015-04-01

    Full Text Available The IPv6 over Low power Wireless Personal Area Networks (6LoWPANs have turned out to be one of the most emerging field in Wireless Sensor Networks (WSNs which can be integrated with Internet technology. 6LoWPAN network consists of heterogeneous wireless sensors which have high resource-constraints such as bandwidth, processing power, memory, energy, etc. The resource-constraints put forth many challenges to apply the available standard security protocols such as Transport Layer Security (TLS, Internet Protocol Security (IPSec, Internet Key Exchange version 2 (IKEv2, etc., for the interconnection of Heterogeneous Wireless Sensor Networks (HWSNs with Internet. To overcome these situations, the researchers aimed to reinforce and adapt the end-to-end security between Internet and the IP enabled sensor networks. The above mentioned security protocols are not modified at the Internet end point in HWSNs. Hence we are proposing a novel Cooperative Key Exchange System (CKES by using the concept of Chinese Remainder Theorem (CRT. We have used NS2 simulator to implement the proposed concept and also compared with IKEv2.

  9. Statistical Analysis of the Main Configuration Parameters of the Network Dynamic and Adaptive Radio Protocol (DARP

    Directory of Open Access Journals (Sweden)

    Francisco José Estevez

    2017-06-01

    Full Text Available The present work analyses the wireless sensor network protocol (DARP and the impact of different configuration parameter sets on its performance. Different scenarios have been considered, in order to gain a better understanding of the influence of the configuration on network protocols. The developed statistical analysis is based on the method known as Analysis of Variance (ANOVA, which focuses on the effect of the configuration on the performance of DARP. Three main dependent variables were considered: number of control messages sent during the set-up time, energy consumption and convergence time. A total of 20,413 simulations were carried out to ensure greater robustness in the statistical conclusions. The main goal of this work is to discover the most critical configuration parameters for the protocol, with a view to potential applications in Smart City type scenarios.

  10. Routing in Vehicular Networks: Feasibility, Modeling, and Security

    Directory of Open Access Journals (Sweden)

    Ioannis Broustis

    2008-01-01

    Full Text Available Vehicular networks are sets of surface transportation systems that have the ability to communicate with each other. There are several possible network architectures to organize their in-vehicle computing systems. Potential schemes may include vehicle-to-vehicle ad hoc networks, wired backbone with wireless last hops, or hybrid architectures using vehicle-to-vehicle communications to augment roadside communication infrastructures. Some special properties of these networks, such as high mobility, network partitioning, and constrained topology, differentiate them from other types of wireless networks. We provide an in-depth discussion on the important studies related to architectural design and routing for such networks. Moreover, we discuss the major security concerns appearing in vehicular networks.

  11. Collaboration using roles. [in computer network security

    Science.gov (United States)

    Bishop, Matt

    1990-01-01

    Segregation of roles into alternative accounts is a model which provides not only the ability to collaborate but also enables accurate accounting of resources consumed by collaborative projects, protects the resources and objects of such a project, and does not introduce new security vulnerabilities. The implementation presented here does not require users to remember additional passwords and provides a very simple consistent interface.

  12. Security Issues in Networks with Internet Access

    Science.gov (United States)

    1997-01-01

    implements SSL [ FKK 96] or SHTTP [ReSc 97] protocols [IETF]) can be used, and orders can be restricted to those originating from Web clients that...93, pages 1962-1979, ISBN 0- 8493-2909-4. [FIRST] Forum of Incident Response and Security Teams. http://www.first.org/ [ FKK 96] Freier, A.O., P

  13. Security Implications of Human-Trafficking Networks

    Science.gov (United States)

    2007-06-15

    to those security concerns. Background How is Human Trafficking Carried Out? While trafficking victims are often found in sweatshops , domestic...labor. This type of trafficking is often found in agricultural labor, the production of goods (typically called sweatshops ) and construction labor

  14. Secure Communication in Vehicular Networks - PRESERVE Demo

    NARCIS (Netherlands)

    Lagana, M.; Feiri, Michael; Sall, M.; Lange, M.; Tomatis, A.; Papadimitratos, P.

    2012-01-01

    Security and privacy are fundamental prerequisites for the deployment of vehicular communications. The near-deployment status of Safety Applications for Intelligent Transport Systems (ITS) calls for strong evidence on the applicability of proposed research solutions, notably close-to-reality

  15. NOTICE OF ELECTRICAL CUT - TEST OF THE SECURED NETWORK

    CERN Multimedia

    Electrical Service ST/EL

    2001-01-01

    The electrical service ST/EL will test the switching sequence between the secured network and the diesel generators on January 8, 2002. The normal network, general services of the sites Meyrin, Prevessin, SPS, Zone Nord, LHC1 and LHC18 will be cut between 6:00am and 6:10am. The secured network will be resupplied by the diesel generators after approximately 1 minute. The UPS network will not be affected. To facilitate the restart of the electrical network and to minimize the impact of the tests on critical equipment, we would like to ask you to stop any equipment that might suffer major inconveniences during the tests (e.g. computers). For any further information, please do not hesitate to contact the Technical Control Room TCR (72201) or G. Cumer (160592).

  16. Secure Geographic Routing in Ad Hoc and Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Zahariadis Theodore

    2010-01-01

    Full Text Available Security in sensor networks is one of the most relevant research topics in resource constrained wireless devices and networks. Several attacks can be suffered in ad hoc and wireless sensor networks (WSN, which are highly susceptible to attacks, due to the limited resources of the nodes. In this paper, we propose innovative and lightweight localization techniques that allow for intrusion identification and isolation schemes and provide accurate location information. This information is used by our routing protocol which additionally incorporates a distributed trust model to prevent several routing attacks to the network. We finally evaluate our algorithms for accurate localization and for secure routing which have been implemented and tested in real ad hoc and wireless sensor networks.

  17. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation.

    Science.gov (United States)

    Rahayu, Triana Mugia; Lee, Sang-Gon; Lee, Hoon-Jae

    2015-06-26

    The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  18. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

    Directory of Open Access Journals (Sweden)

    Triana Mugia Rahayu

    2015-06-01

    Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  19. A survey of visualization systems for network security.

    Science.gov (United States)

    Shiravi, Hadi; Shiravi, Ali; Ghorbani, Ali A

    2012-08-01

    Security Visualization is a very young term. It expresses the idea that common visualization techniques have been designed for use cases that are not supportive of security-related data, demanding novel techniques fine tuned for the purpose of thorough analysis. Significant amount of work has been published in this area, but little work has been done to study this emerging visualization discipline. We offer a comprehensive review of network security visualization and provide a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area. We outline the incorporated visualization techniques and data sources and provide an informative table to display our findings. From the analysis of these systems, we examine issues and concerns regarding network security visualization and provide guidelines and directions for future researchers and visual system developers.

  20. Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

    Science.gov (United States)

    Somasundaram, M; Sivakumar, R

    2015-01-01

    Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

  1. Dynamic Virtual LANs for Adaptive Network Security

    National Research Council Canada - National Science Library

    Merani, Diego; Berni, Alessandro; Leonard, Michel

    2004-01-01

    The development of Network-Enabled capabilities in support of undersea research requires architectures for the interconnection and data sharing that are flexible, scalable, and built on open standards...

  2. Network Basic Language Translation System: Security Infrastructure

    National Research Council Canada - National Science Library

    Mittrick, Mark R

    2007-01-01

    .... The Network Basic Language Translation System (NetBLTS) was proposed and accepted as part of the U.S. Army Research Laboratory's offering of initiatives within the Horizontal Fusion portfolio in 2003...

  3. An intrusion prevention system as a proactive security mechanism in network infrastructure

    Directory of Open Access Journals (Sweden)

    Dulanović Nenad

    2008-01-01

    Full Text Available A properly configured firewall is a good starting point in securing a computer network. However, complex network environments that involve higher number of participants and endpoints require better security infrastructure. Intrusion Detection Systems (IDS, proposed as a solution to perimeter defense, have many open problems and it is clear that better solutions must be found. Due to many unsolved problems associated with IDS, Intrusion Prevention Systems (IPS are introduced. The main idea in IPS is to be proactive. This paper gives an insight of Cobrador Bouncer IPS implementation. System architecture is given and three different Bouncer IPS deployment modes are presented. The Bouncer IPS as a proactive honeypot is also discussed.

  4. Security of Quantum Repeater Network Operation

    Science.gov (United States)

    2016-10-03

    taxonomies for RFID tags, because both RFID tags and quantum links and nodes are sensitive to their local environment, and attacks at the physical level...vulnerable to being hacked . Thus, operation of the quantum repeater network is vulnerable to undetectable disruption of the network operation. This...Jogenfors, J., Elhassan, A. M., Ahrens, J., Bourennane, M., & Larsson, J. (2015). Hacking the Bell test using classical light in energy-time

  5. Microcontroller Protocol for Secure Broadcast in Controller Area Networks

    OpenAIRE

    B Vijayalakshmi; Kumar, K

    2014-01-01

    Controller Area Network is a bus commonly used by controllers inside vehicles and in various industrial control applications. In the past controllers were assumed to operate in secure perimeters, but today these environments are well connected to the outside world and recent incidents showed them extremely vulnerable to cyber-attacks. To withstand such threats, one can implement security in the application layer of CAN. Here we design, refine and implement a broadcast authenti...

  6. A Quick review of Network Security and Steganography

    OpenAIRE

    Gandharba Swain; Saroj Kumar Lanka

    2012-01-01

    In this paper we present a classification of network security techniques such as: secrecy, authentication, non-repudiation and integrity control. The secrecy techniques are two categories: cryptography and steganography. Steganography like cryptography is a very useful technique to achieve secrecy in communication. If both cryptography and steganography are used then the communication becomes two fold secured. All the major techniques on image steganography proposed by different researcher...

  7. Transmission Network Expansion Planning Considering Desired Generation Security

    Directory of Open Access Journals (Sweden)

    Samaneh GOLESTANI

    2014-02-01

    Full Text Available Transmission Network Expansion Planning (TNEP is an important part of power system planning in both conventional and new structured power market. Its goal is to minimize the network construction and operational cost while satisfying the demand increase, considering technical and economic conditions. Planning algorithm in this paper consisted of two stages. The former specifies highly uncertain lines and probability of congestion, considering desired generation security level (e.g. N-2 generation security level. The latter determines the optimal expansion capacity of existing lines. Splitting required capacity for reinforcement of weak lines due to desired generation security level simplifies the TNEP problem. In addition, it monitors the impact of generation uncertainty on transmission lines. Simulation results of the proposed idea are presented for IEEE-RTS-24bus network.

  8. HARDWARE IMPLEMENTATION OF SECURE AODV FOR WIRELESS SENSOR NETWORKS

    Directory of Open Access Journals (Sweden)

    S. Sharmila

    2010-12-01

    Full Text Available Wireless Sensor Networks are extremely vulnerable to any kind of routing attacks due to several factors such as wireless transmission and resource-constrained nodes. In this respect, securing the packets is of great importance when designing the infrastructure and protocols of sensor networks. This paper describes the hardware architecture of secure routing for wireless sensor networks. The routing path is selected using Ad-hoc on demand distance vector routing protocol (AODV. The data packets are converted into digest using hash functions. The functionality of the proposed method is modeled using Verilog HDL in MODELSIM simulator and the performance is compared with various target devices. The results show that the data packets are secured and defend against the routing attacks with minimum energy consumption.

  9. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  10. Secure and Efficient Network Fault Localization

    Science.gov (United States)

    2012-02-27

    Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law , no person shall be subject...securing data delivery. In a nutshell , a fault localization protocol monitors data forwarding at each hop and localizes abnormally high packet loss...less overhead achieved with the Rocketfuel 108 CHAPTER 6. TRUENET 100 1000 10000 100000 1e+06 1e+07 1e+08 1e+09 ATL CHI HOU KAN LA NYC SLC SEA

  11. Securing Information with Complex Optical Encryption Networks

    Science.gov (United States)

    2015-08-11

    easily generated by using amplitude-only spatial light modulator . When the designed aperture is sequentially moved in the transverse domain, a series...Xudong Chen, “Fractional Fourier domain optical image hiding using phase retrieval algorithm based on iterative nonlinear double random phase...Final 3. DATES COVERED (From - To) 18 April 2013 to 17 April 2015 4. TITLE AND SUBTITLE Securing Information with Complex Optical

  12. Automated security management

    CERN Document Server

    Al-Shaer, Ehab; Xie, Geoffrey

    2013-01-01

    In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Managemen

  13. Secure and Authenticated Data Communication in Wireless Sensor Networks.

    Science.gov (United States)

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-08-10

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

  14. 75 FR 44800 - Notice of Meeting of the Homeland Security Information Network Advisory Committee, Tuesday...

    Science.gov (United States)

    2010-07-29

    ... SECURITY Notice of Meeting of the Homeland Security Information Network Advisory Committee, Tuesday, August... meeting. SUMMARY: The Homeland Security Information Network Advisory Committee (HSINAC) will meet from... Homeland Security Information Network Advisory Committee is to identify issues and provide to senior...

  15. 78 FR 34665 - Homeland Security Information Network Advisory Committee (HSINAC); Meeting

    Science.gov (United States)

    2013-06-10

    ... SECURITY Homeland Security Information Network Advisory Committee (HSINAC); Meeting AGENCY: OPS/OCIO, DHS... Security Information Network Advisory Committee (HSINAC) will meet on Tuesday, June 25th, 2013 from 1 p.m...: http://www.dhs.gov/homeland-security-information-network-advisory-committee . There is a meeting room...

  16. GFI Network Security and PCI Compliance Power Tools

    CERN Document Server

    Posey, Brien

    2008-01-01

    Today all companies, U.S. federal agencies, and non-profit organizations have valuable data on their servers that needs to be secured. One of the challenges for IT experts is learning how to use new products in a time-efficient manner, so that new implementations can go quickly and smoothly. Learning how to set up sophisticated products is time-consuming, and can be confusing. GFI's LANguard Network Security Scanner reports vulnerabilities so that they can be mitigated before unauthorized intruders can wreck havoc on your network. To take advantage of the best things that GFI's LANguard Networ

  17. Quantitative Analysis of the Security of Software-Defined Network Controller Using Threat/Effort Model

    Directory of Open Access Journals (Sweden)

    Zehui Wu

    2017-01-01

    Full Text Available SDN-based controller, which is responsible for the configuration and management of the network, is the core of Software-Defined Networks. Current methods, which focus on the secure mechanism, use qualitative analysis to estimate the security of controllers, leading to inaccurate results frequently. In this paper, we employ a quantitative approach to overcome the above shortage. Under the analysis of the controller threat model we give the formal model results of the APIs, the protocol interfaces, and the data items of controller and further provide our Threat/Effort quantitative calculation model. With the help of Threat/Effort model, we are able to compare not only the security of different versions of the same kind controller but also different kinds of controllers and provide a basis for controller selection and secure development. We evaluated our approach in four widely used SDN-based controllers which are POX, OpenDaylight, Floodlight, and Ryu. The test, which shows the similarity outcomes with the traditional qualitative analysis, demonstrates that with our approach we are able to get the specific security values of different controllers and presents more accurate results.

  18. Pseudo-random dynamic address configuration (PRDAC) algorithm for mobile ad hoc networks

    Science.gov (United States)

    Wu, Shaochuan; Tan, Xuezhi

    2007-11-01

    By analyzing all kinds of address configuration algorithms, this paper provides a new pseudo-random dynamic address configuration (PRDAC) algorithm for mobile ad hoc networks. Based on PRDAC, the first node that initials this network randomly chooses a nonlinear shift register that can generates an m-sequence. When another node joins this network, the initial node will act as an IP address configuration sever to compute an IP address according to this nonlinear shift register, and then allocates this address and tell the generator polynomial of this shift register to this new node. By this means, when other node joins this network, any node that has obtained an IP address can act as a server to allocate address to this new node. PRDAC can also efficiently avoid IP conflicts and deal with network partition and merge as same as prophet address (PA) allocation and dynamic configuration and distribution protocol (DCDP). Furthermore, PRDAC has less algorithm complexity, less computational complexity and more sufficient assumption than PA. In addition, PRDAC radically avoids address conflicts and maximizes the utilization rate of IP addresses. Analysis and simulation results show that PRDAC has rapid convergence, low overhead and immune from topological structures.

  19. Robust Networking Architecture and Secure Communication Scheme for Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    McNeal, McKenzie, III.

    2012-01-01

    Current networking architectures and communication protocols used for Wireless Sensor Networks (WSNs) have been designed to be energy efficient, low latency, and long network lifetime. One major issue that must be addressed is the security in data communication. Due to the limited capabilities of low cost and small sized sensor nodes, designing…

  20. MLS-Net and SecureParser®: A New Method for Securing and Segregating Network Data

    Directory of Open Access Journals (Sweden)

    Robert A. Johnson

    2008-10-01

    Full Text Available A new method of network security and virtualization is presented which allows the consolidation of multiple network infrastructures dedicated to single security levels or communities of interest onto a single, virtualized network. An overview of the state of the art of network security protocols is presented, including the use of SSL, IPSec, and HAIPE IS, followed by a discussion of the SecureParser® technology and MLS-Net architecture, which in combination allow the virtualization of local network enclaves.

  1. PKI security in large-scale healthcare networks.

    Science.gov (United States)

    Mantas, Georgios; Lymberopoulos, Dimitrios; Komninos, Nikos

    2012-06-01

    During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a large-scale Internet-based healthcare network connecting a wide spectrum of healthcare units geographically distributed within a wide region. Furthermore, the proposed PKI infrastructure facilitates the trust issues that arise in a large-scale healthcare network including multi-domain PKI infrastructures.

  2. Threats and countermeasures for network security

    Science.gov (United States)

    Denning, Peter J.

    1991-01-01

    In the late 1980's, the traditional threat of anonymous break-ins to networked computers was joined by viruses and worms, multiplicative surrogates that carry out the bidding of their authors. Technologies for authentication and secrecy, supplemented by good management practices, are the principal countermeasures. Four articles on these subjects are presented.

  3. Security and Privacy in Online Social Networks

    Science.gov (United States)

    Cutillo, Leucio Antonio; Manulis, Mark; Strufe, Thorsten

    Social Network Services (SNS) are currently drastically revolutionizing the way people interact, thus becoming de facto a predominant service on the web, today.1 The impact of this paradigm change on socioeconomic and technical aspects of collaboration and interaction is comparable to that caused by the deployment of World Wide Web in the 1990s.

  4. Security Threats in Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Giannetsos, Athanasios

    2011-01-01

    of the most severe routing attacks against sensor networks, namely the sinkhole and wormhole attacks, and we emphasize on strategies that an attacker can follow to successfully launch them. Then we propose novel localized countermeasures that can make legitimate nodes become aware of the threat, while...

  5. Secure Remote Network Administration and Power Management

    Science.gov (United States)

    2004-06-01

    connectors without the use of a repeater can affect network performance detrimentally. A repeater is essentially an amplifier used in series to boost......assistance, phone lines at both the local and remote locations are required, but the touchtone controller allows other devices to share the Telco line

  6. Resilient Secure Aggregation for Vehicular Networks

    NARCIS (Netherlands)

    Dietzel, Stefan; Schoch, Elmar; Kargl, Frank; Könings, Bastian; Weber, M.

    Innovative ways to use ad hoc networking between vehicles are an active research topic and numerous proposals have been made for applications that make use of it. Due to the bandwidth-limited wireless communication medium, scalability is one crucial factor for the success of these future protocols.

