Science topic

Computer Networks Security - Science topic

Explore the latest questions and answers in Computer Networks Security, and find Computer Networks Security experts.
Questions related to Computer Networks Security
  • asked a question related to Computer Networks Security
Question
1 answer
[CFP]2024 2nd International Conference on Artificial Intelligence, Systems and Network Security (AISNS 2024) - December
AISNS 2024 is to bring together innovative academics and industrial experts in the field of Artificial Intelligence, Systems and Cyber Security to a common forum. The primary goal of the conference is to promote research and developmental activities in computer information science and application technology and another goal is to promote scientific information interchange between researchers, developers, engineers, students, and practitioners working all around the world. The conference will be held every year to make it an ideal platform for people to share views and experiences in computer information science and application technology and related areas.
Conference Link:
Topics of interest include, but are not limited to:
◕Artificial Intelligence
· AI Algorithms
· Natural Language Processing
· Fuzzy Logic
· Computer Vision and Image Understanding
· Signal and Image Processing
......
◕Network Security
· Active Defense Systems
· Adaptive Defense Systems
· Analysis, Benchmark of Security Systems
· Applied Cryptography
· Authentication
· Biometric Security
......
◕Computer Systems
· Operating Systems
· Distributed Systems
· Database Systems
Important dates:
Full Paper Submission Date: October 10, 2024
Registration Deadline: November 29, 2024
Conference Dates: December 20-22, 2024
Submission Link:
  • asked a question related to Computer Networks Security
Question
1 answer
What are the latest and more comprehensive survey surveys in the field of DDoS detection and mitigation in software-defined network security in 2023-2024? I only focus on the research results of 2023-2024, rather than the previous year. At present, the quality of the papers I have found is very average, and it is difficult to meet the requirements of new trend research. I hope to find papers that meet the above conditions, and I am constantly investigating
Relevant answer
In 2023 and 2024, several comprehensive surveys have been conducted on DDoS detection and mitigation strategies within Software-Defined Networks (SDNs). These surveys address the evolving landscape of SDN security, focusing on both high-rate and low-rate DDoS attacks.
One notable survey from **Cluster Computing** provides an extensive overview of existing DDoS detection, mitigation, and defense mechanisms in SDNs. It categorizes various approaches, highlighting their effectiveness and the ongoing challenges in developing robust DDoS protection strategies for SDN environments【8†source】.
Another significant study in **Multimedia Tools and Applications** explores the taxonomy of DDoS defense mechanisms in SDNs, identifying key research challenges and opportunities. It emphasizes the need for adaptive and intelligent systems that can respond to the dynamic nature of DDoS attacks【9†source】.
Furthermore, an article in **IEEE Access** published in 2024 offers a detailed examination of DDoS detection methods specifically tailored for SDNs. This study highlights recent advancements and future directions, providing a crucial resource for researchers looking to enhance security within SDN architectures【10†source】.
These surveys collectively underline the importance of continuous innovation in DDoS detection and mitigation techniques to address the complexities introduced by SDNs.
  • asked a question related to Computer Networks Security
Question
5 answers
Question1: In Software-Defined Networking (SDN), what are the hot research areas in anomaly-based DDoS detection?
Question2: What are the new or prominent DDoS attack types worthy of study, such as low-rate DDoS attacks and flow table overflow attacks?
Question3: Is the flow table overflow attack proposed much later?
Relevant answer
Answer
Question 1: Hot Research Areas in Anomaly-Based DDoS Detection in SDN
1. Machine Learning and AI Techniques : Enhancing anomaly detection using machine learning algorithms to identify unusual traffic patterns, especially in dynamic environments.
2. Real-time Traffic Analysis : Developing methods for real-time monitoring of network traffic to ensure immediate response to anomalies.
3. Adaptive Thresholding : Researching adaptive algorithms that can adjust thresholds dynamically based on network behavior over time.
4. Hybrid Detection Systems : Combining multiple detection techniques (signature-based, anomaly-based, etc.) to improve detection rates and reduce false positives.
5. Behavioral Analysis : Analyzing normal user behaviors to create baseline profiles, which can then be monitored for deviations that indicate DDoS attacks.
6. SDN-specific Approaches : Exploring how SDN's centralized control can be leveraged for more effective anomaly detection, including flow management and real-time policy updates.
7. Coordination of Security Measures : Investigating the orchestration of multiple security measures (e.g., firewall, IDS) within SDN to improve response to detected anomalies.
Question 2: New or Prominent DDoS Attack Types
1. Low-rate DDoS Attacks : These attacks involve sending traffic at a low rate to avoid detection by traditional thresholds, aimed at overwhelming specific resources like applications or databases.
2. Application Layer Attacks : Focusing on DDoS attacks targeting application layers (e.g., HTTP floods) rather than just network resources, often harder to detect.
3. Amplification Attacks : Leveraging certain protocols (e.g., DNS or NTP) to generate massive amounts of traffic against a target.
4. Distributed Reflection DoS (DRDoS) : This type sends requests to multiple devices, which then reflect the traffic to the victim, compounding the attack’s impact.
5. IoT-based Attacks : Utilizing compromised Internet of Things (IoT) devices, which are often less secure, to orchestrate large-scale attacks.
6. Flow Table Overflow Attacks : Targeting the flow tables in SDN switches, causing resource depletion and disrupting normal operations.
Question 3: Is the Flow Table Overflow Attack Proposed Much Later?
Yes, the flow table overflow attack is a more recent consideration in the context of SDN security. As SDN technologies evolved, researchers began to identify vulnerabilities specific to the architecture, including how flow tables can be overwhelmed by excessive rules or flows. This type of attack leverages the unique characteristics of SDN, where centralized control and the reliance on flow tables can be exploited to disrupt services or degrade performance.
  • asked a question related to Computer Networks Security
Question
11 answers
Please provide information which area will be good for doing Ph.D research in cyber security. Thanks
Relevant answer
Answer
As machine learning technology and generative artificial intelligence are increasingly being used by cyber criminals to improve cybercrime techniques, create new more effective types of viruses, malware to take control of smartphones, laptops, computers, etc. individuals, companies, enterprises, financial and/or public institutions targeted by cybercrime attacks then a good topic for a doctoral dissertation in the field of cyber security is to explore the current and potential possibilities of applying the now rapidly developing technology of machine learning, deep learning using multi-layer artificial neural networks and generative artificial intelligence to detect cybercrime attacks, situations of attempts to infect IT equipment, smartphones, etc. with malware, ransomware viruses, phishing techniques used, fake emails sent out by cyber criminals containing computer viruses created using artificial intelligence technology.
