Current Issue : April - June Volume : 2020 Issue Number : 2 Articles : 5 Articles
Most network security research studies based on signaling games assume that either the attacker or the defender is the sender of\nthe signal and the other party is the receiver of the signal. The attack and defense process is commonly modeled and analyzed from\nthe perspective of one-way signal transmission. Aiming at the reality of two-way signal transmission in network attack and defense\nconfrontation, we propose a method of active defense strategy selection based on a two-way signaling game. In this paper, a twoway\nsignaling game model is constructed to analyze the network attack and defense processes. Based on the solution of a perfect\nBayesian equilibrium, a defense strategy selection algorithm is presented. The feasibility and effectiveness of the method are\nverified using examples from real-world applications. In addition, the mechanism of the deception signal is analyzed, and\nconclusions for guiding the selection of active defense strategies are provided....
The article is dedicated to the development of software application with\ngraphical user interface for analyzing of the operation of Integrated System of\nData Defense from cyber-threats (ISDD) which includes subsystems of detection\nand elimination of vulnerabilities existing in the system, as well as Requests\nof Unauthorized Access (RUA). In the subsystems of eliminations of\nvulnerabilities and queues of unauthorized access considered as multichannel\nqueueing systems with corresponding servers and queues, at random times\nthere come requests to fix threats detected by the system. It is supposed that\nflows of requests demanding to eliminate threats coming to the mentioned\nsubsystems of queueing systems are described with the Poisson distribution\nof probabilities, but processes of their elimination obey exponential law. For\nthe system described above, there has been developed software realization of\ngraphical interface which allows easily to change input parameters and observe\ngraphical reflection of changes of the output indicators of the system....
Most existing approaches for solving the distributed denial-of-service (DDoS) problem\nfocus on specific security mechanisms, for example, network intrusion detection system (NIDS)\ndetection and firewall configuration, rather than on the packet routing approaches to defend\nDDoS threats by new flow management techniques. To defend against DDoS attacks, the present\nstudy proposes a modified particle swarm optimization (PSO) scheme based on an IP traceback\n(IPTBK) technique, designated as PSO-IPTBK, to solve the IP traceback problem. Specifically, this\nwork focuses on analyzing the detection of DDoS attacks to predict the possible attack routes in a\ndistributed network. In the proposed approach, the PSO-IPTBK identifies the source of DDoS\nattacks by reconstructing the probable attack routes from collected network packets. The\nperformance of the PSO-IPTBK algorithm in reconstructing the attack route was investigated\nthrough a series of simulations using OMNeT++ 5.5.1 and the INET 4 Framework. The results\nshow that the proposed scheme can determine the most possible route between the attackers and\nthe victim to defend DDoS attacks....
The physical layer security of downlink nonorthogonal multiple access (NOMA) network is analyzed. In order to improve the\nsecrecy probability, friendly jammers are jointed in the NOMA network. Two jammer schemes are proposed in the NOMA\nnetwork. All the jammers transmit jamming signal without jammer selection in the first scheme (NO JS scheme). Jammers are\nselected to transmit jamming signal if their interfering power on scheduled users is below a threshold in the second scheme (JS\nscheme). A stochastic geometry approach is applied to analyze the outage probability and the secrecy probability. Compared with\nthe NO JS scheme and traditional scheme (without jointing jammers), the jammer selection scheme provides a good balance\nbetween the user outage probability and secrecy probability. Numerical results demonstrate that the security performance of the\ntwo proposed schemes can be improved by jointing the jammers in the NOMA wireless network....
The recent years have witnessed a growth in the number of users connected to computer networks, due mainly to megatrends such\nas Internet of Things (IoT), Industry 4.0, and Smart Grids. Simultaneously, service providers started offering vertical services\nrelated to a specific business case (e.g., automotive, banking, and e-health) requiring more and more scalability and flexibility for\nthe infrastructures and their management. NFV and SDN technologies are a clear way forward to address these challenges even\nthough they are still in their early stages. Security plays a central role in this scenario, mainly because it must follow the rapid\nevolution of computer networks and the growing number of devices. The main issue is to protect the end-user from the increasing\nthreats, and for this reason, we propose in this paper a security framework compliant to the Security-as-a-Service paradigm. In\norder to implement this framework, we leverage NFV and SDN technologies, using a user-centered approach. This allows to\ncustomize the security service starting from user preferences. Another goal of our work is to highlight the main relevant challenges\nencountered in the design and implementation of our solution. In particular, we demonstrate how significant is to choose an\nefficient way to configure the Virtual Network Security Functions in terms of performance. Furthermore, we also address the\nnontrivial problem of Service Function Chaining in an NFV MANO platform and we show what are the main challenges with\nrespect to this problem....
Loading....