Abstract-Performing research on live network traffic requires the traffic to be well documented and described. The results of such research are heavily dependent on the particular network. This paper presents a study of network characteristics, which can be used to describe the behaviour of a network. We propose a number of characteristics that can be collected from the networks and evaluate them on five different networks of Masaryk University. The proposed characteristics cover IP, transport and application layers of the network traffic. Moreover, they reflect strong day-night and weekday patterns that are present in most of the networks. Variation in the characteristics between the networks indicates that they can be used for the description and differentiation of the networks. Furthermore, a weak correlation between the chosen characteristics implies their independence and contribution to network description.
Abstract-A lot of research has been dedicated to finding an optimal strategy to defend network infrastructure. The proposed methods are usually evaluated using simulations, replayed attacks or testbed environments. However, these evaluation methods may give biased results, because in real life, attackers can follow a suboptimal strategy or react to a defence in an unexpected way. In this paper, we use a network of honeypots as a testing environment for evaluating network defence strategies. The honeypot network provides the opportunity to test a defence strategy against real attackers and is not as time and resource consuming as using white hat hackers. In our experiment, we use two different strategies to defend a group of honeypots in a live network and we compare these results to the results of a simulation with replayed attacks. We show that the results of the strategies in the simulation significantly differ from the results on the honeypot network which implies simulations are not sufficient for strategy evaluation. We also investigate how the attacker adapts to the responses taken by a defence strategy and how this change in behaviour affects the evaluation results.
In this paper, we describe a network defence strategy testbed, which could be utilized for testing the strategy decision logic against simulated attacks or real attackers. The testbed relies on a network of honeypots and the high level of logging and monitoring the honeypots provide. Its main advantage is that only the decision logic implementation is needed in order to test the strategy. The testbed also evaluates the tested network defence strategy. We demonstrate an example of network defence strategy implementation, the test setup, progress, and results. The source code of the testbed is available on GitHub.
The expansion of mobile devices equipped with GPS (Global Positioning System) locators corresponds to the development of the highly customized location-based services including geosocial networks. The usage of customized location-based services positively effects many aspects of users' daily routines from travelling to choosing the best restaurant. On the other hand, providing customized services relates to collecting and storing large amount of users' information and gives rise to many privacy-preserving issues. In this paper, we discuss the privacy concerns connected with publishing geosocial network datasets and the impact of the anonymization on the utility of the geosocial network dataset. Considering the importance of the geosocial network for the socioeconomic analysis, we put arguments for the importance of geosocial network anonymization before exploiting the dataset. We apply the clustering anonymization methods according to geographical coordinates and the values of location entropy on the real-world data to prevent the location privacy leakage. Afterwards, we compare the network metrics in the original and anonymized real-world datasets and measure the impact of the anonymization on the metric values.
Network security is still lacking an efficient system which selects a response action based on observed security events and which is capable of running autonomously. The main reason for this is the lack of an effective defence strategy. In this Ph.D., we endeavour to create such a defence strategy. We propose to model the interaction between an attacker and a defender to comprehend how the attacker's goals affect his actions and use the model as a basis for a more refined network defence strategy. We formulate the research questions that need to be answered and we discuss, how the answers to these questions relate to the proposed solution. This research is at the initial phase and will contribute to a Ph.D. thesis in four years.
Online social network datasets contain a large amount of various information about their users. Preserving users’ privacy while publishing or sharing datasets with third parties has become a challenging problem. The k-automorphism is the anonymization method that protects the social network dataset against any passive structural attack. It provides a higher level of protection than other k-anonymity methods, including k-degree or k-neighborhood techniques. In this paper, we propose a hybrid algorithm that effectively modifies the social network to the k-automorphism one. The proposed algorithm is based on the structure of the previously published k-automorphism KM algorithm. However, it solves the NP-hard subtask of finding isomorphic graph extensions with a genetic algorithm and employs the GraMi algorithm for finding frequent subgraphs. In the design of the genetic algorithm, we introduce the novel chromosome representation in which the length of the chromosome is independent of the size of the input network, and each individual in each generation leads to the k-automorphism solution. Moreover, we present a heuristic method for selecting the set of vertex disjoint subgraphs. To test the algorithm, we run experiments on a set of real social networks and use the SecGraph tool to evaluate our results in terms of protection against deanonymization attacks and preserving data utility. It makes our experimental results comparable with any future research.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.