Search Results (19)

Software-defined networking (SDN) is a revolutionary innovation in network technology with many desirable features, including flexibility and manageability. Despite those advantages, SDN is vulnerable to distributed denial of service (DDoS), which constitutes a significant threat due to its impact on the SDN network. Despite many security approaches to detect DDoS attacks, it remains an open research challenge. Therefore, this study presents a systematic literature review (SLR) to systematically investigate and critically analyze the existing DDoS attack approaches based on machine learning (ML), deep learning (DL), or hybrid approaches published between 2014 and 2022. We followed a predefined SLR protocol in two stages on eight online databases to comprehensively cover relevant studies. The two stages involve automatic and manual searching, resulting in 70 studies being identified as definitive primary studies. The trend indicates that the number of studies on SDN DDoS attacks has increased dramatically in the last few years. The analysis showed that the existing detection approaches primarily utilize ensemble, hybrid, and single ML-DL. Private synthetic datasets, followed by unrealistic datasets, are the most frequently used to evaluate those approaches. In addition, the review argues that the limited literature studies demand additional focus on resolving the remaining challenges and open issues stated in this SLR. Full article

Several researchers have proposed secure authentication techniques for addressing privacy and security concerns in the fifth-generation (5G)-enabled vehicle networks. To verify vehicles, however, these conditional privacy-preserving authentication (CPPA) systems required a roadside unit, an expensive component of vehicular networks. Moreover, these CPPA systems incur exceptionally high communication and processing costs. This study proposes a CPPA method based on fog computing (FC), as a solution for these issues in 5G-enabled vehicle networks. In our proposed FC-CPPA method, a fog server is used to establish a set of public anonymity identities and their corresponding signature keys, which are then preloaded into each authentic vehicle. We guarantee the security of the proposed FC-CPPA method in the context of a random oracle. Our solutions are not only compliant with confidentiality and security standards, but also resistant to a variety of threats. The communication costs of the proposal are only 84 bytes, while the computation costs are $0.0031$, $2.0185$ to sign and verify messages. Comparing our strategy to similar ones reveals that it saves time and money on communication and computing during the performance evaluation phase. Full article

Vehicular fog computing enabled by the Fifth Generation (5G) has been on the rise recently, providing real-time services among automobiles in the field of smart transportation by improving road traffic safety and enhancing driver comfort. Due to the public nature of wireless communication channels, in which communications are conveyed in plain text, protecting the privacy and security of 5G-enabled vehicular fog computing is of the utmost importance. Several existing works have proposed an anonymous authentication technique to address this issue. However, these techniques have massive performance efficiency issues with authenticating and validating the exchanged messages. To face this problem, we propose a novel anonymous authentication scheme named ANAA-Fog for 5G-enabled vehicular fog computing. Each participating vehicle’s temporary secret key for verifying digital signatures is generated by a fog server under the proposed ANAA-Fog scheme. The signing step of the ANAA-Fog scheme is analyzed and proven secure with the use of the ProfVerif simulator. This research also satisfies privacy and security criteria, such as conditional privacy preservation, unlinkability, traceability, revocability, and resistance to security threats, as well as others (e.g., modify attacks, forgery attacks, replay attacks, and man-in-the-middle attacks). Finally, the result of the proposed ANAA-Fog scheme in terms of communication cost and single signature verification is 108 bytes and 2.0185 ms, respectively. Hence, the assessment metrics section demonstrates that our work incurs a little more cost in terms of communication and computing performance when compared to similar studies. Full article

The recent advancements in security approaches have significantly increased the ability to identify and mitigate any type of threat or attack in any network infrastructure, such as a software-defined network (SDN), and protect the internet security architecture against a variety of threats or attacks. Machine learning (ML) and deep learning (DL) are among the most popular techniques for preventing distributed denial-of-service (DDoS) attacks on any kind of network. The objective of this systematic review is to identify, evaluate, and discuss new efforts on ML/DL-based DDoS attack detection strategies in SDN networks. To reach our objective, we conducted a systematic review in which we looked for publications that used ML/DL approaches to identify DDoS attacks in SDN networks between 2018 and the beginning of November 2022. To search the contemporary literature, we have extensively utilized a number of digital libraries (including IEEE, ACM, Springer, and other digital libraries) and one academic search engine (Google Scholar). We have analyzed the relevant studies and categorized the results of the SLR into five areas: (i) The different types of DDoS attack detection in ML/DL approaches; (ii) the methodologies, strengths, and weaknesses of existing ML/DL approaches for DDoS attacks detection; (iii) benchmarked datasets and classes of attacks in datasets used in the existing literature; (iv) the preprocessing strategies, hyperparameter values, experimental setups, and performance metrics used in the existing literature; and (v) current research gaps and promising future directions. Full article

