Secure Communication with Secret Sharing for the S-Network Using a Large Set of Mistrust-Parties
Issue:
Volume 1, Issue 2, March 2013
Pages:
17-25
Received:
22 February 2013
Accepted:
Published:
20 March 2013
Abstract: This article presents a solution to ensure secure communication in computer networks by using secret sharing and multiple parties mistrusting each other instead of relying on a “trusted party” or a “web of trust”. In contrast to other solutions requiring asymmetric encryption, this concept can provide security even after any possible advance in cryptanalysis and even if unlimited calculation power was available to attack it. But this solution requires the computer network to have special properties. The S Network, a trustworthy repository, is presented as a potential application. A multi-partition-routing protocol is introduced to optimize the concept for secure communication with secret sharing in the context of the S Network.
Abstract: This article presents a solution to ensure secure communication in computer networks by using secret sharing and multiple parties mistrusting each other instead of relying on a “trusted party” or a “web of trust”. In contrast to other solutions requiring asymmetric encryption, this concept can provide security even after any possible advance in cry...
Show More
Secure Intrusion Detection and Attack Measure Selection in Virtual Network Systems
S. Uvaraj,
S. Suresh,
N. Kannaiya Raja
Issue:
Volume 1, Issue 2, March 2013
Pages:
26-33
Received:
11 May 2013
Accepted:
Published:
10 June 2013
Abstract: Cloud security is one of most important issues that has attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multi-step exploitation, low frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multi phase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages Open Flow network programming APIs to build a monitor and control plane over distributed programmable virtual switches in order to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution.
Abstract: Cloud security is one of most important issues that has attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such ...
Show More