scholarly journals AULD: Large Scale Suspicious DNS Activities Detection via Unsupervised Learning in Advanced Persistent Threats

Sensors ◽  
2019 ◽  
Vol 19 (14) ◽  
pp. 3180 ◽  
Author(s):  
Guanghua Yan ◽  
Qiang Li ◽  
Dong Guo ◽  
Bing Li
Keyword(s):  
Unsupervised Learning ◽  
Large Scale ◽  
Security Level ◽  
Security Measures ◽  
Target Groups ◽  
Log Data ◽  
Domain Names ◽  
Advanced Persistent Threats ◽  
Long Time ◽  
The Internet Of Things

In recent years, sensors in the Internet of things have been commonly used in Human’s life. APT (Advanced Persistent Threats) has caused serious damage to network security and the sensors play an important role in the attack process. For a long time, attackers infiltrate, attack, conceal, spread, and steal information of target groups through the compound use of various attacking means, while existing security measures based on single-time nodes cannot defend against such attacks. Attackers often exploit the sensors’ vulnerabilities to attack targets because the security level of the sensors is relatively low when compared with that of the host. We can find APT attacks by checking the suspicious domains generated at different APT attack stages, since every APT attack has to use DNS to communicate. Although this method works, two challenges still exist: (1) the detection method needs to check a large scale of log data; (2) the small number of attacking samples limits conventional supervised learning. This paper proposes an APT detection framework AULD (Advanced Persistent Threats Unsupervised Learning Detection) to detect suspicious domains in APT attacks by using unsupervised learning. We extract ten important features from the host, domain name, and time from a large number of DNS log data. Later, we get the suspicious cluster by performing unsupervised learning. We put all of the domains in the cluster into the list of malicious domains. We collected 1,584,225,274 DNS records from our university network. The experiments show that AULD detected all of the attacking samples and that AULD can effectively detect the suspicious domain names in APT attacks.

scholarly journals Evaluating the Impact of Name Resolution Dependence on the DNS

2019 ◽  
Vol 2019 ◽  
pp. 1-12
Author(s):  
Haiyan Xu ◽  
Zhaoxin Zhang ◽  
Jianen Yan ◽  
Xin Ma
Keyword(s):  
Large Scale ◽  
Scale Free Network ◽  
Security Measures ◽  
Scale Free ◽  
Domain Names ◽  
The Core ◽  
Complex Dependence ◽  
Random Failure ◽  
Free Network ◽  
The Impact

In the process of resolving domain names to IP addresses, there exist complex dependence relationships between domains and name servers. This paper studies the impact of the resolution dependence on the DNS through constructing a domain name resolution network based on large-scale actual data. The core nodes of the resolution network are mined from different perspectives by means of four methods. Then, both core attacks and random attacks on the network are simulated for further vulnerability analysis. The experimental results show that when the top 1% of the core nodes in the network are attacked, 46.19% of the domain names become unresolved, and the load of the residual network increases by nearly 195%, while only 0.01% of domain names fail to be resolved and the load increases with 18% in the same attack scale of the random mode. For these key nodes, we need to take effective security measures to prevent them from being attacked. The simulation experiment also proves that the resolution network is a scale-free network, which exhibits robustness against random failure and vulnerability against intentional attacks. These findings provide new references for the configuration of the DNS.

TO THE QUESTION OF RESPONSIBILITY FOR TORTURE IN THE RUSSIAN FEDERATION

2020 ◽  
Vol 10 (2) ◽  
pp. 103-106
Author(s):  
ASTEMIR ZHURTOV ◽  
Keyword(s):  
Human Rights ◽  
Russian Federation ◽  
Large Scale ◽  
Human Life ◽  
International Standards ◽  
World Community ◽  
The World ◽  
Long Time ◽  
Protection Of Human Rights ◽  
The Russian Federation

Cruel and inhumane acts that harm human life and health, as well as humiliate the dignity, are prohibited in most countries of the world, and Russia is no exception in this issue. The article presents an analysis of the institution of responsibility for torture in the Russian Federation. The author comes to the conclusion that the current criminal law of Russia superficially and fragmentally regulates liability for torture, in connection with which the author formulated the proposals to define such act as an independent crime. In the frame of modern globalization, the world community pays special attention to the protection of human rights, in connection with which large-scale international standards have been created a long time ago. The Universal Declaration of Human Rights and other international acts enshrine prohibitions of cruel and inhumane acts that harm human life and health, as well as degrade the dignity.Considering the historical experience of the past, these standards focus on the prohibition of any kind of torture, regardless of the purpose of their implementation.

