Wyniki wyszukiwania - Biblioteka Nauki

1

Secure IP Network Model

100%

Apiecionek Ł. , Romantowski M.

Computational Methods in Science and Technology

|

2013

|

tom Vol. 19, No. 4

209--216

2

Strategies for Computer Networks Security

87%

Gapiński A.

Kwartalnik Nauk o Przedsiębiorstwie

|

2014

|

tom 32

|

nr 3

EN

IT security of computer networks plays an increasingly important role in business operations; but at the same time the importance of its systematic improvement not always is perceived, nor are implemented ameliorations due to incorrectly accepted models or strategies. Some models of the global computer network comprehensive protection, called trust framework, are discussed by the author of this article.

3

Anomaly detection system based on sparse signal representation

80%

Andrysiak T. , Saganowski Ł.

Image Processing & Communications

|

2011

|

tom Vol. 16, no 3-4

37-44

EN

In this paper we present further expansion of our matching pursuit methodology for anomaly detection in computer networks. In our previous work we proposed new signal based algorithm for intrusion detection systems based on anomaly detection approach on the basis of the Matching Pursuit algorithm. This time we present completely different approach to generating base functions (atoms) dictionary. We propose modification of K-SVD [1] algorithm in order to select atoms from real 1-D signal which represents network traffic features. Dictionary atoms selected in this way have the ability to approximate different 1-D signals representing network traffic features. Achieved dictionary was used to detect network anomalies on benchmark data sets. Results were compared to the dictionary based on analytical 1-D Gabor atoms.

4

Określenie bieżącej wartości poziomu bezpieczeństwa sieci korporacyjnej

80%

Śliwiński G. , Korostil J.

Studia Informatica

|

2002

|

tom Vol. 23, nr 2B

271-277

PL

W obecnym czasie występuje dość dużo różnych sposobów ochrony sieci korporacyjnej przed groźbą niepowołanej ingerencji w pracę w sieci. Przykładami takich sposobów mogą być: trasery sieciowe systemu stwierdzające atak, środki przeciwdziałające atakom, inne specjalne środki ochrony protokołów łączności. Środki te są ukierunkowane na wykonywanie odrębnych zadań w systemie bezpieczeństwa określonych sieci. Ich koszty są dość wysokie i dlatego nie każdy użytkownik sieci korporacyjnej może sobie pozwolić na ich nabycie i eksploatację.

EN

Nowadays, there is a lot of different ways to secure corporate networks from some attacks. Good examples of such solutions can be network tracerouters, network attacks detection systems and preventives against such attacts and other specialpreventives of connections protocols. These elements are oriented for separated works in security system dedicated networks and because they are very expansive, not everyone can buy ad use such a solution.

5

Representativeness analysis and possible applications of partial network data flows

80%

Bolanowski M. , Paszkiewicz A. , Wroński M. , Żegleń R.

Measurement Automation Monitoring

|

2016

|

tom Vol. 62, No. 1

29--32

EN

A new approach to statistical analysis of network flows and its possible application to statistical anomaly detection in high bandwidth communication networks are presented in the paper. The whole data stream was divided into smaller flows using Link Aggregation Control Protocol (LACP). A statistical analysis of the resulting flows shows that a single stream separated from the overall network traffic is representative when it comes to statistical anomaly detection. Such an approach allows the reduction of hardware resources needed to detect anomalies, and makes such a detection possible in high traffic communication systems.

6

New architecture of system intrusion detection and prevention

80%

Nycz M. , Hajder M. , Gerka A.

Annales Universitatis Mariae Curie-Skłodowska. Sectio AI, Informatica

|

2016

|

tom Vol. 16, no. 2

20--24

EN

In this article there has been presented new intrusion detection and prevention algorithm implemented on Raspberry Pi platform. The paper begins with the presentation of research methodology in the field of Intrusion Detection Systems. Adequate supervision and control over network traffic is crucial for the security of information and communication technology. As a result of the limited budget allocated for the IT infrastructure of small businesses and the high price of dedicated solutions, many companies do not use mentioned systems. Therefore, in this order, there has been proposed monitoring solution based on the generally available Raspberry Pi platform. The paper is addressed to network administrators.

7

L-SCANN: Logarithmic Subcentroid and Nearest Neighbor

80%

Tohari A. , Kharisma M.

