Science topic

Computer Networks Security - Science topic

Explore the latest questions and answers in Computer Networks Security, and find Computer Networks Security experts.
Questions related to Computer Networks Security
  • asked a question related to Computer Networks Security
Question
11 answers
Dear Researchers, I perform J48 Algorithm on KDD Test dataset in WEKA. it gives me Anomaly and normal class. if i want to know detail Anomaly attacks by category like Dos, R2L, U2R. how can i do in same dataset?
if someone helps i will be very thankful
Relevant answer
Answer
same issue with me can not categories like Dos, R2L, U2R. how can i do in same dataset
anyone can help please
  • asked a question related to Computer Networks Security
Question
3 answers
I need free code and datasets of early access Q1 articles which is not in "paper with code" about computer networks security
Relevant answer
Answer
  • asked a question related to Computer Networks Security
Question
2 answers
How to define the LSSS structure, i.e. the matrix M and the function ρ which associates each row of M to an attribute in attribute based encryption?Are there some developed methods that can be used to define the structure?
What is the relationship between tree structure and LSSS? Is tree a kind of LSSS, or an entirely different structure?
Relevant answer
Answer
You can check the Ciphertext Policy ABE Paper ( CPABE). Also feel free to check the CPABE toolkit source code ( http://acsc.cs.utexas.edu/cpabe/). It's awesomely written. Some other implementations in various programming languages are available as well
  • asked a question related to Computer Networks Security
Question
12 answers
According to a survey conducted by Sophos, 2020 was a tough year for education, with the sector experiencing the highest level of ransomware attacks of all industries. Ransomware attacks have been on the top list of dangerous threats to information systems for over a decade. The threats of ransomware attack do not seem to go away or rather slow down BUT seems to get more complicated.
Are the current mitigation techniques well designed to prevent the attacks? What are your thoughts?
Relevant answer
Very interesting question! I completely agree and support the opinion of dear colleagues Ljubomir Jacić, Doherty Odueko Funmilayo. Thank you!
  • asked a question related to Computer Networks Security
Question
4 answers
SQL injections attacks have been on the number one list of dangerous threats to information systems for over a decade. The threats of an injection attack do not seem to go away or rather slow down BUT seems to get more complicated and more dangerous every time one is launched successfully.
Are the current mitigation techniques well crafted to halt the attacks or its high time new methods of protecting data in-situ are designed?
What do you think?
Relevant answer
Answer
What is the primary method of mitigating SQL injection attacks?
Option 1: Use of Prepared Statements (with Parameterized Queries) Option 2: Use of Stored Procedures. Option 3: Allow-list Input Validation. Option 4: Escaping All User Supplied Input.
SQL Injection attacks are unfortunately very common, and this is due to two factors:
  1. the significant prevalence of SQL Injection vulnerabilities, and
  2. the attractiveness of the target (i.e., the database typically contains all the interesting/critical data for your application).
It's somewhat shameful that there are so many successful SQL Injection attacks occurring, because it is EXTREMELY simple to avoid SQL Injection vulnerabilities in your code.
SQL Injection flaws are introduced when software developers create dynamic database queries that include user supplied input. To avoid SQL injection flaws is simple. Developers need to either: a) stop writing dynamic queries; and/or b) prevent user supplied input which contains malicious SQL from affecting the logic of the executed query.
Primary Defenses:
  • Option 1: Use of Prepared Statements (with Parameterized Queries)
  • Option 2: Use of Stored Procedures
  • Option 3: Allow-list Input Validation
  • Option 4: Escaping All User Supplied Input
Additional Defenses:
  • Also: Enforcing Least Privilege
  • Also: Performing Allow-list Input Validation as a Secondary Defense
  • asked a question related to Computer Networks Security
Question
6 answers
Hi, my M.Sc. thesis is "Detecting Android Malware using TF-IDF and N-Gram Methods Leveraging Text Semantics of Network Flows”. In my M.Sc. thesis I have worked on malware detection to find a new solution for malware evasion problem in android environments.  I want to implement my idea with "Rapid Miner" thus I need a ".csv" data-set of malware and benign app network flows. I've downloaded many data-sets but none of the satisfied my needs. The most appropriate data-set among all of them for me is Android Malware data-set (InvesAndMal2019).
It's a great ".csv" labeled data-set but unfortunately all of data-set rows labeled as BENIGN. 
I really need a ".csv" labeled android malware data-set composed of MALWARE and BENIGN network flows.
Can anybody help me with this?!
Regards
Mikael
Relevant answer
Answer
You can try BLADE Android Malware Dataset available on Kaggle.
  • asked a question related to Computer Networks Security
Question
8 answers
This is related to Homomorphic encryption. These three algorithms are used in additive and multiplicative homomorhism. RSA and El gamal is multiplicative and Pallier is additive.Now i want to know what is the time complexity of these algorithms.
Relevant answer
Answer
Want the encryption and decryption time complexity when used by pallier cryptosystem
  • asked a question related to Computer Networks Security
Question
7 answers
For quantum cryptography(QKD) simulation, which simulator is best one
  • asked a question related to Computer Networks Security
Question
7 answers
Hello all, I'm an undergraduate student and currently I'm interested to learn more about Cryptographic for Network Security. I want to know is there any paper or journal that quickly summarize whether each Encryptions Algorithm has their own behaviour that maybe works better for its different purposes?
Like some algorithms are best-used for Cloud Computing, some others are for an E-Commerce website, some others for Social Media application, etc. that would lead to decision making of which are more suitable for algorithm for every project.
Thanks before!
Relevant answer
Answer
Dear Naufal,
There are too many survey papers elaborate on the Encryption Algorithm (asymmetric and symmetric) such as:
A comparative survey of symmetric and asymmetric key cryptography.