Perhaps in formulating a good, interesting, up-to-date, future-oriented topic for a dissertation, it may also help to read my article, in which I described the key issues of opportunities and threats to the development of artificial intelligence technology:
OPPORTUNITIES AND THREATS TO THE DEVELOPMENT OF ARTIFICIAL INTELLIGENCE APPLICATIONS AND THE NEED FOR NORMATIVE REGULATION OF THIS DEVELOPMENT
I invite you to join me in scientific cooperation on this issue,
Regards,
Dariusz Prokopowicz
  • asked a question related to Computer Networks Security
Question
17 answers
Hello everyone,
I would like to make a thorough investigation on the most promising simulation platforms for simulation and analysis of Cyber Attacks on Cyber Physical Energy Systems, along with the application of security solutions and their impact on performance.
To the best of my knowledge, a combination of two or more simulation/emulation tools might be required. E.g. a tool representing the cyber components (such as ns-2, Omnet++, Emulab) along with a tool representing the power grid physical components, (such as MATLAB).
Since investigation and proposals of the research community is still going on, hence the selection of the simulation platform(s) seems to be inconsistent among the researchers.
Through this question, I would request the research community of this field to share their knowledge and experience in this regard, with thanks.
Relevant answer
Answer
Your research on the simulation and analysis of cyber attacks on Cyber-Physical Energy Systems (CPES) is an important and challenging endeavor. Indeed, combining multiple simulation and emulation tools is often necessary to model the complex interplay between cyber and physical components. Here are some insights and suggestions for your research:
  1. Cyber Component Simulation/Emulation Tools:ns-2 and ns-3: Network simulators like ns-2 and ns-3 are widely used for simulating network behaviors, making them suitable for modeling cyber components of CPES. OMNeT++: OMNeT++ is a discrete-event simulation framework that can be used to model communication networks and protocols, making it a valuable tool for cyber component modeling. Mininet: Mininet is a network emulator that can be used to create virtual network topologies for testing and evaluating network security solutions.
  2. Physical Component Simulation Tools:MATLAB/Simulink: MATLAB is often used for modeling and simulating physical systems, including power grids. Simulink, an extension of MATLAB, is suitable for modeling the dynamic behavior of CPES components. DIgSILENT PowerFactory: This commercial software is specifically designed for modeling and simulating power systems, making it a powerful tool for studying the physical aspects of CPES.
  3. Integration of Tools:To model CPES comprehensively, you may need to integrate these tools. This can be achieved by developing custom interfaces or using middleware that allows communication between the cyber and physical components. Co-simulation frameworks like FMI (Functional Mock-up Interface) can facilitate the integration of different simulation tools.
  4. Security Solutions Integration:To study the impact of security solutions, you can integrate security tools and frameworks into your simulation environment. Tools like Wireshark, Snort, or intrusion detection/prevention systems can be incorporated to analyze and respond to cyber threats. Consider modeling the deployment and behavior of security solutions within the CPES to assess their effectiveness and performance impact.
  5. Datasets and Attack Scenarios:Access to real-world datasets and the creation of realistic attack scenarios are crucial for meaningful simulations. Look for publicly available datasets related to power grid and cyber-physical systems. Design attack scenarios that reflect different threat vectors, including cyber attacks on communication networks, power grid components, and control systems.
  6. Validation and Performance Metrics:Develop appropriate validation methodologies and performance metrics to assess the impact of cyber attacks and security solutions on CPES. This may include measures of system resilience, response time, and data integrity.
  7. Collaboration and Knowledge Sharing:Engage with the research community in the field of CPES security. Collaborate with experts and consider participating in conferences, workshops, and forums dedicated to cyber-physical systems and cybersecurity.
  8. Stay Updated: Given the evolving nature of cybersecurity threats, stay up-to-date with the latest research, attack techniques, and defense strategies to ensure the relevance and effectiveness of your simulations.
Your research can contribute significantly to enhancing the security and resilience of Cyber-Physical Energy Systems, which are critical infrastructure components. Collaboration and knowledge sharing within the research community will be invaluable as you work to address the challenges in this field.
  • asked a question related to Computer Networks Security
Question
6 answers
Non-repudiation is a legal term defined as protection against an individual falsely denying having performed a particular action. It provides the capability to determine whether a given individual took a specific action, such as created information, approved information or sent or received a message.
Social media platforms such as WhatsApp have a function which allows one to send a message to an individual or a group and DELETE the message from all the recipients leaving them with no evidence of what has been sent. This allows the sender to deny having sent such a message. Read-once messages which get destroyed upon being read can also be a breach of non-repudiation on Social Media platforms.
What is your view of these functions on social media platforms? Legally are they acceptable?
Relevant answer
Answer
I don't use whatsapp and I don't care to use it.
  • asked a question related to Computer Networks Security
Question
6 answers
The SCPS Lab (https://www.scpslab.org/) is hiring for two Ph.D. positions in the following areas:
  • Federated Defense Against Adversarial Attacks in IIoT.
  • Threat and Anomaly Detection for Cloud Security.
The required skills for potential graduate students include:
  • Strong background in cyber security.
  • Strong background in machine learning and data analytic techniques.
  • Background in detection and estimation theory.
  • Strong oral and written communication skills.
To apply, please contact Dr. Hadis Karimipour (hadis.karimipour@ucalgary.ca) with your most recent C.V. and a list of two references.
Relevant answer
Answer
Great to know
  • asked a question related to Computer Networks Security
Question
13 answers
Dear Researchers, I perform J48 Algorithm on KDD Test dataset in WEKA. it gives me Anomaly and normal class. if i want to know detail Anomaly attacks by category like Dos, R2L, U2R. how can i do in same dataset?
if someone helps i will be very thankful
Relevant answer
Answer
Also, I'm looking for a solution If you please,
is there any solution for that?
