Science topic

Network Security - Science topic

Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
Questions related to Network Security
  • asked a question related to Network Security
Question
5 answers
Can someone guide me a little? I am working on my Thesis related to IoT Security. Can you specify some major/challenging topics related to the Network Security of IoT Devices using Artificial Neural Networks? Any Precise topic/area in this field pls? Your response in this regard will be highly helpful for me. Thank you
Relevant answer
Answer
IoT zero-day attack detection and prevention
  • asked a question related to Network Security
Question
4 answers
Respected all,
i am interested in starting a research group on cyber and network security in my institution . Kindly advise on how should i proceed ?
Mainly i want to include faculty members and students who are interested in above domains .
Relevant answer
Answer
U can contact specialist researchers in this field working in different countries to gain more experience,wish u all the best.
  • asked a question related to Network Security
Question
1 answer
I have written a python script that can read packet details and identify abnormalities in the network. I see that NetSim has a socket interface that can be used to communicate with an external python program. But I am unable to figure out a method to send packet details to my algorithm. Upon processing the data based I also want to send commands from the Python script to NetSim to improve the network performance as well as take countermeasures in case of network attacks.
Relevant answer
Answer
Interprocess communication (at run time) needs to be handled either via a socket or a pipe. A dedicated socket program can be written within NetSim C codes, that interacts with your python program to appropriately
(i) pass information to your program and
(ii) get information from your program.
In order to get the packet details from NetSim and also send commands back to NetSim during runtime:
1. NetSim simulation can be run with the Wireshark option set to Online on one or more devices as per your requirement, to generate live PCAP log files.
2. The Run Time Interaction option can be enabled to allow your python program to connect to NetSim CLIInterpretor via socket.
3. During the simulation, your python code can read the Wireshark logs, and process and send commands to NetSim whenever required, to alter the network behavior.
You can also use TShark which is part of the Wireshark distribution that uses the same packet dissection code that Wireshark does, in order to parse the PCAP file during runtime.
  • asked a question related to Network Security
Question
3 answers
What are the hot research topics in Network Security and Computer Networking?
Relevant answer
Answer
Dear Harith Ghanim Ayoub,
Look over the sources below:
Network Security
_____
Computer Network Security Problems and Solutions - Possible Threats
_____
  • asked a question related to Network Security
Question
5 answers
Quantum communications technologies (like Quantum Key distribution) are often viewed as panacea of all ills required to make data transmission in telecom network secure. The question is - Can QKD help secure the ICT systems from computer viruses and worms?
Relevant answer
Answer
Dear Brajesh Mishra,
Here below is some auxiliary info:
, CTO at Serissa Research (2001-present) Lawrence Stewart
Answered Jul 11, 2019
AES with 256-bit keys is pretty good.
See Is AES-256 a post-quantum secure cipher or not?
Attacks are always improving, so there is nothing you can do that will be secure indefinitely. Also, you have to keep the key somewhere, so all encryption does is substitute keeping a small thing secret in exchange for keeping a larger thing secret. If you can keep a key secure somewhere, just put your data there too. Storage devices are pretty small.
If you have nowhere to keep your crypto keys, then no algorithm is going to help.
  • asked a question related to Network Security
Question
4 answers
Since I don't have any coding background its difficult for me to pick a topic in system security or network security. Please help me with any topics or suggestions you have. Thank you in advance.
Relevant answer
Answer
You can check out some topics below
Also, I believe you can take some python lessons online that can be of great help to you as well
  • asked a question related to Network Security
Question
14 answers
Would you please suggest to me a Q1 or Q2 subscription journal (without any publishing fee) in various areas of computer networks and the Internet of Things with a fast-processing time and no limit to publishing the number of free pages (unlike IEEE IoT, IEEE Systems, IEEE Sensors, etc.)? Unfortunately, journals such as Computer Networks, Computer Communications, and FGCS have slowed down a lot in the last year or two, especially in the process of initial review by editors and assignment of reviewers.
Relevant answer
Answer
Ali Seyfollahi Check out ACM Transactions on Sensor Networks too (TOSN).
  • asked a question related to Network Security
Question
6 answers
I need an idea to research network security using machine learning?
Relevant answer
Answer
Hi, machine learning is also used to make classifications from a large scope of metrics. However, you could use it to detect zero-day or unusual combination. For example, you can build robust model from network packet tracing or machine computation time.
  • asked a question related to Network Security
Question
7 answers
Need some Recent Research if possible
Thanks
Relevant answer
Answer
Dear Esraa Alomari,
the idea of the Software-Defined Network (SDN) is well suited to building intelligent Defense Systems with Honeypots against DDoS Attacks. The SDN Controllers can be "supplied" - i.e. controlled - from Digital Twins (DTs) with Artificial Intelligence (AI). In this way, "Intelligent Concepts based on the Idea of Honeypots against DDoS Attacks" could be developed. DDoS Attacks can be redirected to the Honeypots using SDN Controllers. The SDN Controllers can be intelligently configured with Specifications (Instructions) coming from DTs.
Siehe hierfür my literature sources.