Selecting the proper algorithm usually chosen based on your methodology.
Regards,
  • asked a question related to Computer Networks Security
Question
10 answers
I'm currently working on my proposal for my master's thesis and would like to find out which current research topics in the field of network security are promising/interesting/hot.
Relevant answer
Answer
Most trend work is the cybersecurity defence algorithm over 5G
  • asked a question related to Computer Networks Security
Question
7 answers
If table is like can we draw venn diagram by this input?
variable          value r1               value r2
a                        20                         45
b                         10
c                          39                        1
d                                                      37
e                            98                     27
Relevant answer
Answer
you can use this online tool DiVenn which will generate a nice graph https://divenn.noble.org
  • asked a question related to Computer Networks Security
Question
26 answers
Will the use of Blockchain technology improve the security of information transfer on the Internet? Will the development of Blockchain technologies reduce the scale of cybercrime on the Internet?
Please, answer, comments.
I invite you to the discussion.
Best wishes
Relevant answer
Answer
Blockchain technology & security system - Interesting - Following .
  • asked a question related to Computer Networks Security
Question
7 answers
We are applying ML for network intrusion detection, specifically UDP DoS detection. Most of the known datasets include http DoS. Is there any link that I can get labeled UDP DoS?
Thanks.
Noosha
Relevant answer
Answer
Thanks Nadun!
  • asked a question related to Computer Networks Security
Question
11 answers
Hello everyone,
I would like to make a thorough investigation on the most promising simulation platforms for simulation and analysis of Cyber Attacks on Cyber Physical Energy Systems, along with the application of security solutions and their impact on performance.
To the best of my knowledge, a combination of two or more simulation/emulation tools might be required. E.g. a tool representing the cyber components (such as ns-2, Omnet++, Emulab) along with a tool representing the power grid physical components, (such as MATLAB).
Since investigation and proposals of the research community is still going on, hence the selection of the simulation platform(s) seems to be inconsistent among the researchers.
Through this question, I would request the research community of this field to share their knowledge and experience in this regard, with thanks.
Relevant answer
Answer
After great many years of research and prototyping in academia there is now a startup making a commercial cyber threat modelling tool; see www.foreseeti.com The tool performs attack simulations in models of ICT infrastructures and even though the tool is not specifically addressing control systems, many such environments have been analysed. E.g. by the EU SEGRID project (www.segrid.eu) where such models are also available for download.
  • asked a question related to Computer Networks Security
Question
8 answers
Does anyone have experience with FIREMAN toolkit. I need to know how to install it, and how to use it to analyse the efficiency of my firewall?
Or, what tools you using to analyse and test the efficiency of your Firewall?
  • asked a question related to Computer Networks Security
Question
6 answers
I am want to know how signature based detection is implemented by anti-malware  software companies. I know theoretical working of it but how it is implemented in actual software for efficient detection ?   
Relevant answer
Answer
In addition to above references I found "Antivirus Hackers Handbook " a very useful reference for understanding the signature types, working of signature based detection and evasion techniques. I would it should be the starting point for anyone who is new in this field.
  • asked a question related to Computer Networks Security
Question
5 answers
I want to know about the simplest m Artificial Neural Network that can be used for the classification of network traffics to normal and attack in java using KDD cup 99. Can the classification read the KDD records as is or does they need to be normalized?
Relevant answer
Answer
Thank you all for your valuable answers
  • asked a question related to Computer Networks Security
Question
12 answers
The MQTT is the functional and useful protocol in internet of things.
Relevant answer
Answer
The most known attacks are distributed denial-of-service (DDoS) and botnet attacks. However, MQTT is based on TCP protocol that can be secured with Transport Layer Security (TLS). Combining MQTT with TLS can help in security and performance improvement.
  • asked a question related to Computer Networks Security
Question
3 answers
Please suggest me some good papers on DDOS attack detection that can be implemented on NS-2.
Relevant answer
Answer
Hi Deepak,
My supervisor Dr George Loukas has conducted extensive work on DDOS detection which was implemented in NS-2. A link to his profile here: https://www.researchgate.net/profile/George_Loukas2 - see his papers on Denial of Service detection in a self-aware network.
  • asked a question related to Computer Networks Security
Question
10 answers
I'm trying to develop an intrusion detection for Industrial Ethernet. e.g. S7, PROFINET, Modbus protocols.
I want to evaluate my work on IE security dataset. Does anyone know security dataset in this domain? Some PCAP examples or sanitize dataset like KDD?
Relevant answer
Answer
Dear Maxime,
Thank you very much for you answer!
Best regards
Rocio
  • asked a question related to Computer Networks Security
Question
7 answers
I want to simulate the cyber attack behaviour, such as the spread of worms, on computer networks to test a detection method. Could you please give me some advice about the selection among different simulators?
Relevant answer
Answer
Hi Kaiming
Why don't you set up a honeypot server instead and collect attack data for real? You could even analyse attacks happening in real time, which is always more fun than playing with simulators. Simulators will only ever be as good as the person who sets them up, and as soon as the simulation software is released, it will very quickly become out of date. At least with a real system, you will be attacked by real people using real cutting edge attack technology. For example, you could start by just seeing how long it takes for someone to compromise your system. Then take it off-line and analyse the event or events that took place. Fix the weaknesses discovered for your next round, and see what comes along next. By repeating this process time and time again, you could collect a huge amount of real data on cyber attacks. And you won't have long to wait to start collecting your data. I friend of mine was looking to collect Mirai virus exploits, and the honeypot was compromised within 60 seconds of going live on the internet.
