This paper presents a system that is able to detect physical intrusion in a specific space based on temperature and humidity change. This specific space was housing hardware components important for information security management infrastructure. Presented system is able to predict that two spaces are connected and that there is a physical breach in protected space. The presented prediction approach involves identifying patterns in historical data, where the subsequent outcomes are already known in advance, and validating these patterns using more recent data. System is implemented using k-Nearest Neighbours, Random Forest, and Support Vector Machine algorithms in Python programming language on Raspberry Pi. Real observed data to predict if specific temperature and humidity indicates intrusion were used. This approach can be used to detect intrusions in the room or in other closed space. More specifically thermal equilibrium phenomenon between two spaces after barrier between them are opened was monitored. Through process of supervised learning using labelled data, system was able to detect intrusion by using k-nearest neighbours, random forest, and support vector machine with different accuracy. Presented model shows better results using k-nearest neighbours and support vector machine with accuracy of 100% compared to random forest with accuracy of 95%. The system is low cost because of cheap Raspberry Pi controller and sensors.

Denial of Service (DoS) attacks, particularly the distributed variant known as DDoS, are easily initiated but pose significant challenge in terms of mitigation, especially in the case of DDoS. These attacks involve the use of a vast number of packets, often generated by specialized programs and scripts, crafted for specific attack types like SYN flood, ICMP Smurf, and similar. Malicious DoS packets share similar attributes, such as packet length, interval time, destination port, TCP flags, and the number of connections to the same host or service. To rapidly identify anomalous packets amidst legitimate traffic, we propose a system that incorporates the Newcombe-Benford power law and Kolmogorov-Smirnov test. This approach enables the detection of matching first occurrences of leading digits, such as packet size indicating the use of automated scripts for malicious purposes, and the count of connections to the same host or service.

Denial of Service attacks and the distributed variant of this type of attack called DDoS are attack types which are easy to start but hard to stop especially in the DDoS case. The significance of this type of attack is that attackers use a large number of packets usually created with programs and scripts for creating specially crafted types of packets for different types of attack such as SYN flood, ICMP smurf, etc. These packets have similar or identical attributes such as length of packets, interval time, destination port, TCP flags etc. Skilled engineers and researchers use these packet attributes as indicators to detect anomalous packets in network traffic. For fast detection of anomalous packets in legitimate traffic we proposed Interactive Data Extraction and Analysis with Newcombe-Benford power law which is able to detect matching first occurrences of leading digits – size of each packet that indicate usage of automated scripts for attack purposes. Power law can be used to detect the same first two, three, or second digits, last one or two digits in data set etc. We used own data set, and real devices.

Today IT vendors and mail/web/internet providers put their cloud strategy in the first place. Challenges such as data security, privacy protection, data access, storage model, lack of standards and service interoperability were set up almost ten years ago. This paper presents a part of the research on the cloud security systems at the infrastructure layer and its sublayer — network layer. To analyze and protect cloud systems we need storage and machines with extra features. Due to these needs, we used new technologies from Microsoft to suggest framework of host and network based systems for cloud intrusion detection and prevention system (CIDPS). The purpose of this research is to recommend use of the architecture for the detection network anomalies and protection of large amounts of data and traffic generated by cloud systems.

The threat of resource starvation attacks is one of the major problems for the e-Business. More recently these attacks became threats for Cloud environments and Denial of Service is a sub-category of these kinds of attack. The network management is process of taking proactive actions before the attack has taken effect which is responsibility of skilled employees — network managers. In recent time vulnerability testing skills are needed to harden system security. These skills have to be developed thus for we created scenario in a controlled environment, to provide opportunity for student trainees to train their skills, so that defense could be prepared. This paper describes a simulation-based training scenario using simulator and by using hacking tools in which student trainees experience the symptoms and effects of a DDoS attack, practice their responses in a simulated environment, with goal to prepare them for the real attacks.

Cloud computing became very popular in past few years, and most of the business and home users rely on its services. Because of its wide usage, cloud computing services became a common target of different cyber-attacks executed by insiders and outsiders. Therefore, cloud computing vendors and providers need to implement strong information security protection mechanisms on their cloud infrastructures. One approach that has been taken for successful threat detection that will lead to the successful attack prevention in cloud computing infrastructures is the application of machine learning algorithms. To understand how machine learning algorithms can be applied for cloud computing threat detection, we propose the cloud computing threat classification model based on the feasibility of machine learning algorithms to detect them. In this paper, we addressed three different criteria types, where we considered three types of classification: a) type of learning algorithm, b) input features and c) cloud computing level. Results proposed in this paper can contribute to further studies in the field of cloud threat detection with machine learning algorithms. More specifically, it will help in selecting appropriate input features, or machine learning algorithms, to obtain higher classification accuracy.

– Cloud computing is a trending technology, as it reduces the cost of running a business. However, many companies are skeptic moving about towards cloud due to the security concerns. Based on the Cloud Security Alliance report, Denial of Service (DoS) attacks are among top 12 attacks in the cloud computing. Therefore, it is important to develop a mechanism for detection and prevention of these attacks. The aim of this paper is to evaluate Support Vector Machine (SVM) algorithm in creating the model for classification of DoS attacks and normal network behaviors. The study was performed in several phases: a) attack simulation, b) data collection, c) feature selection, and d) classification. The proposed model achieved 100% classification accuracy with true positive rate (TPR) of 100%. SVM showed outstanding performance in DoS attack detection and proves that it serves as a valuable asset in the network security area.

Many organizations suffer great losses due to risk materialization connected to implemented Bring Your Own Device (BYOD) policy because of missing implemented and maintained bests practices and standards for information security. With goal of better dealing with security vulnerabilities caused with implementation of new services and policies such as BYOD policy, measurement of maturity level in secure usage of BYOD is necessary. In this paper we presented approach for creating metrics which can be used to align security policies with BYOD policy in creating metrics based on ISO 27000 standard family.

Penetration testing is the process of detecting computer vulnerabilities and gaining access and data on targeted computer systems with goal to detect vulnerabilities and security issues and proactively protect system. In this paper we presented case of internal penetration test which helped to proactively prevent potential weaknesses of targeted system with inherited vulnerabilities which is Bring Your Own Device (BYOD). Many organizations suffer great losses due to risk materialization because of missing implementing standards for information security that includes patching, change management, active monitoring and penetration testing, with goal of better dealing with security vulnerabilities. With BYOD policy in place companies taking greater risk appetite allowing mobile device to be used on corporate networks. In this paper we described how we used network hacking techniques for penetration testing for the right cause which is to prevent potential misuse of computer vulnerabilities. This paper shows how different techniques and tools can be jointly used in step by step process to successfully perform penetration testing analysis and reporting.

In long duration emergency and large scale disaster situations, information on asset position, information of current and information history of weather conditions, and communication are crucial for every rescue operation. Picture and voice are crucial so that affected population can make important decisions and take actions. Available technology offers affordable (low cost) and robust infrastructure solutions in disaster relief situations supported by radio amateur communication. In this paper we presented three types of services for which same hardware in essence can be used. First service is for GPS location mapping, second one is for VOIP communication, and third one is to provide real time video capturing. GPS location mapping was performed by using APRS-IS SDR, VOIP communication is performed via radio-svxlink-Internet using Echolink (svxlink which is linux compatible version) software, and for video capturing was used using Motion software. All above stated services is possible to install on low energy microcomputer such as Raspberry Pi which can be powered with 5 V battery or with mobile phone power adapter.