Enforcing Secure and Privacy-Preserving Information

KaaShiv InfoTech, Number 1 Inplant Training Experts in Chennai.


Enforcing Secure and Privacy-Preserving Information


Today’s organizations raise an increasing need for information sharing via on-demand access. Information brokering systems (IBSs) have been proposedto connect large-scale loosely federated data sources via a brokering overlay,inwhichthebrokers make routing decisions to direct client queries to the requested data servers. Many existing IBSsassume that brokers are trusted and thus only adopt server-side access control for data confidentiality. However, privacy of data location and data consumer can still be inferred from metadata (such as query and access control rules) exchanged within the IBS, but little attention has been put on its protection. In this paper, we propose a novel approach to preserve privacy of multiple stakeholders involved in the information brokering process. We are amongthefirsttoformallydefine two privacy attacks, namelyattribute-correlation attackandinference attack, and propose two countermeasure schemes automaton segmentationandquery segment encryptionto securely share the routing decision-making responsibility among a selected set of brokering servers. With comprehensive security analysis and experimental results, we show that our approach seamlessly integrates security enforcement with query routing to provide system-wide security with insignificant overhead

Brokering system in Data Mining:


Issues related to sharing information in a distributed system are one of the major practical issues consisting of autonomous entities which need to be securely transferred in a heterogeneous multi subdivided systems. Semi-honest nature of the intermediate brokers has been adopted as the base model for adversarial hacking or threats and a secure mechanism to safeguard the system is really wanted information for most of the business owners. The end users are willing to share information's/secure data across the network. Nevertheless, no individual entity will get exposed due to privacy reason. Consider a data is navigated from the user to the coordinators via brokers. In that case, there is a lot of possibility for data leakage and the intermediate people can hack the sensitive data of the users. More possibilities are there for the attacker to infer some of the most important information's on the whole “who is interested in what“ , "where who is, or something about the data owner“ , "infers which data server has which data" To overcome the possible flaw of information's leakage, the existing system proposes a technique of encrypting the entire data with partial decryption technique to individual intermediate brokers. Unfortunately, security mechanism in validating the end to end users is missed out here and we are trying to incorporate a digital signature based verification system which provides a highest secure data transmission channel.


kaashiv infotech


kaashiv infotech

Related URLs for reference:

[1] A framework for network security situation awareness based on knowledge discovery:


Network security situation awareness provides the unique high level security view based upon thesecurity alert events. But the complexities and diversities of security alert data on modern networksmake such analysis extremely difficult. In this paper, we analyze the existing problems of networksecurity situation awareness system and propose a framework for network security situation awareness based on knowledge discovery. The framework consists of the modeling of network securitysituation and the generation of network security situation. The purpose of modeling is to construct the formal model of network security situation measurement based upon the D-S evidence theory, and support the general process of fusing and analyzing security alert events collected from securitysituation sensors. The generation of network security situation is to extract the frequent patterns and sequential patterns from the dataset of network security situation based upon knowledge discovery method and transform these patterns to the correlation rules of network security situation, and finally to automatically generate the network security situation graph. Application of the integrated NetworkSecurity Situation Awareness system (Net-SSA) shows that the proposed framework supports for the accurate modeling and effective generation of network security situation.

[2]Security Model Based on Network Business Security:


Enterprise network information system is not only the platform for information sharing and information exchanging, but also the platform for enterprise production automation system and enterprise management system working together. As a result, the security defense of enterprise networkinformation system does not only include information system network security and data security, but also include the security of network business running on information system network, which is the confidentiality, integrity, continuity and real-time of network business. According to the security defense of enterprise network information system, this paper proposes the "network business security" concept. In this paper, the object of information security is defined in three parts - data security, network systemsecurity and network business security, and the network business security model is described. The proposal of the concept "network business security" provides theoretical basis for security defense of enterprise automatic production system and enterprise management information system.

[3]CNSSA: A Comprehensive Network Security Situation Awareness System:


With tremendous attacks in the Internet, there is a high demand for network analysts to know about the situations of network security effectively. Traditional network security tools lack the capability of analyzing and assessing network security situations comprehensively. In this paper, we introduce a novel network situation awareness tool CNSSA (Comprehensive Network Security Situation Awareness) to perceive network security situations comprehensively. Based on the fusion of networkinformation, CNSSA makes a quantitative assessment on the situations of network security. It visualizes the situations of network security in its multiple and various views, so that network analysts can know about the situations of network security easily and comprehensively. The case studies demonstrate how CNSSA can be deployed into a real network and how CNSSA can effectively comprehend the situation changes of network security in real time.

[4]Design and realization of computer network security perception control system:


Based on analysis on applications by perception control technology in computer network security status and security protection measures, from the angles of network physical environment and networksoftware system environmental security, this paper provides network security system perception control solution using Internet of Things (IOT), telecom and other perception technologies. SecurityPerception Control System is in the computer network environment, utilizing Radio Frequency Identification (RFID) of IOT and telecom integration technology to carry out integration design for systems. In the network physical security environment, RFID temperature, humidity, gas and perception technologies are used to do surveillance on environmental data, dynamic perception technology is used for network system security environment, user-defined security parameters, security log are used for quick data analysis, extends control on I/O interface, by development of API and AT command, Computer Network Security Perception Control based on Internet and GSM/GPRS is achieved, which enables users to carry out interactive perception and control for network security environment by WEB, E-MAIL as well as PDA, mobile phone short message and Internet. In the system testing, through middleware server, security information data perception in real time with deviation of 3-5% was achieved, it proves the feasibility of Computer Network Security Perception Control System.

[5] Establishing the security foundations for network protocol design:


The foundation of network security have not been paid enough concentrations, and the comprehensive considerations for the solution models in network security have not been explored thoroughly. In this paper, we make the first attempt to establish several models for the security of network protocols. We divide the security of network protocols into two folders: the implementation security of networkprotocols, and the design security of network protocols. Four models are proposed to clarify the securityproblems: software vulnerability model, scalability model, authentication model, and covert model. We also propose several defense principles for all models. The security reduction is also proposed to transform the solution method for security problems to other available security verification and testing approaches. For example, the implementation security of network protocols is reduced to the security of software implementation for parsing protocols, so that the fuzzy test can be used for verification. The pressure test are used for scalability model. The exploration of the paper can help to stimulate the further discussions on the foundations of network security, especially the design security of networkprotocols..

