Your search keyword '"*FIREWALLS (Computer security)"' showing total 4,316 results

1. Methods for using Anaconda on Personally Identifiable Information (PII)-restricted computers

Author

Shires, Dale R.

Subjects

Python (Computer program language), Machine learning -- Usage., Firewalls (Computer security), Computer networks.

Published

2023

2. Traditional firewall vs. next-generation firewall: A review.

Author

Brar, Manbir Kaur, Kaur, Bhupinder, Singh, Gurvinder, Jindal, Pardeep Kumar, and Sood, Sonal

Subjects

*COMPUTER network security, *FIREWALLS (Computer security), *CONSUMERS

Abstract

Huge technological advances have been made in the WWW era, yet every benefit has a drawback. Today's firewalls provide consumers a variety of features. In this article, we talked about classic and NGFW firewalls. The firewall plays a crucial role in the security of the network by inspecting both incoming and outgoing packets. Limit the entry of harmful packets into the network. UTM (Unified Threat Management) firewalls can also be used as NGFW. The UTM feature operates in a manner similar to that of a router and firewall. In this paper, we have compared NGFW firewalls to standard firewalls. [ABSTRACT FROM AUTHOR]

Published

2024

3. YEAR IN REVIEW.

Author

EDINGER, JULIA, DAVIDSON, NIKKI, PATTISON-GORDON, JULE, WESTROPE, ANDREW, SILVER, ASHLEY, and RUETER, THAD

Subjects

CHATBOTS, BLOCKCHAINS, GENERATIVE artificial intelligence, ARTIFICIAL intelligence, SWARM intelligence, AMERICAN Community Survey, SCHOOL districts, FIREWALLS (Computer security)

Abstract

The article highlights recent advancements and challenges in digital accessibility and technology within government and education. Topics include the deployment of AI-powered personalized learning platforms in schools; new federal rules from the Department of Justice under the ADA, mandating digital service accessibility for people with disabilities; and state-level digital accessibility initiatives.

Published

2024

4. Is it time to upgrade your business Wi-Fi?

Author

Cassidy, Steve

Subjects

LOCAL area networks, BUSINESS networks, INTERNET protocol address, INTERNET access, BUSINESS cycles, WIRELESS mesh networks, FIREWALLS (Computer security)

Abstract

This article provides information on upgrading business Wi-Fi networks. It emphasizes the importance of considering factors such as performance, security, and compatibility when deciding whether to invest in new hardware or make configuration changes. The article also discusses the benefits of using VLANs for network management and the need for client devices to support the latest Wi-Fi standards. It suggests gradually rolling out new Wi-Fi services alongside existing ones and highlights the impact of distance on Wi-Fi performance. Mesh configurations can be a good option for avoiding excessive cabling, but they have been slower to catch on in business environments due to interference from high-voltage electricity supplies. For office-based businesses, there are mesh options available from brands like Cisco and Netgear, but careful placement of the mesh nodes is necessary for optimal performance. While 5G mobile connections may seem like an alternative to Wi-Fi, challenges with legacy systems and devices make it more suitable for small startups. Load balancing, which involves spreading work across computing resources to prevent overload, can be applied at the network level or to individual servers and applications. Various load balancing methods, including static and dynamic strategies, are available, and it is important to monitor server status and performance for effective load balancing. [Extracted from the article]

Published

2024

5. Enhancing Firewall Packet Classification through Artificial Neural Networks and Synthetic Minority Over-Sampling Technique: An Innovative Approach with Evaluative Comparison.

Author

Korkmaz, Adem, Bulut, Selma, Talan, Tarık, Kosunalp, Selahattin, and Iliev, Teodor

Subjects

MACHINE learning, ARTIFICIAL neural networks, COMPUTER network security, COMMUNICATION infrastructure, INFRASTRUCTURE (Economics), FIREWALLS (Computer security)

Abstract

Firewall packet classification is a critical component of network security, demanding precise and reliable methods to ensure optimal functionality. This study introduces an advanced approach that combines Artificial Neural Networks (ANNs) with various data balancing techniques, including the Synthetic Minority Over-sampling Technique (SMOTE), ADASYN, and BorderlineSMOTE, to enhance the classification of firewall packets into four distinct classes: 'allow', 'deny', 'drop', and 'reset-both'. Initial experiments without data balancing revealed that while the ANN model achieved perfect precision, recall, and F1-Scores for the 'allow', 'deny', and 'drop' classes, it struggled to accurately classify the 'reset-both' class. To address this, we applied SMOTE, ADASYN, and BorderlineSMOTE to mitigate class imbalance, which led to significant improvements in overall classification performance. Among the techniques, the ANN combined with BorderlineSMOTE demonstrated superior efficacy, achieving a 97% overall accuracy and consistently high performance across all classes, particularly in the accurate classification of minority classes. In contrast, while SMOTE and ADASYN also improved the model's performance, the results with BorderlineSMOTE were notably more balanced and reliable. This study provides a comparative analysis with existing machine learning models, highlighting the effectiveness of the proposed approach in firewall packet classification. The synthesized results validate the potential of integrating ANNs with advanced data balancing techniques to enhance the robustness and reliability of network security systems. The findings underscore the importance of addressing class imbalance in machine learning models, particularly in security-critical applications, and offer valuable insights for the design and improvement of future network security infrastructures. [ABSTRACT FROM AUTHOR]

Published

2024

6. Automating cloud virtual machines allocation via machine learning.

Author

Kamoun-Abid, Ferdaous, Frikha, Hounaida, Meddeb-Makhoulf, Amel, and Zarai, Faouzi

Subjects

MACHINE learning, FISHER discriminant analysis, COMPUTER network security, VIRTUAL networks, CLOUD computing, VIRTUAL machine systems, FIREWALLS (Computer security)

Abstract

In the realm of healthcare applications leveraging cloud technology, ongoing progress is evident, yet current approaches are rigid and fail to adapt to the dynamic environment, particularly when network and virtual machine (VM) resources undergo modifications mid-execution. Health data is stored and processed in the cloud as virtual resources supported by numerous VMs, necessitating critical optimization of virtual node and data placement to enhance data application processing time. Network security poses a significant challenge in the cloud due to the dynamic nature of the topology, hindering traditional firewalls' ability to inspect packet contents and leaving the network vulnerable to potential threats. To address this, we propose dividing the cloud topology into zones, each monitored by a controller to oversee individual VMs under firewall protection, a framework termed divided-cloud, aiming to minimize network congestion while strategically placing new VMs. Employing machine learning (ML) techniques, such as decision tree (DT) and linear discriminant analysis (LDA), we achieved improved accuracy rates for adding new controllers, reaching a maximum of 89%, and used the K-neighbours classifier method to determine optimal locations for new VMs, achieving an accuracy of 83%. [ABSTRACT FROM AUTHOR]

Published

2024

7. AI-Based Approach to Firewall Rule Refinement on High-Performance Computing Service Network.

Author

Lee, Jae-Kook, Hong, Taeyoung, and Lee, Gukhua

Subjects

ARTIFICIAL intelligence, FIREWALLS (Computer security), COMPUTER network security, MACHINE learning, SUPPORT vector machines, ACCESS control

