Abstract:The Address Resolution Protocol (ARP) is used by computers to map network addresses (IP) to physical addresses (MAC). The protocol has proved to work well under regular circumstances, but it was not designed to cope with malicious hosts. By performing ARP cache poisoning or ARP spoofing attacks, an intruder can impersonate another host (man-in-the-middle attack) and gain access to sensitive information. Several schemes to mitigate, detect and prevent these attacks have been proposed, but each has its limitatio… Show more
“…The spectrogram for this time series is shown in Figure 6 For the first fourth of the time series, a single polling period of 3 seconds is used. The corresponding frequency component is present at 1 3 Hz, which can be observed as a horizontal red line in the spectrogram. After some time, a second polling series starts, with a period of 5 seconds.…”
Section: Spectral Analysismentioning
confidence: 99%
“…Note that a malicious host masqueraded as such HMI, by spoofing its IP address, could perform the same attack. Interested readers are referred to [1] for a discussion of mechanisms that can protect against such attacks.…”
Section: Dealing With Real-world Attack Scenariosmentioning
confidence: 99%
“…Therefore, in Chapter 2 of this thesis, we present an extensive characterization of network traces collected in SCADA networks used in utility sector: water treatment and distribution facilities, and gas and electricity providers. The data collection was possible through the collaboration with industry partners, established in the context of the national Hermes, Castor and Midas projects 1 . The goal of this characterization is to expose the differences with traditional Information Technology (IT) networks, and thus motivate the need of new intrusion detection solutions.…”
“…The spectrogram for this time series is shown in Figure 6 For the first fourth of the time series, a single polling period of 3 seconds is used. The corresponding frequency component is present at 1 3 Hz, which can be observed as a horizontal red line in the spectrogram. After some time, a second polling series starts, with a period of 5 seconds.…”
Section: Spectral Analysismentioning
confidence: 99%
“…Note that a malicious host masqueraded as such HMI, by spoofing its IP address, could perform the same attack. Interested readers are referred to [1] for a discussion of mechanisms that can protect against such attacks.…”
Section: Dealing With Real-world Attack Scenariosmentioning
confidence: 99%
“…Therefore, in Chapter 2 of this thesis, we present an extensive characterization of network traces collected in SCADA networks used in utility sector: water treatment and distribution facilities, and gas and electricity providers. The data collection was possible through the collaboration with industry partners, established in the context of the national Hermes, Castor and Midas projects 1 . The goal of this characterization is to expose the differences with traditional Information Technology (IT) networks, and thus motivate the need of new intrusion detection solutions.…”
“…DAI uses a technique called DHCP-Snooping [144] to build and maintain its trusted IP-MAC address database. While DAI is one of the most promising non-cryptographic solutions to mitigate ARP spoofing attacks, its drawbacks include its proprietary nature and relatively high cost [22,145].…”
Section: Traditional Arp Spoofing Countermeasuresmentioning
confidence: 99%
“…A survey of these measures is provided in [22]. One of the most prominent and widely used ARP spoofing mitigation approaches is Dynamic ARP Inspection (DAI) [25].…”
Section: Traditional Arp Spoofing Countermeasuresmentioning
Software Defined Networking (SDN) is an emerging computer network paradigm and represents one of the most promising technologies to simplify network management and configuration through increased network programmability and abstraction. In contrast to traditional networks, in SDN, the control plane, which makes decisions on how to forward traffic, is separated from the data plane, which transmits traffic to selected destinations. That makes network control (via the SDN controller) more programmable, dynamic and centralised. With the higher level of abstraction that SDN provides, network administrators can more easily configure network services and manage traffic flows without having to configure a large number of individual network devices (switches and routers). The great potential of SDN has led to significant deployments in data centres, wide area networks, etc., and it is growing at a rapid pace.Security is a critical aspect of networking in general and is particularly vital in SDN. Due to its fundamentally new architecture, SDN presents new potential security vulnerabilities and risks. Security in SDN has not received much attention yet, given that it is very distinct and unique.The goal of this PhD was to address this gap and analyse the security of the SDN infrastructure, identify vulnerabilities and weaknesses, and propose corresponding solutions and improvements. The focus was on the fundamental aspects and components of SDN, in particular the building blocks of the control plane components include Topology Discovery, Address Resolution Protocol (ARP) Handling and Virtualisation Layer. Finally, the thesis thoroughly explored and investigated the most common and effective attacks against the SDN architecture.
SummaryFog computing is used as a popular extension of cloud computing for a variety of emerging applications. To incorporate various design choices and customized policies in fog computing paradigm, Microservices is proposed as a new software architecture, which is easy to modify and quick to deploy fog applications because of its significant features, ie, fine granularity and loose coupling. Unfortunately, the Microservices architecture is vulnerable due to its wildly distributed interfaces that are easily attacked. However, the industry has not been fully aware of its security issues. In this paper, a survey of different security risks that pose a threat to the Microservices‐based fog applications is presented. Because a fog application based on Microservices architecture consists of numerous services and communication among services is frequent, we focus on the security issues that arise in services communication of Microservices in four aspects: containers, data, permission, and network. Containers are often used as the deployment and operational environment for Microservices. Data is communicated among services and is vital for every enterprise. Permission is the guarantee of services security. Network security is the foundation for secure communication. Finally, we propose an ideal solution for security issues in services communication of Microservices‐based fog applications.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.