This paper describes the test platform for verifying the functionality of network protocols and for optimization of their parameters. The test bed is made using combined OPNET simulator and MATLAB development environment. This test platform connects OPNET network protocols simulator with MATLAB development environment in the way that OPNET runs simulations of network traffic, with the predetermined parameter values, while MATLAB executes the script with a mathematical algorithm, which optimizes parameters listed in OPNET simulator.

The scope, scale, and intensity of real, as well as potential, attacks on the Smart Grid have been increasing and thus gaining more attention. An important component of the Smart Grid cybersecurity efforts addresses the availability and access to the power and related information and communications infrastructures. In this paper, we provide a holistic and methodical presentation of taxonomies and solutions for DoS attacks in the Smart Grid. The emerging threats of cybertattacks are raising serious concerns for many critical infrastructures. In this regards, The scope, scale, and intensity of real as well as potential attacks on the Smart Grid are on the rise and with devastating consequences. An important component of Smart Grid cyberse-curity efforts addresses the availability and access to the power and related information and communications infrastructures. In this paper, a holistic and methodical presentation of taxonomies and solution for DoS attacks in the Smart Grid is presented.

Computer forensics investigation process evolved from analysis of offline data copies to the process of finding whole spectrum of non-volatile traces in local and remote user environments. Many computer forensic investigations models proposed by researchers and incident respondents were widely accepted for static and live analysis of the systems. With cloud environment surrounding almost every aspect of information technology, researchers find it difficult to apply those models to investigation involved. In this paper, state-of-the-art forensic investigation models for cloud environment have been presented.

Today’s cybercrimes are much more difficult to detect and prosecute than traditional crimes. In the investigation of cybercrimes, law enforcement agencies follow similar techniques to traditional crimes that, however, have to be modified to meet the unique conditions and requirements of virtual space. This paper examines cybercrime profiling techniques prevalent today, and focuses on the feasibility of applying geographic profiling technique to cyber offenders. The primary assumption of the research is that for most types of cybercrime, the steps during the procedure of committing criminal act are not random. For example, the choice of the victim, the choice of crime location, similar characteristics, follow a certain logic, which could provide information about the offender's crime. Testing the utility of a geographical profiling has been carried out on real cybercrime samples obtained by law enforcement agencies. This paper aims to apply the concept of geographic profiling to the issue of cybercrime that involve a physical world, targeting two types of cybercrimes: credit card skimming and spear phishing. Specially developed GeoCrime geographic profiling software designed to assist in the mapping, spatial and statistical analysis of cybercrime patterns was used. The results of the study have shown the possibility of applying geographic profiling to certain types of cybercrimes and under the certain conditions. The importance of geographic profiling is also emphasized, especially in situations where little is known about the offender, such as in cybercrime, where offenders use the Internet to hide their identities and activities. © 2018 xxxxxxxx. Hosting by Elsevier B.V. All rights reserved.

This paper proposes an implementation of honeypot that detects and reports telnet attacks on Internet-of-Things (IoT) devices. The honeypot operates with manual and Mirai-based attacks. A multi-component design is implemented in order to attain sufficient exposure to malicious traffic and security of collected data. Settings and additional files needed to run the honeypot are explained. Honeypot is tested using Mirai and results are discussed. After that, conclusion and directions for future work are given.

This paper tries to shed more light on Mirai malware, with an aim to facilitate its easier detection and prevention. This malware was used in several recent high profile DDoS attacks. Mirai is used to create and control botnet of IoT devices. The code of this malware is analysed and explanation of its parts provided. Virtual environment for dynamic analysis of Mirai is created. Special settings that were needed to install, start and use Mirai in this environment are explained. Mirai CNC user environment with list of commands is presented. Controlled DDoS attack was successfully executed. Traffic generated during controlled attacks was used to generate signature for Mirai detection. Conclusion of static and dynamic analysis is given together with some mitigation advices.

Users of triple-play systems expect to be able to use their services on different locations. That opens an issue of extending security to include mobile triple-play users. Mobile users need to authenticate to the system and vice-versa. Users expect confidentiality of their communications. Content providers request copyrights to be respected. Protocols for session control, SIP. and media transfer, RTP, have their secured versions, SIPS and RTSP. That solution would require multiple protocols and keys and would be a burden on users and system administrators. This paper proposes an architecture that uses IMS to provide services and VPN to secure them. IMS provides convenience of user mobility. VPN provides authentication, confidentiality and integrity. Additional security provided by VPN does not translate to additional work for users, It is completely transparent for them. Proposed design is implemented and tested. IMS with different services was available, through VPN, to mobile users connected to the Internet with different devices and connections. The testing confirmed security and usability for mobile users.

Smart Grid (SG) communication become very hot topic for smart, intelligent and distributed transmission systems for electric power. However, security issues are still open and this is one of main concerns to the deployment of SG. In order to cope with this challenging concern, we propose secure message exchange protocol in this paper, for secure communication in SG system. Particularly, in the proposed protocol, we pay attention to robustness and resistance of exchanged messages to external noise, with a certain level of self-correction. Robustness and resistance to external noise is due to Quick Response (QR) code properties.

This paper describes an implementation of secure RICA (Robustness, Integrity, Confidentiality and Authentication) key exchange protocol. Integrity, confidentiality and authentication are the base for secure message exchange. We propose adding robustness in order to ensure better availability of the system. Robustness of presented implementation is due to Quick Response (QR) code properties. QR codes are resistant to a certain level on errors. We used GNU1 Privacy Guard (GnuPG or GPG), version for Windows operating system, for signing and encrypting the message, as a base for secure key exchange protocol.

Most research on network traffic prediction has been done on small datasets based on statistical methodologies. This research analyzes an internet traffic dataset spanning multiple months using the data mining process. Each data mining phase was carefully fitted to the network analysis domain and systematized in context of data mining. The second part of the paper evaluates various seasonal time series prediction models (univariate), including ANN, ARIMA, Holt Winters etc., as a data mining phase on the given dataset. The experiments have shown that in most cases ANNs are superior to other algorithms for this purpose.