My figures show the idea of DTs -- at the address:
The concept of SDN is illustrated by my figures at the address:
Much success
Anatol Badach
Seungwon Shin, Lei Xu, Sungmin Hong, Guofei Gu: Enhancing Network Security through Software Defined Networking (SDN); 25th International Conference on Computer Communication and Networks (ICCCN), Aug. 2016; DOI: 10.1109/ICCCN.2016.7568520
Luo, X.; Yan, Q.; Wang, M.; Huang, W. Using MTD and SDN-based Honeypots to Defend DDoS Attacks in IoT. In Proceedings of the 2019 Computing, Communications and IoT Applications (ComComAp), Shenzhen, China, Oct 2019; DOI: 10.1109/ComComAp46287.2019.9018775
Pokhrel, Abhishek, Vikash Katta, and Ricardo Colomo-Palacios. “Digital Twin for Cybersecurity Incident Prediction: A Multivocal Literature Review” Proceedings of the IEEE/ACM; 42nd International Conference on Software Engineering Workshops, 2020
Felipe S. Dantas Silva, Esau Silva, Emidio P. Neto, Marcilio Lemos, Augusto J. Venancio Neto, Flavio Esposito: A Taxonomy of DDoS Attack Mitigation Approaches Featured by SDN Technologies in IoT Scenarios; Sensors, Vol. 20, Issue 11, May 2020; DOI:10.3390/s20113078
Ozgur Yurekten, Mehmet Demirci: “SDN-based cyber defense: A survey”; Future Generation Computer Systems, Vol. 115, Feb 2021
Zhenhua Wang , Wei Xie, Baosheng Wang, Jing Tao, Enze Wang: A Survey on Recent Advanced Research of CPS Security; Applied Sciences, Vol. 11 Issue 9, April 2021; DOI: 10.3390/app11093751
CyberSec4Europe D4.4: Research and Development Roadmap 2
S. Lim, J. Ha, H. Kim, Y. Kim, S. Yang: A SDN-Oriented DDoS Blocking Scheme for Botnet-Based Attacks; Sixth International Conference on Ubiquitous and Future Networks (ICUFN); Jul 2014
  • asked a question related to Network Security
Question
3 answers
According to IBM Security X-Force (2021), server access was the third most common attack type in 2020. Nearly 36% of the server access attacks X-Force Incident Response observed in 2020 targeted the finance and insurance sector, with business services (14%), manufacturing (7%), and healthcare (7%) also getting hard hit.
The threats of server access attacks do not seem to go away or rather slow down, BUT they seem to get more complicated.
Are the current mitigation techniques for preventing server access attacks well-designed?
Besides that, Do you think adopting the Zero Trust security strategy will prevent this phenomenon? According to your experience. What are your thoughts on the matter?
Relevant answer
Answer
Zero trust strategy, or policy, or concept, or architecture are already published and actively discussed. However, the reliably secure practical implementations require more variety of secure, usable, and cheap Identity and Access Management (IAM) technologies, which are a backbone of the Zero Trust approach to security.
  • asked a question related to Network Security
Question
7 answers
COVID-19 has had a significant impact on the educational sector, resulting in a shift from face-to-face to a decentralized learning environment, creating a unique opportunity for network-based academic dishonesty. Prior research has shown that during the COVID-19 pandemic, students engaged in network-based academic dishonesty as a consequence of the breach of weak and legacy software programs that monitor network-based academic dishonesty.
Are the current mitigation techniques for preventing network-based academic dishonesty well-designed? What are your thoughts on the matter?
Relevant answer
Answer
Len Leonid Mizrah that's a wonderful response and I second you. Atiff Abdalla Mahmoud the issue of academic dishonesty in decentralised learning is an emerging and growing trend. The consequences associated with this trend are also relatively new. This sparks a revision of preventive measures which are currently being used to match the trend. without new inventive and resilient techniques, the issues will only grow to unacceptable proportions of which if this happens the value of education will completely be eroded. My take is that the current measures are not anywhere near enough.
  • asked a question related to Network Security
Question
21 answers
Recommended research fields:
Applying Machine Learning methods to Network Protocols field in many areas like IoT, Sensor Networks, Network Security aspects, Traffic Predictions...
Also, he is ready to participate in present related research and in a teamwork environment to publish scientific articles.
Relevant answer
Answer
A good way to start is to read recent overview articles and look for open problems that are stated in those papers. When it comes to machine learning, a general advice is to identify an existing protocol that you know is suboptimal, and then using machine learning to tweak the protocol.
  • asked a question related to Network Security
Question
3 answers
Usecase- To provide the security of the data by building Next-generation firewalls or Is there any better firewall type to handle the normal systems. Please do suggest me any answers!!.
Relevant answer
Answer
Dear Roshan Reddy,
To enable security of electronic communications there are three groups of problems - endpoint security, cloud / network security, and identity and access management security. Firewalls are important, but it's just a part of the puzzle.
  • asked a question related to Network Security
Question
12 answers
According to a survey conducted by Sophos, 2020 was a tough year for education, with the sector experiencing the highest level of ransomware attacks of all industries. Ransomware attacks have been on the top list of dangerous threats to information systems for over a decade. The threats of ransomware attack do not seem to go away or rather slow down BUT seems to get more complicated.
Are the current mitigation techniques well designed to prevent the attacks? What are your thoughts?
Relevant answer
Very interesting question! I completely agree and support the opinion of dear colleagues Ljubomir Jacić, Doherty Odueko Funmilayo. Thank you!
  • asked a question related to Network Security
Question
4 answers
SQL injections attacks have been on the number one list of dangerous threats to information systems for over a decade. The threats of an injection attack do not seem to go away or rather slow down BUT seems to get more complicated and more dangerous every time one is launched successfully.
Are the current mitigation techniques well crafted to halt the attacks or its high time new methods of protecting data in-situ are designed?
What do you think?
Relevant answer
Answer
What is the primary method of mitigating SQL injection attacks?
Option 1: Use of Prepared Statements (with Parameterized Queries) Option 2: Use of Stored Procedures. Option 3: Allow-list Input Validation. Option 4: Escaping All User Supplied Input.
SQL Injection attacks are unfortunately very common, and this is due to two factors:
  1. the significant prevalence of SQL Injection vulnerabilities, and
  2. the attractiveness of the target (i.e., the database typically contains all the interesting/critical data for your application).
It's somewhat shameful that there are so many successful SQL Injection attacks occurring, because it is EXTREMELY simple to avoid SQL Injection vulnerabilities in your code.
SQL Injection flaws are introduced when software developers create dynamic database queries that include user supplied input. To avoid SQL injection flaws is simple. Developers need to either: a) stop writing dynamic queries; and/or b) prevent user supplied input which contains malicious SQL from affecting the logic of the executed query.