… Read more
  • asked a question related to Computer Networks Security
Question
3 answers
In this digital world, with increasing digital devices and data, security is a significant concern. And most cases DOS/DDoS/EDoS attacks are performed by the botnet. I want to do research to detect and prevent botnets. Can you share an efficient research title to detect and prevent botnets?
Relevant answer
Answer
Dear Md. Alamgir Hossain,
You may want to look over the following sources:
Intelligent Detection of IoT Botnets Using Machine Learning and Deep Learning
_____
_____
Intelligent Detection of IoT Botnets Using Machine Learning and Deep Learning
_____
_____
Deep Neural Networks for Bot Detection
_____
_____
  • asked a question related to Computer Networks Security
Question
7 answers
I am working on cyber security domain. Currently, the work is to trace out the real ip address behind the VPN.
1. Is there any technique or api to trace out the real ip address which is masked with VPN?
2. How to determine whether the input ip address is original/proxy/vpn without any api support?
Researchers, Kindly provide the suggestion for the above questions.
#cybersecurity #vpn #proxy #networksecurity #researcher
Relevant answer
Answer
  • asked a question related to Computer Networks Security
Question
3 answers
I am a student of Master's (Computer Networks & Security ) currently I am doing research on the GreyHole attack in Cooja in RPL, but on the web, I didn't find any source to implement the attack, Kindly help me with this.
Relevant answer
Answer
Dear sir Sai R N and Ebenezer Esenogho , thanks for the response but these are for sinkhole attacks. and I am working on grey hole attack
  • asked a question related to Computer Networks Security
Question
3 answers
I need free code and datasets of early access Q1 articles which is not in "paper with code" about computer networks security
Relevant answer
  • asked a question related to Computer Networks Security
Question
2 answers
How to define the LSSS structure, i.e. the matrix M and the function ρ which associates each row of M to an attribute in attribute based encryption?Are there some developed methods that can be used to define the structure?
What is the relationship between tree structure and LSSS? Is tree a kind of LSSS, or an entirely different structure?
Relevant answer
Answer
You can check the Ciphertext Policy ABE Paper ( CPABE). Also feel free to check the CPABE toolkit source code ( http://acsc.cs.utexas.edu/cpabe/). It's awesomely written. Some other implementations in various programming languages are available as well
  • asked a question related to Computer Networks Security
Question
26 answers
According to a survey conducted by Sophos, 2020 was a tough year for education, with the sector experiencing the highest level of ransomware attacks of all industries. Ransomware attacks have been on the top list of dangerous threats to information systems for over a decade. The threats of ransomware attack do not seem to go away or rather slow down BUT seems to get more complicated.
Are the current mitigation techniques well designed to prevent the attacks? What are your thoughts?
Relevant answer
Very interesting question! I completely agree and support the opinion of dear colleagues Ljubomir Jacić, Doherty Odueko Funmilayo. Thank you!
  • asked a question related to Computer Networks Security
Question
4 answers
SQL injections attacks have been on the number one list of dangerous threats to information systems for over a decade. The threats of an injection attack do not seem to go away or rather slow down BUT seems to get more complicated and more dangerous every time one is launched successfully.
Are the current mitigation techniques well crafted to halt the attacks or its high time new methods of protecting data in-situ are designed?
What do you think?
Relevant answer
Answer
What is the primary method of mitigating SQL injection attacks?
Option 1: Use of Prepared Statements (with Parameterized Queries) Option 2: Use of Stored Procedures. Option 3: Allow-list Input Validation. Option 4: Escaping All User Supplied Input.
SQL Injection attacks are unfortunately very common, and this is due to two factors:
  1. the significant prevalence of SQL Injection vulnerabilities, and
  2. the attractiveness of the target (i.e., the database typically contains all the interesting/critical data for your application).
It's somewhat shameful that there are so many successful SQL Injection attacks occurring, because it is EXTREMELY simple to avoid SQL Injection vulnerabilities in your code.
SQL Injection flaws are introduced when software developers create dynamic database queries that include user supplied input. To avoid SQL injection flaws is simple. Developers need to either: a) stop writing dynamic queries; and/or b) prevent user supplied input which contains malicious SQL from affecting the logic of the executed query.
Primary Defenses:
  • Option 1: Use of Prepared Statements (with Parameterized Queries)
  • Option 2: Use of Stored Procedures
  • Option 3: Allow-list Input Validation
  • Option 4: Escaping All User Supplied Input
Additional Defenses:
  • Also: Enforcing Least Privilege
  • Also: Performing Allow-list Input Validation as a Secondary Defense
  • asked a question related to Computer Networks Security
Question
7 answers
Hello all, I'm an undergraduate student and currently I'm interested to learn more about Cryptographic for Network Security. I want to know is there any paper or journal that quickly summarize whether each Encryptions Algorithm has their own behaviour that maybe works better for its different purposes?
Like some algorithms are best-used for Cloud Computing, some others are for an E-Commerce website, some others for Social Media application, etc. that would lead to decision making of which are more suitable for algorithm for every project.
Thanks before!
Relevant answer
Answer
RSA
  • asked a question related to Computer Networks Security
Question
8 answers
This is related to Homomorphic encryption. These three algorithms are used in additive and multiplicative homomorhism. RSA and El gamal is multiplicative and Pallier is additive.Now i want to know what is the time complexity of these algorithms.
Relevant answer
Answer
Want the encryption and decryption time complexity when used by pallier cryptosystem
  • asked a question related to Computer Networks Security
Question
7 answers
For quantum cryptography(QKD) simulation, which simulator is best one
  • asked a question related to Computer Networks Security
Question
10 answers
I'm currently working on my proposal for my master's thesis and would like to find out which current research topics in the field of network security are promising/interesting/hot.
Relevant answer
Answer
Most trend work is the cybersecurity defence algorithm over 5G
  • asked a question related to Computer Networks Security
Question
7 answers
If table is like can we draw venn diagram by this input?
variable          value r1               value r2
a                        20                         45
b                         10
c                          39                        1
d                                                      37
e                            98                     27
Relevant answer
Answer
you can use this online tool DiVenn which will generate a nice graph https://divenn.noble.org
  • asked a question related to Computer Networks Security
Question
27 answers
Will the use of Blockchain technology improve the security of information transfer on the Internet? Will the development of Blockchain technologies reduce the scale of cybercrime on the Internet?
