The Impact of Computer Network Attacks on Infrastructure Centers of Gravity.

1999 ◽  
Author(s):  
Allan D. Payne
Keyword(s):  
Computer Network ◽  
Network Attacks ◽  
Computer Network Attacks ◽  
The Impact

scholarly journals String Matching untuk Mendeteksi Serangan Sniffing (ARP Spoofing) pada IDS Snort

2020 ◽  
Vol 1 (2) ◽  
pp. 44-49
Author(s):  
Ilham Firdaus ◽  
Januar Al Amien ◽  
Soni Soni
Keyword(s):  
Computer Network ◽  
Denial Of Service ◽  
String Matching ◽  
Network Attacks ◽  
Test Application ◽  
Man In The Middle ◽  
Black Box Testing ◽  
Arp Spoofing ◽  
Computer Network Attacks ◽  
Sniffing Technique

Sniffing technique (ARP Spoofing) is an attack that sends fake ARP packets or ARP packets that have been modified according to the network address attacker's to poison the victim's ARP cache table. ARP spoofing attack is a dangerous attack because it can monitor the activities of victims in searching the browser and can steal social logins, office and other accounts. This attack supports the occurrence of other computer network attacks such as Denial of service, Man in the middle attack, host impersonating and others. Sniffing attacks are generally found in places that provide public Wi-Fi such as campus, libraries, cafes, and others. IDS Snort can detect sniffing attacks (Arp Spoofing). String Matching Method KMP algorithm is applied to detect attacks on snort logging files to provide alerts (messages) to users. Tests carried out are black box testing to test application functionality, and accuracy testing. All application functionality was successful, and testing the accuracy of the match between manual calculations for string matching and accurate application.

Selection of countermeasures against network attacks based on dynamical calculation of security metrics

2017 ◽  
Vol 15 (2) ◽  
pp. 181-204 ◽  
Author(s):  
Igor Kotenko ◽  
Elena Doynikova
Keyword(s):  
Computer Network ◽  
Security Analysis ◽  
Security Assessment ◽  
Security Metrics ◽  
Network Attacks ◽  
Model Driven ◽  
Analysis Technique ◽  
Suggested Technique ◽  
Open Standards ◽  
Computer Network Attacks

This paper considers the issue of countermeasure selection for ongoing computer network attacks. We outline several challenges that should be overcome for the efficient response: the uncertainty of an attacker behavior, the complexity of interconnections between the resources of the modern distributed systems, the huge set of security data, time limitations, and balancing between countermeasure costs and attack losses. Although there are many works that are focused on the particular challenges, we suppose that there is still a need for an integrated solution that takes into account all of these issues. We suggest a model-driven approach to the security assessment and countermeasure selection in the computer networks that takes into account characteristics of different objects of assessment. The approach is based on integration with security information and event management systems to consider the dynamics of attack development, taking into account security event processing. Open standards and databases are used to automate security data processing. The suggested technique for countermeasure selection is based on the countermeasure model that was defined on the basis of open standards, the family of interrelated security metrics, and the security analysis technique based on attack graphs and service dependencies. We describe the prototype of the developed system and validate it on several case studies.

Sign in / Sign up

Export Citation Format

Share Document