Primary Defenses:
  • Option 1: Use of Prepared Statements (with Parameterized Queries)
  • Option 2: Use of Stored Procedures
  • Option 3: Allow-list Input Validation
  • Option 4: Escaping All User Supplied Input
Additional Defenses:
  • Also: Enforcing Least Privilege
  • Also: Performing Allow-list Input Validation as a Secondary Defense
  • asked a question related to Network Security
Question
3 answers
please recommend me subtopic in Honeypot network security topic for my MS level research and thesis
Relevant answer
Answer
Dear Faheem Tariq,
you can use the idea of Software-Defined Networking (SDN) to improve security in the IoT - especially against DDoS Attacks - through the use of Honeypots. See these literature sources.
Best regards
Anatol Badach
Xupeng Luo, Qiao Yan, Mingde Wang, Wenyao Huang: Using MTD and SDN-based Honeypots to Defend DDoS Attacks in IoT; Computing, Communications and IoT Applications (ComComAp), Oct 2019
Jinwoo Kim, Seungwon Shin: “Software-Defined HoneyNet: Towards Mitigating Link Flooding Attacks”; 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops¸ Jun 2017
  • asked a question related to Network Security
Question
20 answers
In my opinion, the information posted on social media portals are not 100 percent. safe.
There have been cases of hacking and stealing information from thousands of records, user profiles of these portals.
In addition, there are developed techniques for building programs that read information from commentators entered into thousands of profiles of social media portals.
Then this information is a research material for the sentiment analyzes carried out, i.e. analyzes of opinions prevailing among users of these portals on specific companies, brands, products and services.
Do you agree with my opinion?
Please reply
Best wishes
Relevant answer
Answer
The level of cybersecurity of data collected on social media is constantly being raised. However, there is still no full 100 percent. cybersecurity on this issue.
I invite you to the discussion,
Regards,
Dariusz Prokopowicz
  • asked a question related to Network Security
Question
10 answers
Hello!
I’m Jonathan, an MSc student studying Cyber Security at Edge Hill University. As part of my project thesis, I’m conducting a short questionnaire on small and medium enterprise cyber security and, in particular, the opinions of professional individuals on the topic of vulnerability assessment and penetration testing as a way of securing IT infrastructure. The survey also details some features of the project, including the active design and development of an autonomous VAPT tool for SMEs.
Your help on providing answers and opinions is greatly appreciated and will deliver a fundamental basis for my research. Permission is also granted if you wish to notify others that may be interested in the project.
If you wish to contribute, you can do so using this link: https://vaptian.com/go/survey. The survey is hosted by Qualtrics.
The survey is entirely optional, and all data collected is anonymous. You can terminate your participation at any time for any reason.
Thank you in advance.
Relevant answer
Answer
Dr. MOHAMMAD FAISAL currently working at the department of computer science and IT, University of Malakand Pakistan, received his M.S. degree in information security management from SZABIST, Pakistan, in 2012, and the Ph.D. degree in network security from the Department of Computer Science and Information Technology, University of Malakand in 2018. His research interests include ML and security of wireless ad hoc networks MANETs, VANETs, IoT, Cloud, Fog, Edge, Blockchain and digital forensics.
  • asked a question related to Network Security
Question
6 answers
Hi, my M.Sc. thesis is "Detecting Android Malware using TF-IDF and N-Gram Methods Leveraging Text Semantics of Network Flows”. In my M.Sc. thesis I have worked on malware detection to find a new solution for malware evasion problem in android environments.  I want to implement my idea with "Rapid Miner" thus I need a ".csv" data-set of malware and benign app network flows. I've downloaded many data-sets but none of the satisfied my needs. The most appropriate data-set among all of them for me is Android Malware data-set (InvesAndMal2019).
It's a great ".csv" labeled data-set but unfortunately all of data-set rows labeled as BENIGN. 
I really need a ".csv" labeled android malware data-set composed of MALWARE and BENIGN network flows.
Can anybody help me with this?!
Regards
Mikael
Relevant answer
Answer
You can try BLADE Android Malware Dataset available on Kaggle.
  • asked a question related to Network Security
Question
5 answers
Hello,
I want to publish a manuscript related to communication networks and network security and I need your suggestions please for Q3 journals that don't take a long time in the review and notification process.
Thank you so much for your responses
Relevant answer
Answer
  • asked a question related to Network Security
Question
10 answers
Traditional or perimeter network security models are designed to focus on keeping attackers out of the network but is vulnerable to users and devices inside the network. Zero Trust security models assume the network has been compromised and challenges the user or device to prove that they are not attackers.
In this age and time of near boundary-less network systems can we rely on Zero trust models for securing our networks against information systems attacks?
Relevant answer
Answer
Dear Tadiwa Elisha Nyamasvisva,
Perimeter based security in high tech business and government agencies is a preferred security approach. Adding up mutual authentication of users and devices in every connection strengths farther the overall security. The links below may shed some light to your question:
  • asked a question related to Network Security
Question
8 answers
In my opinion, sensitive personal data concerning individual users who set up profiles, collected on social media portals, are not fully secure. This is confirmed by the occurrence of data leaks, data theft by cybercriminals.
In connection with the above, the issue of information security on the Internet is becoming an increasingly global problem and therefore, in the global approach, institutions and security systems for the transfer of information on the Internet should be developed. The security of information on the Internet can refer to many aspects of data security both at the level of central state institutions and international organizations as well as the security of personal data of individual citizens, sensitive data of citizens collected on various websites, including social media portals.
The improvement of risk management and information security systems at the supranational level is also a key issue. Technological companies managing social media portals on the one hand try to improve data security systems about users setting up accounts on social media portals. On the other hand, it is also important to cooperate with key, central data security institutions on the Internet that operate transnational. This is important from the point of view of improving information security systems on the Internet in order to limit the possibility of using social media portals by cybercriminals operating transnational, using various social engineering techniques.
Please, answer, comments.
I invite you to the discussion.
Best wishes
Relevant answer
Answer
In recent months, there have been cybercriminal attacks on public institutions and large enterprises as well as technology companies based on data stolen by cybercriminals from social networks and by sending fake e-mails containing malware and hidden ransomware viruses.