[6]The Research on Network Security Visualization Key Technology:


Managing complex enterprise networks requires an understanding at a fine granularity than traditionalnetwork monitoring. The ability to correlate and visualize the dynamics and inter-relationships among various network components such as hosts, users, and applications is non-trivial. Network securityvisualization is a highlighted topic of network security research in recent years, The existing research situation of network security visualization is analyzed. the paper first proposed the network securitysituation awareness model, and analysis network security situation awareness method, at last, and designed and implemented the security situation visualization prototype system based on geographic information systems, network topology graph, attack paths. The security situation data show in multiple views, multi-angle, multi-level display to the user by visualization technology, therefore the performance of the security situation will be more accurate and vivid, assessment of network security situation become timely and accurate, laying the foundation for rapid decision-making.

[7] Cloud computing-based forensic analysis for collaborative network security management system:


Internet security problems remain a major challenge with many security concerns such as Internet worms, spam, and phishing attacks. Botnets, well-organized distributed network attacks, consist of a large number of bots that generate huge volumes of spam or launch Distributed Denial of Service (DDoS) attacks on victim hosts. New emerging botnet attacks degrade the status of Internet securityfurther. To address these problems, a practical collaborative network security management system is proposed with an effective collaborative Unified Threat Management (UTM) and traffic probers. A distributed security overlay network with a centralized security center leverages a peer-to-peer communication protocol used in the UTMs collaborative module and connects them virtually to exchange network events and security rules. Security functions for the UTM are retrofitted to sharesecurity rules. In this paper, we propose a design and implementation of a cloud-based security center for network security forensic analysis. We propose using cloud storage to keep collected traffic data and then processing it with cloud computing platforms to find the malicious attacks. As a practical example, phishing attack forensic analysis is presented and the required computing and storage resources are evaluated based on real trace data. The cloud-based security center can instruct each collaborative UTM and prober to collect events and raw traffic, send them back for deep analysis, and generate new security rules. These new security rules are enforced by collaborative UTM and the feedback events of such rules are returned to the security center. By this type of close-loop control, the collaborative network security management system can identify and address new distributed attacks more quickly and effectively..

[8] A Network Security Situation Analysis framework based on information fusion:


With the rapid development of the Internet, the network structure becomes larger and more complicated and attacking methods are more sophisticated, too. To enhance network security, Network SecuritySituation Analysis (NSSA) technology is a research hot spot in the network security domain. But at present, the NSSA framework and model which not only analyze the affected results of the networksecurity but also the process how the network security is affected are less. In this paper, a novel NSSA framework is presented. The framework includes two parts: calculate the Network Security Situation Value (NSSV) and discover intrusion processes. NSSA quantitative assesses the impact on networksecurity caused by attacks upon Analytical Hierarchy Process (AHP) and hierarchical network structure. Based on attack classification, intrusion processes discover the process how network security is affected. At last from the experiments results, NSSV exactly changes as attacks take place and the accurate intrusion processes are discovered. The applicability of the framework and algorithms are verified.

[9]Design of network security early-warning system based on network defense in depth model:


With the development of networks countermeasure technology, network security early-warning has become a key technology of constructing networks defense in depth architectures. Focusing onnetwork real environment, upgrading comprehensive capacity of the network security defense, a complete set of network security early-warning control mechanism are first discussed; then, based onnetwork defense in depth model, the design ideas, reaching goals, design principle and implementation technology of network security early-warning system are presented; and finally, from the dynamic monitoring, intrusion detection, real-time early-warning and process status tracking, the system function design and the procedure design of main function module are also given. This design model is valuable for guiding the developing practice of network security early-warning system

[10]A fuzzy forecast method for network security situation based on Markov:


At present, network security attacks are numerous. Traditional single defense equipment and testing equipment are unable to meet the requirements of network security under the new circumstances. Therefore, the research on network security situation has become a hot topic in the field of networksecurity. To enhance the accuracy and time effectiveness of the network security situation forecast, a fuzzy prediction method of network security situation based on Markov is proposed in this paper. The method is based on the Markov state transition matrix that depicts the correlation of network securityand predicts the security status. By introducing the vulnerability information to build the membership degree of fuzzy security situation for the security status and integrating improved Zadeh formula, the prediction value of the network security situation is obtained. Finally, the effectiveness of the method is shown by the experiment results on KDD CUP99 data and DARPA2000 data..

[11] A Quantification Method for Network Security Situational Awareness Based on Conditional Random Fields:


Network security situational awareness(NSSA) has been a hot research spot in the network securitydomain. In this paper, a quantification method for NSSA based on conditional random fields(CRFs) was proposed. The data of network attacks from intrusion detection system (IDS), the hosts' vulnerabilities and the hosts' states were firstly combined as the network security factors. And then the networksecurity threat degree was defined to quantify the risk of the whole network and classify the attacks. A diverse set of effective features were incorporated in CRFs Model. Finally the experiments on the DARPA 2000 data set generate the explicit network security situational graph. It proves that the method introduced in this paper can represent network risk more accurate and offer a good quantification for thenetwork security situation.

[12] Securing IPv6 network infrastructure: A new security model:


Nation's network infrastructure such as the Global Information Grid (GIG) for the Department of Defense (DoD) and the OneNet for the Homeland Security Department are tran-sitioning to the Internet Protocol version 6 (IPv6) per DoD CIO Memorandum of June 2003 and the Office of Management and Budget memorandum OMB-05-22. There exist IPv6 specific security vulnerabilities in these networkinfrastructures that need to be mitigated in order to achieve security parity with the existing IPv4 operations. From the perspective of the Homeland Security technologies, the existence of additionalsecurity vulnerabilities implies a possibility for two pronged threats. First, the IPv6 specific vulnerabilities reduce the security posture of the network infrastructure itself; second, other critical infrastructure sectors that depend on IPv6 need additional protection. For example, the future supervisory control and data acquisition (SCADA) industrial capabilities would increasingly use the IPv6 infrastructure, as would the voice communications, the voice and video collaboration, and sharing of data such as the image data and surveillance and reconnaissance data. This paper presents three contiguous results. First, it briefly presents the new IPv6 capabilities; second, it presents a brief analysis of the securityvulnerabilities arising from these capabilities; and third, it presents a new security model for IPv6network infrastructures that has the potential to mitigate these vulnerabilities. The new model is based on the end-to-end connectivity that is restored in IPv6, thus allowing the use of host based security(HBS) systems together with the perimeter security devices. However, the use of HBS complicates thesecurity trust management. Therefore the third component of the model is introduced, namely a policy based security management (PBSM) approach. The PBSM approach allows the secure deployment of the host based security systems. It provides the capabilities needed to specify - - the trust zones via a set of security policy rules that together specify a trust zone. Hosts belong to one or more trust zones. Accordingly, the host based security policies are derived from the zone security policies for all the zones to which a host belongs. In addition, the PBSM approach has the potential to support more sophisticated security capabilities such as a risk adaptive access control and dynamic securityresponse to a changing operational picture. The capabilities are needed to enable net-centric securityoperations.

