Sharif Digital Repository

Nowadays wireless technology is widespread all over the world and there is a competition among companies to provide the most secure and high range wireless networks for their customers. This thesis focuses on the security of wireless ad hoc networks. There are lots of different encryption algorithms for securing wireless ad hoc networks. Some of the most important are: WEP, TKIP, WPA, WPA2. All other encryption methods of wireless ad hoc networks are derived from these methods. This thesis focuses on WEP and WPA2. For both algorithms, a literature review is conducted, a new approach to cracking is suggested, and tested on real data, and the future works are mentioned. For WEP, which is an... 

The rapid advancement of information technology and computer networks raised concerns of the users and network administrators regarding security. The development of computer networks and the increase in the number of specialists in this field led to the increase in the number of people who seek to abuse these networks, people known as attackers. The attackers look for security defects in a network to penetrate and abuse it proportionate to their needs. Considering the risks of these attacks, it is necessary to have an intrusion detection system (IDS). IDSs are capable of detecting attack traffic or suspected traffic, then, they alert the network administrators, and consequently, stop the... 

Due to the rapid development of computer networks, security is a major concern. Methods of intruding computer networks are also rapidly developing, and there is a new method every day. These facts corroborate the need for new and more intelligent mechanisms for detecting intrusion. To detect intrusion, one must analyze the network traffic. The most used traditional methods of traffic separation are port-based and payload based detection. The former is not so efficient, and the latter is not only inefficient but also violates the privacy of users. Unsatisfied by such methods, researchers adopted machine learning techniques and tried to develop new solutions for detecting intrusion. Methods... 

Smart grids are the new generation of power grids that combine the power distribution grid with the communications network. The purpose of these networks is to create a secure, two-way infrastructure for the transmission of power and information. The complex structure of smart grids, along with the inherent vulnerabilities of physical systems, old devices and protocols on the network and the need for backward compatibility, have created serious cyber risks to critical assets and infrastructures. The difference between these types of networks and conventional computer networks has made the security mechanisms developed in conventional computer networks not very suitable for these types of... 

In recent years, internet traffic is experiencing an explosive growth. High performance networking in large scale computer networks creates several security challenges. Exploiting Deep Packet Inspection (DPI) is regarded as a big challenge especially for massive data when number of concurrent connections grows. Using simple security based on network layer data can easily avaded by attackers and also can not detect more sophisticated attacks like DDoS. In this paper we proposed a new grammar model named bidirectional asynchronous counting grammar and it’s automata. With this grammar model we can define policies based on extracted fields in both request and response flows. Using new model of... 

Software Defined Networks provide programmability and centralized control for network’s administrator. Like other networks, security problems are important in these networks, but there is not enough research in this area. The problem being discussed here is to elevate the security level in software defined networks using centralized control and programmability of these networks. We will accomplish this purpose by using hosts and controller at the same time to prevent unwanted traffic from entering the network. By using this approach, we will be able to remove many short comings of these networks and implement security systems, like intrusion detection systems, more efficient. One of these... 

Intrusion detection systems’ test and evaluation is an active research area on which many researchers have been working for years. A complete and comprehensive test methodology that can be applied in reasonable time and cost is important and useful both to evaluate a newly designed system and to compare two or more existing systems to select an appropriate system for a particular network. In this research, we first determine the critical features of an IDS and then inspect methods and effective parameters that may influence the test process and propose a method for testing intrusion detection systems. In the proposed test methodology we only examine critical features which lake of them cause... 

Today’s large networks, such as global enterprise networks, carry heavy network traffic from a wide range of diverse protocols. Scalable and accurate classifcation of network traffic is of the most importance to security policy enforcement of large networks. The complexity of current network traffic along with the high speed links makes traffic classification more difficult. The dynamicity of heavy network traffic have necessitated the need for traffic classification algorithms which are adaptable to new concepts. The changes in traffic characteristic over time lead to concept drift, which is an important challenge in this domain. Data stream classification methods have been introduced to... 

One of the most important steps in the process of network forensics is attacker attribution and tracing the victims of the attack. In some situations, there is no other information to track the attacker except the payload of packet. Network security professionals have introduced payload attribution techniques to attribute this type of attacks. In payload attribution techniques, a history of network traffic is stored so that after the attack, it can be queried to trace the source and destination of excerpts. Due to the high volume of traffic in today's networks, payload attribution techniques should be able to store traffic in compressed format so that querying on this data be done easily at... 

Mobile ad hoc networks have been attracted the attention of many researchers during last years. One of the major concerns faces such networks is the security issue. The root of this concern is the fact that the intermediate nodes have the responsibility of packet transportation and forwarding. The nodes inside the mobile ad hoc networks assumed to be trusty while they can read, change or drop the transported packets. Cryptography as the cornerstone of the security could be play an essential role in such networks. Any cryptosystem need some keys to be able to secure communications. In large scale mobile ad hoc networks storing the whole keys in all nodes is inefficient, if possible, due to... 