Regards,
Dariusz Prokopowicz
  • asked a question related to Network Security
Question
28 answers
What kind of scientific research dominate in the field of Cybercrime and the security of online banking?
Please, provide your suggestions for a question, problem or research thesis in the issues: Cybercrime and the security of online banking.
Please reply.
I invite you to the discussion
Best wishes
Relevant answer
Answer
In the area of ​​cybersecurity of online banking, I propose the following research topic: Analysis of the use of Industry 4.0 technology in the field of improving cybersecurity of online banking, including mobile banking. This topic may also take into account the scale of application of cybersecurity rules and recommendations by bank customers and the level of cybersecurity of operating systems used by bank customers, web browsers and other Internet applications installed on laptops and smartphones, through which bank customers use online banking.
Best regards,
Dariusz Prokopowicz
  • asked a question related to Network Security
Question
5 answers
In connection with the development of cybercrime, should the surveillance of citizens by national security services be developed, expanded, increased?
To what extent can the developed range of citizens' surveillance be improved as part of the improvement of national cyber security systems?
As part of the improvement of cyber security systems, should the services for combating cybercrime be able to surveillance the entire activity of citizens on the Internet?
Are legal norms regulating the issues of cyber security, services for combating cybercrime and data security gathered in Big Data database systems of large online technology companies fully adapted to the rapidly growing ICT and Internet technology?
Please reply
Best wishes
Relevant answer
Answer
Most citizens are unaware of how much information about Internet users is possessed by Internet technology companies that offer certain information services on the Internet.
Best regards,
Dariusz Prokopowicz
  • asked a question related to Network Security
Question
2 answers
Anyone may have some information about Transfer Learning in terms of network security, especially DDoS attacks?
Relevant answer
Answer
Hi... The following article may be useful for you.
with regards
Jayapandian N
  • asked a question related to Network Security
Question
8 answers
Today IoT devices are required network security i want to perform some research work in this area so kindly provide Best open source tool for Artificial Intelligence IoT Network Security Simulation Tools.
Relevant answer
Answer
MatLab along with Simulink can provide many functions for signal and image processing, optimization techniques, and machine learning in IoT. Many codes are available online and can be modified as per our requirements. Integration of codes from other software can also be done in MatLab.
  • asked a question related to Network Security
Question
13 answers
What currently dominate and are the standards and instruments for ensuring the security of data transfer and analysis in Big Data database systems developed?
Please reply
Best wishes
Relevant answer
Answer
Since Big Data and / or Data Science resources in the databases of many Internet technology companies are constantly growing, is the importance of cyber security of the information systems of these companies and the data stored in these databases growing analogically?
Thank you, Regards,
Dariusz Prokopowicz
  • asked a question related to Network Security
Question
4 answers
In Mobile Ad Hoc Network I had a security issue, that is already identified by IDS.
Relevant answer
Answer
There are projects available in https://tetcos.com/file-exchange.html covering IDS
  • asked a question related to Network Security
Question
4 answers
Hi, I would like to simulate IOT/WSN ddos attacks inside some type of simulation software. I haven't found many papers simulating this specifically or comparing which simulation software (ns3, cooja, omnet++, etc) is best suited for this purpose. Any help would be much appreciated.
Relevant answer
Answer
You can look at NetSim, and some project code and documentation can be got in https://tetcos.com/file-exchange.html
  • asked a question related to Network Security
Question
14 answers
Hi,
I have been through some discussion regarding survey paper writing tips and tricks. However, these are very generic. I want to know how to write a survey paper related to computer science topics (e.g., blockchain,.internet of things, so on). I have some following queries regarding the aforementioned concerns.
  • How to design the flow of the survey paper?
  • What will be the minimum length of the survey paper?
  • How to pick up a reference paper and which criteria should be the first concern while selecting it? What is the minimum number of references that should I pick?
  • Is it necessary to propose an idea in the paper? If yes then is it necessary to show a performance evaluation of the proposed scheme?
  • While writing a survey paper which things should I focus on or care about?
Please share your experience regarding this.
Thanks for your time and input.
Thanks in advance.
Relevant answer
Answer
Importance and significance of the topic.
Discuss the background and target audience.
Summarize the surveyed research area and explain why the surveyed area has been studied.
Summarize the classification scheme you used to do the survey.
Summarize the surveyed techniques with the above classification scheme.
  • asked a question related to Network Security
Question
23 answers
Dear all
Based on Research perspectives, what is the differences between Network Security vs Information Security
Relevant answer
Answer
The network security is a subset of cybersecurity and cybersecurity is a subset of information security.
Information security protects an organization's internet-connected systems from potential cyberattacks and network security protects an organization's IT infrastructure from online threats.
  • asked a question related to Network Security
Question
15 answers
Is the security of information collected in social media portals databases currently one of the key determinants of the development of new online media?
Security of social media portals is currently one of the most important topics of social media portals and other new internet media and information services. Therefore, scientists at various universities are involved in researching this issue. Therefore, security tools for information collected in social media portals databases and data security systems on the Internet are being developed. In companies and key public institutions, systems for risk management of information systems and information transfer on the Internet are also developed.
Do you agree with me on the above matter?
In the context of the above issues, the following question is valid:
Is the security of information collected in social media portals databases currently one of the key determinants of the development of new online media?
Please reply
I invite you to the discussion
Thank you very much
I also conduct research in this matter. I am researching the security of social media portals in connection with Big Data database technology. Below are links to my publications:
I invite you to discussion and cooperation.
Thank you very much
Best wishes
Relevant answer
Answer
Social media, in recent times, has with eased an explosion of data with so many social media platforms available to interact and express opinions freely. This has led to easy access to the privacy of social media users which raise broader security concerns … Sharma, S., & Jain, A. (2020). Role of sentiment analysis in social media security and analytics. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, e1366.
