دانلود و نمایش مقالات مرتبط با امنیت شبکه::صفحه 1
بلافاصله پس از پرداخت دانلود کنید
نتیجه جستجو - امنیت شبکه

تعداد مقالات یافته شده: 43
ردیف عنوان نوع
1 Data-driven software defined network attack detection : State-of-the-art and perspectives
تشخیص حمله به شبکه تعریف شده نرم افزار داده محور: حالت پیشرفته و چشم انداز-2020
SDN (Software Defined Network) has emerged as a revolutionary technology in network, a substantial amount of researches have been dedicated to security of SDNs to support their various applications. The paper firstly analyzes State-of-the-Art of SDN security from data perspectives. Then some typical network attack detection (NAD) methods are surveyed, in- cluding machine learning based methods and statistical methods. After that, a novel tensor based network attack detection method named tensor principal component analysis (TPCA) is proposed to detect attacks. After surveying the last data-driven SDN frameworks, a ten- sor based big data-driven SDN attack detection framework is proposed for SDN security. In the end, a case study is illustrated to verify the effectiveness of the proposed framework.
Keywords: Network attack detection | Data-driven | Tensor | Network security | Software defined network (SDN)
مقاله انگلیسی
2 SKA-PS: Secure key agreement protocol using physiological signals
SKA-PS: پروتکل توافق کلید امن با استفاده از سیگنال های فیزیولوژیکی-2019
In this paper, we propose SKA-PS, a novel Secure Key Agreement protocol using Physiological Signals, for Body Area Networks (BANs). Our protocol generates symmetric cryptographic keys using the physio- logical parameters derived from the physiological signals of the users, such as electrocardiogram, photo- plethysmogram and blood pressure. In our construction, we reduce the problem of secure key agreement into the problem of set reconciliation by representing the physiological parameter sequences generated from the physiological signals of the BAN users with appropriate sets. When properly selected param- eters are applied, biosensors of the same BAN user can agree on symmetric cryptographic keys with remarkably high true match and low false match rates (as much as 100% and 0.46% for pairwise execu- tion, and 100% and 0.26% for group execution, respectively), and low communication, computational and storage costs. We implemented our model in an embedded system, thus the results show real imple- mentation outcomes. Moreover, we comparatively analyze the performance of SKA-PS with two existing bio-cryptographic key agreement protocols and show that SKA-PS outperforms both in all performance metrics.
Keywords: Cryptographic key generation | Body area network security | Physiological signals | Key agreement | Bio-cryptography
مقاله انگلیسی
3 A cost analysis of machine learning using dynamic runtime opcodes for malware detection
تجزیه و تحلیل هزینه از یادگیری ماشین با استفاده از کد زمان اجرا پویا برای تشخیص بدافزار-2019
The ongoing battle between malware distributors and those seeking to prevent the onslaught of malicious code has, so far, favored the former. Anti-virus methods are faltering with the rapid evolution and distribution of new malware, with obfuscation and detection evasion techniques exacerbating the issue. Recent research has monitored low-level opcodes to detect malware. Such dynamic analysis reveals the code at runtime, allowing the true behaviour to be examined. While previous research uses machine learning techniques to accurately detect malware using dynamic runtime opcodes, underpinning datasets have been poorly sampled and inadequate in size. Further, the datasets are always fixed size and no attempt, to our knowledge, has been made to examine the cost of retraining malware classification models on datasets which grow continually. In the literature, researchers discuss the explosion of malware, yet opcode analyses have used fixed-size datasets, with no deference to how this model will cope with retraining on escalating datasets. The research presented here examines this problem, and makes several novel contributions to the current body of knowledge. First, the performance of 23 machine learning algorithms are investigated with respect to the largest run trace dataset in the literature. Second, following an extensive hyperpa- rameter selection process, the performance of each classifier is compared, on both accuracy and computational costs (CPU time). Lastly, the cost of retraining and testing updatable and non-updatable classifiers, both parallelized and non-parallelized, is examined with simu- lated escalating datasets. This provides insight into how implemented malware classifiers would perform, given simulated dataset escalation. We find that parallelized RandomForest, using 4 cores, provides the optimal performance, with high accuracy and low training and testing times.
