Effective Multi-Layer Security for Campus Network

2015 ◽  
Vol 2 ◽  
pp. 6
Author(s):  
Isiaka Ajewale Alimi
Keyword(s):  
Network Architecture ◽  
Communication Systems ◽  
Denial Of Service ◽  
High Rate ◽  
Campus Network ◽  
Security Measures ◽  
Security Breaches ◽  
Security Technologies ◽  
Network Layers ◽  
Firewall System

The development in different communication systems as well as multimedia applications and services leads to high rate of Internet usage. However, transmission of information over such networks can be compromised and security breaches such as virus, denial of service, unauthorized access, and theft of proprietary information which may have devastating impact on the system may occur if adequate security measures are not employed. Consequently, building viable, effective, and safe network is one of the main technical challenges of information transmission in campus networks. Furthermore, it has been observed that, network threats and attacks exist from the lower layers of network traffic to the application layer; therefore, this paper proposes an effective multi-layer firewall system for augmenting the functionalities of other network security technologies due to the fact that, irrespective of the type of access control being employed, attacks are still bound to occur. The effectiveness of the proposed network architecture is demonstrated using Cisco Packet Tracer. The simulation results show that, implementation of the proposed topology is viable and offers reasonable degree of security at different network layers.

scholarly journals An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers

Technologies ◽  
2021 ◽  
Vol 9 (1) ◽  
pp. 14
Author(s):  
James Dzisi Gadze ◽  
Akua Acheampomaa Bamfo-Asante ◽  
Justice Owusu Agyemang ◽  
Henry Nunoo-Mensah ◽  
Kwasi Adu-Boahen Opare
Keyword(s):  
Deep Learning ◽  
Network Architecture ◽  
Learning Algorithm ◽  
Single Point ◽  
Denial Of Service ◽  
Specific Work ◽  
Learning Models ◽  
Ddos Attack ◽  
Deep Learning Algorithm ◽  
Proposed Model

Software-Defined Networking (SDN) is a new paradigm that revolutionizes the idea of a software-driven network through the separation of control and data planes. It addresses the problems of traditional network architecture. Nevertheless, this brilliant architecture is exposed to several security threats, e.g., the distributed denial of service (DDoS) attack, which is hard to contain in such software-based networks. The concept of a centralized controller in SDN makes it a single point of attack as well as a single point of failure. In this paper, deep learning-based models, long-short term memory (LSTM) and convolutional neural network (CNN), are investigated. It illustrates their possibility and efficiency in being used in detecting and mitigating DDoS attack. The paper focuses on TCP, UDP, and ICMP flood attacks that target the controller. The performance of the models was evaluated based on the accuracy, recall, and true negative rate. We compared the performance of the deep learning models with classical machine learning models. We further provide details on the time taken to detect and mitigate the attack. Our results show that RNN LSTM is a viable deep learning algorithm that can be applied in the detection and mitigation of DDoS in the SDN controller. Our proposed model produced an accuracy of 89.63%, which outperformed linear-based models such as SVM (86.85%) and Naive Bayes (82.61%). Although KNN, which is a linear-based model, outperformed our proposed model (achieving an accuracy of 99.4%), our proposed model provides a good trade-off between precision and recall, which makes it suitable for DDoS classification. In addition, it was realized that the split ratio of the training and testing datasets can give different results in the performance of a deep learning algorithm used in a specific work. The model achieved the best performance when a split of 70/30 was used in comparison to 80/20 and 60/40 split ratios.

scholarly journals An edge based hybrid intrusion detection framework for mobile edge computing

2021 ◽  
Author(s):  
Ashish Singh ◽  
Kakali Chatterjee ◽  
Suresh Chandra Satapathy
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Network Architecture ◽  
Denial Of Service ◽  
Edge Computing ◽  
Mobile Edge Computing ◽  
Hybrid Detection ◽  
Game Theoretical Approach ◽  
Improved Performance ◽  
Edge Based

