List of Articles حمله

• Open Access Article
  • Abstract Page
  • Full-Text
  
  1 - Design of An intrusion detection system with new architecture for malware attacks on flash disks
  Soheil Afraz
  Development and variety of flash disks, portability and increasing popularity use of their has led to all four of malware released today in cyberspace, a specific malware attacks on these devices and USB-based attacks increasingly and to become a serious problem .Hence More

  Development and variety of flash disks, portability and increasing popularity use of their has led to all four of malware released today in cyberspace, a specific malware attacks on these devices and USB-based attacks increasingly and to become a serious problem .Hence, this paper outlines the most important communication port USB based attacks discussed with practical solutions to deal with these attacks in seven ways and A host-based intrusion detection software systems were developed that Simultaneously utilizes the advantages of both methods of intrusion detection based on misuse and anomaly, its own Guidelines a accurately such attacks recognize and to deal with them. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  2 - Cyber Threats Foresight Against Iran Based on Attack Vector
  mahdi omrani masoud shafiee siavash khorsandi
  Cyber ​​threats have been extraordinary increased in recent years. Cyber ​​attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of More

  Cyber ​​threats have been extraordinary increased in recent years. Cyber ​​attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of Iran. The complexity of cyber threats and the devastating effects of them on critical systems highlights necessity of cyber threats Foresight. This research can prepare the country for countering cyber threats based on existing and potential attack Vectors. First of all, 18 major cyber threats drivers base on attack Vectors through reviewing resources and interviewing with seven experts were identified. We use cross-impact analysis Future studies method to indicate main drivers of future cyber threats such as social engineering, Denial of service, ransomwares, spoofing and fraud and non-state actors. Mic Mac software will be used for this step. Finally, future scenarios for cyber threats were identified by using scenario-based approach. Scenario Wizard software will be used. The results of the research include two strong scenarios and 18 possible scenarios, based on the strongest scenario, ransomware, spoofing, fraud, social engineering and Denial of service are the most likely cyber threats by non-state actors through in a limited level Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  3 - Analyzing Weighted Attack Graphs Using Genetic Algorithms
  M. Abadi Saeed Jalili
  Each attack graph represents a collection of possible attack scenarios in a computer network. In this paper, we use weighted attack graphs (WAGs) for vulnerability assessment of computer networks. In these directed graphs, a weight is assigned to each exploit by the sec More

  Each attack graph represents a collection of possible attack scenarios in a computer network. In this paper, we use weighted attack graphs (WAGs) for vulnerability assessment of computer networks. In these directed graphs, a weight is assigned to each exploit by the security analyst. The weight of an exploit is proportionate to the cost required to prevent that exploit. The aim of analyzing a weighted attack graph is to find a critical set of exploits such that the sum of their weights is minimum and by preventing them no attack scenario is possible. In this paper, we propose a greedy algorithm, a genetic algorithm with a greedy mutation operator, and a genetic algorithm with a dynamic fitness function for analyzing the weighted attack graphs. The proposed algorithms are used to analyze a sample weighted attack graph and several randomly generated large-scale weighted attack graphs. The results of experiments show that the proposed genetic algorithms outperform the greedy algorithm and find a critical set of exploits with less total weight. Finally, we compare the performance of the second genetic algorithm with an approximation algorithm for analyzing several randomly generated large-scale simple attack graphs. The results of experiments show that our proposed genetic algorithm has better performance than the approximation algorithm and finds a critical set of exploits with less cardinality. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  4 - Fuzzy Voting for Anomaly Detection in Cluster-Based Mobile Ad Hoc Networks
  Mohammad Rahmanimanesh Saeed Jalili
  In this paper, an attack analysis and detection method in cluster-based mobile ad hoc networks with AODV routing protocol is proposed. The proposed method uses the anomaly detection approach for detecting attacks in which the required features for describing the normal More

