Browsing by Browse by SEO 2020 "220405 Cybersecurity"

Many believe that data mining poses the biggest privacy challenge in the next decade. In this paper we concentrate on threats to privacy arising from the possibility of combining aggregate data to deduce the confidential individual values. We determine the maximum number of sum totals that can be disclosed without leading to a 2-compromise in a 1-dimensional database for range queries.

In this work, we proposed Software Defined Networking (SDN) based access control techniques for preventing unauthorised access to traffic flows in secure networks. We have developed an Access Control Application (ACA) for the SDN Controller for differentiating the flow requests from the user/devices that are classified at different security levels and configuring the routes with physical or virtual separation between the flows. This separation of flows makes it difficult for the malicious users with lower security clearance to access the flows that belong to the users with higher security clearance. Hence, our work significantly minimises the attack surface in secure environments. We will also discuss the prototype implementation of our model and some performance characteristics.

Advancing cybersecurity for digital transformation provides opportunities and challenges. Many enterprises are accelerating the digital transformation to reach their customers, suppliers, and other parties over the internet; at the same time cybersecurity has become a serious concern. Cyberattacks have exponentially increased globally. While digital transformation makes the business process more efficient and effective, and increased cyberattacks pose obstacles, threats, and risks on the way. Cyberattacks consist of different types such as political, financial, accessing private and confidential information, ransomware, identity theft, destruction to essential infrastructure and public utilities such as energy, water, telecommunication, transportation, health, and others. This chapter presents case analysis from recent cyberattacks to show the scale, size, and type of impacts within and outside the enterprise. Newer technologies to counter cyberattacks are introduced such as quantum computing, nanotechnologies, artificial intelligence, blockchain that have the capabilities to eliminate cyberattacks.

In software-defined networks, policy-based security management or architecture (PbSA) is an ideal way to dynamically control the network. We observe that on the one hand, this enables security capabilities intelligently and enhance fine-grained control over end user behavior. But, on the other hand, dynamic variations in network, rapid increases in security attacks, geographical distribution of nodes, complex heterogeneous networks, and so on have serious effects on the performance of PbSAs. These affect the flow specific quality of service requirements with further degradation of the performance of the security context. Hence, in this letter, PbSA's performance is evaluated. The key factors including a number of rules, rule-table size, position of rules, flow arrival rate, and CPU utilization are examined, and found to have considerable impact on the performance of PbSAs.

Weconsider the following combinatorial problem: given an n x m {0,1}-matrix M, find a minimum cardinality set S of mergings between neighboring rows or columns that yields an all-zeros matrix. Here, merging means performing a component-wise AND operation. We prove that this NP-hard minimization problem is factor-2-approximable by relating it to the VERTEX COVER problem on bipartite graphs.

Software Defined Networking (SDN) is disruptive networking technology which adopts a centralised framework to facilitate fine-grained network management. However security in SDN is still in its infancy and there is need for significant work to deal with different attacks in SDN. In this paper we discuss some of the possible attacks on SDN switches and propose techniques for detecting the attacks on switches. We have developed a Switch Security Application (SSA)for SDN Controller which makes use of trusted computing technology and some additional components for detecting attacks on the switches. In particular TPM attestation is used to ensure that switches are in trusted state during boot time before configuring the flow rules on the switches. The additional components are used for storing and validating messages related to the flow rule configuration of the switches. The stored information is used for generating a trusted report on the expected flow rules in the switches and using this information for validating the flow rules that are actually enforced in the switches. If there is any variation to flow rules that are enforced in the switches compared to the expected flow rules by the SSA, then, the switch is considered to be under attack and an alert is raised to the SDN Administrator. The administrator can isolate the switch from network or make use of trusted report for restoring the flow rules in the switches. We will also present a prototype implementation of our technique.