Software-defined networking (SDN) presents novel security and privacy risks, including distributed denial-of-service (DDoS) attacks. In response to these threats, machine learning (ML) and deep learning (DL) have emerged as effective approaches for quickly identifying and mitigating anomalies. To this end, this research employs various classification methods, including support vector machines (SVMs), K-nearest neighbors (KNNs), decision trees (DTs), multiple layer perceptron (MLP), and convolutional neural networks (CNNs), and compares their performance. CNN exhibits the highest train accuracy at 97.808%, yet the lowest prediction accuracy at 90.08%. In contrast, SVM demonstrates the highest prediction accuracy of 95.5%. As such, an SVM-based DDoS detection model shows superior performance. This comparative analysis offers a valuable insight into the development of efficient and accurate techniques for detecting DDoS attacks in SDN environments with less complexity and time. Full article

Evapotranspiration is one of the hydrological cycle’s most important elements in water management across economic sectors. Critical applications in the agriculture domain include irrigation practice improvement and efficiency, as well as water resource preservation. The main objective of this research is to forecast reference evapotranspiration using the vector autoregression (VAR) model and investigate the meteorological variables’ causal relationship with reference evapotranspiration using a statistical approach. The acquired 20-year, 1-year, and 2-month research climate datasets from Penang, Malaysia, were split into 80% training data and 20% validation data. Public weather data are used to train the initial VAR model. A Raspberry Pi IoT device connected to a DHT11 temperature sensor was outfitted at the designated experimental crop site. In situ data acquisition was done using DHT11 temperature sensors to measure the ambient temperature and humidity. The collected temperature and humidity data were used in conjunction with the vector autoregression (VAR) model to calculate the reference evapotranspiration forecast. The results demonstrated that the 20-year dataset showed better performance and consistent results in forecasting general reference evapotranspiration, derived using root mean square error (RMSE) and correlation coefficient (CORR) of 1.1663 and −0.0048, respectively. As for the 1-year dataset model, RMSE and CORR were recorded at 1.571 and −0.3932, respectively. However, the 2-month dataset model demonstrated both positive and negative performance due to seasonal effects in Penang. The RMSE ranged between 0.5297 to 2.3562 in 2020, 0.8022 to 1.8539 in 2019, and 0.8022 to 2.0921 in 2018. As for CORR, it ranged between −0.5803 to 0.2825 in 2020, −0.3817 to 0.2714 in 2019, and −0.3817 to 0.2714 in 2018. In conclusion, the model tested using 20-year, 1-year, and 2-month meteorological datasets for estimating reference evapotranspiration ($E{T}_0$) based on smaller RMSEs demonstrates better performance at predicting the true values, as well as producing both positive and negative CORR performance due to seasonal variations in Penang. Full article

The privacy and security of the information exchanged between automobiles in 5G-enabled vehicular networks is at risk. Several academics have offered a solution to these problems in the form of an authentication technique that uses an elliptic curve or bilinear pair to sign messages and verify the signature. The problem is that these tasks are lengthy and difficult to execute effectively. Further, the needs for revoking a pseudonym in a vehicular network are not met by these approaches. Thus, this research offers a fog computing strategy for 5G-enabled automotive networks that is based on the Chebyshev polynomial and allows for the revocation of pseudonyms. Our solution eliminates the threat of an insider attack by making use of fog computing. In particular, the fog server does not renew the signature key when the validity period of a pseudonym-ID is about to end. In addition to meeting privacy and security requirements, our proposal is also resistant to a wide range of potential security breaches. Finally, the Chebyshev polynomial is used in our work to sign the message and verify the signature, resulting in a greater performance cost efficiency than would otherwise be possible if an elliptic curve or bilinear pair operation had been employed. Full article

