Unprecedented Smart Algorithm for Uninterrupted SDN Services During DDoS Attack

In the design and planning of next-generation Internet of Things(IoT),telecommunication,and satellite communication systems,controller placement is crucial in software-defined networking(SDN).The programmability of the SDN controller is sophisticated for the centralized control system of the entire network.Nevertheless,it creates a significant loophole for the manifestation of a distributed denial of service(DDoS)attack straightforwardly.Furthermore,recently a Distributed Reflected Denial of Service(DRDoS)attack,an unusual DDoS attack,has been detected.However,minimal deliberation has given to this forthcoming single point of SDN infrastructure failure problem.Moreover,recently the high frequencies of DDoS attacks have increased dramatically.In this paper,a smart algorithm for planning SDN smart backup controllers under DDoS attack scenarios has proposed.Our proposed smart algorithm can recommend single or multiple smart backup controllers in the event of DDoS occurrence.The obtained simulated results demonstrate that the validation of the proposed algorithm and the performance analysis achieved 99.99%accuracy in placing the smart backup controller under DDoS attacks within 0.125 to 46508.7 s in SDN.

Collision-Based Chosen-Message Simple Power Clustering Attack Algorithm

Chosen-message pair Simple Power Analysis (SPA) attacks were proposed by Boer, Yen and Homma, and are attack methods based on searches for collisions of modular multiplication. However, searching for collisions is difficult in real environments. To circumvent this problem, we propose the Simple Power Clustering Attack (SPCA), which can automatically identify the modular multiplication collision. The insignificant effects of collision attacks were validated in an Application Specific Integrated Circuit (ASIC) environment. After treatment with SPCA, the automatic secret key recognition rate increased to 99%.

Short Range Top Attack Trajectory Optimum Design Based on Genetic Algorithm

A flying-body is considered as the reference model, the optimized mathematical model is established. The genetic operators are designed and algorithm parameters are selected reasonably. The scheme control signal in short range top attack flight trajectory is optimized by using genetic algorithm. The short range top attack trajectory designed meets the design requirements, with the increase of the falling angle and the decrease of the minimum range. The application of genetic algorithm to top attack trajectory optimization is proved to be feasibly and effectively according to the analyses of results.

Robust Hybrid Artificial Fish Swarm Simulated Annealing Optimization Algorithm for Secured Free Scale Networks against Malicious Attacks

Due to the recent proliferation of cyber-attacks,highly robust wireless sensor networks(WSN)become a critical issue as they survive node failures.Scale-free WSN is essential because they endure random attacks effectively.But they are susceptible to malicious attacks,which mainly targets particular significant nodes.Therefore,the robustness of the network becomes important for ensuring the network security.This paper presents a Robust Hybrid Artificial Fish Swarm Simulated Annealing Optimization(RHAFS-SA)Algorithm.It is introduced for improving the robust nature of free scale networks over malicious attacks(MA)with no change in degree distribution.The proposed RHAFS-SA is an enhanced version of the Improved Artificial Fish Swarm algorithm(IAFSA)by the simulated annealing(SA)algorithm.The proposed RHAFS-SA algorithm eliminates the IAFSA from unforeseen vibration and speeds up the convergence rate.For experimentation,free scale networks are produced by the Barabási–Albert(BA)model,and real-world networks are employed for testing the outcome on both synthetic-free scale and real-world networks.The experimental results exhibited that the RHAFS-SA model is superior to other models interms of diverse aspects.

An Anti-Physical Attack Scheme of ARX Lightweight Algorithms for IoT Applications

The lightweight encryption algorithm based on Add-Rotation-XOR(ARX)operation has attracted much attention due to its high software affinity and fast operation speed.However,lacking an effective defense scheme for physical attacks limits the applications of the ARX algorithm.The critical challenge is how to weaken the direct dependence between the physical information and the secret key of the algorithm at a low cost.This study attempts to explore how to improve its physical security in practical application scenarios by analyzing the masking countermeasures of ARX algorithms and the leakage causes.Firstly,we specify a hierarchical security framework by quantitatively evaluating the indicators based on side-channel attacks.Then,optimize the masking algorithm to achieve a trade-off balance by leveraging the software-based local masking strategies and non-full-round masking strategies.Finally,refactor the assembly instruction to improve the leaks by exploring the leakage cause at assembly instruction.To illustrate the feasibility of the proposed scheme,we further conducted a case study by designing a software-based masking method for Chaskey.The experimental results show that the proposed method can effectively weaken the impact of physical attacks.

