Mohammed M. Kadhum

A survey of botnet detection based on DNS

Botnet is a thorny and a grave problem of today’s Internet, resulting in economic damage for organizations and individuals. Botnet is a group of compromised hosts running malicious software program for malicious purposes, known as bots. It is also worth mentioning that the current trend of botnets is to hide their identities (i.e., the command and control server) using the DNS services to hinder their identification process. Fortunately, different approaches have been proposed and developed to tackle the problem of botnets; however, the problem still rises and emerges causing serious threat to the cyberspace-based businesses and individuals. Therefore, this paper comes up to explore the various botnet detection techniques through providing a survey to observe the current state of the art in the field of botnet detection techniques based on DNS traffic analysis. To the best of our knowledge, this is the first survey to discuss DNS-based botnet detection techniques in which the problems, existing solutions and the future research direction in the field of botnet detection based on DNS traffic analysis for effective botnet detection mechanisms in the future are explored and clarified.

Improving Security of Duplicate Address Detection on IPv6 Local Network in Public Area

Internet Protocol Version six (IPv6) is an ultimate solution for the Internet address depletion problem. It is developed not only to solve the addressing problem but also introduce some improvements on networking infrastructure. One of the improvements is the availability of Neighbor Discovery Protocol (NDP). Duplicate address detection (DAD) is one of the functions of NDP to make sure a generated IPv6 address is unique. However, since the NDP is not supported by a security mechanism, the DAD is vulnerable to DoS attack. Attacker can fail the detection process that causes on failing of IPv6 address configuration. The NDP standard suggested using IPSec or SeND to protect the NDP. However, the two security mechanisms introduced high computation due to the usage of cryptography algorithm. Further, its implementation in IPv6 local network is not trivial. This paper proposes a lightweight security mechanism based on distributed trust management that integrates hard security and soft security to secure the DAD in IPv6 called Trust-ND. The experimental result showed it could save the processing time of SeND mechanism up to 65.44 ms in sender and 23.53 ms in receiver. It also saves the available bandwidth up to 21.504 Kbps from the SeND mechanism.

A glimpse of cross training models and workforce scheduling optimization

Cross training and workforce scheduling are two vital components in service industry, especially call center environment. Generally, there are common issues in the call center or other service environment that can be resolved by implementing efficient cross training models and workforce scheduling. The purpose of this paper is to briefly explain about workforce skills, multi-skilling through cross training strategy, compilation of both cross training and workforce scheduling proposals and implementations. The paper provides a preview of studies done on cross training and workforce scheduling strategies for future researchers that are interested in the operation excellence field.

Security mechanism for IPv6 stateless address autoconfiguration

Internet Protocol version six (IPv6) was designed and developed to solve the problem of exhaustion of current Internet address. IPv6 also introduces a number of benefits including address auto-configuration mechanism which allows host to self-generate its own IPv6 address without the presence of a DHCPv6 server. It is one mechanism, among others, provided by Neighbor Discovery Protocol (NDP). However, the protocol does not have a built-in security mechanism and its messages were exchanged without security verification thus leaving the mechanism vulnerable to exploitation by malicious nodes. A malicious node could disrupt or tamper with the IPv6 address auto-generation process that will leave the victim without an IP address needed for communication or having a wrongly formed address. The NDP standard suggests either IPSec or SeND to secure the mechanism. Unfortunately, both security mechanisms have been extensively studied and were reported to have serious drawbacks that limit their implementation and adoption. This research proposes Trust-ND to secure IPv6 address auto-configuration mechanism based on a distributed trust mechanism. Experiment result shows that this mechanism is more lightweight and uses less bandwidth while still able to fulfill the required security feature.

An overview of DDoS attacks based on DNS

Botnet-based Distributed Denial of Service (DDoS) attacks are considered as the main concerns and problems of todays Internet. The damage of these attacks are very serious since the number of computers involved in these attacks is huge and distributed worldwide. However, many protocols such as Domain Name System (DNS) have several security vulnerabilities nowadays that are utilized by botnet attackers. The amplification attacks are the most popular attacks in the Internet which require robust hardware and software for security assurance. In this paper, we provide an overview of botnet-based DDoS attacks that use DNS as a basic infrastructure to launch attacks. We aim to make a better understanding of the most noted attacks to extend the knowledge about DDoS attacks and to analyze the importance of DNS services.