Abstract

High-performance computing (HPC) relies heavily on network security, particularly when supercomputing services are provided via public networks. As supercomputer operators, we introduced several security devices, such as anti-DDoS, intrusion prevention systems (IPSs), firewalls, and web application firewalls, to ensure the secure use of supercomputing resources. Potential threats are identified based on predefined security policies and added to the firewall rules for access control after detecting abnormal behavior through anti-DDoS, IPS, and system access logs. After analyzing the status change patterns for rule policies added owing to human errors among these added firewall log events, 289,320 data points were extracted over a period of four years. Security experts and operators must go through a strict verification process to rectify policies that were added incorrectly owing to human error, which adds to their workload. To address this challenge, our research applies various machine- and deep-learning algorithms to autonomously determine the normalcy of detection without requiring administrative intervention. Machine-learning algorithms, including naïve Bayes, K-nearest neighbor (KNN), OneR, a decision tree called J48, support vector machine (SVM), logistic regression, and the implemented neural network (NN) model with the cross-entropy loss function, were tested. The results indicate that the KNN and NN models exhibited an accuracy of 97%. Additional training and feature refinement led to even better improvements, increasing the accuracy to 98%, a 1% increase. By leveraging the capabilities of machine-learning and deep-learning technologies, we have provided the basis for a more robust, efficient, and autonomous network security infrastructure for supercomputing services. [ABSTRACT FROM AUTHOR]

Published

2024

8. Cybersecurity: Safeguarding the digital landscape.

Author

Kaur, Kiranjeet and Batth, Jaspreet Singh

Subjects

*SOCIAL engineering (Fraud), *DIGITAL technology, *INTERNET security, *RIGHT of privacy, *CYBERTERRORISM, *FIREWALLS (Computer security), *COMPUTER crime prevention

Abstract

This paper examines the crucial subject of cyber security and its relevance in the current digital age. With the accelerated development of technology and interconnection, it is now more important than ever to guard against cyber attacks. The article gives a general overview of cyber security, including its meaning and value in protecting people, businesses, and societyat large. It explores a range of cyber threats, including insider threats, phishing scams, and malware assaults. The study then addresses crucial cyber security elements, such as identity and access management, network security, data protection, and application security. It looks at the techniques and recommendations used to improve cyber security, including encryption, firewalls, secure coding techniques, and incident response strategy. The study also examines recent developments in cyber security, such as IoT security, cloud security, and privacy laws. It addresses social engineering assaults and the significance of user education and awareness while emphasising the human element incyber security. The study also emphasizes the value of public-private partnerships, regulatory frameworks, and international collaboration in enhancing cyber security. Finally, it examines the field's potential future developments, including automation, threat intelligence, and ethical issues. In order to effectively address cyber threats, the study emphasizes the dynamic nature of cyber security and the necessity for continual awareness and agility. [ABSTRACT FROM AUTHOR]

Published

2024

9. Exploring the role of firewall technology in securing computer networks in the 5G environment.

Author

Kumar, Amit, Ahuja, Sachin, and Gupta, Ganesh

Subjects

*COMPUTER networks, *FIREWALLS (Computer security), *COMPUTER engineering, *COMPUTER network security, *INFRASTRUCTURE (Economics), *5G networks, *EMAIL security, *CELL communication

Abstract

Exploring Firewall Technology to Improve Computer Network Security in 5G Firewalls are essential for maintaining computer networks' high levels of security. Network security has drawn a lot of attention as a result of the increased usage of computer technology. In the context of a 5G environment, this article examines the value of firewall technology in securing computer networks. Inadequate base station deployment at communication cell boundaries is one vulnerability that the implementation of 5G mobile networks offers. This study suggests mobile network optimization tactics to deal with these issues. In order to propose numerous optimization methods that guarantee flawless network coverage and unbroken mobile communication, it looks into difficult communication scenarios in metropolitan settings. Additionally, the introduction of 5G will deliver fast, big-capacity, low-latency, and highly dependable services that affect how well local optical cable infrastructure and core systems are used. The paper emphasizes how effectively utilizing firewalls, which offer a high level of protection, has improved computer network security. Experimental results back up these conclusions, highlighting the crucial function firewalls play in maintaining complete network security in the 5G future. [1]. [ABSTRACT FROM AUTHOR]

Published

2024

10. Endpoint protection 2024.

Author

Mitchell, Dave

Subjects

GENERATIVE artificial intelligence, ARTIFICIAL intelligence, SOFTWARE maintenance, TELECOMMUTING, THIRD-party software, FIREWALLS (Computer security)

Abstract

The article discusses the importance of endpoint protection software for businesses, especially with the rise of cybercrime targeting vulnerable endpoints. It reviews four cloud-hosted endpoint protection solutions - Vipre, Sophos, WatchGuard, and WithSecure - highlighting their features, ease of deployment, and platform support. The text emphasizes the need for businesses to carefully consider endpoint protection solutions, test updates before deployment, and choose products based on their specific device requirements and security needs. [Extracted from the article]

Published

2024

11. Network Security Devices Are The Front Door To An IT Environment, But Are They Under Lock And Key?

Author

Alspach, Kyle

Subjects

COMPUTER network security, DATA security, CORPORATE vice-presidents, SECURITY systems, VIRTUAL private networks, FIREWALLS (Computer security), COMPUTER security vulnerabilities

Abstract

The article explores the growing vulnerability of network security devices and the difficulties organizations face in promptly patching these devices. It acknowledges that threat actors are targeting network security systems, such as firewalls and VPNs, and exploiting their vulnerabilities. The article emphasizes the need for automated patching of network security devices, but also acknowledges concerns and hesitations surrounding this approach. It highlights specific instances of attacks on Ivanti VPNs and other on-premises firewalls, and stresses the importance of timely vendor response and patch distribution to mitigate vulnerabilities. The article also mentions the shift towards newer security approaches like SSE and SASE, but recognizes that many organizations still rely on legacy devices. It concludes by suggesting that more vendors should offer automatic patching capabilities to enhance network security. [Extracted from the article]

Published

2024

12. Deep Reinforcement Learning Approach for Cyberattack Detection.

Author

Tareq, Imad, Elbagoury, Bassant Mohamed, El-Regaily, Salsabil Amin, and El-Horbaty, El-Sayed M.

Subjects

DEEP reinforcement learning, REINFORCEMENT learning, CYBERTERRORISM, COMPUTER network security, FIREWALLS (Computer security), SAFETY

Abstract

Recently, there has been a growing concern regarding the detrimental effects of cyberattacks on both infrastructure and users. Conventional safety measures, such as encryption, firewalls, and intrusion detection, are inadequate to safeguard cyber systems against emerging and evolving threats. To address this issue, researchers have turned to reinforcement learning (RL) as a potential solution for complex decision-making problems in cybersecurity. However, the application of RL faces various obstacles, including a lack of suitable training data, dynamic attack scenarios, and challenges in modeling real-world complexities. This paper suggests applying deep reinforcement learning (DRL), a deep framework, to simulate malicious cyberattacks and enhance cybersecurity. Our framework utilizes an agent-based model that is capable of continuous learning and adaptation within a dynamic network security environment. The agent determines the most optimal course of action based on the network's state and the corresponding rewards received for its decisions. We present the outcomes of our experimentation with the application of DRL on a specific model, double deep Q-network (DDQN), utilizing policy gradient (PG) on three distinct datasets: NSL-KDD, CIC-IDS-2018, and AWID. Our research demonstrates that DRL can effectively improve cyberattack detection outcomes through our model and specific parameter adjustments. [ABSTRACT FROM AUTHOR]

Published

2024

13. Comparative Analysis of Anomaly Detection Approaches in Firewall Logs: Integrating Light-Weight Synthesis of Security Logs and Artificially Generated Attack Detection †.