Please, answer, comments.
I invite you to the discussion.
Best wishes
Relevant answer
Answer
Blockchain technology & security system - Interesting - Following .
  • asked a question related to Computer Networks Security
Question
7 answers
We are applying ML for network intrusion detection, specifically UDP DoS detection. Most of the known datasets include http DoS. Is there any link that I can get labeled UDP DoS?
Thanks.
Noosha
Relevant answer
Answer
Thanks Nadun!
  • asked a question related to Computer Networks Security
Question
8 answers
Does anyone have experience with FIREMAN toolkit. I need to know how to install it, and how to use it to analyse the efficiency of my firewall?
Or, what tools you using to analyse and test the efficiency of your Firewall?
  • asked a question related to Computer Networks Security
Question
6 answers
I am want to know how signature based detection is implemented by anti-malware  software companies. I know theoretical working of it but how it is implemented in actual software for efficient detection ?   
Relevant answer
Answer
In addition to above references I found "Antivirus Hackers Handbook " a very useful reference for understanding the signature types, working of signature based detection and evasion techniques. I would it should be the starting point for anyone who is new in this field.
  • asked a question related to Computer Networks Security
Question
5 answers
I want to know about the simplest m Artificial Neural Network that can be used for the classification of network traffics to normal and attack in java using KDD cup 99. Can the classification read the KDD records as is or does they need to be normalized?
Relevant answer
Answer
Thank you all for your valuable answers
  • asked a question related to Computer Networks Security
Question
12 answers
The MQTT is the functional and useful protocol in internet of things.
Relevant answer
Answer
The most known attacks are distributed denial-of-service (DDoS) and botnet attacks. However, MQTT is based on TCP protocol that can be secured with Transport Layer Security (TLS). Combining MQTT with TLS can help in security and performance improvement.
  • asked a question related to Computer Networks Security
Question
3 answers
Please suggest me some good papers on DDOS attack detection that can be implemented on NS-2.
Relevant answer
Answer
Hi Deepak,
My supervisor Dr George Loukas has conducted extensive work on DDOS detection which was implemented in NS-2. A link to his profile here: https://www.researchgate.net/profile/George_Loukas2 - see his papers on Denial of Service detection in a self-aware network.
  • asked a question related to Computer Networks Security
Question
10 answers
I'm trying to develop an intrusion detection for Industrial Ethernet. e.g. S7, PROFINET, Modbus protocols.
I want to evaluate my work on IE security dataset. Does anyone know security dataset in this domain? Some PCAP examples or sanitize dataset like KDD?
Relevant answer
Answer
Dear Maxime,
Thank you very much for you answer!
Best regards
Rocio
  • asked a question related to Computer Networks Security
Question
7 answers
I want to simulate the cyber attack behaviour, such as the spread of worms, on computer networks to test a detection method. Could you please give me some advice about the selection among different simulators?
Relevant answer
Answer
Hi Kaiming
Why don't you set up a honeypot server instead and collect attack data for real? You could even analyse attacks happening in real time, which is always more fun than playing with simulators. Simulators will only ever be as good as the person who sets them up, and as soon as the simulation software is released, it will very quickly become out of date. At least with a real system, you will be attacked by real people using real cutting edge attack technology. For example, you could start by just seeing how long it takes for someone to compromise your system. Then take it off-line and analyse the event or events that took place. Fix the weaknesses discovered for your next round, and see what comes along next. By repeating this process time and time again, you could collect a huge amount of real data on cyber attacks. And you won't have long to wait to start collecting your data. I friend of mine was looking to collect Mirai virus exploits, and the honeypot was compromised within 60 seconds of going live on the internet.
Regards
Bob
  • asked a question related to Computer Networks Security
Question
4 answers
actually my work in detection DDoS ATTACKS in data plane and control plane using supervisor machine learning
Relevant answer
Answer
Use minnet with Ryu and you can generate DDOs using NS2, NS3 and GNS3.
  • asked a question related to Computer Networks Security
Question
3 answers
A new concept about the way to connect to VPNs, without pre-defined VPN tunnel or servers, no topology and data transfer through the cloud?
Relevant answer
Answer
  • asked a question related to Computer Networks Security
Question
15 answers
MulVAL- is a logic-based attack graph generation technique invented by Xinming Ou. I have installed "MulVAL" as per the instructions given in (http://people.cis.ksu.edu/~xou/argus/software/mulval/readme.html) and tried to run it for the testcase given in input file (input.P) as follows:
shyam@ubuntu:~/Desktop/Graph/mulval/utils$ ./graph_gen.sh /home/shyam/Desktop/Graph/mulval/testcases/3host/input.P -v
But I am getting the following error:
cat: goals.txt: No such file or directory
rm: cannot remove `goals.txt': No such file or directory
The attack simulation encountered an error.
Please check xsb_log.txt.
What does it mean and how do I solve it? Any kind of help would be appreciated.
Relevant answer
Answer
Hey Guys I need help,
Every time I tried to convert the nessus vulnerability scanning file to nessus.p file which is the input for mulval I am getting below error
++Error[XSB/Runtime/P]: [Existence (No procedure usermod : vulExists / 3 exists)] []
Forward Continuation...
... machine:xsb_backtrace/1 From C:\Program Files (x86)\XSB\syslib\machine.xwam
... loader:load_pred1/1 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... loader:load_pred0/1 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... loader:load_pred/1 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... x_interp:_$call/1 From C:\Program Files (x86)\XSB\syslib\x_interp.xwam
... x_interp:call_query/1 From C:\Program Files (x86)\XSB\syslib\x_interp.xwam
... standard:call/1 From C:\Program Files (x86)\XSB\syslib\standard.xwam
... standard:catch/3 From C:\Program Files (x86)\XSB\syslib\standard.xwam
... x_interp:interpreter/0 From C:\Program Files (x86)\XSB\syslib\x_interp.xwam
... loader:ll_code_call/3 From C:\Program Files (x86)\XSB\syslib\loader.xwam
... standard:call/1 From C:\Program Files (x86)\XSB\syslib\standard.xwam
... standard:catch/3 From C:\Program Files (x86)\XSB\syslib\standard.xwam
Any idea how to solve this error??
