International Journal of Computer Science and Business Informatics, Feb 1, 2015
VoIP as a packet switched system is clearly one of the most important evolving trends in computin... more VoIP as a packet switched system is clearly one of the most important evolving trends in computing and telecommunications. However, just like many other new Information technology trends, VoIP introduces both security risks and opportunities for the IT world, viable solutions of which are required. The use of publically verified cryptographic algorithms to ensure confidentiality of VoIP traffic transmitted over insecure public networks as the Internet cannot be overemphasized. Nonetheless, the uses of cryptographic algorithms yet imposes a delay overhead and packet size overhead on VoIP, which is unconnected to the processing time required to encrypt/decrypt bits or blocks of data and the increase in packet size due the block size of the encryption algorithm. This delay levied is dependent on the mode of operation of the cryptographic algorithms. Mindful of the fact that other components like voice codecs and network bandwidth also contributed delay capabilities on VoIP traffic, and additions of security overheads, there exists a threshold point where an increase in call volume exerts a negative effect on pre-established calls with respect to time and the rate of packet loss. This study sought to determine the combination of cryptographic algorithms, cipher mode and voice codec that holds the uppermost threshold point, before the latency and rate of packet loss of active calls goes past ITU acceptable standards; for one way latency in both plain and encrypted VoIP traffic of 150ms and 200ms respectively and 5% packet loss rate. Through simulation of appropriate scenarios, results indicates that each of the encryption algorithms (AES, DES and 3DES) append additional overhead on the e2e delay and rate of packet loss during VoIP transmission. Also revealing that VoIP-supported codecs are faster and have a higher threshold in terms of the number of calls before the e2e delay and the rate of packet loss exceeds the acceptable limit for encrypted and plain VoIP e2e delay and packet loss rate.
The 5th International Conference on Future Networks & Distributed Systems, Dec 15, 2021
Behaviour profiling is used in organisations to identify the working patterns of agents: humans o... more Behaviour profiling is used in organisations to identify the working patterns of agents: humans or devices. It can be used to detect abnormal patterns of devices in an organisation’s BYOD network to help control network access. Although BYOD offers great benefits of improving productivity and job satisfaction while reducing cost, it bears some security issues around access control with limitations in addressing insider threat scenarios. This means that motivated and determined attackers with valid access credentials can exploit the weaknesses to compromise the system. The limitation of mobile devices can mean that traditional network access control mechanism are ineffective in addressing insider threats, and can impact on device capacity and functionality. Thus, it is crucial to explore other ways of identifying insider threats from anomalous device behaviours. We propose a device-type profiling for threat detection which uses packet inter-arrival time patterns of devices for automatic identification of abnormal device-types. Experimental tests using clustering-based multivariate gaussian outlier score (CMGOS) to clearly distinguish and label normal and abnormal inter-arrival time patterns yielded promising results. This affirms the effectiveness of the proposed approach to support system administrators in monitoring and detecting insider threats for timely and effective access control response.
This article investigates cybersecurity (and risk) in the context of ‘technological singularity’ ... more This article investigates cybersecurity (and risk) in the context of ‘technological singularity’ from artificial intelligence. The investigation constructs multiple risk forecasts that are synthesised in a new framework for counteracting risks from artificial intelligence (AI) itself. In other words, the research in this article is not just concerned with securing a system, but also analysing how the system responds when (internal and external) failure(s) and compromise(s) occur. This is an important methodological principle because not all systems can be secured, and totally securing a system is not feasible. Thus, we need to construct algorithms that will enable systems to continue operating even when parts of the system have been compromised. Furthermore, the article forecasts emerging cyber-risks from the integration of AI in cybersecurity. Based on the forecasts, the article is concentrated on creating synergies between the existing literature, the data sources identified in th...
International Journal of Computer Science and Business Informatics, Feb 1, 2015
VoIP as a packet switched system is clearly one of the most important evolving trends in computin... more VoIP as a packet switched system is clearly one of the most important evolving trends in computing and telecommunications. However, just like many other new Information technology trends, VoIP introduces both security risks and opportunities for the IT world, viable solutions of which are required. The use of publically verified cryptographic algorithms to ensure confidentiality of VoIP traffic transmitted over insecure public networks as the Internet cannot be overemphasized. Nonetheless, the uses of cryptographic algorithms yet imposes a delay overhead and packet size overhead on VoIP, which is unconnected to the processing time required to encrypt/decrypt bits or blocks of data and the increase in packet size due the block size of the encryption algorithm. This delay levied is dependent on the mode of operation of the cryptographic algorithms. Mindful of the fact that other components like voice codecs and network bandwidth also contributed delay capabilities on VoIP traffic, and additions of security overheads, there exists a threshold point where an increase in call volume exerts a negative effect on pre-established calls with respect to time and the rate of packet loss. This study sought to determine the combination of cryptographic algorithms, cipher mode and voice codec that holds the uppermost threshold point, before the latency and rate of packet loss of active calls goes past ITU acceptable standards; for one way latency in both plain and encrypted VoIP traffic of 150ms and 200ms respectively and 5% packet loss rate. Through simulation of appropriate scenarios, results indicates that each of the encryption algorithms (AES, DES and 3DES) append additional overhead on the e2e delay and rate of packet loss during VoIP transmission. Also revealing that VoIP-supported codecs are faster and have a higher threshold in terms of the number of calls before the e2e delay and the rate of packet loss exceeds the acceptable limit for encrypted and plain VoIP e2e delay and packet loss rate.
The 5th International Conference on Future Networks & Distributed Systems, Dec 15, 2021
Behaviour profiling is used in organisations to identify the working patterns of agents: humans o... more Behaviour profiling is used in organisations to identify the working patterns of agents: humans or devices. It can be used to detect abnormal patterns of devices in an organisation’s BYOD network to help control network access. Although BYOD offers great benefits of improving productivity and job satisfaction while reducing cost, it bears some security issues around access control with limitations in addressing insider threat scenarios. This means that motivated and determined attackers with valid access credentials can exploit the weaknesses to compromise the system. The limitation of mobile devices can mean that traditional network access control mechanism are ineffective in addressing insider threats, and can impact on device capacity and functionality. Thus, it is crucial to explore other ways of identifying insider threats from anomalous device behaviours. We propose a device-type profiling for threat detection which uses packet inter-arrival time patterns of devices for automatic identification of abnormal device-types. Experimental tests using clustering-based multivariate gaussian outlier score (CMGOS) to clearly distinguish and label normal and abnormal inter-arrival time patterns yielded promising results. This affirms the effectiveness of the proposed approach to support system administrators in monitoring and detecting insider threats for timely and effective access control response.
This article investigates cybersecurity (and risk) in the context of ‘technological singularity’ ... more This article investigates cybersecurity (and risk) in the context of ‘technological singularity’ from artificial intelligence. The investigation constructs multiple risk forecasts that are synthesised in a new framework for counteracting risks from artificial intelligence (AI) itself. In other words, the research in this article is not just concerned with securing a system, but also analysing how the system responds when (internal and external) failure(s) and compromise(s) occur. This is an important methodological principle because not all systems can be secured, and totally securing a system is not feasible. Thus, we need to construct algorithms that will enable systems to continue operating even when parts of the system have been compromised. Furthermore, the article forecasts emerging cyber-risks from the integration of AI in cybersecurity. Based on the forecasts, the article is concentrated on creating synergies between the existing literature, the data sources identified in th...
Uploads
Papers by Uche Daniel