Author

Komadina, Adrian, Kovačević, Ivan, Štengl, Bruno, and Groš, Stjepan

Subjects

*ANOMALY detection (Computer security), *SUPERVISED learning, *MACHINE learning, *FIREWALLS (Computer security), *COMPARATIVE studies, *PROBLEM solving

Abstract

Detecting anomalies in large networks is a major challenge. Nowadays, many studies rely on machine learning techniques to solve this problem. However, much of this research depends on synthetic or limited datasets and tends to use specialized machine learning methods to achieve good detection results. This study focuses on analyzing firewall logs from a large industrial control network and presents a novel method for generating anomalies that simulate real attacker actions within the network without the need for a dedicated testbed or installed security controls. To demonstrate that the proposed method is feasible and that the constructed logs behave as one would expect real-world logs to behave, different supervised and unsupervised learning models were compared using different feature subsets, feature construction methods, scaling methods, and aggregation levels. The experimental results show that unsupervised learning methods have difficulty in detecting the injected anomalies, suggesting that they can be seamlessly integrated into existing firewall logs. Conversely, the use of supervised learning methods showed significantly better performance compared to unsupervised approaches and a better suitability for use in real systems. [ABSTRACT FROM AUTHOR]

Published

2024

14. Toward a modern secure network based on next-generation firewalls: recommendations and best practices.

Author

Lamdakkar, Oussama, Ameur, Ismail, Eleyatt, Mohamed Mbarek, Carlier, Fabien, and Ibourek, Lahcen Ait

Subjects

NEXT generation networks, MODERN architecture, FIREWALLS (Computer security), BEST practices, BUSINESS size, SMALL business, ACCESS control

Abstract

The security architecture of modern networks undergoes periodic changes, given (i) the diversity of security solutions, (ii) the emergence of new attack vectors, and (iii) corporate needs in terms of access control (ZTNA: Zero Trust Network Access). The complexity of setting up a secure infrastructure lies in the design of the network architecture, on the one hand, and the choice of configurations appropriate to the company's security policy, on the other. Indeed, misconfiguration is considered a vulnerability, which makes the task of setting up a secure network somewhat critical, given the technical skills it requires. In this paper, we will address this problem by proposing a modern security architecture applied to all sizes of enterprises: medium-sized, large, and sometimes even small companies. Therefore, we will describe the equipment required and their roles in the security layer, the security technologies adopted, and best practices for optimal deployment. To evaluate our proposal, we generated malicious traffic using the firewall inspection tester based on the "fit.py" script to study the architecture's resilience and behavior in the face of multiple attacks. [ABSTRACT FROM AUTHOR]

Published

2024

15. StegEraser: Defending cybersecurity against malicious covert communications.

Author

Zhang, Jianfeng, Zhang, Wensheng, and Xu, Jingdong

Subjects

*DEEP packet inspection (Computer security), *COMPUTER systems, *INTERNET security, *INTERNET of things, *INTERNET traffic, *FIREWALLS (Computer security)

Abstract

Traditionally, the mission of intercepting malicious traffic between the Internet and the internal network of entities like organizations and corporations, is largely fulfilled by techniques such as deep packet inspection (DPI). However, steganography, the methodology of hiding secret data in seemingly benign public mediums (e.g., images), has been leveraged by advanced persistent threat (APT) groups in recent years, and is almost impossible to be detected and intercepted by traditional techniques, posing a pervasive and realistic threat to cybersecurity. Additionally, internal networks' vulnerability to steganography is further exacerbated by the connectivity and large attack surface of the Internet of Things (IoT), whose adoption and deployment are quickly expanding. To protect computer systems against malicious communications that apply steganographic methods potentially unknown to cybersecurity stakeholders, we propose StegEraser, an approach to removing the secret information embedded in public mediums by adversaries, that is fundamentally distinct from existing research which is primarily designed for known steganographic methods. Implemented for images, StegEraser injects an excessively huge amount of random binary data with a novel steganographic method into the images, by utilizing the information-merging capabilities of invertible neural networks (INNs), in order to "overload" adversaries' steganographic hiding capacity of images transmitted through the firewall performing DPI. In the meantime, StegEraser preserves the perceptual quality of the images. In other words, StegEraser "defeats unknown steganography with steganography". Extensive evaluation verifies that StegEraser significantly outperforms state-of-the-art (SOTA) methods in terms of removing secret information embedded with both traditional and neural network-based steganographic methods, while visually maintaining the image quality. [ABSTRACT FROM AUTHOR]

Published

2024

16. A Hierarchical Security Event Correlation Model for Real-Time Threat Detection and Response.

Author

Maosa, Herbert, Ouazzane, Karim, and Ghanem, Mohamed Chahine

Subjects

INTRUSION detection systems (Computer security), FIREWALLS (Computer security), DATA security failures, CLUSTER analysis (Statistics), DATA reduction

Abstract

An intrusion detection system (IDS) perform postcompromise detection of security breaches whenever preventive measures such as firewalls do not avert an attack. However, these systems raise a vast number of alerts that must be analyzed and triaged by security analysts. This process is largely manual, tedious, and time-consuming. Alert correlation is a technique that reduces the number of intrusion alerts by aggregating alerts that are similar in some way. However, the correlation is performed outside the IDS through third-party systems and tools, after the IDS has already generated a high volume of alerts. These third-party systems add to the complexity of security operations. In this paper, we build on the highly researched area of alert and event correlation by developing a novel hierarchical event correlation model that promises to reduce the number of alerts issued by an intrusion detection system. This is achieved by correlating the events before the IDS classifies them. The proposed model takes the best features from similarity and graph-based correlation techniques to deliver an ensemble capability not possible by either approach separately. Further, we propose a correlation process for events rather than alerts as is the case in the current art. We further develop our own correlation and clustering algorithm which is tailor-made to the correlation and clustering of network event data. The model is implemented as a proof of concept with experiments run on standard intrusion detection sets. The correlation achieves an 87% data reduction through aggregation, producing nearly 21,000 clusters in about 30 s. [ABSTRACT FROM AUTHOR]

Published

2024

17. From Zero to 100: Demystifying zero trust and its implications on enterprise people, process, and technology.

Author

BUSH, MATTHEW and MASHATAN, ATEFEH

Subjects

*INTERNET security, *COMPUTER security, *COMPUTER network security, *INFORMATION technology security, *FIREWALLS (Computer security)

Abstract

The article focuses on the history and development of the strategic approach to cybersecurity known as "zero trust." The authors discuss the use of firewalls and how they are no longer sufficient, examine data breaches at credit reporting company Equifax and financial company Capital One, and explore how zero trust can impact people, process, and technology (PPT).

Published

2023

18. CISCO'S ROBBINS: Moving Fast To Win The AI Battle: Cisco CEO Chuck Robbins says the company is seizing the AI high ground with a big data AI-enabled security and observability advantage that rivals can't match.

Author

Narcisi, Gina and ALSPACH, KYLE

Subjects

LANGUAGE models, SENIOR leadership teams, GENERATIVE artificial intelligence, ARTIFICIAL intelligence, BUSINESS networks, FIREWALLS (Computer security), SERVER farms (Computer network management)

Abstract

Cisco CEO Chuck Robbins believes that the company is well-positioned to dominate the AI market with its big data AI-enabled security and observability advantage. Cisco recently acquired Splunk for $28 billion, enhancing its AI capabilities and plans to integrate these technologies into its products. Robbins emphasizes the importance of moving quickly in the AI revolution and highlights Cisco's focus on security as a key differentiator. Despite competition from Hewlett Packard Enterprise's acquisition of Juniper Networks, Robbins is confident in Cisco's AI prowess and commitment to customer needs. Cisco is investing in partnerships, technical capabilities, and data integration to ensure success in the AI space. The company is creating an AI specialization for partners and developing AI-related Cisco Partner Journeys to accelerate sales and enhance profitability. The text encourages partners to follow Cisco's example of being both innovative and practical in meeting customer needs, while also emphasizing the importance of meeting customers where they are currently at. [Extracted from the article]

Published

2024

19. The Cost of Inaction: Exploring the Consequences of Ignoring IIoT Security Risks.

Author

Baliga, Prashasth Bantwal

Subjects

RANSOMWARE, FIREWALLS (Computer security), MULTI-factor authentication, SOCIAL engineering (Fraud), INFORMATION technology

Abstract

The article explores the growing security concerns surrounding Industrial IoT (IIoT) integration, emphasizing the critical need for robust security measures to protect against cyber threats. It discusses the rise of IIoT and the challenges it poses, such as ransomware attacks and state-sponsored cyberattacks, highlighting the importance of addressing security gaps and implementing comprehensive security strategies.