This paper presents a novel feature learning model for cyber security tasks. We propose to use Auto-encoders (AEs), as a generative model, to learn latent representation of different feature sets. We show how well the AE is capable of automatically learning a reasonable notion of semantic similarity among input features. Specifically, the AE accepts a feature vector, obtained from cyber security phenomena, and extracts a code vector that captures the semantic similarity between the feature vectors. This similarity is embedded in an abstract latent representation. Because the AE is trained in an unsupervised fashion, the main part of this success comes from appropriate original feature set that is used in this paper. It can also provide more discriminative features in contrast to other feature engineering approaches. Furthermore, the scheme can reduce the dimensionality of the features thereby signicantly minimising the memory requirements. We selected two different cyber security tasks: networkbased anomaly intrusion detection and Malware classication. We have analysed the proposed scheme with various classifiers using publicly available datasets for network anomaly intrusion detection and malware classifications. Several appropriate evaluation metrics show improvement compared to prior results.

Software Defined Networking (SDN) is considered as a new approach promising simplified network management by providing a programmable interface. The idea of SDN is based on the separation of control plane from the data plane in networking devices. This is achieved by having the network intelligence centralised in what is called as SDN controller. In this paper we propose techniques for botnet detection in networks using SDN. The SDN controller makes use of generic templates for capturing the traffic flow information from the OpenFlow switches and makes use of this information for detecting bots. We will show that our model can detect a range of bots including IRC, HTTP and peer-to-peer bots.

Let A be a K-dimensional matrix of size d₁ × … × d_k. By a contiguous submatrix B of A we understand the matrix B = {a_i1…i_k}, i_l … i_k ϵ I_l × … × l_k, where I_s is an interval, I_s ⊂ {l, …, d_s, s = l, …, k. For a contiguous submatrix B we denote by SUM(B) the sum of all elements of B. The following question has been raised in connection with the security of statistical databases. What is the largest family B of contiguous submatrices of A so that knowing the value of SUM(B) for all B in B does not enable one to calculate any of the elements of A? In this paper we show that, for all k, the largest set B is uniquely determined and equals the set of all contiguous submatrices with an even number of elements of A.

This paper proposes security techniques for counteracting attacks from malicious end hosts in a software defined networking (SDN) environment. This paper describes the design of a security architecture, which comprises a security management application running in the SDN controller for specifying and evaluating security policies, and security components in the switches for enforcing these security policies on network flows. Our proposed security solution helps to detect the attacking end hosts even before the flow requests from the malicious end hosts are forwarded to the SDN controller. Furthermore, if the end hosts become malicious after the interactions with the SDN controller and generate attacks in the data plane, then our architecture has mechanisms to address these attacks that occur after the establishment of routes by the SDN controller. The domain wide network visibility of the SDN controller enables our security architecture to achieve dynamic management of the security policies. The enforcement of security policies in the data plane is tailored to the functionality available in the network switches, making the proposed security solution practical. We describe the implementation of the proposed security architecture and analyze its security and performance characteristics. We also discuss the advantages of the proposed security architecture over existing solutions.

The recent proliferation of data mining tools for the analysis of large volumes of data has paid little attention to individual privacy issues. Here, we introduce methods aimed at finding a balance between the individuals' right to privacy and the data-miners' need to find general patterns in huge volumes of detailed records. In particular, we focus on the data-mining task of classification with decision trees. We base our security-control mechanism on noise-addition techniques used in statis tical databases because (1) the multidimensional matrix model of statistical databases and the multidimensional cubes of On-Line Analytical Processing (OLAP) are essentially the same, and (2) noise-addition techniques are very robust. The main drawback of noise addition techniques in the context of statistical databases is low statistical quality of released statistics. We argue that in data mining the major requirement of security control mechanism (in addition to protect privacy) is not to ensure precise and bias-free statistics, but rather to preserve the high-level descriptions of knowledge constructed by artificial data mining tools.

Intrusion detection is one of the important security problems in todays cyber world. A significant number of techniques have been developed which are based on machine learning approaches. However, they are not very successful in identifying all types of intrusions. In this paper, a detailed investigation and analysis of various machine learning techniques have been carried out for finding the cause of problems associated with various machine learning techniques in detecting intrusive activities. Attack classification and mapping of the attack features is provided corresponding to each attack. Issues which are related to detecting low-frequency attacks using network attack dataset are also discussed and viable methods are suggested for improvement. Machine learning techniques have been analyzed and compared in terms of their detection capability for detecting the various category of attacks. Limitations associated with each category of them are also discussed. Various data mining tools for machine learning have also been included in the paper. At the end, future directions are provided for attack detection using machine learning techniques.