AbstractThe Mobile Edge Computing (MEC) model attracts more users to its services due to its characteristics and rapid delivery approach. This network architecture capability enables users to access the information from the edge of the network. But, the security of this edge network architecture is a big challenge. All the MEC services are available in a shared manner and accessed by users via the Internet. Attacks like the user to root, remote login, Denial of Service (DoS), snooping, port scanning, etc., can be possible in this computing environment due to Internet-based remote service. Intrusion detection is an approach to protect the network by detecting attacks. Existing detection models can detect only the known attacks and the efficiency for monitoring the real-time network traffic is low. The existing intrusion detection solutions cannot identify new unknown attacks. Hence, there is a need of an Edge-based Hybrid Intrusion Detection Framework (EHIDF) that not only detects known attacks but also capable of detecting unknown attacks in real time with low False Alarm Rate (FAR). This paper aims to propose an EHIDF which is mainly considered the Machine Learning (ML) approach for detecting intrusive traffics in the MEC environment. The proposed framework consists of three intrusion detection modules with three different classifiers. The Signature Detection Module (SDM) uses a C4.5 classifier, Anomaly Detection Module (ADM) uses Naive-based classifier, and Hybrid Detection Module (HDM) uses the Meta-AdaboostM1 algorithm. The developed EHIDF can solve the present detection problems by detecting new unknown attacks with low FAR. The implementation results illustrate that EHIDF accuracy is 90.25% and FAR is 1.1%. These results are compared with previous works and found improved performance. The accuracy is improved up to 10.78% and FAR is reduced up to 93%. A game-theoretical approach is also discussed to analyze the security strength of the proposed framework.

scholarly journals Effective ion pathways and 3D conductive carbon networks in bentonite host enable stable and high-rate lithium–sulfur batteries

2021 ◽  
Vol 10 (1) ◽  
pp. 20-33
Author(s):  
Lian Wu ◽  
Yongqiang Dai ◽  
Wei Zeng ◽  
Jintao Huang ◽  
Bing Liao ◽  
...  
Keyword(s):  
Network Architecture ◽  
High Performance ◽  
Lithium Ion ◽  
Reversible Capacity ◽  
High Rate ◽  
Lithium Sulfur Batteries ◽  
Carbon Networks ◽  
Carbon Coated ◽  
Lithium Sulfur ◽  
Initial Capacity

Abstract Fast charge transfer and lithium-ion transport in the electrodes are necessary for high performance Li–S batteries. Herein, a N-doped carbon-coated intercalated-bentonite (Bent@C) with interlamellar ion path and 3D conductive network architecture is designed to improve the performance of Li–S batteries by expediting ion/electron transport in the cathode. The interlamellar ion pathways are constructed through inorganic/organic intercalation of bentonite. The 3D conductive networks consist of N-doped carbon, both in the interlayer and on the surface of the modified bentonite. Benefiting from the unique structure of the Bent@C, the S/Bent@C cathode exhibits a high initial capacity of 1,361 mA h g−1 at 0.2C and achieves a high reversible capacity of 618.1 m Ah g−1 at 2C after 500 cycles with a sulfur loading of 2 mg cm−2. Moreover, with a higher sulfur loading of 3.0 mg cm−2, the cathode still delivers a reversible capacity of 560.2 mA h g−1 at 0.1C after 100 cycles.

Detecting Malicious Switches for a Secure Software-defined Tactile Internet

2021 ◽  
Vol 21 (4) ◽  
pp. 1-23
Author(s):  
Bin Yuan ◽  
Chen Lin ◽  
Deqing Zou ◽  
Laurence Tianruo Yang ◽  
Hai Jin
Keyword(s):  
High Speed ◽  
Data Transfer ◽  
Low Cost ◽  
Rapid Development ◽  
Denial Of Service ◽  
Linear Structure ◽  
Network Layers ◽  
High Speed Data ◽  
Network Status ◽  
Sdn Controller

The rapid development of the Internet of Things has led to demand for high-speed data transformation. Serving this purpose is the Tactile Internet, which facilitates data transfer in extra-low latency. In particular, a Tactile Internet based on software-defined networking (SDN) has been broadly deployed because of the proven benefits of SDN in flexible and programmable network management. However, the vulnerabilities of SDN also threaten the security of the Tactile Internet. Specifically, an SDN controller relies on the network status (provided by the underlying switches) to make network decisions, e.g., calculating a routing path to deliver data in the Tactile Internet. Hence, the attackers can compromise the switches to jeopardize the SDN and further attack Tactile Internet systems. For example, an attacker can compromise switches to launch distributed denial-of-service attacks to overwhelm the SDN controller, which will disrupt all the applications in the Tactile Internet. In pursuit of a more secure Tactile Internet, the problem of abnormal SDN switches in the Tactile Internet is analyzed in this article, including the cause of abnormal switches and their influences on different network layers. Then we propose an approach that leverages the messages sent by all switches to identify abnormal switches, which adopts a linear structure to store historical messages at a relatively low cost. By mapping each flow message to the flow establishment model, our method can effectively identify malicious SDN switches in the Tactile Internet and thus enhance its security.