  7. Self-Securing Network Interfaces: What, Why and How?

    Science.gov (United States)

    2002-05-01

    G. Anagnostakis, William A. Arbaugh, Angelos D. Keromytis, and Jonathan M. Smith. The price of safety in an active network. MS–CIS–99–04. Depart- ment...of Computer and Information Science, University of Pennsylvania, 1999. [4] Thomas E. Anderson, David E. Culler , and David A. Patterson. A case for...NOW (networks of workstations). IEEE Micro, 15(1):54–64, February 1995. [5] William A. Arbaugh, David J. Farber, and Jonathan M. Smith. A secure and

  8. Enabling Secure High-Performance Wireless Ad Hoc Networking

    Science.gov (United States)

    2003-05-29

    Carl Meyer, and Jonathan Oseas. Generating Strong One-Way Functions with Cryptographic Algorithm. 27:5658–5659, 1985. [119] Marshall Kirk McKusick... Culler , and J. D. Tygar. SPINS: Security Protocols for Sensor Networks. In Proceedings of the Seventh Annual International Conference on Mobile...David L. Tennenhouse, Jonathan M. Smith, W. David Sincoskie, David J. Wetherall, and Gary J. Minden. A Survey of Active Network Research. IEEE

  9. A Survey on Privacy and Security in Online Social Networks

    OpenAIRE

    Kayes, Imrul; Iamnitchi, Adriana

    2015-01-01

    Online Social Networks (OSN) are a permanent presence in today's personal and professional lives of a huge segment of the population, with direct consequences to offline activities. Built on a foundation of trust-users connect to other users with common interests or overlapping personal trajectories-online social networks and the associated applications extract an unprecedented volume of personal information. Unsurprisingly, serious privacy and security risks emerged, positioning themselves a...

  10. Security Attacks and its Countermeasures in Wireless Sensor Networks

    OpenAIRE

    Rajkumar; Vani B. A

    2014-01-01

    Wireless Sensor Networks have come to the forefront of the scientific community recently. Present WSNs typically communicate directly with a centralized controller or satellite. Going on the other hand, a smart WSN consists of a number of sensors spread across a geographical area; each sensor has wireless communication ability and sufficient intelligence for signal processing and networking of the data. This paper surveyed the different types of attacks, security related issue...

  11. A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

    Directory of Open Access Journals (Sweden)

    Shibo Luo

    2015-12-01

    Full Text Available Software-Defined Networking-based Mobile Networks (SDN-MNs are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

  12. A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

    Science.gov (United States)

    Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

    2015-12-17

    Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

  13. Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

    Science.gov (United States)

    Gilliam, D. P.; Powell, J. D.

    2002-01-01

    This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

  14. Multimedia Fusion for Public Security in Heterogeneous Sensor Networks

    Directory of Open Access Journals (Sweden)

    Jiangfan Feng

    2014-01-01

    Full Text Available Public security is a widespread disastrous phenomenon that constitutes a grave threat. Although information fusion of video sensor networks for public security has been studied extensively, multimedia fusion in heterogeneous sensor networks or its application in public security remains a challenge and central goal in the field of information fusion. In this study, to realize the detection, monitoring, and intelligent alarm of such hazards, we develop a graph-based real-time schema for studying the dynamic structure of heterogeneous sensors for public security. In the proposed schema, data fusion algorithms based on data-driven aspects of fusion are explored to locate the optimal sensing ranges of sensor nodes in a network with heterogeneous targets. In addition, we propose a framework incorporating useful contextual and temporal cues for public security alarm, explore its conceptualizations, benefits, and challenges, and analyze the correlations of the target motion elements in the multimedia sensor stream. The experimental results show that the new method offers a better way of intelligent alarm that cannot be achieved by existing schemes.

  15. Qualitative Network Analysis Tools for the Configurative Articulation of Cultural Value and Impact from Research

    Science.gov (United States)

    Oancea, Alis; Florez Petour, Teresa; Atkinson, Jeanette

    2017-01-01

    This article introduces a methodological approach for articulating and communicating the impact and value of research: qualitative network analysis using collaborative configuration tracing and visualization. The approach was proposed initially in Oancea ("Interpretations and Practices of Research Impact across the Range of Disciplines…

  16. "Development Radar": The Co-Configuration of a Tool in a Learning Network

    Science.gov (United States)

    Toiviainen, Hanna; Kerosuo, Hannele; Syrjala, Tuula

    2009-01-01

    Purpose: The paper aims to argue that new tools are needed for operating, developing and learning in work-life networks where academic and practice knowledge are intertwined in multiple levels of and in boundary-crossing across activities. At best, tools for learning are designed in a process of co-configuration, as the analysis of one tool,…

  17. Self-Configuration and Self-Optimization Process in Heterogeneous Wireless Networks

    Science.gov (United States)

    Guardalben, Lucas; Villalba, Luis Javier García; Buiati, Fábio; Sobral, João Bosco Mangueira; Camponogara, Eduardo

    2011-01-01

    Self-organization in Wireless Mesh Networks (WMN) is an emergent research area, which is becoming important due to the increasing number of nodes in a network. Consequently, the manual configuration of nodes is either impossible or highly costly. So it is desirable for the nodes to be able to configure themselves. In this paper, we propose an alternative architecture for self-organization of WMN based on Optimized Link State Routing Protocol (OLSR) and the ad hoc on demand distance vector (AODV) routing protocols as well as using the technology of software agents. We argue that the proposed self-optimization and self-configuration modules increase the throughput of network, reduces delay transmission and network load, decreases the traffic of HELLO messages according to network’s scalability. By simulation analysis, we conclude that the self-optimization and self-configuration mechanisms can significantly improve the performance of OLSR and AODV protocols in comparison to the baseline protocols analyzed. PMID:22346584

  18. Self-Configuration and Self-Optimization Process in Heterogeneous Wireless Networks

    Directory of Open Access Journals (Sweden)

    Eduardo Camponogara

    2010-12-01

    Full Text Available Self-organization in Wireless Mesh Networks (WMN is an emergent research area, which is becoming important due to the increasing number of nodes in a network. Consequently, the manual configuration of nodes is either impossible or highly costly. So it is desirable for the nodes to be able to configure themselves. In this paper, we propose an alternative architecture for self-organization of WMN based on Optimized Link State Routing Protocol (OLSR and the ad hoc on demand distance vector (AODV routing protocols as well as using the technology of software agents. We argue that the proposed self-optimization and self-configuration modules increase the throughput of network, reduces delay transmission and network load, decreases the traffic of HELLO messages according to network’s scalability. By simulation analysis, we conclude that the self-optimization and self-configuration mechanisms can significantly improve the performance of OLSR and AODV protocols in comparison to the baseline protocols analyzed.

  19. Mobile Assisted Security in Wireless Sensor Networks

    Science.gov (United States)

    2015-08-03

    falsify the routing packets to disrupt the routing tables [6]. In the wormhole attack, an adversary tunnels messages re- ceived in one part of the...station that they are only one or two hops away via the wormhole [5]. To defend against wormhole attacks, a leash is added to a packet to restrict the...Packet leashes: a defense against wormhole attacks in wireless networks. In INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer

  20. Network Security Threats and Protection Models

    OpenAIRE

    Kumar, Amit; Malhotra, Santosh

    2015-01-01

    In a brave new age of global connectivity and e-commerce, interconnections via networks have heightened, creating for both individuals and organizations, a state of complete dependence upon vulnerable systems for storage and transfer of information. Never before, have so many people had power in their own hands. The power to deface websites, access personal mail accounts, and worse more the potential to bring down entire governments, and financial corporations through openly documented softwa...

  1. Security in Wireless Sensor Networks Employing MACGSP6

    Science.gov (United States)

    Nitipaichit, Yuttasart

    2010-01-01

    Wireless Sensor Networks (WSNs) have unique characteristics which constrain them; including small energy stores, limited computation, and short range communication capability. Most traditional security algorithms use cryptographic primitives such as Public-key cryptography and are not optimized for energy usage. Employing these algorithms for the…

  2. Design and implementation of a high performance network security processor

    Science.gov (United States)

    Wang, Haixin; Bai, Guoqiang; Chen, Hongyi

    2010-03-01

    The last few years have seen many significant progresses in the field of application-specific processors. One example is network security processors (NSPs) that perform various cryptographic operations specified by network security protocols and help to offload the computation intensive burdens from network processors (NPs). This article presents a high performance NSP system architecture implementation intended for both internet protocol security (IPSec) and secure socket layer (SSL) protocol acceleration, which are widely employed in virtual private network (VPN) and e-commerce applications. The efficient dual one-way pipelined data transfer skeleton and optimised integration scheme of the heterogenous parallel crypto engine arrays lead to a Gbps rate NSP, which is programmable with domain specific descriptor-based instructions. The descriptor-based control flow fragments large data packets and distributes them to the crypto engine arrays, which fully utilises the parallel computation resources and improves the overall system data throughput. A prototyping platform for this NSP design is implemented with a Xilinx XC3S5000 based FPGA chip set. Results show that the design gives a peak throughput for the IPSec ESP tunnel mode of 2.85 Gbps with over 2100 full SSL handshakes per second at a clock rate of 95 MHz.

  3. Assessing Security-Critical Energy-Efficient Sensor Networks

    NARCIS (Netherlands)

    Law, Y.W.; Dulman, S.O.; Etalle, Sandro; Havinga, Paul J.M.

    In the EYES project (http://eyes.eu.org), we are investigating self-organizing, collaborative, energy-efficient sensor networks. This study is devoted to the security aspects of the project. Our contribution is three-fold: firstly, we present a survey, where we discuss the dominant issues of

  4. Security Evaluation of the Cyber Networks under Advanced Persistent Threats

    NARCIS (Netherlands)

    Yang, L.; Li, Pengdeng; Yang, Xiaofan; Tang, Yuan Yan

    2017-01-01

    Advanced persistent threats (APTs) pose a grave threat to cyberspace, because they deactivate all the conventional cyber defense mechanisms. This paper addresses the issue of evaluating the security of the cyber networks under APTs. For this purpose, a dynamic model capturing the APT-based

  5. ON SECURE FULL DUPLEX COMMUNICATION IN MOBILE AD HOC NETWORK

    Directory of Open Access Journals (Sweden)

    S. C. Dutta

    2013-06-01

    Full Text Available This paper is to establish Ad Hoc network in mobile phones and start fully secured full duplex communication in any situation. This type of communication will be cost effective and it will be fastest way of communication in case of any server failure or server error.

  6. ON SECURE FULL DUPLEX COMMUNICATION IN MOBILE AD HOC NETWORK

    OpenAIRE

    S. C. Dutta; Sudha Singh; D. K. Singh

    2013-01-01

    This paper is to establish Ad Hoc network in mobile phones and start fully secured full duplex communication in any situation. This type of communication will be cost effective and it will be fastest way of communication in case of any server failure or server error.

  7. Applying Real Options Thinking to Information Security in Networked Organizations

    NARCIS (Netherlands)

    Daneva, Maia

    2006-01-01

    An information security strategy of an organization participating in a networked business sets out the plans for designing a variety of actions that ensure confidentiality, availability, and integrity of company’s key information assets. The actions are concerned with authentication and

  8. A Framework for Security Analysis of Mobile Wireless Networks

    DEFF Research Database (Denmark)

    Nanz, Sebastian; Hankin, Chris

    2006-01-01

    We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions...... processes and the network's connectivity graph, which may change independently from protocol actions. We identify a property characterising an important aspect of security in this setting and express it using behavioural equivalences of the calculus. We complement this approach with a control flow analysis...... of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured adversarial environment as they form an inherent part of the system's security. In order to model this scenario faithfully, we present a broadcast calculus which makes a clear distinction between the protocol...

  9. Enhanced security services for enabling pan-European healthcare networks.

    Science.gov (United States)

    Blobel, B; Pharow, P; Engel, K

    2001-01-01

    Establishing the Shared Care environment, communication and co-operation between healthcare establishments involved must be provided in a trustworthy way. This challenge is even more important for health networks using the Internet. In that context, services assuring both communication security and application security must be provided. Especially in the e-health environment, additionally to identity-related services certifying data or properties of principals, trustworthiness or authorisation for objects, components and functions must be established by Trusted Third Parties (TTP). Within the European Commission's Information Society Technologies (IST) Programme, the HARP project provides the "HARP Cross-Security Platform (HCSP)" needed in the open Web environment of pan-European networks. The solutions are under implementation and evaluation in the German ONCONET enabling a trustworthy framework for both health professionals and patients as well as supporting clinical studies.

  10. Secure Group Formation Protocol for a Medical Sensor Network Prototype

    DEFF Research Database (Denmark)

    Andersen, Jacob

    2009-01-01

    Designing security mechanisms such as privacy and access control for medical sensor networks is a challenging task; as such systems may be operated very frequently, at a quick pace, and at times in emergency situations. Understandably, clinicians hold extra unproductive tasks in low regard......, and experience from user workshops and observations of clinicians at work on a hospital ward show that if the security mechanisms are not well designed, the technology is either rejected altogether, or they are circumvented leaving the system wide open to attacks. Our work targets the problem of designing...... wireless sensors to be both secure and usable by exploring different solutions on a fully functional prototype platform. In this paper, we present an Elliptic Curve Cryptography (ECC) based protocol, which offers fully secure sensor set-up in a few seconds on standard (Telos) hardware. We evaluate...

  11. Security Policy for a Generic Space Exploration Communication Network Architecture

    Science.gov (United States)

    Ivancic, William D.; Sheehe, Charles J.; Vaden, Karl R.

    2016-01-01

    This document is one of three. It describes various security mechanisms and a security policy profile for a generic space-based communication architecture. Two other documents accompany this document- an Operations Concept (OpsCon) and a communication architecture document. The OpsCon should be read first followed by the security policy profile described by this document and then the architecture document. The overall goal is to design a generic space exploration communication network architecture that is affordable, deployable, maintainable, securable, evolvable, reliable, and adaptable. The architecture should also require limited reconfiguration throughout system development and deployment. System deployment includes subsystem development in a factory setting, system integration in a laboratory setting, launch preparation, launch, and deployment and operation in space.

  12. Secure energy efficient routing protocol for wireless sensor network

    Directory of Open Access Journals (Sweden)

    Das Ayan Kumar

    2016-03-01

    Full Text Available The ease of deployment of economic sensor networks has always been a boon to disaster management applications. However, their vulnerability to a number of security threats makes communication a challenging task. This paper proposes a new routing technique to prevent from both external threats and internal threats like hello flooding, eavesdropping and wormhole attack. In this approach one way hash chain is used to reduce the energy drainage. Level based event driven clustering also helps to save energy. The simulation results show that the proposed scheme extends network lifetime even when the cluster based wireless sensor network is under attack.

  13. Network Architecture, Security Issues, and Hardware Implementation of a Home Area Network for Smart Grid

    OpenAIRE

    Saponara, Sergio; Bacchillone, Tony

    2012-01-01

    This paper discusses aims, architecture, and security issues of Smart Grid, taking care of the lesson learned at University of Pisa in research projects on smart energy and grid. A key element of Smart Grid is the energy home area network (HAN), for which an implementation is proposed, dealing with its security aspects and showing some solutions for realizing a wireless network based on ZigBee. Possible hardware-software architectures and implementations using COTS (Commercial Off The Shelf) ...

  14. Paradiplomacy, Security Policies and City Networks: the Case of the Mercocities Citizen Security Thematic Unit

    Directory of Open Access Journals (Sweden)

    Gilberto Marcos Antonio Rodrigues

    Full Text Available Abstract In a phenomenon known as paradiplomacy, cities are playing an increasingly important role in international relations. Through paradiplomacy, cities are co-operating internationally with other cities, and city networks have become important spaces for sharing experiences of and best practices in local public policy. Moreover, security policy is a increasingly important part of local policy-making. In Latin America, the concept of citizen security, based on a democratic and human rights approach, has developed in response to the legacy of authoritarian regimes from the 1960s to the 1980s. This article examines how security policies have been disseminated, discussed and transferred through Mercocities, the main city network in South America.

  15. Competition in the domain of wireless networks security

    Science.gov (United States)

    Bednarczyk, Mariusz

    2017-04-01

    Wireless networks are very popular and have found wide spread usage amongst various segments, also in military environment. The deployment of wireless infrastructures allow to reduce the time it takes to install and dismantle communications networks. With wireless, users are more mobile and can easily get access to the network resources all the time. However, wireless technologies like WiFi or Bluetooth have security issues that hackers have extensively exploited over the years. In the paper several serious security flaws in wireless technologies are presented. Most of them enable to get access to the internal networks and easily carry out man-in-the-middle attacks. Very often, they are used to launch massive denial of service attacks that target the physical infrastructure as well as the RF spectrum. For instance, there are well known instances of Bluetooth connection spoofing in order to steal WiFi password stored in the mobile device. To raise the security awareness and protect wireless networks against an adversary attack, an analysis of attack methods and tools over time is presented in the article. The particular attention is paid to the severity, possible targets as well as the ability to persist in the context of protective measures. Results show that an adversary can take complete control of the victims' mobile device features if the users forget to use simple safety principles.

  16. A Framework for Secure Data Delivery in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Leonidas PERLEPES

    2012-03-01

    Full Text Available Typical sensor nodes are resource constrained devices containing user level applications, operating system components, and device drivers in a single address space, with no form of memory protection. A malicious user could easily capture a node and tamper the applications running on it, in order to perform different types of attacks. In this paper, we propose a 3-layer Security Framework composed by physical security schemes, cryptography of communication channels and live forensics protection techniques that allows for secure WSN deployments. Each of the abovementioned techniques maximizes the security levels leading to a tamper proof sensor node. By applying the proposed security framework, secure communication between nodes is guaranteed, identified captured nodes are silenced and their destructive effect on the rest of the network infrastructure is minimized due to the early measures applied. Our main concern is to propose a framework that balances its attributes between robustness, as long as security is concerned and cost effective implementation as far as resources (energy consumption are concerned.

  17. A Unified Network Security Architecture for Large, Distributed Networks Project

    Data.gov (United States)

    National Aeronautics and Space Administration — In typical, multi-organizational networking environments, it is difficult to define and maintain a uniform authentication scheme that provides users with easy access...

  18. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  19. Develop a solution for protecting and securing enterprise networks from malicious attacks

    Science.gov (United States)

    Kamuru, Harshitha; Nijim, Mais

    2014-05-01

    as they are configured on a per-zone basis. Depending on the type of screen being configured, there may be additional settings beyond simply blocking the traffic. Attack prevention is also a native function of any firewall. Juniper Firewall handles traffic on a per-flow basis. We can use flows or sessions as a way to determine whether traffic attempting to traverse the firewall is legitimate. We control the state-checking components resident in Juniper Firewall by configuring "flow" settings. These settings allow you to configure state checking for various conditions on the device. You can use flow settings to protect against TCP hijacking, and to generally ensure that the fire-wall is performing full state processing when desired. We take a case study of attack on a network and perform study of the detection of the malicious packets on a Net screen Firewall. A new solution for securing enterprise networks will be developed here.