  • asked a question related to Network Security
Question
7 answers
For quantum cryptography(QKD) simulation, which simulator is best one
  • asked a question related to Network Security
Question
11 answers
I am willing to do work on cloud security issues at SaaS and IaaS. for the same. Can anyone suggest approaches and future scopes for this?
Relevant answer
Answer
Dear respected researchers,
I have a complete section about "Implementation Challenges of CC Adoption" in my new paper (65-pages) which contains 65 pages about this subject and the IoT:
Nidhal Kamel Taha El-Omari, “Cloud IoT as a Crucial Enabler: a Survey and Taxonomy”, Modern Applied Science, The Canadian Center of Science and Education, published by Canadian Center of Science and Education, Canada, p-ISSN: 1913-1844, e-ISSN: 1913-1852, DOI:10.5539/mas.v13n8p86, 13(8):86-149, 2019.
Or simply you can click the link below:
  • asked a question related to Network Security
Question
4 answers
This attack mechanism called a botnet which is illustrated in figure 01. The Botnet has Bot-Master, Command and Control Server, and many numbers of Bots. The Bot-Master is the mastermind behind the DDoS attack and it injects the malicious code to the IoT devices. These affected devices work as the army of the DDoS attack, and they are called as Bots.
Relevant answer
Answer
The cheapest DDoS attack has malware which continuously accesses a web page of the victim's server. A better attack is to continuously download the contents of the /icons directory, which usually represents a few megabytes, and places a greater load on the network.
SYN flood, ACK flood and SYN/ACK amplification are the most effective, but require a more complex setup, including a spoofed source address, and spoofed destination addresses for reflectors, such as DNS servers, which always reply with more data than they receive.
Incidentally, the things you call bots, we call zombies, and they're not only IoT devices, but usually include hijacked home PC's and high-end servers in data centres.
Hope this helps.
  • asked a question related to Network Security
Question
8 answers
Distributed denial of service (DDoS) attacks are a subclass of denial of service (DoS) attacks. A DDoS attack involves multiple connected online devices, collectively known as a botnet, which are used to overwhelm a target website with fake traffic.
Relevant answer
Answer
In general, DDoS is indicated when the frequency of the requests incoming from a botnet becomes comparable with a reliable system response to a single request for connection. Let's say the system reliable connection time is 1 millisecond (1 kHz). If the amount of incoming requests for connection is near or above 1,000 per one second (1 kHz ), the attack registration can begin. It's just a basic rough idea. There are many things to check yet. For instance, the DDoS detection system ought to make sure it's not a random load peak but a consistent DDoS attack, whether or not it's enough time to automatic deployment of network/compute resources to suppress the attack, etc.
  • asked a question related to Network Security
Question
15 answers
Considering the specifics of the increasingly common IT systems and computerized advanced data processing in Internet information systems, connected to the internet database systems, data processing in the cloud, the increasingly common use of the Internet of Things etc., the following question arises:
What do you think about the security of information processing in Big Data database systems?
Please reply
Best wishes
Relevant answer
Answer
The risk could be in tow form - one you already have mentioned is Security, a vital risk - needs to addressed by collective efforts on a war footing.
Secondly, the size of data itself, how integration takes place among hardware, software, latest internet serervice providers, cloud, etc. across the globe is also a risk.
  • asked a question related to Network Security
Question
4 answers
I want to simulate security attacks in VANET. I do not know what best simulator for acheiving this and how to start?
Relevant answer
Answer
Sir, u may use NS2 Or NS3 to simulate passive or active attacks
  • asked a question related to Network Security
Question
21 answers
I've just graduated in Computer Science. I would like to start a research about networking/network security/information security fields. Can anyone give me some unsolved problems of above areas to start my research?
  • asked a question related to Network Security
Question
1 answer
Tcpreplay use to replay network traffic
Relevant answer
Answer
Hello, Could you find some solution? I am with the same problem.
Thanks.
  • asked a question related to Network Security
Question
9 answers
Systems are connected in 1 modem and switch.
Relevant answer
Answer
For Linux based system:
If the Secure Shell (SSH) is active in the target system (If not, make it active), then simply log in to the system by ssh. Then type :
shutdown -h 5m (to shutdown after 5m)
shutdown -h 1h (to shutdown after 1 hour)
shutdown -h now (to shutdown immediately)
shutdown -r (to reboot)
shutdown -c (to cancel a pending shutdown like in 1st and 2nd example)
For Windows system:
Install TeamViewer ( https://www.teamviewer.com/en/ ) in the target system, then set a personal password going in the setting. Then simply login through TeamViewer and shutdown normally.
Thanks
  • asked a question related to Network Security
Question
26 answers
- What are the pros and cons of Smart contracts?
- What are the latest technologies and tools?
- What do you like and/or dislike about smart contracts?
It's an open discussion to help improve our understand of future technologies. You are welcome to share your opinions and experience.
Relevant answer
Answer
Dear Nguyen ,
Currently, I'm working on enhancing the security of the smart contract, which focuses on :
1- Design patterns
2- coding and development of smart contract
  • asked a question related to Network Security
Question
5 answers
Topics required for postgraduate dissertation in cybersecurity.
Relevant answer
Answer
Dear Patrick,
I will recommend you to go through the Internet of Things (IoT). As they said:
"By 2020, More Than 25% of Cyberattacks Will Involve IoT Devices".
There are too many challenges facing IoT technology, you can initiate your research on these challenges.
Good luck (:
  • asked a question related to Network Security
Question
7 answers
Hello all, I'm an undergraduate student and currently I'm interested to learn more about Cryptographic for Network Security. I want to know is there any paper or journal that quickly summarize whether each Encryptions Algorithm has their own behaviour that maybe works better for its different purposes?
Like some algorithms are best-used for Cloud Computing, some others are for an E-Commerce website, some others for Social Media application, etc. that would lead to decision making of which are more suitable for algorithm for every project.
Thanks before!
Relevant answer
Answer
Dear Naufal,
There are too many survey papers elaborate on the Encryption Algorithm (asymmetric and symmetric) such as:
A comparative survey of symmetric and asymmetric key cryptography.