AES RSA-SM2 Algorithm against Man-in-the-Middle Attack in IEC 60870-5-104 Protocol

The IEC60870-5-104 protocol lacks an integrated authentication mechanism during plaintext transmission, and is vulnerable to security threats, monitoring, tampering, or cutting off communication connections. In order to verify the security problems of 104 protocol, the 104 master-slave communication implemented DoS attacks, ARP spoofing and Ettercap packet filtering and other man-in-the-middle attacks. DoS attacks may damage the network functions of the 104 communication host, resulting in communication interruption. ARP spoofing damaged the data privacy of the 104 protocol, and Ettercap packet filtering cut off the communication connection between the master and the slave. In order to resist the man-in-the-middle attack, the AES and RSA hybrid encryption signature algorithm and the national secret SM2 elliptic curve algorithm are proposed. AES and RSA hybrid encryption increases the security strength of communication data and realizes identity authentication. The digital signature implemented by the SM2 algorithm can realize identity verification, ensure that the data has not been tampered with, and can ensure the integrity of the data. Both of them improve the communication security of the 104 protocol.

Evaluating the Efficacy of Latent Variables in Mitigating Data Poisoning Attacks in the Context of Bayesian Networks:An Empirical Study

Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.

Defence Against Adversarial Attacks Using Clustering Algorithm

Deep learning model is vulnerable to adversarial examples in the task of image classification. In this paper, a cluster-based method for defending against adversarial examples is proposed. Each adversarial example before attacking a classifier is reconstructed by a clustering algorithm according to the pixel values. The MNIST database of handwritten digits was used to assess the defence performance of the method under the fast gradient sign method (FGSM) and the DeepFool algorithm. The defence model proposed is simple and the trained classifier does not need to be retrained.

DDoS Attack Detection Using Heuristics Clustering Algorithm and Naive Bayes Classification

In recent times among the multitude of attacks present in network system, DDoS attacks have emerged to be the attacks with the most devastating effects. The main objective of this paper is to propose a system that effectively detects DDoS attacks appearing in any networked system using the clustering technique of data mining followed by classification. This method uses a Heuristics Clustering Algorithm (HCA) to cluster the available data and Na?ve Bayes (NB) classification to classify the data and detect the attacks created in the system based on some network attributes of the data packet. The clustering algorithm is based in unsupervised learning technique and is sometimes unable to detect some of the attack instances and few normal instances, therefore classification techniques are also used along with clustering to overcome this classification problem and to enhance the accuracy. Na?ve Bayes classifiers are based on very strong independence assumptions with fairly simple construction to derive the conditional probability for each relationship. A series of experiment is performed using “The CAIDA UCSD DDoS Attack 2007 Dataset” and “DARPA 2000 Dataset” and the efficiency of the proposed system has been tested based on the following performance parameters: Accuracy, Detection Rate and False Positive Rate and the result obtained from the proposed system has been found that it has enhanced accuracy and detection rate with low false positive rate.

HEURISTIC PARTICLE SWARM OPTIMIZATION ALGORITHM FOR AIR COMBAT DECISION-MAKING ON CMTA

Combining the heuristic algorithm （HA） developed based on the specific knowledge of the cooperative multiple target attack （CMTA） tactics and the particle swarm optimization （PSO）, a heuristic particle swarm optimization （HPSO） algorithm is proposed to solve the decision-making （DM） problem. HA facilitates to search the local optimum in the neighborhood of a solution, while the PSO algorithm tends to explore the search space for possible solutions. Combining the advantages of HA and PSO, HPSO algorithms can find out the global optimum quickly and efficiently. It obtains the DM solution by seeking for the optimal assignment of missiles of friendly fighter aircrafts （FAs） to hostile FAs. Simulation results show that the proposed algorithm is superior to the general PSO algorithm and two GA based algorithms in searching for the best solution to the DM problem.