  20. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-03-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS.Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented.Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end.Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours.Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  1. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-11-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  2. Quality of Service Regulation in Secure Body Area Networks: System Modeling and Adaptation Methods

    Directory of Open Access Journals (Sweden)

    Bui FrancisMinhthang

    2011-01-01

    Full Text Available Body area network (BAN has recently emerged as a promising platform for future research and development. The applications are myriad and encompass a wide range of scenarios, including those in not only medicine but also in everyday activities. However, while the applicability and necessity of BAN have been firmly assured, the underlying technological platforms to practically realize these networks are still in the developmental stages, with many outstanding key problems to be addressed. Due to their envisioned domains of applicability, an important problem in BANs is security and user privacy. Providing security in a practical BAN configuration is challenging due to various conflicting resource constraints. In this paper, the focus is to study signal processing methods for delivering secure communications in BANs, particularly when using biometrics. An optimization framework is presented to aggregate various methods, enabling overall quality of service (QoS regulation in an integrated and flexible manner. In particular, this resource allocation approach is shown to be effective in managing security solutions for BANs.

  3. Trust framework for a secured routing in wireless sensor network

    Directory of Open Access Journals (Sweden)

    Ouassila Hoceini

    2015-11-01

    Full Text Available Traditional techniques to eliminate insider attacks developed for wired and wireless ad hoc networks are not well suited for wireless sensors networks due to their resource constraints nature. In order to protect WSNs against malicious and selfish behavior, some trust-based systems have recently been modeled. The resource efficiency and dependability of a trust system are the most fundamental requirements for any wireless sensor network (WSN. In this paper, we propose a Trust Framework for a Secured Routing in Wireless Sensor Network (TSR scheme, which works with clustered networks. This approach can effectively reduce the cost of trust evaluation and guarantee a better selection of safest paths that lead to the base station. Theoretical as well as simulation results show that our scheme requires less communication overheads and consumes less energy as compared to the current typical trust systems for WSNs. Moreover, it detects selfish and defective nodes and prevents us of insider attacks

  4. Coexistence of lateral and co-tuned inhibitory configurations in cortical networks.

    Directory of Open Access Journals (Sweden)

    Robert B Levy

    2011-10-01

    Full Text Available The responses of neurons in sensory cortex depend on the summation of excitatory and inhibitory synaptic inputs. How the excitatory and inhibitory inputs scale with stimulus depends on the network architecture, which ranges from the lateral inhibitory configuration where excitatory inputs are more narrowly tuned than inhibitory inputs, to the co-tuned configuration where both are tuned equally. The underlying circuitry that gives rise to lateral inhibition and co-tuning is yet unclear. Using large-scale network simulations with experimentally determined connectivity patterns and simulations with rate models, we show that the spatial extent of the input determined the configuration: there was a smooth transition from lateral inhibition with narrow input to co-tuning with broad input. The transition from lateral inhibition to co-tuning was accompanied by shifts in overall gain (reduced, output firing pattern (from tonic to phasic and rate-level functions (from non-monotonic to monotonically increasing. The results suggest that a single cortical network architecture could account for the extended range of experimentally observed response types between the extremes of lateral inhibitory versus co-tuned configurations.

  5. A Secure and Efficient Handover Authentication Protocol for Wireless Networks

    Directory of Open Access Journals (Sweden)

    Weijia Wang

    2014-06-01

    Full Text Available Handover authentication protocol is a promising access control technology in the fields of WLANs and mobile wireless sensor networks. In this paper, we firstly review an effcient handover authentication protocol, named PairHand, and its existing security attacks and improvements. Then, we present an improved key recovery attack by using the linearly combining method and reanalyze its feasibility on the improved PairHand protocol. Finally, we present a new handover authentication protocol, which not only achieves the same desirable effciency features of PairHand, but enjoys the provable security in the random oracle model.

  6. A Secure Network Coding Based on Broadcast Encryption in SDN

    Directory of Open Access Journals (Sweden)

    Yue Chen

    2016-01-01

    Full Text Available By allowing intermediate nodes to encode the received packets before sending them out, network coding improves the capacity and robustness of multicast applications. But it is vulnerable to the pollution attacks. Some signature schemes were proposed to thwart such attacks, but most of them need to be homomorphic that the keys cannot be generated and managed easily. In this paper, we propose a novel fast and secure switch network coding multicast (SSNC on the software defined networks (SDN. In our scheme, the complicated secure multicast management was separated from the fast data transmission based on the SDN. Multiple multicasts will be aggregated to one multicast group according to the requirements of services and the network status. Then, the controller will route aggregated multicast group with network coding; only the trusted switch will be allowed to join the network coding by using broadcast encryption. The proposed scheme can use the traditional cryptography without homomorphy, which greatly reduces the complexity of the computation and improves the efficiency of transmission.

  7. Simulation of Attacks for Security in Wireless Sensor Network.

    Science.gov (United States)

    Diaz, Alvaro; Sanchez, Pablo

    2016-11-18

    The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

  8. Reputation-based secure sensor localization in wireless sensor networks.

    Science.gov (United States)

    He, Jingsha; Xu, Jing; Zhu, Xingye; Zhang, Yuqiang; Zhang, Ting; Fu, Wanqing

    2014-01-01

    Location information of sensor nodes in wireless sensor networks (WSNs) is very important, for it makes information that is collected and reported by the sensor nodes spatially meaningful for applications. Since most current sensor localization schemes rely on location information that is provided by beacon nodes for the regular sensor nodes to locate themselves, the accuracy of localization depends on the accuracy of location information from the beacon nodes. Therefore, the security and reliability of the beacon nodes become critical in the localization of regular sensor nodes. In this paper, we propose a reputation-based security scheme for sensor localization to improve the security and the accuracy of sensor localization in hostile or untrusted environments. In our proposed scheme, the reputation of each beacon node is evaluated based on a reputation evaluation model so that regular sensor nodes can get credible location information from highly reputable beacon nodes to accomplish localization. We also perform a set of simulation experiments to demonstrate the effectiveness of the proposed reputation-based security scheme. And our simulation results show that the proposed security scheme can enhance the security and, hence, improve the accuracy of sensor localization in hostile or untrusted environments.

  9. Network Security Risks of Online Social Networking in the Workplace

    Science.gov (United States)

    2013-11-01

    Automated Public Turing test to tell Computers and Humans Apart. CSRF Cross-Site Request Forgery . DDoS Distributed Denial of Service. DoS Denial of...themselves through a computer network, in the case of OSNs by using Cross Site Scripting (abbreviated as XSS) or Cross-Site Request Forgery (CSRF) exploits

  10. Computer and Network Security in Small Libraries: A Guide for Planning.

    Science.gov (United States)

    Williams, Robert L.

    This manual is intended to provide a free resource on essential network security concepts for non-technical managers of small libraries. Managers of other small nonprofit or community organizations will also benefit from it. An introduction defines network security; outlines three goals of network security; discusses why a library should be…

  11. Secure and Efficient Key Coordination Algorithm for Line Topology Network Maintenance for Use in Maritime Wireless Sensor Networks.

    Science.gov (United States)

    Elgenaidi, Walid; Newe, Thomas; O'Connell, Eoin; Toal, Daniel; Dooly, Gerard

    2016-12-21

    There has been a significant increase in the proliferation and implementation of Wireless Sensor Networks (WSNs) in different disciplines, including the monitoring of maritime environments, healthcare systems, and industrial sectors. It has now become critical to address the security issues of data communication while considering sensor node constraints. There are many proposed schemes, including the scheme being proposed in this paper, to ensure that there is a high level of security in WSNs. This paper presents a symmetric security scheme for a maritime coastal environment monitoring WSN. The scheme provides security for travelling packets via individually encrypted links between authenticated neighbors, thus avoiding a reiteration of a global rekeying process. Furthermore, this scheme proposes a dynamic update key based on a trusted node configuration, called a leader node, which works as a trusted third party. The technique has been implemented in real time on a Waspmote test bed sensor platform and the results from both field testing and indoor bench testing environments are discussed in this paper.

  12. Secure and Efficient Key Coordination Algorithm for Line Topology Network Maintenance for Use in Maritime Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Walid Elgenaidi

    2016-12-01

    Full Text Available There has been a significant increase in the proliferation and implementation of Wireless Sensor Networks (WSNs in different disciplines, including the monitoring of maritime environments, healthcare systems, and industrial sectors. It has now become critical to address the security issues of data communication while considering sensor node constraints. There are many proposed schemes, including the scheme being proposed in this paper, to ensure that there is a high level of security in WSNs. This paper presents a symmetric security scheme for a maritime coastal environment monitoring WSN. The scheme provides security for travelling packets via individually encrypted links between authenticated neighbors, thus avoiding a reiteration of a global rekeying process. Furthermore, this scheme proposes a dynamic update key based on a trusted node configuration, called a leader node, which works as a trusted third party. The technique has been implemented in real time on a Waspmote test bed sensor platform and the results from both field testing and indoor bench testing environments are discussed in this paper.

  13. Study of the full-service and low-cost carriers network configuration

    Directory of Open Access Journals (Sweden)

    Oriol Lordan

    2014-10-01

    Full Text Available Purpose: The network strategies used by airline carriers have been a recurring subject in air transport research. The aim of this paper is to investigate the relationship between the different operational characteristics of the airline and its route network configuration. Design/methodology/approach: The two main airline carrier typologies - Full-Service and Low-Cost carriers – are analysed using empirical models developed on complex network research relating them to the business model of the airlines. Findings and Originality/value: Just in Europe, one can differentiate between Full-Service and Low-Cost Carriers by complex network analyses. In this process, it has been also found that new concept Low-Cost Carriers, such as Vueling, have network properties closer to Full-Service Carriers. Research limitations/implications: This paper has a limited sample, as includes 26 airline case studies from Europe, United States and Asia. Practical implications: The analysis carried out in this research can help to the assessment of the evolution of the strategies of airline carriers, and has also operational implications, since the configuration of an airline route network can determine its resilience to attacks and errors. Social implications: A better understanding of the properties of airline route networks can benefit airlines, passengers and another stakeholders of the air transport industry. Originality/value: Current research on air transport networks has only considered the global or regional level, but few studies have addressed the study of airline transport networks, and its relationship with their business model.

  14. Guide to the Secure Configuration and Administration of Microsoft Windows 2000 Certificate Services (Checklist Format)

    National Research Council Canada - National Science Library

    Christman, Sheila

    2001-01-01

    .... Although Microsoft's Internet Information Service (IIS) is required to enable users to request certificates through web pages, this document does not provide instructions for securely installing and managing IIS...

  15. Guide to the Secure Configuration and Administration of Microsoft Windows 2000 Certificate Services

    National Research Council Canada - National Science Library

    Christman, Sheila

    2001-01-01

    .... Although Microsoft's Internet Information Service (IIS) is required to enable users to request certificates through web pages, this document does not provide instructions for securely installing and managing IIS...

  16. Exergetic evaluation of heat pump booster configurations in a low temperature district heating network

    DEFF Research Database (Denmark)

    Ommen, Torben Schmidt; Elmegaard, Brian

    2012-01-01

    with a heat pump, as the remaining heat demands are often not required at temperature levels as high as the tap water. The scope of this work is to evaluate the power consumption and second law efficiency of booster heat pumps for tap water production in a low temperature district heating network. The heat...... pump and storage arrangement is evaluated based on a tapping sequence from the Danish standards (DS439). Based an initial investigation of possible designs, three configurations have been chosen for the evaluation. Of the three heat pumps, two are implemented on the primary side to boost the network...... exchanger sizes and the isentropic efficiency of the compressor used in the heat pump. The superior configuration shows exergetic efficiencies higher than 0.5 when forward temperatures is around 45 ºC....

  17. Secure and Authenticated Data Communication in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Omar Alfandi

    2015-08-01

    Full Text Available Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

  18. Secure and Authenticated Data Communication in Wireless Sensor Networks

    Science.gov (United States)

    Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

    2015-01-01

    Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes. PMID:26266413

  19. Dynamic Reconfiguration of Security Policies in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Mónica Pinto

    2015-03-01

    Full Text Available Providing security and privacy to wireless sensor nodes (WSNs is very challenging, due to the heterogeneity of sensor nodes and their limited capabilities in terms of energy, processing power and memory. The applications for these systems run in a myriad of sensors with different low-level programming abstractions, limited capabilities and different routing protocols. This means that applications for WSNs need mechanisms for self-adaptation and for self-protection based on the dynamic adaptation of the algorithms used to provide security. Dynamic software product lines (DSPLs allow managing both variability and dynamic software adaptation, so they can be considered a key technology in successfully developing self-protected WSN applications. In this paper, we propose a self-protection solution for WSNs based on the combination of the INTER-TRUST security framework (a solution for the dynamic negotiation and deployment of security policies and the FamiWare middleware (a DSPL approach to automatically configure and reconfigure instances of a middleware for WSNs.We evaluate our approach using a case study from the intelligent transportation system domain.

  20. Dynamic reconfiguration of security policies in wireless sensor networks.

    Science.gov (United States)

    Pinto, Mónica; Gámez, Nadia; Fuentes, Lidia; Amor, Mercedes; Horcas, José Miguel; Ayala, Inmaculada

    2015-03-04

    Providing security and privacy to wireless sensor nodes (WSNs) is very challenging, due to the heterogeneity of sensor nodes and their limited capabilities in terms of energy, processing power and memory. The applications for these systems run in a myriad of sensors with different low-level programming abstractions, limited capabilities and different routing protocols. This means that applications for WSNs need mechanisms for self-adaptation and for self-protection based on the dynamic adaptation of the algorithms used to provide security. Dynamic software product lines (DSPLs) allow managing both variability and dynamic software adaptation, so they can be considered a key technology in successfully developing self-protected WSN applications. In this paper, we propose a self-protection solution for WSNs based on the combination of the INTER-TRUST security framework (a solution for the dynamic negotiation and deployment of security policies) and the FamiWare middleware (a DSPL approach to automatically configure and reconfigure instances of a middleware for WSNs).We evaluate our approach using a case study from the intelligent transportation system domain.

  1. Developmental self-construction and -configuration of functional neocortical neuronal networks.

    Directory of Open Access Journals (Sweden)

    Roman Bauer

    2014-12-01

    Full Text Available The prenatal development of neural circuits must provide sufficient configuration to support at least a set of core postnatal behaviors. Although knowledge of various genetic and cellular aspects of development is accumulating rapidly, there is less systematic understanding of how these various processes play together in order to construct such functional networks. Here we make some steps toward such understanding by demonstrating through detailed simulations how a competitive co-operative ('winner-take-all', WTA network architecture can arise by development from a single precursor cell. This precursor is granted a simplified gene regulatory network that directs cell mitosis, differentiation, migration, neurite outgrowth and synaptogenesis. Once initial axonal connection patterns are established, their synaptic weights undergo homeostatic unsupervised learning that is shaped by wave-like input patterns. We demonstrate how this autonomous genetically directed developmental sequence can give rise to self-calibrated WTA networks, and compare our simulation results with biological data.

  2. Secure Network Coding against Wiretapping and Byzantine Attacks

    Directory of Open Access Journals (Sweden)

    Qin Guo

    2010-01-01

    Full Text Available In wireless networks, an attacker can tune a receiver and tap the communication between two nodes. Whether or not some meaningful information is obtained by tapping a wireless connection depends on the transmission scheme. In this paper, we design some secure network coding by combining information-theoretic approaches with cryptographic approaches. It ensures that the wiretapper cannot get any meaningful information no matter how many channels are wiretapped. In addition, if each source packet is augmented with a hash symbol which is computed from a simple nonlinear polynomial function of the data symbols, then the probability of detecting the modification is very high.

  3. Software-defined network abstractions and configuration interfaces for building programmable quantum networks

    Energy Technology Data Exchange (ETDEWEB)

    Dasari, Venkat [U.S. Army Research Laboratory, Aberdeen Proving Ground, MD; Sadlier, Ronald J [ORNL; Geerhart, Mr. Billy [U.S. Army Research Laboratory, Aberdeen Proving Ground, MD; Snow, Nikolai [U.S. Army Research Laboratory, Aberdeen Proving Ground, MD; Williams, Brian P [ORNL; Humble, Travis S [ORNL

    2017-01-01

    Well-defined and stable quantum networks are essential to realize functional quantum applications. Quantum networks are complex and must use both quantum and classical channels to support quantum applications like QKD, teleportation, and superdense coding. In particular, the no-cloning theorem prevents the reliable copying of quantum signals such that the quantum and classical channels must be highly coordinated using robust and extensible methods. We develop new network abstractions and interfaces for building programmable quantum networks. Our approach leverages new OpenFlow data structures and table type patterns to build programmable quantum networks and to support quantum applications.

  4. A network security situation prediction model based on wavelet neural network with optimized parameters

    Directory of Open Access Journals (Sweden)

    Haibo Zhang

    2016-08-01

    Full Text Available The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN with optimized parameters by the Improved Niche Genetic Algorithm (INGA. The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN, Genetic Algorithm-Back Propagation Neural Network (GA-BPNN and WNN.

  5. Neural network configuration and efficiency underlies individual differences in spatial orientation ability.

    Science.gov (United States)

    Arnold, Aiden E G F; Protzner, Andrea B; Bray, Signe; Levy, Richard M; Iaria, Giuseppe

    2014-02-01

    Spatial orientation is a complex cognitive process requiring the integration of information processed in a distributed system of brain regions. Current models on the neural basis of spatial orientation are based primarily on the functional role of single brain regions, with limited understanding of how interaction among these brain regions relates to behavior. In this study, we investigated two sources of variability in the neural networks that support spatial orientation--network configuration and efficiency--and assessed whether variability in these topological properties relates to individual differences in orientation accuracy. Participants with higher accuracy were shown to express greater activity in the right supramarginal gyrus, the right precentral cortex, and the left hippocampus, over and above a core network engaged by the whole group. Additionally, high-performing individuals had increased levels of global efficiency within a resting-state network composed of brain regions engaged during orientation and increased levels of node centrality in the right supramarginal gyrus, the right primary motor cortex, and the left hippocampus. These results indicate that individual differences in the configuration of task-related networks and their efficiency measured at rest relate to the ability to spatially orient. Our findings advance systems neuroscience models of orientation and navigation by providing insight into the role of functional integration in shaping orientation behavior.

  6. Anticipating WPS PIN Vulnerability to Secure Wireless Network

    Directory of Open Access Journals (Sweden)

    Indra Dwi Rianto

    2013-12-01

    Full Text Available WiFi Protected Setup (WPS is a standardized function supported by numerous vendors of wireless routers and access point to help set up connection to a wireless local area network. It is designed to simplify the set up and generally enabled by default. Due to design flaw, the WPS or QSS PIN is susceptible to a brute forceattack. In this paper, we test the security vulnerability occurred, evaluate the performance and give recommendations to anticipate the attack.