Journal of Telecommunications and Information Technology

|

2016

|

tom nr 4

71--80

EN

Securing a computer network has become a need in this digital era. One way to ensure the security is by deploying an intrusion detection system (IDS), which some of them employs machine learning methods, such as k-nearest neighbor. Despite its strength for detecting intrusion, there are some factors, which should be improved. In IDS, some research has been done in terms of feature generation or feature selection. However, its performance may not be good enough. In this paper, a method to increase the quality of the generated features while maintaining its high accuracy and low computational time is proposed. This is done by reducing the search space in training data. In this case, the authors use distance between the evaluated point and the centroid of the other clusters, as well as the logarithmic distance between the evaluated point and the subcentroid of the respective cluster. Besides the performance, the effect of homogeneity in extracting centroid and subcentroid on the accuracy of the detection model is also evaluated. Based on conducted experiment, authors find that the proposed method is able to decrease processing time and increase the performance. In more details, by using NSL-KDD 20% dataset, there is an increase of 4%, 2%, and 6% from those of TANN in terms of accuracy, sensitivity and specificity, respectively. Similarly, by using Kyoto 2006 dataset, proposed method rises 1%, 3%, and 2% than those of TANN.

8

QoS Requirements as Factor of Trust to 5G Network

80%

Tikhvinskiy V. , Bochechka G. , Gryazev A.

Journal of Telecommunications and Information Technology

|

2016

|

tom nr 1

3--8

EN

Trust to modern telecommunications networks plays an important role as a driver of technological and market success of any technology or telecommunication services. Most of the technological approaches to this problem are focused only on network security and do not include such a factor as the quality of service (QoS), which also plays an important role in the formation of trust both from the consumers and the regulator. The future 5G mobile technology will be the engine of development of telecommunications until 2020 and the formation of trust to the 5G networks is one of the main tasks for developers. The authors present the view on the trust to 5G networks in the plane of QoS requirements formation and QoS management. QoS requirements to 5 G networks were determined on the basis of three main business models of services: xMBB, M-MTC and U-MTC and the need to ensure user trust to networks. Infrastructure requirements for QoS control and spectrum management network entities which are based on Network Function Virtualization (NFV) principles have been formed.

9

Ochrona zasobów sieciowych za pomocą techniki Firewall

80%

Fries B.

Telekomunikacja Cyfrowa : technologie i usługi

|

1998

|

tom T. 1, z. 3

138-144

PL

Artykuł jest skierowany do wszystkich, którzy są zainteresowani budową zaawansowanych zabezpieczeń sieciowych. Czytelnik może tu znaleźć praktyczne wskazówki dotyczące wyboru poszczególnych technologii. W artykule znajdują się również podstawowe informacje dotyczące protokołu TCP/IP.

EN

The article is addressed to everybody interested in advanced network security. Reader could find many practical solutions for any particular case. In the article the basic TCP/IP information are also included.

10

Security of ICT networks for logistics

80%

Frączek M.

Logistics and Transport

|

2022

|

tom 53-54

|

nr 1-2

19-36

EN

The overview study contains the most important issues decisive for ensuring the security of logistics ICT networks in the context of contemporary threats, at the same time bearing in mind their military dimension. It highlights the determinants influencing the functioning of the networks used to transmit information. The aspect of the need to ensure the protection of ICT networks dedicated to logistics has not been presented in this approach so far. The author first of all compares economic and hierarchical organizations based on the example of the armed forces. He also referred to the ICT networks of logistics of other uniformed formations.

11

Detecting Password File Theft using Predeﬁned Time-Delays between Certain Password Characters

80%

Mahmoud K. W. , Mansour K. , Makableh A.

Journal of Telecommunications and Information Technology

|

2017

|

tom nr 4

101--108

EN

This paper presents novel mechanisms that effectively detect password ﬁle thefts and at the same time prevent uncovering passwords. The proposed mechanism uses delay between consecutive keystrokes of the password characters. In presented case, a user should not only enter his password correctly during the sign-up process, but also needs to introduce relatively large time gaps between certain password characters. The proposed novel approaches disguise stored passwords by adding a suffix value that helps in detecting password ﬁle theft at the ﬁrst sign-in attempt by an adversary who steals and cracks the hashed password ﬁle. Any attempt to login using a real password without adding the time delays in the correct positions may considered as an impersonation attack, i.e. the password ﬁle has been stolen and cracked.