Regards
Bob
  • asked a question related to Computer Networks Security
Question
4 answers
actually my work in detection DDoS ATTACKS in data plane and control plane using supervisor machine learning
Relevant answer
Answer
Abstract:
Although software-defined networking (SDN) brings numerous benefits by decoupling the control plane from the data plane, there is a contradictory relationship between SDN and distributed denial-of-service (DDoS) attacks. On one hand, the capabilities of SDN make it easy to detect and to react to DDoS attacks. On the other hand, the separation of the control plane from the data plane of SDN introduces new attacks. Consequently, SDN itself may be a target of DDoS attacks. In this paper, we first discuss the new trends and characteristics of DDoS attacks in cloud computing environments. We show that SDN brings us a new chance to defeat DDoS attacks in cloud computing environments, and we summarize good features of SDN in defeating DDoS attacks. Then we review the studies about launching DDoS attacks on SDN and the methods against DDoS attacks in SDN. In addition, we discuss a number of challenges that need to be addressed to mitigate DDoS attached in SDN with cloud computing. This work can help understand how to make full use of SDN's advantages to defeat DDoS attacks in cloud computing environments and how to prevent SDN itself from becoming a victim of DDoS attacks.
  • asked a question related to Computer Networks Security
Question
3 answers
A new concept about the way to connect to VPNs, without pre-defined VPN tunnel or servers, no topology and data transfer through the cloud?
Relevant answer
Answer
  • asked a question related to Computer Networks Security
Question
15 answers
MulVAL- is a logic-based attack graph generation technique invented by Xinming Ou. I have installed "MulVAL" as per the instructions given in (http://people.cis.ksu.edu/~xou/argus/software/mulval/readme.html) and tried to run it for the testcase given in input file (input.P) as follows:
shyam@ubuntu:~/Desktop/Graph/mulval/utils$ ./graph_gen.sh /home/shyam/Desktop/Graph/mulval/testcases/3host/input.P -v
But I am getting the following error:
cat: goals.txt: No such file or directory
rm: cannot remove `goals.txt': No such file or directory
The attack simulation encountered an error.
Please check xsb_log.txt.
What does it mean and how do I solve it? Any kind of help would be appreciated.
Relevant answer
Answer
Hey Guys I need help,
Every time I tried to convert the nessus vulnerability scanning file to nessus.p file which is the input for mulval I am getting below error
++Error[XSB/Runtime/P]: [Existence (No procedure usermod : vulExists / 3 exists)] []
Forward Continuation...
... machine:xsb_backtrace/1 From C:\Program Files (x86)\XSB\syslib\machine.xwam
... loader:load_pred1/1 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... loader:load_pred0/1 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... loader:load_pred/1 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... x_interp:_$call/1 From C:\Program Files (x86)\XSB\syslib\x_interp.xwam
... x_interp:call_query/1 From C:\Program Files (x86)\XSB\syslib\x_interp.xwam
... standard:call/1 From C:\Program Files (x86)\XSB\syslib\standard.xwam
... standard:catch/3 From C:\Program Files (x86)\XSB\syslib\standard.xwam
... x_interp:interpreter/0 From C:\Program Files (x86)\XSB\syslib\x_interp.xwam
... loader:ll_code_call/3 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... standard:call/1 From C:\Program Files (x86)\XSB\syslib\standard.xwam
... standard:catch/3 From C:\Program Files (x86)\XSB\syslib\standard.xwam
Any idea how to solve this error??
  • asked a question related to Computer Networks Security
Question
5 answers
I am looking for problems which are being currently researched in the domain of security for IoT especially in the aforementioned protocols.
Relevant answer
Answer
Hello Anshul,
As far as I know, these are some of them, according to the existing literature:
2. Encryption of CoAP data via Datagram Transport Layer Security (DTLS) (for example, https://nvisium.com/blog/2015/05/27/implementing-coap-secure-way-part-i/). This is the most common way to provide security to CoAP.
In case you are looking for a solution, have you considered AMQP? It solves security by adding . Another protocol you might want to take a look is 6LoWPAN, even though this is a protocol located at the network layer rather than at the application one (as CoAP can be regarded). Finally, MQTT can also be taken into account for a study on security (but it is very likely that you already know all this, anyway).
I hope this helps!
  • asked a question related to Computer Networks Security
Question
5 answers
i am working on creating an effective attack database for the researchers? Hence i need to know about the challenges faced by them  in getting the attack datasets for reserach purposes
Relevant answer
Answer
Unfortunately, many organizations tend to clam up the moment you say the word "security", and they are thus unwilling to share their attack stories.
Collecting and publishing (at least internally) attack stories is one of the software security practices enumerated by the BSIMM, but very few organizations we have dealt with actually do this.
Getting access to attack data will only be possible if you are able to establish a trust relationship with each organization, and thus your best bet might be to approach (e.g.) FS-ISAC, and get teh required contacts and information through them.
  • asked a question related to Computer Networks Security
Question
6 answers
Have you any idea or suggestions ?
Relevant answer
Answer
I can give u some advises if still not achieved the work...
  • asked a question related to Computer Networks Security
Question
19 answers
What are Security Challenges and Issues for Internet of Things (IoT) application in industry?
Please suggest some related articles.
  • asked a question related to Computer Networks Security
Question
4 answers
Risk assessment
Risk management
Risk analysis
Threat impact
Likelihood
  • asked a question related to Computer Networks Security
Question
3 answers
I want to analyse the effect of key management in DTN . I would appreciate any useful idea especially using ONE simulator.
Relevant answer
Answer
Hello, the ONE simulator does not have a key management protocol.
Instead, you can count the number of message or information transfer, and count the number of packets that are needed to accomplish the transfer or accomplish a connection.
For example, when two nodes meet, you can detect that using the simulator, and you can assume that there is a key exchange for this connection between two nodes, or a key connection for each message transferred between the nodes, then you can do the analysis that you need. For example, you can suggest the usage of one key management session for all the messages that will be transferred between both nodes.