Data mining is a powerful tool for information discovery from huge datasets. Various sectors, including commercial, government, financial, medical, and scientific, are applying data mining techniques on their datasets that typically contain sensitive individual information. During this process the datasets get exposed to several parties, which can potentially lead to disclosure of sensitive information and thus to breaches of privacy. Several data mining privacy preserving techniques have been recently proposed. In this paper we focus on data perturbation techniques, i.e., those that add noise to the data in order to prevent exact disclosure of confidential values. Some of these techniques were designed for datasets having only numerical non-class attributes and a categorical class attribute. However, natural datasets are more likely to have both numerical and categorical non-class attributes, and occasionally they contain only categorical attributes. Noise addition techniques developed for numerical attributes are not suitable for such datasets, due to the absence of natural ordering among categorical values. In this paper we propose a new method for adding noise to categorical values, which makes use of the clusters that exist among these values. We first discuss several existing categorical clustering methods and point out the limitations they exhibit in our context. Then we present a novel approach towards clustering of categorical values and use it to perturb data while maintaining the patterns in the dataset. Our clustering approach partitions the values of a given categorical attribute rather than the records of the datasets; additionally, our approach operates on the horizontally partitioned dataset and it is possible for two values to belong to the same cluster in one horizontal partition of the dataset, and to two distinct clusters in another partition. Finally, we provide some experimental results in order to evaluate our perturbation technique and to compare our clustering approach with an existing method, the so-called CACTUS.

Digitalisation of social services by government agencies has been one of the core themes for innovation in recent times as well as during the COVID-19 pandemic. Governments and different agencies involved in the development and delivery of social services are increasingly moving to the digital platform to innovate and reach vast numbers of people spread across vast geographic regions, which have resulted in cost savings and better social services management, and better use of agencies resources. However, it's not clear how the customers perceive digital social services, the level of skills required, and the level of engagement needed for interacting with digital social services, and many other issues that are studied in this chapter. Innovation is a key primary driver to develop digital social services and understanding the process requires a deeper understanding of technical (e.g., digital technologies) and non-technical (e.g., people) issues that have been presented in this study.

This thesis addresses the challenge of discovering and designing critical components within lightweight cryptographic primitives to enhance security against advanced cryptographic attacks. Emphasising the significant role of S-Boxes in symmetric cryptography, the research investigates optimised design and integration strategies to elevate both security and efficiency within constrained environments. Through a detailed examination of cryptographic systems, cryptanalysis strategies, and studying many lightweight cryptographic algorithms, this work lays a foundation for understanding the needs to enhance the security and efficiency in lightweight cryptographic environments.

The core investigation focuses on utilising evolutionary algorithms, specifically memetic and genetic search algorithms, to discover and optimise Substitution Boxes (S-Boxes). To validate our approach, we replicated a study that introduced the concept of "Golden S-Boxes", which exhibit superior properties essential for robust cryptographic functions. This thesis demonstrates how these evolutionary algorithms navigate extensive search spaces to discover S-Boxes that meet stringent security requirements with efficient performance which can then be integrated into lightweight cryptographic systems. Our approach successfully replicated the discovery of 4x4 Golden S-Boxes, and we enhance the algorithm to support all S-Box sizes.

Our code provides specific properties selected to find candidate S-Boxes that balance between security considerations and suitability for use in lightweight environments. While our code currently considers only linear equivalent S-Boxes, it can be updated to include other variations. Additionally, our code is open-source, allowing for further customisation and improvement by the community. Although we do not offer customisable properties based on size, the code can be adjusted to generate S-Boxes of any size, and users can add or omit properties and fine-tune parameters as needed. For instance, we present a 5x5 candidate S-Box, similar in size and properties to the one used in the ASCON cryptographic standard.

The approach in this research apply both the theory and practice of lightweight cryptographic methods. The methods developed offer a scalable way to enhance cryptographic strength, showing clear improvements in security and efficiency for modern applications, particularly in lightweight environments.