Fast and secure elliptic curve scalar multiplication algorithm based on special addition chains

To resist the side chaimel attacks of elliptic curve cryptography, a new fast and secure point multiplication algorithm is proposed. The algorithm is based on a particular kind of addition chains involving only additions, providing a natural protection against side channel attacks. Moreover, the new addition formulae that take into account the specific structure of those chains making point multiplication very efficient are proposed. The point multiplication algorithm only needs 1 719 multiplications for the SAC260 of 160-bit integers. For chains of length from 280 to 260, the proposed method outperforms all the previous methods with a gain of 26% to 31% over double-and add, 16% to22% over NAF, 7% to 13% over4-NAF and 1% to 8% over the present best algorithm--double-base chain.

An Effective and Scalable VM Migration Strategy to Mitigate Cross-VM Side-Channel Attacks in Cloud

Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.

Adversarial Attacks on Content-Based Filtering Journal Recommender Systems

Recommender systems are very useful for people to explore what they really need.Academic papers are important achievements for researchers and they often have a great deal of choice to submit their papers.In order to improve the efficiency of selecting the most suitable journals for publishing their works,journal recommender systems(JRS)can automatically provide a small number of candidate journals based on key information such as the title and the abstract.However,users or journal owners may attack the system for their own purposes.In this paper,we discuss about the adversarial attacks against content-based filtering JRS.We propose both targeted attack method that makes some target journals appear more often in the system and non-targeted attack method that makes the system provide incorrect recommendations.We also conduct extensive experiments to validate the proposed methods.We hope this paper could help improve JRS by realizing the existence of such adversarial attacks.

Analysis on the Parameter Selection Method for FLUSH+RELOAD Based Cache Timing Attack on RSA

FLUSH+RELOAD attack is recently proposed as a new type of Cache timing attacks.There are three essential factors in this attack,which are monitored instructions.threshold and waiting interval.However,existing literature seldom exploit how and why they could affect the system.This paper aims to study the impacts of these three parameters,and the method of how to choose optimal values.The complete rules for choosing the monitored instructions based on necessary and sufficient condition are proposed.How to select the optimal threshold based on Bayesian binary signal detection principal is also proposed.Meanwhile,the time sequence model of monitoring is constructed and the calculation of the optimal waiting interval is specified.Extensive experiments are conducted on RSA implemented with binary square-and-multiply algorithm.The results show that the average success rate of full RSA key recovery is89.67%.

QIM digital watermarkingbased on LDPC code and messagepassingunder scalingattacks

Watermarking system based on quantization index modulation （QIM） is increasingly popular in high payload applications,but it is inherently fragile against amplitude scaling attacks.In order to resist desynchronization attacks of QIM digital watermarking,a low density parity check （LDPC） code-aided QIM watermarking algorithm is proposed,and the performance of QIM watermarking system can be improved by incorporating LDPC code with message passing estimation/detection framework.Using the theory of iterative estimation and decoding,the watermark signal is decoded by the proposed algorithm through iterative estimation of amplitude scaling parameters and decoding of watermark.The performance of the proposed algorithm is closer to the dirty paper Shannon limit than that of repetition code aided algorithm when the algorithm is attacked by the additive white Gaussian noise.For constant amplitude scaling attacks,the proposed algorithm can obtain the accurate estimation of amplitude scaling parameters.The simulation result shows that the algorithm can obtain similar performance compared to the algorithm without desynchronization.

APU-D* Lite: Attack Planning under Uncertainty Based on D* Lite

With serious cybersecurity situations and frequent network attacks,the demands for automated pentests continue to increase,and the key issue lies in attack planning.Considering the limited viewpoint of the attacker,attack planning under uncertainty is more suitable and practical for pentesting than is the traditional planning approach,but it also poses some challenges.To address the efficiency problem in uncertainty planning,we propose the APU-D*Lite algorithm in this paper.First,the pentest framework is mapped to the planning problem with the Planning Domain Definition Language(PDDL).Next,we develop the pentest information graph to organize network information and assess relevant exploitation actions,which helps to simplify the problem scale.Then,the APU-D*Lite algorithm is introduced based on the idea of incremental heuristic searching.This method plans for both hosts and actions,which meets the requirements of pentesting.With the pentest information graph as the input,the output is an alternating host and action sequence.In experiments,we use the attack success rate to represent the uncertainty level of the environment.The result shows that APU-D*Lite displays better reliability and efficiency than classical planning algorithms at different attack success rates.