[13]Towards Safe and Optimal Network Designs Based on Network Security Requirements:


Network security requirements are generally regarded once network topology is implemented. In particular, once firewalls are emplaced to filter network traffic between different Local Area Networks(LANs). This commun approach may lead to critical situations: First, machines that should not communicate could belong to a same LAN where the network traffics do not pass through the firewall for being filtered. Often overwhelmed by the complexity of security requirements and the growth ofnetworks, network administrators are struggling to resolve such design faults while ensuring not to cause further vulnerabilities. Second, according to network security policy, the required number of LANs, and therefore the number, range and thus, the cost required for both network and securityequipments, can be much more reduced than that originally proposed by the network administrator. In this paper, we present an automatic approach that consists on proposing a network topology which is both safe and optimal by taking into account the network security policy, given in a high-level language. The safety property ensures that every prohibited traffic has to cross the firewall to be filtered. The optimal property allows to deduce the necessary and sufficient resources (Sub networks, network switches, firewalls range) to be used. To our best knowledge, such problematic has not been explored in previous works, despite the importance of these challenges. Our method has been implemented using Graph Coloring Theory. The first results are very promising. Experiment conducted on large-scalenetworks demonstrate the efficiency and the scalability of our approach.

[14] The Analysis of XML Technology in Network Security:


This paper described the current network of primary language XML in network applications, introduced its own XML language features and development to illustrate aspects of XML technology in the application of network security and significance. The network security is a systems engineering which is need to carefully consider the security needs of the system, and a variety of security technologies, such as passwords and technology combine to produce a highly efficient, universal, secure networksystems. Secondly, this paper analysis of network security architecture and the current networksecurity system for the protection of technical methods used: the network against viruses, configuration, firewall, intrusion detection systems used, Web, Email, BBS's safety monitoring system, vulnerability scanning systems, IP Theft solution, using network monitoring to maintain system securitysubnet. Finally, the XML technology for network security enabled areas of security, XML has become a field for the safety of a valuable mechanism for exchange of data, related development is related to XML encryption and XML signature..

[15] A Formal Framework for Network Security Design Synthesis:


Due to the extensive use of Internet services and emerging security threats, most enterprise networksdeploy varieties of security devices for controlling resource access based on organizational securityrequirements. These requirements are becoming more fine-grained, where access control depends on heterogeneous isolation patterns like access deny, trusted communication, and payload inspection. However, organizations are looking to design usable and optimal security configurations that can harden the network security within enterprise budget constraints. This requires analyzing various alternative security architectures in order to find a security design that satisfies the organizational security requirements as well as the business constraints. In this paper, we present ConfigSynth, an automated framework for synthesizing network security configurations by exploring various security design alternatives to provide an optimal solution. The main design alternatives include different kinds of isolation patterns for traffic flows in different segments of the network. Config Synth takes security requirements and business constraints along with the network topology as inputs. Then it synthesizes optimal and cost-effective security configurations satisfying the constraints. ConfigSynth also provides optimal placements of different security devices in the network according to the given network topology. ConfigSynth uses Satisfiability Modulo Theories (SMT) for modeling this synthesis problem. We demonstrate the scalability of the tool using simulated experiments.

[16]Using ITU-T X.805 for comprehensive network security assessment and planning:


In the wake of recent events, network security and reliability have become top issues for service providers and enterprises. The worldwide cost of cyber attacks is estimated to have been in the $145 billion dollar range for 2003. 2003 was also regarded as the "worst year ever" for computer viruses and worms; in 2001 the Code Red worm took several days to create widespread damage, whereas Slammer in 2003 had significant impact in just minutes. Over 90% of network attacks resulting in significant financial loss originate from inside a network's perimeter. Unfortunately, there appears to be no end in sight to these threats to network security; in fact, there is an increasing trend of attacking financial resources in addition to computing resources. The newly ratified ITU-T Recommendation X.805 "security architecture for systems providing end-to-end communications" was developed as the framework for the architecture and dimensions in achieving end-to-end security of distributed applications. It provides a comprehensive, multilayered, end-to-end network security framework across eight security dimensions in order to combat network security threats. We introduce the X.805 standard and describe how it can be applied to all phases of a network security program. We also provide examples of the business impact of network security vulnerabilities and the application of X.805 fornetwork security assessments. Enterprises and service providers alike should use X.805 to provide a rigorous approach to network security throughout the entire lifecycle of their security programs.

[17]Research on security strategy for agricultural information network :


In recent years, the agricultural information network construction has made a great progress in China. With the level of network openness improved, the probability of network attacked is increasing. So, it needs a higher demand for network stability and security. Through analyzing the status quo of agricultural information network security and network security defensive strategy architecture, this paper proposes a construction solution of agricultural information network security comprehensive management platform. Based on the different functions and regions of agricultural information networksystem, this solution optimizes the design and deployment with the way of security management andsecurity technology. It makes the target of systematic and intensive management about agricultural information network security comprehensive defensive architecture is achieved..

[18]The Study of Network Security Event Correlation Analysis Based on Similar Degree of the Attributes:


This paper studied the related theories of the network security event correlation analysis methods, and proposed the network security event correlation analysis method based on similar degree of the attributes. a detailed description and analysis of the method is gived in this paper, the method can realize the classification and merge of network security events according to the attributes similar degree of network security events. The similar degree of security events are identified by the similar degrees of characteristic attributes. It can not only remove redundant safety incidents, but also can compresssecurity event number. Thus, it can effectively improve the network administrator's security incident analysis efficiency. The experimental results show that: the method is suitable for the massive securityevent information analysis and aggregation, can effectively reduce the number of security incidents, has a certain value..

