Implementation of honeypot to detect and prevent distributed denial of service attack

Sembiring, Irwan

doi:10.1109/icitacee.2016.7892469

Cited by 12 publications

(6 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Although SCADA is widely used due to its rapid development, recent studies have highlighted its vulnerabilities from a cyber-security and cyber-physical security perspective [14], [15], [22], [23], [27], [28], [30]- [37]. The threat of cyberattacks looms over SCADA systems that communicate with network protocols [22], [23], [27], [34], [38].…”

Section: Related Workmentioning

confidence: 99%

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Rupapara¹

2021

View full text Add to dashboard Cite

“…Although SCADA is widely used due to its rapid development, recent studies have highlighted its vulnerabilities from a cyber-security and cyber-physical security perspective [14], [15], [22], [23], [27], [28], [30]- [37]. The threat of cyberattacks looms over SCADA systems that communicate with network protocols [22], [23], [27], [34], [38].…”

Section: Related Workmentioning

confidence: 99%

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Rupapara¹

2021

View full text Add to dashboard Cite

“…Although SCADA is widely used due to its rapid development, recent studies have highlighted its vulnerabilities from a cyber-security and cyber-physical security perspective ( Bratus et al, 2016 ; Siddavatam & Kazi, 2016 ; Mantere, Sailio & Noponen, 2013 ; Lee et al, 2014 ; Rahman, Jakaria & Al-Shaer, 2016 ; Sembiring, 2017 ; Smaiah, Khellaf & Cherifi, 2016 ; Friesen, 2016 ; Moreira et al., 2016 ; Darwish, Igbe & Saadawi 2015 ; Amoah, 2016 ; Chen et al., 2014 ; Nivethan & Papa, 2016 ; Singh, Nivangune & Mrinal, 2016 ). The threat of cyberattacks looms over SCADA systems that communicate with network protocols ( Mantere, Sailio & Noponen, 2013 ; Lee et al, 2014 ; Rahman, Jakaria & Al-Shaer, 2016 ; Amoah, 2016 ; Ahn et al, 2015 ).…”

Section: Related Workmentioning

confidence: 99%

“…Such vulnerability can be used by attackers to steal the transmitted data. Furthermore, attackers may interrupt, intercept, fabricate, and modify the data, which would also hamper SCADA ( Nguyen, Ali & Yue, 2017 ; Orojloo & Azgomi, 2017 ; Dragomir et al, 2016 ; Senthivel, Ahmed & Roussev, 2017 ; Mantere, Sailio & Noponen, 2013 ; Lee et al, 2014 ; Park, Suh & Park, 2016 ; Bartman & Carson, 2016 ; Shitharth & Winston, 2016 ; Rahman, Jakaria & Al-Shaer, 2016 ; Sembiring, 2017 ; Amoah, Camtepe & Foo, 2016 ).…”

Section: Introductionmentioning

confidence: 99%

Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems

Riyadi

Putra

Priyambodo

2021

PeerJ Computer Science

View full text Add to dashboard Cite

Background Data transmissions using the DNP3 protocol over the internet in SCADA systems are vulnerable to interruption, interception, fabrication, and modification through man-in-the-middle (MITM) attacks. This research aims to improve the security of DNP3 data transmissions and protect them from MITM attacks. Methods This research describes a proposed new method of improving DNP3 security by introducing BRC4 encryption. This combines Beaufort encryption, in which plain text is encrypted by applying a poly-alphabetic substitution code based on the Beaufort table by subtracting keys in plain text, and RC4 encryption, a stream cipher with a variable-length key algorithm. This research contributes to improving the security of data transmission and accelerating key generation. Results Tests are carried out by key space analysis, correlation coefficient analysis, information entropy analysis, visual analysis, and time complexity analysis.The results show that to secure encryption processes from brute force attacks, a key of at least 16 characters is necessary. IL data correlation values were IL1 = −0.010, IL2 = 0.006, and IL3 = 0.001, respectively, indicating that the proposed method (BRC4) is better than the Beaufort or RC4 methods in isolation. Meanwhile, the information entropy values from IL data are IL1 = 7.84, IL2 = 7.98, and IL3 = 7.99, respectively, likewise indicating that the proposed method is better than the Beaufort or RC4 methods in isolation. Both results also show that the proposed method is secure from MITM attacks. Visual analysis, using a histogram, shows that ciphertext is more significantly distributed than plaintext, and thus secure from MITM attacks. The time complexity analysis results show that the proposed method algorithm is categorized as linear complexity.

show abstract

“…También se describe un método que se puede utilizar para obtener datos de la computadora de un atacante. También en (Sembiring, 2016) se hacen aportes a la investigación sobre el tópico en cuestión, al afirmar que el conocimiento de las diversas amenazas y ataques posibilita la recopilación de datos amplios de la red mediante el uso de honeypot. El honeypot por ellos implementado utiliza un tipo de interacción baja que es honeyd y otro software de soporte como apache2 y bind9.…”

Section: Los Honeypots En La Detección De Amenazasunclassified

Análisis de intrusiones cibernéticas con el uso del Honeypots. Una revisión sistemática / Análise de invasões cibernéticas usando Honeypots. Uma revisão sistemática

Macias¹,

Márquez²,

Cabrera³

et al. 2021

Braz. Ap. Sci. Rev.

View full text Add to dashboard Cite

Honeypot o sistema señuelo diseñado para ser el objetivo de un atacante en las intrusiones cibernéticas además puede recopilar información sobre técnicas y comportamientos de ataque. Se ha realizado una gran cantidad de trabajo en el campo de la detección de intrusiones en la red durante las últimas tres décadas. Con las redes cada vez más rápidas y con la creciente dependencia de Internet tanto a nivel personal como comercial, la detección de intrusos se convierte en un proceso desafiante. El desafío aquí no es solo poder monitorear activamente un gran número de sistemas, sino también poder reaccionar rápidamente a diferentes eventos. Antes de desplegar un honeypot es recomendable tener una idea clara de lo que debe y no debe hacer el honeypot. Debe haber una comprensión clara de los sistemas operativos que se utilizarán y los servicios (como un servidor web, servidor ftp, etc.) que ejecutará un honeypot. Se deben tener en cuenta los riesgos involucrados y se deben comprender los métodos para abordar o reducir estos riesgos. También es recomendable tener un plan sobre qué hacer en caso de que el honeypot se vea comprometido. La presente revisión sistemática aborda el estado actual de la investigación ligada a la detección de intrusiones usando honeypots. La recopilación de información científica se apoyó en el sistema Mendeley, seleccionándose 32 artículos luego de la evaluación de calidad que tuvo como base criterios de inclusión y exclusión previamente establecidos.

show abstract

Implementation of honeypot to detect and prevent distributed denial of service attack

Cited by 12 publications

References 4 publications

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Peer Review #2 of "Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems (v0.2)"

Improvement of nuclear facilities DNP3 protocol data transmission security using super encryption BRC4 in SCADA systems

Análisis de intrusiones cibernéticas con el uso del Honeypots. Una revisión sistemática / Análise de invasões cibernéticas usando Honeypots. Uma revisão sistemática

Contact Info

Product

Resources

About