  • asked a question related to Computer Networks Security
Question
5 answers
I am looking for problems which are being currently researched in the domain of security for IoT especially in the aforementioned protocols.
Relevant answer
Answer
Hello Anshul,
As far as I know, these are some of them, according to the existing literature:
2. Encryption of CoAP data via Datagram Transport Layer Security (DTLS) (for example, https://nvisium.com/blog/2015/05/27/implementing-coap-secure-way-part-i/). This is the most common way to provide security to CoAP.
In case you are looking for a solution, have you considered AMQP? It solves security by adding . Another protocol you might want to take a look is 6LoWPAN, even though this is a protocol located at the network layer rather than at the application one (as CoAP can be regarded). Finally, MQTT can also be taken into account for a study on security (but it is very likely that you already know all this, anyway).
I hope this helps!
  • asked a question related to Computer Networks Security
Question
5 answers
i am working on creating an effective attack database for the researchers? Hence i need to know about the challenges faced by them  in getting the attack datasets for reserach purposes
Relevant answer
Answer
Unfortunately, many organizations tend to clam up the moment you say the word "security", and they are thus unwilling to share their attack stories.
Collecting and publishing (at least internally) attack stories is one of the software security practices enumerated by the BSIMM, but very few organizations we have dealt with actually do this.
Getting access to attack data will only be possible if you are able to establish a trust relationship with each organization, and thus your best bet might be to approach (e.g.) FS-ISAC, and get teh required contacts and information through them.
  • asked a question related to Computer Networks Security
Question
6 answers
Have you any idea or suggestions ?
Relevant answer
Answer
I can give u some advises if still not achieved the work...
  • asked a question related to Computer Networks Security
Question
19 answers
What are Security Challenges and Issues for Internet of Things (IoT) application in industry?
Please suggest some related articles.
  • asked a question related to Computer Networks Security
Question
4 answers
Risk assessment
Risk management
Risk analysis
Threat impact
Likelihood
  • asked a question related to Computer Networks Security
Question
3 answers
I want to analyse the effect of key management in DTN . I would appreciate any useful idea especially using ONE simulator.
Relevant answer
Answer
Hello, the ONE simulator does not have a key management protocol.
Instead, you can count the number of message or information transfer, and count the number of packets that are needed to accomplish the transfer or accomplish a connection.
For example, when two nodes meet, you can detect that using the simulator, and you can assume that there is a key exchange for this connection between two nodes, or a key connection for each message transferred between the nodes, then you can do the analysis that you need. For example, you can suggest the usage of one key management session for all the messages that will be transferred between both nodes.
  • asked a question related to Computer Networks Security
Question
3 answers
Polymorphic generators can be used in software, to make self-modifying code (to prevent unauthorized copying of executable code).
Are there any ways to implement this mechanism for preventing unauthorized copying of some data from hard disk or RAM? E.g. I have a license.txt and I don’t want anyone to get copy of this file from my storage. So when intruder copies this file, he’ll get a fully changed copy of this file.
Can someone suggest any literature related (papers/documents)? It would be very much appreciated.
Best regards,
Relevant answer
Answer
You could search for Address Space Layout Randomisation - it does not prevent copying of RAM, but is useful to prevent e.g. buffer overflow attacks.
  • asked a question related to Computer Networks Security
Question
7 answers
Hi, 
I have a number of trace files which I used it to extract features and create a lot of records in both situation normal, and abnormal. Are there any rules can we rely on to determine the final number of records in dataset for each class? can we choose the same number for both? or the normal class must has more number of records?Please what is the best solution which is more reliability?
Relevant answer
Answer
Thanks a lot for this answer Mr. Jhordany..
It is valuable information ...:) 
  • asked a question related to Computer Networks Security
Question
5 answers
My domain is wireless healthcare sensor network.My idea is to provide authentication during data transmission by using both digital signature and bilinear pairing.so please
Relevant answer
Answer
Dear Sowmi Das, 
   You can use Java Crypto Libraries also to generate the pair of keys, digitally sign messages and verify them. 
    I guess some of these links may be of help, especially with reference to the Indian context. 
  • asked a question related to Computer Networks Security
Question
5 answers
I am working on developing a patch for DHCP server software. Please let me know from where I can get source code for an open source dhcp server.
Relevant answer
Answer
You may consider open source DHCP Server from Internet Systems Consortium available at https://www.isc.org/downloads/
  • asked a question related to Computer Networks Security
Question
1 answer
I'm doing some research on the explosive characteristic of fountain codes,which means the original symbols can be decoded suddenly when the receiver gets some key symbols. I do think this feature can be used in the problem of physical layer security, in which the legitimate user can get enough encoded symbols before eavesdroppers,and finishes decoding firstly. I'm now focusing on how to enhance the explosive characteristic. I will really appreciate it that someone can give me some suggestions.
Relevant answer
Answer
Breaking the content in several chunks, to create "multiple" explosions?
  • asked a question related to Computer Networks Security
Question
5 answers
How to calculate the complexity of ELGAMAL and RSA Cryptosystems?
Relevant answer
Answer
the complexity of any cryptography systems depends on the key size of the system and the complexity of the ciphertext linearly   proportional with the key size 
  • asked a question related to Computer Networks Security
Question
11 answers
I would like to design a security model for smart city applications. However, I haven't come across a simulation tool specifically for smart cities. Is there any one who has an idea about the tools for simulating smart cities?
Relevant answer
Answer
My opinion, "the smart city simulation" is really big area. I would ask If you would like to simulate communication technologies, traffic ... etc. probably when you mention security, it will be cyber security over some communication model - then I think you can simulate it in NS-3 or some other tools for simulating communication technologies. But it will be always more valuable do some more realistic data as i.e. create some simple network and use some advanced data-generator.
  • asked a question related to Computer Networks Security
Question
8 answers
Sometimes it is necessary to use tools for hack (testing) or discover vulnerabilities and resolving security vulnerabilities in the system of institutions by using attacker tools :
- Kali Linux
- Backtrack
- Pentoo
- Nodezero
- Network Security Toolkit (NST)
- Parrot Security
- BackBox Linux
- GnackTrack
- Bugtraq
etc..