A large-scale analysis of HTTPS deployments: Challenges, solutions, and recommendations

2020 ◽  
pp. 1-26
Author(s):  
Qinwen Hu ◽  
Muhammad Rizwan Asghar ◽  
Nevil Brownlee
Keyword(s):  
Secure Communication ◽  
Large Scale ◽  
Transport Layer ◽  
Security Level ◽  
Secure Socket Layer ◽  
Security Issues ◽  
Large Scale Analysis ◽  
Government Websites ◽  
Encrypted Communication ◽  
Specific Implementation

HTTPS refers to an application-specific implementation that runs HyperText Transfer Protocol (HTTP) on top of Secure Socket Layer (SSL) or Transport Layer Security (TLS). HTTPS is used to provide encrypted communication and secure identification of web servers and clients, for different purposes such as online banking and e-commerce. However, many HTTPS vulnerabilities have been disclosed in recent years. Although many studies have pointed out that these vulnerabilities can lead to serious consequences, domain administrators seem to ignore them. In this study, we evaluate the HTTPS security level of Alexa’s top 1 million domains from two perspectives. First, we explore which popular sites are still affected by those well-known security issues. Our results show that less than 0.1% of HTTPS-enabled servers in the measured domains are still vulnerable to known attacks including Rivest Cipher 4 (RC4), Compression Ratio Info-Leak Mass Exploitation (CRIME), Padding Oracle On Downgraded Legacy Encryption (POODLE), Factoring RSA Export Keys (FREAK), Logjam, and Decrypting Rivest–Shamir–Adleman (RSA) using Obsolete and Weakened eNcryption (DROWN). Second, we assess the security level of the digital certificates used by each measured HTTPS domain. Our results highlight that less than 0.52% domains use the expired certificate, 0.42% HTTPS certificates contain different hostnames, and 2.59% HTTPS domains use a self-signed certificate. The domains we investigate in our study cover 5 regions (including ARIN, RIPE NCC, APNIC, LACNIC, and AFRINIC) and 61 different categories such as online shopping websites, banking websites, educational websites, and government websites. Although our results show that the problem still exists, we find that changes have been taking place when HTTPS vulnerabilities were discovered. Through this three-year study, we found that more attention has been paid to the use and configuration of HTTPS. For example, more and more domains begin to enable the HTTPS protocol to ensure a secure communication channel between users and websites. From the first measurement, we observed that many domains are still using TLS 1.0 and 1.1, SSL 2.0, and SSL 3.0 protocols to support user clients that use outdated systems. As the previous studies revealed security risks of using these protocols, in the subsequent studies, we found that the majority of domains updated their TLS protocol on time. Our 2020 results suggest that most HTTPS domains use the TLS 1.2 protocol and show that some HTTPS domains are still vulnerable to the existing known attacks. As academics and industry professionals continue to disclose attacks against HTTPS and recommend the secure configuration of HTTPS, we found that the number of vulnerable domain is gradually decreasing every year.

scholarly journals IoT Traffic: Modeling and Measurement Experiments

IoT ◽  
2021 ◽  
Vol 2 (1) ◽  
pp. 140-162
Author(s):  
Hung Nguyen-An ◽  
Thomas Silverston ◽  
Taku Yamazaki ◽  
Takumi Miyoshi
Keyword(s):  
Smart Home ◽  
Large Scale ◽  
Traffic Modeling ◽  
The Novel ◽  
Network Behavior ◽  
Performance Accuracy ◽  
Traffic Generator ◽  
Multiple Devices ◽  
Iot Devices ◽  
The Internet Of Things

We now use the Internet of things (IoT) in our everyday lives. The novel IoT devices collect cyber–physical data and provide information on the environment. Hence, IoT traffic will count for a major part of Internet traffic; however, its impact on the network is still widely unknown. IoT devices are prone to cyberattacks because of constrained resources or misconfigurations. It is essential to characterize IoT traffic and identify each device to monitor the IoT network and discriminate among legitimate and anomalous IoT traffic. In this study, we deployed a smart-home testbed comprising several IoT devices to study IoT traffic. We performed extensive measurement experiments using a novel IoT traffic generator tool called IoTTGen. This tool can generate traffic from multiple devices, emulating large-scale scenarios with different devices under different network conditions. We analyzed the IoT traffic properties by computing the entropy value of traffic parameters and visually observing the traffic on behavior shape graphs. We propose a new method for identifying traffic entropy-based devices, computing the entropy values of traffic features. The method relies on machine learning to classify the traffic. The proposed method succeeded in identifying devices with a performance accuracy up to 94% and is robust with unpredictable network behavior with traffic anomalies spreading in the network.