[19]Ontology based approach for perception of network security state:


This paper presents an ontological approach to perceive the current security status of the network. Computer network is a dynamic entity whose state changes with the introduction of new services, installation of new network operating system, and addition of new hardware components, creation of new user roles and by attacks from various actors instigated by aggressors. Various securitymechanisms employed in the network does not give the complete picture of security of completenetwork. In this paper we have proposed taxonomy and ontology which may be used to infer impact of various events happening in the network on security status of the network. Vulnerability, Network and Attack are the main taxonomy classes in the ontology. Vulnerability class describes various types of vulnerabilities in the network which may in hardware components like storage devices, computing devices or networks devices. Attack class has many subclasses like Actor class which is entity executing the attack, Goal class describes goal of the attack, Attack mechanism class defines attack methodology, Scope class describes size and utility of the target, Automation level describes the automation level of the attack Evaluation of security status of the network is required for networksecurity situational awareness. Network class has network operating system, users, roles, hardware components and services as its subclasses. Based on this taxonomy ontology has been developed to perceive network security status. Finally a framework, which uses this ontology as knowledgebase has been proposed..

[20] Security situation analysis and prediction system for large-scale network SSAP:


SSAP is developed for national backbone networks, large network operators, large enterprises and other large-scale networks. The system collects, interprets and displays the security factors which cause changes of network situation, and predicts the future development trend of these security factors. This paper describes its architecture and key technologies: security data integration technology for distributed heterogeneous network, association analysis technology oriented the major network securityevents, real-time analysis technology based on the data flow and multi-dimensional analysis for networksecurity data, network security situation prediction technology, and so on. The performance tests show that SSAP has high real-time and accuracy in security situation analysis and trend prediction. The system meets the demands of analysis and prediction for large-scale network security situation

[21]A network security evaluation method based on fuzzy and RST:


The security evaluation for an information network system is an important management tool to insure its normal operation. We must realize the comprehensive network security risks and take effective securitymeasures. A network evaluation model and the corresponding fuzzy algorithm are presented and adapt the hierarchical method to characterize the security risk situation. The model combined with the importance of the security measure, environment and the key nodes. The evaluation method based on RST is used to evaluate the key nodes and the fuzzy mathematics is used to analyze the wholenetwork security situation. Compared with others, the method can automatically create a rule-basedsecurity evaluation model to evaluate the security threat from the individual security elements and the combination of security elements, and then evaluation the network situation. It is shown by experimental results that this system provides a valuable model and algorithms to help to find the security rules, adjust the security measure, improve the security performance and design the appropriate security risk evaluation and management tools.

[22] Intelligence security home network:


The term security network intelligence is widely used in the field of communication security network. A number of new and potentially concepts and products based on the concept of security networkintelligence have been introduced, including smart flows, intelligent routing, and intelligent Web switching. Many intelligent systems focus on a specific security service, function, or device, and do not provide true end-to-end service network intelligence. True security network intelligence requires more than a set of disconnected elements, it requires an interconnecting and functionally coupled architecture that enables the various functional levels to interact and communicate with each other. We propose a uniform work for understanding end-to-end communication security network intelligence (CSNI), which is defined as the ability of a network to act appropriately in a changing environment. We consider an appropriate action to be one that increases the optimal and efficient use of network resources in delivering services, and we define success as the achievement of behaviour sub-goals that support the service provider's ultimate goals, which are defined external to the network system. The work presented incorporates the functional elements of intelligence into computational modules and interconnects the modules into networks and hierarchies that have spatial, logical, and temporal properties. Based on the work proposed, we describe an end-to-end multiservice network application spanning the networksecurity management layer, optical layer, switching/routing layer, security services layer, and other layers..

[23]Quantification of Network Security Situational Awareness Based on Evolutionary Neural Network:


The proposal of network security situational awareness (NSSA) research means a breakthrough and an innovation to the traditional network security technologies, and it has become a new hot research topic in network security field. Combined with evolutionary strategy and neural network, a quantitative method of network security situational awareness is proposed in this paper. Evolutionary strategy is used to optimize the parameters of neural network, and then the evolutionary neural network model is established to extract the network security situational factors, so the quantification of network securitysituation is achieved. Finally simulated experiment is done to validate that the evolutionary neuralnetwork model can extract situational factors and the model has better generalization ability, which supports the network security technical technologies greatly..

[24] Dynamic awareness of network security situation based on stochastic game theory:


Stochastic game theory is proposed to apply in the research on network security situational awareness (NSSA), which is a research focus in network security field at present. A novel dynamic awareness method of network security situation (NSS) based on analyses of network service states is proposed in this paper. Realizing situation awareness is a dynamic process, and the diverse states of networkservices are just direct mirrors of the whole network security situation. Network security situation reflects what is happening in the network, including both the offense and defense behaviors in it. Stochastic game model of network security system is constructed in this paper, and network securitysituation is quantified by the game mathematical formulation, costs or rewards of attackers and defenders are established, and finally non-linear programming is used to compute the Nash equilibrium points, at which point both of the two sides get a balance between their benefits. Network securitysituation can then be dynamically achieved by visualizing the diverse metrics information of networkservices at Nash equilibrium during the operating of network system..

[25] The problems in campus network information security and its solutions:


In the Age of Information, network education pays more attention to the application of IT technology and the training of talents, which makes learning more of customization and of opening up. In order to better enable learners to go beyond the limitations of space and time to acquire knowledge; in order to provide excellent learning environment for greater freedom and greater choice of learning activities space, the project to building campus network has become the basis of all university building work. It is directly related to the quality and level of their teaching and scientific research work. The campus network has a number of tasks such as teaching, research, management and communication with the outside. Therefore, the issue of network security has become a priority to campus network management. Obviously, the current Internet is convenient but at the same time it is unsafe. As part of the Internet and the unique attributes of campus network, it is more easily attacked when enjoying the service provided by the Internet. This paper starts from the current security status of the campus network, analyzing threatens to campus network security and strategies to maintenance of network security, so as to establish a suitable campus network security system, and introduce some current popular campusnetwork information security solutions..