Both security and privacy are central issues and need to be properly handled because communications are shared among vehicles in open channel environments of 5G-enabled vehicular networks. Several researchers have proposed authentication schemes to address these issues. Nevertheless, these schemes are not only vulnerable to quantum attacks but also use heavy operations to generate and verify signatures of messages. Additionally, these schemes need an expensive component RoadSide Unit (RSU)-aided scheme during the joining phase. To address these issues, we propose a lightweight quantum-resistant scheme according to the lattice method in 5G-enabled vehicular networks. Our proposal uses matrix multiplication instead of operations-based bilinear pair cryptography or operations-based elliptic curve cryptography to generate and verify signatures of messages shared among vehicles. Our proposal satisfies a significant reduction in performance, which makes it lightweight enough to handle quantum attacks. Our proposal is based on 5G technology without using any RSU-aided scheme. Security analysis showed that our proposal satisfies privacy and security properties as well as resists quantum attacks. Finally, our proposal also shows favorable performance compared to other related work. Full article

Starting from the First Industrial Revolution to the current and Fourth Industrial Revolution (or Industry 4.0), various industrial machines are present in the market and manufacturing companies. As standardized protocols have become increasingly popular, more utilities are switching to Internet Protocol (IP)-based systems for wide-area communication. SECS/GEM is one of the standards that permit industries to collect information directly from the machines, either using RS323 or TCP/IP communication. TCP/IP communication is becoming more critical than ever, especially given our accelerated digital transformation and increasing reliance on communication technologies. The growth of IT is accelerating with cyberthreats as well. In contrast, security features in the SECS/GEM protocol may be neglected by some companies as it is only used in factories and not mostly used in the outside world. However, communication of SECS/GEM is highly susceptible to various cyberattacks. This paper analyzes the potential replay-attack cyberattacks that can occur on a SECS/GEM system. In replay attacks, this paper supposes an adversary that wants to damage an operation-based control system in an ongoing condition. The adversary has the ability to capture messages to watch and record their contents for a predetermined amount of time, record them, and then replay them while attacking in order to inject an exogenous control input undetected. The paper’s objectives are to prove that SECS/GEM communication is vulnerable to cyberattack and design a detection mechanism to protect SECS/GEM communications from replay attacks. The methodology implements a simulation of the replay-attack mechanism on SECS/GEM communication. The results indicate that the design mechanism detected replay attacks against SECS/GEM communications and successfully prevented them. Full article

The COVID-19 pandemic is currently having disastrous effects on every part of human life everywhere in the world. There have been terrible losses for the entire human race in all nations and areas. It is crucial to take good precautions and prevent COVID-19 because of its high infectiousness and fatality rate. One of the key spreading routes has been identified to be transportation systems. Therefore, improving infection tracking and healthcare monitoring for high-mobility transportation systems is impractical for pandemic control. In order to enhance driving enjoyment and road safety, 5G-enabled vehicular fog computing may gather and interpret pertinent vehicle data, which open the door to non-contact autonomous healthcare monitoring. Due to the urgent need to contain the automotive pandemic, this paper proposes a COVID-19 vehicle based on an efficient mutual authentication scheme for 5G-enabled vehicular fog computing. The proposed scheme consists of two different aspects of the special flag, SF = 0 and SF = 1, denoting normal and COVID-19 vehicles, respectively. The proposed scheme satisfies privacy and security requirements as well as achieves COVID-19 and healthcare solutions. Finally, the performance evaluation section shows that the proposed scheme is more efficient in terms of communication and computation costs as compared to most recent related works. Full article

Due to emerging internet technologies that mostly depend on the decentralization concept, such as cryptocurrencies, cyber attackers also use the decentralization concept to develop P2P botnets. P2P botnets are considered one of the most serious and challenging threats to internet infrastructure security. Consequently, several open issues still need to be addressed, such as improving botnet intrusion detection systems, because botnet detection is essentially a confrontational problem. This paper presents PeerAmbush, a novel approach for detecting P2P botnets using, for the first time, one of the most effective deep learning techniques, which is the Multi-Layer Perceptron, with certain parameter settings to detect this type of botnet, unlike most current research, which is entirely based on machine learning techniques. The reason for employing machine learning/deep learning techniques, besides data analysis, is because the bots under the same botnet have a symmetrical behavior, and that makes them recognizable compared to benign network traffic. The PeerAmbush also takes the challenge of detecting P2P botnets with fewer selected features compared to the existing related works by proposing a novel feature engineering method based on Best First Union (BFU). The proposed approach showed considerable results, with a very high detection accuracy of 99.9%, with no FPR. The experimental results showed that PeerAmbush is a promising approach, and we look forward to building on it to develop better security defenses. Full article