scholarly journals Rechained: Sybil-Resistant Distributed Identities for the Internet of Things and Mobile Ad Hoc Networks

Sensors ◽  
2021 ◽  
Vol 21 (9) ◽  
pp. 3257
Author(s):  
Arne Bochem ◽  
Benjamin Leiding
Keyword(s):  
Internet Of Things ◽  
Ad Hoc ◽  
Upper And Lower Bounds ◽  
Colored Petri Nets ◽  
Security Level ◽  
Internet Connectivity ◽  
Mobile Ad Hoc ◽  
Hoc Networks ◽  
Detection Schemes ◽  
The Internet Of Things

Today, increasing Internet of Things devices are deployed, and the field of applications for decentralized, self-organizing networks keeps growing. The growth also makes these systems more attractive to attackers. Sybil attacks are a common issue, especially in decentralized networks and networks that are deployed in scenarios with irregular or unreliable Internet connectivity. The lack of a central authority that can be contacted at any time allows attackers to introduce arbitrary amounts of nodes into the network and manipulate its behavior according to the attacker’s goals, by posing as a majority participant. Depending on the structure of the network, employing Sybil node detection schemes may be difficult, and low powered Internet of Things devices are usually unable to perform impactful amounts of work for proof-of-work based schemes. In this paper, we present Rechained, a scheme that monetarily disincentivizes the creation of Sybil identities for networks that can operate with intermittent or no Internet connectivity. We introduce a new revocation mechanism for identities, tie them into the concepts of self-sovereign identities, and decentralized identifiers. Case-studies are used to discuss upper- and lower-bounds for the costs of Sybil identities and, therefore, the provided security level. Furthermore, we formalize the protocol using Colored Petri Nets to analyze its correctness and suitability. Proof-of-concept implementations are used to evaluate the performance of our scheme on low powered hardware as it might be found in Internet of Things applications.

scholarly journals From “the Moon Is Rounder Abroad” to “Bravo, My Country”: How China Misperceives the World

2021 ◽  
Vol 56 (1) ◽  
pp. 112-130 ◽  
Author(s):  
Haifeng Huang
Keyword(s):  
Large Scale ◽  
Chinese Society ◽  
The Moon ◽  
Foreign Countries ◽  
The Social ◽  
The World ◽  
Long Time ◽  
Global Affairs ◽  
Chinese Public

AbstractFor a long time, since China’s opening to the outside world in the late 1970s, admiration for foreign socioeconomic prosperity and quality of life characterized much of the Chinese society, which contributed to dissatisfaction with the country’s development and government and a large-scale exodus of students and emigrants to foreign countries. More recently, however, overestimating China’s standing and popularity in the world has become a more conspicuous feature of Chinese public opinion and the social backdrop of the country’s overreach in global affairs in the last few years. This essay discusses the effects of these misperceptions about the world, their potential sources, and the outcomes of correcting misperceptions. It concludes that while the world should get China right and not misinterpret China’s intentions and actions, China should also get the world right and have a more balanced understanding of its relationship with the world.

scholarly journals Design and Evaluation of Large-Scale IoT-Enabled Healthcare Architecture

2021 ◽  
Vol 11 (8) ◽  
pp. 3623
Author(s):  
Omar Said ◽  
Amr Tolba
Keyword(s):  
Packet Loss ◽  
Large Scale ◽  
Performance Metrics ◽  
Medical System ◽  
Healthcare Data ◽  
High Altitude Platforms ◽  
Wide Range ◽  
Simulation Results ◽  
Healthcare Architecture ◽  
The Internet Of Things

Employment of the Internet of Things (IoT) technology in the healthcare field can contribute to recruiting heterogeneous medical devices and creating smart cooperation between them. This cooperation leads to an increase in the efficiency of the entire medical system, thus accelerating the diagnosis and curing of patients, in general, and rescuing critical cases in particular. In this paper, a large-scale IoT-enabled healthcare architecture is proposed. To achieve a wide range of communication between healthcare devices, not only are Internet coverage tools utilized but also satellites and high-altitude platforms (HAPs). In addition, the clustering idea is applied in the proposed architecture to facilitate its management. Moreover, healthcare data are prioritized into several levels of importance. Finally, NS3 is used to measure the performance of the proposed IoT-enabled healthcare architecture. The performance metrics are delay, energy consumption, packet loss, coverage tool usage, throughput, percentage of served users, and percentage of each exchanged data type. The simulation results demonstrate that the proposed IoT-enabled healthcare architecture outperforms the traditional healthcare architecture.