  • asked a question related to Computer Networks Security
Question
3 answers
Polymorphic generators can be used in software, to make self-modifying code (to prevent unauthorized copying of executable code).
Are there any ways to implement this mechanism for preventing unauthorized copying of some data from hard disk or RAM? E.g. I have a license.txt and I don’t want anyone to get copy of this file from my storage. So when intruder copies this file, he’ll get a fully changed copy of this file.
Can someone suggest any literature related (papers/documents)? It would be very much appreciated.
Best regards,
Relevant answer
Answer
You could search for Address Space Layout Randomisation - it does not prevent copying of RAM, but is useful to prevent e.g. buffer overflow attacks.
  • asked a question related to Computer Networks Security
Question
7 answers
Hi, 
I have a number of trace files which I used it to extract features and create a lot of records in both situation normal, and abnormal. Are there any rules can we rely on to determine the final number of records in dataset for each class? can we choose the same number for both? or the normal class must has more number of records?Please what is the best solution which is more reliability?
Relevant answer
Answer
Thanks a lot for this answer Mr. Jhordany..
It is valuable information ...:) 
  • asked a question related to Computer Networks Security
Question
5 answers
My domain is wireless healthcare sensor network.My idea is to provide authentication during data transmission by using both digital signature and bilinear pairing.so please
Relevant answer
Answer
Dear Sowmi Das, 
   You can use Java Crypto Libraries also to generate the pair of keys, digitally sign messages and verify them. 
    I guess some of these links may be of help, especially with reference to the Indian context. 
  • asked a question related to Computer Networks Security
Question
5 answers
I am working on developing a patch for DHCP server software. Please let me know from where I can get source code for an open source dhcp server.
Relevant answer
Answer
You may consider open source DHCP Server from Internet Systems Consortium available at https://www.isc.org/downloads/
  • asked a question related to Computer Networks Security
Question
1 answer
I'm doing some research on the explosive characteristic of fountain codes,which means the original symbols can be decoded suddenly when the receiver gets some key symbols. I do think this feature can be used in the problem of physical layer security, in which the legitimate user can get enough encoded symbols before eavesdroppers,and finishes decoding firstly. I'm now focusing on how to enhance the explosive characteristic. I will really appreciate it that someone can give me some suggestions.
Relevant answer
Answer
Breaking the content in several chunks, to create "multiple" explosions?
  • asked a question related to Computer Networks Security
Question
5 answers
How to calculate the complexity of ELGAMAL and RSA Cryptosystems?
Relevant answer
Answer
the complexity of any cryptography systems depends on the key size of the system and the complexity of the ciphertext linearly   proportional with the key size 
  • asked a question related to Computer Networks Security
Question
11 answers
I would like to design a security model for smart city applications. However, I haven't come across a simulation tool specifically for smart cities. Is there any one who has an idea about the tools for simulating smart cities?
Relevant answer
Answer
My opinion, "the smart city simulation" is really big area. I would ask If you would like to simulate communication technologies, traffic ... etc. probably when you mention security, it will be cyber security over some communication model - then I think you can simulate it in NS-3 or some other tools for simulating communication technologies. But it will be always more valuable do some more realistic data as i.e. create some simple network and use some advanced data-generator.
  • asked a question related to Computer Networks Security
Question
8 answers
Sometimes it is necessary to use tools for hack (testing) or discover vulnerabilities and resolving security vulnerabilities in the system of institutions by using attacker tools :
- Kali Linux
- Backtrack
- Pentoo
- Nodezero
- Network Security Toolkit (NST)
- Parrot Security
- BackBox Linux
- GnackTrack
- Bugtraq
etc..
Relevant answer
Answer
Dear Ameer
One of the best OS is Linux Distro Kali. It is best for penetrating and developed by the BackTrack team. It is basically for offensive security.
Please see the following link.
Some of the best that could be used for practice sessions are :
1. Kali Linux
2. BackBox
3. Parrot-sec forensic os
4. DEFT
5. Live Hacking OS
6. Samurai Web Security Framework
7. Network Security Toolkit (NST)
8. Bugtraq
9. NodeZero
10. Pentoo
11. GnackTrack
12. Blackbuntu
13. Knoppix STD
14. Weakerth4n
15. Cyborg Hawk
Thanks and Regards
Sanoop M
  • asked a question related to Computer Networks Security
Question
10 answers
Users are still vulnerable to malicious SPs that may collude to profile a user’s identity in a cloud environment. For instance, we have ten (10) Service Providers (SPs) and each of them have partial information about a user, what measure can one put in place to prevent these SPs from colluding to profile users’ attributes?
Relevant answer
Answer
Thank you Philippe De Ridder, Penchalaiah Padugupati and  William Shawn Wilkerson for all the contributions.
@Philippe De Ridder, Yes, the SPs need access to the data to enable them  be sure of the user, inoder to release  resources to the users.
Now I am trying to solve this malicious SP collusion problem: Using One (1) attribute Usage, say for instance inorder to avoid collusion among SPs in the Cloud we decide to release only the attribute needed for processing that resource for the user at only one point in time and the authentication details is only used for that transaction and cannot be stored by SPs for any future usage.
The Question now is how do we send this attributes to SPs in such a way that they can only be useful in one-tme use only and cannot be useful when kept for future use?
  • asked a question related to Computer Networks Security
Question
6 answers
hello everyone
i want to implement a detection scheme which can detect data modification attack in ecg data. can anyone tell me which simulator should i use? how can i simulate an attack?
Relevant answer
Answer
Hi,
Look, there is no such simulator available which is directly focused on WBAN and to medical data. However, you can demonstrate in virtual environment of any simulator like NS2 or OMNET++ which assumes other network architecture as WBAN. Moreover, you can select any programming languages that are supported by sensors and simulate on available device emulators like J2ME, .NET, etc. 