Published

2024

20. TOMMANO—Virtualised Network Functions Management in Cloud Environment based on the TOSCA Standard.

Author

Stolyarov, R. K., Shvetcova, V. V., and Borisenko, O. D.

Subjects

*NETWORK operating system, *COMPUTER software, *INFRASTRUCTURE (Economics), *COMMUNICATION infrastructure, *CLOUD computing, *FIREWALLS (Computer security), *VIRTUAL machine systems

Abstract

Since 2012 NFV (Network Functions Virtualisation) technology has evolved significantly and became widespread. Before the advent of this technology, proprietary network devices had to be used to process traffic. NFV technology allows you to simplify the configuration of network functions and reduce the cost of traffic processing by using software modules running on completely standard datacenter servers (in virtual machines). However, deploying and maintaining virtualised network functions (such as firewall, NAT, spam filter, access speed restriction) in the form of software components, changing the configurations of these components, and manually configuring traffic routing are still complicated operations. The problems described exist due to the huge number of network infrastructure components and differences in the functionality of chosen software, network operating systems and cloud platforms. In particular, the problem is relevant for the biomedical data analysis platform of the world-class Scientific Center of Sechenov University. In this article, we propose a solution to this problem by creating a framework TOMMANO that allows you to automate the deployment of virtualised network functions on virtual machines in cloud environments. It converts OASIS TOSCA [5, 6] declarative templates in notation corresponding to the ETSI MANO [2] for NFV standard into normative TOSCA templates and sets of Ansible scripts. Using these outputs an application containing virtualised network functions can be deployed by the TOSCA orchestrator in any cloud environment it supports. The developed TOMMANO framework received a certificate of state registration of the computer program no. 2023682112 dated October 23, 2023. In addition, this article provides an example of using this framework for the automatic deployment of network functions. In this solution Cumulus VX is used as the provider operating system of network functions. Clouni is used as an orchestrator. Openstack is used as a cloud provider. [ABSTRACT FROM AUTHOR]

Published

2024

21. A Comparative Performance Analysis of Machine Learning Models for Intrusion Detection Classification.

Author

Hussain, Adil, Khatoon, Amna, Aslam, Ayesha, Tariq, and Khosa, Muhammad Asif

Subjects

INTERNET security, ANTIVIRUS software, FIREWALLS (Computer security), MACHINE learning, ALGORITHM software

Abstract

The importance of cybersecurity in contemporary society cannot be inflated, given the substantial impact of networks on various aspects of daily life. Traditional cybersecurity measures, such as anti-virus software and firewalls, safeguard networks against potential threats. In network security, using Intrusion Detection Systems (IDSs) is vital for effectively monitoring the various software and hardware components inside a given network. However, they may encounter difficulties when it comes to detecting solitary attacks. Machine Learning (ML) models are implemented in intrusion detection widely because of the high accuracy. The present work aims to assess the performance of machine learning algorithms in the context of intrusion detection, providing valuable insights into their efficacy and potential for enhancing cybersecurity measures. The main objective is to compare the performance of the well-known ML models using the UNSW-NB15 dataset. The performance of the models is discussed in detail with a comparison using evaluation metrics and computational performance. [ABSTRACT FROM AUTHOR]

Published

2024

22. Discussion on Application of Virtual Firewall Technology to Network Security in Railway Communication Network Management.

Author

Tang Lu

Subjects

COMPUTER network security, FIREWALLS (Computer security), TELECOMMUNICATION systems, COMMUNICATION in management, DATA transmission systems, TELECOMMUNICATION

Abstract

Against the background of the development of network security technologies such as railway communication data network and transmission network, and in accordance with the strategy of "integration, centralization and protection" for security protection in railway communication networks, this paper puts forward the concept of using the virtual firewall technology to share one network security protection system at the network security boundary of various communication network management systems. The proposed concept aims to achieve the purposes of service isolation, management and control isolation, and equipment resource sharing among various systems, so as to meet the network security needs of various network management systems for communication systems. [ABSTRACT FROM AUTHOR]

Published

2023

23. Data Analysis of Network Parameters for Secure Implementations of SDN-Based Firewall.

Author

Iqbal, Rizwan, Hussain, Rashid, Arif, Sheeraz, Ansari, Nadia Mustaqim, and Shaikh, Tayyab Ahmed

Subjects

DENIAL of service attacks, TCP/IP, FLOOD control, FIREWALLS (Computer security), SOFTWARE-defined networking, SOCIAL norms, ORBITS (Astronomy)

Abstract

Software-Defined Networking (SDN) is a new network technology that uses programming to complement the data plane with a control plane. To enable safe connection, however, numerous security challenges must be addressed. Flooding attacks have been one of the most prominent risks on the internet for decades, and they are now becoming challenging difficulties in SDN networks. To solve these challenges, we proposed a unique firewall application built on multiple levels of packet filtering to provide a flooding attack prevention system and a layer-based packet detection system. This study offers a systematic strategy for wrapping up the examination of SDN operations. The Mininet simulator examines the effectiveness of SDN-based firewalls at various network tiers. The fundamental network characteristics that specify how SDN should operate. The three main analytical measures of the network are jitter, response time, and throughput. During regular operations, their behavior evaluates in the standard SDN conditions of Transmission Control Protocol (TCP) flooding and User Datagram Protocol (UDP) flooding with no SDN occurrences. Low Orbit Ion Cannon (LOIC) is applied to launch attacks on the transmission by the allocated server. Wireshark and MATLAB are used for the behavioral study to determine how sensitive the parameters are used in the SDN network and monitor the fluctuations of those parameters for different simulated scenarios. [ABSTRACT FROM AUTHOR]

Published

2023

24. Management of information processes of the organization using secure remote access to workplaces.

Author

Ivanova, M., Dushkin, A., and Bryushinin, A.

Subjects

*INFORMATION resources management, *INFORMATION organization, *TELECOMMUTING, *INFORMATION processing, *EMPLOYEE transfers, *FIREWALLS (Computer security)

Abstract

The paper describes the algorithm of the software developed by the authors, which makes it possible to build an information and telecommunication network of an organization using secure remote access to workplaces. The prerequisite for the study was the current situation in the world, when it is necessary to ensure the smooth operation of an organization with a large number of employees in a pandemic. The aim of the work was to create software that allows, in a short time, to transfer a lot of employees to a remote mode of work without losing the quality of ensuring the security of information transmission over open communication channels. In the course of the study, the requirements for the software and hardware part of the project were substantiated; a virtual stand was developed that corresponds to the real conditions of using a firewall; a software product was created to automate the process of switching to remote work; implemented successful access of employees to remote workplaces through a secure connection; a methodology for managing the transfer of any number of users to remote work has been compiled. The developed software automates the process of adding users, their personal identifiers and filtering rules to the Firewall Policy Management Center. This method allows you to reduce time costs by several hundred times and in the shortest possible time organize access to workplaces from personal computers of employees. This is especially true in a critical situation. [ABSTRACT FROM AUTHOR]

Published

2023

25. Think like a hacker.

Author

Adam, David

Subjects

*COMPUTER hacking, *UNITED States presidential election, 2016, *COMPUTER hackers, *FIREWALLS (Computer security), *EMAIL hacking, *YOUNG adults