scholarly journals Internet of Vehicles: Commencing Intellectual Hoarse Towards Self-Regulating Cars and Vehicular Clouds for Smart Transportation Structure [Vehicular Ad-Hoc Network: A Review and Application in the Internet of Vehicles]

2018 ◽  
Vol 7 (3.12) ◽  
pp. 545
Author(s):  
Risabh Mishra ◽  
M Safa ◽  
Aditya Anand
Keyword(s):  
Internet Of Things ◽  
Wireless Communication ◽  
Automobile Industry ◽  
Information Exchange ◽  
Large Scale ◽  
Intelligent Transportation System ◽  
Information Service ◽  
The Internet ◽  
Internet Of Vehicles ◽  
The Internet Of Things

Recent advances in wireless communication technologies and automobile industry have triggered a significant research interest in the field of Internet of Vehicles over the past few years.The advanced period of the Internet of Things is guiding the development of conventional Vehicular Networks to the Internet of Vehicles.In the days of Internet connectivity there is need to be in safe and problem-free environment.The Internet of Vehicles (IoV) is normally a mixing of three networks: an inter-vehicleNetwork, an intra-vehicle network, and a vehicle to vehicle network.Based on  idea of three networks combining into one, we define  Internet of Vehicles as a large-scale distributed system to wireless communication and information exchange between vehicle2X (X: vehicle, road, human and internet).It is a combined   network for supporting intelligent traffic management, intelligent dynamic information service, and intelligent vehicle control, representation of an application of the Internet of Things (IoT) technology for intelligent transportation system (ITS).  

The Influence of Environmental Factors on Daily Behaviour

1982 ◽  
Vol 14 (9) ◽  
pp. 1175-1193 ◽  
Author(s):  
R Herz
Keyword(s):  
Social Sciences ◽  
Physical Environment ◽  
Town Planning ◽  
Target Groups ◽  
Subjective Perceptions ◽  
Demand Models ◽  
Long Time ◽  
Observed Behaviour ◽  
The Individual ◽  
Transport Mobility

The question of the extent to which the concrete physical environment allows, causes, or even forces certain forms of behaviour to occur has been excluded from social sciences literature for a long time. More recent studies from environmental psychology show that the built environment, filtered by subjective perceptions, very probably influences the experience and actions of individuals. Town planning and transport planning is orientated towards the needs, demands, or simply the observed behaviour of social groups, segments of the population, and target groups of individuals. However, at this level the evidence about whether a spatiospecific determinant should be added to the sociodemographic, sociocultural, or socioeconomic determinants is very inconclusive. This paper investigates the influence of certain types of area on behaviour, and uses about 70000 weekday records at the level of differentiated groups of people. Everyday behaviour of the groups is quantified by their time budgets and daily programmes with broad groupings of out-of-house activities as well as various indicators of transport mobility. This study shows that with given characteristics of the individual and his household a series of behavioural parameters does not vary in space and thus these parameters can be used as input for behaviourally orientated transport demand models and transferred from one planning area to another.

scholarly journals A DHT-Based Discovery Service for the Internet of Things

2012 ◽  
Vol 2012 ◽  
pp. 1-11 ◽  
Author(s):  
Federica Paganelli ◽  
David Parlanti
Keyword(s):  
Internet Of Things ◽  
Large Scale ◽  
Future Internet ◽  
Peer To Peer ◽  
The Internet ◽  
Dangerous Goods ◽  
Discovery Service ◽  
Single Attribute ◽  
Smart Things ◽  
The Internet Of Things

Current trends towards the Future Internet are envisaging the conception of novel services endowed with context-aware and autonomic capabilities to improve end users’ quality of life. The Internet of Things paradigm is expected to contribute towards this ambitious vision by proposing models and mechanisms enabling the creation of networks of “smart things” on a large scale. It is widely recognized that efficient mechanisms for discovering available resources and capabilities are required to realize such vision. The contribution of this work consists in a novel discovery service for the Internet of Things. The proposed solution adopts a peer-to-peer approach for guaranteeing scalability, robustness, and easy maintenance of the overall system. While most existing peer-to-peer discovery services proposed for the IoT support solely exact match queries on a single attribute (i.e., the object identifier), our solution can handle multiattribute and range queries. We defined a layered approach by distinguishing three main aspects: multiattribute indexing, range query support, peer-to-peer routing. We chose to adopt an over-DHT indexing scheme to guarantee ease of design and implementation principles. We report on the implementation of a Proof of Concept in a dangerous goods monitoring scenario, and, finally, we discuss test results for structural properties and query performance evaluation.

Sign in / Sign up

Export Citation Format

Share Document