Optimizing network microsegmentation policy for cyber resilience

This paper describes an approach for improving cyber resilience through the synthesis of optimal microsegmentation policy for a network. By leveraging microsegmentation security architecture, we can reason about fine-grained policy rules that enforce access for given combinations of source address, destination address, destination port, and protocol. Our approach determines microsegmentation policy rules that limit adversarial movement within a network according to assumed attack scenarios and mission availability needs. For this problem, we formulate a novel optimization objective function that balances cyberattack risks against accessibility to critical network resources. Given the application of a particular set of policy rules as a candidate optimal solution, this objective function estimates the adversary effort for carrying out a particular attack scenario, which it balances against the extent to which the solution restricts access to mission-critical services. We then apply artificial intelligence techniques (evolutionary programming) to learn microsegmentation policy rules that optimize this objective function.

Social Interaction based on Online Media in the use of Transportation

Online transportation is part of the development of technology that is needed by anyone in carrying out daily activities. This study aims to find out online media-based social interactions in the use of transportation. This research uses qualitative method with observation data collection and in-depth interview. The results showed that the interaction of city people based on online media in using transportation, among others (1) every community is required to be able to use online media, (2) communication conducted in online media discussing about pickup address and destination address, (3) People as consumers can know the amount of payment from the distance traveled through online applications and maps, and (4) the public will give assessment points after receiving transport services online.

Policy Disputes In BGP: Analysis, Detection And Proposed Solution

Border Gateway Protocol (BGP) is the de-facto inter-domain routing protocol in the Internet, which involves exchange of routing information among the ASes that is used by the routers in an AS to compute paths to destination address blocks or prefixes in the Internet. The BGP is a path-vector and policy-based routing that allows each AS to independently define a set of local policies for route selection. However, since routes are selected based on local policies of the ASes, it might cause global conflicts or network topology disputes among the ASes. In this thesis, first we present a survey and in-depth analysis of the existing available solutions and their implementations for the BGP policy induced faults. Then, we discuss the tool we have developed for identifying the BGP faults or route instability within an autonomous system due to local policy. Finally, we propose a new solution to detect and eliminate the route oscillation in the BGP best path selection process due to local policy conflicts among ASes. We also present the test cases that we developed using BGP simulator for simulating oscillation faults in the test-bed and then discuss their results.

Policy Disputes In BGP: Analysis, Detection And Proposed Solution

Border Gateway Protocol (BGP) is the de-facto inter-domain routing protocol in the Internet, which involves exchange of routing information among the ASes that is used by the routers in an AS to compute paths to destination address blocks or prefixes in the Internet. The BGP is a path-vector and policy-based routing that allows each AS to independently define a set of local policies for route selection. However, since routes are selected based on local policies of the ASes, it might cause global conflicts or network topology disputes among the ASes. In this thesis, first we present a survey and in-depth analysis of the existing available solutions and their implementations for the BGP policy induced faults. Then, we discuss the tool we have developed for identifying the BGP faults or route instability within an autonomous system due to local policy. Finally, we propose a new solution to detect and eliminate the route oscillation in the BGP best path selection process due to local policy conflicts among ASes. We also present the test cases that we developed using BGP simulator for simulating oscillation faults in the test-bed and then discuss their results.

Address Recognition System for Postal Service Using Neural Networks

While most of the Indian industries are in the process of automation, it is a bitter truth that the Indian Postal System is still using manual intervention for its mail sorting and processing. Although for postal automation there are many pieces of work towards street name recognition in non-Indian languages, to the best of our knowledge there is no work on street name recognition in Indian languages. The Automatic Mail Processor (AMP), which we have designed, scans a mail and interprets the imperative fields of the destination address such as the Pin Code, City name, Locality name and the Street name. The interpreted address is subsequently converted into a QR code. The code is reprinted onto the mail which can be read by a low-cost machine. By converting the destination address into a barcode, all of the future sorting processes can be accomplished by using a mechanical machine sorter, which can sort the mails according to the barcode present on them. We used two main approaches to accomplish this task: classifying words directly and character segmentation. For the former, we use Convolutional Neural Network (CNN) with various architectures to train a model that can precisely classify words. We then pass the segmented characters to a R ecurrent Neural Network (RNN) for classification and then reconstruct each word according to the results of classification and segmentation.