You can also use senseNUTs that are real sensors which support C programming and can be modified as per requirement. You can use them also for real time practice.
  • asked a question related to Computer Networks Security
Question
2 answers
Eavesdropping, Man in the middle attack (MitM):
Attackers can take advantage of a known weakness in LTE wherein the user identity transference occurs unencrypted, in clear text between the UE and the eNodeB, during the initial attach procedure. This allows an eavesdropper to track the user cell-location or launch a man in the middle attack by user international mobile subscriber identifier (IMSI) impersonation and relay of user messages.
Relevant answer
Answer
Thank you for your answer Martin, I will look for that tomorrow.
  • asked a question related to Computer Networks Security
Question
5 answers
How would you classify the threat of cyber-attacks and their impact on supply chains?
Isn’t it a megathreat like natural disasters? Cyber-attack as an unknown-unknown risk that is rather uncontrollable with huge potential impact?
What is the role of Prof. Simchi-Levi’s Risk Exposure Index regarding cyber risk assessment? Do you think it is possible and beneficial to apply the REI for the mitigation of cyber risks?
Relevant answer
Answer
Check out the work of Omera Khan. She has published several articles about cyber-risk management in supply chains.
  • asked a question related to Computer Networks Security
Question
3 answers
if possible, please point me to any published research papers on the subject
Relevant answer
Answer
Accidental configuration errors (non-malicious insider attacks) are easier to protect against, although if you have a mechanism to protect against the malicious attack, you've solved both problems.
The best example I can come up with on the spur of the moment would be to protect routing protocol messages, in an IP network.
Take a look at RFC 2453, for Routing Information Protocol (RIP) Version 2.
Section 4.1. describes a simple authentication scheme. In the packet overhead, one includes a plaintext, 16-byte password. This is a simple defense against misconfiguration. A router would check the password of any routing message, to verify the message comes from the router identified in the layer 3 header.
Next, take a look at RFC 4822.
Now you have a variable length encrypted authentication header, where the length depends on the algorithm used. A secret key is now needed to create and then to verify the authentication header. So this defends not only against simple configuration errors, but also against a deliberate routing protocol spoofing attack, designed to disrupt network operation.
  • asked a question related to Computer Networks Security
Question
3 answers
What Windows based honeypot do you suggest for gathering interactions to be used with WEKA to generate a training file using WEKA supervised learning?
[To be installed on VMWare]
Relevant answer
Answer
Hi thankyou both you've been really helpful!!
  • asked a question related to Computer Networks Security
Question
3 answers
detecting network layer attacks in manet requires some background knowledge. how can this be implemented.Suggest some ways kindly.
Relevant answer
Answer
You can implement a special agent node to store the knowledge base that can effectively control attacks in a MANET.
  • asked a question related to Computer Networks Security
Question
8 answers
I have new authentication method asked user to login based in some features,
how can I calculate the FP  and FN .and is there any tool can help.
Relevant answer
Answer
I have some experience testing biometric authentication products. The risk is always that one jumps too early into ad hoc testing before an experiment design is made. So I agree with the previous answers. make sure the use case is clear and that there are acceptance/success criteria *before* you start testing.
Next to that: the terms to use for authentication are False Accept and False Reject. Those give the False accept rate (FAR) and the False reject rate (FRR). But they are of course the same as FP and FN.
Normally authentication methods that need to be tested, like biometric systems, produce a score for every authentication attempt. (trust score). One of the aspects of the biometric system is that you set a threshold depending on the functional requirements. But that is the actual appication. To measure the performance of an authenticator regardless of the trhreshold setting, you need to create the FAR and FRR curves. Or better the Detection error trade-off curve (DET). 
There is no tool except for R, SPSS and python :-)
About significance (and how many tests you need) is discussed a bit in "Common Criteria - Common Methodology for Information Technology Security Evaluation - Biometric Evaluation Methodology Supplement [BEM]" from British government ( http://www.cesg.gov.uk, site has maintenance issues at the moment of writing)
good luck
  • asked a question related to Computer Networks Security
Question
11 answers
Dear all,
I proposed a framework security, but i want to determine exactly which is the best model for  assessment this framework  
Relevant answer
Answer
I suggest that you act as ethical hacker and conduct penetration tests with all instanced objects and applications of your framework.
  • asked a question related to Computer Networks Security
Question
7 answers
"For an application, I have to generate 10K pseudorandom bits from a user-supplied password (8-16 characters). What are possible options? Which one do you recommend and why?"
Relevant answer
Answer
This is a well-known issue with plenty of (also well-known) implementation pitfalls.
Why not using a standardized mechanism? Take a look at ISO/IEC 18031 and pick your favorite mechanism. The simplest is probably Hash_DRBG based on SHA-256.
If you don't want to pay for a standard, the NIST website also provides standard and well-known mechanisms for pseudo-random generation. PRNG SHA-1 is fast and secure enough for that purpose, that's a no brainer.
(and NIST has removed the controversial Dual_EC_DRBG from that standard)
:)
  • asked a question related to Computer Networks Security
Question
4 answers
In the field of access control policy, anyone can provide an explanation of the difference between SAML and XACML. In an Attribute Based Access Control  models, can both be applied simultaneously?
Relevant answer
Answer
SAML is about identity - an XML format for exchanging authentication and authorization data.  It is used most often for implementing single sign on in web browsers.
XACML is also XML based but oriented toward access policy.
They can be used together because they are orthogonal in purpose.  Both have their own provider and client architectures that are associated with each.  I have seen SAML used but never did anything with it myself.  There seems to be a fair number of production implementations of it.  I have played with XACML and Attribute based Access Control for some internal Proof of Concept work and experimentation, but have rarely seen XACML in production (just once).
Some basic overviews in the links below.