With the far-reaching global impact of the COVID-19 pandemic, the demand and the necessity for digital enterprise transformation have accelerated exponentially. Management and strategies for the adoption and wider usage of newer digital technologies for the transformation of an enterprise through digital tools such as real-time video communications have shown that people no longer need to be required to be physically present in the same place; rather, they can be geographically dispersed. Technologies such as artificial intelligence, cloud computing, digital banking, and cloud data have taken over tasks that were initially done by human hands and have increased both the automation and efficiency of tasks and the accessibility of information and services. Inclusion of all these newer technologies has shown the fast pace at which the digital enterprise transformation is rapidly evolving and how new ecosystems are reshaping the digital enterprise model.

Disruptive Technology and Digital Transformation for Business and Government presents interesting research on digital enterprise transformation at different stages and across different settings within government and industry, along with key issues and deeper insights on the core problems and developing solutions and recommendations for digital enterprise transformation. The chapters examine the three core leaders of transformation: the people such as managers, employees, and customers; the digital technology such as artificial intelligence and robotics; and the digital enterprise, including the products and services being transformed. They unravel the underlying process for management and strategies to fully incorporate new digital tools and technologies across all aspects of an enterprise undergoing transformation. This book is ideally intended for managers, executives, IT consultants, business professionals, government officials, researchers, students, practitioners, stakeholders, academicians, and anyone else looking to learn about new developments in digital enterprise transformation of business systems from a global perspective.

Cognitive radio (CR) can improve the utilization of the spectrum by making use of licensed spectrum in an opportunistic manner. The sensing reports from all the CR nodes are sent to a Fusion Centre (FC) which aggregates these reports and takes decision about the presence of the PU, based on some decision rules. Such a collaborative sensing mechanism forms the foundation of any centralised CRN. However, this collaborative sensing mechanism provides more opportunities for malicious users (MUs) hiding in the legal users to launch spectrum sensing data falsification (SSDF) attacks. In an SSDF attack, some malicious users intentionally report incorrect local sensing results to the FC and disrupt the global decision-making process. To mitigate SSDF attacks, an Eclat algorithm based detection strategy is proposed in this paper for finding out the colluding malicious nodes. Simulation results show that the sensing performance of the scheme is better than the traditional majority based voting decision in the presence of SSDF attacks.

Intrusion Detection System is one of the challenging research areas in Cloud Security. Security incidents such as Denial of service, scanning, malware code injection, virus, worm and password cracking are becoming common in cloud environment. These attacks can become a threat to the reputation of the company and can also cause financial loss if not detected on time. Hence securing the cloud from these types of attacks is very important. In this paper, we have proposed techniques to secure cloud environment by incorporating some of the efficient approaches in intrusion detection. We have focused on two major issues in IDS: efficient detection mechanism and speed of detection. We have proposed approaches to tackle these issues using Machine Learning and parallelization. We have also provided security frameworks to demonstrate how these approaches will be deployed in Cloud Environment. A preliminary analysis was conducted for some of the approaches and results are promising.

We introduce the notion of the L-core of a graph what enables a simple description of some properties of the eigenspace of the eigenvalue-2 in generalized line graphs and an elegant formulation of the solution of a problem in the security of data in statistical databases.

As organizations continue to move towards digital enterprise, the need for digital transformation continues to grow especially due to the COVID-19 pandemic. These impacts will last far into the future, as newer digital technologies continue to be accepted, used, and developed. These digital tools will forever change the face of business and management. However, on the road to digital enterprise transformation there are many successes, difficulties, challenges, and failures. Finding solutions for these issues through strategic thinking and identification of the core issues facing the enterprise is of primary concern. This means modernizing management and strategies around the digital workforce and understanding digital business at various levels. These key areas of digitalization and global challenges, such as those during or derived from the pandemic, are new and unique; They require new knowledge gained from a deep understanding of complex issues that have been examined and the solutions being discovered.

Emerging Challenges, Solutions, and Best Practices for Digital Enterprise Transformation explores the key challenges being faced as businesses undergo digital transformation. It provides both solutions and best practices for not only handling and solving these key issues, but for becoming successful in digital enterprise. This includes topics such as security and privacy in technologies, data management, information and communication technologies, and digital marketing, branding, and commerce. This book is ideal for managers, business professionals, government, researchers, students, practitioners, stakeholders, academicians, and anyone else looking to learn about new developments in digital enterprise transformation of business systems from a global perspective.