  7. A First Step Towards Network Security Virtualization: From Concept to Prototype

    Science.gov (United States)

    2015-10-01

    installed (fixed-location) security devices and leverage software-defined networking ( SDN ) technology to virtualize network security functions. At its core...network device. Some recent technologies suggest a method to control network flows dynamically at a network device, e.g., Software-Defined Networking ( SDN ...Software- Defined Networking ( SDN ) technology and its most popular realization, OpenFlow [17], [24]. More specifically, we will use SDN /OpenFlow to

  8. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

    Science.gov (United States)

    2007-01-15

    system, thus entangling legitimate changes with those of the intruders. Once an intru- sion has been detected and discontinued, the system...file sharing clients (e.g., Kazza). 103 SELF-SECURING STORAGE & VERSIONING FILE SYSTEM COMPONENTS Both SoBig and MyDoom exhibit unique and atypical ...aggregate throttling penalizes hosts with atypical traffic patterns, thereby con- tributing to a higher false positive rate. We can increase the

  9. A case for spiking neural network simulation based on configurable multiple-FPGA systems.

    Science.gov (United States)

    Yang, Shufan; Wu, Qiang; Li, Renfa

    2011-09-01

    Recent neuropsychological research has begun to reveal that neurons encode information in the timing of spikes. Spiking neural network simulations are a flexible and powerful method for investigating the behaviour of neuronal systems. Simulation of the spiking neural networks in software is unable to rapidly generate output spikes in large-scale of neural network. An alternative approach, hardware implementation of such system, provides the possibility to generate independent spikes precisely and simultaneously output spike waves in real time, under the premise that spiking neural network can take full advantage of hardware inherent parallelism. We introduce a configurable FPGA-oriented hardware platform for spiking neural network simulation in this work. We aim to use this platform to combine the speed of dedicated hardware with the programmability of software so that it might allow neuroscientists to put together sophisticated computation experiments of their own model. A feed-forward hierarchy network is developed as a case study to describe the operation of biological neural systems (such as orientation selectivity of visual cortex) and computational models of such systems. This model demonstrates how a feed-forward neural network constructs the circuitry required for orientation selectivity and provides platform for reaching a deeper understanding of the primate visual system. In the future, larger scale models based on this framework can be used to replicate the actual architecture in visual cortex, leading to more detailed predictions and insights into visual perception phenomenon.

  10. On Optimal Multi-Sensor Network Configuration for 3D Registration

    Directory of Open Access Journals (Sweden)

    Hadi Aliakbarpour

    2015-11-01

    Full Text Available Multi-sensor networks provide complementary information for various taskslike object detection, movement analysis and tracking. One of the important ingredientsfor efficient multi-sensor network actualization is the optimal configuration of sensors.In this work, we consider the problem of optimal configuration of a network of coupledcamera-inertial sensors for 3D data registration and reconstruction to determine humanmovement analysis. For this purpose, we utilize a genetic algorithm (GA based optimizationwhich involves geometric visibility constraints. Our approach obtains optimal configurationmaximizing visibility in smart sensor networks, and we provide a systematic study usingedge visibility criteria, a GA for optimal placement, and extension from 2D to 3D.Experimental results on both simulated data and real camera-inertial fused data indicate weobtain promising results. The method is scalable and can also be applied to other smartnetwork of sensors. We provide an application in distributed coupled video-inertial sensorbased 3D reconstruction for human movement analysis in real time.

  11. Secure Communications over Wireless Networks Even 1-bit Feedback Helps Achieving Security

    KAUST Repository

    Rezki, Zouheir

    2016-01-06

    Recently, there have been a surge toward developing sophisticated security mechanisms based on a cross layer design. While an extensive progress has been realized toward establishing physical layer security as an important design paradigm to enhance security of existing wireless networks, only a little effort has been made toward designing practical coding schemes that achieve or approach the secrecy capacity. Most of existing results are tied to some simplifying assumptions that do not seem always reasonable (passive eavesdropper, perfect channel state information (CSI), etc.). Furthermore, it is still not very clear how to exploit physical layer security paradigms, together with existing cryptosystems, in order to add a supplementary level of protection for information transmission or to achieve key agreement. In this talk, we address the first part of the above problematic, i.e., the effect of channel uncertainty on network security. Particularly, we show that even a coarse estimate of the main channel (channel between the transmitter and the legitimate receiver) can help providing a positive secrecy rate. Specifically, we assume two types of channel uncertainty at the transmitter. The first one is a rate-limited feedback in a block fading channel where the feedback information can be proactive (at the beginning of the coherence block) or of ARQ-type. The second type of uncertainty takes the form of a noisy estimate of the main channel at the transmitter in a fast fading channel. In both cases, we provide upper and lower bounds on the secrecy capacity. We argue how our achievable schemes and upper bounding techniques extend to multi-user setting (broadcasting a single confidential message or multiple confidential messages to multiple legitimate receivers) and to multiple antenna channels.

  12. Syphilis Networks in Louisiana: An Analysis of Network Configuration and Disease Transmission

    Science.gov (United States)

    Desmarais, Catherine Theresa

    Background: In 2009, Louisiana had the highest rate of primary and secondary syphilis in the country. Recent partner notification approaches have been insufficient in addressing Louisiana's deeply entrenched areas of syphilis infection. Prior researchers have suggested that surveillance systems may benefit from utilizing social and spatial network analysis in syphilis control efforts. Objective: To expand the understanding of the spread of syphilis in Louisiana, and to add new tools to the state's case finding resources through the description of the characteristics of cases of early syphilis and their partners in Louisiana, the socio-sexual networks of these cases, and the geospatial clustering of cases and partners. Methods: Utilizing state surveillance data, all cases of primary, secondary, and early latent syphilis that were diagnosed in 2009 and data on their sexual or needle sharing partners were analyzed using a combination of descriptive, network, and geospatial measures. Results: In 2009, Louisiana experienced a high rate of heterosexual syphilis transmission. Within syphilis transmission networks, 50.8% of all cases were female and 84.2% of all cases were black. The average and median ages of males with reactive syphilis tests were higher than that of females in Louisiana, and in 88.9% of regions, older individuals were more likely to have a syphilis test than no test. A greater proportion of males (11.4%) refused to discuss partners than females (7.4%) and a greater proportion of males (5.5%) refused testing and prophylactic treatment than females (2.8%). No distinct patterns were seen in disease prevalence between regions based upon demographic data. Classic summary network measures such as density, degree, centrality, and betweenness provided little information on similarities and differences between the different regions in Louisiana. All measures indicated low density and extreme fragmentation of networks in Louisiana. The majority of network

  13. Understand the Big Picture So You Can Plan for Network Security

    Science.gov (United States)

    Cervone, Frank

    2005-01-01

    This article discusses network security for libraries. It indicates that there were only six exploit (security exposure) problems, worldwide, reported to the CERT Coordination Center back in 1988. In that year, the CERT had just been established to provide a clearinghouse for exchanging information about network security problems. By 2003, the…

  14. SeGrid: A Secure Grid Framework for Sensor Networks

    Directory of Open Access Journals (Sweden)

    An Fengguang

    2006-01-01

    Full Text Available In this paper, we propose SeGrid, a secure framework for establishing grid keys in low duty cycle sensor networks, for which establishing a common key for each pair of neighboring sensors is unnecessary since most sensors remain in sleep mode at any instant of time. SeGrid intends to compute a shared key for two grids that may be multihop away. This design explores the fact that for most applications, closer grids have higher probability and desire for secure message exchange. SeGrid relies on the availability of a low-cost public cryptosystem. The query and update of the corresponding public shares are controlled by a novel management protocol such that the closer the two grids, the shorter the distance to obtain each other's public share. We instantiate SeGrid based on Blom's key establishment to illustrate the computation of a grid key.

  15. Inclusion of tank configurations as a variable in the cost optimization of branched piped-water networks

    Directory of Open Access Journals (Sweden)

    N. Hooda

    2017-06-01

    Full Text Available The classic problem of the capital cost optimization of branched piped networks consists of choosing pipe diameters for each pipe in the network from a discrete set of commercially available pipe diameters. Each pipe in the network can consist of multiple segments of differing diameters. Water networks also consist of intermediate tanks that act as buffers between incoming flow from the primary source and the outgoing flow to the demand nodes. The network from the primary source to the tanks is called the primary network, and the network from the tanks to the demand nodes is called the secondary network. During the design stage, the primary and secondary networks are optimized separately, with the tanks acting as demand nodes for the primary network. Typically the choice of tank locations, their elevations, and the set of demand nodes to be served by different tanks is manually made in an ad hoc fashion before any optimization is done. It is desirable therefore to include this tank configuration choice in the cost optimization process itself. In this work, we explain why the choice of tank configuration is important to the design of a network and describe an integer linear program model that integrates the tank configuration to the standard pipe diameter selection problem. In order to aid the designers of piped-water networks, the improved cost optimization formulation is incorporated into our existing network design system called JalTantra.

  16. Inclusion of tank configurations as a variable in the cost optimization of branched piped-water networks

    Science.gov (United States)

    Hooda, Nikhil; Damani, Om

    2017-06-01

    The classic problem of the capital cost optimization of branched piped networks consists of choosing pipe diameters for each pipe in the network from a discrete set of commercially available pipe diameters. Each pipe in the network can consist of multiple segments of differing diameters. Water networks also consist of intermediate tanks that act as buffers between incoming flow from the primary source and the outgoing flow to the demand nodes. The network from the primary source to the tanks is called the primary network, and the network from the tanks to the demand nodes is called the secondary network. During the design stage, the primary and secondary networks are optimized separately, with the tanks acting as demand nodes for the primary network. Typically the choice of tank locations, their elevations, and the set of demand nodes to be served by different tanks is manually made in an ad hoc fashion before any optimization is done. It is desirable therefore to include this tank configuration choice in the cost optimization process itself. In this work, we explain why the choice of tank configuration is important to the design of a network and describe an integer linear program model that integrates the tank configuration to the standard pipe diameter selection problem. In order to aid the designers of piped-water networks, the improved cost optimization formulation is incorporated into our existing network design system called JalTantra.

  17. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security

    Science.gov (United States)

    Kang, Min-Joo

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus. PMID:27271802

  18. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Science.gov (United States)

    Kang, Min-Joo; Kang, Je-Won

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus.

  19. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Directory of Open Access Journals (Sweden)

    Min-Joo Kang

    Full Text Available A novel intrusion detection system (IDS using a deep neural network (DNN is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN, therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN bus.

  20. Analysis of tower locations for the secure border initiative network

    Science.gov (United States)

    Brendley, Keith W.

    2008-04-01

    The Secure Border Initiative Network (SBInet) is a series of sensor platforms along the U.S. border areas for the purpose of better monitoring cross-border excursions. From a technical standpoint, the challenge of SBInet is to provide the necessary area coverage needed while controlling costs. This paper presents one set of methods for analyzing different tower locations and technologies. Since the purpose of the paper is to consider analytical techniques, the terrain and tower locations used do not relate to the P28 area nor any other specific approaches or tower locations currently being studied for the SBInet program.

  1. Secure Cluster-Based In-Network Information Aggregation for Vehicular Networks

    NARCIS (Netherlands)

    Dietzel, Stefan; Peter, Andreas; Kargl, Frank

    Vehicular ad-hoc networks are a promising research area. Besides improving safety, traffic efficiency enhancements are a major expected benefit. In this paper, we present a novel security mechanism for traffic efficiency applications that lever- ages on velocity-based vehicle clustering and uses

  2. 47 CFR 64.2011 - Notification of customer proprietary network information security breaches.

    Science.gov (United States)

    2010-10-01

    ... Proprietary Network Information § 64.2011 Notification of customer proprietary network information security... 47 Telecommunication 3 2010-10-01 2010-10-01 false Notification of customer proprietary network information security breaches. 64.2011 Section 64.2011 Telecommunication FEDERAL COMMUNICATIONS COMMISSION...

  3. On the security of an anonymous roaming protocol in UMTS mobile networks

    Directory of Open Access Journals (Sweden)

    Shuhua Wu

    2012-02-01

    Full Text Available In this communication, we first show that the privacy-preserving roaming protocol recently proposed for mobile networks cannot achieve the claimed security level. Then we suggest an improved protocol to remedy its security problems.

  4. Making Wireless Networks Secure for NASA Mission Critical Applications Using Virtual Private Network (VPN) Technology

    Science.gov (United States)

    Nichols, Kelvin F.; Best, Susan; Schneider, Larry

    2004-01-01

    With so many security issues involved with wireless networks, the technology has not been fully utilized in the area of mission critical applications. These applications would include the areas of telemetry, commanding, voice and video. Wireless networking would allow payload operators the mobility to take computers outside of the control room to their off ices and anywhere else in the facility that the wireless network was extended. But the risk is too great of having someone sit just inside of your wireless network coverage and intercept enough of your network traffic to steal proprietary data from a payload experiment or worse yet hack back into your system and do even greater harm by issuing harmful commands. Wired Equivalent Privacy (WEP) is improving but has a ways to go before it can be trusted to protect mission critical data. Today s hackers are becoming more aggressive and innovative, and in order to take advantage of the benefits that wireless networking offer, appropriate security measures need to be in place that will thwart hackers. The Virtual Private Network (VPN) offers a solution to the security problems that have kept wireless networks from being used for mission critical applications. VPN provides a level of encryption that will ensure that data is protected while it is being transmitted over a wireless local area network (LAN). The VPN allows a user to authenticate to the site that the user needs to access. Once this authentication has taken place the network traffic between that site and the user is encapsulated in VPN packets with the Triple Data Encryption Standard (3DES). 3DES is an encryption standard that uses a single secret key to encrypt and decrypt data. The length of the encryption key is 168 bits as opposed to its predecessor DES that has a 56-bit encryption key. Even though 3DES is the common encryption standard for today, the Advance Encryption Standard (AES), which provides even better encryption at a lower cycle cost is growing

  5. Network Analysis for a Better Water Use Configuration in the Baiyangdian Basin, China

    Directory of Open Access Journals (Sweden)

    Xufeng Mao

    2015-02-01

    Full Text Available Nowadays, an increasing shortage of water resources intensifies the contradiction among different water-using sectors in the social-economic-ecological complex system. To adjust water used configuration in a holistic framework, a water use system (WUS model was constructed with inclusive five water-using sectors including aquatic systems, primary industry, secondary industry, tertiary industry and resident consumption. The Baiyangdian Basin in Northern China was used as a case area. Six years data from 2008 to 2013 were used to quantify the model. By introducing the ecological network analysis (EAN, we holistically assessed the WUS under different water use configuration. System organization, activities and development degree, etc. were used to character the prosperities of the water use system. Results indicate that the WUS encountered a lasting degradation in system organization (AMI index decreased in an annual rate of 0.6% and development degree though with an ascending system activities in the studies periods (with an annual growth rate of 11.3%. Scenario analysis results suggest several potential ways to achieve a better water use configuration in this basin, such as environmental and ecological restoration, water-saving technology and water recycling rate, etc. The current study may provide ways to optimize water use structure to balance the interests of different sectors both ecologically and economically.

  6. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols.

    Science.gov (United States)

    Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

    2016-06-14

    Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

  7. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

    Directory of Open Access Journals (Sweden)

    Aamir Shahzad

    2016-06-01

    Full Text Available Substantial changes have occurred in the Information Technology (IT sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

  8. Security Enhancement of Wireless Sensor Networks Using Signal Intervals.

    Science.gov (United States)

    Moon, Jaegeun; Jung, Im Y; Yoo, Jaesoo

    2017-04-02

    Various wireless technologies, such as RF, Bluetooth, and Zigbee, have been applied to sensor communications. However, the applications of Bluetooth-based wireless sensor networks (WSN) have a security issue. In one pairing process during Bluetooth communication, which is known as simple secure pairing (SSP), the devices are required to specify I/O capability or user interference to prevent man-in-the-middle (MITM) attacks. This study proposes an enhanced SSP in which a nonce to be transferred is converted to a corresponding signal interval. The quantization level, which is used to interpret physical signal intervals, is renewed at every connection by the transferred nonce and applied to the next nonce exchange so that the same signal intervals can represent different numbers. Even if attackers eavesdrop on the signals, they cannot understand what is being transferred because they cannot determine the quantization level. Furthermore, the proposed model does not require exchanging passkeys as data, and the devices are secure in the case of using a fixed PIN. Subsequently, the new quantization level is calculated automatically whenever the same devices attempt to connect with each other. Therefore, the pairing process can be protected from MITM attacks and be convenient for users.

  9. Security Enhancement of Wireless Sensor Networks Using Signal Intervals

    Directory of Open Access Journals (Sweden)

    Jaegeun Moon

    2017-04-01

    Full Text Available Various wireless technologies, such as RF, Bluetooth, and Zigbee, have been applied to sensor communications. However, the applications of Bluetooth-based wireless sensor networks (WSN have a security issue. In one pairing process during Bluetooth communication, which is known as simple secure pairing (SSP, the devices are required to specify I/O capability or user interference to prevent man-in-the-middle (MITM attacks. This study proposes an enhanced SSP in which a nonce to be transferred is converted to a corresponding signal interval. The quantization level, which is used to interpret physical signal intervals, is renewed at every connection by the transferred nonce and applied to the next nonce exchange so that the same signal intervals can represent different numbers. Even if attackers eavesdrop on the signals, they cannot understand what is being transferred because they cannot determine the quantization level. Furthermore, the proposed model does not require exchanging passkeys as data, and the devices are secure in the case of using a fixed PIN. Subsequently, the new quantization level is calculated automatically whenever the same devices attempt to connect with each other. Therefore, the pairing process can be protected from MITM attacks and be convenient for users.

  10. Security Enhancement of Wireless Sensor Networks Using Signal Intervals

    Science.gov (United States)

    Moon, Jaegeun; Jung, Im Y.; Yoo, Jaesoo

    2017-01-01

    Various wireless technologies, such as RF, Bluetooth, and Zigbee, have been applied to sensor communications. However, the applications of Bluetooth-based wireless sensor networks (WSN) have a security issue. In one pairing process during Bluetooth communication, which is known as simple secure pairing (SSP), the devices are required to specify I/O capability or user interference to prevent man-in-the-middle (MITM) attacks. This study proposes an enhanced SSP in which a nonce to be transferred is converted to a corresponding signal interval. The quantization level, which is used to interpret physical signal intervals, is renewed at every connection by the transferred nonce and applied to the next nonce exchange so that the same signal intervals can represent different numbers. Even if attackers eavesdrop on the signals, they cannot understand what is being transferred because they cannot determine the quantization level. Furthermore, the proposed model does not require exchanging passkeys as data, and the devices are secure in the case of using a fixed PIN. Subsequently, the new quantization level is calculated automatically whenever the same devices attempt to connect with each other. Therefore, the pairing process can be protected from MITM attacks and be convenient for users. PMID:28368341

  11. Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications

    Science.gov (United States)

    Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

    The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

  12. A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

    Science.gov (United States)

    Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

    2013-09-02

    Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

  13. Novel iterative P-cycle configure model in WDM intelligent optical network

    Science.gov (United States)

    Li, Bin; Huang, Shanguo; Zhang, Yongjun; Gu, Wanyi; Zu, Yunxiao

    2009-11-01

    In this paper, a p-cycle generation algorithm is proposed that can protect service of static traffic model in WDM network. As the basic p-cycle sets calculated by algorithm such as the straddle link algorithm (SLA) always contain a straddle link in it. That is why the protection efficiency is higher than bidirectional line switch ring (BLSR). Any idle resource can be used for traffic restoration. But if the resource is not configured carefully then not all the resource of idle state can be utilized efficiently. Some extensions of algorithms are brought into effect to improve the protection capability. Based on these extensions, a novel iterative expanding p-cycle is introduced. A platform is constructed in OPNET modeler to verify the performance of this algorithm. Simulation results show that after several expansions for the basic p-cycle sets, the efficiency is improved. The pre-configured resource is deployed before any requests come. Comparison between different network topologies is studied. Finally, the results are analyzed and some directivity is given for further research.

  14. Triple-loaded single-anchor stitch configurations: an analysis of cyclically loaded suture-tendon interface security.

