A cyber security architecture for military networks using a cognitive network approach

Cyber security is one of the main topics that are discussed around the world today. The threat is real, and it is unlikely to diminish. People, business, governments, and even armed forces are networked in a way or another. Thus, the cyber threat is also facing military networking. On the other hand, the concept of Network Centric Warfare sets high requirements for military tactical data communications and security. A challenging networking environment and cyber threats force us to consider new approaches to build security on the military communication systems. The purpose of this thesis is to develop a cyber security architecture for military networks, and to evaluate the designed architecture. The architecture is described as a technical functionality. As a new approach, the thesis introduces Cognitive Networks (CN) which are a theoretical concept to build more intelligent, dynamic and even secure communication networks. The cognitive networks are capable of observe the networking environment, make decisions for optimal performance and adapt its system parameter according to the decisions. As a result, the thesis presents a five-layer cyber security architecture that consists of security elements controlled by a cognitive process. The proposed architecture includes the infrastructure, services and application layers that are managed and controlled by the cognitive and management layers. The architecture defines the tasks of the security elements at a functional level without introducing any new protocols or algorithms. For evaluating two separated method were used. The first method is based on the SABSA framework that uses a layered approach to analyze overall security of an organization. The second method was a scenario based method in which a risk severity level is calculated. The evaluation results show that the proposed architecture fulfills the security requirements at least at a high level. However, the evaluation of the proposed architecture proved to be very challenging. Thus, the evaluation results must be considered very critically. The thesis proves the cognitive networks are a promising approach, and they provide lots of benefits when designing a cyber security architecture for the tactical military networks. However, many implementation problems exist, and several details must be considered and studied during the future work.

Benchmark of routing protocols regarding green considerations

In Mobile Ad-hoc Networks (MANET) the participating nodes have several roles such as sender, receiver and router. Hence there is a lot of energy consumed by the nodes for the normal working of the network since each node has many different roles. Also in MANET the nodes keep moving constantly and this in turn consumes a lot of energy. Since battery capacity of these nodes is limited it fails to fulfil the high demand of energy. The scarcity of energy makes the energy conservation in mobile ad-hoc networks an important concern. There is several research carried out on the energy consumption of mobile ad-hoc networks these days. Some of this research suggests sleep mode, transmission power control, load balancing etc. In this thesis, we are comparing various proposed energy efficient models for some of the ad-hoc protocols. We compare different energy efficient models for Optimised Linked State Algorithm (OLSR) and Ad-hoc On Demand Distance Vector (AODV). The routing protocols are compared for different parameters such as average remaining energy, number of nodes alive, payload data received and performance with different mobility speed. The simulation results helps in benchmarking the various energy efficient routing models for OLSR and AODV protocols. The benchmarking of the routing protocols can be based on many factors but this thesis concentrates on benchmarking the MANET routing protocols mainly based on the energy efficiency and increased network lifetime.

Evaluation of Machine Learning Classifiers for Mobile Network Intrusion Detection Systems

Mobile malwares are increasing with the growing number of Mobile users. Mobile malwares can perform several operations which lead to cybersecurity threats such as, stealing financial or personal information, installing malicious applications, sending premium SMS, creating backdoors, keylogging and crypto-ransomware attacks. Knowing the fact that there are many illegitimate Applications available on the App stores, most of the mobile users remain careless about the security of their Mobile devices and become the potential victim of these threats. Previous studies have shown that not every antivirus is capable of detecting all the threats; due to the fact that Mobile malwares use advance techniques to avoid detection. A Network-based IDS at the operator side will bring an extra layer of security to the subscribers and can detect many advanced threats by analyzing their traffic patterns. Machine Learning(ML) will provide the ability to these systems to detect unknown threats for which signatures are not yet known. This research is focused on the evaluation of Machine Learning classifiers in Network-based Intrusion detection systems for Mobile Networks. In this study, different techniques of Network-based intrusion detection with their advantages, disadvantages and state of the art in Hybrid solutions are discussed. Finally, a ML based NIDS is proposed which will work as a subsystem, to Network-based IDS deployed by Mobile Operators, that can help in detecting unknown threats and reducing false positives. In this research, several ML classifiers were implemented and evaluated. This study is focused on Android-based malwares, as Android is the most popular OS among users, hence most targeted by cyber criminals. Supervised ML algorithms based classifiers were built using the dataset which contained the labeled instances of relevant features. These features were extracted from the traffic generated by samples of several malware families and benign applications. These classifiers were able to detect malicious traffic patterns with the TPR upto 99.6% during Cross-validation test. Also, several experiments were conducted to detect unknown malware traffic and to detect false positives. These classifiers were able to detect unknown threats with the Accuracy of 97.5%. These classifiers could be integrated with current NIDS', which use signatures, statistical or knowledge-based techniques to detect malicious traffic. Technique to integrate the output from ML classifier with traditional NIDS is discussed and proposed for future work.

Developing strategies to mitigate the energy consumed by network infrastructures

The energy consumption by ICT (Information and Communication Technology) equipment is rapidly increasing which causes a significant economic and environmental problem. At present, the network infrastructure is becoming a large portion of the energy footprint in ICT. Thus the concept of energy efficient or green networking has been introduced. Now one of the main concerns of network industry is to minimize energy consumption of network infrastructure because of the potential economic benefits, ethical responsibility, and its environmental impact. In this paper, the energy management strategies to reduce the energy consumed by network switches in LAN (Local Area Network) have been developed. According to the lifecycle assessment of network switches, during usage phase, the highest amount of energy consumed. The study considers bandwidth, link load and traffic matrixes as input parameters which have the highest contribution in energy footprint of network switches during usage phase and energy consumption as output. Then with the objective of reducing energy usage of network infrastructure, the feasibility of putting Ethernet switches hibernate or sleep mode was investigated. After that, the network topology was reorganized using clustering method based on the spectral approach for putting network switches to hibernate or switched off mode considering the time and communications among them. Experimental results show the interest of this approach in terms of energy consumption

Transfer of MPEG-2 Transport Stream over MPLS

This study examines how MPEG-2 Transport Stream, used in DVB-T video transmission, can be reliably and efficiently transferred to remote locations over an MPLS network. All the relevant technologies used in this scenario are also discussed in the study. This study was done for Digita Oy, which is a major radio and television content distributor in Finland. The theoretical part of the study begins with the introduction to MPLS technology and continues with explanation of IP Multicast and its components. The fourth section discusses MPEG-2 and the formation and content of MPEG-2 Transport Stream. These technologies were studied in relevant literature and RFC documentation. After the theoretical part of the study, the test setup and the test cases are presented. The results of the test cases, and the conclusions that can be drawn based on them, are discussed in the last section of the study. The tests showed that it is possible to transfer digital video quite reliably over an MPLS network using IP Multicast. By configuring the equipment correctly, the recovery time of the network in case of a failure can be shortened remarkably. Also, the unwanted effect of other traffic on the critical video traffic can be eliminated by defining the Quality of Service parameters correctly. There are, however, some issues that need to be tested further before this setup can be used in broadcast networks. Reliable operation of IP Multicast and proper error correction are the main subjects for future testing.