Explore the vast range of titles available.

The development of smart network infrastructure of the Internet of Things (IoT) faces the immense threat of sophisticated Distributed Denial-of-Services (DDoS) security attacks. The existing network security solutions of enterprise networks are significantly expensive and unscalable for IoT. The integration of recently developed Software Defined Networking (SDN) reduces a significant amount of computational overhead for IoT network devices and enables additional security measurements. At the prelude stage of SDN-enabled IoT network infrastructure, the sampling based security approach currently results in low accuracy and low DDoS attack detection. In this paper, we propose an Adaptive Machine Learning based SDN-enabled Distributed Denial-of-Services attacks Detection and Mitigation (AMLSDM) framework. The proposed AMLSDM framework develops an SDN-enabled security mechanism for IoT devices with the support of an adaptive machine learning classification model to achieve the successful detection and mitigation of DDoS attacks. The proposed framework utilizes machine learning algorithms in an adaptive multilayered feed-forwarding scheme to successfully detect the DDoS attacks by examining the static features of the inspected network traffic. In the proposed adaptive multilayered feed-forwarding framework, the first layer utilizes Support Vector Machine (SVM), Naive Bayes (NB), Random Forest (RF), k-Nearest Neighbor (kNN), and Logistic Regression (LR) classifiers to build a model for detecting DDoS attacks from the training and testing environment-specific datasets. The output of the first layer passes to an Ensemble Voting (EV) algorithm, which accumulates the performance of the first layer classifiers. In the third layer, the adaptive frameworks measures the real-time live network traffic to detect the DDoS attacks in the network traffic. The proposed framework utilizes a remote SDN controller to mitigate the detected DDoS attacks over Open Flow (OF) switches and reconfigures the network resources for legitimate network hosts. The experimental results show the better performance of the proposed framework as compared to existing state-of-the art solutions in terms of higher accuracy of DDoS detection and low false alarm rate.

Background Data security has been a critical topic of research and discussion since the onset of data sharing in e-health systems. Although digitalization of data has increased efficiency and speed, it has also made data vulnerable to cyber attacks. Medical records in particular seem to be the regular victims of hackers. Several data breach incidents throughout history have warranted the invention of security measures against these threats. Although various security procedures like firewalls, virtual private networks, encryption, etc are present, a mix of these approaches are required for maximum security in medical image and data sharing. Methods Relatively new, blockchain has become an effective tool for safeguarding sensitive information. However, to ensure overall protection of medical data (images), security measures have to be taken at each step, from the beginning, during and even after transmission of medical images which is ensured by zero trust security model. In this research, a number of studies that deal with these two concepts were studied and a decentralized and trustless framework was proposed by combining these two concepts for secured medical data and image transfer and storage. Results Research output suggested blockchain technology ensures data integrity by maintaining an audit trail of every transaction while zero trust principles make sure the medical data is encrypted and only authenticated users and devices interact with the network. Thus the proposed model solves a lot of vulnerabilities related to data security. Conclusions A system to combat medical/health data vulnerabilities has been proposed. The system makes use of the immutability of blockchain, the additional security of zero trust principles, and the scalability of off chain data storage using Inter Planetary File Systems (IPFS). The adoption of this system suggests to enhance the security of medical or health data transmission.

Grouping and clustering alerts for intrusion detection based on the similarity of features is referred to as structurally base alert correlation and can discover a list of attack steps. Previous researchers selected different features and data sources manually based on their knowledge and experience, which lead to the less accurate identification of attack steps and inconsistent performance of clustering accuracy. Furthermore, the existing alert correlation systems deal with a huge amount of data that contains null values, incomplete information, and irrelevant features causing the analysis of the alerts to be tedious, time-consuming and error-prone. Therefore, this paper focuses on selecting accurate and significant features of alerts that are appropriate to represent the attack steps, thus, enhancing the structural-based alert correlation model. A two-tier feature selection method is proposed to obtain the significant features. The first tier aims at ranking the subset of features based on high information gain entropy in decreasing order. The‏ second tier extends additional features with a better discriminative ability than the initially ranked features. Performance analysis results show the significance of the selected features in terms of the clustering accuracy using 2000 DARPA intrusion detection scenario-specific dataset.

Network intrusion detection system can effectively detect network attack behaviour, which is very important to network security. In this paper, a multiclassification network intrusion detection model based on convolutional neural network is proposed, and the algorithm is optimized. First, the data is preprocessed, the original one-dimensional network intrusion data is converted into two-dimensional data, and then the effective features are learned using optimized convolutional neural networks, and, finally, the final test results are produced in conjunction with the Softmax classifier. In this paper, KDD-CUP 99 and NSL-KDD standard network intrusion detection dataset were used to carry out the multiclassification network intrusion detection experiment; the experimental results show that the multiclassification network intrusion detection model proposed in this paper improves the accuracy and check rate, reduces the false positive rate, and also obtains better test results for the detection of unknown attacks.