The vehicles in the fifth-generation (5G)-enabled vehicular networks exchange the data about road conditions, since the message transmission rate and the downloading service rate have been considerably brighter. The data shared by vehicles are vulnerable to privacy and security issues. Notably, the existing schemes require expensive components, namely a road-side unit (RSU), to authenticate the messages for the joining process. To cope with these issues, this paper proposes a provably secure efficient data-sharing scheme without RSU for 5G-enabled vehicular networks. Our work included six phases, namely: TA initialization (TASetup) phase, pseudonym-identity generation (PIDGen) phase, key generation (KeyGen) phase, message signing (MsgSign) phase, single verification (SigVerify) phase, and batch signatures verification (BSigVerify) phase. The vehicle in our work has the ability to verify multiple signatures simultaneously. Our work not only achieves privacy and security requirements but also withstands various security attacks on the vehicular network. Ultimately, our work also evaluates favourable performance compared to other existing schemes with regards to costs of communication and computation. Full article

Mobile ad hoc networks (MANETs) are being used more and more in a variety of fields, including the environment, energy efficiency, smart transportation, intelligent agriculture, and in Internet of Things (IoT) ecosystems. They are also anticipated to play an increasingly significant role in the future of the Internet due to the strong evolution of wireless technology in recent years. Nevertheless, this inter-node communication is vulnerable to various security attacks such as Man–In-The-Middle (MITM) attacks, which are considered to be the main challenge in MANETs. This happens when a harmful node intercepts data shared by legal nodes. Therefore, the main goal of this work is to investigate the impact of attackers’ strategies to execute MITM assaults in MANETs, such as message-delayed and message-dropped assaults. The output of this work shows that these assaults have a severe impact on legal entities in MANETs as the network experiences a high number of compromised messages as well as high E2ED and PLD. Finally, by using symmetry or asymmetry cryptographies, our proposal will avoid MITM attacks that intercept the communication between legal nodes. Full article

The security and privacy concerns in vehicular communication are often faced with schemes depending on either elliptic curve (EC) or bilinear pair (BP) cryptographies. However, the operations used by BP and EC are time-consuming and more complicated. None of the previous studies fittingly tackled the efficient performance of signing messages and verifying signatures. Therefore, a chaotic map-based conditional privacy-preserving authentication (CM-CPPA) scheme is proposed to provide communication security in 5G-enabled vehicular networks in this paper. The proposed CM-CPPA scheme employs a Chebyshev polynomial mapping operation and a hash function based on a chaotic map to sign and verify messages. Furthermore, by using the AVISPA simulator for security analysis, the results of the proposed CM-CPPA scheme are good and safe against general attacks. Since EC and BP operations do not employ the proposed CM-CPPA scheme, their performance evaluation in terms of overhead such as computation and communication outperforms other most recent related schemes. Ultimately, the proposed CM-CPPA scheme decreases the overhead of computation of verifying the signatures and signing the messages by 24.2% and 62.52%, respectively. Whilst, the proposed CM-CPPA scheme decreases the overhead of communication of the format tuple by 57.69%. Full article

The privacy and security vulnerabilities in fifth-generation (5G)-enabled vehicular networks are often required to cope with schemes based on either bilinear pair cryptography (BPC) or elliptic curve cryptography (ECC). Nevertheless, these schemes suffer from massively inefficient performance related to signing and verifying messages in areas of the high-density traffic stream. Meanwhile, adversaries could launch side-channel attacks to obtain sensitive data protected in a tamper-proof device (TPD) to destroy the system. This paper proposes a Chebyshev polynomial-based scheme for resisting side-channel attacks in 5G-enabled vehicular networks. Our work could achieve both important properties of the Chebyshev polynomial in terms of chaotic and semi-group. Our work consists of five phases: system initialization, enrollment, signing, verification, and pseudonym renew. Moreover, to resist side-channel attacks, our work renews periodically and frequently the vehicle’s information in the TPD. Security analysis shows that our work archives the privacy (pseudonym identity and unlikability) and security (authentication, integrity, and traceability) in 5G-enabled vehicular networks. Finally, our work does not employ the BPC or the ECC; its efficiency performance outperforms other existing recent works, making it suitable for use in vehicular networks. Full article