Mixed-signal matched filter for high-rate communication systems

2008 ◽  
Vol 2 (4) ◽  
pp. 354 ◽  
Author(s):  
M.R. Zahabi ◽  
V. Meghdadi ◽  
J.P. Cances ◽  
A. Saemi
Keyword(s):  
Communication Systems ◽  
Matched Filter ◽  
High Rate ◽  
Mixed Signal

scholarly journals The Primary Discussion on the Safety Management of Construction Site

2015 ◽  
Vol 4 (1) ◽  
pp. 19
Author(s):  
Qi Feng
Keyword(s):  
Safety Management ◽  
Working Environment ◽  
Construction Site ◽  
Security Measures ◽  
Construction Enterprises ◽  
Construction Companies ◽  
Security Technologies ◽  
Supervision And Management ◽  
Project Construction ◽  
Property Losses

<p>In recent years in building construction site construction workers due to the complexity, the project construction period, the working environment is poor, the construction process hazard and more security-conscious workers partial bottom. When accidents occur, such as by falling, falling objects wounding, electric shock, earthmoving collapse, overturning and other machinery, causing casualties, to construction companies and property losses caused by the economy to varying degrees. Throughout its reasons, one is security responsibilities are not clear, safety supervision and management system is not perfect, the other is the weakening of the internal management of construction enterprises, especially flawed construction site management, lack of effective security measures, the responsibility is not implemented, management personnel and operations personnel have not performed the necessary education and training, lack of knowledge of security technologies, illegal command, illegal operation.</p>

Analysis of Issues in SDN Security and Solutions

2018 ◽  
pp. 217-239
Author(s):  
Ankur Dumka ◽  
Hardwari Lal Mandoria ◽  
Anushree Sah
Keyword(s):  
Network Topology ◽  
Network Architecture ◽  
Denial Of Service ◽  
Network Services ◽  
Software Defined Network ◽  
Denial Of Service Attack ◽  
Man In The Middle ◽  
Service Attack ◽  
Topology Information ◽  
The Given

The chapter surveys the analysis of all the security aspects of software-defined network and determines the areas that are prone to security attacks in the given software-defined network architecture. If the fundamental network topology information is poisoned, all the dependent network services will become immediately affected, causing catastrophic problems like host location hijacking attack, link fabrication attack, denial of service attack, man in the middle attack. These attacks affect the following features of SDN: availability, performance, integrity, and security. The flexibility in the programmability of control plane has both acted as a bane as well as a boon to SDN. Like the ARP poisoning in the legacy networks, there are several other vulnerabilities in the SDN architecture as well.

Visualization Technique for Intrusion Detection

2018 ◽  
pp. 276-290
Author(s):  
Mohamed Cheikh ◽  
Salima Hacini ◽  
Zizette Boufaida
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
Detection System ◽  
Denial Of Service ◽  
High Rate ◽  
False Alarms ◽  
Dos Attacks ◽  
Network Parameter ◽  
A New Technique ◽  
Parameter Values

Intrusion detection system (IDS) plays a vital and crucial role in a computer security. However, they suffer from a number of problems such as low detection of DoS (denial-of-service)/DDoS (distributed denial-of-service) attacks with a high rate of false alarms. In this chapter, a new technique for detecting DoS attacks is proposed; it detects DOS attacks using a set of classifiers and visualizes them in real time. This technique is based on the collection of network parameter values (data packets), which are automatically represented by simple geometric graphs in order to highlight relevant elements. Two implementations for this technique are performed. The first is based on the Euclidian distance while the second is based on KNN algorithm. The effectiveness of the proposed technique has been proven through a simulation of network traffic drawn from the 10% KDD and a comparison with other classification techniques for intrusion detection.

Sign in / Sign up

Export Citation Format

Share Document