Keywords: Malicious code | Network security | Machine learning Computer security | Malware
مقاله انگلیسی
4 An efficient hybrid deep learning approach for internet security
یک رویکرد یادگیری عمیق ترکیبی کارآمد برای امنیت اینترنت-2019
Nowadays, internet is mostly used communication tool worldwide. However, the major problem of the internet is to provide security. To provide internet security, many researches and papers have been suggested about information and network security. The commonly used system against network attacks is firewalls. In this study, a novel firewall data classification approach is presented. This approach uses 10 cases to obtain numerical results. The proposed approach consists of data acquisition from Firewall, feature selection and classification steps. Firstly, the Firewall data were gathered from a Firewall. Then, the redundant features are eliminated and these features are normalized using min–max normalization. The obtained final feature sets are forwarded to classifiers. In the cases defined, Long Short-Term Memory (LSTM), Bi-directional Long Short-Term Memory (Bi-LSTM) and Support Vector Machine (SVM) are utilized as classifiers. It was seen from the results, the deep learning approach are more successful than SVM classifier and the highest classification accuracy was calculated as 97.38% by using Bi-LSTM-LSTM hybrid network. The proposed method has several advantages and these are (1) the proposed method achieved high success rates using hybrid deep learning approaches (2) the training time of the proposed method is short (3) an intelligent network security monitoring method is presented using basic methods and deep learning. In addition, a useful approach has been presented to achieve high success rate at the end of the faster training process than traditional machine learning methods. Briefly, an intelligent monitoring system is proposed for network security.
Keywords: Deep learning | LSTM | Bi-LSTM | Network security | Classification | Big data
مقاله انگلیسی
5 A resource-preserving self-regulating Uncoupled MAC algorithm to be applied in incident detection
یک الگوریتم MAC زوج نشده خود تنظیم با حفظ منابع برای شناسایی حوادث-2019
The connectivity of embedded systems is increasing accompanied with thriving technology such as Internet of Things/Everything (IoT/E), Connected Cars, Smart Cities, Industry 4.0, 5G or Software-Defined Everything. Apart from the benefits of these trends, the continuous networking offers hackers a broad spectrum of attack vectors. The identification of attacks or unknown behavior through Intrusion Detection Systems (IDS) has established itself as a conducive and mandatory mechanism apart from the protection by cryptographic schemes in a holistic security eco-system. In systems where resources are valuable goods and stand in contrast to the ever increasing amount of network traffic, sampling has become a useful utility in order to detect malicious activities on a manageable amount of data. In this work an algorithm – Uncoupled MAC – is presented which secures network communica- tion through a cryptographic scheme by uncoupled Message Authentication Codes (MAC) but as a side effect also provides IDS functionality producing alarms based on the violation of Uncoupled MAC values. Through a novel self-regulation extension, the algorithm adapts it’s sampling parameters based on the detection of malicious actions. The evaluation in a virtualized environment clearly shows that the detection rate increases over runtime for different attack scenarios. Those even cover scenarios in which intelligent attackers try to exploit the downsides of sampling
Keywords: Network security | Adaptive intrusion detection | Message authentication | Self-regulation | Resource conservation
مقاله انگلیسی
6 امنیت IoT: مرور کلی، راهکارهای زنجیره بلوکی و چالش های موجود
سال انتشار: 2018 - تعداد صفحات فایل pdf انگلیسی: 17 - تعداد صفحات فایل doc فارسی: 44