Sensor networks are ad-hoc mobile networks that include sensor nodes with limited computational and communication capabilities. They have become an economically viable monitoring solution for a wide variety of applications. Obviously, it is important to ensure security and, taking into account limited resources available in wireless sensor networks, the use of symmetric cryptography is strongly recommended. In this paper we present a light-weight authentication model for wireless sensor networks composed of a key management and an authentication protocol. It is based on simple symmetric cryptographic primitives with very low computational requirements, and it achieves better results than other similar proposals in the literature. Compared to SPINS and BROSK protocols, our system can reduce energy consumption by up to 98% and 67% respectively. It also scales well with the size of the network, due to it only requiring one interchanged message, regardless of the total number of nodes in the network.

The botnet is a group of hijacked computers, which are employed under command and control mechanism administered by a botmaster. Botnet evolved from IRC based centralized botnet to employing common protocols such as HTTP with decentralized architectures and then peer-to-peer designs. As Botnets have become more sophisticated, the need for advanced techniques and research against botnets has grown. In this paper, we propose techniques to detect botnets by analysing network traffic flows. We developed templates for capturing traffic flows with more relevant attributes for botnet detection. Also we make use of the IPFIX standard for the specification of the templates. Hence our techniques can be used to detect different bot families with lesser overheads and are vendor neutral.

The motivation for this work comes from a security problem of statistical databases: In a database of n records, given k SUM queries, is it possible to answer all of them, plus another (\2)) —k distinct SUM queries, in such a way that no individual value from the database is revealed?

The corresponding mathematical problem (stated in terms of certain extensions of 0-1 matrices) is known to be NP-complete in general. We show that it remains NP-complete even when restricted to the case when each query involves four records and each record is in at most three queries. On the other hand, we identify certain cases in which the problem is solvable in polynomial time. The case when every record is contained in at most two of the given k queries is studied in detail from the graph-theoretic point of view.

The explosion of computer, networking and mobile technologies has invigorated threats to individual privacy. Both public and private sectors now have the capacity not only to collect and store extraordinary amounts of personal data, but also to monitor and record people's activities. Many emerging applications require anonymity for their successful execution, including electronic voting, anonymous e-mail, e-commerce and private information retrieval.

This Special Collection consists of extended and/or reworked versions of selected papers presented at the Australasian Information Security Workshop (Privacy Enhancing Technologies) 2007, and at the Australasian Information Security Conference 2008. These two conferences received a total of 50 submissions, 21 of which were accepted and presented. We invited the authors of the top 50% conference papers to extend their work and submit it for publication in the JRPIT Special Collection on Privacy and Cryptography. We conducted another refereeing process, and out of the ten submissions received we accepted four high quality papers for the Special Collection on Privacy and four for this Special Collection on Security.

Cybersecurity has been gaining serious attention and recently has become an important topic of concern for organizations, government institutions, and largely for people interacting with digital online systems. As many individual and organizational activities continue to grow and are conducted in the digital environment, new vulnerabilities have arisen which have led to cybersecurity threats. The nature, source, reasons, and sophistication for cyberattacks are not clearly known or understood, and many times invisible cyber attackers are never traced or can never be found. Cyberattacks can only be known once the attack and the destruction have already taken place long after the attackers have left. Cybersecurity for computer systems has increasingly become important because the government, military, corporate, financial, critical infrastructure, and medical organizations rely heavily on digital network systems, which process and store large volumes of data on computer devices that are exchanged on the internet, and they are vulnerable to "continuous" cyberattacks. As cybersecurity has become a global concern, it needs to be clearly understood, and innovative solutions are required.

The Handbook of Research on Advancing Cybersecurity for Digital Transformation looks deeper into issues, problems, and innovative solutions and strategies that are linked to cybersecurity. This book will provide important knowledge that can impact the improvement of cybersecurity, which can add value in terms of innovation to solving cybersecurity threats. The chapters cover cybersecurity challenges, technologies, and solutions in the context of different industries and different types of threats. This book is ideal for cybersecurity researchers, professionals, scientists, scholars, and managers, as well as practitioners, stakeholders, researchers, academicians, and students interested in the latest advancements in cybersecurity for digital transformation.