[26] k-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities :


By enabling a direct comparison of different security solutions with respect to their relative effectiveness, a network security metric may provide quantifiable evidences to assist securitypractitioners in securing computer networks. However, research on security metrics has been hindered by difficulties in handling zero-day attacks exploiting unknown vulnerabilities. In fact, the security risk of unknown vulnerabilities has been considered as something unmeasurable due to the less predictable nature of software flaws. This causes a major difficulty to security metrics, because a more secure configuration would be of little value if it were equally susceptible to zero-day attacks. In this paper, we propose a novel security metric, k-zero day safety, to address this issue. Instead of attempting to rank unknown vulnerabilities, our metric counts how many such vulnerabilities would be required for compromising network assets; a larger count implies more security because the likelihood of having more unknown vulnerabilities available, applicable, and exploitable all at the same time will be significantly lower. We formally define the metric, analyze the complexity of computing the metric, devise heuristic algorithms for intractable cases, and finally demonstrate through case studies that applying the metric to existing network security practices may generate actionable knowledge..

[27] Novel method of assessing network security risks based on vulnerability correlation graph:


In order to improve networks' total security, a method of assessing network security risks based on vulnerability correlation graph is proposed in this paper. Firstly, it proposed a definition of vulnerability correlation graph based on the basis of network security dependency. Secondly, according to the size of network topology, the method of assessing the potential risk based on the vulnerability correlation graph is explained in detail. The experiment results show that it's possible to calculate potential risk indexes of three hierarchies: hosts, subnets and networks so that system administrators could adjust the security strategies in order to reduce the potential risk value of the whole network. It is also possible to solve the problem of network state explosion, thus improving expansibility of the assessment method..

[28] The research on dynamic self-adaptive network security model based on mobile agent:


The rapid development and wide application of computer networks presents a new challenge to information security and network security. Traditional security models and single security technology cannot keep up with the change of complicated network structure and varied intrusion measures.Network security management based on policy has traits of low management cost, high agility and wide applicability. The mobile agent not only collects but also processes data, overcomes traditional agent's shortcomings, improves response and relieves network burden. This paper introduces network securitymanagement based on policy and a mobile agent into a new network security framework, and emphases its structure, control strategy and implementation

[29] A Novel Extended Algorithm for Network Security Situation Awareness :


Network security situational awareness (NSSA) technology as a new research area in network securityplays an important role in changing network security defense model from passive type to active. In order to enhance the capability of perceiving status the network stays in and emergency responding capability, it is especially important to design an index system for large scale NSSA and a situation assessment algorithm. This paper extends the existing hierarchical evaluation method and introduces a new network security assessment algorithm with a high adaptability based on other researchers' work..

[30] Application Research of Support Vector Machine in Network Security Risk Evaluation:


Along with the extensive application of the network, network security has received increasing attention recently.This paper researches on the network security risk evaluation and analyze the traditional risk evaluation methods, then proposes a new network security risk evaluation method based on Support Vector Machine (SVM) and Binary tree. Unlike the traditional risk evaluation methods, SVM is a novel type of learning machine technique which developed on structural risk minimization principle.SVM has many advantages in solving small sample size, nonlinear and high dimensional pattern recognition problem.The principles of SVM and binary tree are introduced in detail and apply it into network securityrisk assessment, it divided risk rate of network security into 4 different rates and more .Compare to ANN about the Classification precision, Generalization Performance, learning and testing time, it indicates that SVM has higher Classification precision, better generalization Performance and less learning and testing time, especially get a better assessment performance under small samples. It indicates that SVM has absolute superiority on network security risk evaluation, the validity and superiority of this method is approved through the experiment.

[31] Aspects of network security for VoIP solutions using IMS core network and Wi-Fi access:


A network providing Voice over Internet Protocol (VoIP) service requires many network elements. Eachnetwork element may have its own set of security capabilities, but not all security capabilities on allnetwork elements are necessary at the same time for a given network configuration. An end-to-endnetwork view is necessary to choose appropriate security capabilities while minimizing networkoverhead. For VoIP, using an IP Multimedia Subsystem (IMS) core network and wireless fidelity (Wi-Fi∗) access, the service provider can offer the feature functionality of the core network to both enterprise and residential customers simultaneously. However, both market segments provide their own set of uniquesecurity challenges, and what is appropriate for one market segment is not necessarily appropriate for the other. This paper explores various security implications for both of these market segments and proposes options for securing each network configuration. Security aspects of the control plane, bearer plane, and management plane are considered. © 2007 Alcatel-Lucent. .

[32] System Tolerance Oriented Network Security Situational Assessment:


Attack and defense is the two important aspects of network security issue. Network security situational assessment has focused on attack roundly. Numbers of network security situational assessment models have been put forward based on attack and threat. Those methods have obtained good results. On the other hand, defense lacks careful consideration. Defense embodies system tolerance. System tolerance contains three important factors: system tolerance to attack, system asset tolerance, and system survivability. The article will introduce a network security situational assessment model based on attack and defense. Consult the existent models of network security situational assessment to summarize a hierarchical model. The hierarchical model based on attack mainly. Then we will use the three factors of system tolerance to mend the model. The new hierarchical model based on attack and defense will be closer to realistic security situation status. The corresponding experiment proves that the improved model considered attack and defense has better effect

[33] Network security risk assessment based on support vector machine:


With the development and application of network technology, the issues of network security has become prominent increasingly. Network security risk assessment has become the key process in solve network security. Support Vector Machine(SVM)is one of novel learning machine methods, its advantages are simple structure, strong compatibility, global optimization, least raining time and better generalization. So it has superiority to apply it into network security risk assessment. This paper describes the content and the evaluation indicators of network security risk assessment and the classification of the support vector machine in detail. And then an assessment method of networksecurity risk based on support vector machine is proposed in this paper. Experiment results show that the method Is feasible and effective..

[34] Two algorithms for Network Security Gradient marking:


Attack graph increasingly becomes a key technique for network security analysis, however, the prevalent Attacker's Ability Monotonic Assumption (AAMA) constraint for attack graph generation could not make full use of the direction of network attack and the hierarchy of defence. As a result, using AAMA is not efficient enough in the process of attack graph generation, especially for large-scale complicated network. With the aim of improving the efficiency of attack graph generation and reducing attack graph's complexity, we proposed the concept of Network Security Gradient (NSG) to reflect the hierarchy of network defence, and the Gradient Attack Assumption (GAA) based on NSG to constraint the process of attack graph generation. To make our theory of NSG more sound and reasonable, we proposed two NSG marking algorithms, respectively from static analysis of network topology and dynamic analysis of network access flow, to rank network nodes automatically. Experiment results showed that both of the two algorithms can mark NSG for network correctly and rationally.