Peer Connection Classifier Method for Load Balancing Technique

A large number of requests for internet access causes a long response time resulting in an overload problem. This problem occurs in offices that provide public services such as the Soeman HS Regional Library and Archives Office in Riau Province. So that service work is not disrupted due to overload, network optimization is carried out using Load Balancing Techniques. Load Balancing will balance load traffic on two or more connection lines so that traffic can run optimally. The method used is the Peer Connection Classifier (PCC). This method will divide the load based on the source, destination address, and port address. All internet requests from users will go to the router that has been configured with Load Balancing with the PCC method. The router will manage outgoing requests from users through the Internet Service Provider 1 (ISP 1) line or ISP line 2 to be able to enter the internet connection. The test results show equal distribution of outgoing access to ISP 1 and ISP 2 lines so that there is no overload on any ISP lines. This configuration will be applied to the Mikrotik router using the Winbox application.

Addressless: A new internet server model to prevent network scanning

Eliminating unnecessary exposure is a principle of server security. The huge IPv6 address space enhances security by making scanning infeasible, however, with recent advances of IPv6 scanning technologies, network scanning is again threatening server security. In this paper, we propose a new model named addressless server, which separates the server into an entrance module and a main service module, and assigns an IPv6 prefix instead of an IPv6 address to the main service module. The entrance module generates a legitimate IPv6 address under this prefix by encrypting the client address, so that the client can access the main server on a destination address that is different in each connection. In this way, the model provides isolation to the main server, prevents network scanning, and minimizes exposure. Moreover it provides a novel framework that supports flexible load balancing, high-availability, and other desirable features. The model is simple and does not require any modification to the client or the network. We implement a prototype and experiments show that our model can prevent the main server from being scanned at a slight performance cost.

Management of Load-Balancing Data Stream in Interposer-Based Network-on-Chip Using Specific Virtual Channels

The interaction between cores and memory blocks, in multiprocessor chips and smart systems, has always been a concern as it affects network latency, memory capacity, and power consumption. A new 2.5-dimensional architecture has been introduced in which the communication between the processing elements and the memory blocks is provided through a layer called the interposer. If the core wants to connect to another, it uses the top layer, and if it wants to interact with the memory blocks, it uses the interposer layer. In a case that coherence traffic at the processing layer increases to the extent that congestion occurs, a part of this traffic may be transferred to the interposer network under a mechanism called load balancing. When coherence traffic is moved to the interposer layer, as an alternative way, this may interfere with memory traffic. This paper introduces a mechanism in which the aforementioned interference may be avoided by defining two different virtual channels and using multiple links which specifically determines which memory block is going to be accessed. Our method is based on the destination address to recognize which channel and link should be selected while using the interposer layer. The simulation results show that the proposed mechanism has improved by 32% and 14% latency compared to the traditional load-balancing and unbalanced mechanisms, respectively.

Perlindungan Hukum terhadap Konsumen Khusus Jasa Penumpang Angkutan Darat

Legal Protection is all businesses that bear the existence of legal provisions in providing protection to passengers or consumers who use the services of business operators to protect consumers from things that are not desirable. Public Transport Online is one of the public transportation media that is often used by the general public not only to transport passengers but to bring goods to be delivered to the destination address at a rate previously agreed. This study aims to analyze the factors that cause consumer losses for online transportation transport passengers and their protection in accordance with Law No. 8 of 1999 concerning Consumer Protection. This research was designed using the approach of Empirical Law research. The technique used in collecting data, namely the interview technique, was carried out at PT Aplikasi Karya Anak Bangsa. The results of this study indicate that the Online Public Transport Company is fully liable for losses caused by all people employed in public transport activities, besides online public transport companies and service carriers are fully obliged to sort out the compensation experienced by consumers and / or goods that can result disability and / or death, unless caused by an event that cannot be avoided or prevented due to passenger negligence. Through this research it is expected that consumers and service drivers must know each other's role and what their rights and obligations are so that it can reduce the loss for consumers or drivers of public transportation services.

Automated Toll Tax Collection System to Reduce Traffic Time and Energy

In the technological world most of the problems are solved by the use of remote technology. Here in our paper we are identified the toll plaza problem and make the solution for this problem. When the user using our application initially they are select the current place and the destination place. After selecting the source and destination address the possible routes are displayed using Google maps. After selecting the particular route the number of toll plaza displayed to the user and the toll amount for each tollgate also displayed. These toll amounts for every tollgate was updated by the admin panel. Then user can know about the expenditure particularly for tollgates while travelling to somewhere. In next when we comes to payment options here two types of payment done in our application. In the first user can make the total toll amount before starts the travel. Here in this phase the toll amount for each tollgate was updated by the admin panel. In the second phase payment for the tollgate would be done by automatically at that time like when the user reaches particular distance before the tollgate amount will debited from the account. Finally through our application we can previously know the number of tollgates and makes the payment before arriving. Then these are all reducing the waiting time of the user in the tollgates.