Web based applications are very common nowadays where almost every software can be accessible through a web browser in one form or the other. This paper proposes techniques to detect different threats related to web applications by using a hypervisorbased security architecture. The proposed architecture leverages the hypervisor's visibility of the virtual machines' runtime state and traffic flows for securing the web application. The unique feature of the proposed architecture is that it is capable of doing fine granular detection of web application attacks, i.e. to the specific web page level, and protecting the application against zero-day attacks.

Modern society heavily depends on wireless spectrum for communication purposes. With the rapid increase in mobile devices and Internet of Things (IoT), the need for wireless spectrum has grown dramatically resulting in the limited available spectrum becoming a constrained resource. To remedy this spectrum scarcity, cognitive radio (CR) was proposed as an efficient and opportunistic use of the frequency spectrum in order to increase spectral efficiency. However dynamic sharing of the spectrum between multiple users poses several significant challenges in security and trust. In this paper, we focus on primary user emulation (PUE) attacks in cognitive radio networks (CRNs). We propose a new scheme that we believe could be useful in practice to achieve an improved PUE attack detection in CRNs. The scheme combines energy detection and localization. One of the distinguishing features of the proposed scheme is that instead of detecting received energy level with a single threshold for a secondary user (SU), multiple thresholds have been used for each SU and the global decision is concluded by the majority of participating SUs. Furthermore, in cases where the primary users (PUs) are stationary and their coordinates are already known to SUs, we have combined our improved energy detection with a TDOA localization scheme for detecting PUE attacks. Our simulation results show that this scheme increases the level of accuracy in detecting PUE attacks.

Internet, cellular and cyber technologies have opened up a wealth of opportunities for learning, exploration, and social and public engagement by children and young people. However, such benefits are not without their dangers, and much has been made of the extant and potential hazards of such technologies.

Most commonly relating to young people, these dangers take the form of what is commonly known as cyber bullying.

In this paper, we introduce an integrated security architecture that combines TPM based trust management with hypervisor level access control and intrusion detection system to provide a holistic approach for securing services hosted in virtualised environments. We describe the implementation of the security architecture in detail and demonstrate the functionality of the proposed architecture for different attack scenarios. Our architecture is able to perform dynamic attack detection and update the security policies to protect the services from the identified threats. The proposed integrated security architecture can be easily adopted to be used in cloud and distributed virtualised environments.

Statistical database security deals with the problem of protecting the confidentiality of individual records used for statistical analysis. This problem has been investigated since early '70s, but has recently been escalated by both recent technological advances that have enabled masive data collection and processing, and social awarnes and sensitivity to privacy issues. This paper provides an introduction to the problem of statistical database security. It describes an abstract statistical database model, security concepts as well as existing control techniques. Special attention is payed to maximising the amount of statistics available from the database, while keeping the database secure.

Security is of paramount importance in this new era of on-demand Cloud Computing. Researchers have provided a survey on several intrusion detection techniques for detecting intrusions in the cloud computing environment. Most of them provide a discussion over traditional misuse and anomaly detection techniques. Virtual Machine Introspection (VMI) techniques are very helpful in detecting various stealth attacks targeting user-level and kernel-level processes running in virtual machines (VMs) by placing the analyzing component outside the VM generally at hypervisor. Hypervisor Introspection (HVI) techniques ensure the hypervisor security and prevent a compromised hypervisor to launch further attacks on VMs running over it. Introspection techniques introspect the hypervisor by using hardware-assisted virtualization-enabled technologies. The main focus of our paper is to provide an exhaustive literature survey of various Intrusion Detection techniques proposed for cloud environment with an analysis of their attack detection capability. We propose a threat model and attack taxonomy in cloud environment to elucidate the vulnerabilities in cloud. Our taxonomy of IDS techniques represent the state of the art classification and provides a detailed study of techniques with their distinctive features. We have provided a deep insight into Virtual Machine Introspection (VMI) and Hypervisor Introspection (HVI) based techniques in the survey. Specific research challenges are identified to give future direction to researchers. We hope that our work will enable researchers to launch and dive deep into intrusion detection approaches in a cloud environment.