[35] Global Network Security: A Vulnerability Assessment of Seven Popular Outsourcing Countries:


With increasingly more businesses engaging in offshore outsourcing, organisations need to be made aware of the global differences in network security, before entrusting a nation with sensitive information. In July 2011, Syn and Nackrst1 explored this topic by analysing seven countries from a wide spectrum across the globe for network security vulnerabilities. The countries selected were China, the United Kingdom, Germany, Russia, India, Mexico and Romania. Their method utilises Nmap and Nessus to probe and test for network vulnerabilities from each respective nation, in order to collect quantitative data for national vulnerability volumes. The Vulnerability statistics collected are of four categories, High, Medium, Low and Open Ports. This paper extends Syn and Nackrst1's work by constructing a more detailed analysis of their results, showing the number of real-world vulnerabilities per nation, the differences between national levels of network security, the ratios of vulnerabilities/IP address, and vulnerability summary rankings. Multiple causal factors are also looked at to quantify the reasoning behind the varying levels of vulnerabilities per nation. This paper concludes that each nation has millions of vulnerabilities of varying amounts, and therefore, each nation differs in network security levels. Mexico and India exhibited the most worrying statistics, with the highest number of high level vulnerabilities/IP address ratio. Ultimately, this paper highlights the vulnerability levels that organisations are faced with when engaging in foreign and domestic outsourcing..

[36] Collaborative network security in multi-tenant data center for cloud computing:


A data center is an infrastructure that supports Internet service. Cloud computing is rapidly changing the face of the Internet service infrastructure, enabling even small organizations to quickly build Web and mobile applications for millions of users by taking advantage of the scale and flexibility of shared physical infrastructures provided by cloud computing. In this scenario, multiple tenants save their data and applications in shared data centers, blurring the network boundaries between each tenant in the cloud. In addition, different tenants have different security requirements, while different security policies are necessary for different tenants. Network virtualization is used to meet a diverse set of tenant-specific requirements with the underlying physical network, enabling multi-tenant datacenters to automatically address a large and diverse set of tenants requirements. In this paper, we propose the system implementation of vCNSMS, a collaborative network security prototype system used in a multi-tenant data center. We demonstrate vCNSMS with a centralized collaborative scheme and deep packet inspection with an open source UTM system. A security level based protection policy is proposed for simplifying the security rule management for vCNSMS. Different security levels have different packet inspection schemes and are enforced with different security plugins. A smart packet verdict scheme is also integrated into vCNSMS for intelligence flow processing to protect from possible network attacks inside a data center network..

[37]Research of the campus E-government network security management:


With the quick development of computer network, the network scale in school campus has been keeping on expanding. Therefore, security problems of network become a focus of research, a well-operated network management becomes the key issue for a normal and effective school campusnetwork This article mainly analyzes the problems and solutions of the campus E-government networksecurity, studies the security issue and its root in school campus network and mainly probes into the key technique of the school campus network security management system, then we provides thesecurity strategy of network According to the practical situation in our campus, we designs and realizes the school campus security management system.

[38] Reverse Circle Cipher for personal and network security:


Many data encryption techniques have been employed to ensure both personal data security andnetwork security. But few have been successful in merging both under one roof. The block cipher techniques commonly used for personal security such as DES and AES run multiple passes over each block making them ineffective for real time data transfer. Also, ciphers for network security such as Diffie-Hellman and RSA require large number of bits. This paper suggests a simple block cipher scheme to effectively reduce both time and space complexities and still provide adequate security for both security domains. The proposed Reverse Circle Cipher uses `circular substitution' and `reversal transposition' to exploit the benefits of both confusion and diffusion. This scheme uses an arbitrarily variable key length which may even be equal to the length of the plaintext or as small as a few bits coupled with an arbitrary reversal factor. This method of encryption can be utilized within stand alone systems for personal data security or even streamed into real time packet transfer for network security. This paper also analyses the effectiveness of the algorithm with respect to the size of the plaintext and frequency distribution within the ciphertext.

[39] Coordination in network security games:


Malicious softwares or malwares for short have become a major security threat. While originating in criminal behavior, their impact are also influenced by the decisions of legitimate end users. Getting agents in the Internet, and in networks in general, to invest in and deploy security features and protocols is a challenge, in particular because of economic reasons arising from the presence of networkexternalities. An unexplored direction of this challenge consists in under- standing how to align the incentives of the agents of a large network towards a better security. This paper addresses this new line of research. We start with an economic model for a single agent, that determines the optimal amount to invest in protection. The model takes into account the vulnerability of the agent to a security breach and the potential loss if a security breach occurs. We derive conditions on the quality of the protection to ensure that the optimal amount spent on security is an increasing function of the agent's vulnerability and potential loss. We also show that for a large class of risks, only a small fraction of the expected loss should be invested. Building on these results, we study a network of interconnected agents subject to epidemic risks. We derive conditions to ensure that the incentives of all agents are aligned towards a better security. When agents are strategic, we show that security investments are always socially inefficient due to the network externalities. Moreover if our conditions are not satisfied, incentives can be aligned towards a lower security leading to an equilibrium with a very high price of anarchy..

[40]Network Security Policies: Verification, Optimization and Testing :


Summary form only given. The importance of network security has been significantly increasing in the past few years. However, the increasing complexity of managing security polices particularly in enterprise networks poses real challenge for efficient security solutions. Network security perimeters such as Firewalls, IPSec gateways, intrusion detection and prevention systems operate based on locally configured policies. Yet these policies are not necessarily autonomous and might interact between each other to construct a global network security policy. Due to manual, distributed and uncoordinated configuration of security polices, rules conflicts and policy inconsistency are created, causing serious network security vulnerabilities. In addition, enterprise networks continuously grow in size and complexity, which makes policy modification, inspection and evaluation nightmare. Addressing these issues is a key requirement for obtaining provable security and seamless policy configuration. In addition, with growth in network speed and size, the need to optimize the security policy to cope with the traffic rate and attacks is significantly increasing. The constant evolution of policy syntax and semantics make the functional testing of these devices for vulnerability penetration is a difficult task. This tutorial is divided into three parts. In the first part, we will present techniques to automatically verify and correct firewall and IPSec/VPN polices in large-scale enterprise networks. In the second part, we will discuss techniques to enhance and optimize the policy structure and rule ordering in order to reduce packet matching and improve significantly firewall and IPSec performance. In the third part, we will present techniques that can be used by users, service provider as well as vendors to test their security devices efficiently and accurately.