Relevant answer
Answer
Dear Ameer
One of the best OS is Linux Distro Kali. It is best for penetrating and developed by the BackTrack team. It is basically for offensive security.
Please see the following link.
Some of the best that could be used for practice sessions are :
1. Kali Linux
2. BackBox
3. Parrot-sec forensic os
4. DEFT
5. Live Hacking OS
6. Samurai Web Security Framework
7. Network Security Toolkit (NST)
8. Bugtraq
9. NodeZero
10. Pentoo
11. GnackTrack
12. Blackbuntu
13. Knoppix STD
14. Weakerth4n
15. Cyborg Hawk
Thanks and Regards
Sanoop M
  • asked a question related to Computer Networks Security
Question
10 answers
Users are still vulnerable to malicious SPs that may collude to profile a user’s identity in a cloud environment. For instance, we have ten (10) Service Providers (SPs) and each of them have partial information about a user, what measure can one put in place to prevent these SPs from colluding to profile users’ attributes?
Relevant answer
Answer
Thank you Philippe De Ridder, Penchalaiah Padugupati and  William Shawn Wilkerson for all the contributions.
@Philippe De Ridder, Yes, the SPs need access to the data to enable them  be sure of the user, inoder to release  resources to the users.
Now I am trying to solve this malicious SP collusion problem: Using One (1) attribute Usage, say for instance inorder to avoid collusion among SPs in the Cloud we decide to release only the attribute needed for processing that resource for the user at only one point in time and the authentication details is only used for that transaction and cannot be stored by SPs for any future usage.
The Question now is how do we send this attributes to SPs in such a way that they can only be useful in one-tme use only and cannot be useful when kept for future use?
  • asked a question related to Computer Networks Security
Question
6 answers
hello everyone
i want to implement a detection scheme which can detect data modification attack in ecg data. can anyone tell me which simulator should i use? how can i simulate an attack?
Relevant answer
Answer
Hi,
Look, there is no such simulator available which is directly focused on WBAN and to medical data. However, you can demonstrate in virtual environment of any simulator like NS2 or OMNET++ which assumes other network architecture as WBAN. Moreover, you can select any programming languages that are supported by sensors and simulate on available device emulators like J2ME, .NET, etc. 
You can also use senseNUTs that are real sensors which support C programming and can be modified as per requirement. You can use them also for real time practice.
  • asked a question related to Computer Networks Security
Question
2 answers
Eavesdropping, Man in the middle attack (MitM):
Attackers can take advantage of a known weakness in LTE wherein the user identity transference occurs unencrypted, in clear text between the UE and the eNodeB, during the initial attach procedure. This allows an eavesdropper to track the user cell-location or launch a man in the middle attack by user international mobile subscriber identifier (IMSI) impersonation and relay of user messages.
Relevant answer
Answer
Thank you for your answer Martin, I will look for that tomorrow.
  • asked a question related to Computer Networks Security
Question
5 answers
How would you classify the threat of cyber-attacks and their impact on supply chains?
Isn’t it a megathreat like natural disasters? Cyber-attack as an unknown-unknown risk that is rather uncontrollable with huge potential impact?
What is the role of Prof. Simchi-Levi’s Risk Exposure Index regarding cyber risk assessment? Do you think it is possible and beneficial to apply the REI for the mitigation of cyber risks?
Relevant answer
Answer
Check out the work of Omera Khan. She has published several articles about cyber-risk management in supply chains.
  • asked a question related to Computer Networks Security
Question
3 answers
if possible, please point me to any published research papers on the subject
Relevant answer
Answer
Accidental configuration errors (non-malicious insider attacks) are easier to protect against, although if you have a mechanism to protect against the malicious attack, you've solved both problems.
The best example I can come up with on the spur of the moment would be to protect routing protocol messages, in an IP network.
Take a look at RFC 2453, for Routing Information Protocol (RIP) Version 2.
Section 4.1. describes a simple authentication scheme. In the packet overhead, one includes a plaintext, 16-byte password. This is a simple defense against misconfiguration. A router would check the password of any routing message, to verify the message comes from the router identified in the layer 3 header.
Next, take a look at RFC 4822.
Now you have a variable length encrypted authentication header, where the length depends on the algorithm used. A secret key is now needed to create and then to verify the authentication header. So this defends not only against simple configuration errors, but also against a deliberate routing protocol spoofing attack, designed to disrupt network operation.
  • asked a question related to Computer Networks Security
Question
3 answers
What Windows based honeypot do you suggest for gathering interactions to be used with WEKA to generate a training file using WEKA supervised learning?
[To be installed on VMWare]
Relevant answer
Answer
Hi thankyou both you've been really helpful!!
  • asked a question related to Computer Networks Security
Question
3 answers
detecting network layer attacks in manet requires some background knowledge. how can this be implemented.Suggest some ways kindly.
Relevant answer
Answer
You can implement a special agent node to store the knowledge base that can effectively control attacks in a MANET.
  • asked a question related to Computer Networks Security
Question
8 answers
I have new authentication method asked user to login based in some features,
how can I calculate the FP  and FN .and is there any tool can help.
Relevant answer
Answer
I have some experience testing biometric authentication products. The risk is always that one jumps too early into ad hoc testing before an experiment design is made. So I agree with the previous answers. make sure the use case is clear and that there are acceptance/success criteria *before* you start testing.
Next to that: the terms to use for authentication are False Accept and False Reject. Those give the False accept rate (FAR) and the False reject rate (FRR). But they are of course the same as FP and FN.
Normally authentication methods that need to be tested, like biometric systems, produce a score for every authentication attempt. (trust score). One of the aspects of the biometric system is that you set a threshold depending on the functional requirements. But that is the actual appication. To measure the performance of an authenticator regardless of the trhreshold setting, you need to create the FAR and FRR curves. Or better the Detection error trade-off curve (DET). 
There is no tool except for R, SPSS and python :-)
About significance (and how many tests you need) is discussed a bit in "Common Criteria - Common Methodology for Information Technology Security Evaluation - Biometric Evaluation Methodology Supplement [BEM]" from British government ( http://www.cesg.gov.uk, site has maintenance issues at the moment of writing)
good luck
  • asked a question related to Computer Networks Security
Question
11 answers
Dear all,
I proposed a framework security, but i want to determine exactly which is the best model for  assessment this framework  
Relevant answer
Answer
I suggest that you act as ethical hacker and conduct penetration tests with all instanced objects and applications of your framework.