    Science.gov (United States)

    Coons, David A; Barber, F Alan; Herbert, Morley A

    2006-11-01

    This study evaluated the strength and suture-tendon interface security of different suture configurations from triple-suture-loaded anchors. A juvenile bovine infraspinatus tendon was detached and repaired by use of 4 different suture combinations from 2 suture anchors: 3 simple sutures in each anchor (ThreeVo anchor; Linvatec, Largo, FL); 2 peripheral simple stitches and 1 central horizontal mattress suture passed deeper into the tendon, creating a larger footprint (bigfoot-print anchor); 2 peripheral simple stitches with 1 central horizontal mattress stitch passed through the same holes as the simple sutures (stitch-of-Burns); and 2 simple stitches (TwoVo anchor; Linvatec). The constructs were cyclically loaded between 10 N and 180 N for 3,500 cycles and then destructively tested. The number of cycles required to create a 5-mm gap and a 10-mm gap and the ultimate load to failure and failure mode were recorded. The ThreeVo anchor was strongest and most resistant to cyclic loading (P anchor was least resistant to cyclic loading. The stitch-of-Burns anchor was more resistant to cyclic loading than both the bigfoot-print anchor and the TwoVo anchor (P anchors were stronger than the bigfoot-print anchor (P sutures in an anchor hold better than two simple sutures. Three simple sutures provide superior suture-tendon security than combinations of one mattress and two simple stitches subjected to cyclic loading. A central mattress stitch placed more medially than two peripheral simple stitches (bigfoot-print anchor) configured to enlarge the tendon-suture footprint was not as resistant to cyclic loading or destructive testing as three simple stitches (ThreeVo anchor). Placing a central mattress stitch more medially than 2 peripheral simple stitches to enlarge the tendon-suture footprint was not as resistant to cyclic loading or destructive testing as 3 simple stitches.

  15. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks.

    Science.gov (United States)

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-04-12

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes' resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  16. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Sabrina Boubiche

    2016-04-01

    Full Text Available Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  17. Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks

    OpenAIRE

    Lin, Zhaowen; Tao, Dan; Wang, Zhenji

    2017-01-01

    For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel s...

  18. Symmetric Link Key Management for Secure Neighbor Discovery in a Decentralized Wireless Sensor Network

    Science.gov (United States)

    2017-09-01

    KEY MANAGEMENT FOR SECURE NEIGHBOR DISCOVERY IN A DECENTRALIZED WIRELESS SENSOR NETWORK by Kelvin T. Chew September 2017 Thesis Advisor...lightweight security protocol is necessary to prevent unauthorized nodes from accessing network data and resources. In this thesis, we focus on the management ... MANAGEMENT FOR SECURE NEIGHBOR DISCOVERY IN A DECENTRALIZED WIRELESS SENSOR NETWORK Kelvin T. Chew Captain, United States Marine Corps B.S

  19. Particularities of security design for wireless networks in small and medium business (SMB

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available Small businesses often have small budgets, which often means no fulltime IT staff or no possibility to hire a security consultant to set up a wireless LAN properly. This paper tries to develop a methodology for designing security for wireless networks in SMB. There are more security options to choose from, when setting up a wireless network, thus the security features needed for a company must be carefully taken in consideration. The benefits from one security feature must be balanced with the implementation and maintenance cost and with the risk of not getting the security level wanted.

  20. Network Security Risk Assessment System Based on Attack Graph and Markov Chain

    Science.gov (United States)

    Sun, Fuxiong; Pi, Juntao; Lv, Jin; Cao, Tian

    2017-10-01

    Network security risk assessment technology can be found in advance of the network problems and related vulnerabilities, it has become an important means to solve the problem of network security. Based on attack graph and Markov chain, this paper provides a Network Security Risk Assessment Model (NSRAM). Based on the network infiltration tests, NSRAM generates the attack graph by the breadth traversal algorithm. Combines with the international standard CVSS, the attack probability of atomic nodes are counted, and then the attack transition probabilities of ones are calculated by Markov chain. NSRAM selects the optimal attack path after comprehensive measurement to assessment network security risk. The simulation results show that NSRAM can reflect the actual situation of network security objectively.

  1. Multitask Learning-Based Security Event Forecast Methods for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hui He

    2016-01-01

    Full Text Available Wireless sensor networks have strong dynamics and uncertainty, including network topological changes, node disappearance or addition, and facing various threats. First, to strengthen the detection adaptability of wireless sensor networks to various security attacks, a region similarity multitask-based security event forecast method for wireless sensor networks is proposed. This method performs topology partitioning on a large-scale sensor network and calculates the similarity degree among regional subnetworks. The trend of unknown network security events can be predicted through multitask learning of the occurrence and transmission characteristics of known network security events. Second, in case of lacking regional data, the quantitative trend of unknown regional network security events can be calculated. This study introduces a sensor network security event forecast method named Prediction Network Security Incomplete Unmarked Data (PNSIUD method to forecast missing attack data in the target region according to the known partial data in similar regions. Experimental results indicate that for an unknown security event forecast the forecast accuracy and effects of the similarity forecast algorithm are better than those of single-task learning method. At the same time, the forecast accuracy of the PNSIUD method is better than that of the traditional support vector machine method.

  2. Social Milieu Oriented Routing: A New Dimension to Enhance Network Security in WSNs

    National Research Council Canada - National Science Library

    Liu, Lianggui; Chen, Li; Jia, Huiling

    2016-01-01

    In large-scale wireless sensor networks (WSNs), in order to enhance network security, it is crucial for a trustor node to perform social milieu oriented routing to a target a trustee node to carry out trust evaluation...

  3. Distinct configurations of protein complexes and biochemical pathways revealed by epistatic interaction network motifs

    LENUS (Irish Health Repository)

    Casey, Fergal

    2011-08-22

    Abstract Background Gene and protein interactions are commonly represented as networks, with the genes or proteins comprising the nodes and the relationship between them as edges. Motifs, or small local configurations of edges and nodes that arise repeatedly, can be used to simplify the interpretation of networks. Results We examined triplet motifs in a network of quantitative epistatic genetic relationships, and found a non-random distribution of particular motif classes. Individual motif classes were found to be associated with different functional properties, suggestive of an underlying biological significance. These associations were apparent not only for motif classes, but for individual positions within the motifs. As expected, NNN (all negative) motifs were strongly associated with previously reported genetic (i.e. synthetic lethal) interactions, while PPP (all positive) motifs were associated with protein complexes. The two other motif classes (NNP: a positive interaction spanned by two negative interactions, and NPP: a negative spanned by two positives) showed very distinct functional associations, with physical interactions dominating for the former but alternative enrichments, typical of biochemical pathways, dominating for the latter. Conclusion We present a model showing how NNP motifs can be used to recognize supportive relationships between protein complexes, while NPP motifs often identify opposing or regulatory behaviour between a gene and an associated pathway. The ability to use motifs to point toward underlying biological organizational themes is likely to be increasingly important as more extensive epistasis mapping projects in higher organisms begin.

  4. Intelligent maritime security system with sensor networks for coastal environmental and homeland security applications

    Science.gov (United States)

    Carapezza, Edward M.; Bucklin, Ann

    2007-10-01

    This paper proposes an innovative command and control system design and the use of low, cost distributed sensor networks for an intelligent maritime security system. This concept utilizes a network of small passive and active multi-phenomenological unattended sensors and shore based optical sensors to detect, classify, and track submerged threat objects approaching high value coastal assets, such as ports, harbors, residential, commercial, and military facilities and areas. The network of unattended, in-water sensors perform the initial detection, classification, and coarse tracking and then queues shore based optical laser radar sensors. These shore-based sensors perform a high resolution sector search to develop a precision track on the submerged threat objects. Potential threat objects include submarines, submerged barges, UUV's, swimmers carrying threat objects such as explosives, chemical, biological, radiological, and nuclear materials. Reliable systems with low false alarm rates (FAR) are proposed. Tens to hundreds of low cost passive sensors are proposed to be deployed conjunctively with several active acoustic and optical sensors in threat and facility dependant patterns to maximize the detection, tracking and classification of submerged threat objects.

  5. Network Architecture, Security Issues, and Hardware Implementation of a Home Area Network for Smart Grid

    Directory of Open Access Journals (Sweden)

    Sergio Saponara

    2012-01-01

    Full Text Available This paper discusses aims, architecture, and security issues of Smart Grid, taking care of the lesson learned at University of Pisa in research projects on smart energy and grid. A key element of Smart Grid is the energy home area network (HAN, for which an implementation is proposed, dealing with its security aspects and showing some solutions for realizing a wireless network based on ZigBee. Possible hardware-software architectures and implementations using COTS (Commercial Off The Shelf components are presented for key building blocks of the energy HAN such as smart power meters and plugs and a home smart information box providing energy management policy and supporting user's energy awareness.

  6. A Simulation Study Comparing Epidemic Dynamics on Exponential Random Graph and Edge-Triangle Configuration Type Contact Network Models

    Science.gov (United States)

    Rolls, David A.; Wang, Peng; McBryde, Emma; Pattison, Philippa; Robins, Garry

    2015-01-01

    We compare two broad types of empirically grounded random network models in terms of their abilities to capture both network features and simulated Susceptible-Infected-Recovered (SIR) epidemic dynamics. The types of network models are exponential random graph models (ERGMs) and extensions of the configuration model. We use three kinds of empirical contact networks, chosen to provide both variety and realistic patterns of human contact: a highly clustered network, a bipartite network and a snowball sampled network of a “hidden population”. In the case of the snowball sampled network we present a novel method for fitting an edge-triangle model. In our results, ERGMs consistently capture clustering as well or better than configuration-type models, but the latter models better capture the node degree distribution. Despite the additional computational requirements to fit ERGMs to empirical networks, the use of ERGMs provides only a slight improvement in the ability of the models to recreate epidemic features of the empirical network in simulated SIR epidemics. Generally, SIR epidemic results from using configuration-type models fall between those from a random network model (i.e., an Erdős-Rényi model) and an ERGM. The addition of subgraphs of size four to edge-triangle type models does improve agreement with the empirical network for smaller densities in clustered networks. Additional subgraphs do not make a noticeable difference in our example, although we would expect the ability to model cliques to be helpful for contact networks exhibiting household structure. PMID:26555701

  7. A Secure Trust Establishment Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Farruh Ishmanov

    2014-01-01

    Full Text Available Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior.

  8. Wireless sensors and sensor networks for homeland security applications.

    Science.gov (United States)

    Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

    2012-11-01

    New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

  9. A Novel Model of Conforming Delaunay Triangulation for Sensor Network Configuration

    Directory of Open Access Journals (Sweden)

    Yan Ma

    2015-01-01

    Full Text Available Delaunay refinement is a technique for generating unstructured meshes of triangles for sensor network configuration engineering practice. A new method for solving Delaunay triangulation problem is proposed in this paper, which is called endpoint triangle’s circumcircle model (ETCM. As compared with the original fractional node refinement algorithms, the proposed algorithm can get well refinement stability with least time cost. Simulations are performed under five aspects including refinement stability, the number of additional nodes, time cost, mesh quality after intruding additional nodes, and the aspect ratio improved by single additional node. All experimental results show the advantages of the proposed algorithm as compared with the existing algorithms and confirm the algorithm analysis sufficiently.

  10. General expression for the component size distribution in infinite configuration networks.

    Science.gov (United States)

    Kryven, Ivan

    2017-05-01

    In the infinite configuration network the links between nodes are assigned randomly with the only restriction that the degree distribution has to match a predefined function. This work presents a simple equation that gives for an arbitrary degree distribution the corresponding size distribution of connected components. This equation is suitable for fast and stable numerical computations up to the machine precision. The analytical analysis reveals that the asymptote of the component size distribution is completely defined by only a few parameters of the degree distribution: the first three moments, scale, and exponent (if applicable). When the degree distribution features a heavy tail, multiple asymptotic modes are observed in the component size distribution that, in turn, may or may not feature a heavy tail.

  11. Profile-based adaptive anomaly detection for network security.

    Energy Technology Data Exchange (ETDEWEB)

    Zhang, Pengchu C. (Sandia National Laboratories, Albuquerque, NM); Durgin, Nancy Ann

    2005-11-01

    As information systems become increasingly complex and pervasive, they become inextricably intertwined with the critical infrastructure of national, public, and private organizations. The problem of recognizing and evaluating threats against these complex, heterogeneous networks of cyber and physical components is a difficult one, yet a solution is vital to ensuring security. In this paper we investigate profile-based anomaly detection techniques that can be used to address this problem. We focus primarily on the area of network anomaly detection, but the approach could be extended to other problem domains. We investigate using several data analysis techniques to create profiles of network hosts and perform anomaly detection using those profiles. The ''profiles'' reduce multi-dimensional vectors representing ''normal behavior'' into fewer dimensions, thus allowing pattern and cluster discovery. New events are compared against the profiles, producing a quantitative measure of how ''anomalous'' the event is. Most network intrusion detection systems (IDSs) detect malicious behavior by searching for known patterns in the network traffic. This approach suffers from several weaknesses, including a lack of generalizability, an inability to detect stealthy or novel attacks, and lack of flexibility regarding alarm thresholds. Our research focuses on enhancing current IDS capabilities by addressing some of these shortcomings. We identify and evaluate promising techniques for data mining and machine-learning. The algorithms are ''trained'' by providing them with a series of data-points from ''normal'' network traffic. A successful algorithm can be trained automatically and efficiently, will have a low error rate (low false alarm and miss rates), and will be able to identify anomalies in ''pseudo real-time'' (i.e., while the intrusion is still in progress

  12. A multi-layered network of the (Colombian) sovereign securities market

    NARCIS (Netherlands)

    Renneboog, Luc; Leon Rincon, Carlos; Pérez, Jhonatan; Alexandrova-Kabadjova, Bilana; Diehl, Martin; Heuver, Richard; Martinez-Jaramillo, Serafín

    2015-01-01

    We study the network of Colombian sovereign securities settlements. With data from the settlement market infrastructure we study financial institutions’ transactions from three different trading and registering individual networks that we combine into a multi-layer network. Examining this network of

  13. Physical and Cross-Layer Security Enhancement and Resource Allocation for Wireless Networks

    Science.gov (United States)

    Bashar, Muhammad Shafi Al

    2011-01-01

    In this dissertation, we present novel physical (PHY) and cross-layer design guidelines and resource adaptation algorithms to improve the security and user experience in the future wireless networks. Physical and cross-layer wireless security measures can provide stronger overall security with high efficiency and can also provide better…

  14. Securing VoIP keeping your VoIP network safe

    CERN Document Server

    (Bud) Bates, Regis J Jr

    2015-01-01

    Securing VoIP: Keeping Your VoIP Network Safe will show you how to take the initiative to prevent hackers from recording and exploiting your company's secrets. Drawing upon years of practical experience and using numerous examples and case studies, technology guru Bud Bates discusses the business realities that necessitate VoIP system security and the threats to VoIP over both wire and wireless networks. He also provides essential guidance on how to conduct system security audits and how to integrate your existing IT security plan with your VoIP system and security plans, helping you prevent

  15. Network security system for health and medical information using smart IC card

    Science.gov (United States)

    Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

    1998-07-01

    A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

  16. A method for secure communications over a public fiber-optical network.

    Science.gov (United States)

    Wu, Bernard B; Narimanov, Evgenii E

    2006-05-01

    We develop a spread-spectrum based approach to secure communications over existing fiber-optical networks. Secure transmission for a dedicated user is achieved by overlaying a covert channel onto a host channel in the existing active fiber link. The covert channel is optically encoded and temporally spread, and has average power below the noise floor in the fiber, making it hidden for a direct detection thus allowing for cryptographic and steganographic security capabilities. The presence for the host channel in the network provides an ad hoc security expansion and increases the difficulty for an eavesdropper to intercept and decode the secure signal.

  17. The research of network database security technology based on web service

    Science.gov (United States)

    Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

    2013-03-01

    Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

  18. Who Speaks for the European Border Security Industry? A Network Analysis

    NARCIS (Netherlands)

    Baird, T.E.

    2017-01-01

    This article contributes to the literature on the European border security industry with a network analysis of a new bipartite data set. The network is composed of speakers and their speech topics at a European border security conference taking place from 2008 to 2015. Speakers are linked to

  19. Secure-Network-Coding-Based File Sharing via Device-to-Device Communication

    Directory of Open Access Journals (Sweden)

    Lei Wang

    2017-01-01

    Full Text Available In order to increase the efficiency and security of file sharing in the next-generation networks, this paper proposes a large scale file sharing scheme based on secure network coding via device-to-device (D2D communication. In our scheme, when a user needs to share data with others in the same area, the source node and all the intermediate nodes need to perform secure network coding operation before forwarding the received data. This process continues until all the mobile devices in the networks successfully recover the original file. The experimental results show that secure network coding is very feasible and suitable for such file sharing. Moreover, the sharing efficiency and security outperform traditional replication-based sharing scheme.

  20. Design and Analysis of Secure Routing Protocol for Wireless Sensor Networks

    Science.gov (United States)

    Wang, Jiong; Zhang, Hua

    2017-09-01

    In recent years, with the development of science and technology and the progress of the times, China's wireless network technology has become increasingly prosperous and it plays an important role in social production and life. In this context, in order to further to enhance the stability of wireless network data transmission and security enhancements, the staff need to focus on routing security and carry out related work. Based on this, this paper analyzes the design of wireless sensor based on secure routing protocol.

  1. Towards adaptive security for convergent wireless sensor networks in beyond 3G environments

    DEFF Research Database (Denmark)

    Mitseva, Anelia; Aivaloglou, Efthimia; Marchitti, Maria-Antonietta

    2010-01-01

    The integration of wireless sensor networks with different network systems gives rise to many research challenges to ensure security, privacy and trust in the overall architecture. The main contribution of this paper is a generic security, privacy and trust framework providing context...... environments. Performance evaluation results demonstrate the feasibility and estimate the benefits of the security framework for a variety of scenarios. Copyright (C) 2008 John Wiley & Sons, Ltd....

  2. Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

    Science.gov (United States)

    Fathirad, Iraj; Devlin, John; Jiang, Frank

    2012-09-01

    The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

  3. Network Coding Based Security for Routing Attacks in WRN: Frechet Interference and Rayleigh Outage Evaluation

    Directory of Open Access Journals (Sweden)

    R. Villalpando-Hernández

    2011-08-01

    Full Text Available We present a network coding security method capable of detecting several routing attacks in wireless reconfigurablenetworks. Routing security attacks include selective forwarding, black holes, and wormholes. The proposed methodperforms linear network coding over intermediate nodes composing a given route, not only to distribute content, butalso to provide data confidentiality by cooperation as a mechanism of detection. The method presents a robust,accurate and fast response under security attacks for varying network conditions, such as interference and outagedue to channel fading. It also provides a gain in network throughput by increasing the number of successfully receivedpackets without a significant increase of the bandwidth usage.

  4. Covering the Monitoring Network: A Unified Framework to Protect E-Commerce Security

    OpenAIRE

    Qiu,Lirong; Li, Jie

    2017-01-01

    Multimedia applications in smart electronic commerce (e-commerce), such as online trading and Internet marketing, always face security in storage and transmission of digital images and videos. This study addresses the problem of security in e-commerce and proposes a unified framework to analyze the security data. First, to allocate the definite security resources optimally, we build our e-commerce monitoring model as an undirected network, where a monitored node is a vertex of the graph and a...

  5. Security Event Counts Estimate in Automated Systems for Network Attacks Detection

    Directory of Open Access Journals (Sweden)

    D. O. Kovalev

    2011-03-01

    Full Text Available Information security monitoring systems specifics in large automated systems are being analyzed. Security events distribution for different time intervals was determined and further used to estimate the security events counts. Proposed events counts estimate method is based on a dynamically updated table of moments. This method allows to determine the acceptable number of security events at different time intervals as well as exceeding situations which are being the signal for abnormal network activity.