Abstract

At the time, Morris's dad was chief scientist for cybersecurity at the US National Security Agency (NSA). Features Scott Shapiro wants to teach the world how to hack. Shapiro talks to New Scientist about what we can learn from hackers, why he wants to teach the world to hack in a free online course and just how close he came to committing cybercrime himself. [Extracted from the article]

Published

2023

26. Anomaly detection of policies in distributed firewalls using data log analysis.

Author

Andalib, Azam and Babamir, Seyed Morteza

Subjects

*DATA logging, *FIREWALLS (Computer security), *DATA analysis, *DATA mining, *TRAFFIC monitoring, *TRAFFIC engineering, *BIG data

Abstract

A distributed firewall is a security application that monitors and controls traffic on an organization's network. While centralized firewalls are used against attacks coming from outside a network, distributed firewalls are considered for inside attacks from internal networks such as wireless access and VPN tunnel. Distributed firewalls use policies, which are stated by rules, to find anomalous packets. However, such static rules may be incomplete. In this case, by monitoring firewall logs, the anomalies can be detected. Such logs become big when networks have high traffic, but their hidden knowledge contains valuable information about existing anomalies. In this paper, to detect the anomalies, we extract patterns from big data logs of distributed firewalls using data mining and machine learning. The proposed method is applied to big logs from distributed firewalls in a real security environment, and results are analyzed. [ABSTRACT FROM AUTHOR]

Published

2023

27. Cloud Security with Lightweight ABE on Mobile IoT Devices.

Author

Naregal, Keerti and Kalmani, Vijay

Subjects

INTERNET of things, DATA security, INFORMATION sharing, RESEARCH personnel, CLOUD computing, FIREWALLS (Computer security), RSA algorithm

Abstract

The internet of things (IoT) faces significant obstacles due to insufficient identity recognition and evolving network architecture, leading to concerns about the confidentiality of data and causing anxiety. The attribute-based encryption (ABE) techniques have recently been considered a solution to guarantee the security of data transfer and precise data sharing. However, most of the existing methods used the attribute-based encryption (ABE) technique, which requires a lot of computation power and is unsuitable for IoT devices with minimal resources. Researchers have achieved improvements in establishing practical methods for cloud security on mobile IoT devices using lightweight ABE. In this paper, the ciphertext policy-revocable and searchable attribute-based encryption (CP-RSABE) method is proposed to protect privacy and security. The proposed methods greatly lower the cost of computing IoT devices with the availability of multiple-keyword searchers for the users of data. The user's side of computation is very efficient, and the cloud server handles most of the computing tasks. The proposed method performs significantly better in terms of ciphertext size, decryption time, and parameter size. The method achieves data security, privacy preservation, and mobile terminal operations that are suitable for applications of IoT methods. The existing methods such as online/offline multi authority-ABE with cryptographic reverse firewalls (OO-MA-ABE-CRF), ciphertext policy ABE (CP-ABE), ABE with full privacy protection (ABE-FPP) are used to justify the effectiveness of CP-RSABE method. The proposed method CP-RSABE achieves the encryption time (0.0163s), decryption time (0.25s), communication overhead (3.4KB), size of secret key (5.1KB), and size of ciphertext (10.7KB) compared to the OO-MA-ABE-CRF, CP-ABE, ABE-FPP. [ABSTRACT FROM AUTHOR]

Published

2023

28. Data-Driven Network Analysis for Anomaly Traffic Detection.

Author

Alam, Shumon, Alam, Yasin, Cui, Suxia, and Akujuobi, Cajetan

Subjects

*ANOMALY detection (Computer security), *TRAFFIC monitoring, *CONVOLUTIONAL neural networks, *MACHINE learning, *LOCOMOTIVES, *SUPERVISED learning, *FIREWALLS (Computer security)

Abstract

Cybersecurity is a critical issue in today's internet world. Classical security systems, such as firewalls based on signature detection, cannot detect today's sophisticated zero-day attacks. Machine learning (ML) based solutions are more attractive for their capabilities of detecting anomaly traffic from benign traffic, but to develop an ML-based anomaly detection system, we need meaningful or realistic network datasets to train the detection engine. There are many public network datasets for ML applications. Still, they have limitations, such as the data creation process and the lack of diverse attack scenarios or background traffic. To create a good detection engine, we need a realistic dataset with various attack scenarios and various types of background traffic, such as HTTPs, streaming, and SMTP traffic. In this work, we have developed realistic network data or datasets considering various attack scenarios and diverse background/benign traffic. Furthermore, considering the importance of distributed denial of service (DDoS) attacks, we have compared the performance of detecting anomaly traffic of some classical supervised and our prior developed unsupervised ML algorithms based on the convolutional neural network (CNN) and pseudo auto-encoder (AE) architecture based on the created datasets. The results show that the performance of the CNN-Pseudo-AE is comparable to that of many classical supervised algorithms. Hence, the CNN-Pseudo-AE algorithm is promising in actual implementation. [ABSTRACT FROM AUTHOR]

Published

2023

29. Improving computer network security evaluation with grey relational analysis and probabilistic simplified neutrosophic sets.

Author

Wang, Hong and Chen*, Gongping

Subjects

*GREY relational analysis, *FIREWALLS (Computer security), *COMPUTER network security, *COMPUTER networks, *INFORMATION technology security, *ANTIVIRUS software, *NETWORK PC (Computer), *APPLICATION software

Abstract

The popularity of computer network has provided great convenience for people's work and life, but it has also brought corresponding information security problems. It is very important to do a good job in computer network security evaluation. Conventional computer network security evaluation can be realized with the help of firewalls, antivirus software, etc., while in the face of complex computer network applications, it is necessary to adopt a security evaluation method with good operability and wider application range. The computer network security evaluation is viewed as multiple attribute decision-making (MADM) issue. In this paper, an extended probabilistic simplified neutrosophic number grey relational analysis (PSNN-GRA) method is established for computer network security evaluation. The PSNN-GRA method integrated with Criteria Importance Though Intercrieria Correlation (CRITIC) method in probabilistic simplified neutrosophic sets (PSNSs) circumstance is applied to rank the optional alternatives and a numerical example for computer network security evaluation is used to proof the newly proposed method's practicability along with the comparison with other methods. The results display that the approach is uncomplicated, valid and simple to compute. [ABSTRACT FROM AUTHOR]

Published

2023

30. Optimal Control Strategy for SLBRS with Two Control Inputs.

Author

Zhao, Xiangqing

Subjects

*PONTRYAGIN'S minimum principle, *COMPUTER networks, *FIREWALLS (Computer security), *COMPUTER viruses, *ANTIVIRUS software, *CYBERTERRORISM

Abstract

Computer virus attacks result in significant losses each year, drawing considerable attention from enterprises, governments, academic institutions, and various other sectors. Researchers have proposed various approaches to fight against computer viruses, including antivirus software and internet firewalls. In this paper, we focus on investigating computer virus transmission from the perspective of mathematical modeling. Our main contributions in this paper are threefold: (1) we improve the classical SLBRS model by incorporating cure rates, effectively capturing the dynamics of computer network maintenance; (2) we introduce an optimal control system within the SLBRS framework, with the dual objectives of minimizing network detoxification costs and reducing the proportion of broken-out nodes; and (3) by employing Pontryagin's Maximum Principle, we establish the existence and uniqueness of an optimal control strategy for the proposed control system. Furthermore, we perform numerical simulations to demonstrate the effectiveness of our theoretical analyses. [ABSTRACT FROM AUTHOR]

Published

2023

31. Application of artificial intelligence and machine learning in a security operations center.

Author

Islam, Mohammad Anwarul

Subjects

ARTIFICIAL intelligence, MACHINE learning, SOFTWARE development tools, FIREWALLS (Computer security), INTRUSION detection systems (Computer security), INFORMATION resources management, CYBERTERRORISM

Abstract

The security operations center's (SOC) mission is to protect digital assets (data, applications, infrastructure) from malicious attacks and breaches. The SOC accomplishes its mission through people, processes, and technologies in detecting, responding, and recovering from cyber-attacks. SOC depends on several hardware appliances and software tools such as firewalls, intrusion detection and prevention systems, sensors-based events, system logs, endpoint detection and response, threat intelligence, vulnerabilities scanner, etc. These tools and appliances generate an enormous volume of data in real-time. Therefore, tools such as security events and information management (SIEM) must analyze large volumes of data to detect malicious activities and security incidents. Machine learning and artificial intelligence technologies have the potential to detect anomalies and cyberattacks. This research focuses on how AI/ML is embedded in SOC tools. [ABSTRACT FROM AUTHOR]

Published

2023

32. An Information Security Engineering Framework for Modeling Packet Filtering Firewall Using Neutrosophic Petri Nets.

Author

Madhloom, Jamal Khudair, Noori, Zainab Hammoodi, Ebis, Sif K., Hassen, Oday A., and Darwish, Saad M.