12

Group signature revocable anonymity scheme for network monitoring

80%

Baniak K.

Annales Universitatis Mariae Curie-Skłodowska. Sectio AI, Informatica

|

2011

|

tom Vol. 11, no. 3

101--115

EN

Subscriber’s Privacy is in a constant conflict with security and accountability providing controls employed for network monitoring activities of service providers and enterprises. This paper presents the results of the author’s research in the field of distributed network security monitoring architectures and the proposal of such a system that incorporates cryptographic protocols and a group signature scheme to deliver privacy protecting, network surveillance system architecture that provides subscriber’s accountability and controlled, revocable anonymity.

13

Problem bezpieczeństwa urządzeń mobilnych

80%

Mendyk-Krajewska T. , Mazur Z.

Studia Informatica

|

2011

|

tom Vol. 32, nr 3A

155-165

PL

W artykule przedstawiono zagadnienie bezpieczeństwa urządzeń mobilnych, wykorzystywanych do połączeń z siecią Internet. Zainteresowaniem objęto urządzenia rozwijające się na bazie telefonii komórkowej. Omówiono rodzaje urządzeń wraz z ich oprogramowaniem systemowym, opisano typy zagrożeń oraz skalę zjawiska, a także podano przykłady zagrożeń i przedstawiono narzędzia do ochrony takich systemów.

EN

This paper presents the issue of security of mobile devices used to connect with internet with the emphasis on the devices designed for cellular network. The types of the devices and their system software have also been discussed and the types of threats, the scale of problem have been described. The paper provides examples of threats and presents tools to protect such systems.

14

Comparing Gausian and exact models of malicious interference in VLC systems

80%

Blinowski G. , Mościcki A.

International Journal of Electronics and Telecommunications

|

2019

|

tom Vol. 65, No. 2

277--286

EN

Visible Light Communication (VLC) is a technique for high-speed, low-cost wireless data transmission based on LED luminaries. Wireless LAN environments are a major application of VLC. In these environments, VLC is used in place of traditional systems such as Wi-Fi. Because of the physical characteristics of visible light, VLC is considered to be superior to traditional radio-based communication in terms of security. However, as in all wireless systems, the security of VLC with respect to eavesdropping, signal jamming and modification must be analyzed. This paper focuses on the aspect of jamming in VLC networks. In environments where multiple VLC transmitters are used, there is the possibility that one or more transmitters will be hostile (or "rogue"). This leads to communication disruption, and in some cases, the hijacking of the legitimate data stream. In this paper we present the theoretical system model that is used in simulations to evaluate various rogue transmission scenarios in a typical indoor enviro.The typical approach used so far in jamming analysis assumes that all disruptive transmissions may be modeled as Gaussian noise, but this assumption may be too simplistic. We analyze and compare two models of VLC jamming: the simplified Gaussian and the exact model, where the full characteristics of the interfering signal are taken into account. Our aim is to determine which methodology is adequate for studying signal jamming in VLC systems.

15

Authentication over Internet Protocol

80%

Apiecionek Ł. , Czerniak J. M. , Romantowski M. , Ewald D. , Tsizh B. , Zarzycki H. , Dobrosielski W. T.

Bulletin of the Polish Academy of Sciences. Technical Sciences

|

2020

|

tom Vol. 68, nr 2

245--253

EN

Defending against DoS (denial of service) attacks has become a great challenge, especially for institutions that provide access to their services in the public network. State-of-the-art identity concealing tools and vast number of computers connected to the network require ensuring appropriate means for entities at risk to enable defence from the particular type of threats. This article presents a concept of user authentication in IP communication. The concept consists in providing the receiver with the possibility to determine sender՚s identity at the Internet layer level. This provides both the capability of defence against DoS attacks and possibility of utilizing the presented model over existing Internet network, which is directly responsible for transmission. The authors hope that the concept is a significant step in the perception of public network data transmission.

16

Efficiency measurement of signature based network intrusion detection systems

80%

Klamra M.