  • asked a question related to Computer Networks Security
Question
11 answers
After reading some papers, I found many papers skip the detail of making IDS, instead, directly go to evaluation part. 
Can anyone give me some hints about how to build a host based light weight IDS for detecting VM escape? Good references?
Thank you very much!
Relevant answer
Answer
Hi Bo Sun, 
Are you referring to Virtual machine interfaces or Virtual machine introspection ( the host IDS that exploits virtual machine introspection to check the integrity of a kernel running inside a virtual machine)? I am assuming the later, in case here are a list of articles:
A Virtual Machine Introspection Based Architecture for Intrusion Detection
Virtual machine introspection: Observation or interference?
Virtual Machine Introspection:
A formal model for virtual machine introspection:
Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection:
For VMI, as defined above, then yes this sounds like a useful approach - in fact a combination of VMI and Network monitoring is likely to provide a more "semantic" observation of VM escaping. Contextually speaking that is, for example where you capture a correlation between VMI and network activities to build a picture of anomalous resource access and network activity.
An interesting subject!
  • asked a question related to Computer Networks Security
Question
13 answers
How privacy issues can be addressed in the context of cloud computing policy?
Relevant answer
Answer
Take a look at Legal requirements as mentioned above, and privacy policy statements from organizations to derive privacy requirements which then you can transform for applications. 
  • asked a question related to Computer Networks Security
Question
5 answers
I have to send the encrypted data to more than one cloud storage.I have a same question as Neetha Sharma do. Where can I insert my code in a simulation program example. First of all, Which example can I take for my project?
Relevant answer
Answer
If you take the risk and opt for end-to-end-encryption in order to save your ciphertext data in a cloud, I strongly recommend that you scrutinize your exerted crypto suite for undeliberate and especially deliberate security leaks. It is commonly known that crook intelligencies embed weaknesses in crypto suites to reveal private data for their own purposes.
  • asked a question related to Computer Networks Security
Question
20 answers
Suppose I have made a IDS (Intrusion Detection System), For example using KDD CUP99 I have made a system and I have done the test and evaluation and the result is acceptable. Now, I want to evaluate my proposed system on real online traffic . I can capture the packet using PCAP, I can extract the features and detect is it normal and anomaly. BTW, my problem is how can evaluate the output, because there is no ground file for that traffic. How can evaluate my system on real traffic? may be during the testing all the traffic in normal how can evaluate the performance of system on abnormal traffic? I think I have to make some abnormal traffic and test the system using my own abnormal traffic, Does this idea is correct and how should I make abnormal traffic?
Relevant answer
Answer
Your IDS is supposed to check the intrusions of a real-world data set, just recently released or just launch it by yourself. When we are doing real-time detection then we are supposed to launch the attacks or whatever you are interested in. After that run your algorithm and if it results well than you can surely use it for real time evaluation. KDD is no more. You can use Snort or other alternatives of Snort for doing so. 
  • asked a question related to Computer Networks Security
Question
3 answers
Does single or dual-n-back training have any lasting, transferable effects on other cognitive skills, apart from improving the performance in running the dual-n-back game? Some research studies indicate that it may have some effect for some people with some conditions (e.g. older people, people with dysphoria etc.), however larger meta-studies indicate no or very small effect in general as well as methodological problems in the underlying studies. The research therefore seems inconclusive.
What is your research experience with this? Are there any groups or conditions where such training has been shown to have transferable, lasting effects?
Relevant answer
Answer
If you are reading in this area you have probably already found him, but I know from his work with ACT-R that Niels Taatgen has worked with N-back, cognitive modeling, and has a long interest in transfer.
  • asked a question related to Computer Networks Security
Question
4 answers
How to measure how strong the correlation between cloud security policies and privacy requirement in saas and paas to protect those security threat related privacy?
Relevant answer
Answer
Hi Jafar,
Based on your question asked - seems & assumed is a quantitative research.  If yes, generally depends on how you operationalize your "cloud security policies" and "privacy requirement" constructs:
  1. if each of the above 2 constructs consist of some question items, may be you can perform Pearson correlation test (if their data scales are interval / ratio), perform Spearman Rho test (if data scales are ordinal), perform Cramer V test (if data scales are nominal)
  2. If the 2 constructs i.e. "cloud security policies" & "privacy requirement" respectively consists of some latent variables (each latent variable comprises few question items) & they are interconnected between the 2 constructs, may be you want to use Structural Equation Modeling (SEM) like SPSS AMOS or SmartPLS etc.
Regards,
Fung
  • asked a question related to Computer Networks Security
Question
4 answers
I am trying to implement the video watermarking based on visual cryptography. I have created two share of a image in '.bmp' formats. How these two shares will be embedding  in the video while using the frequency domain.
I have divided the video into parts ( Suppose the video consisting 300 frames. In this way each part is having 150 frames each) to embed these share in two different parts. I have extracted the Y component of each part of the video. On which I had applied the DWT. Extract the HH Band. Apply SVD. And get the singular matrix.
How could I process the two share of transparencies in order to embed into the singular value obtained of these two parts of video as indicated above. Also requested to please tell me the extraction process of these two transparencies from watermarked video ?  
You are most welcomed to informed me about any other method to implement the visual cryptography based video watermarking.    
Relevant answer
Answer
  • asked a question related to Computer Networks Security
Question
10 answers
My undergraduate students are involved in designing a web based student admission system. They have to make the system secure from different types of attacks and cover vulnerabilities. What types of attacks and vulnerabilities are there? What basic security features should be implemented to provide average level of security. 
Relevant answer
Answer
I agree that NIST and OWASP are best as guidance for developing web security features. 
  • asked a question related to Computer Networks Security
Question
9 answers
 I am doing research in email classification for spear phishing attacks. Is there any dataset for spear phishing email?