  In this paper, an attack analysis and detection method in cluster-based mobile ad hoc networks with AODV routing protocol is proposed. The proposed method uses the anomaly detection approach for detecting attacks in which the required features for describing the normal behavior of AODV protocol are defined via step by step analysis of AODV protocol and independent of any attack. In order to learn the normal behavior of AODV, a fuzzy voting method is used for combining support vector data description (SVDD), mixture of Gaussians (MoG), and self-organizing maps (SOM) one-class classifiers and the combined model is utilized to partially detect the attacks in cluster members. The votes of cluster members are periodically transmitted to the cluster head and final decision on attack detection is carried out in the cluster head. In the proposed method, a fuzzy voting method is used for aggregating the votes of cluster members in the cluster head by which the performance of the method improves significantly in detecting blackhole, rushing, route error fabrication, packet replication, and wormhole attacks. In this paper, an attack analysis method based on feature sensitivity ranking is also proposed that determines which features are influenced more by the mentioned attacks. This sensitivity ranking leads to the detection of the types of attacks launched on the network. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  5 - SAHAR: An Architecture to Strengthen the Control Plane of the Software-Defined Network Against Denial of Service Attacks
  mehran shetabi Ahmad Akbari
  Software-defined network (SDN) is the next generation of network architecture thatby separating the data plane and the control plane enables centralized control with the aim of improving network management and compatibility. However, due to the centralized control polic More

  Software-defined network (SDN) is the next generation of network architecture thatby separating the data plane and the control plane enables centralized control with the aim of improving network management and compatibility. However, due to the centralized control policy, this type of network is prone to Inaccessibility of control plane against a denial of service (DoS) attack. In the reactive mode, a significant increase in events due to the entry of new flows into the network puts a lot of pressure on the control plane. Also, the presence of recurring events such as the collection of statistical information from the network, which severely interferes with the basic functionality of the control plane, can greatly affect the efficiency of the control plane. To resist attack and prevent network paralysis, this paper introduces a new architecture called SAHAR, which consists of a control box consisting of a coordinator controller, a primary flow setup controller, and one or more (as needed) secondary flow setup controller(s). Assigning monitoring and managing tasks to the coordinator controller reduces the load of flow setup controllers. In addition, dividing the incoming traffic between the flow setup controllers by the coordinator controller distributes the load at the control plane. Thus, by assigning the traffic load resulting from a denial-of-service attack to one or more secondary flow setup controller(s), the SAHAR architecture can prevent the primary flow setup controller from impairment and resist DoS attacks. Tests show that SAHAR performs better in the face of a DoS attack than existing solutions. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  6 - Detection and Mitigation of a Combined Cyber Attack on Automatic Generation Control
  Tina Hajiabdollah H. Seifi Hamed Delkhosh
  Recent advances in power system monitoring and control require communication infrastructure to send and receive measurement data and control commands. These cyber-physical interactions, despite increasing efficiency and reliability, have exposed power systems to cyber a More

  Recent advances in power system monitoring and control require communication infrastructure to send and receive measurement data and control commands. These cyber-physical interactions, despite increasing efficiency and reliability, have exposed power systems to cyber attacks. The Automatic Generation Control (AGC) is one of the most important control systems in the power system, which requires communication infrastructure and has been highly regarded by cyber attackers. Since a successful attack on the AGC, not only has a direct impact on the system frequency, but can also affect the stability and economic performance of the power system. Therefore, understanding the impact of cyber attacks on AGC and developing strategies to defend against them have necessity and research importance. In most of the research in the field of attack-defense of AGC, the limitations of AGC in modeling such as governor dead band and communication network transmission delay have been ignored. On the other hand, considering two cyber attacks on the AGC and proposing a way to defend against them simultaneously, have not been considered. In this paper, while using the improved AGC model including governor dead band and communication network transmission delay, the effect of two attacks - data injection attack (FDI) and delay attack which are the most important cyber attacks on AGC - has been investigated. Also, the simultaneous effect of these two attacks is discussed as a combined cyber attack. The Kalman filter-based three-step defense method has been proposed to detect, estimate and mitigate the impact of the attacks and its effectiveness has been tested on the two-area AGC system. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  7 - Robust Planning of False Data Injection Attack on Electricity Markets in Smart Grids
  Hamed Badrsimaei R. Hooshmand Soghra  Nobakhtian
  False data injection attack (FDIA) is a destructive cyber threat to the economic performance of electricity markets in smart grids. A cyber attacker can make a huge financial profit by implementing an FDIA through penetrating the virtual transactions of the electricity More

