Enhanced Mechanism for Link Failure Rerouting in Software-Defined Exchange Point Networks

Internet Exchange Point(IXP)is a system that increases network bandwidth performance.Internet exchange points facilitate interconnection among network providers,including Internet Service Providers(ISPs)andContent Delivery Providers(CDNs).To improve service management,Internet exchange point providers have adopted the Software Defined Network(SDN)paradigm.This implementation is known as a Software-Defined Exchange Point(SDX).It improves network providers’operations and management.However,performance issues still exist,particularly with multi-hop topologies.These issues include switch memory costs,packet processing latency,and link failure recovery delays.The paper proposes Enhanced Link Failure Rerouting(ELFR),an improved mechanism for rerouting link failures in software-defined exchange point networks.The proposed mechanism aims to minimize packet processing time for fast link failure recovery and enhance path calculation efficiency while reducing switch storage overhead by exploiting the Programming Protocol-independent Packet Processors(P4)features.The paper presents the proposed mechanisms’efficiency by utilizing advanced algorithms and demonstrating improved performance in packet processing speed,path calculation effectiveness,and switch storage management compared to current mechanisms.The proposed mechanism shows significant improvements,leading to a 37.5%decrease in Recovery Time(RT)and a 33.33%decrease in both Calculation Time(CT)and Computational Overhead(CO)when compared to current mechanisms.The study highlights the effectiveness and resource efficiency of the proposed mechanism in effectively resolving crucial issues inmulti-hop software-defined exchange point networks.

Monitoring Peer-to-Peer Botnets:Requirements,Challenges,and Future Works

The cyber-criminal compromises end-hosts(bots)to configure a network of bots(botnet).The cyber-criminals are also looking for an evolved architecture that makes their techniques more resilient and stealthier such as Peer-to-Peer(P2P)networks.The P2P botnets leverage the privileges of the decentralized nature of P2P networks.Consequently,the P2P botnets exploit the resilience of this architecture to be arduous against take-down procedures.Some P2P botnets are smarter to be stealthy in their Commandand-Control mechanisms(C2)and elude the standard discovery mechanisms.Therefore,the other side of this cyberwar is the monitor.The P2P botnet monitoring is an exacting mission because the monitoring must care about many aspects simultaneously.Some aspects pertain to the existing monitoring approaches,some pertain to the nature of P2P networks,and some to counter the botnets,i.e.,the anti-monitoring mechanisms.All these challenges should be considered in P2P botnet monitoring.To begin with,this paper provides an anatomy of P2P botnets.Thereafter,this paper exhaustively reviews the existing monitoring approaches of P2P botnets and thoroughly discusses each to reveal its advantages and disadvantages.In addition,this paper groups the monitoring approaches into three groups:passive,active,and hybrid monitoring approaches.Furthermore,this paper also discusses the functional and non-functional requirements of advanced monitoring.In conclusion,this paper ends by epitomizing the challenges of various aspects and gives future avenues for better monitoring of P2P botnets.

Feature Selection for Detecting ICMPv6-Based DDoS Attacks Using Binary Flower Pollination Algorithm

Internet Protocol version 6(IPv6)is the latest version of IP that goal to host 3.4×10^(38)unique IP addresses of devices in the network.IPv6 has introduced new features like Neighbour Discovery Protocol(NDP)and Address Auto-configuration Scheme.IPv6 needed several protocols like the Address Auto-configuration Scheme and Internet Control Message Protocol(ICMPv6).IPv6 is vulnerable to numerous attacks like Denial of Service(DoS)and Distributed Denial of Service(DDoS)which is one of the most dangerous attacks executed through ICMPv6 messages that impose security and financial implications.Therefore,an Intrusion Detection System(IDS)is a monitoring system of the security of a network that detects suspicious activities and deals with amassive amount of data comprised of repetitive and inappropriate features which affect the detection rate.A feature selection(FS)technique helps to reduce the computation time and complexity by selecting the optimum subset of features.This paper proposes a method for detecting DDoS flooding attacks(FA)based on ICMPv6 messages using a Binary Flower PollinationAlgorithm(BFPA-FA).The proposed method(BFPA-FA)employs FS technology with a support vector machine(SVM)to identify the most relevant,influential features.Moreover,The ICMPv6-DDoS dataset was used to demonstrate the effectiveness of the proposed method through different attack scenarios.The results show that the proposed method BFPAFA achieved the best accuracy rate(97.96%)for the ICMPv6 DDoS detection with a reduced number of features(9)to half the total(19)features.The proven proposed method BFPA-FAis effective in the ICMPv6 DDoS attacks via IDS.

Intrusion Detection Systems Using Blockchain Technology: A Review, Issues and Challenges

Intrusion detection systems that have emerged in recent decades can identify a variety of malicious attacks that target networks by employing several detection approaches.However,the current approaches have challenges in detecting intrusions,which may affect the performance of the overall detection system as well as network performance.For the time being,one of the most important creative technological advancements that plays a significant role in the professional world today is blockchain technology.Blockchain technology moves in the direction of persistent revolution and change.It is a chain of blocks that covers information and maintains trust between individuals no matter how far apart they are.Recently,blockchain was integrated into intrusion detection systems to enhance their overall performance.Blockchain has also been adopted in health-care,supply chain management,and the Internet of Things.Blockchain uses robust cryptography with private and public keys,and it has numerous properties that have leveraged security’s performance over peer-to-peer networks without the need for a third party.To explore and highlight the importance of integrating blockchain with intrusion detection systems,this paper provides a comprehensive background of intrusion detection systems and blockchain technology.Furthermore,a comprehensive review of emerging intrusion detection systems based on blockchain technology is presented.Finally,this paper suggests important future research directions and trending topics in intrusion detection systems based on blockchain technology.