  • asked a question related to Computer Networks Security
Question
7 answers
"For an application, I have to generate 10K pseudorandom bits from a user-supplied password (8-16 characters). What are possible options? Which one do you recommend and why?"
Relevant answer
Answer
This is a well-known issue with plenty of (also well-known) implementation pitfalls.
Why not using a standardized mechanism? Take a look at ISO/IEC 18031 and pick your favorite mechanism. The simplest is probably Hash_DRBG based on SHA-256.
If you don't want to pay for a standard, the NIST website also provides standard and well-known mechanisms for pseudo-random generation. PRNG SHA-1 is fast and secure enough for that purpose, that's a no brainer.
(and NIST has removed the controversial Dual_EC_DRBG from that standard)
:)
  • asked a question related to Computer Networks Security
Question
4 answers
In the field of access control policy, anyone can provide an explanation of the difference between SAML and XACML. In an Attribute Based Access Control  models, can both be applied simultaneously?
Relevant answer
Answer
SAML is about identity - an XML format for exchanging authentication and authorization data.  It is used most often for implementing single sign on in web browsers.
XACML is also XML based but oriented toward access policy.
They can be used together because they are orthogonal in purpose.  Both have their own provider and client architectures that are associated with each.  I have seen SAML used but never did anything with it myself.  There seems to be a fair number of production implementations of it.  I have played with XACML and Attribute based Access Control for some internal Proof of Concept work and experimentation, but have rarely seen XACML in production (just once).
Some basic overviews in the links below.
  • asked a question related to Computer Networks Security
Question
11 answers
After reading some papers, I found many papers skip the detail of making IDS, instead, directly go to evaluation part. 
Can anyone give me some hints about how to build a host based light weight IDS for detecting VM escape? Good references?
Thank you very much!
Relevant answer
Answer
Hi Bo Sun, 
Are you referring to Virtual machine interfaces or Virtual machine introspection ( the host IDS that exploits virtual machine introspection to check the integrity of a kernel running inside a virtual machine)? I am assuming the later, in case here are a list of articles:
A Virtual Machine Introspection Based Architecture for Intrusion Detection
Virtual machine introspection: Observation or interference?
Virtual Machine Introspection:
A formal model for virtual machine introspection:
Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection:
For VMI, as defined above, then yes this sounds like a useful approach - in fact a combination of VMI and Network monitoring is likely to provide a more "semantic" observation of VM escaping. Contextually speaking that is, for example where you capture a correlation between VMI and network activities to build a picture of anomalous resource access and network activity.
An interesting subject!
  • asked a question related to Computer Networks Security
Question
13 answers
How privacy issues can be addressed in the context of cloud computing policy?
Relevant answer
Answer
Take a look at Legal requirements as mentioned above, and privacy policy statements from organizations to derive privacy requirements which then you can transform for applications. 
  • asked a question related to Computer Networks Security
Question
5 answers
I have to send the encrypted data to more than one cloud storage.I have a same question as Neetha Sharma do. Where can I insert my code in a simulation program example. First of all, Which example can I take for my project?
Relevant answer
Answer
If you take the risk and opt for end-to-end-encryption in order to save your ciphertext data in a cloud, I strongly recommend that you scrutinize your exerted crypto suite for undeliberate and especially deliberate security leaks. It is commonly known that crook intelligencies embed weaknesses in crypto suites to reveal private data for their own purposes.
  • asked a question related to Computer Networks Security
Question
20 answers
Suppose I have made a IDS (Intrusion Detection System), For example using KDD CUP99 I have made a system and I have done the test and evaluation and the result is acceptable. Now, I want to evaluate my proposed system on real online traffic . I can capture the packet using PCAP, I can extract the features and detect is it normal and anomaly. BTW, my problem is how can evaluate the output, because there is no ground file for that traffic. How can evaluate my system on real traffic? may be during the testing all the traffic in normal how can evaluate the performance of system on abnormal traffic? I think I have to make some abnormal traffic and test the system using my own abnormal traffic, Does this idea is correct and how should I make abnormal traffic?
Relevant answer
Answer
Your IDS is supposed to check the intrusions of a real-world data set, just recently released or just launch it by yourself. When we are doing real-time detection then we are supposed to launch the attacks or whatever you are interested in. After that run your algorithm and if it results well than you can surely use it for real time evaluation. KDD is no more. You can use Snort or other alternatives of Snort for doing so. 
  • asked a question related to Computer Networks Security
Question
3 answers
Does single or dual-n-back training have any lasting, transferable effects on other cognitive skills, apart from improving the performance in running the dual-n-back game? Some research studies indicate that it may have some effect for some people with some conditions (e.g. older people, people with dysphoria etc.), however larger meta-studies indicate no or very small effect in general as well as methodological problems in the underlying studies. The research therefore seems inconclusive.
What is your research experience with this? Are there any groups or conditions where such training has been shown to have transferable, lasting effects?
Relevant answer
Answer
If you are reading in this area you have probably already found him, but I know from his work with ACT-R that Niels Taatgen has worked with N-back, cognitive modeling, and has a long interest in transfer.
  • asked a question related to Computer Networks Security
Question
4 answers
How to measure how strong the correlation between cloud security policies and privacy requirement in saas and paas to protect those security threat related privacy?
Relevant answer
Answer
Hi Jafar,
Based on your question asked - seems & assumed is a quantitative research.  If yes, generally depends on how you operationalize your "cloud security policies" and "privacy requirement" constructs:
  1. if each of the above 2 constructs consist of some question items, may be you can perform Pearson correlation test (if their data scales are interval / ratio), perform Spearman Rho test (if data scales are ordinal), perform Cramer V test (if data scales are nominal)
  2. If the 2 constructs i.e. "cloud security policies" & "privacy requirement" respectively consists of some latent variables (each latent variable comprises few question items) & they are interconnected between the 2 constructs, may be you want to use Structural Equation Modeling (SEM) like SPSS AMOS or SmartPLS etc.