  6. On the security and energy consumption estimation of wireless sensor network protocols

    OpenAIRE

    Zhang, Fan

    2012-01-01

    peer-reviewed Along with the recent rapid development of Wireless Sensor Network (WSN) systems, the range of attacks against WSN routing protocols have grown. As a result, there is an increased need for secure WSN routing protocols. WSN routing protocols should be secured once they are involved in sensitive data transmission. However, secure routing protocols require extra time and energy for security computations. Further, due to the limited power supply of WSN nodes, it is useful to theo...

  7. Establishment of a Standard Analytical Model of Distribution Network with Distributed Generators and Development of Multi Evaluation Method for Network Configuration Candidates

    Science.gov (United States)

    Hayashi, Yasuhiro; Kawasaki, Shoji; Matsuki, Junya; Matsuda, Hiroaki; Sakai, Shigekazu; Miyazaki, Teru; Kobayashi, Naoki

    Since a distribution network has many sectionalizing switches, there are huge radial network configuration candidates by states (opened or closed) of sectionalizing switches. Recently, the total number of distributed generation such as photovoltaic generation system and wind turbine generation system connected to the distribution network is drastically increased. The distribution network with the distributed generators must be operated keeping reliability of power supply and power quality. Therefore, the many configurations of the distribution network with the distributed generators must be evaluated multiply from various viewpoints such as distribution loss, total harmonic distortion, voltage imbalance and so on. In this paper, the authors propose a multi evaluation method to evaluate the distribution network configuration candidates satisfied with constraints of voltage and line current limit from three viewpoints ((1) distribution loss, (2) total harmonic distortion and (3) voltage imbalance). After establishing a standard analytical model of three sectionalized and three connected distribution network configuration with distributed generators based on the practical data, the multi evaluation for the established model is carried out by using the proposed method based on EMTP (Electro-Magnetic Transients Programs).

  8. SECURITY ANALYSIS OF WIRELESS NETWORKS USING WEP-TECHNOLOGIES

    OpenAIRE

    Юдін, О.; Національний авіаційний університет; Весельська, О.; Національний авіаційний університет

    2013-01-01

    In the article the quality of information security in wireless networks by using WEP-encryption scheme and RC4 symmetrical streaming algorithm was studied. The tips and ways to improve the security of information are given. В статье исследована эффективность защиты информационных ресурсов в беспроводных сетях на основе использования WEP-протокола и симметричного алгоритма шифрования RC4. Рассмотрены пути и дальнейшие возможности повышения эффективности методов защиты информации. У стат...

  9. New-generation security network with synergistic IP sensors

    Science.gov (United States)

    Peshko, Igor

    2007-09-01

    Global Dynamic Monitoring and Security Network (GDMSN) for real-time monitoring of (1) environmental and atmospheric conditions: chemical, biological, radiological and nuclear hazards, climate/man-induced catastrophe areas and terrorism threats; (2) water, soil, food chain quantifiers, and public health care; (3) large government/public/ industrial/ military areas is proposed. Each GDMSN branch contains stationary or mobile terminals (ground, sea, air, or space manned/unmanned vehicles) equipped with portable sensors. The sensory data are transferred via telephone, Internet, TV, security camera and other wire/wireless or optical communication lines. Each sensor is a self-registering, self-reporting, plug-and-play, portable unit that uses unified electrical and/or optical connectors and operates with IP communication protocol. The variant of the system based just on optical technologies cannot be disabled by artificial high-power radio- or gamma-pulses or sunbursts. Each sensor, being supplied with a battery and monitoring means, can be used as a separate portable unit. Military personnel, police officers, firefighters, miners, rescue teams, and nuclear power plant personnel may individually use these sensors. Terminals may be supplied with sensors essential for that specific location. A miniature "universal" optical gas sensor for specific applications in life support and monitoring systems was designed and tested. The sensor is based on the physics of absorption and/or luminescence spectroscopy. It can operate at high pressures and elevated temperatures, such as in professional and military diving equipment, submarines, underground shelters, mines, command stations, aircraft, space shuttles, etc. To enable this capability, the multiple light emitters, detectors and data processing electronics are located within a specially protected chamber.

  10. E-commerce System Security Assessment based on Bayesian Network Algorithm Research

    OpenAIRE

    Ting Li; Xin Li

    2013-01-01

    Evaluation of e-commerce network security is based on assessment method Bayesian networks, and it first defines the vulnerability status of e-commerce system evaluation index and the vulnerability of the state model of e-commerce systems, and after the principle of the Bayesian network reliability of e-commerce system and the criticality of the vulnerabilities were analyzed, experiments show that the change method is a good evaluation of the security of e-commerce systems.

  11. Social Milieu Oriented Routing: A New Dimension to Enhance Network Security in WSNs.

    Science.gov (United States)

    Liu, Lianggui; Chen, Li; Jia, Huiling

    2016-02-19

    In large-scale wireless sensor networks (WSNs), in order to enhance network security, it is crucial for a trustor node to perform social milieu oriented routing to a target a trustee node to carry out trust evaluation. This challenging social milieu oriented routing with more than one end-to-end Quality of Trust (QoT) constraint has proved to be NP-complete. Heuristic algorithms with polynomial and pseudo-polynomial-time complexities are often used to deal with this challenging problem. However, existing solutions cannot guarantee the efficiency of searching; that is, they can hardly avoid obtaining partial optimal solutions during a searching process. Quantum annealing (QA) uses delocalization and tunneling to avoid falling into local minima without sacrificing execution time. This has been proven a promising way to many optimization problems in recently published literatures. In this paper, for the first time, with the help of a novel approach, that is, configuration path-integral Monte Carlo (CPIMC) simulations, a QA-based optimal social trust path (QA_OSTP) selection algorithm is applied to the extraction of the optimal social trust path in large-scale WSNs. Extensive experiments have been conducted, and the experiment results demonstrate that QA_OSTP outperforms its heuristic opponents.

  12. Social Milieu Oriented Routing: A New Dimension to Enhance Network Security in WSNs

    Directory of Open Access Journals (Sweden)

    Lianggui Liu

    2016-02-01

    Full Text Available In large-scale wireless sensor networks (WSNs, in order to enhance network security, it is crucial for a trustor node to perform social milieu oriented routing to a target a trustee node to carry out trust evaluation. This challenging social milieu oriented routing with more than one end-to-end Quality of Trust (QoT constraint has proved to be NP-complete. Heuristic algorithms with polynomial and pseudo-polynomial-time complexities are often used to deal with this challenging problem. However, existing solutions cannot guarantee the efficiency of searching; that is, they can hardly avoid obtaining partial optimal solutions during a searching process. Quantum annealing (QA uses delocalization and tunneling to avoid falling into local minima without sacrificing execution time. This has been proven a promising way to many optimization problems in recently published literatures. In this paper, for the first time, with the help of a novel approach, that is, configuration path-integral Monte Carlo (CPIMC simulations, a QA-based optimal social trust path (QA_OSTP selection algorithm is applied to the extraction of the optimal social trust path in large-scale WSNs. Extensive experiments have been conducted, and the experiment results demonstrate that QA_OSTP outperforms its heuristic opponents.

  13. A New Method for Creating Efficient Security Policies in Virtual Private Network

    Science.gov (United States)

    Sadeghi, Mohammad Mehdi Gilanian; Mohd Ali, Borhanuddin; Pedram, Hossein; Deghan, Mehdi; Sabaei, Masoud

    One of the most important protocols for implementing tunnels in order to take action of secure virtual private network is IPsec protocol. IPsec policies are used widely in order to limit access to information in security gateways or firewalls. The security treatment, namely (Deny, Allow or Encrypt) is done for outbound as well as inbound traffic by security policies. It is so important that they adjust properly. The current methods for security policies creation as seen in given security requirements are not efficient enough i.e. there are much more created policies than requirements. In this paper, we define a new method to decrease adopted security policies for a specific set of security requirements without any undesirable effect. Our measurement shows that security policies creation will be improved efficiently, and their updating time will be decreased.

  14. Experimental Evaluation of Novel Master-Slave Configurations for Position Control under Random Network Delay and Variable Load for Teleoperation

    Directory of Open Access Journals (Sweden)

    Ahmet Kuzu

    2014-01-01

    Full Text Available This paper proposes two novel master-slave configurations that provide improvements in both control and communication aspects of teleoperation systems to achieve an overall improved performance in position control. The proposed novel master-slave configurations integrate modular control and communication approaches, consisting of a delay regulator to address problems related to variable network delay common to such systems, and a model tracking control that runs on the slave side for the compensation of uncertainties and model mismatch on the slave side. One of the configurations uses a sliding mode observer and the other one uses a modified Smith predictor scheme on the master side to ensure position transparency between the master and slave, while reference tracking of the slave is ensured by a proportional-differentiator type controller in both configurations. Experiments conducted for the networked position control of a single-link arm under system uncertainties and randomly varying network delays demonstrate significant performance improvements with both configurations over the past literature.

  15. A Framework and Comparative Analysis of Control Plane Security of SDN and Conventional Networks

    OpenAIRE

    Abdou, AbdelRahman; van Oorschot, Paul C.; Wan, Tao

    2017-01-01

    Software defined networking implements the network control plane in an external entity, rather than in each individual device as in conventional networks. This architectural difference implies a different design for control functions necessary for essential network properties, e.g., loop prevention and link redundancy. We explore how such differences redefine the security weaknesses in the SDN control plane and provide a framework for comparative analysis which focuses on essential network pr...

  16. End-to-end security in telemedical networks--a practical guideline.

    Science.gov (United States)

    Wozak, Florian; Schabetsberger, Thomas; Ammmenwerth, Elske

    2007-01-01

    The interconnection of medical networks in different healthcare institutions will be constantly increasing over the next few years, which will require concepts for securing medical data during transfer, since transmitting patient related data via potentially insecure public networks is considered a violation of data privacy. The aim of our work was to develop a model-based approach towards end-to-end security which is defined as continuous security from point of origin to point of destination in a communication process. We show that end-to-end security must be seen as a holistic security concept, which comprises the following three major parts: authentication and access control, transport security, as well as system security. For integration into existing security infrastructures abuse case models were used, which extend UML use cases, by elements necessary to describe abusive interactions. Abuse case models can be constructed for each part mentioned above, allowing for potential security risks in communication from point of origin to point of destination to be identified and counteractive measures to be directly derived from the abuse case models. The model-based approach is a guideline to continuous risk assessment and improvement of end-to-end security in medical networks. Validity and relevance to practice will be systematically evaluated using close-to-reality test networks as well as in production environments.

  17. a survey of security vulnerabilities in wireless sensor networks

    African Journals Online (AJOL)

    user

    Current developments in WSN protocols have not taken security into consideration. On the other ... some viable solutions while also elaborating on a number of important security issues. ..... Computer Science and Mobile Computing, Vol. 4,.

  18. Preliminary results of a techno-economic assessment of CO2 capture-network configurations in the industry

    NARCIS (Netherlands)

    Berghout, N.A.; Kuramochi, T.; van den Broek, M.A.; Ramirez, C.A.; Faaij, A.P.C.

    2013-01-01

    This paper evaluated the techno economic performance of several CO2 capture-network configurations for a cluster of sixteen industrial plants in the Netherlands using bottom up analysis. Preliminary findings indicate that centralizing capture equipment instead of capture equipment at plant sites

  19. Formal Specification and Validation of Secure Connection Establishment in a Generic Access Network Scenario

    DEFF Research Database (Denmark)

    Fleischer, Paul; Kristensen, Lars Michael

    2008-01-01

    The Generic Access Network (GAN) architecture is defined by the 3rd Generation Partnership Project (3GPP), and allows telephone services, such as SMS and voice-calls, to be accessed via generic IP networks. The main usage of this is to allow mobile phones to use WiFi in addition to the usual GSM...... network. The GAN specification relies on the Internet Protocol Security layer (IPSec) and the Internet Key Exchange protocol (IKEv2) to provide encryption across IP networks, and thus avoid compromising the security of the telephone networks. The detailed usage of these two Internet protocols (IPSec...

  20. Experimental realization of an entanglement access network and secure multi-party computation

    Science.gov (United States)

    Chang, Xiuying; Deng, Donglin; Yuan, Xinxing; Hou, Panyu; Huang, Yuanyuan; Duan, Luming; Department of Physics, University of Michigan Collaboration; Center for Quantum Information in Tsinghua University Team

    2017-04-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

  1. Transgovernmental Networks in the European Security and Defense Policy

    Directory of Open Access Journals (Sweden)

    Bastien Irondelle

    2010-08-01

    Full Text Available An increasing number of authors describe the European Union as an advanced form of transgovernmentalism. Whether called Europeanization, supranational intergovernmentalism, multilevel governance, administrative fusion or Brusselisation, the transgovernmentalist thesis states that European politics is shaped by the growing interaction of national government officials at every level of the decision-making process. This paper tests the transgovernmentalist thesis by looking at patterns of formal and informal cooperation in the framework of the European Security and Defence Policy (ESDP. The data is based on a questionnaire circulated among 73 defence officials in France, Germany, the United Kingdom and Brussels-based institutions. The results are analyzed through social network analysis. We find that the governance of ESDP is characterized by a weak form of transgovernmentalism, in which cross-border links do exist but formal state actors occupy strategic positions. In particular, two groups display transgovernmental features: a core policy group of crisis management and capability development officials in and around the Council, and a Franco-German group of capital-based defence actors.

  2. Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks.

    Science.gov (United States)

    Lin, Zhaowen; Tao, Dan; Wang, Zhenji

    2017-04-21

    For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller.

  3. Enhanced Security and Pairing-free Handover Authentication Scheme for Mobile Wireless Networks

    Science.gov (United States)

    Chen, Rui; Shu, Guangqiang; Chen, Peng; Zhang, Lijun

    2017-10-01

    With the widely deployment of mobile wireless networks, we aim to propose a secure and seamless handover authentication scheme that allows users to roam freely in wireless networks without worrying about security and privacy issues. Given the open characteristic of wireless networks, safety and efficiency should be considered seriously. Several previous protocols are designed based on a bilinear pairing mapping, which is time-consuming and inefficient work, as well as unsuitable for practical situations. To address these issues, we designed a new pairing-free handover authentication scheme for mobile wireless networks. This scheme is an effective improvement of the protocol by Xu et al., which is suffer from the mobile node impersonation attack. Security analysis and simulation experiment indicate that the proposed protocol has many excellent security properties when compared with other recent similar handover schemes, such as mutual authentication and resistance to known network threats, as well as requiring lower computation and communication cost.

  4. Adaptive Security Architecture based on EC-MQV Algorithm in Personal Network (PN)

    DEFF Research Database (Denmark)

    Mihovska, Albena D.; Prasad, Neeli R.

    2007-01-01

    Abstract — Personal Networks (PNs) have been focused on in order to support the user’s business and private activities without jeopardizing privacy and security of the users and their data. In such a network, it is necessary to produce a proper key agreement method according to the feature...... of the network. One of the features of the network is that the personal devices have deferent capabilities such as computational ability, memory size, transmission power, processing speed and implementation cost. Therefore an adaptive security mechanism should be contrived for such a network of various device...... combinations based on user’s location and device’s capability. The paper proposes new adaptive security architecture with three levels of asymmetric key agreement scheme by using context-aware security manager (CASM) based on elliptic curve cryptosystem (EC-MQV)....

  5. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  6. Main control computer security model of closed network systems protection against cyber attacks

    Science.gov (United States)

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  7. Analysis on the University’s Network Security Level System in the Big Data Era

    Science.gov (United States)

    Li, Tianli

    2017-12-01

    The rapid development of science and technology, the continuous expansion of the scope of computer network applications, has gradually improved the social productive forces, has had a positive impact on the increase production efficiency and industrial scale of China's different industries. Combined with the actual application of computer network in the era of large data, we can see the existence of influencing factors such as network virus, hacker and other attack modes, threatening network security and posing a potential threat to the safe use of computer network in colleges and universities. In view of this unfavorable development situation, universities need to pay attention to the analysis of the situation of large data age, combined with the requirements of network security use, to build a reliable network space security system from the equipment, systems, data and other different levels. To avoid the security risks exist in the network. Based on this, this paper will analyze the hierarchical security system of cyberspace security in the era of large data.

  8. A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    2010-01-01

    ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4's physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist....... In particular, we show that the end-to-end application key establishment protocol is flawed and we propose a secure protocol instead. We do so by using formal verification techniques based on static program analysis and process algebras. We present a way of using formal methods in wireless network security...

  9. A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    2009-01-01

    ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4’s physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist....... In particular we show that the End-to-End Application Key Establishment Protocol is flawed and we propose a secure protocol instead. We do so by using formal verification techniques based on static program analysis and process algebras. We present a way of using formal methods in wireless network security...

  10. Mitigations for Security Vulnerabilities Found in Control System Networks

    Energy Technology Data Exchange (ETDEWEB)

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  11. Performance and Security Evaluation of SDN Networks in OMNeT++/INET

    OpenAIRE

    Tiloca, Marco; Stagkopoulou, Alexandra; Dini, Gianluca

    2016-01-01

    Software Defined Networking (SDN) has been recently introduced as a new communication paradigm in computer networks. By separating the control plane from the data plane and entrusting packet forwarding to straightforward switches, SDN makes it possible to deploy and run networks which are more flexible to manage and easier to configure. This paper describes a set of extensions for the INET framework, which allow researchers and network designers to simulate SDN architectures and evaluate thei...

  12. Design, implementation and security of a typical educational laboratory computer network

    Directory of Open Access Journals (Sweden)

    Martin Pokorný

    2013-01-01

    Full Text Available Computer network used for laboratory training and for different types of network and security experiments represents a special environment where hazardous activities take place, which may not affect any production system or network. It is common that students need to have administrator privileges in this case which makes the overall security and maintenance of such a network a difficult task. We present our solution which has proved its usability for more than three years. First of all, four user requirements on the laboratory network are defined (access to educational network devices, to laboratory services, to the Internet, and administrator privileges of the end hosts, and four essential security rules are stipulated (enforceable end host security, controlled network access, level of network access according to the user privilege level, and rules for hazardous experiments, which protect the rest of the laboratory infrastructure as well as the outer university network and the Internet. The main part of the paper is dedicated to a design and implementation of these usability and security rules. We present a physical diagram of a typical laboratory network based on multiple circuits connecting end hosts to different networks, and a layout of rack devices. After that, a topological diagram of the network is described which is based on different VLANs and port-based access control using the IEEE 802.1x/EAP-TLS/RADIUS authentication to achieve defined level of network access. In the second part of the paper, the latest innovation of our network is presented that covers a transition to the system virtualization at the end host devices – inspiration came from a similar solution deployed at the Department of Telecommunications at Brno University of Technology. This improvement enables a greater flexibility in the end hosts maintenance and a simultaneous network access to the educational devices as well as to the Internet. In the end, a vision of a

  13. Security Concerns and Countermeasures in Network Coding Based Communications Systems: A Survey

    DEFF Research Database (Denmark)

    Nazari Talooki, Vahid; Bassoli, Riccardo; Lucani Rötter, Daniel Enrique

    2015-01-01

    This survey paper shows the state of the art in security mechanisms, where a deep review of the current research and the status of this topic is carried out. We start by introducing network coding and its variety applications in enhancing current traditional networks. In particular, we analyze two...... key protocol types, namely, state-aware and stateless protocols, specifying the benefits and disadvantages of each one of them. We also present the key security assumptions of network coding (NC) systems as well as a detailed analysis of the security goals and threats, both passive and active....... This paper also presents a detailed taxonomy and a timeline of the different NC security mechanisms and schemes reported in the literature. Current proposed security mechanisms and schemes for NC in the literature are classified later. Finally a timeline of these mechanism and schemes is presented....