Subjects

PETRI nets, INFORMATION technology security, ENGINEERING models, COMPUTER network traffic, FIREWALLS (Computer security), LOCAL area networks

Abstract

Due to the Internet's explosive growth, network security is now a major concern; as a result, tracking network traffic is essential for a variety of uses, including improving system efficiency, fixing bugs in the network, and keeping sensitive data secure. Firewalls are a crucial component of enterprise-wide security architectures because they protect individual networks from intrusion. The efficiency of a firewall can be negatively impacted by issues with its design, configuration, monitoring, and administration. Recent firewall security methods do not have the rigor to manage the vagueness that comes with filtering packets from the exterior. Knowledge representation and reasoning are two areas where fuzzy Petri nets (FPNs) receive extensive usage as a modeling tool. Despite their widespread success, FPNs' limitations in the security engineering field stem from the fact that it is difficult to represent different kinds of uncertainty. This article details the construction of a novel packet-filtering firewall model that addresses the limitations of current FPN-based filtering methods. The primary contribution is to employ Simplified Neutrosophic Petri nets (SNPNs) as a tool for modeling discrete event systems in the area of firewall packet filtering that are characterized by imprecise knowledge. Because of SNPNs' symbolic ability, the packet filtration model can be quickly and easily established, examined, enhanced, and maintained. Based on the idea that the ambiguity of a packet's movement can be described by if–then fuzzy production rules realized by the truth-membership function, the indeterminacy-membership function, and the falsity-membership functional, we adopt the neutrosophic logic for modelling PN transition objects. In addition, we simulate the dynamic behavior of the tracking system in light of the ambiguity inherent in packet filtering by presenting a two-level filtering method to improve the ranking of the filtering rules list. Results from experiments on a local area network back up the efficacy of the proposed method and illustrate how it can increase the firewall's susceptibility to threats posed by network traffic. [ABSTRACT FROM AUTHOR]

Published

2023

33. Deep Learning-Based Bloom Filter for Efficient Multi-key Membership Testing.

Author

Chen, Haitian, Wang, Ziwei, Li, Yunchuan, Yang, Ruixin, Zhao, Yan, Zhou, Rui, and Zheng, Kai

Subjects

FIREWALLS (Computer security), COMPUTER systems, INTERNET searching, DATA distribution, MACHINE learning, DATABASES

Abstract

Multi-key membership testing plays a crucial role in computing systems and networking applications, encompassing web search, mail systems, distributed databases, firewalls, and network routing. Traditional approaches, such as the Bloom filter, encounter limitations within this specific context. Addressing these challenges, we propose the Multi-key Learned Bloom Filter (MLBF), a hybrid method that combines machine learning techniques with the Bloom filter. The MLBF introduces a value-interaction-based multi-key classifier and a multi-key Bloom filter. Furthermore, we introduce an Interval-based MLBF approach, which categorizes keys into specific intervals based on data distribution to minimize the False Positive Rate (FPR). Additionally, MLBF incorporates an out-of-distribution (OOD) detection component to identify data shifts. Through extensive experimental evaluations on three authentic datasets, we demonstrate the superiority of the proposed MLBF in terms of FPR and query efficiency. [ABSTRACT FROM AUTHOR]

Published

2023

34. Survey on various DDoS attacks on firewall and study on emerging DoF attacks.

Author

Jishiya, P. A., James, Ajay, and Swaraj, K. P.

Subjects

*DENIAL of service attacks, *TRUST, *FIREWALLS (Computer security), *INTENTION

Abstract

A firewall is a network device that act as a security guard between a trusted network and an untrusted network. Firewall is the first line of defence against malicious traffic. Nowadays, attacking an organisation network for evil intentions has become a common thing. Distributed Denial of Service (DDoS) attack floods network traffic with illegitimate traffic and thereby preventing accessibility to legitimate users. However new type of attacks are being emerged targeting the network devices and their vulnerabilities. Attacker uses specially crafted packets to overload firewall with comparatively lesser effort, known as Denial of Firewalling (DoF) attack. This paper discusses about the attacks targeting the firewall and also about the newly emerged DoF attack. Moreover, a detection model for DDoS attack is also analysed. [ABSTRACT FROM AUTHOR]

Published

2023

35. NETBLK: Network Adblocker using Raspberry Pi.

Author

Dunglao, John Ezekiel, Agustin, Sean Deniel, Tanglao, Jay, Velarde, Vraelle, and Nicolas, Ray A.

Subjects

RASPBERRY Pi, PERSONAL computers, MOBILE apps, AD blockers, REQUIREMENTS engineering, FIREWALLS (Computer security), WEB browsers

Abstract

Advertisement blocking refers to the practice of using software or browser extensions to prevent advertisements from displaying on web pages or mobile applications. It is a growing trend among internet users, with an increasing number of people opting to block ads online. The use of adblockers has become a significant concern for businesses and advertisers who rely on online advertising to generate revenue. This study aims to design a DNS server that will have a similar function as a firewall. A small board computer called Raspberry Pi will be used to connect to a network where websites with ads will be filtered. A small open-source networking tool called Pi-Hole will be used for configuring the Raspberry Pi. The device will now be the location of network traffic traveling through the network. This system is applied through the use of waterfall methodology which is a linear, sequential approach to project development, where the development process is divided into distinct phases. These phases typically include requirements gathering, design, implementation, testing, and maintenance. The results of the survey show that the system has been accommodating to the evaluators. While adblocking software can improve the user experience by blocking annoying and intrusive ads, adblocking can be effective in mitigating certain information threats particularly those that originate from malicious ads. Malicious advertisements can contain malware or lead users to phishing sites, and adblocking can prevent them from being displayed on a user's device. It is very important to protect such information from being stolen by attackers within a network. [ABSTRACT FROM AUTHOR]

Published

2023

36. How Secure Are You? Australia & India will contribute about 25% each to the region's cybersecurity spending this year.

Author

Chellam, Raju

Subjects

COMPUTER passwords, INTERNET security, LANGUAGE models, FIREWALLS (Computer security), INFORMATION technology, VIRTUAL private networks

Abstract

According to an article in Dataquest, the Indo-Pacific region, excluding Japan, is expected to spend $36 billion on cybersecurity this year, with Australia and India each contributing about 25% of the spending. The article highlights the increasing demand for comprehensive security solutions due to the rise in cyberthreats utilizing AI, such as deepfakes and identity theft. It also mentions the opportunities for vendors to provide security services, particularly managed services. The article emphasizes the importance of cybersecurity measures and provides a list of recommendations for businesses to cultivate a robust cybersecurity environment. [Extracted from the article]

Published

2024

37. Are you ready for the AI PC? How can you best leverage AI PCs & smartphones? Here are my dozen tips in alphabetical order.

