Network Security
A. Beigi
Abstract
Background and Objectives: Intrusion Detection Systems (IDS) are crucial for safeguarding computer networks. However, they face challenges such as detecting subtle intrusions and novel attack patterns. While signature-based and anomaly-based IDS have been widely used, hybrid approaches offer a promising ...
Read More
Background and Objectives: Intrusion Detection Systems (IDS) are crucial for safeguarding computer networks. However, they face challenges such as detecting subtle intrusions and novel attack patterns. While signature-based and anomaly-based IDS have been widely used, hybrid approaches offer a promising solution by combining their strengths. This study aims to develop a robust hybrid IDS that effectively addresses these challenges.Methods: We propose a three-layered hybrid IDS that leverages machine learning techniques. The first layer utilizes a signature-based approach to identify known intrusions. The second layer employs an anomaly-based approach with unsupervised learning to detect unknown intrusions. The third layer utilizes supervised learning to classify intrusions based on training data. We evaluated the proposed system on the NSL-KDD dataset.Results: Experimental results demonstrate the effectiveness of our proposed hybrid IDS in accurately detecting intrusions. Comparisons with recent studies using the same dataset show that our system outperforms existing approaches in terms of detection accuracy and robustness.Conclusion: Our research presents a novel hybrid IDS that effectively addresses the limitations of traditional IDS methods. By combining signature-based, anomaly-based, and supervised learning techniques, our system can accurately detect both known and unknown intrusions. The promising results obtained from our experiments highlight the potential of this approach in enhancing network security.
Network Security
M. Amiri; A. Barati
Abstract
Background and Objectives: Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks.Methods: A honeypot is one ...
Read More
Background and Objectives: Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks.Methods: A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’ information and trap them. By using a vulnerable scanner in this paper, we obtained the required network vulnerabilities and normalized them via the proposed method. Then, a dynamic hybrid honeypot has proposed by high and low interaction honeypots. Also, in the proposed method, by footprinting and scanning of an integrated network, a detailed picture of the production network and a honeypot configuration file are generated.Results: As a result, more devices could be detected via automated production by the proposed method.Conclusion: This method could accelerate honeypot production and reduce the users’ mistakes during their manual production. Monitoring network traffic, collecting the information of network machines, determining network operating systems, and storing data in a database are the specific features of this system that could be performed by using the selected network scanning tools and modules.
Network Security
S. Goli-Bidgoli; M. SofarAli
Abstract
Background and Objectives: Vehicular Ad-Hoc Networks can enhance road safety and enable drivers to avoid different threats. Safety applications, mobile commerce, and other information services are among different available services that are affected by dynamic topology, vehicle’s speed and node ...
Read More
Background and Objectives: Vehicular Ad-Hoc Networks can enhance road safety and enable drivers to avoid different threats. Safety applications, mobile commerce, and other information services are among different available services that are affected by dynamic topology, vehicle’s speed and node misbehaving. Dynamic topology makes the route unstable and unreliable. So, improving the throughput and performance of VANET through reliable and stable routes with low overhead are among the important goals in this context. Methods: Verifying all issues related to the reliable routing, different effective internal, external and environmental factors on route reliability are led to a new security framework in this paper. Black-hole attack and its effects, as the most well-known attack in wireless networks, along with presenting a secure routing protocol are other achievements of this paper. The proposed protocol uses a trust management system to detect and neutralize this type of attack. Results: Simulation results show that the presented trust-based framework can increase the reliability of the networks by decreasing the effect of the malicious nodes in the routing process. Conclusion: Our simulation results show that the proposed protocol can overcome the effects of black-hole attackers and it can increase throughput by 93% and packet received rate by 94.14% compared to the original AODV. Investigating the effect of the other attacks, simulating in an urban area with repetitive communications and considering the RSU in verifying the trustworthiness of entities are suggested for our future works.======================================================================================================Copyrights©2018 The author(s). This is an open access article distributed under the terms of the Creative Commons Attribution (CC BY 4.0), which permits unrestricted use, distribution, and reproduction in any medium, as long as the original authors and source are cited. No permission is required from the authors or the publishers.======================================================================================================
IoT Security
M. Eslamnezhad Namin; M. Hosseinzadeh; N. Bagheri; A. Khademzadeh
Abstract
Background and Objectives: Search protocols are among the main applications of RFID systems. Since a search protocol should be able to locate a certain tag among many tags, not only it should be secure against RFID threats but also it should be affordable. Methods: In this article, an RFID-based search ...
Read More
Background and Objectives: Search protocols are among the main applications of RFID systems. Since a search protocol should be able to locate a certain tag among many tags, not only it should be secure against RFID threats but also it should be affordable. Methods: In this article, an RFID-based search protocol will be presented. We use an encryption technique that is referred to as authenticated encryption in order to boost the security level, which can provide confidentiality and integrity, simultaneously. Results: Furthermore, since the proposed protocol belongs to the lightweight protocols category, it is appropriate for applications that require many tags and costs must be low. In terms of the security, the analysis results give a satisfactory security level and it is robust against different RFID threats like replay, traceability and impersonation attacks. Using Ouafi-Phan model, BAN and AVISPA, we also checked the security correctness of the suggested protocol. Conclusion: In this paper, we presented a scalable lightweight RFID search protocol. We employed an encryption technique called Authenticated Encryption (A.E.) to improve the security level of the suggested protocol.======================================================================================================Copyrights©2018 The author(s). This is an open access article distributed under the terms of the Creative Commons Attribution (CC BY 4.0), which permits unrestricted use, distribution, and reproduction in any medium, as long as the original authors and source are cited. No permission is required from the authors or the publishers.======================================================================================================