  14. Integrating - VPN and IDS - An approach to Networks Security

    OpenAIRE

    Prabha Rani; Yogesh Chaba; Yudhvir Singh

    2007-01-01

    The Internet and recent global cyber terrorism have fundamentally changed the way organizations approach security. Recent worm and virus incidents such as Code Red, Nimda, and the Slammer worm have heightened security awareness. Also, numerous other threats have emerged recently that are particularly troublesome. Hence some solution must be provided to encounter the new generation of complex threats. Building up this solution requires the Integration of different security devices. Also system...

  15. Secure Ad Hoc Networking on an Android Platform

    Science.gov (United States)

    2014-05-01

    development in the area of secure mobile computing recently, including the development of commercial off the shelf (COTS) Android secure platforms such as... Filesystem encryption: from Android 3.0 onwards, full filesystem encryption (using AES128 and SHA256) is supported [Android Security Overview 2013...gapped computer . In order to mitigate some of these issues related to the provisioning of devices we built AOSP with the SE Android MMAC changes

  16. Multinational Corporation as a Regional Economic Security Network

    National Research Council Canada - National Science Library

    Aliona DANILIUC

    2016-01-01

    This paper is about multinational enterprises and regional security economic, summarizes and synthesizes different strands of literature, to present conclusions on the potential role of multinational...

  17. Towards a Bio-inspired Security Framework for Mission-Critical Wireless Sensor Networks

    Science.gov (United States)

    Ren, Wei; Song, Jun; Ma, Zhao; Huang, Shiyong

    Mission-critical wireless sensor networks (WSNs) have been found in numerous promising applications in civil and military fields. However, the functionality of WSNs extensively relies on its security capability for detecting and defending sophisticated adversaries, such as Sybil, worm hole and mobile adversaries. In this paper, we propose a bio-inspired security framework to provide intelligence-enabled security mechanisms. This scheme is composed of a middleware, multiple agents and mobile agents. The agents monitor the network packets, host activities, make decisions and launch corresponding responses. Middleware performs an infrastructure for the communication between various agents and corresponding mobility. Certain cognitive models and intelligent algorithms such as Layered Reference Model of Brain and Self-Organizing Neural Network with Competitive Learning are explored in the context of sensor networks that have resource constraints. The security framework and implementation are also described in details.

  18. Sharing Information: Report on the LIBER Library Security Network (LSN Since 2002

    Directory of Open Access Journals (Sweden)

    Erland Kolding Nielsen

    2008-09-01

    Full Text Available On 2 July 2002, the Executive Board of LIBER, in line with the Copenhagen Principles of 14 May 2002, endorsed the establishment of a Library Security Network to facilitate the exchange of confidential security information among European national, university and other important research libraries with valuable collections. The Network came into being at the end of 2002. It has now been running for more than five years. The objective was, and is, to create a safe information and communication network, based on e-mail, for European library directors and security managers. This paper aims to review the experience: Has the system worked? Has it helped in terms of preventing crime, in solving crimes, in raising security awareness among the member institutions? Furthermore, the aim is to contribute to a revision in the broader perspective of a European context: Is it enough? Should it work otherwise? Are there other channels of information? Should the Network be expanded?

  19. Real-time stress monitoring of highway bridges with a secured wireless sensor network.

    Science.gov (United States)

    2011-12-01

    "This collaborative research aims to develop a real-time stress monitoring system for highway bridges with a secured wireless sensor network. The near term goal is to collect wireless sensor data under different traffic patterns from local highway br...

  20. Security Situation Assessment of All-Optical Network Based on Evidential Reasoning Rule

    Directory of Open Access Journals (Sweden)

    Zhong-Nan Zhao

    2016-01-01

    Full Text Available It is important to determine the security situations of the all-optical network (AON, which is more vulnerable to hacker attacks and faults than other networks in some cases. A new approach of the security situation assessment to the all-optical network is developed in this paper. In the new assessment approach, the evidential reasoning (ER rule is used to integrate various evidences of the security factors including the optical faults and the special attacks in the AON. Furthermore, a new quantification method of the security situation is also proposed. A case study of an all-optical network is conducted to demonstrate the effectiveness and the practicability of the new proposed approach.

  1. Active Power Distribution Network Security Monitoring System Based on PDMiner Platform

    National Research Council Canada - National Science Library

    CHANG Cheng

    2017-01-01

    ...,using the data mining technology and distributed parallel computing method,establishing an active distribution network security monitoring system model based on PDMiner large data mining platform...

  2. Representing humans in system security models: An actor-network approach

    NARCIS (Netherlands)

    Pieters, Wolter

    2011-01-01

    System models to assess the vulnerability of information systems to security threats typically represent a physical infrastructure (buildings) and a digital infrastructure (computers and networks), in combination with an attacker traversing the system while acquiring credentials. Other humans are

  3. Real-time security extensions for EPCglobal networks case study for the pharmaceutical industry

    CERN Document Server

    Schapranow, Matthieu-P

    2014-01-01

    This book reviews the design of real-time security extensions for EPCglobal networks based on in-memory technology, presents authentication protocols for devices with low computational resources and outlines steps for implementing history-based access control.

  4. Fair Secure Computation with Reputation Assumptions in the Mobile Social Networks

    Directory of Open Access Journals (Sweden)

    Yilei Wang

    2015-01-01

    Full Text Available With the rapid development of mobile devices and wireless technologies, mobile social networks become increasingly available. People can implement many applications on the basis of mobile social networks. Secure computation, like exchanging information and file sharing, is one of such applications. Fairness in secure computation, which means that either all parties implement the application or none of them does, is deemed as an impossible task in traditional secure computation without mobile social networks. Here we regard the applications in mobile social networks as specific functions and stress on the achievement of fairness on these functions within mobile social networks in the presence of two rational parties. Rational parties value their utilities when they participate in secure computation protocol in mobile social networks. Therefore, we introduce reputation derived from mobile social networks into the utility definition such that rational parties have incentives to implement the applications for a higher utility. To the best of our knowledge, the protocol is the first fair secure computation in mobile social networks. Furthermore, it finishes within constant rounds and allows both parties to know the terminal round.

  5. Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

    Science.gov (United States)

    Roy-Chowdhury, Ayan (Inventor); Baras, John S. (Inventor)

    2014-01-01

    A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

  6. Cyber-security for the Controller Area Network (CAN) communication protocol

    OpenAIRE

    Lin, CW; Sangiovanni-Vincentelli, A

    2013-01-01

    We propose a security mechanism to help prevent cyber-attacks (masquerade and replay) in vehicles with architecture based on Controller Area Network (CAN). We focus on CAN as it will likely continue being used in upcoming in-vehicle architectures. The CAN protocol contains no direct support for secure communications. Retrofitting the protocol with security mechanisms poses several challenges given the very limited data rates available (e.g., 500kbps) since bus utilization may significantly in...

  7. Enhanced Stochastic Methodology for Combined Architecture of E-Commerce and Security Networks

    OpenAIRE

    Song-Kyoo Kim

    2009-01-01

    This paper deals with network architecture which is a combination of electronic commerce and security systems in the typical Internet ecosystems. The e-commerce model that is typically known as online shopping can be considered as a multichannel queueing system. In the other hand, stochastic security system is designed for improving the reliability and availability of the e-commerce system. The security system in this paper deals with a complex system that consists of main unreliable servers,...

  8. A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design

    NARCIS (Netherlands)

    Selimis, G.; Huang, L.; Massé, F.; Tsekoura, I.; Ashouei, M.; Catthoor, F.; Huisken, J.; Stuyt, J.; Dolmans, G.; Penders, J.; Groot, H. de

    2011-01-01

    In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating

  9. Sensor & Model Enabled Water Quality & Security Assessment System for Situational Awareness of Water Distribution Networks

    Science.gov (United States)

    2010-06-01

    Distribution Networks NDIA Environment , Energy Security & Sustainability Symposium & Exhibition June 14-17,2010 Denver, Colorado Mark Ginsberg...for public release; distribution unlimited 13. SUPPLEMENTARY NOTES Presented at the NDIA Environment , Energy Security & Sustainability (E2S2...Chlorfenvinphos, Formetanate Hydrochloride, Acrolein, Chloropicrin, Sodium chloroacetate, Thyoglycolate medium, Crotoxyphos, Glyphosate , Jimsonweed, Methanol

  10. Formal assessment instrument for ensuring the security of NASA's networks, systems and software

    Science.gov (United States)

    Gilliam, D. P.; Powell, J. D.; Sherif, J.

    2002-01-01

    To address the problem of security for NASA's networks, systems and software, NASA has funded the Jet Propulsion Lab in conjunction with UC Davis to begin work on developing a software security assessment instrument for use in the software development and maintenance life cycle.

  11. A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

    Science.gov (United States)

    Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

    2011-10-01

    In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

  12. Aspects of healthcare computer networks security in the education of students of medicine and healthcare management

    OpenAIRE

    Mircheva, Iskra

    2001-01-01

    Preserving privacy and confidentiality of medical data has always been a fundamental question in medicine and healthcare. Information technologies state even greater requirements to medical data security, especially when, as expected, medical data should be transferred between the different healthcare providers using specialized or public computer networks. The presented paper outlines some basic requirements to healthcare networks security, with which the future medical specialists should ...

  13. Security issues in healthcare applications using wireless medical sensor networks: a survey.

    Science.gov (United States)

    Kumar, Pardeep; Lee, Hoon-Jae

    2012-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  14. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    Science.gov (United States)

    Kumar, Pardeep; Lee, Hoon-Jae

    2012-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs. PMID:22368458

  15. Security Frameworks for Machine-to-Machine Devices and Networks

    Science.gov (United States)

    Demblewski, Michael

    Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

  16. Discussion on the Technology and Method of Computer Network Security Management

    Science.gov (United States)

    Zhou, Jianlei

    2017-09-01

    With the rapid development of information technology, the application of computer network technology has penetrated all aspects of society, changed people's way of life work to a certain extent, brought great convenience to people. But computer network technology is not a panacea, it can promote the function of social development, but also can cause damage to the community and the country. Due to computer network’ openness, easiness of sharing and other characteristics, it had a very negative impact on the computer network security, especially the loopholes in the technical aspects can cause damage on the network information. Based on this, this paper will do a brief analysis on the computer network security management problems and security measures.

  17. Mitigating Risk to DOD Information Networks by Improving Network Security in Third-Party Information Networks

    Science.gov (United States)

    2016-06-01

    Financial Services 119, no. 7 (July 2015): 46. 19 Elinor Mills , “Pentagon Spends over $100 Million on Cyberattack Cleanup,” CNET News, April 7, 2009, http...Compliance Week, November 25, 2014, 64. 23 John Keller, “Defense Industry Concerned about Cyber Security; Not Sure Where to turn for Help,” Military...results of the author’s Google search of TRANSCOM contracts. 31 Stuart McClure, Joel Scambray, and George Kurtz, Hacking Exposed, 7th ed. (New York

  18. Dim Networks: The Utility of Social Network Analysis for Illuminating Partner Security Force Networks

    Science.gov (United States)

    2015-12-01

    Eigenvector centrality ......................................................88 xii THIS PAGE INTENTIONALLY LEFT BLANK xiii LIST OF ACRONYMS AND...should be engaged. This determination will be based on simple SNA centrality measures, total degree,9 betweenness,10 closeness,11 and Eigenvector ...11 Closeness centrality measures how close each node is to all the other nodes in a network by their path distance. 12 Eigenvector centrality

  19. A Feedback-Based Secure Path Approach for Wireless Sensor Network Data Collection

    Directory of Open Access Journals (Sweden)

    Guiyi Wei

    2010-10-01

    Full Text Available The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose.

  20. Cooperative Jamming for Physical Layer Security in Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Rohokale, Vandana M.; Prasad, Neeli R.; Prasad, Ramjee

    2012-01-01

    Interference is generally considered as the redundant and unwanted occurrence in wireless communication. This work proposes a novel cooperative jamming mechanism for scalable networks like Wireless Sensor Networks (WSNs) which makes use of friendly interference to confuse the eavesdropper...

  1. Wireless Sensor Network Security Enhancement Using Directional Antennas: State of the Art and Research Challenges.

    Science.gov (United States)

    Curiac, Daniel-Ioan

    2016-04-07

    Being often deployed in remote or hostile environments, wireless sensor networks are vulnerable to various types of security attacks. A possible solution to reduce the security risks is to use directional antennas instead of omnidirectional ones or in conjunction with them. Due to their increased complexity, higher costs and larger sizes, directional antennas are not traditionally used in wireless sensor networks, but recent technology trends may support this method. This paper surveys existing state of the art approaches in the field, offering a broad perspective of the future use of directional antennas in mitigating security risks, together with new challenges and open research issues.

  2. Wireless Sensor Network Security Enhancement Using Directional Antennas: State of the Art and Research Challenges

    Directory of Open Access Journals (Sweden)

    Daniel-Ioan Curiac

    2016-04-01

    Full Text Available Being often deployed in remote or hostile environments, wireless sensor networks are vulnerable to various types of security attacks. A possible solution to reduce the security risks is to use directional antennas instead of omnidirectional ones or in conjunction with them. Due to their increased complexity, higher costs and larger sizes, directional antennas are not traditionally used in wireless sensor networks, but recent technology trends may support this method. This paper surveys existing state of the art approaches in the field, offering a broad perspective of the future use of directional antennas in mitigating security risks, together with new challenges and open research issues.

  3. Algorithm for complete enumeration based on a stroke graph to solve the supply network configuration and operations scheduling problem

    Directory of Open Access Journals (Sweden)

    Julien Maheut

    2013-07-01

    Full Text Available Purpose: The purpose of this paper is to present an algorithm that solves the supply network configuration and operations scheduling problem in a mass customization company that faces alternative operations for one specific tool machine order in a multiplant context. Design/methodology/approach: To achieve this objective, the supply chain network configuration and operations scheduling problem is presented. A model based on stroke graphs allows the design of an algorithm that enumerates all the feasible solutions. The algorithm considers the arrival of a new customized order proposal which has to be inserted into a scheduled program. A selection function is then used to choose the solutions to be simulated in a specific simulation tool implemented in a Decision Support System. Findings and Originality/value: The algorithm itself proves efficient to find all feasible solutions when alternative operations must be considered. The stroke structure is successfully used to schedule operations when considering more than one manufacturing and supply option in each step. Research limitations/implications: This paper includes only the algorithm structure for a one-by-one, sequenced introduction of new products into the list of units to be manufactured. Therefore, the lotsizing process is done on a lot-per-lot basis. Moreover, the validation analysis is done through a case study and no generalization can be done without risk. Practical implications: The result of this research would help stakeholders to determine all the feasible and practical solutions for their problem. It would also allow to assessing the total costs and delivery times of each solution. Moreover, the Decision Support System proves useful to assess alternative solutions. Originality/value: This research offers a simple algorithm that helps solve the supply network configuration problem and, simultaneously, the scheduling problem by considering alternative operations. The proposed system

  4. Epidemics in Networks : Modeling, Optimization and Security Games

    NARCIS (Netherlands)

    Omic, J.

    2010-01-01

    Epidemic theory has wide range of applications in computer networks, from spreading of malware to the information dissemination algorithms. Our society depends more strongly than ever on such computer networks. Many of these networks rely to a large extent on decentralization and self-organization.

  5. Effects of spatial configuration of imperviousness and green infrastructure networks on hydrologic response in a residential sewershed

    Science.gov (United States)

    Lim, Theodore C.; Welty, Claire

    2017-09-01

    Green infrastructure (GI) is an approach to stormwater management that promotes natural processes of infiltration and evapotranspiration, reducing surface runoff to conventional stormwater drainage infrastructure. As more urban areas incorporate GI into their stormwater management plans, greater understanding is needed on the effects of spatial configuration of GI networks on hydrological performance, especially in the context of potential subsurface and lateral interactions between distributed facilities. In this research, we apply a three-dimensional, coupled surface-subsurface, land-atmosphere model, ParFlow.CLM, to a residential urban sewershed in Washington DC that was retrofitted with a network of GI installations between 2009 and 2015. The model was used to test nine additional GI and imperviousness spatial network configurations for the site and was compared with monitored pipe-flow data. Results from the simulations show that GI located in higher flow-accumulation areas of the site intercepted more surface runoff, even during wetter and multiday events. However, a comparison of the differences between scenarios and levels of variation and noise in monitored data suggests that the differences would only be detectable between the most and least optimal GI/imperviousness configurations.

  6. Reprogrammable Radiation Tolerant Secure Network Access Module Project

    Data.gov (United States)

    National Aeronautics and Space Administration — Communications security (COMSEC) is essential to satellite communications. Its role continues to grow as the available bandwidth expands to meet the ever increasing...

  7. Using Bayesian Networks and Decision Theory to Model Physical Security

    National Research Council Canada - National Science Library

    Roberts, Nancy

    2003-01-01

    .... Cameras, sensors and other components used along with the simple rules in the home automation software provide an environment where the lights, security and other appliances can be monitored and controlled...

  8. Social Networks Security in Universities: Challenges and Solutions

    National Research Council Canada - National Science Library

    Daniela Popescul; Mircea Georgescu

    2015-01-01

    .... Firstly, we need to understand what their real knowledge in the field is. Then, a serious and consistent adaptation of our courses in Information Security and other subjects and a redefinition of universities...

  9. An Australian Perspective On The Challenges For Computer And Network Security For Novice End-Users

    Directory of Open Access Journals (Sweden)

    Patryk Szewczyk

    2012-12-01

    Full Text Available It is common for end-users to have difficulty in using computer or network security appropriately and thus have often been ridiculed when misinterpreting instructions or procedures. This discussion paper details the outcomes of research undertaken over the past six years on why security is overly complex for end-users. The results indicate that multiple issues may render end-users vulnerable to security threats and that there is no single solution to address these problems. Studies on a small group of senior citizens has shown that educational seminars can be beneficial in ensuring that simple security aspects are understood and used appropriately.

  10. A Probabilistically Weakly Secure Network Coding Scheme in Multipath Routing for WSNs.

    Science.gov (United States)

    Liu, Xiang; Huang, Jie; Gao, Xiang

    2017-05-16

    In wireless sensor networks, nodes are mostly deployed in unsupervised areas and are vulnerable to a variety of attacks. Therefore, data security is a vital aspect to be considered. However, due to the limited computation capability and memory of sensor nodes, it is difficult to perform the complex encryption algorithm, as well as the key distribution and management algorithm. Toward this end, a low-complexity algorithm for security in wireless sensor networks is of significant importance. In this article, a weakly secure network coding based multipath routing scheme is proposed, which can guarantee the data confidentiality in transmission probabilistically, and can improve the energy efficiency in the meantime. Then the simulations of the probability of transmission being secure are performed. The results show that with the increase of the number of hops k, the probability of transmission being secure suffers from a rapid decrease. On the contrary, with the increase of multicast capacity h it undergoes a slight growth. Therefore, the weak security can be achieved with probability approaching 1 by limiting the number of hops and increasing the multicast capacity. Meanwhile, the simulations of energy consumption are performed and the comparison between the energy consumption of the scheme in this article and the multipath routing scheme without network coding is conducted. The results show that by employing network coding, the scheme in this article can improve the energy efficiency, and the more packets transmitted, the more energy consumption can be reduced.