Author

Chellam, Raju

Subjects

ARTIFICIAL intelligence, LANGUAGE models, GENERATIVE artificial intelligence, SPEECH synthesis, SMARTPHONES, EMAIL systems, FIREWALLS (Computer security)

Abstract

This article explores the growing presence of AI in PCs and smartphones and offers advice on how to make the most of their capabilities. It emphasizes the use of neural processing units (NPUs) in AI PCs, which allow for local AI processing instead of relying on the cloud. The article predicts a significant increase in the sales of NPU-enabled AI PCs and highlights the benefits of running AI tasks on the device, such as improved performance and cost reduction. It also mentions leading companies in the AI PC and smartphone market, including Intel, Google, and Samsung. The article concludes by providing tips on leveraging AI technology, such as device authentication, data backup, choosing devices with dedicated AI processors, and staying updated with software and security measures. [Extracted from the article]

Published

2024

38. OO-MA-KP-ABE-CRF: Online/Offline Multi-Authority Key-Policy Attribute-Based Encryption with Cryptographic Reverse Firewall for Physical Ability Data.

Author

Zhao, You, Fan, Ye, and Bian, Xuefen

Subjects

*FIREWALLS (Computer security), *DATA encryption, *ACCESS control, *DATA security, *INFORMATION sharing, *CONTRACTING out

Abstract

In many universities, students' physical ability data are collected and stored in the cloud through various sensing devices to save computational and storage costs. Therefore, how to effectively access data while ensuring data security has become an urgent issue. Key-policy attribute-based encryption (KP-ABE) not only enables secure one-to-many communication and fine-grained access control but also adapts to data sharing in static scenarios, making it more suitable for the cloud sharing of physical ability data. In this paper, we construct an online/offline multi-authority key-policy attribute-based encryption with a cryptographic reverse firewall for physical ability data. This scheme uses multi-authority to avoid the single point of failure crisis of a single authority, and is combined with a cryptographic reverse firewall to resist backdoor attacks. In addition, the scheme uses outsourcing decryption to save users' computing costs, and utilizes offline/online technology to move a large amount of computing offline, reducing the online burden. Finally, the experiment shows the feasibility of the scheme. [ABSTRACT FROM AUTHOR]

Published

2023

39. Phase-locking-free all-optical binary sequence flexible matching system.

Author

Liu, Yu, Li, Xin, Shi, Hao, Guo, Ke, Shi, Zicheng, and Huang, Shanguo

Subjects

*BINARY sequences, *FIREWALLS (Computer security), *INTERNET protocol address, *COMPUTER network security, *OPTICAL goods stores

Abstract

The photonic firewall that can directly detect intrusion in the optical layer is an important network security tool for optical networks. The all-optical matching system is the core part of the photonic firewall, which can recognize the designated target sequence, such as an IP address and port number in the input data sequence. In optical networks, the diversity of modulation formats and the uncertainty of attack sources require the flexibility of matching systems. Flexible matching means the matching system can identify various signal fields with multiple modulation formats, avoiding to place separate matching systems to handle signals with different modulation formats separately and reduces the system complexity. And the recognition of various fields makes the matching system can promote the attack masking from a single user to the subnet according to the field of the subnet mask before determining the attacking IP address. Moreover, the all-optical matching system should be phase-locking free to avoid photoelectric conversion. In this paper, we designed the phase-locking-free all-optical flexible matching system to recognize the different sequence fields in OOK, BPSK, and Polsk signals. The proposed system is verified through VPI Transmission Maker 8.5. Simulation results show that the proposed system can achieve sequence recognition in optical OOK, BPSK, and Polsk signals at the data rate of 80 Gbps. [ABSTRACT FROM AUTHOR]

Published

2023

40. Design of Computer Network Security Intrusion Prevention Strategy and Evaluation Algorithm Analysis Technology.

Author

Wang, Fengzheng

Subjects

FIREWALLS (Computer security), COMPUTER engineering, COMPUTER network security, DATA encryption, COMPUTER networks, ALGORITHMS, ANTIVIRUS software, INFORMATION networks

Abstract

With the continuous improvement of global informatization, computer networks have basically reached complete popularization. In today's society, it has become a major application and provides corresponding services for various industries. Therefore, it is necessary to effectively protect various information in the network. Therefore, this article provided a detailed discussion on the problems existing in computer network information security. These issues included their own reasons, hacker intrusion, and spam. Based on this, this article explored computer network information security protection strategies such as deploying data encryption, timely patching system vulnerabilities, and installing firewalls and antivirus software. The experimental results showed that the network output values of the clustering algorithm were: 0.888 for level 1, 0.725 for level 2, 0.678 for level 3, 0.461 for level 4, and 0.211 for level 5. These were all within the scope. [ABSTRACT FROM AUTHOR]

Published

2023

41. Design and Implementation of an Automated Dynamic Rule System for Distributed Firewalls.

Author

TUDOSI, Andrei-Daniel, GRAUR, Adrian, BALAN, Doru Gabriel, POTORAC, Alin Dan, and TARABUTA, Radu-Cezar

Subjects

DYNAMICAL systems, ANTIVIRUS software, FIREWALLS (Computer security), COMPUTER network security, COMPUTER network management, TRAFFIC monitoring

Abstract

Zero-day vulnerabilities are undisclosed security flaws exploited by attackers to gain unauthorized access to vulnerable systems. Firewalls and antivirus software are essential for preventing intrusions. While firewalls monitor network traffic to prevent unauthorized access, they may struggle to filter all incoming traffic due to attacker-generated anomalies. We present a novel approach to automate the generation of dynamic firewall rules, aiming to address this challenge through the utilization of a custom software solution in conjunction with a suitable programming language. This approach autonomously maintains and updates firewall rules, bolstering network security and streamlining the identification and mitigation of zero-day vulnerabilities. We evaluated the approach on a simulated network, demonstrating its efficacy in detecting and preventing unauthorized access through zero-day attacks. Our automated method for dynamic firewall rule creation offers an efficient means to address zero-day vulnerabilities. It empowers businesses to safeguard against cyberattacks and protect sensitive data. With adaptability to changing network requirements, it is valuable for organizations of different scales. In conclusion, our proposed automated approach for dynamic firewall rule generation provides a scientifically validated solution to address zero-day vulnerabilities. It enhances security measures, defends against emerging threats, and enables businesses to protect their systems and data effectively. [ABSTRACT FROM AUTHOR]

Published

2023

42. Analysis of ICS and SCADA Systems Attacks Using Honeypots.

Author

Mesbah, Mohamed, Elsayed, Mahmoud Said, Jurcut, Anca Delia, and Azer, Marianne

Subjects

SUPERVISORY control & data acquisition systems, DIGITAL technology, INFORMATION technology, INDUSTRIAL controls manufacturing, FIREWALLS (Computer security), SUPERVISORY control systems, NEAR field communication

Abstract

Supervisory control and data acquisition (SCADA) attacks have increased due to the digital transformation of many industrial control systems (ICS). Operational technology (OT) operators should use the defense-in-depth concept to secure their operations from cyber attacks and reduce the surface that can be attacked. Layers of security, such as firewalls, endpoint solutions, honeypots, etc., should be used to secure traditional IT systems. The three main goals of IT cybersecurity are confidentiality, integrity, and availability (CIA), but these three goals have different levels of importance in the operational technology (OT) industry. Availability comes before confidentiality and integrity because of the criticality of business in OT. One of the layers of security in both IT and OT is honeypots. SCADA honeypots are used as a layer of security to mitigate attacks, known attackers' techniques, and network and system weaknesses that attackers may use, and to mitigate these vulnerabilities. In this paper, we use SCADA honeypots for early detection of potential malicious tampering within a SCADA device network, and to determine threats against ICS/SCADA networks. An analysis of SCADA honeypots gives us the ability to know which protocols are most commonly attacked, and attackers' behaviors, locations, and goals. We use an ICS/SCADA honeypot called Conpot, which simulates real ICS/SCADA systems with some ICS protocols and ICS/SCADA PLCs. [ABSTRACT FROM AUTHOR]

Published

2023

43. 보안 DNS의 데이터를 이용한 동적 감염 클라이언트 격리 기법.

