Ning Hu¹, Yu Teng², Yan Zhao¹, Shi Yin¹, Yue Zhao^3,*

CMES-Computer Modeling in Engineering & Sciences, Vol.129, No.1, pp. 299-322, 2021, DOI:10.32604/cmes.2021.016839

Abstract The rapid development of blockchain technology has provided new ideas for network security research. Blockchain-based network security enhancement solutions are attracting widespread attention. This paper proposes an Internet domain name verification method based on blockchain. The authenticity of DNS (Domain Name System) resolution results is crucial for ensuring the accessibility of Internet services. Due to the lack of adequate security mechanisms, it has always been a challenge to verify the authenticity of Internet domain name resolution results. Although the solution represented by DNSSEC (Domain Name System Security Extensions) can theoretically solve the domain name verification problem, it has not been… More >

Shen Wang^1,*, Fanghui Sun¹, Hongli Zhang¹, Dongyang Zhan^1,2, Shuang Li³, Jun Wang¹

CMC-Computers, Materials & Continua, Vol.69, No.3, pp. 3711-3725, 2021, DOI:10.32604/cmc.2021.016562

Abstract Internet communication protocols define the behavior rules of network components when they communicate with each other. With the continuous development of network technologies, many private or unknown network protocols are emerging in endlessly various network environments. Herein, relevant protocol specifications become difficult or unavailable to translate in many situations such as network security management and intrusion detection. Although protocol reverse engineering is being investigated in recent years to perform reverse analysis on the specifications of unknown protocols, most existing methods have proven to be time-consuming with limited efficiency, especially when applied on unknown protocol state machines. This paper proposes a… More >

Farouq Aliyu^1,*, Tarek Sheltami¹, Ashraf Mahmoud¹, Louai Al-Awami¹, Ansar Yasar²

CMC-Computers, Materials & Continua, Vol.69, No.1, pp. 1159-1181, 2021, DOI:10.32604/cmc.2021.016938

Abstract Fog computing (FC) is a networking paradigm where wireless devices known as fog nodes are placed at the edge of the network (close to the Internet of Things (IoT) devices). Fog nodes provide services in lieu of the cloud. Thus, improving the performance of the network and making it attractive to social media-based systems. Security issues are one of the most challenges encountered in FC. In this paper, we propose an anomaly-based Intrusion Detection and Prevention System (IDPS) against Man-in-the-Middle (MITM) attack in the fog layer. The system uses special nodes known as Intrusion Detection System (IDS) nodes to detect… More >

Hui Wang¹, Chuanhan Zhu¹, Zihao Shen^1,*, Dengwei Lin², Kun Liu¹, MengYao Zhao³

Computer Systems Science and Engineering, Vol.38, No.1, pp. 103-117, 2021, DOI:10.32604/csse.2021.014680

Abstract Computer networks face a variety of cyberattacks. Most network attacks are contagious and destructive, and these types of attacks can be harmful to society and computer network security. Security evaluation is an effective method to solve network security problems. For accurate assessment of the vulnerabilities of computer networks, this paper proposes a network security risk assessment method based on a Bayesian network attack graph (B_NAG) model. First, a new resource attack graph (RAG) and the algorithm E-Loop, which is applied to eliminate loops in the B_NAG, are proposed. Second, to distinguish the confusing relationships between nodes of the attack graph… More >

Anuj Kumar Singh¹, Mohammed Alshehri^2,*, Shashi Bhushan³, Manoj Kumar³, Osama Alfarraj⁴, Kamal Raj Pardarshani⁵

Intelligent Automation & Soft Computing, Vol.27, No.3, pp. 761-769, 2021, DOI:10.32604/iasc.2021.012806

Abstract Wireless sensor networks (WSNs) have been used in numerous delicate checking, observation, and surveillance systems that use sensitive data. When a WSN utilizes various data clustering techniques, data is moved to the cluster head (CH) of the corresponding cluster area. Cluster Head further communicates the information to the sink node. In a WSN, a network owner (NO) does not validate a sensor before connecting to the network, so faulty nodes may likely attach to the network to sense the data and attempt to release the information to unauthorized persons. Further, a malicious node may become a mobile node (MN) equipped… More >

