China
Africa
Explore chapters and articles related to this topic
Reconnaissance
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Christos-Minas Mathas, Costas Vassilakis
In the context of vulnerability scanning, this section will cover tools under the last three categories, since the first category (port scanners) was covered in Section 2.4. Most application/vulnerability scanning tools include a service discovery module to provide information about the network devices (active hosts) and about the software/services they provide (service identification, OS fingerprinting) [31]. Service discovery techniques can be classified into active probing and passive monitoring [43]. Active probing sends packages/messages to every service of each network device and analyses the response. This technique yields more complete results.Passive monitoring analyses captured network traffic to discover network services as they are used. Requires the installation of monitoring devices (specialized or general-purpose devices with the ability to capture network traffic) and the choice of monitoring points in the assessed network, a choice that can affect the analysis results. This technique is best used for trend analysis.
Lifetime Maximization
Published in Mohamed Ibnkahla, Adaptation and Cross Layer Design in Wireless Networks, 2018
An interesting emerging application is in intelligent monitoring of people and baggage in airports [9]. The potentially powerful fixed infrastructure must cope with a high density of (low-mobility) RFID nodes and strict latency constraints. There is also an increasing interest in the passive monitoring of information flows at multiple locations, both in wired as well as in wireless networks. Here the issues are optimal placement of and optimal sampling at the monitors, subject to constraints on resource consumption, resilience to node and link failures, and dynamic changes in routing [10]. Passive monitoring may be useful for intrusion detection in a wireless network, as well as to monitor the health of the network, and to predict critical events such as congestion or resource depletion.
Intrusion Detection and Tolerance for 6LoWPAN-Based WSNs Using MMT
Published in Georgios Kambourakis, Asaf Shabtai, Constantinos Kolias, Dimitrios Damopoulos, Intrusion Detection and Prevention for Mobile Ecosystems, 2017
Nevertheless, to our knowledge, there has not been any official monitoring solution for such kind of networks yet. The initial propositions concentrate only on routing issues and they are likely impossible to allow a deep inspection on the network traffic. We aim to fulfill this mission. Indeed, we have adapted our original version of MMT, which has been working well over TCP/IP networks [9,10]. Our goal is to consider not only theoretical topology of the network but also ready-to-use elements in network traffic to monitor itself (i.e., passive monitoring). Avoiding creating additional traffic, which is costly in 6LoWPAN, is an important priority throughout our work. We validate MMT integrated with new 6LoWPAN plugins over a real test-bed in analyzing real-world 6LoWPAN traffic. Experimental results prove the applicability of our tool, which can be useful for both research community and industrial companies.
Real-Time Monitoring for Detection of Adversarial Subtle Process Variations
Published in Nuclear Science and Engineering, 2022
Yeni Li, Arvind Sundaram, Hany S. Abdel-Khalik, Paul W. Talbot
There are two general approaches to achieve this monitoring for OT purposes: passive and active. Passive monitoring implies observing the system for a period of time to understand, i.e., establish a basis to describe, its normal behavior and use this understanding to judge whether the system behavior at a later time has deviated from its expected normal behavior.8 Active monitoring relies on injecting perturbations into the engineering data to ensure their trustworthiness.9,10 Effectively, active monitoring may be thought of as inserting secret messages in the data to determine when the data are being tampered with.