The importance of routers in information transfer among networks is critical. Thus, vulnerabilities and security deficiencies in routers and the related services like routing protocols can be destructive not only for some hosts, but also for the whole network. Hence, it is necessary that 1) vulnerabilities related to the routers and their services be evaluated and analyzed, and 2) the functional aspects of routers related to the vulnerabilities be formally modeled and analyzed. In this thesis, we present a method for the evaluation and the analysis of OSPF routing protocol from the security point of view. First, reported vulnerabilities on the OSPF are collected and evaluated by a... 

Wireless technology can now be seen almost everywhere. This technology has recently become very popular, and with the convenience that comes with its use, it will probably be the most commonly used technology among computer networks in the near future. Unfortunately, new technology is always under fire when it comes to security.So that this type of network security has become a big challenge for them.
The researchers approach to security in wireless networks that have a lot of attention is the use of intrusion detection systems. An intrusion detection system (IDS) monitors network traffic and monitors for suspicious activity and alerts the system or network administrator. In some cases... 

A Mobile Ad hoc NETwork (MANET) is a self-configuring network that is formed automatically by a collection of mobile nodes without the help of a fixed infrastructure or centralized management. In recent years, the use of MANETs has been widespread in many applications, including some mission critical applications, and as such security has become one of the major concerns in MANETs. Due to some unique characteristics of MANETs, prevention methods alone are not sufficient to make them secure; therefore, detection should be added as another defense before an attacker can breach the system. In this thesis, we have expressed some well-known and related intrusion detection systems. Besides we have... 

One way to control the type of data being transferred in the network is to check the header of the packet, but in networks that have high-speed data transmission or data can move through different routes, the probability of finding the first packet which contains the header reduces tremendously, and the usage of the methods mentioned below becomes clear. So even if the packet header isn’t received correctly, or the declarative features of these flows are changed, without having exact knowledge of the data transferred, you can use a limited number of packets to obtain information such as the type and protocol being used. This is possible with the help of statistical data analysis.Traffic... 

Network Telescopes are used to extract security features of large a?a?s targeted large net-works.In this method all tra?cs received targeted to an unused address blo? are processedto ?nd useful informations about descriptive parameters of work propagation.Currently all resear?es are focused on dark addresses or unused address blo?s, in this re-sear? the idea is generalized to cover used and white address blo?s. Also the structure ofnetwork telescope is de?ned with a new manner whi?added more details to prediction andestimation methods. To extract security features of a?a?events, a newmethod have been introduced for inferenceabout a?a? parameters. ?e proposed method may be used to predict... 

The improvments in computer networks and video compression techniques have motivated the network engineers to broadcast video over the Internet. Recently, Peer-to-Peer networks have been considered as a suitable way for video streaming. P2P networks are distributed and there’s no central management mechanism in them. In addition, video has a time-sensitive nature. Therefore, these networks are vulnerable to security attacks. Denial of Service attacks, attacks on the membership management mechanism, attacks on neighbors selection mechanism, selfish nodes and content pollution attacks are common attack on Peer-to-Peer Video Streaming networks. In a content pollution attack, one or several... 

MQTT (Message Queuing Telemetry Transport) is one of the essential and widely used protocols in the Internet of Things (IoT) networks. It operates at the application layer (Layer 7) for data transmission. As IoT applications using this protocol for communication have grown, securing such systems against security attacks has become a significant challenge. One of the important attacks implementable by IoT networks is Distributed Denial of Service (DDoS) attacks. In this thesis, we initially provide a general overview of IoT security and demonstrate how DDoS attacks disrupt the availability feature in these networks. We then examine known types of DDoS attacks to gain a better understanding of... 

Social networks and the shared data in these networks are always considered as good opportunities in hands of the attackers. To evaluate the privacy risks in these networks and challenge the anonymization techniques, several de-anonymization attacks have been introduced so far. In this thesis, we propose a technique to improve the success rate of passive seed based de-anonymization attacks. Our proposed technique is simple and can be applied in combination with different types of de-anonymization attacks. We show that it can achieve high success rates with low number of seeds compared to similar attacks. Our technique can also be used for applying partial attacks on graphs which results in... 

Wireless Sensor Networks (WSNs) are comprised of small sensor nodes with very limitedstorage, power and computational capabilities. The nodes in wireless sensor networks should be able to communicate with each other in order to accumulate information and to relay it to a base station in a secure manner. Since this communication often takes place in a hostile environment, encryption and/or authentication should be used. This requires the establishment of secure keys between the sensor nodes in the WSN. The constraints of such a lightweight distributed computing environment lend itself to the use of symmetric cryptography to provide security services. The lack of central infrastructure after...