Selecting the proper algorithm usually chosen based on your methodology.
Regards,
  • asked a question related to Network Security
Question
10 answers
I'm currently working on my proposal for my master's thesis and would like to find out which current research topics in the field of network security are promising/interesting/hot.
Relevant answer
Answer
Most trend work is the cybersecurity defence algorithm over 5G
  • asked a question related to Network Security
Question
5 answers
By reading the literature, it is not enough to consider social online network secure if their services are secure.
Relevant answer
Answer
Deaer Khalaf,
Here are 7 critical points a security expert should take into consideration when designing security policies for social media. I hope you find them useful.
  1. Develop a social media security policy: Enterprises can significantly reduce risk by developing social media security policies that governs the usage of social media by employees and the company as a whole. While designing a social media security strategy, one needs to keep in mind the company’s requirements of using social media for business and also its risk appetite. However, the real value will be achieved only when policies are properly enforced and continuously monitored over time.
  2. Have a multidimensional, risk-based approach: Social media is just a new vector ― attackers are essentially targeting poorly protected infrastructure and information, weakly enforced policies, and badly managed systems. Besides, there is an ambiguity over ownership and responsibility of information on social networking sites. Hence, an infrastructure-centric approach to secure information may not be enough. The social media security strategy needs to be multi-layered, risk-based, and information-centric with tools and solutions that take into account the unique risks that social media pose.
  3. Identify safe social networking sites: Not all social networks are created equal when it comes to safety and security. Social media security policies should allow employees to have access only to sites that are safe and trustworthy.
  4. Enhance enterprise network visibility: Social media security policies should also be set up to monitor, detect, and remediate incidents. Enterprises need visibility into the network to monitor activity on social media to automatically detect and report threats, and take action. This, for instance, may be done by using data loss prevention and web content filtering solutions.
  5. Classify sensitive data: Enterprises need to first identify and locate sensitive data. An example of a policy would be safeguarding the employees from tactics employed by image spammers. Image spamming involves the email recipient unwittingly sending a request to the spammer’s server hosting the image every time he/ she opens spam email, thus divulging his/ her email address.
  6. Protect endpoints: From the infrastructure perspective, social networking sites are now accessed through multiple endpoints — from laptops and desktops to smart phones. Hence, enterprises should ensure that they have the right endpoint protection solutions for each of these devices. Social media security policies should be defined on the kind of sites that each device is allowed to access.
  7. Educate employees: It is advisable to inform employees to be conscientious of who is being added and to avoid clicking on links from unfamiliar followers. For example, shortened links can contain traps to malware and infect computer systems, if opened. Educate the employees to use tools that allow them to view the full URL before clicking, as an infected link could harm not just their personal computers but the entire company network. The social media security policy should educate them on what to reveal about the company.
  • asked a question related to Network Security
Question
11 answers
I am planning to do a dissertation on intrusion prevention system. Can anyone give suggestion on how to develop one from scratch? Like what are the things that I should look upon. I have a fair idea of computer networks. I'm very much interested in information security, network security. Please provide me some intuitive and simple ways to understand the system and implement the same.
Relevant answer
If you want to develop one you can do it using python. There are many tutorials on youtube that shows how to develop one from scratch.
ex - Udemy - Learn Python & Ethical Hacking From Scratch
  • asked a question related to Network Security
Question
6 answers
I've been dwelling around the network security field. I used Ensemble learning methods before to classify several intrusions. However, this still seems insufficient as there are more attacks beyond the given set. I'm looking for possible collaborators to initialize further research with regards to this topic. :)
here is my previous work.
Relevant answer
Answer
Sure, I am not trying to discourage you, I am just saying be aware of the limitations and don't fall into the trap thinking that you can cover all attacks with one, or even a collection of algorithms. Not going to happen any time soon.
  • asked a question related to Network Security
Question
28 answers
I have found some datasets captured on the border router of an orgnization (e.g., The CTU-13 Dataset, http://mcfp.weebly.com/the-ctu-13-dataset-a-labeled-dataset-with-botnet-normal-and-background-traffic.html), but these data contain few internal connections within the organization.
So, could you please give me some advice about where to find a network dataset of an organization with internal connection data?
Many thanks for your time!
Relevant answer
Answer
Hey , I'm looking for IoT network traffic datasets having MQTT, CoAP , HTTP protocols. Kindly, let me know.
  • asked a question related to Network Security
Question
26 answers
Will the use of Blockchain technology improve the security of information transfer on the Internet? Will the development of Blockchain technologies reduce the scale of cybercrime on the Internet?
Please, answer, comments.
I invite you to the discussion.
Best wishes
Relevant answer
Answer
Blockchain technology & security system - Interesting - Following .
  • asked a question related to Network Security
Question
5 answers
I've been working with my partner project on developing various sklearn ids models that take some pcap traffic data as input and get the classification traffic in the output (benign or attack name). Now we want to deploy our models in production so the input will now take real time traffic. What tools do we have to consider in order to get this work in a network real time interface?
Thanks!
Relevant answer
Answer
Following up on the above suggestions, you can configure a port mirror on the network segment switch and put the machine that will receive the packet capture on the port where the mirror configuration is.
You ca use TCPDump to do file rotation and you will need to do some programming to read the file based on the filename rotation convention to load the information to your other programming.
I would also configure TCPDdump to do some filtering before saving to file (e.g. filter a sub segment or by protocol). This will save a lot of space and for example avoid ARP messages and other broadcasts
  • asked a question related to Network Security
Question
5 answers
best simulator for ICN security
Relevant answer
Answer
ICN Simulator to simulate a large number of nodes and publisher-subscriber pairs and produce a huge amount of information, providing an insight on the new techniques introduced in the topology management of the information-centric network.