  False data injection attack (FDIA) is a destructive cyber threat to the economic performance of electricity markets in smart grids. A cyber attacker can make a huge financial profit by implementing an FDIA through penetrating the virtual transactions of the electricity markets and manipulating electricity prices. In this paper, a new approach to planning an absolutely stealthily FDIA is presented with the aim of achieving maximum financial profit from the perspective of a cyber attacker participating in virtual transactions from two markets of day-ahead (DA) and real-time (RT). A common hypothesis in studies of FDIAs against electricity markets is that the attacker has complete information about the smart grid. But the fact is that the attacker has limited resources and can hardly access all the network information. This paper proposes a robust approach in designing an attack strategy under incomplete network information conditions. In particular, it is assumed that the attacker has uncertainties about the network modeling matrices. The validity of the proposed method is evaluated based on the IEEE 14-bus standard system using the Matpower tool. Numerical results confirm the relative success of the proposed attack in cases of varying degrees of incomplete information. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  8 - Proposing a Detection and Mitigation Approach for DDoS Attacks on SDN-Based IoT Networks
  fatemeh MotieShirazi Seyedakbar Mostafavi
  Internet of Things (IoT) is a network of objects on which objects can communicate with other objects. The Internet of Things is currently constantly under numerous attacks due to technical, legal and human problems. One of the most important of these attacks is the Deni More

  Internet of Things (IoT) is a network of objects on which objects can communicate with other objects. The Internet of Things is currently constantly under numerous attacks due to technical, legal and human problems. One of the most important of these attacks is the Denial of Service (DoS) attack, in which normal network services are out of service and it is impossible for objects and users to access the server and other resources. Existing security solutions have not been able to effectively prevent interruption attacks in Internet of Things services. Software-oriented network (SDN) is a new architecture in the network based on the separation of the control and data plane of the network. Programmability and network management capability by SDN can be used in IoT services because some IoT devices send data periodically and in certain time intervals. SDN can help reduce or prevent the data flood caused by IoT if properly deployed in the data center. In this article, a method to detect DDoS attacks in Internet of Things based on SDN is presented and then an algorithm to reduce DDoS attacks is presented. The proposed method is based on the entropy criterion, which is one of the most important concepts in information theory and is calculated based on the characteristics of the flow. In this method, by using two new components on the controller to receive incoming packets and considering the time window and calculating entropy and flow rate, a possible attack is detected in the network, and then based on the statistics of the flow received from the switches, the certainty of the attack is determined. Compared to the existing methods, the proposed method has improved 12% in terms of attack detection time and 26% in terms of false positives/negatives. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  9 - Design of a Secondary Controller Based on Distributed Cooperative Control of Distributed Generators (DGs) with Multi-Agent Systems Approach Considering DoS Cyber Attacks
  Abdollah Mirzabeigi Ali Kazemy Mehdi Ramezani Seyed Mohammad Azimi
  Today, in many control methods, neighboring system information is used for better control and synchronization between different units, and therefore, in the access and transmission of information through communication links, problems such as disruption, uncertainty, noi More

  Today, in many control methods, neighboring system information is used for better control and synchronization between different units, and therefore, in the access and transmission of information through communication links, problems such as disruption, uncertainty, noise, delay, and cyber-attacks occur. In this paper, the effect of the Denial of Service (DoS) cyber-attack on the microgrid in island mode is investigated and a cooperative distributed hierarchical controller is designed with the presence of this cyber-attack. Distributed Generations (DGs) have been analyzed with the help of multi-agent systems and the communication network between them using graph theory. The effects of the DoS cyber-attack on the model of DGs are mathematically formulated and in proving the stability and synchronization of frequency and voltage, the suitable Lyapunov function is presented and the stability analysis of DGs against these cyber-attacks is performed and the stability and synchronization conditions of DGs are proved. To confirm the proposed theoretical issues, a case study model is simulated despite the DoS attack on the communicative links in Matlab Simulink, and the results show the performance of the designed controller in different conditions. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  10 - computer security models and proposing a new perspective: A review paper
  Hadi sadjadi Reza Kalantari
  In this article first the use of computer security models and its benefits are discussed in a novel way. Then, while briefly introducing the space of computer security encounters in the form of ontology, for the first time, three perspectives in the study of patterns in More