Multi-disjoint Routes Mechanism for Source Routing in Mobile Ad-hoc Networks

The capabilities of Mobile Ad hoc Networks (MANETs) pave the way for wide range of potential applications personal, civilian, and military environments as well as emergency operations. The characteristics of MANETS impose serious challenges in deploying these networks efficiently. The limitation of transmission range of mobile nodes emerge the use of multi-hop to exchange and route data between nodes across the network. Routing is the most important process that can affect the overall performance in MANETs. A variety of routing protocols have been developed for MANETs. These protocols present poor performance under different conditions due to their strategies in learning about routes to destinations. In this paper, we present an innovative Multi-disjoint Routes mechanism that is based on source routing concept to improve routing in MANTEs. The simulation evaluation results showed that the proposed routing mechanism outperforms the common routing protocols, DSR and AODV.

Genetic-based routing algorithm with priority constraints

This paper presents an algorithm for finding an efficient routing path in mobile ad hoc network on the basis of multi-constraints with priority by using genetic algorithm that encoding the paths in chromosomes to help the algorithm to select an efficient path among the feasible paths. The mutation operation keeps the genetic variety of the chromosomes and also provides the ability of searching that obtains good result and increases the rate of convergence. The objective of this research work is to control the selection path to select the most efficient path on the basis of the priority percentage that redirects the algorithm to preferred constraints. The algorithm selects a path according to the important requirements that improve the performance of applications. On the basis of the multi-constraints observed when considering cost priority, the results showed that low cost path selected do not maximise the cost value. In addition, the algorithm with priority constraints presents more efficient path which presents a lower cost compared with no priority constraints.

Intelligent Routing Algorithm Using Genetic Algorithm (IRAGA)

In this study, Intelligent Routing Algorithm using Genetic Algorithm (IRAGA) is proposed to find the feasible path based on multi-constraint by using GA which presented the paths in chromosomes to help the algorithm to find the efficient path among the available paths. The proposed crossover-refining operation keeps the genetic variety of the chromosomes and also improve the ability of searching which obtains the good result and increases the rate of convergence between the chromosomes. The objective of this research work is to decrease the time of route selection and select the most efficient path on the basis of fitness value. IRAGA offers a better solution in a few iteration compared to other genetic algorithm-based routing protocols, such as genetic load balancing routing, adaptive routing method based on GA with QoS, and multi-constraint QoS Unicast Routing using GA, in terms of the time taken to find the feasible path.

Genetic routing Algorithm based on adjacency-constraint matrix

MANETs are systematic infrastructureless networks formed of nodes that act as sender, receiver, or router. Node mobility causes frequent topology changes which have negative impact on the network connectivity and performance. Therefore, routing is a serious challenge in such a dynamic environment as reliable paths and most efficient are always required between sources and their destinations. This paper presents routing algorithm based on an adjacency-constraint matrix using Genetic Algorithm (GA). GA presents the feasible paths that encoded in chromosomes that created based on the connectivity matrix. The evaluation function that is based on the adjacency-constraint matrix calculates the fitness values to select the most efficient path. With only two constraints, the performance simulation results of the proposed method showed that it outperforms Dynamic Source Routing (DSR) in term of transmission delay, which is decreased by about 25%.

Innovative route maintenance based on link failure prediction for Mobile Ad Hoc Networks

In Mobile Ad Hoc Networks (MANETs), node mobility results in frequent topology changes. This makes it difficult for routing protocols to cope with the change timely. As nodes move arbitrarily and unpredictably, maintaining routing in such environment is a serious challenge. This paper presents a mechanism that targets the node mobility in a near future scenario and takes action to maintain the active route between sources and destination prior to the route breakage. It utilizes the information provided by neighbor nodes, who are overhearing the communication of an active route, to build alternative links. When a link on an active route is about to be broken soon, the proposed mechanism uses the alternative ones, that are contiguous to the active route, to forward the data. The performance evaluation showed that the proposed mechanism outperforms the common on-demand routing protocols in terms of packet delivery rate and control packet overhead.