Relevant answer
Answer
May this link helpful to you.
  • asked a question related to Computer Networks Security
Question
3 answers
An error occured.
Relevant answer
Answer
There are different works and responsibilities for ISP's, if think for simple application of a computer or integrated device it can only filter the carrier level and protect the device that serves by ISP but the device couldn't not protect itself.Like nest's server or automated polling system so that each application know what to deal with.For ex- a website like amazon.com can check or follow which comments or commands are hit most of the times.But if it do in the same time the customer should know to deal with the service within his/her using network area.May be then the IOT device will remain secure.In recent future IOT will develop more I personally think.
  • asked a question related to Computer Networks Security
Question
4 answers
I have two sets of entities A and B, members of A have a kind of relationship with members of B, we need to investigate the stability of the relationship between a member or a subset from A with a member or a subset from B over a long time (week, month, year) with a time window (five minutes for example)
Relevant answer
Answer
Dear Ahmad,
I don't know if I have understood precisely, but these three chapters from a book about complex networks deal with dynamic processes on a graph, where there is a notion of time or "evolution" of the process.
In the ch03 (for example) you can see a dynamic evolution of the graph structure, with new edges being added over time.
Cheers
  • asked a question related to Computer Networks Security
Question
5 answers
What are the features that network intrusion detection system cannot respond to them?
Relevant answer
Answer
There are different types of DDOS attacks.  An easy example is the SYN Flood attack. In this attack, the attacker sends a TCP connection request (a packet with the SYN flag set). The server allocates resources for the connection and responds. The attacker ignores the response, and the server must keep the resources allocated until a time out occurs. If there are enough requests over a period of time, the server runs out of resources.
If the server is a public server (say for an e-commerce site), it has to expect connection requests from any computer in the world.
A smart attack will spoof the source IP addresses. Therefore the IDS will not know that this is an attack instead of just a lot of normal traffic. If the system attempts to reduce the number of connections by rejecting some requests, it may reject legitimate requests.
An attacker can use a botnet to distribute the sources around the world to prevent techniques that look at a large number of requests from a single portion of the internet. Such mechanisms can be placed in gateway routers.
Another type of attack is a SYN reflection attack. The attacker spoofs an IP address and sends an request to a server (say a web server). The server responds to the spoofed IP address with a SYN/ACK message. The spoofed address is the victim machine and it must process all of the responses as if they were initial requests from the senders.
To summarize: The successful attacks look like legitimate requests from a range of machines and can not be easily differentiated from normal traffic.
  • asked a question related to Computer Networks Security
Question
17 answers
I am searching for such network attacks which are quite new and current research is going on to propose mitigation techniques for that attack.
Relevant answer
Answer
An interesting topic might present itself in the field of software-defined networking, whereby the complexity involved in security network visualization overlay technologies and automation features introduce a number of unique challenges. You might find the following useful as a starter:
  • asked a question related to Computer Networks Security
Question
5 answers
I want to know how to prevent a peer from changing its identity from time to time?
Relevant answer
Answer
   
combining both cryptographic and analysing network characterstics like peak,burst,thruput wecan develop novel policy to prevent whitewashing in p2p.
  • asked a question related to Computer Networks Security
Question
9 answers
Please provide the link or name of papers
Relevant answer
Answer
Packet payloads are also used to verify an attack, even if discovered by other means. If you have the full packet capture, you can verify what the attack is, even if it's encoded or obfuscated to bypass defensive mechanisms.
  • asked a question related to Computer Networks Security
Question
5 answers
i would like to ask that what are the efficient way to exchange the session key among N party in adhoc. Here, i want to make an algorithm to generate the session key among n people in the network, new user who want to join the network may also share the same session key and user who left the network may diminish the key permission. 
Relevant answer
Answer
There are generalizations of Diffie-Hellman for groups available, e.g. the Burmester-Desmedt Protocols or Tree-Based Diffie-Hellman. And of course, if there is already some shared secret among the group members, there are many protocols to derive a symmetric session key for the group. All these potocols support adding a new member to the group or deleting members. A good reference is the book by Colin Boyd and Anish Mathuria: Protocols for Authentication and Key Establishment (Springer 2003)
  • asked a question related to Computer Networks Security
Question
5 answers
user can request for any website and phishing page then direclty move on orignal page
Relevant answer
Answer
Beside all technical countermeasures to detect and antagonize phishing, it can also be prevented by improving the online users' phishing awareness. Just catch a glimpse at https://www.researchgate.net/profile/Curtis_Carver/publication/222730836_Phishing_for_user_security_awareness/links/0deec5161aaaf78130000000.pdf for example!
  • asked a question related to Computer Networks Security
Question
1 answer
I have used Boneh Shaw's concatenated scheme, but because of replication factor the code length is too long. So what can I do to minimize the length?
Relevant answer
Answer
Since BS ensures collision free finger printing, minimizing the code should consider possibility. You can refer the attached file for lower bound on the code. Also, you can refer another attachment of BS FP scheme.
  • asked a question related to Computer Networks Security
Question
10 answers
I am interested to know how the cloud providers trust their new cloud users and what are the factors they considered for trusting the new user.
Relevant answer
Answer
you can use user behavior profiling and decoy technique  
  • asked a question related to Computer Networks Security
Question
1 answer
I am doing work on network security and want to simulate the protocol under NS2 framework. Does anyone have an idea of how to embed libssl or openssl in NS2?
Relevant answer
Answer
Write a C code to execute openssl commands
  • asked a question related to Computer Networks Security
Question
5 answers
Generally a cryptosystem is used to encrypt and de-crypt the data
where as a commitment scheme is used to commit and de-commit the data.
By combining the two : cryptosystem and commitment scheme can we enhance the security of a system?