Environmental genotoxic factors pose a challenge to the genomic integrity of epithelial cells at barrier surfaces that separate host organisms from the environment. They can induce mutations that, if they occur in epithelial stem cells, contribute to malignant transformation and cancer development 1 – 3 . Genome integrity in epithelial stem cells is maintained by an evolutionarily conserved cellular response pathway, the DNA damage response (DDR). The DDR culminates in either transient cell-cycle arrest and DNA repair or elimination of damaged cells by apoptosis 4 , 5 . Here we show that the cytokine interleukin-22 (IL-22), produced by group 3 innate lymphoid cells (ILC3) and γδ T cells, is an important regulator of the DDR machinery in intestinal epithelial stem cells. Using a new mouse model that enables sporadic inactivation of the IL-22 receptor in colon epithelial stem cells, we demonstrate that IL-22 is required for effective initiation of the DDR following DNA damage. Stem cells deprived of IL-22 signals and exposed to carcinogens escaped DDR-controlled apoptosis, contained more mutations and were more likely to give rise to colon cancer. We identified metabolites of glucosinolates, a group of phytochemicals contained in cruciferous vegetables, to be a widespread source of genotoxic stress in intestinal epithelial cells. These metabolites are ligands of the aryl hydrocarbon receptor (AhR) 6 , and AhR-mediated signalling in ILC3 and γδ T cells controlled their production of IL-22. Mice fed with diets depleted of glucosinolates produced only very low levels of IL-22 and, consequently, the DDR in epithelial cells of mice on a glucosinolate-free diet was impaired. This work identifies a homeostatic network protecting stem cells against challenge to their genome integrity by AhR-mediated ‘sensing’ of genotoxic compounds from the diet. AhR signalling, in turn, ensures on-demand production of IL-22 by innate lymphocytes directly regulating components of the DDR in epithelial stem cells. Sporadic inactivation of the interleukin-22 receptor in the intestinal epithelium of the mouse shows that IL-22 is required for effective activation of the DNA damage response following DNA damage.

A network of molecular chaperones is known to bind proteins (‘clients’) and balance their folding, function and turnover. However, it is often unclear which chaperones are critical for selective recognition of individual clients. It is also not clear why these key chaperones might fail in protein-aggregation diseases. Here, we utilized human microtubule-associated protein tau (MAPT or tau) as a model client to survey interactions between ~30 purified chaperones and ~20 disease-associated tau variants (~600 combinations). From this large-scale analysis, we identified human DnaJA2 as an unexpected, but potent, inhibitor of tau aggregation. DnaJA2 levels were correlated with tau pathology in human brains, supporting the idea that it is an important regulator of tau homeostasis. Of note, we found that some disease-associated tau variants were relatively immune to interactions with chaperones, suggesting a model in which avoiding physical recognition by chaperone networks may contribute to disease.

Frequently, port scans are early indicators of more serious attacks. Unfortunately, the detection of slow port scans in company networks is challenging due to the massive amount of network data. This paper proposes an innovative approach for preprocessing flow-based data which is specifically tailored to the detection of slow port scans. The preprocessing chain generates new objects based on flow-based data aggregated over time windows while taking domain knowledge as well as additional knowledge about the network structure into account. The computed objects are used as input for the further analysis. Based on these objects, we propose two different approaches for detection of slow port scans. One approach is unsupervised and uses sequential hypothesis testing whereas the other approach is supervised and uses classification algorithms. We compare both approaches with existing port scan detection algorithms on the flow-based CIDDS-001 data set. Experiments indicate that the proposed approaches achieve better detection rates and exhibit less false alarms than similar algorithms.

The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results.

OpenFlow makes a network highly flexible and fast-evolving by separating control and data planes. The control plane thus becomes responsive to changes in topology and load balancing requirements. OpenFlow also offers a new approach to handle security threats accurately and responsively. Therefore, it is used as an innovative firewall that acts as a first-hop security to protect networks against malicious users. However, the firewall provided by OpenFlow suffers from Internet protocol version 6 (IPv6) fragmentation, which can be used to bypass the OpenFlow firewall. The OpenFlow firewall cannot identify the message payload unless the switch implements IPv6 fragment reassembly. This study tests the IPv6 fragmented packets that can evade the OpenFlow firewall, and proposes a new mechanism to guard against attacks carried out by malicious users to exploit IPv6 fragmentation loophole in OpenFlow networks. The proposed mechanism is evaluated in a simulated environment by using six scenarios, and results exhibit that the proposed mechanism effectively fixes the loophole and successfully prevents the abuse of IPv6 fragmentation in OpenFlow networks.

In network security, firewall is a security system that observes and controls the network traffic based on some predefined rules. A firewall sets up a barrier between internal network and another outside unsecured network, such as the Internet. A number of signcryption schemes for firewall are proposed over the years, many of them are proved to have security flaws. In this paper, an elliptic curve based signcryption scheme for firewalls is analyzed. It is observed that the scheme is not secure and has many security flaws. Anyone who knows the public parameters, can modify the message without the knowledge of sender and receiver. The claimed security attributes of non-repudiation, unforgeability, integrity and authentication are compromised. After successful cryptanalysis of this scheme, we proposed a modified version of the scheme.