  • asked a question related to Network Security
Question
10 answers
In ECDH, when two person wants to share private key, they first select a point G on elliptic curve and after that, each of them pick a random integer a and b, respectively, and multiply with G. After the multiplication each of them shares aG and bG with each other and after that, they multiply again using their keys a(bG) and b(aG), respectively, and creates a shared key between themselves. However, if one person wants to communicate with a group of person (more than 2) using a shared key utilizing ECDH, how he can use this method? because each of the person may choose different integer while establishing the key.
How to employ ECDH in key exchange with a group of people?
  • asked a question related to Network Security
Question
3 answers
Hello,
I'm currently looking for DDoS datasets for research purpose.
Does anyone can provide a CAIDA's file for me?(https://www.caida.org/data/passive/ddos-20070804_dataset.xml)
I've tried to request an account from IMPACT, unfortunately, it was defined due to unapproved location by DHS.
Relevant answer
  • asked a question related to Network Security
Question
3 answers
I am planning to do a dissertation on intrusion prevention system. Can anyone give suggestion on how to develop one from scratch? Like what are the things that I should look upon. I have a fair idea of computer networks. I'm very much interested in information security, network security. Please provide me some intuitive and simple ways to understand the system and implement the same.
Relevant answer
Answer
go through this link ...it will give you better idea
  • asked a question related to Network Security
Question
17 answers
I need a topic on Cryptography/ Network security for Ph.D study
Relevant answer
Hi Pantuvo Tsoke
"enhanced elliptic curve scalar multiplication"
  • asked a question related to Network Security
Question
5 answers
See above
Relevant answer
Answer
May be a late answer but the attached file has some code and documentation is available in the pdf file at https://tetcos.com/pdf/v11.1/Primary-User-Emulation-PUE-Attack-Cognitive-Radio-v11.1.pdf
  • asked a question related to Network Security
Question
36 answers
In my opinion, interesting questions and research thesis may concern the following issues:
Are fishing, malware (spyware, trojans, ransomware, keyloggers, ...) sending cybercriminals false e-mails with links to fake websites or viruses reading passwords for online banking accounts or other techniques used by cybercriminals as the most dangerous?
Some users use antivirus software, farewall, precautionary methods in using e-mail, etc., but this has not prevented, for example, attacks from cybercriminals using ransomware that encrypt and block access to disks on the computer.
In connection with the above, the techniques of data transfer security at the Interenet are constantly improved.
IT tools are being developed and improved, including antivirus software to protect a computer, laptop, tablet or smartphone against cybercrime and viruses sent, for example, in e-mails by hackers?
In view of the above, I am asking you the following question:
What are the new trends in research on cybercrime?
Please reply
Best wishes
Relevant answer
Answer
Therefore, in the context of the above considerations, the following important question appears:
The issue of improving information security systems collected in social media portals databases?
Is the security of information collected in social media portals databases currently one of the key determinants of the development of new online media?
Security of social media portals is currently one of the most important topics of social media portals and other new internet media and information services. Therefore, scientists at various universities are involved in researching this issue. Therefore, security tools for information collected in social media portals databases and data security systems on the Internet are being developed. In companies and key public institutions, systems for risk management of information systems and information transfer on the Internet are also developed.
Do you agree with me on the above matter?
In the context of the above issues, the following question is valid:
Is the security of information collected in social media portals databases currently one of the key determinants of the development of new online media?
Please reply
I invite you to the discussion
Thank you very much
I also conduct research in this matter. I am researching the security of social media portals in connection with Big Data database technology. Below are links to my publications:
I invite you to discussion and cooperation.
Thank you very much
Best wishes
  • asked a question related to Network Security
Question
3 answers
I want to know that what are the current methods for Authentication in a CCN system , Is there nay research paper or article on it ?
  • asked a question related to Network Security
Question
5 answers
I want to simulate a node replica attack during cluster formation in centralized wireless sensor networks using cooja simulator. In simple word, simulated node replica attack during: node clustering, CH candidates , CH election
Relevant answer
Answer
clone attack source code is available in github.
  • asked a question related to Network Security
Question
3 answers
I am working on trust computation using machine learning techniques in matlab. Can someone provide me with the code on recommendation attacks to that I can apply machine learning techniques in detect the malicious activities in VANET
Thanks 
Elvin
Relevant answer
Answer
I am working on VANET Project and I am looking for Matal coding so please help me out
  • asked a question related to Network Security
Question
11 answers
While performing encryption using public key and decryption using private key, i am always finding that encryption takes more time than decryption in elliptic curve cryptography (ECC). The key is 60 bytes.
Is this the normal behavior or i am using a wrong implementation of ECC?
If this behavior is normal then what is the reason behind it?
Thanks in advance.
Relevant answer
Answer
What kind of protocol are you designing with ECC (Diffie-Hellman key exchange - ECDH or digital signature algorithm - ECDSA)? In ECDSA, two scalar multiplications are performed on both sides (signer and verifier), therefore ideally the performance should be same. However, the actual performance will depend on the size of the private key you choose (1 scalar multiplication operation) as well as the random number (other scalar multiplication) that is generated. Please evaluate the performance with different private keys/random numbers and see what you observe.
  • asked a question related to Network Security
Question
1 answer
I have PCAP files captured from network traffic. What should be done so that PCAP files can be done with machine learning tools? What steps are needed so that data can be analyzed with one of the unsupervised methods? Does the data have to be changed to CSV format?
Relevant answer
Answer
I think you should analysis PCAP file and converting each package to record before using the data with machine learning algorithms. I suggest to read the KDD Cup 99 Intrusion Detection dataset for understanding the information of each package.
  • asked a question related to Network Security
Question
11 answers
We are in the process of publishing a research related to wireless sensor network security using HONEY algorithm. We are confused about the best scientific journal in which we can publish the research. Please advise on the best journal in this field.
Relevant answer
Answer
you can consider the journal: Studies in Informatics and Control.
  • asked a question related to Network Security
Question
4 answers
I am searching for a dataset containing web-based attacks: mainly Sql injection, XSS, Brute force against web forms and DOS attacks. I need either the whole traffic as pcap files, or the csv files containing some statistical network features, any help?