Research on the Active DDoS Filtering Algorithm Based on IP Flow

Distributed Denial-of-Service (DDoS) attacks against public web servers are increasingly common. Countering DDoS attacks are becoming ever more challenging with the vast resources and techniques increasingly available to attackers. It is impossible for the victim servers to work on the individual level of on-going traffic flows. In this paper, we establish IP Flow which is used to select proper features for DDoS detection. The IP flow statistics is used to allocate the weights for traffic routing by routers. Our system protects servers from DDoS attacks without strong client authentication or allowing an attacker with partial connectivity information to repeatedly disrupt communications. The new algorithm is thus proposed to get efficiently maximum throughput by the traffic filtering, and its feasibility and validity have been verified in a real network circumstance. The experiment shows that it is with high average detection and with low false alarm and miss alarm. Moreover, it can optimize the network traffic simultaneously with defending against DDoS attacks, thus eliminating efficiently the global burst of traffic arising from normal traffic.

An Early Stage Detecting Method against SYN Flooding Attacks

Existing detection methods against SYN flooding attacks are effective only at the later stages when attacking signatures are obvious.In this paper an early stage detecting method(ESDM) is proposed.The ESDM is a simple but effective method to detect SYN flooding attacks at the early stage.In the ESDM the SYN traffic is forecasted by autoregressive integrated moving average model, and non-parametric cumulative sum algorithm is used to find the SYN flooding attacks according to the forecasted traffic.Trace-driven simulations show that ESDM is accurate and efficient to detect the SYN flooding attacks.

A Novel Shilling Attack Detection Model Based on Particle Filter and Gravitation

With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profiles into recommender systems to manipulate recommendation results. As one of the most important attack methods in recommender systems, the shilling attack has been paid considerable attention, especially to its model and the way to detect it. Among them, the loose version of Group Shilling Attack Generation Algorithm (GSAGenl) has outstanding performance. It can be immune to some PCC (Pearson Correlation Coefficient)-based detectors due to the nature of anti-Pearson correlation. In order to overcome the vulnerabilities caused by GSAGenl, a gravitation-based detection model (GBDM) is presented, integrated with a sophisticated gravitational detector and a decider. And meanwhile two new basic attributes and a particle filter algorithm are used for tracking prediction. And then, whether an attack occurs can be judged according to the law of universal gravitation in decision-making. The detection performances of GBDM, HHT-SVM, UnRAP, AP-UnRAP Semi-SAD,SVM-TIA and PCA-P are compared and evaluated. And simulation results show the effectiveness and availability of GBDM.

Dynamic Threshold-Based Approach to Detect Low-Rate DDoS Attacks on Software-Defined Networking Controller

The emergence of a new network architecture,known as Software Defined Networking(SDN),in the last two decades has overcome some drawbacks of traditional networks in terms of performance,scalability,reliability,security,and network management.However,the SDN is vulnerable to security threats that target its controller,such as low-rate Distributed Denial of Service(DDoS)attacks,The low-rate DDoS attack is one of the most prevalent attacks that poses a severe threat to SDN network security because the controller is a vital architecture component.Therefore,there is an urgent need to propose a detection approach for this type of attack with a high detection rate and low false-positive rates.Thus,this paper proposes an approach to detect low-rate DDoS attacks on the SDN controller by adapting a dynamic threshold.The proposed approach has been evaluated using four simulation scenarios covering a combination of low-rate DDoS attacks against the SDN controller involving(i)a single host attack targeting a single victim;(ii)a single host attack targeting multiple victims;(iii)multiple hosts attack targeting a single victim;and(iv)multiple hosts attack targeting multiple victims.The proposed approach’s average detection rates are 96.65%,91.83%,96.17%,and 95.33%for the above scenarios,respectively;and its average false-positive rates are 3.33%,8.17%,3.83%,and 4.67%for similar scenarios,respectively.The comparison between the proposed approach and two existing approaches showed that it outperformed them in both categories.