Aamir Shahzad

Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach

The internet is gaining a lot of importance day by day, especially with the emergence of cloud technology. This new technology has made a new computing service to end users that include, PaaS, SaaS. On the other hand, this technology was accompanied with some shortages. The most serious obstacle is the security challenges because of the cloud is characterized by computing resource sharing and multi-tenancy features and as a result flooding based denial of service attack has been observed. This effect on performance and quality of service on cloud. To overcome this security challenge, there are several methods to detect and prevent this kind of attack. Most of these approaches are using statistical and/or artificial intelligence methods. In this research paper a new model to detect flooding based DoS attack in cloud environment has been suggested consisting three phases. (1) The first-phase is to model the normal traffic pattern for baseline profiling and (2) the second phase is the intrusion detection processes and (3) finally prevention phase. The covariance Matrix mathematical model is used as detecting method. The phase (1) and (2) have been implemented in real test bed. From the result, it is proven that we can detect the flooding attack effectively.

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Information technology (IT) security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods.

A NEW CLOUD BASED SUPERVISORY CONTROL AND DATA ACQUISITION IMPLEMENTATION TO ENHANCE THE LEVEL OF SECURITY USING TESTBED

Now days cloud computing is an important and hot topic in arena of information technology and computer system. Several companies and educational institute s have been deployed cloud infrastructures to overc ome their problems such as easy data access, software u pdates with minimal cost, large or unlimited storag e, efficient cost factor, backup storage and disaster recovery and several other benefits compare with th e traditional network infrastructures. In this resear ch paper; Supervisory Control and Data Acquisition (SCADA) system has been deployed within cloud computing environment, to minimized the cost (that are related with real time infrastructure or SCADA implementation) and take the advantages of cloud computing. The command bytes (data) have been transmitted between SCADA nodes and traffic is monitored and controlled simultaneously at master ( main controller) site. During communication, security is a major issue because usually, SCADA sy stem and cloud infrastructure had been deployed without any security consideration. In current test bed implementation, strong security mechanism (using cryptography solution) has been deployed, wh ile exchanging commands within cloud environment (SCADA within cloud environment). Several times attacks included “authentication, integrity, confidentiality and non-repudiation” hav e been lunched, to evaluate the security solution (proposed security solution) and security during ab normal communication.

The protocol design and New approach for SCADA security enhancement during sensors broadcasting system

Several security mechanisms have been investigated and deployed that provide protection for real time platforms. Each security mechanism is contributed to enhance the SCADA system security, but at the same time, the mechanism is limited and depended on the other protocols for the purposes of message security, and its delivery. Few researches are conducted on security for SCADA broadcasting system, but these are limited to end-to-end designs and developments. The security developments for multicasting and broadcasting systems are much complicated, time consumed and/or overloaded with the cryptography mechanisms. After conducting the detail survey, a simulation environment for SCADA water pumping system is designed in-which number of nodes is configured and well known cryptography algorithms are selected, and deployed as an inclusive development for SCADA/DNP3 broadcasting system. The inclusive security development is considered with the best performance, and with predominant weakness in mind, which are present in SCADA/DNP3 broadcasting system. However, overall communication is initiated, monitored and controlled at main controller side with the user defined human machine interface (HMI).

Secure Cryptography Testbed Implementation for SCADA Protocols Security

Modbus protocol and IEC 60870-5-104 protocols are widely deployed in critical infrastructure sectors or SCADA systems. With the growing demands of industries, these protocols are also connected over internet using TCP/IP protocol or other transport protocols. Using internet facility, these protocols are vulnerable from several threads/attacks. The current research, detail review the lack of security issues within SCADA/Protocols communication and then propose two security solutions that are based on cryptography algorithms (solutions). The two proposed cryptography solutions have been implemented within the communication of Modbus protocol and IEC 60870-5-104 protocol as part of SCADA system. Abnormal traffic has been generated during transmission to evaluate the security solutions (Implementations). Testbed has been run several times and performance results are measured during normal and abnormal communication.

New Security Development and Trends to Secure the SCADA Sensors Automated Transmission during Critical Sessions

Modern technology enhancements have been used worldwide to fulfill the requirements of the industrial sector, especially in supervisory control and data acquisition (SCADA) systems as a part of industrial control systems (ICS). SCADA systems have gained popularity in industrial automations due to technology enhancements and connectivity with modern computer networks and/or protocols. The procurement of new technologies has made SCADA systems important and helpful to processing in oil lines, water treatment plants, and electricity generation and control stations. On the other hand, these systems have vulnerabilities like other traditional computer networks (or systems), especially when interconnected with open platforms. Many international organizations and researchers have proposed and deployed solutions for SCADA security enhancement, but most of these have been based on node-to-node security, without emphasizing critical sessions that are linked directly with industrial processing and automation. This study concerns SCADA security measures related to critical processing with specified sessions of automated polling, analyzing cryptography mechanisms and deploying the appropriate explicit inclusive security solution in a distributed network protocol version 3 (DNP3) stack, as part of a SCADA system. The bytes flow through the DNP3 stack with security computational bytes within specified critical intervals defined for polling. We took critical processing knowledge into account when designing a SCADA/DNP3 testbed and deploying a cryptography solution that did not affect communications.

The sensors connectivity within SCADA automation environment and new trends for security development during multicasting routing transmission

This study examined the security of SCADA system and its protocols, more specifically, SCADA/DNP3 protocol security. To achieve the study goals, a SCADA simulation environment is designed for water pumping process through connectivity of intelligent sensors, the payload is constructed, and security is deployed inside DNP3 protocol stack and then bytes are multicast to subcontrollers.

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols.

Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

A Secure, Intelligent, and Smart-Sensing Approach for Industrial System Automation and Transmission over Unsecured Wireless Networks

In Industrial systems, Supervisory control and data acquisition (SCADA) system, the pseudo-transport layer of the distributed network protocol (DNP3) performs the functions of the transport layer and network layer of the open systems interconnection (OSI) model. This study used a simulation design of water pumping system, in-which the network nodes are directly and wirelessly connected with sensors, and are monitored by the main controller, as part of the wireless SCADA system. This study also intends to focus on the security issues inherent in the pseudo-transport layer of the DNP3 protocol. During disassembly and reassembling processes, the pseudo-transport layer keeps track of the bytes sequence. However, no mechanism is available that can verify the message or maintain the integrity of the bytes in the bytes received/transmitted from/to the data link layer or in the send/respond from the main controller/sensors. To properly and sequentially keep track of the bytes, a mechanism is required that can perform verification while bytes are received/transmitted from/to the lower layer of the DNP3 protocol or the send/respond to/from field sensors. For security and byte verification purposes, a mechanism needs to be proposed for the pseudo-transport layer, by employing cryptography algorithm. A dynamic choice security buffer (SB) is designed and employed during the security development. To achieve the desired goals of the proposed study, a pseudo-transport layer stack model is designed using the DNP3 protocol open library and the security is deployed and tested, without changing the original design.