Wajdi Alhakami¹, Abdullah Baz², Hosam Alhakami³, Masood Ahmad⁴, Raees Ahmad Khan^4,*

Intelligent Automation & Soft Computing, Vol.27, No.2, pp. 409-424, 2021, DOI:10.32604/iasc.2021.015351

Abstract Healthcare devices play an essential role in tracking and managing patient’s safety. However, the complexities of healthcare devices often remain ambiguous due to hardware, software, or the interoperable healthcare system problems. There are essentially two critical factors for targeting healthcare: First, healthcare data is the most valuable entity on the dark web; and the second, it is the easiest to hack. Data pilferage has become a major hazard for healthcare organizations as the hackers now demand ransom and threaten to disclose the sensitive data if not paid within the stipulated timeline. The present study enlists a thorough research on the… More >

Fuxiang Yuan, Fenlin Liu, Chong Liu, Xiangyang Luo^*

Intelligent Automation & Soft Computing, Vol.26, No.6, pp. 1403-1417, 2020, DOI:10.32604/iasc.2020.011902

Abstract IPs in homogeneous blocks are tightly connected and close to each other in topology and geography, which can help geolocate sensitive target IPs and maintain network security. Therefore, this manuscript proposes a city-level homogeneous blocks identification algorithm for IP geolocation. Firstly, IPs with consistent geographic location information in multiple databases and some landmarks in a specific area are obtained as targets; the /31 containing each target is used as a candidate block; vantage points are deployed to probe IPs in the candidate blocks to obtain delays and paths, and alias resolution is performed. Then, based on the analysis of paths… More >

Eunmok Yang¹, Gyanendra Prasad Joshi², Changho Seo^3,*

CMC-Computers, Materials & Continua, Vol.66, No.2, pp. 1647-1663, 2021, DOI:10.32604/cmc.2020.013210

Abstract In network-based intrusion detection practices, there are more regular instances than intrusion instances. Because there is always a statistical imbalance in the instances, it is difficult to train the intrusion detection system effectively. In this work, we compare intrusion detection performance by increasing the rarely appearing instances rather than by eliminating the frequently appearing duplicate instances. Our technique mitigates the statistical imbalance in these instances. We also carried out an experiment on the training model by increasing the instances, thereby increasing the attack instances step by step up to 13 levels. The experiments included not only known attacks, but also… More >

Muhammad Adnan Khan^1,*, Abdur Rehman², Khalid Masood Khan¹, Mohammed A. Al Ghamdi³, Sultan H. Almotiri³

CMC-Computers, Materials & Continua, Vol.66, No.1, pp. 467-480, 2021, DOI:10.32604/cmc.2020.013121

Abstract Networks provide a significant function in everyday life, and cybersecurity therefore developed a critical field of study. The Intrusion detection system (IDS) becoming an essential information protection strategy that tracks the situation of the software and hardware operating on the network. Notwithstanding advancements of growth, current intrusion detection systems also experience dif- ficulties in enhancing detection precision, growing false alarm levels and identifying suspicious activities. In order to address above mentioned issues, several researchers concentrated on designing intrusion detection systems that rely on machine learning approaches. Machine learning models will accurately identify the underlying variations among regular information and irregular… More >

Pang Li^{1, *}, Lifeng Zhu², Brij B. Gupta^{3, 4}, Sunil Kumar Jha⁵

CMC-Computers, Materials & Continua, Vol.65, No.3, pp. 2079-2090, 2020, DOI:10.32604/cmc.2020.013696

Abstract In sensor networks, it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys. In order to solve this problem, the present study proposes a scheme called multi-conditional proxy broadcast reencryption (MC-PBRE). The scheme consists of the following roles: the source node, proxy server, and the target node. If the condition is met, the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt. It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the… More >