Nowadays huge amount of data is regularly being collected for various purposes by organizations and companies, including business, government departments, and medical service providers. Data mining techniques are often used on these gigantic datasets to discover previously hidden information. Upon release of these datasets for data mining, individual sensitive and delicate information is at high risk of being exposed to unauthorised disclosure. Due to the growing public concern about privacy, many control techniques have been proposed to protect confidentiality of individual information. Some of these techniques involve perturbing datasets by adding a noise to data in some controlled fashion. The effectiveness of such techniques is typically evaluated by measuring the security and data quality of perturbed dataset. In this paper we experimentally evaluate the data quality by comparing the prediction capability of decision trees and neural networks, built from original and perturbed datasets. We then compare this evaluation technique to the one that uses logic rules associated with the decision tree classifiers.

Future network innovation lies in software defined networking (SDN). This innovative technology has revolutionised the networking world for half a decade and contributes to transform legacy network architectures. This transformation blesses the networking world with improved performance and quality of service. However, security for SDN remains an afterthought. In this paper we present a detailed discussion of some of the attacks possible in SDN and techniques to deal with the attacks. The threat model will consider some significantly vulnerable areas in SDN which can lead to severe network security breaches. In particular, we describe different attacks such as attacks on the Controller, attacks on networking devices, attacks exploiting the communication links between the control plane and the data plane and different types of topology poisoning attacks. We then propose techniques to deal with some of the attacks in SDN. We make use of northbound security application on the Controller and OpenFlow agents in the networking devices for enforcing security policies in the data plane. The security application is used for specification and storage of the security policies and to make decisions on the enforcement of security policies to deal with different types of attacks. We will describe the prototype implementation of our approach using ONOS Controller and demonstrate its effectiveness against different types of attacks.

Since electronic cash was first introduced by David Chaum in 1982, a number of electronic cash systems have been proposed. Some of the systems are directly targeted at the Internet, whose widespread use has made it a seemingly ideal infrastructure for a global consumer marketplace. On the Internet, online protocols, that is protocols where payments are verified in real time over the network, provide a good way of implementing electronic payment infrastructure. The key proposals for such a system are the online electronic cash system based on Chaum’s Blind Signature technology, such as ecash, and NetCash. In this paper, we propose an online cash system for the Internet that is using a simple new set of protocols. “It provides some features of the blind signature based electronic cash system by Chaum, as well as some features of NetCash. At the same time, it overcomes some of the shortcomings of the NetCash system and accomplishes anonymity with receipts for the payer, without the use of blind signature technology.

In recent years advances in technology facilitated collection and storage of vast amount of data. Many organizations, including large and small businesses, and hospitals and government bodies rely on data for day-to-day operation as well as marketing, planning and research purposes. Examples include criminal records used by law enforcement and national security agencies, medical records used for treatment and research purposes and shopping records used for marketing and enhancing business strategies. The benefits of the information extracted from such data can hardly be overestimated. For example, we are witnessing huge progress made in the human genetic project bringing new promises of previously unimaginable treatments such as gene therapy.

Today we are living in the era of Cloud Computing where services are provisioned to users on demand and on a pay-per-use basis. On oneside, Cloud Computing has made things easier but it has also opened new doors for cyber attackers. In this paper, we propose an efficient security architecture named as NvCloudIDS to deal with intrusions at Network and Virtualization layer in Cloud Environment. NvCloudIDS performs the behavioral analysis of network traffic coming to or going from Cloud Networking Server (CNS) and provides first level of defense from intrusions at network level. It also performs Virtual Machine (VM) memory introspection and VM traffic analysis at hypervsior layer of Cloud Compute Server (CCoS) and provides second level of defense at virtualization level. The architecture of NvCloudIDS is primarily designed to improve the robustness and power of attack detection of IDS by leveraging Virtual Machine Introspection (VMI) and Machine learning techniques. The framework is validated with recent intrusion dataset (UNSW-NB) and malware binaries collected from research centers and the results seem to be promising.

A statistical database is a database which is used to obtain statistical information about subsets of records. Unlike in ordinary databases, the user is not allowed to query individual records in the statistical database. However, using only statistical types of queries, it is often possible to make inferences about individual records.