Relevant answer
Answer
Any secure public key cryptosystem is already a secure commitment scheme. More precisely, an IND-CPA secure cryptosystem is computationally hiding and perfectly binding. Perfect binding follows from the unique decryption. Computation hiding follows from the IND-CPA security.
Cryptosystems have the decryption capability that is not needed from commitment schemes. Removing this extra capability is sometimes possible, and results in more efficient commitment schemes. For example, if you consider Elgamal encryption with ciphertext being (m h^r, g^r), then removing the second component removes decryption capability, and results in Pedersen commitment that is computationally binding and perfectly hiding. Elgamal itself is computationally hiding and perfectly binding.
  • asked a question related to Computer Networks Security
Question
3 answers
I 'm doing research on security policy models ( BIBA , Clark Wilson etc ) . How do I implement the security models ? is there any tools or applications that are appropriate to implement the security model?
Relevant answer
Answer
FreeBSD supports BIBA data integrity policies: http://www.freebsd.org/cgi/man.cgi?mac_biba
I have developed a reversible anonymiser based on the extensible access control markup language (XACML), which supports multiple security levels when anonymising/encrypting XML data. It might be useful as a platform for doing research on security policy models (see: http://reversible.anonymiser.org).
  • asked a question related to Computer Networks Security
Question
1 answer
Definition 1: A key k is called perfect if it is uniformly distributed from the adversary's point of view; a key k is called ε-perfect, if its distribution has an ε trace (statistical) distance to the uniform.
For hash functions, we have following theorem of composition:
Let F be a set of of ε1-AU2 hash functions from M->Z, and let G be a set of ε2-ASU2 hash functions from Z->T. Then H=G*F is an ε-ASU2 hash function family from M->T with ε=ε1+ε2
My Questions is following:
Is there any theorem of composition of ε-perfect keys that is not related to hash functions? To be precise, let us analyze key k1 which is ε1-perfect and key k2 which is ε2-perfect. What is the security (perfectness of the output) of their composition k1 XOR k2? Both keys have the same length.
Relevant answer
Answer
Simple exor does not work to improve: assume the first three bits are always 0, so these will remain 0 forever, what yu need to look at is extractor theory where somewhat random (perhaps with help of some truly random) is converted to random. This is a rich area of theory on various somewhat random sources, and how to convert them.
  • asked a question related to Computer Networks Security
Question
7 answers
I want to know some latest issues in terms of privacy due to data publishing or data mining in real example that happened after 2013. I have some example like
Google bypass safari browser privacy bypass issue
Max Schrems against Facebook.
Please share if you know some more example
Relevant answer
Answer
Could you shade more light on what you mean by "Real time issues of privacy..."? I am assuming you are taking about Privacy in Temporal Information Retrieval. If that is the case, there is a good beginning resource that lists a number of research articles on the subject -http://en.wikipedia.org/wiki/Temporal_information_retrieval 
The challenge would be incorporating various privacy algorithms in temporal information retrieval systems.
  • asked a question related to Computer Networks Security
Question
8 answers
According to cisco enterprise mobility, it is stated that "Even if port security is not an option to stop MAC flooding in wireless networks, the MAC flooding attack is unsuccessful when launched by a wireless user. The reason for this is the 802.11 protocol itself. The association to an AP is MAC-based; this means that the AP bridges (translational bridge) traffic coming only from or going to known users or known MACs. If a MAC flooding attack is launched from a wireless user, all the 802.11 frames with random source MAC addresses that are not associated to the AP are dropped. The only frame allowed is the one with the MAC of the malicious user, which the switch has probably already learned. Thus, the operation of the access point prevents the switch from being susceptible to MAC flooding attacks."
Relevant answer
Answer
If a registered MAC becomes a malicious BOT, and if it has to launch MAC flooding it has to change its MAC which will make BOT  disconnected. Therefore every time it changes MAC it becomes disconnected and hence this attack is not possible.
  • asked a question related to Computer Networks Security
Question
1 answer
I am new to the snort software using for botnet detection in cloud computing. Can somebody suggest me some useful information about this software? I will be very thankful in advance,
Relevant answer
Answer
It is an open source software visit at www.snort.org for detail. Watch video on the YouTube on the subject issue like installation and implementation.
  • asked a question related to Computer Networks Security
Question
10 answers
I want to know what is the scope of research in the field of cloud security.
Relevant answer
Answer
Hi Saikat,
Based on Cloud Security Alliance's (CSA) v3 scopes, there are 14 domains you can choose from to perform your cloud security research.  These include:
1) Cloud Computing Architectural Framework
2) Governance and Enterprise Risk Management
3) Legal Issues: Contracts & Electronic Discovery
4) Compliance & Audit Management
5) Information Management & Data Security
6) Interoperability & Portability
7) Traditional Security, Business Continuity & Discovery Recovery
8) Data Center Operations
9) Incident Response
10) Application Security
11) Encryption & Key Management
12) Identity, Entitlement & Access Management
13) Virtualization
14) Security as a Service
The CSA website link is: cloudsecurityalliance.org.  All the best.
Regards,
Fung
  • asked a question related to Computer Networks Security
Question
5 answers
I have planned to pursue research on network intrusion detection.
Can anyone help me on how to extract information on anomalous flow from a live network connection?
Relevant answer
Answer
Given that you have a good and representative set of features and/or metrics, then a clustering algorithm (e.g. expectation maximisation) can be useful for initial exploration of anomalies. This is especially useful if you do not have a representative labeled test set.
If you have a labeled test set, then you can apply supervised learning methods, for example support vector machines (SVM). A challenge is however the lack of good test sets. The KDD cup data set is a synthetic test set that is well known for being biased and severely outdated.
  • asked a question related to Computer Networks Security
Question
22 answers
What are the different datasets available for network intrusion detection in publucdomain except KDD CUP 99 data set?
Relevant answer