What is Twitter

Cyber security of a power grid: State-of-the-art

Marc Dacier's topic is: intrusion detection vs. detection of errors caused by intentionally malicious faults. Although research on intrusion detection has been carried out for more than two decades, it has recently received increased attention due to the success of the Internet. A recent survey conducted by the IBM Global Security Laboratory indicates that more than 20 intrusion-detection products are now available on the market, whereas two years ago there were only three. Despite this growth of product offerings, intrusion-detection solutions are still in their infancy. Not only is there a lack of understanding of what an intrusion really is, but also how it should be handled. Moreover, from a technical point of view, many critical issues remain unsolved.In this talk, Marc presents what has been done in the intrusion domain in the past, and highlights new research directions that need to be addressed. He will highlight the relationship between intrusion detection and fault tolerance, drawing on the body of knowledge that has been developed within the traditional dependability community, and noting the opportunities for these two communities to work together to solve this important problem.Sami Saydjari's topic is: the detection of novel, previously unseen attacks. Although intrusion detection is a field still in its infancy, two broad approaches have evolved: pattern-based detection and anomaly-based detection. Pattern-based detection, sometimes called misuse-based detection, relies on matching known patterns of attacks already suffered. Anomaly-based detection, on the other hand, relies on detecting behaviors that are abnormal with respect to some normal standard. An example is that of a masquerader trying to hide behind someone else's login; unless the masquerader is clever indeed, his activities will stand out as anomalous against a victim's profile of normal behavior. Anomaly-based detection techniques appear to hold the best hope of detecting new variants of attacks.Sami emphasizes that although there exist some low-level sensors that can detect known attacks, the research community must move quickly in learning how to detect novel attacks at much higher detection rates (state of the art is around 80%) while keeping the false positive rates very low (0.1% or better). Detecting novel attacks will require better anomaly detection algorithms. Achieving a 99.9% detection rate will require gaining a firm understanding of the "sweet spots" of various detection algorithms, as well as an understanding of how to fuse the results of the best of the best. There is also a need to better represent knowledge of attack patterns in a canonical form, to be able to share that knowledge across multiple detection tools, and to be able to judge tools on the basis of how effectively they use knowledge, as opposed to which tool can include the largest corpus of precompiled (pattern-based) knowledge into its on-line database.The session concludes with an open discussion of how research communities can work together to reduce undependability caused by intentionally malicious faults.

Intrusion Detection

In this experiment, seven software teams developed versions of the same small-size (2000-4000 source instruction) application software product. Four teams used the Specifying approach. Three teams used the Prototyping approach. The main results of the experiment were the following. 1) Prototyping yielded products with roughly equivalent performance, but with about 40 percent less code and 45 percent less effort. 2) The prototyped products rated somewhat lower on functionality and robustness, but higher on ease of use and ease of learning. 3) Specifying produced more coherent designs and software that was easier to integrate. The paper presents the experimental data supporting these and a number of additional conclusions.

Prototyping versus specifying: A multiproject experiment.

https://www.jstage.jst.go.jp/article/jsprs1975/37/6/37_6_39/_pdf

1998 IEEE International Conference on SMCに参加して

The internet is gaining a lot of importance day by day, especially with the emergence of cloud technology. This new technology has made a new computing service to end users that include, PaaS, SaaS. On the other hand, this technology was accompanied with some shortages. The most serious obstacle is the security challenges because of the cloud is characterized by computing resource sharing and multi-tenancy features and as a result flooding based denial of service attack has been observed. This effect on performance and quality of service on cloud. To overcome this security challenge, there are several methods to detect and prevent this kind of attack. Most of these approaches are using statistical and/or artificial intelligence methods.In this research paper a new model to detect flooding based DoS attack in cloud environment has been suggested consisting three phases. (1) The first-phase is to model the normal traffic pattern for baseline profiling and (2) the second phase is the intrusion detection processes and (3) finally prevention phase. The covariance Matrix mathematical model is used as detecting method. The phase (1) and (2) have been implemented in real test bed. From the result, it is proven that we can detect the flooding attack effectively.

Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach

The traditional networks are facing difficulties in managing the services offered by cloud computing, big data, and the Internet of Things as the users have become more dependent on their services. Software-Defined Networking (SDN) has pulled enthusiasm in the integration process of technologies and function as per the user’s requirements for both academia and industry, and it has begun to be embraced in actual framework usage. The emergence of SDN has given another idea to empower the focal programmability of the system. Because of the increasing demand and the scarcity of resources, the load balancing issue needs to be addressed efficiently to manage the incoming traffic and resources and to improve network performance. One of the most critical issues is the role of the controller in SDN to balance the load for having a better Quality of Service (QoS). Though there are few survey articles written on load balancing, there is no detail and systematic review conducted in load balancing in SDN. Hence, this paper extends and reviews the discussion with a taxonomy of current emerging load balancing techniques in SDN systematically by categorizing the techniques as conventional and artificial intelligence-based techniques to improve the service quality. The review also includes the study of metrics and parameters which have been used to measure the performance. This review would allow gaining more information on load balancing approaches in SDN and enables the researchers to fill the current research gaps.

/pdf/a-systematic-review-of-load-balancing-techniques-in-software-4rqaxfyklq.pdf

A Systematic Review of Load Balancing Techniques in Software-Defined Networking

The past few years have witnessed the emergence of a novel paradigm called cloud computing. CC aims to provide computation and resources over the internet via dynamic provisioning of services. There are several challenges and issues associated with implementation of CC. This research paper deliberates on one of CC main problems i.e. load balancing (LB). The goal of LB is equilibrating the computation on the cloud servers such that no host is under/ overloaded. Several LB algorithms have been implemented in literature to provide effective administration and satisfying customer requests for appropriate cloud nodes, to improve the overall efficiency of cloud services, and to provide the end user with more satisfaction. An efficient LB algorithm improves efficiency and asset's usage through effectively spreading the workload across the system's different nodes. This review research paper objective is to present critical study of existing techniques of LB, to discuss various LB parameters i.e. throughput, performance, migration time, response time, overhead, resource usage, scalability, fault tolerance, power savings, etc. The research paper also discusses the problems of LB in the CC environment and identifies the need for a novel LB algorithm that employs FT metrics. It has been found that traditional LB algorithms are not good enough and they do not consider FT efficiency metrics for their operation. Hence, the research paper identifies the need for FT efficiency metric in LB algorithms which is one of the main concerns in cloud environments. A novel algorithm that employs FT in LB is therefore proposed.

A Comprehensive Study of Load Balancing Approaches in the Cloud Computing Environment and a Novel Fault Tolerance Approach

Smartphones are becoming more and more popular due to the increase in their processing power, mobility aspect and personal nature. Android is one of the most popular and fully customizable open source mobile platforms that come with a complete software stack. One of the main reasons behind the rapid growth in adoption of smartphones is their capability to facilitate users with third-party applications. Android offers hundreds of thousands of applications via application markets and users can readily install these applications. However, this rapid growth in smartphone usage and the ability to install third-party applications has given rise to several security concerns. In this paper, we present the current state of smartphone security mechanisms and their limitations in order to identify certain security requirements for proposing enhancements for the smartphone security model. We analyze the improvements proposed for the basic Android security model and discuss their advantages and limitations in detail. We also present certain security requirements that need to be fulfilled in order to design and implement security enhancements for Android that can be widely adopted by the broader community.

How secure is your smartphone: An analysis of smartphone security mechanisms

The scope of SCADA communication (protocols) was limited to specific industry or for specific operations within industry (real time automation systems). The scalability, interoperability and reliability of data (communication) had been the major issues, while development of proprietary protocols within SCADA communication. The uses of advance information technology (I.T) infrastructures and several open standards (non- proprietary) protocols. SCADA systems have been also connected with number of networks and provides centralized control center to control thousand (or more) of field devices over distance placed via internet technology. SCADA systems have number of benefits, while connecting with open standard networks (or protocols) included cost less development, interoperability between several vendors' devices, utilization of several open standard protocols (and networks) without translators, fast data access between nodes, end-user testing and more accurate performance results (conformance testing and several other tests) and more scalability, etc. Current research reviews the security implementations (existing implementations) and major attacks that have been interacting within SCADA/DNP3 protocol communication. Based on existing and current SCADA/DNP3 security issues, the security solutions (using cryptography implementations) have been proposed to protect the communication (SCADA/DNP3 protocol communication). Attack (abnormal) scenarios have been created within each testbed implementation (cryptography testbed), and level of security is measured and compare with attack detection level and attack impact level.

Shahrulniza Musa

Papers

Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach

A Systematic Review of Load Balancing Techniques in Software-Defined Networking

A Comprehensive Study of Load Balancing Approaches in the Cloud Computing Environment and a Novel Fault Tolerance Approach

How secure is your smartphone: An analysis of smartphone security mechanisms

Industrial control systems (ICSs) vulnerabilities analysis and SCADA security enhancement using testbed encryption