Archiwum Informatyki Teoretycznej i Stosowanej

|

2004

|

tom T. 16, z. 1

33-44

EN

This paper briefly discusses the problem of efficiency of signature based network intrusion detection systems (NIDS). Author, using data gathered during experiments, is trying to create a set of principles that helps to deploy efficient NIDS. The results of some tests are presented, along with conclusions based on those results. The experiment consisted of two stages: testing efficiency of network IDS depending on total amount of signatures and estimating of ability to proper function in high speed network.

PL

Artykuł w skrócie prezentuje problem wydajności opartych na sygnaturach sieciowych systemów wykrywania włamań. Autor wykorzystując dane zdobyte podczas wykonywania eksperymentu próbuje stworzyć zbiór reguł, które pomogą wdrożyć wydajny sieciowy system wykrywania włamań. Wyniki kilku badań zostają przedstawione wraz z wnioskami. Eksperyment składał się z dwóch etapów: badania wydajności sieciowego systemu wykrywania włamań w zależności od całkowitej ilości sygnatur oraz określenia zdolności poprawnej pracy w sieci o dużej przepustowości.

17

Ontology notation and description of vulnerabilities in heterogeneous networks and critical infrastructures

80%

Choraś M. , Flizikowski A. , Stachowicz A. , Redo M. , Renk R. , Hołubowicz W.

Metody Informatyki Stosowanej

|

2008

|

tom nr 4 (Tom 17)

35--44

EN

In this paper a novel approach to describe heterogeneous networks vulnerabilities is presented. We propose an ontology-based approach which can be utilized to describe vulnerabilities in critical architectures, single and multiple domain as well as in heterogeneous networks. In the paper our ontology based on asset-vulnerabilities is presented. The created ontology will be used in security-resiliency framework developed in INTERSECTION Project as well as in the Critical Infrastructures and SCADA ontology in the INSPIRE Project.

18

Security of ICT Networks for Logistics

80%

Frączek M.

Logistics and Transport

|

2022

|

tom Vol. 53-54, No. 1-2

19--35

EN

The overview study contains the most important issues decisive for ensuring the security of logistics ICT networks in the context of contemporary threats, at the same time bearing in mind their military dimension. It highlights the determinants influencing the functioning of the networks used to transmit information. The aspect of the need to ensure the protection of ICT networks dedicated to logistics has not been presented in this approach so far. The author first of all compares economic and hierarchical organizations based on the example of the armed forces. He also referred to the ICT networks of logistics of other uniformed formations.

19

FPGA Implementation of Enhanced ABR Protocol with Auto Defense towards Malicious Node in MANETs

80%

Kumar A. , Jeyapal A. , Gowda R.

Internal Security

|

2012

|

tom 4(2)

137-154

EN

Mobile nodes are self-organizing and adaptive, changes link in unpredictable manner. When a network is formed by such nodes it can be termed as MANETs which can be abbreviated as Mobile AD-Hoc Networks. The main characteristic of such networks is lack of any fixed infrastructure like base station, physical medium etc. Different protocols have been proposed to perform routing for such nodes. Continuous data transmission is challenging due to a frequent breakage in route links. Security is also an important aspect which has to be considered in order to route the data through these vulnerable nodes. In this paper, a protocol called Enhanced Associativity-Based Routing (EABR) - an on-demand protocol - is proposed that can be used in routing for MANETs to provide more stable routing for longer duration than any other existing routing protocols. Overhearing and threshold is introduced in this protocol to fight against malicious nodes. Here, EABR is implemented in Spartan-3 XC3S400-5fg320 FPGA Chip. Using NS2 simulator comparison of EABR and ABR protocol is performed. Thus by Using the EABR protocol, network throughput can be increased to 50% in the presence of malicious nodes without increasing network bandwidth.

20

On the Design of the TCP/AQM Traffic Flow Control Mechanisms

80%

Karpowicz M. P.

Journal of Telecommunications and Information Technology

|

2012

|

tom nr 4

31-37

EN

Several aspects of the TCP/AQM system design are discussed that may affect performance of the network. Namely, due to decentralized structure of the network traffic flow control system in which traffic rate control tasks are delegated to autonomous agents, it may be possible for the agents to profitably re-engineer the TCP congestion control algorithm at the cost of the overall performance of the network. In this paper it is shown how the commonly applied TCP/AQM design procedures may give rise to mechanisms that are prone to attacks discreetly moving the network traffic flow away from the desired operating point. Furthermore, a short discussion is presented concerning the countermeasures that can be taken to reduce these effects.