  In this article first the use of computer security models and its benefits are discussed in a novel way. Then, while briefly introducing the space of computer security encounters in the form of ontology, for the first time, three perspectives in the study of patterns in this field have been identified and distinguished from each other. These three perspectives include the view of secure models, the view of security models, and the view of the framework and system to security models. The first and third perspectives are briefly explained and the second perspective is studied in detail from the perspective of the organization of patterns, including the five types of organization. The five types mentioned include software-based lifecycle organization, logical-level organization-based organization, threat-based classification-based organization, attack-based classification-based organization, and application-based organization. In this type of introduction of patterns, the audience acquires a comprehensive view of the discourse of computer security patterns and acquires the necessary knowledge to make better use of these patterns. Finally, the analysis and idea of this research is presented in the form of introducing a new type of organization in order to facilitate the proper use and addressing of patterns. In this idea, it is stated that the existing categories are mostly static and forward-looking and do not have the necessary dynamism and backwardness, and the idea of covering all stakeholders and security ontology can have this feature and, in addition, include agile patterns as well. . Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  11 - Stabilizing and Synchronizing the Islanded Microgrid with the Presence of Sensor and Actuator Fault and Cyber-Attack with Secondary Controller Design
  Abdollah Mirzabeigi Ali Kazemy Mehdi Ramezani Seyed Mohammad  Azimi
  In many microgrid control methods, the output information of sensors and actuators of neighbouring distributed generators (DGs) is used to stabilize and synchronize voltage and frequency. Many problems such as disturbances, uncertainty, unmodeled dynamics, cyber-attacks More

  In many microgrid control methods, the output information of sensors and actuators of neighbouring distributed generators (DGs) is used to stabilize and synchronize voltage and frequency. Many problems such as disturbances, uncertainty, unmodeled dynamics, cyber-attacks, noise, time delay, and measurement errors cause invalid data problems and errors in the system. Better microgrid control depends on the quality of data measured or sent from the output of sensors and actuators. In this paper, according to the advantages of the Cooperative distributed hierarchical control, it is used for control and synchronization in the islanded microgrid with the presence of sensor and actuator error. To synchronize DGs with multi-agent systems and communication channels, it is modeled with graph theory. To stabilize and synchronize, sensor and actuator error in the DG model is mathematically formulated. In the proof of stability and synchronization, the appropriate Lyapunov candidate is presented and the conditions of stability and synchronization are proved. Finally, to show the effectiveness of the designed controller in solving communication channel problems and verifying the presented theory, a case study is simulated in the MATLAB/Simulink software environment with the presence of error and cyber-attack of sensors and actuators. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  12 - Analysis of the Effects of Different Cyber Attacks on the Secondary Controller in Island Microgrids
  Abdollah Mirzabeigi ali kalantarnia
  With the advancement of science, in many control methods, the neighbor system is used to better control and synchronize between different information of microgrids. There are problems in accessing and transmitting information through communication links. In this article More

  With the advancement of science, in many control methods, the neighbor system is used to better control and synchronize between different information of microgrids. There are problems in accessing and transmitting information through communication links. In this article, vulnerability and acceptance of secondary control methods are distributed. Also, denial-of-service (DoS) cyber-attacks, sensors and actuators, and hijacking on the island microgrid have been investigated. In addition to stability, synchronization is also analyzed in this article. Multi-agent systems have been used for synchronization. Cyber-attacks are mathematically formulated in the controller. A suitable controller is designed to eliminate the attacks. In the stability and synchronization of frequency and voltage, the Lyapunov function is presented and simultaneous analysis of stability and synchronization has been done with practical proofs. The resilience factor has been calculated for different attacks. It is shown that the system is resilient against cyber-attacks. A case study has been simulated in MATLAB/Simulink to approve the theoretical issues. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  13 - A Survey on Computer Security Patterns and Proposing a New Perspective
  Hadi sadjadi Reza Kalantari
  In this article, at the beginning, the use of computer security models and its benefits are discussed in a new way. Then, while briefly introducing the space of computer security encounters in the form of ontology, three perspectives in the study of patterns in this fie More

  In this article, at the beginning, the use of computer security models and its benefits are discussed in a new way. Then, while briefly introducing the space of computer security encounters in the form of ontology, three perspectives in the study of patterns in this field have been identified and distinguished from each other. These three perspectives are secure models, security models, and the framework and system to security models. The first and last perspectives are briefly explained and the second perspective is studied in detail from the perspective of the organization of patterns, including the five types of organization. The five types mentioned include software-based lifecycle organization, logical-level organization-based organization, threat-based classification-based organization, attack-based classification-based organization, and application-based organization. In this type of introduction of patterns, the audience acquires a comprehensive view of the discourse of computer security patterns and acquires the necessary knowledge to make better use of these patterns. Finally, the analysis and idea of this research are presented in the form of introducing a new type of organization in order to facilitate the proper use and addressing of patterns. It is stated that the existing categories are mostly static and forward-looking and do not have the necessary dynamism and backwardness, and the idea of covering all stakeholders and security ontology can have this feature and, include agile patterns as well. Based on this idea and related analyzes, the atmosphere of future research activities will be revealed to the audience. Manuscript profile