Protecting Peer-to-Peer Network with Roaming Agents
Peer-to-peer networks are continuously becoming more popular for sharing data and resources. However, a major drawback of this type of network is its ability to maintain security, since there is no centralized server to oversee the network. One way to remedy this problem is through the use of intelligent mobile agents. These agents will act as guards, which will essentially roam the network and periodically check on each node to ensure that it is not under attack. In our previous research, we have proposed algorithms for initial placement of agents in a given peer-to-peer network. As the agents are mobile, the next issue with agent-based security is how the agents should roam around the network to detect attacks. We want the agents to scan the entire network as quickly as possible which will minimize the detection time of attacks. If we run too many agents simultaneously to scan the network, they will consume system resources which will slow down the performance of applications running on the peer-to-peer network. In this paper we have proposed three roaming algorithms for agents. The first algorithm Heavy Scan Algorithm scans the network with minimum time by sacrificing the performance of the application. The second algorithm Light Scan Algorithm takes the maximum time to complete the scan of the entire network with less degradation of the performance of the application. The third algorithm Medium Scan Algorithm balances time to complete the scan with performance of the application. We have illustrated the proposed algorithms with an example. We have also analyzed the complexity of the proposed algorithms.
Student: Hugh Urey
Faculty: Dr. Shankar M Banik
IMAIDS: Intelligent Mobile Agent-based Intrusion Detection System
Peer-to-peer networks provide many advantages over the conventional client-server network architecture. The one primary drawback of the peer-to-peer architecture is the difficulty in maintaining network security. In this research we propose to use intelligent mobile agents to detect intrusion in peer-to-peer networks. Towards this we have presented two heuristics which will decide the location of agents in a given peer-to-peer network. The goal of our heuristics is to place the agents in the network such that it can detect intrusion as soon as possible, in other words the response time is minimum. The first heuristic finds the location for a single agent. The second heuristic finds the location of multiple agents where each agent is responsible for certain nodes in the network. The second heuristic also assigns nodes to each agent. We have also performed simulation experiments to evaluate the performance of our proposed heuristics.
Student: Derek Bernsen
Faculty: Dr. Shankar M Banik, Dr. Muhammad Javed (Cameron University)
Building a Prototype of Agents and deploying them in the Network to Detect Intrusions
Intrusion Detection in a network is defined as identifying activities which violate security policies. Traditional Intrusion Detection Systems (IDSs) are centralized in nature where a central node collects data from every node and detects whether any abnormal activity is taking place in the network. In our research we propose to use intelligent mobile agents to detect intrusions in a network. An agent is a piece of program which will execute specified operations on a node in a network. The agents act as guards which essentially roam the network periodically to check whether any node in the network is under attack. When an agent visits a node, it scans the log file to identify any abnormal activity taking place in that node. In our previous research we proposed algorithms for finding initial locations and roaming pattern of agents. In this research, we have built the prototype of an agent and deployed it in a virtual network to test its performance by simulating intrusions. We have also tested the performance of the prototype by deploying the agents on PlanetLab which is a testbed in the Internet connecting more than 1300 machines all over the world. From our experiments we have observed that the performance of the agent based intrusion detection system depends on the size and topology of the network.
Students: Luis Pena, Anthony Zovich
Faculty: Dr. Shankar M Banik, Dr. George Rudolph
Analyzing Vulnerabilities in Internet of Things
The Internet of Things (IoT) is a vast and rapidly growing frontier of new technology. New technology coming out includes “smart” refrigerators that connect to your home Wi-Fi, TVs, air conditioning units, power meters, critical infrastructure devices and SCADA systems, NAS devices, lighting systems, blind controls, and many more. Our research aims to address the implications that this interconnected network of “things” will have on the security of the global internet community. We start with an overview of the situation, follow up with a look at several published papers on this topic, and conclude our study with a hands-on experiment conducted by our research team and an analytical paper of our results. Our research aims to combine two approaches. We first present the Internet of Things as a concept. Next we discuss penetration testing and the ethical hacking methodology. Finally we combine these two topics with a hands-on demonstration on the implications the IoT has on the penetration testing community, and the internet at large.
Students: Ike Clinton, Lance Cook
Faculty: Dr. Shankar M Banik, Dr. George Rudolph
Fighting Botnet Armies: What’s a User to Do?
The rise of ubiquitous computing and the realization of the Internet of Things (IoT) are bringing the security of connected devices to the forefront of industry innovation. Although a computing device cannot be completely protected against an attack without drastically compromising usability, there are methods to more effectively protect computing devices and know if there is something suspicious going on in them. Our project was to create a botnet using a UDP flood attack in order to investigate methods of mitigation and detection of these malicious attacks. After creating the proof of concept, we also investigate how to prevent becoming involved in such an attack. A series of safeguards for end users includes strong passwords, anti-virus software, and proactive monitoring of network connections in order to detect unusual traffic patterns which could indicate an attack is being conducted. Service providers which offer internet connectivity are in a better position to analyze wider traffic patterns in order to detect anomalies which could indicate compromised end user devices.
Students: Brent Jameson, Kathy Campbell
Faculty: Dr. Shankar M Banik
Embedding Cybersecurity across the Computer Science Curriculum
In order to avoid security being an afterthought, we are working towards mapping cybersecurity/ information security topics to the various CS courses offered as a part of the Bachelors of Science degree in Computer Science. We provide a mapping for the topics taught in the introduction to computer programming I class, with the various security topics that need to be addressed in each of the topics. In addition, we also provide examples that various educators can directly use in their classes. We begin with mapping the topics offered in a standard CS-101 Introduction to programming class where the list of topics covered are – introduction to the IDE with a Hello World program, obtaining input form the user, data types, operators, selection, loops, methods, arrays, objects and classes, and strings. We are continuing to form a mapping for the rest of the topics, and classes that are a part of the undergraduate curriculum in Computer Science. This will ensure that students start thinking about security when they learn programming. It will train their mindset for secure programming which will ensure that no vulnerabilities are introduced in any technology they may produce.
Faculty: Dr. Shankar M Banik, Dr. Deepti Joshi, Dr. Mike Verdicchio