Regards,
Fung
  • asked a question related to Computer Networks Security
Question
4 answers
I am trying to implement the video watermarking based on visual cryptography. I have created two share of a image in '.bmp' formats. How these two shares will be embedding  in the video while using the frequency domain.
I have divided the video into parts ( Suppose the video consisting 300 frames. In this way each part is having 150 frames each) to embed these share in two different parts. I have extracted the Y component of each part of the video. On which I had applied the DWT. Extract the HH Band. Apply SVD. And get the singular matrix.
How could I process the two share of transparencies in order to embed into the singular value obtained of these two parts of video as indicated above. Also requested to please tell me the extraction process of these two transparencies from watermarked video ?  
You are most welcomed to informed me about any other method to implement the visual cryptography based video watermarking.    
Relevant answer
Answer
  • asked a question related to Computer Networks Security
Question
10 answers
My undergraduate students are involved in designing a web based student admission system. They have to make the system secure from different types of attacks and cover vulnerabilities. What types of attacks and vulnerabilities are there? What basic security features should be implemented to provide average level of security. 
Relevant answer
I agree that NIST and OWASP are best as guidance for developing web security features. 
  • asked a question related to Computer Networks Security
Question
10 answers
 I am doing research in email classification for spear phishing attacks. Is there any dataset for spear phishing email?
Relevant answer
Answer
May this link helpful to you.
  • asked a question related to Computer Networks Security
Question
3 answers
An error occured.
Relevant answer
Answer
There are different works and responsibilities for ISP's, if think for simple application of a computer or integrated device it can only filter the carrier level and protect the device that serves by ISP but the device couldn't not protect itself.Like nest's server or automated polling system so that each application know what to deal with.For ex- a website like amazon.com can check or follow which comments or commands are hit most of the times.But if it do in the same time the customer should know to deal with the service within his/her using network area.May be then the IOT device will remain secure.In recent future IOT will develop more I personally think.
  • asked a question related to Computer Networks Security
Question
4 answers
I have two sets of entities A and B, members of A have a kind of relationship with members of B, we need to investigate the stability of the relationship between a member or a subset from A with a member or a subset from B over a long time (week, month, year) with a time window (five minutes for example)
Relevant answer
Answer
Dear Ahmad,
I don't know if I have understood precisely, but these three chapters from a book about complex networks deal with dynamic processes on a graph, where there is a notion of time or "evolution" of the process.
In the ch03 (for example) you can see a dynamic evolution of the graph structure, with new edges being added over time.
Cheers
  • asked a question related to Computer Networks Security
Question
5 answers
What are the features that network intrusion detection system cannot respond to them?
Relevant answer
Answer
There are different types of DDOS attacks.  An easy example is the SYN Flood attack. In this attack, the attacker sends a TCP connection request (a packet with the SYN flag set). The server allocates resources for the connection and responds. The attacker ignores the response, and the server must keep the resources allocated until a time out occurs. If there are enough requests over a period of time, the server runs out of resources.
If the server is a public server (say for an e-commerce site), it has to expect connection requests from any computer in the world.
A smart attack will spoof the source IP addresses. Therefore the IDS will not know that this is an attack instead of just a lot of normal traffic. If the system attempts to reduce the number of connections by rejecting some requests, it may reject legitimate requests.
An attacker can use a botnet to distribute the sources around the world to prevent techniques that look at a large number of requests from a single portion of the internet. Such mechanisms can be placed in gateway routers.
Another type of attack is a SYN reflection attack. The attacker spoofs an IP address and sends an request to a server (say a web server). The server responds to the spoofed IP address with a SYN/ACK message. The spoofed address is the victim machine and it must process all of the responses as if they were initial requests from the senders.
To summarize: The successful attacks look like legitimate requests from a range of machines and can not be easily differentiated from normal traffic.
  • asked a question related to Computer Networks Security
Question
17 answers
I am searching for such network attacks which are quite new and current research is going on to propose mitigation techniques for that attack.
Relevant answer
Answer
An interesting topic might present itself in the field of software-defined networking, whereby the complexity involved in security network visualization overlay technologies and automation features introduce a number of unique challenges. You might find the following useful as a starter:
  • asked a question related to Computer Networks Security
Question
5 answers
I want to know how to prevent a peer from changing its identity from time to time?
Relevant answer
Answer
   
combining both cryptographic and analysing network characterstics like peak,burst,thruput wecan develop novel policy to prevent whitewashing in p2p.
  • asked a question related to Computer Networks Security
Question
9 answers
Please provide the link or name of papers
Relevant answer
Answer
Packet payloads are also used to verify an attack, even if discovered by other means. If you have the full packet capture, you can verify what the attack is, even if it's encoded or obfuscated to bypass defensive mechanisms.
  • asked a question related to Computer Networks Security
Question
5 answers
i would like to ask that what are the efficient way to exchange the session key among N party in adhoc. Here, i want to make an algorithm to generate the session key among n people in the network, new user who want to join the network may also share the same session key and user who left the network may diminish the key permission. 
Relevant answer
Answer
There are generalizations of Diffie-Hellman for groups available, e.g. the Burmester-Desmedt Protocols or Tree-Based Diffie-Hellman. And of course, if there is already some shared secret among the group members, there are many protocols to derive a symmetric session key for the group. All these potocols support adding a new member to the group or deleting members. A good reference is the book by Colin Boyd and Anish Mathuria: Protocols for Authentication and Key Establishment (Springer 2003)
  • asked a question related to Computer Networks Security
Question
5 answers
user can request for any website and phishing page then direclty move on orignal page
Relevant answer
Answer
Beside all technical countermeasures to detect and antagonize phishing, it can also be prevented by improving the online users' phishing awareness. Just catch a glimpse at https://www.researchgate.net/profile/Curtis_Carver/publication/222730836_Phishing_for_user_security_awareness/links/0deec5161aaaf78130000000.pdf for example!
  • asked a question related to Computer Networks Security
Question
1 answer
I have used Boneh Shaw's concatenated scheme, but because of replication factor the code length is too long. So what can I do to minimize the length?
Relevant answer
Answer
Since BS ensures collision free finger printing, minimizing the code should consider possibility. You can refer the attached file for lower bound on the code. Also, you can refer another attachment of BS FP scheme.
  • asked a question related to Computer Networks Security