[41] Intrusion Alerts Correlation Based Assessment of Network Security:


Traditional network security assessment technologies are usually qualitative analyses from large variation of security factors. It is difficult to guide security managers to configure network securitymechanisms. A new network security quantitative analysis method called ACRL is presented in this paper. It assesses attack sequences from credibility, risk and the loss of system and provides the assessment values to security managers. It can assess the network security mechanisms and measures in position and can help security managers adjust the corresponding security mechanisms and choose the response methods against attacks in detail. An experiment of our method shows favorable and promising results..

[42] Network Security Analysis Based on Reputation Evaluation:


To solve the security issues of network resources in file sharing, a reputation evaluation system was build based on resource trust degree. A set of reputation evaluation formula and method was developed to build trust model using the reputation evaluation method based on resource credibility and recommended reliability, and the reputation evaluation system was applied to network security. Through the trust mechanism, users can get the historical experiences of target nodes, thus the networkresource security and the integrity of download resources are ensured. Users can use the model to select safer network resource service objects, and an incentive mechanism can play a part in selectingnetwork resources.

[43] An Extraction Method of Situational Factors for Network Security Situational Awareness:


The proposal of network security situational awareness (NSSA) research means a great breakthrough and an innovation to the traditional network security technologies, and it has become a new hot research topic in network security field. First the current research status in this field is introduced, after a summarization of the former achievements, a layered NSSA realization model is constructed, in which extraction of the situational factors is pointed out as the most basic and important step in realizing NSSA. Situational factors(SF) are defined here, and the extraction method of SF is the main research topic in this paper. Combined with evolutionary strategy and neural network, an extraction method of situational factors is proposed. Evolutionary strategy is used to optimize the parameters of neural network, and then the evolutionary neural network model is established to extract the SFs, so the foundation of realizing network security situation is established. Finally, simulation experiments are done to validate that the evolutionary neural network model can effectively extract situational factors and the model has better generalization ability, which will accelerate the realization of NSSA greatly. .

[44]A Collaborative Network Security Management System in Metropolitan Area Network:


Network Security Appliances are deployed at the vantage point of the Internet to detect security events and prevent attacks. However, these appliances are not so effective when it comes to distributed attacks such as DDoS. This paper presents a design and implementation of collaborative networksecurity management system (CNSMS), which organize the NetSecu nodes into a hybrid P2P and hierarchy architecture to share the security knowledge. NetSecu nodes are organized into a hierarchy architecture so they could realize different management or security functions. In each level, nodes formed a P2P networks for higher efficiency. To guarantee identity trustworthy and information exchange secure, PKI infrastructure is deployed in CNSMS. Finally experiments are conducted to test the computing and communication cost. .

[45] A Forecast Approach of Network Security Situation Base on Optimal Fuzzy Grey:


Forecast of network security situation is an important part of network security situational assessment. The concept of network security situational assessment will be introduced. Then a model of networksecurity situational assessment is summarized based on the concept. On the other hand, The method of GM(1,1) modified by residual error is mentioned. And this method will be improved into optimal fuzzy grey model. The model of optimal fuzzy grey will be used to forecast value of network securitysituational assessment. The results show better effects in simulation test, compared to the original model..

[46]Computer network security of university and preventive strategy:


With the rapid development of computer technology and network, the modern world is gradually evolved into an electronic world and all information is in the full digital. Especially in universities, the campusnetwork has become an important infrastructure and it is used widely in teaching, office, library management, etc. With the development of the scale of campus network, the network environment is becoming more and more complicated. So network security plays a decisive role in ensuring the campus network operating stably and it has become one restricting factor in university information development. The paper researches and discusses some measures to help network management personnel to make scientific decision-making through analyzing various problems of college computernetwork and finding the inherent weaknesses of college computer network in order to provide a safe means of teaching and working environment for teachers and students.

[47]Study on network security assessment based on analytical hierarchy process:


In order to improve the reliability of network security evaluation, the application of analytical hierarchy process method on the network security assessment was studied in depth. Firstly, the characters ofnetwork security were introduced. Secondly, the basic theory of analytic hierarchy process was analyzed, and then the index system of integrated evaluation of network security was established. Thirdly, the analysis procession of AHP was carried out. And finally the evaluation was carried out, and the results showed that this method had high precious and would applied in network securityassessment effectively

[48] Linux Network Security Technology :


Computer security is a hot topic, more and more Internet users are concerning about computersecurity. Linux is a operating system like Unix. It has all the features of Unix operating system. Linux system has a very strict structure like Unix in security. This paper discusses the network security of Linux system from the technical aspects of network security. The paper introduces methods of protecting network security which set the right to accessing the customer machine and use firewall technology. Describe detailed the Netfilter`s structure and Netfilter`s position in network

[49] Anomaly-Based Behavior Analysis of Wireless Network Security:


The exponential growth in wireless network faults, vulnerabilities, and attacks make the wireless local area network (WLAN) security management a challenging research area. Newer network cards implemented more security measures according to the IEEE recommendations [14]; but the wirelessnetwork is still vulnerable to denial of service attacks or to other traditional attacks due to existing wide deployment of network cards with well-known security vulnerabilities. The effectiveness of a wireless intrusion detection system (WIDS) relies on updating its security rules; many current WIDSs use staticsecurity rule settings based on expert knowledge. However, updating those security rules can be time-consuming and expensive. In this paper, we present a novel approach based on multi-channel monitoring and anomaly analysis of station localization, packet analysis, and state tracking to detect wireless attacks; we use adaptive machine learning and genetic search to dynamically set optimal anomaly thresholds and select the proper set of features necessary to efficiently detect networkattacks. We present a self-protection system that has the following salient features: monitor the wireless network, generate network features, track wireless network state machine violations, generate wireless flow keys (WFK), and use the dynamically updated anomaly and misuse rules to detect complex known and unknown wireless attacks. To quantify the attack impact, we use the abnormality distance from the trained norm and multivariate analysis to correlate multiple selected features contributing to the final decision. We validate our wireless self protection system (WSPS) approach by experimenting with more than 20 different types of wireless attacks. Our experimental results show that the WSPS approach can protect from wireless network attacks with a false positive rate of 0.1209% and more than 99% detection rate..

