In order to solve the problem of virus and Trojan attacking the application layer network protocol of industrial control system, the rule of Modbus/TCP communication protocol is analyzed. An intrusion detection method based on clustering and support vector machine is proposed. The method combines unsupervised fuzzy C-means clustering (FCM) with supervised support vector (SVM) machine to calculate the distance between industrial control network communication data and cluster center. Partial data satisfying the threshold condition is further classified by support vector machine. Experimental results show that compared with the traditional intrusion detection method, this method can effectively reduce the training time and improve the classification accuracy without needing to know the class label in advance.
There have been many methods to protect the commercial software from being cracked. But the crackers can always skip the protecting part through analyzing the assembly code of the software. A new protecting method is presented here. It breaks the original software into two parts. A part which is so important that it can't be skipped, called key process of computing, is put at the remote server side and the rest runs on the local machine as usual. When the software runs into the departed part, it must call the remote part through RPC to get the right answer and goes on. We can see, in this method, the cracker can't get the execution code of the remote part and he also can't just skip the remote part. So the only way to crack the software protected by this method is to reimplement the key process of computing. If the key process of computing we select is complicated enough, to do it will be such a great work not less than reimplementing the whole software. This method is also easy to be deployed. The commercial software can be distributed by the internet and that is the cheapest way so far. The only shortcoming of it is that when the software is running, the machine must be connected onto the internet. That may not be a big problem when the internet can be connected to everywhere now.
Abstract-For the secure two-way communication and forwarding, this paper proposes SRDA, a secure routing and data aggregation approach for wireless smart meter. This approach introduces the unique wireless smart meter identifier to represent its public identity information, and gives a secure routing architecture based on control and forwarding separation. In this architecture, SRDA uses the proxy re-encryption data aggregation algorithm to protect security of data transmission. By using the routing algorithm according to distance and link quality, SRDA achieves the best routing path and provides several alternative paths which have different priorities. Besides, the identifier-based cryptography mechanism is used to issue and update the routing information in security, and the proxy reencryption mechanism is designed to preserve the data privacy. In conclusion, this paper gives an analysis for the relatively excellent security, scalability and energy efficiency. Index Terms-Wireless smart meter identifier, secure routing and data aggregation, control and forwarding separation, identifier-based cryptography mechanism
With the application to assess the network and system security in some key fields, penetration testing assessment methods have been evolving into a popular research topic. However, the automation degree of penetration testing is at a lower level, and many parameters of security assessment method is uncertain. For these two problems above, we use rule trees method to achieve the automation process of penetration testing, and each chain of rule trees stores a complete the attack process. By using the result of penetration testing, we propose the security assessment process to meet the NIST guidelines, and it can make some uncertain parameters of security assessment clear. With the constant expansion of rule trees, the proposed method can improve the accuracy and effectiveness of security assessment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.