Author

고귀한 and 노동건

Subjects

COMPUTER network security, ACCESS control, TUNNEL design & construction, FIREWALLS (Computer security), INTERNET domain naming system, INFECTION

Abstract

Even if a secure DNS is used to prevent various DNS attacks, it is very difficult to establish detailed security policies for groups and individuals by distinguishing them who have already been infected. This is because secure DNS is designed with a function at the level of blocking only the access of malicious URLs or IPs in the step of mapping domains to IPs. Most of this isolation and blocking functions are performed by network security solutions such as firewalls. Therefore, in this paper, intrusion indicator data of secure DNS is shared with network access control solutions and next-generation firewalls in the form of Outbound Rest API or Syslog Notification to make infected clients dynamically isolated and blocked. Through this, the suggested scheme effectively blocks not only DNS attacks such as DNS Tunneling, but also the next detour attacks which are performed when DNS attacks are failed, thus prevent duplicate infection of the same internal network users more quickly. [ABSTRACT FROM AUTHOR]

Published

2023

44. NEVER PAY FOR PC REPAIRS.

Author

Irvine, Robert

Subjects

COMPUTER network protocols, ANTIVIRUS software, FIREWALLS (Computer security), COMPUTER software developers, INTERNET protocols, INTERNET traffic, INTERNET access

Abstract

If you prefer to use third-party antivirus software in Windows, such as Norton 360 (see our Reader Offer on page 70), Windows should automatically detect its installation and disable Microsoft Defender and Windows Firewall. FixWin can force Windows to detect which security software you have installed FixWin repairs Microsoft Defender Antivirus by reregistering multiple DLL files Use FixWin to remove "administrator" restrictions from Windows tools Re-enable the Hibernate feature The power-saving feature Hibernate is unnecessary if your PC has an SSD, but it's useful for traditional hard drives. 2 Solve problems with Microsoft Store apps Lots of great free Windows tools are now available as apps from the Microsoft Store, rather than - or as well as - traditional desktop programs. Five FixWin settings you should ignore Reset Internet Explorer FixWin includes several IE fixes that have presumably carried over from a previous version of the program. [Extracted from the article]

Published

2023

45. Gates provide various safety features.

Subjects

STAINLESS steel welding, FIREWALLS (Computer security), LITHIUM-ion batteries, MATERIALS handling equipment, INDUSTRIAL safety

Abstract

The article offers information on Slam-Proof EdgeHalt Posi-Stop Ladder Safety Gates available in single and double configurations, designed for situations with limited side room and small swing areas.

Published

2023

46. Windows-Datenschutz perfekt einstellen.

Author

FREIST, ROLAND

Subjects

PRIVACY, CUSTOMIZATION, MOBILE apps, NOTEBOOKS, ADVERTISING, FIREWALLS (Computer security)

Abstract

Copyright of PC Welt Plus is the property of IDG Communications, Inc. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2023

47. Alles gratis ausprobieren.

Author

MÜLLER, FRANK

Subjects

COMPUTER security, MACINTOSH (Computer), VIRTUAL reality, BACK up systems, MALWARE, FIREWALLS (Computer security)

Abstract

Copyright of PC Welt Plus is the property of IDG Communications, Inc. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2023

48. A Review of Cyber Security Threats Against RE Infrastructure and Mitigation Approaches.

Author

Abdalla, Ahmed, Harrye, Yasen, and Mahasneh, Hassan

Subjects

INTERNET security, RENEWABLE energy industry, COMPUTER crimes, FIREWALLS (Computer security), INTERNET of things

Abstract

Renewable energies are growing industries with enormous potential. However, like any other industry, it is not without its risks. One of the biggest dangers facing Renewable energy industry is cyberattacks. Hackers could target solar and wind turbine energy companies in order to steal customer data, sabotage operations, cause financial loss and physical damage to equipment. The threat landscape is constantly evolving, and the consequences of a successful attack could be catastrophic. The industry must remain vigilant and continue to invest in cybersecurity in order to protect this vital infrastructure. Energy producers must be vigilant in protecting their systems from cyberattacks. They should have strong security protocols in place, such as firewalls, data encryption, train their employees in cybersecurity best practices and update system software and hardware against vulnerability. In this paper will present an overview of cyber threats for renewable energy industries and some solutions especially solar and wind turbine. [ABSTRACT FROM AUTHOR]

Published

2023

49. Evaluation of ensemble method for multiclass classification on unbalanced data.

Author

Rosita, Ayunda Afiani, Kurnia, Anang, Djuraidah, Anik, Afendi, Farit M., and Raharjo, Mulianto

Subjects

*AIR quality indexes, *FIREWALLS (Computer security), *EVALUATION methodology, *K-nearest neighbor classification, *RANDOM forest algorithms, *DECISION trees, *NAIVE Bayes classification

Abstract

One of the problems that often arise in classification analysis is unbalanced data. This problem causes misclassification, so that it affects the sensitivity, especially in the minority class. Unbalanced data can be handled using Synthetic Minority Oversampling Technique (SMOTE). In addition, the ensemble method is used in the classification process because it can improve classification performance. The study evaluates the ensemble method and combines it with the SMOTE to deal with the problem. The data used in this study include balance-scale, nursery, red wine quality, internet firewall, and Air Pollution Index. The study focused on random forest and adaboost in the class of ensemble methods and as a comparison to determine the good performance of this method, the k-Nearest Neighbor (KNN) and decision tree in the class of single classifier. The results are evaluated by comparing the ensemble and single classifier methods based on accuracy, sensitivity, and specificity on the data conditions before and after the SMOTE process. The evaluation of the classification result on the five datasets used shows that the ensemble method tends to provide better performance than decision tree and KNN. Data that has been processed with SMOTE produced a better sensitivity, especially in the minority class. [ABSTRACT FROM AUTHOR]

Published

2022

50. Role of KDD in quality of experience driven detection in wireless network.

Author

Prakash, E. and Sangeetha, M.

Subjects

*SOFTWARE development tools, *POWER tools, *DATABASES, *ALGORITHMS, *FIREWALLS (Computer security)

Abstract

Wireless Network is operator based, QoE Design focus on improving the use of networks and provides and propose a variety of network resource simulation strategies based on the data collected during the surveillance and measuring procedure to maximize QoE. The analysis suggests how the corrupt and inefficient eNodeBs serve can be effectively uncovered using algorithms in a heterogeneous network created with an NS-3 simulation model to forecast user QoE. In future high-density and environmentally friendly wireless services which should be self-organizational and personality, this framework can play a key role.The configuration parameters for the Simulation Analysis included User Numbers, eNodeB Number, eNodeB Broadband, Convey useable eNB power, transmit disorganized eNB power and software tool. NetAnim Set up, node priority - node id, node position (Node X and Y), Node color - Red, Green, Blue, Alpha, Node size, node resolution, IPv4 Address, Mac Addresses. Access point between that firewall and connected with database, server1, server2, etc., Node 3 - mobility model (ns3)L constant position mobility model, network device- type ns3 loopback net device, IPv4 Address and MAC Address, Mobile Netdevice 1: tpe ns3, IPv4 address and MAC Address. [ABSTRACT FROM AUTHOR]

Published

2022