چکیده : با ظهور خانه های هوشمند، شهرهای هوشمند و اشیای هوشمند، اینترنت اشیاء (IoT) در قالب زمینه ای با اثرات، پتانسیل ها و پیشرفت های باورنکردنی ظهور یافته است، به طوری که شرکت سیسکو پیش بینی می کند که تا سال 2020، حدود 50 میلیارد دستگاه متصل وجود داشته باشد. با این حال، بیشتر این دستگاه های IoT به راحتی هک شده و لطمه می بینند. به طور معمول، این دستگاه های IoT در زمینه محاسبه، ذخیره سازی و ظرفیت شبکه محدودیت دارند و بنابراین، نسبت به دستگاه های دیگر همچون گوشی های هوشمند، تبلت ها یا کامپیوترها، در مقابل حملات آسیب پذیرتر می باشند. در این مقاله به ارائه و بررسی مسائل امنیتی عمده در اینترنت اشیاء می پردازیم. ما مسائل امنیتی مورد توجه در خصوص معماری لایه ای IoT در کنار پروتکل های بکار رفته برای شبکه سازی، ارتباطات و مدیریت را مرور و طبقه بندی می کنیم. الزامات امنیتی برای IoT در کنار حملات، تهدیدات و راهکارهای جدید و پیشرفته را ارائه می کنیم. علاوه بر این، مسائل امنیتی IoT را با راهکارهای موجود مشاهده شده در متون انطباق داده و با جدول نشان می دهیم. مهمتر از همه، بحث می کنیم که چگونه بلاک چین که تکنولوژی مبنا برای بیت کوین می باشد، می تواند محرک اصلی در حل بسیاری از مسائل امنیتی IoT باشد. این مقاله همچنین مسائل تحقیقاتی موجود و چالش های مربوط به امنیت IoT را شناسایی و بررسی می کند.
مقاله ترجمه شده
7 Security challenges with network functions virtualization
چالش های امنیتی با توابع شبکه مجازی سازی -2017
The advent of network functions virtualization (NFV) has revolutionized numerous network-based applications due to its several benefits such as flexibility, manageability, scalability, and security. By the software-based virtualization of network functions on a single infrastructure, NFV provides users with a framework that dynamically provisions various network services in a flexible manner. However, NFV faces several security challenges (e.g., multi-tenancy and live migration) which make it vulnerable to some cybersecurity attacks (e.g., side-channel attacks and shared resource misuse attacks). In this paper, we provide an overview of NFV, discuss potentially serious security threats on NFV and introduce effective countermeasures to mitigate those threats. Finally, we suggest some practical solutions to provide a trustworthy platform for NFV.
Keywords: Network functions virtualization | Network security | Virtualized network function | Security threats
مقاله انگلیسی
8 Genetic algorithm based bacterial foraging optimization with three-pass protocol concept for heterogeneous network security enhancement
الگوریتم ژنتیک مبتنی بر بهینه سازی نگهداری باکتری ها با مفهوم پروتکل سه گذر برای افزایش امنیت شبکه های ناهمگن-2017
Article history:Received 10 January 2017Received in revised form 22 March 2017 Accepted 28 March 2017Available online xxxKeywords:Mobile Ad-hoc Network (MANET) Security protocolGenetic algorithmBacterial foraging optimization Three-pass protocol conceptMost of the currently available Heterogeneous protocols operate on the basis of reliable and secured com- munication environment. These protocols are vulnerable to modern intruding techniques that include different types of raised attacks. Routing attacks are very atrocious because of the dynamic nature of heterogeneous network Routing as well as member nodes with different Computational powers. Het- erogeneous Network architectures plays a vital role in modern world communication that is virtually all communications and secret resource transactions are widely depending on the heterogeneous net- work architecture. GABFO has been concerned to optimize the parameters in the dynamic nature of environment for update itself by its genitival processes.TPP can afford high security, without exchange of mean value. The combination of both GABFOTPP ensures high security against attacks and leads best Qos improvement. The Planned work is an effort to improve the existing security of the heterogeneous net- work routing protocols, using Genetic Algorithm based Bacterial Foraging Optimization (GA-BFO) with Three-pass protocol concept against different types of attacks and it can be most useful in secured IoT Communication.© 2017 Published by Elsevier B.V.
Keywords:Mobile Ad-hoc Network (MANET) | Security protocol | Genetic algorithm | Bacterial foraging optimization | Three-pass protocol concept
مقاله انگلیسی
9 رویکرد رمزنگاری هوشمند برای امنیت ذخیره سازی داده های بزرگ توزیع شده در محاسبات ابری
سال انتشار: 2017 - تعداد صفحات فایل pdf انگلیسی: 13 - تعداد صفحات فایل doc فارسی: 28
پیاده سازی محاسبات ابری مسیرهای زیادی را برای خدمات مبتنی بر وب که با درخواستهای گوناگون روبرو هستند، به وجود آورده است.اگرچه امنیت داده و حفظ حریم خصوصی به مباحث مهمی تبدیل شده اند که محدودیتهایی برای برنامه های ابری به وجود آورده اند.یکی از نگرانی های مهم در امنیت و حفظ حریم خصوصی نتیجه این حقیقت است که اپراتورهای ابری می توانند به داده های حساس دسترسی پیدا کنند.این مسئله باعث نگرانی کاربران شده و وفق پذیری محاسبات ابری را در بسیاری از زمینه ها مانند صنعت اقتصادی و آژانس های دولتی کاهش داده است. این مقاله بر روی این موضوع تمرکز می کند و یک روش هوشمند رمزنگاری ارائه داده است که با آن اپراتورهای سرویس ابری نمی توانند مستقیما داده های جزئی را به دست بیاورند.روش ارائه شده فایلها و محل هایی که داده های توزیع شده ابری در آن ذخیره شده اند را به بخش هایی تقسیم میکند.یک راه حل دیگر طراحی شده است تا مشخص کند که بسته های داده به چه صورت نیاز به شکسته شدن دارند تا زمان عملیات را کوتاه کند.روش ارائه شده مدل موثر ذخیره سازی توزیع شده آگاه از امنیت (SA-DES) نامیده می شود که توسط الگوریتم های ما نیز ساپورت می شود،شامل الگوریتم جایگزین توزیع داده(AD2) الگوریتم توزیع موثر داده امن (SED2) و الگوریتم تلفیق داده موثر (EDCON) .ارزیابی نتایج آزمایشگاهی ما کارایی امنیت و موثر بودن را تایید میکند و نشان میدهد که روش ما از تهدیدهای ابری ممانعت میکند و با زمان قابل قبولی برای محاسبات نیاز دارد.
کلمات کلیدی: رمزنگاری هوشمند | امنیت شبکه | ذخیره سازی توزیع شده انبوه | محاسبات ابری | داده های بزرگ
مقاله ترجمه شده
10 Network security assessment using a semantic reasoning and graph based approach
ارزیابی امنیت شبکه با استفاده از استدلال معنایی و رویکرد مبتنی بر گراف-2017
Owing to the high value of business data, sophisticated cyber-attacks targeting enterprise networks have become more prominent, with attackers trying to penetrate deeper into and reach wider from the compromised machines. An important security requirement is that domain experts and network administrators have a common vocabulary to share security knowledge and quickly help each other respond to new threats. We propose an innovative ontology and graph-based approach for security assessment. An ontology is designed to represent security knowledge such as that of assets, vulnerabilities, and attacks in a com mon form. Using the inference abilities of the ontological model, an efficient system frame work is proposed to generate attack graphs and assess network security. The performance of the proposed system is evaluated on test networks of differing sizes and topologies.
Keywords: Network security | Security ontology | Attack graph | Semantic reasoning
مقاله انگلیسی
rss مقالات ترجمه شده rss مقالات انگلیسی rss کتاب های انگلیسی rss مقالات آموزشی