[50] Implement network security control solutions in BYOD environment:


Bring Your Own Device (BYOD) security is the way to protect organization's network against Variety of threats which come through mobile devices and access channels. This research paper explains the implementation of BYOD security solution in higher education institution in Oman. This security solution will help to protect the network data from unauthorized access, as well as, controlling unmanaged devices which are smartphones and mobile devices. This research will follow these steps starting with literature review, data collection, analysis, design the network structure with suggested solution and implementation for BYOD security solutions. As well as, monitoring the network performance with the implanted solutions to keep track if traffic flow with high availability and security. This research paper will help to facilitate the work to the network users through allowing BYOD as well as increase the networkavailability, ability and security through 802.1x, CA and RADius..

More About Network Security

Next-Generation Branch Security Cisco 1900, 2900, and 3900 Series Integrated Services Routers are integral components of the Cisco solution and product portfolio, and deliver embedded security and VPN functions that allow organizations to identify, prevent, and adapt to network security threats in remote branches, right at the WAN perimeter. The core security elements that enable routers to become critical devices for securing the network include: ● Secure connectivity: These features provide highly secure and scalable network connectivity, incorporating multiple types of traffic. Examples include IP Security (IPsec) VPN, Group Encrypted Transport VPN, Dynamic Multipoint VPN (DMVPN), Enhanced Easy VPN, and Secure Sockets Layer (SSL) VPN. ● Integrated threat control: These features prevent and respond to network attacks and threats using network services. Examples include Cisco IOS® Firewall, Cisco IOS Intrusion Prevention System (IPS), Content Filtering, NetFlow, and Flexible Packet Matching (FPM). ● Trust and identity: These features allow the network to intelligently protect endpoints using technologies such as authentication, authorization, and accounting (AAA) and public key infrastructure (PKI). ● Cisco network foundation protection: These features protect the network infrastructure from attacks and vulnerabilities, especially at the network level. Examples include AutoSecure, Control Plane Policing and Protection, Source-Based Remote-Triggered Black Hole (RTBH) filtering, and Unicast Reverse Path Forwarding (URPF). Security management[edit] Security management for networks is different for all kinds of situations. A home or small office may only require basic security while large businesses may require high-maintenance and advanced software and hardware to prevent malicious attacks from hacking and spamming.

Homes & Small Businesses


basic firewall or a unified threat management system. For Windows users, basic Antivirus software. An anti-spyware program would also be a good idea. There are many other types of antivirus or anti-spyware programs available. When using a wireless connection, use a robust password. Also one could try to use the strongest security supported by their wireless devices, such as WPA2 with AES. TKIP may be more widely supported by their devices and should only be considered in cases where they are NOT compliant with AES. If using Wireless: Change the default SSID network name, also disable SSID Broadcast; as this function is unnecessary for home use. (Security experts consider this to be easily bypassed with modern technology and some knowledge of how wireless traffic is detected by software).[5] Enable MAC Address filtering to keep track of all home network MAC devices connecting to one's router. (This is not a security feature per se; However it can be used to limit and strictly monitor one's DHCP address pool for unwanted intruders if not just by exclusion, but by AP association.) Assign STATIC IP addresses to network devices. (This is not a security feature per se; However it may be used, in conjunction with other features, to make one's AP less desirable to would-be intruders.) Disable ICMP ping on router. Review router or firewall logs to help identify abnormal network connections or traffic to the Internet. Use passwords for all accounts. For Windows users, Have multiple accounts per family member and use non-administrative accounts for day-to-day activities. Raise awareness about information security to children.

Medium businesses

A fairly strong firewall or Unified Threat Management System Strong Antivirus software and Internet Security Software. For authentication, use strong passwords and change them on a bi-weekly/monthly basis. When using a wireless connection, use a robust password. Raise awareness about physical security to employees. Use an optional network analyzer or network monitor. An enlightened administrator or manager. Use a VPN, or Virtual Private Network, to communicate between a main office and satellite offices using the Internet as a connectivity medium. A VPN offers a solution to the expense of leasing a data line while providing a secure network for the offices to communicate. A VPN provides the business with a way to communicate between two in a way mimics a private leased line. Although the Internet is used, it is private because the link is encrypted and convenient to use. A medium sized business needing a secure way to connect several offices will find this a good choice. Clear employee guidelines should be implemented for using the Internet, including access to non-work related websites, sending and receiving information. Individual accounts to log on and access company intranet and Internet with monitoring for accountability. Have a back-up policy to recover data in the event of a hardware failure or a security breach that changes, damages or deletes data. Disable Messenger. Assign several employees to monitor a group like CERT which studies Internet security vulnerabilities and develops training to help improve security.

Large businesses

A strong firewall and proxy, or network Guard, to keep unwanted people out. A strong Antivirus software package and Internet Security Software package. For authentication, use strong passwords and change it on a weekly/bi-weekly basis. When using a wireless connection, use a robust password. Exercise physical security precautions to employees. Prepare a network analyzer or network monitor and use it when needed. Implement physical security management like closed circuit television for entry areas and restricted zones. Security fencing to mark the company's perimeter. Fire extinguishers for fire-sensitive areas like server rooms and security rooms. Security guards can help to maximize physical security.


An adjustable firewall and proxy to allow authorized users access from the outside and inside. Strong Antivirus software and Internet Security Software packages. Wireless connections that lead to firewalls. Children's Internet Protection Act compliance. (Only schools in the USA) Supervision of network to guarantee updates and changes based on popular site usage. Constant supervision by teachers, librarians, and administrators to guarantee protection against attacks by both internet and sneakernet sources. An enforceable and easy to understand acceptable use policy which differentiates between school owned and personally owned devices FERPA compliance for institutes of higher education network

Large government

A strong firewall and proxy to keep unwanted people out. Strong antivirus software and Internet Security Software suites. Strong encryption. Whitelist authorized wireless connection, block all else. All network hardware is in secure zones. All hosts should be on a private network that is invisible from the outside. Host web servers in a DMZ, or a firewall from the outside and from the inside. Security fencing to mark perimeter and set wireless range

KaaShiv InfoTech offers world class Final Year Project for BE, ME, MCA ,MTech, Software engineering and other students in Anna Nagar, Chennai.

Website Details:

Inplant Training: