جستجوی مقالات مرتبط با کلیدواژه « network security » در نشریات گروه « فناوری اطلاعات »

The expansion of Internet technologies during the last decades has led to the dependence of user’s activities in cyberspace on services provided by computer networks. One of the most important services is Intrusion Detection System (IDS) which controls network traffic for detecting abnormal behavior as well as anomaly activities. The robustness of the IDS is considered as an essential issue in the networks. In this paper, a brand new model based on meta-heuristic algorithms is projected to detect abnormal packets. In order to develop a high-performance strategy, a benchmark dataset (NSL-KDD), high-accuracy feature selection method and four meta-heuristic algorithms are employed. The dataset consists of 150490 normal and abnormal packets which are captured from a military network connection, and 16 most important features are extracted among 41 features using wrapper feature selection method. The mentioned feature selection method uses the naïve-bayesian approach to evaluate feature subsets. After the feature selection process, four meta-heuristic algorithms are utilized to detect the anomalies in network. The parameters of the cost function (a combination of non-linear regression and sigmoid) are optimized using meta-heuristic algorithms. The experimental results show that the imperialist competitive algorithm (ICA) outperforms other implemented meta-heuristic algorithms in terms of accuracy.

The Internet of Things (IoT) has gained significant attention in recent years, with the proliferation of connected devices and the need for efficient data transfer in IoT networks. Software-Defined Networking (SDN) has emerged as a promising solution to address the challenges of network management and optimization in IoT environments. This paper presents a comparative study of data transfer in SDN network architecture in IoT, focusing on the benefits, challenges, and future perspectives of integrating SDN and IoT. Given the crucial role of security in IoT, this paper seeks to access a secure architecture for computer networks to provide a solution for security challenges. To achieve this, a comparative analysis of two SDN architectures is conducted in this research. We have utilized the Miniedit software, which serves as a laboratory for software-defined networks, to implement and simulate these SDN architectures. The results of this study are based on a comparison of the two secure architectures using DITG tables. This comparative study offers valuable insights into the integration of SDN in IoT network architecture and its influence on data transfer.

 Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly engage in forbidden activities, while TLS (Transport Layer Security) protocols allow encrypted communication between client and server in the context of Internet provides. Methods of analyzing traffic behavior do not depend on payloads. This means that they can work with encrypted network communication protocols. Traffic behavior analysis methods do not depend on package shipments, which means they can work with encrypted network communication protocols. Hence, the analysis of TLS and HTTP traffic behavior has been considered for detecting malicious activities. Because of the exchange of information in the network context is very high and the volume of information is very large, storing and indexing of this massive data require a Big data platform.

One of the serious threats to cyberspace is the Bot networks or Botnets. Bots are malicious software that acts as a network and allows hackers to remotely manage and control infected computer victims. Given the fact that DNS is one of the most common protocols in the network and is essential for the proper functioning of the network, it is very useful for monitoring, detecting and reducing the activity of the Botnets. DNS queries are sent in the early stages of the life cycle of each Botnet, so infected hosts are identified before any malicious activity is performed. Because the exchange of information in the network environment and the volume of information is very high, Storing and indexing this massive data requires a large database. By using the DNS traffic analysis, we try to identify the Botnets. We used the data generated from the network traffic and information of known Botnets with the Splunk platform to conduct data analysis to quickly identify attacks and predict potential dangers that could arise. The analysis results were used in tests conducted on real network environments to determine the types of attacks. Visual IP mapping was then used to determine actions that could be taken. The proposed method is capable of recognizing known and unknown Bots.

Intrusion Detection System is one of the most important security features of modern computer networks that can detect network penetration through a series of functions. This system is independently used (e.g. Snort) or with various security equipment (such as Antivirus, UTM, etc.) on the network and detects an attack based on two techniques of abnormal detection and signature-based detection. Currently, most of the researches in the field of intrusion detection systems have been done based on abnormal behavior using a variety of methods including statistical techniques, Artificial Intelligence (AI), data mining, and machine learning. In this study, we can achieve an effective accuracy using a candidate class of the KDD dataset and deep learning techniques.

In the field of computer networks, the introduction of SDN has been associated with new concepts. In SDN networks, control plane is separated from the data palne. Traditional networks suffer from difficult configuration and management. In other words, a change in the network needs to be configured on the whole equipment. With the introduction of SDN, various modules can be designed and run in controller in order to perform expected policies and rules on all switches. One of the areas of network management is to deal with cyber-attacks. In SDN networks, security modules can be designed to run in the controller and generate rules on switches. Due to the importance of intranets, this paper aimed to detect and prevent ARP poisoning attack on LAN. The tests in a LAN showed that the module can detect the ARP poisoning attack and block the attacker operation.

Service Availability is important for any organization. This has become more important with the increase of DoS attacks. It is therefore essential to assess the threat on service availability. We have proposed a new model for threat assessment on service availability with a data fusion approach. We have selected three more important criteria for evaluating the threat on service availability and used anomaly detection algorithms to evaluate the network behavior. Anomaly of each parameter over time was measured based on its past behavior. The results of each algorithm were aggregated using the order weighted average (OWA) and finally using fuzzy inference system (FIS), threat has been calculated. We have evaluated our proposed model with data from a web server monitoring. The results show that it can provide network administrator with useful information about the status of service availability and help them to reduce threats and losses due to their actual activation.

This paper presents a new and efficient implementation approach for the elliptic curve cryptosystem (ECC) based on a novel finite field multiplication in GF(2m) and an efficient scalar multiplication algorithm. This new finite field multiplication algorithm performs zero chain multiplication and required additions in only one clock cycle instead of several clock cycles. Using modified (limited number of shifts) Barrel shifter; the partial result is also shifted in one clock cycle instead of several clock cycles. Both the canonical recoding technique and the sliding window method are applied to the multiplier to reduce the average number of required clock cycles. In the scalar multiplication algorithm of the proposed implementation approach, the point addition and point doubling operations are computed in parallel. The sliding window method and the signed-digit representation are also used to reduce the average number of point operations. Based on our analysis, the computation cost (the average number of required clock cycles) is effectively reduced in both the proposed finite field multiplication algorithm and the proposed implementation approach of ECC in comparison with other ECC finite field multiplication algorithms and implementation approaches.