  11. Secure Clustering and Symmetric Key Establishment in Heterogeneous Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Azarderskhsh Reza

    2011-01-01

    Full Text Available Information security in infrastructureless wireless sensor networks (WSNs is one of the most important research challenges. In these networks, sensor nodes are typically sprinkled liberally in the field in order to monitor, gather, disseminate, and provide the sensed data to the command node. Various studies have focused on key establishment schemes in homogeneous WSNs. However, recent research has shown that achieving survivability in WSNs requires a hierarchy and heterogeneous infrastructure. In this paper, to address security issues in the heterogeneous WSNs, we propose a secure clustering scheme along with a deterministic pairwise key management scheme based on public key cryptography. The proposed security mechanism guarantees that any two sensor nodes located in the same cluster and routing path can directly establish a pairwise key without disclosing any information to other nodes. Through security performance evaluation, it is shown that the proposed scheme guarantees node-to-node authentication, high resiliency against node capture, and minimum memory space requirement.

  12. Design and Research of a New secure Authentication Protocol in GSM networks

    Directory of Open Access Journals (Sweden)

    Qi Ai-qin

    2016-01-01

    Full Text Available As the first line of defense in the security application system, Authentication is an important security service. Its typical scheme is challenge/response mechanism and this scheme which is simple-structured and easy to realize has been used worldwide. But these protocols have many following problems In the GSM networks such as the leakage of user indentity privacy, no security protection between home registers and foreign registers and the vicious intruders’ information stealing and so on. This paper presents an authentication protocol in GSM networks based on maths operation and modular square root technique . The analysis of the security and performance has also been done. The results show that it is more robust and secure compared to the previous agreements.

  13. Enhancement of Network Security Techniques using Quantum Cryptography

    OpenAIRE

    Navleen Kaur; Dr. Amardeep Singh,; Sarabpreet Singh

    2011-01-01

    Quantum cryptography uses the law of quantum physics for unconditionally secure data communications. This is a main achievement because the cryptography currently in use, known asconventional cryptography, relies completely on the hardness of a mathematical equation. The advances in quantum computing has threatened the computational security of classical cryptography, which in theory can efficiently compute the hard mathematical problems classical cryptography relies on. This paper makes a co...

  14. The Design of NetSecLab: A Small Competition-Based Network Security Lab

    Science.gov (United States)

    Lee, C. P.; Uluagac, A. S.; Fairbanks, K. D.; Copeland, J. A.

    2011-01-01

    This paper describes a competition-style of exercise to teach system and network security and to reinforce themes taught in class. The exercise, called NetSecLab, is conducted on a closed network with student-formed teams, each with their own Linux system to defend and from which to launch attacks. Students are expected to learn how to: 1) install…

  15. Security of Mobile ad-hoc Wireless Networks. A Brief Survey

    Directory of Open Access Journals (Sweden)

    TILIUTE, D. E.

    2007-11-01

    Full Text Available One of the most present issues of computer wireless networks is the security. Comparing with their wired counterpart, the wireless networks not only accentuate some of the well-known security vulnerabilities but they are subject of new and specific ones. Among the existing wireless networks the ad hoc ones are the most exposed to attacks and collusions due to the absence of any centralized control. The most efficient way to ensure the communication secrecy, inclusively for ad hoc wireless networks, is the cryptography. From many reasons, following from specific operating conditions, the employment of asymmetric key techniques and Public Key Infrastructure is not a realistic choice. In the networks with a large number of nodes, as wireless sensor networks, a large number of secret keys are involved in order to ensure the communication secrecy. While dynamicity is one of the essential features of mobile wireless networks, when nodes may leave or join the network and in the absence of a centralized control entity, the management of secret keys is crucial. The paper presents the main aspects of mobile wireless networks security and focuses on the key management issue in ad-hoc wireless networks.

  16. Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

    Science.gov (United States)

    Ivancic, William D.

    2009-01-01

    A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

  17. AST: Activity-Security-Trust driven modeling of time varying networks.

    Science.gov (United States)

    Wang, Jian; Xu, Jiake; Liu, Yanheng; Deng, Weiwen

    2016-02-18

    Network modeling is a flexible mathematical structure that enables to identify statistical regularities and structural principles hidden in complex systems. The majority of recent driving forces in modeling complex networks are originated from activity, in which an activity potential of a time invariant function is introduced to identify agents' interactions and to construct an activity-driven model. However, the new-emerging network evolutions are already deeply coupled with not only the explicit factors (e.g. activity) but also the implicit considerations (e.g. security and trust), so more intrinsic driving forces behind should be integrated into the modeling of time varying networks. The agents undoubtedly seek to build a time-dependent trade-off among activity, security, and trust in generating a new connection to another. Thus, we reasonably propose the Activity-Security-Trust (AST) driven model through synthetically considering the explicit and implicit driving forces (e.g. activity, security, and trust) underlying the decision process. AST-driven model facilitates to more accurately capture highly dynamical network behaviors and figure out the complex evolution process, allowing a profound understanding of the effects of security and trust in driving network evolution, and improving the biases induced by only involving activity representations in analyzing the dynamical processes.

  18. A scalable key management scheme with minimizing rekey cost for secure multicast over satellite networks

    Science.gov (United States)

    Gao, Junwei; Yang, Zongkai; Xie, Haitao

    2007-11-01

    Satellite networks are playing a more and more important role in network infrastructure. They are useful in providing broadband connectivity to remote locations which are harder to reach through terrestrial infrastructure. Data confidentiality and integrity are two critical issues for satellite networks. The multicast traffic should be accessible only to subscribers, this requires security and efficient methods to generate, distribute and update the keys. Access control can be achieved by data encryption, such as end to end security mechanisms----IPSec. Due to the high rekeying cost, most current key management protocols do not scale well for secure multicast over satellite networks. In this article we proposed a scalable key management scheme to provide secure communication in satellite networks with minimal key management overhead. The principle of this approach is to break up IPSec encryption into multiple encryption zones on a single packet and encrypts different regions of the IP packet using different keys. All of those keys are composed into just only one multi group key tree for secure multicast over satellite networks. The proposed scheme can reduce the communication and storage overhead significantly. In addition, the proposed key graph is scalable well.

  19. SOME QUESTIONS OF THE GRID AND NEURAL NETWORK MODELING OF AIRPORT AVIATION SECURITY CONTROL TASKS

    Directory of Open Access Journals (Sweden)

    N. Elisov Lev

    2017-01-01

    Full Text Available The authors’ original problem-solution-approach concerning aviation security management in civil aviation apply- ing parallel calculation processes method and the usage of neural computers is considered in this work. The statement of secure environment modeling problems for grid models and with the use of neural networks is presented. The research sub- ject area of this article is airport activity in the field of civil aviation, considered in the context of aviation security, defined as the state of aviation security against unlawful interference with the aviation field. The key issue in this subject area is aviation safety provision at an acceptable level. In this case, airport security level management becomes one of the main objectives of aviation security. Aviation security management is organizational-regulation in modern systems that can no longer correspond to changing requirements, increasingly getting complex and determined by external and internal envi- ronment factors, associated with a set of potential threats to airport activity. Optimal control requires the most accurate identification of management parameters and their quantitative assessment. The authors examine the possibility of applica- tion of mathematical methods for the modeling of security management processes and procedures in their latest works. Par- allel computing methods and network neurocomputing for modeling of airport security control processes are examined in this work. It is shown that the methods’ practical application of the methods is possible along with the decision support system, where the decision maker plays the leading role.

  20. A Survey on Security and Privacy in Emerging Sensor Networks: From Viewpoint of Close-Loop.

    Science.gov (United States)

    Zhang, Lifu; Zhang, Heng

    2016-03-26

    Nowadays, as the next generation sensor networks, Cyber-Physical Systems (CPSs) refer to the complex networked systems that have both physical subsystems and cyber components, and the information flow between different subsystems and components is across a communication network, which forms a closed-loop. New generation sensor networks are found in a growing number of applications and have received increasing attention from many inter-disciplines. Opportunities and challenges in the design, analysis, verification and validation of sensor networks co-exists, among which security and privacy are two important ingredients. This paper presents a survey on some recent results in the security and privacy aspects of emerging sensor networks from the viewpoint of the closed-loop. This paper also discusses several future research directions under these two umbrellas.

  1. ESAODV: IMPLEMENTATION AND DESIGN OF SECURE AND EFFICIENT AODV FOR WSN

    OpenAIRE

    Mr. Ojashvi Shivwanshi; Mr. Rahul Patel; Miss Preetika Saxena

    2016-01-01

    A number of different network technologies are now in these days developed using the ad hoc configuration of networks. Among the wireless sensor network is one of most frequently used network technology for application developments. On the other hand the network devices are suffers from the various security and performance issues due to their ad hoc configurations. Therefore the solution for performance improvement and security concerns are required to investigate. In this presented work both...

  2. Sensor Networks Hierarchical Optimization Model for Security Monitoring in High-Speed Railway Transport Hub

    Directory of Open Access Journals (Sweden)

    Zhengyu Xie

    2015-01-01

    Full Text Available We consider the sensor networks hierarchical optimization problem in high-speed railway transport hub (HRTH. The sensor networks are optimized from three hierarchies which are key area sensors optimization, passenger line sensors optimization, and whole area sensors optimization. Case study on a specific HRTH in China showed that the hierarchical optimization method is effective to optimize the sensor networks for security monitoring in HRTH.

  3. Using Reputation Systems and Non-Deterministic Routing to Secure Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Juan-Mariano de Goyeneche

    2009-05-01

    Full Text Available Security in wireless sensor networks is difficult to achieve because of the resource limitations of the sensor nodes. We propose a trust-based decision framework for wireless sensor networks coupled with a non-deterministic routing protocol. Both provide a mechanism to effectively detect and confine common attacks, and, unlike previous approaches, allow bad reputation feedback to the network. This approach has been extensively simulated, obtaining good results, even for unrealistically complex attack scenarios.

  4. Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

    KAUST Repository

    Shafie, Ahmed El

    2017-06-12

    This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

  5. Toward effectiveness and agility of network security situational awareness using moving target defense (MTD)

    Science.gov (United States)

    Ge, Linqiang; Yu, Wei; Shen, Dan; Chen, Genshe; Pham, Khanh; Blasch, Erik; Lu, Chao

    2014-06-01

    Most enterprise networks are built to operate in a static configuration (e.g., static software stacks, network configurations, and application deployments). Nonetheless, static systems make it easy for a cyber adversary to plan and launch successful attacks. To address static vulnerability, moving target defense (MTD) has been proposed to increase the difficulty for the adversary to launch successful attacks. In this paper, we first present a literature review of existing MTD techniques. We then propose a generic defense framework, which can provision an incentive-compatible MTD mechanism through dynamically migrating server locations. We also present a user-server mapping mechanism, which not only improves system resiliency, but also ensures network performance. We demonstrate a MTD with a multi-user network communication and our data shows that the proposed framework can effectively improve the resiliency and agility of the system while achieving good network timeliness and throughput performance.

  6. Trust framework for a secured routing in wireless sensor network

    OpenAIRE

    Ouassila Hoceini; Saïd Talbi; Rachida Aoudjit

    2015-01-01

    Traditional techniques to eliminate insider attacks developed for wired and wireless ad hoc networks are not well suited for wireless sensors networks due to their resource constraints nature. In order to protect WSNs against malicious and selfish behavior, some trust-based systems have recently been modeled. The resource efficiency and dependability of a trust system are the most fundamental requirements for any wireless sensor network (WSN). In this paper, we propose a Trust Framework for a...

  7. 75 FR 76647 - Special Conditions: Boeing Model 747-8 Airplanes, Systems and Data Networks Security-Isolation or...

    Science.gov (United States)

    2010-12-09

    ... 747-8 Airplanes, Systems and Data Networks Security--Isolation or Protection From Unauthorized... information services, than previous 747-8 airplane models. This may allow the exploitation of network security... passenger domain computer systems to the airplane critical systems and data networks. The applicable...

  8. Network gateway security method for enterprise Grid: a literature review

    Science.gov (United States)

    Sujarwo, A.; Tan, J.

    2017-03-01

    The computational Grid has brought big computational resources closer to scientists. It enables people to do a large computational job anytime and anywhere without any physical border anymore. However, the massive and spread of computer participants either as user or computational provider arise problems in security. The challenge is on how the security system, especially the one which filters data in the gateway could works in flexibility depends on the registered Grid participants. This paper surveys what people have done to approach this challenge, in order to find the better and new method for enterprise Grid. The findings of this paper is the dynamically controlled enterprise firewall to secure the Grid resources from unwanted connections with a new firewall controlling method and components.

  9. Mastering System Center 2012 Configuration Manager

    CERN Document Server

    Rachui, Steve; Martinez, Santos; Daalmans, Peter

    2012-01-01

    Expert coverage of Microsoft's highly anticipated network software deployment tool The latest version of System Center Configuration Manager (SCCM) is a dramatic update of its predecessor Configuration Manager 2007, and this book offers intermediate-to-advanced coverage of how the new SCCM boasts a simplified hierarchy, role-based security, a new console, flexible application deployment, and mobile management. You'll explore planning and installation, migrating from SCCM 2007, deploying software and operating systems, security, monitoring and troubleshooting, and automating and customizing SCC

  10. Multinational Corporation as a Regional Economic Security Network

    Directory of Open Access Journals (Sweden)

    Aliona DANILIUC

    2016-12-01

    Full Text Available This paper is about multinational enterprises and regional security economic, summarizes and synthesizes different strands of literature, to present conclusions on the potential role of multinational enterprises in regional economic security in the EU, Ukraine, Moldova. The circumstances under which 'developmental' MNE subsidiaries may emerge in host regions are reviewed and possible routes to cluster formation and the generation of dynamic comparative advantage are explored. Policy issues are discussed, emphasizing the importance of investment in infrastructure, education and other public goods.

  11. Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

    Science.gov (United States)

    Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

    2015-01-01

    Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

  12. Improving cloud network security using tree-rule firewall

    NARCIS (Netherlands)

    He, Xiangjian; Chomsiri, Thawatchai; Nanda, Priyadarsi; Tan, Zhiyuan

    This study proposes a new model of firewall called the ‘Tree-Rule Firewall’, which offers various benefits and is applicable for large networks such as ‘cloud’ networks. The recently available firewalls (i.e., Listed-Rule firewalls) have their limitations in performing the tasks and are inapplicable

  13. Network security vulnerabilities and personal privacy issues in Healthcare Information Systems: a case study in a private hospital in Turkey.

    Science.gov (United States)

    Namoğlu, Nihan; Ulgen, Yekta

    2013-01-01

    Healthcare industry has become widely dependent on information technology and internet as it moves from paper to electronic records. Healthcare Information System has to provide a high quality service to patients and a productive knowledge share between healthcare staff by means of patient data. With the internet being commonly used across hospitals, healthcare industry got its own share from cyber threats like other industries in the world. The challenge is allowing knowledge transfer to hospital staff while still ensuring compliance with security mandates. Working in collaboration with a private hospital in Turkey; this study aims to reveal the essential elements of a 21st century business continuity plan for hospitals while presenting the security vulnerabilities in the current hospital information systems and personal privacy auditing standards proposed by regulations and laws. We will survey the accreditation criteria in Turkey and counterparts in US and EU. We will also interview with medical staff in the hospital to understand the needs for personal privacy and the technical staff to perceive the technical requirements in terms of network security configuration and deployment. As hospitals are adopting electronic transactions, it should be considered a must to protect these electronic health records in terms of personal privacy aspects.

  14. Seluge++: a secure over-the-air programming scheme in wireless sensor networks.

    Science.gov (United States)

    Doroodgar, Farzan; Abdur Razzaque, Mohammad; Isnin, Ismail Fauzi

    2014-03-11

    Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

  15. Seluge++: A Secure Over-the-Air Programming Scheme in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Farzan Doroodgar

    2014-03-01

    Full Text Available Over-the-air dissemination of code updates in wireless sensor networks have been researchers’ point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare. Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

  16. Workshop on Scientific Analysis and Policy in Network Security

    Science.gov (United States)

    2010-09-10

    reducing the burden, to Department of Defense. Washington Headquarters Services, Directorate * focJnformation Operations and Reports (0704-0188), 1215...2001) 15. Mardare, R., Priami, C, Quaglia, P., Vagin , O.: Model checking biological systems described using ambient calculus. Computational Methods...order to increase the performance of performing secure communication between group members. This means for instance that the routing information is

  17. Modelling Public Security Operations: Analysis of the Effect of Key Social, Cognitive, and Informational Factors with Security System Relationship Configurations for Goal Achievement

    Science.gov (United States)

    2012-12-01

    Thesaurus of Engineering and Scientific Terms (TEST) and that thesaurus identified. If it is not possible to select indexing terms which are...structural, functional, normative, human (cognitive and social), physical, and information dimensions, are automatically incorporated into the...the automatic configuration and generation of Brahms agent code, the compilation and execution of the agent environment, and the gathering and display

  18. The effect of tracking network configuration on GPS baseline estimates for the CASA Uno experiment

    Science.gov (United States)

    Wolf, S. Kornreich; Dixon, T. H.; Freymueller, J. T.

    1990-01-01

    The effect of the tracking network on long (greater than 100 km) GPS baseline estimates was estimated using various subsets of the global tracking network initiated by the first Central and South America (CASA Uno) experiment. It was found that best results could be obtained with a global tacking network consisting of three U.S. stations, two sites in the southwestern Pacific, and two sites in Europe. In comparison with smaller subsets, this global network improved the baseline repeatability, the resolution of carrier phase cycle ambiguities, and formal errors of the orbit estimates.

  19. A Novel Re-keying Function Protocol (NRFP For Wireless Sensor Network Security

    Directory of Open Access Journals (Sweden)

    Naif Alsharabi

    2008-12-01

    Full Text Available This paper describes a novel re-keying function protocol (NRFP for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs, covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

  20. Secure and Lightweight Cloud-Assisted Video Reporting Protocol over 5G-Enabled Vehicular Networks

    Science.gov (United States)

    2017-01-01

    In the vehicular networks, the real-time video reporting service is used to send the recorded videos in the vehicle to the cloud. However, when facilitating the real-time video reporting service in the vehicular networks, the usage of the fourth generation (4G) long term evolution (LTE) was proved to suffer from latency while the IEEE 802.11p standard does not offer sufficient scalability for a such congested environment. To overcome those drawbacks, the fifth-generation (5G)-enabled vehicular network is considered as a promising technology for empowering the real-time video reporting service. In this paper, we note that security and privacy related issues should also be carefully addressed to boost the early adoption of 5G-enabled vehicular networks. There exist a few research works for secure video reporting service in 5G-enabled vehicular networks. However, their usage is limited because of public key certificates and expensive pairing operations. Thus, we propose a secure and lightweight protocol for cloud-assisted video reporting service in 5G-enabled vehicular networks. Compared to the conventional public key certificates, the proposed protocol achieves entities’ authorization through anonymous credential. Also, by using lightweight security primitives instead of expensive bilinear pairing operations, the proposed protocol minimizes the computational overhead. From the evaluation results, we show that the proposed protocol takes the smaller computation and communication time for the cryptographic primitives than that of the well-known Eiza-Ni-Shi protocol. PMID:28946633