research-article

Operational system testing for designed in security

Authors:

İlker Özçelik,

Richard R. BrooksAuthors Info & Claims

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Article No.: 55, Pages 1 - 4

https://doi.org/10.1145/2459976.2460038

Published: 08 January 2013 Publication History

Get Access

Abstract

To design secure systems, one needs to understand how attackers use system vulnerabilities in their favor. This requires testing vulnerabilities on operational systems. However, working on operational systems is not always possible because of the risk of disturbance.

In this study, we introduce an approach to experimenting using operational system data and performing real attacks without disturbing the original system. We applied this approach to a network security experiment and tested the performance of three detection methods. The approach used in this study can be used when developing systems with Designed-in Security to identify and test system vulnerabilities.

Supplementary Material

a55-ozcelik.pdf (a55-ozcelik_supp.pdf)

Supplemental file.

Download
369.55 KB

References

[1]

High throughput computing. This is an electronic document. Available: "http://citi.clemson.edu/htc". Date retrieved: February 1, 2012.

Google Scholar

[2]

Global enviroment for network innovations (geni), "http://www.geni.net/", 2011.

Google Scholar

[3]

J. Altmann. Surfing the wavelets. This is an electronic document. Available: "http://www.wavelet.org/tutorial/". Date of publication: {1996}. Date retrieved: July 28, 2012.

Google Scholar

[4]

R. B. Blazek, H. Kim, B. Rozovskii, and A. Tartakovsky. A novel approach to detection of "denial-of-service" attacks via adaptive sequential and batch-sequential change-point detection methods. In IEEE Systems, MAN, and Cybernetics Information Assurance and Security Workshop, pages 220--226, June 2001.

Google Scholar

[5]

R. Brooks. Disruptive Security Technologies with Mobile Code and Peer-to-Peer Networks. CRC Press, Boca Raton, FL, first crc printing edition, 2005.

Digital Library

Google Scholar

[6]

C. Callegari, S. Giordano, M. Pagano, and T. Pepe. Wave-cusum Improving cusum performance in network anomaly detection by means of wavelet analysis. Computers and Security, 31(5):727--735, 2012.

Digital Library

Google Scholar

[7]

G. Carl, R. R. Brooks, and S. Rai. Wavelet based denial-of-service detection. Computers and Security, 25(8):600--615, 2006.

Digital Library

Google Scholar

[8]

N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner. Openflow: enabling innovation in campus networks. SIGCOMM Comput. Commun. Rev., 38:69--74, March 2008.

Digital Library

Google Scholar

Cited By

View all

Berman MElliott CLandweber L(2014)GENI: Large-scale distributed infrastructure for networking and distributed systems research2014 IEEE Fifth International Conference on Communications and Electronics (ICCE)10.1109/CCE.2014.6916696(156-161)Online publication date: Jul-2014
https://doi.org/10.1109/CCE.2014.6916696

Index Terms

Operational system testing for designed in security
1. Security and privacy
  1. Network security

Recommendations

Analysis and Comparison of the Network Security Protocol with DoS/DDoS Attack Resistance Performance
HPCC-CSS-ICESS '15: Proceedings of the 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conf on Embedded Software and Systems

Network security protocol design is important aspectof network security research. DoS/DDoS is very seriousattack in wired and wireless network. DoS/DDoS attack depletes memory/cpu of service provider, so legitimate user can't gain normal service. ...
Typical DoS/DDoS Threats under IPv6
ICCGI '07: Proceedings of the International Multi-Conference on Computing in the Global Information Technology

The DoS/DDoS attacks are always the leading threats to the Internet. With the development of Internet, IPv6 is inevitably taking the place of IPv4 as the main protocol of Internet. So the security issues of IPv6 become the focus of the present research. ...
A detailed survey of denial of service for IoT and multimedia systems: Past, present and futuristic development
Abstract
The rise in frequency and volume of Distributed Denial of Service (DDoS) attacks has made it a destructive weapon of attackers which can disrupt the services of any network including the Internet of Things. It is almost impossible to avoid DDoS ...

Comments

Information & Contributors

Information

Published In

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

January 2013

282 pages

ISBN:9781450316873

DOI:10.1145/2459976

Editors:
Frederick Sheldon
Oak Ridge National Laboratory
,
Annarita Giani
Los Alamos National Laboratory
,
Axel Krings
University of Idaho
,
Robert Abercrombie
Oak Ridge National Laboratory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 January 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Air Force Office of Scientific Research
Division of Computer and Network Systems
Office of Cyberinfrastructure
U.S. Department of State
BMW Manufacturing Corporation

Conference

CSIIRW '13

Sponsor:

Los Alamos National Labs
Sandia National Labs
DOE
Lawrence Livermore National Lab.
BERKELEYLAB
Argonne Natl Lab
Idaho National Lab.
Nevada National Security Site

CSIIRW '13: Cyber Security and Information Intelligence

January 8 - 10, 2013

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
197
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Berman MElliott CLandweber L(2014)GENI: Large-scale distributed infrastructure for networking and distributed systems research2014 IEEE Fifth International Conference on Communications and Electronics (ICCE)10.1109/CCE.2014.6916696(156-161)Online publication date: Jul-2014
https://doi.org/10.1109/CCE.2014.6916696

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Analysis and Comparison of the Network Security Protocol with DoS/DDoS Attack Resistance Performance

Typical DoS/DDoS Threats under IPv6

A detailed survey of denial of service for IoT and multimedia systems: Past, present and futuristic development