Relevant answer
Answer
Mark Sitkowski I need the pcap files to use the network traffic features, anyway thank you a lot, I'll see if these would be useful
  • asked a question related to Network Security
Question
15 answers
In connection with the development of cybercrime on the Internet, the security systems for transfer and processing of data, financial transactions, electronic banking, etc. carried out on the Internet are improved. In addition to electronic banking, the key information security in the internal IT systems of central state institutions is protected. Cybercriminal attacks on cyber-banking systems and hacker attacks aimed at companies to extort ransom for decrypting data encrypted by computer viruses on disks (cybercriminal ransomware attacks) and hack attacks from abroad on key central institutions, ministries and other institutions of the public administration sector and enterprises of strategic branches of the national economy.
In connection with the above, I am asking you:
Do you think, for security reasons, everything that happens on the Internet should be analyzed by the public security services?
Please answer
Best wishes
Relevant answer
Answer
Following
  • asked a question related to Network Security
Question
1 answer
Is there a dataset already available to use?
I tried this with http://www.zone-h.com and apparently this collection should be handled manually, which unfortunately is very time-consuming. Is there a better way to collect this information?
Relevant answer
Answer
Finally, I designed a software to generate data that invokes a new page every time and can convert HTML content to text.
  • asked a question related to Network Security
Question
22 answers
Unfortunately, despite the assurances of companies that run social media portals, the information contained on these websites is not always fully secured against the activities of cybercriminals.
In addition, the issue of downloading data from social media portals by large companies to Big Data database systems should be added in order to process them for marketing purposes.
The issue of privacy in social media is very important and is related to the security of personal information. Privacy is at risk in terms of information posted on social media portals.
Please reply. I invite you to the discussion
Dear Friends and Colleagues of RG
The problems of the analysis of information contained on social media portals for marketing purposes are described in the publication:
I invite you to discussion and cooperation.
Best wishes
Relevant answer
Answer
Thank you, Dariusz, for posting a most relevant question. My area of research is users' behaviors in information security.
You are indeed right that privacy is connected to information security, and online social networks (OSNs) has a huge amount of personal information shared by person himself or one of his connections. There is also a debate on the differences of OSN, social media websites, social media portals and similar others. There are similarities in them but different researchers used these terms without any standardization.
Moving away from the debate of "user of correct term", I believe users have share already a lot on the OSNs and I am compelled to say that at individual level we have lost the battle of privacy against the giants such as Facebook and Google. They know and remember much more than we do. However, what is left behind is to preserve privacy of an individual from being violated by "Script kiddies" and a tech savvy guy(s). We need to raise awareness among the users based on this point.
The other point you have mentioned was about use of users' data for marketing purpose. Well, that was purpose of OSNs, otherwise, how will they gather revenue for their businesses. What we, as researchers, should look into how to improve and make their terms and conditions users' friendly so that users' may read them before accepting them. I must say only the most informed users will read the terms as their needs to use an OSN is much more higher than their perceived importance of privacy :)
I would love to discuss more, and even work if you have something in mind to initiate.
Cheers,
Ali
  • asked a question related to Network Security
Question
1 answer
The SMS verification code based password resetting and 2FA are both vulnerable to attacks. Soon after the hacker get your phone number, he/she may reset the passwords of victims accounts by intercepting password reset verification code sent via SMS. Despite of having the victims account protected with 2FA, hackers can pass through the second authentication factor by intercepting SMS verification code, hence hijacking the account. This SMS interception attack is called SS7 redirection attacks (SRAs).
Papers:
T. Fox-Brewster, “All that’s needed to hack gmail and rob bitcoin: A name and a phone number”.
T. Moore, T.Kosloff, J. Keller, G. Manes, and S. Shenoi, “Signaling system 7 (SS7) network security,” 45th Midwest Symposium on Circuits and Systems, 2002
Peeters, Christian, et al. "Sonar: Detecting SS7 redirection attacks with audio-based distance bounding." 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 2018.
Relevant answer
Answer
Simple solution:
Don't use anything in the verification cycle which can be intercepted and used by an attacker - especially don't use SMS for 2FA.
What you need to do, is to get the user to send the second factor, preferably as a unique device signature, and to send it simultaneously with the password metadata. This is not the password, and is useless to anyone who intercepts it.
Here's an example:
  • asked a question related to Network Security
Question
2 answers
Greetings, in the iscx-2012 dataset, there is a labelled-flow file and pcap files per day. Could someone tell me how to generate .CSV for use in machine learning algorithms? Can I use the labelled-flows.xml or do I have to generate a .CSV from the PCAP? Any link how to do this?
Relevant answer
Answer
Hi, I would say using Python. You can use Python to read pcap file. Extract your desire features (split datetime or concat string for example), then put this new data into row and column (construct DataFrame). Then export data frame into csv file. Current tool, I guess, mostly do not extract information in the way you want for ML.
  • asked a question related to Network Security
Question
11 answers
What criteria should we use when evaluating the severity of propaganda? What forms of national defense exist to guard against weaponized information? Is disinformation a human rights abuse?
Relevant answer
Answer
In my opinion, propaganda and information warfare involve at some point or another the efforts of a non-democratic regime to undermine a democracy or an equally non-democratic regime. Groups can also engage in propaganda campaigns. Counter-propaganda involves factual information combined with propaganda arguments: see the US versus ”red” propaganda during the Cold War via Radio Liberty/Radio Free Europe. Propaganda evolves into information warfare depending on the scale and ideological stakes of the clash between democracy and its enemies: individuals, groups or states.
  • asked a question related to Network Security
Question
3 answers
Network Security Experts claim that their protocol will verifiably protect in the random oracle model against the hardness assumptions of ECC, DLP & Diffie-Hellman problem. What this mean?
Relevant answer
Answer
#Mark Sitkowski
you are going on other side, you tell some thing wrong (don't mind), I mean not relevant to my question.I posted this question 03 month ago, after no one response, I effort and achieve skill over Random Oracle Model and hardness Assumption. Please read the attach paper, you too can easily understand this method