{"title":"利用安全运营模式改进网络网络安全服务","authors":"","doi":"10.35940/ijrte.a1279.059120","DOIUrl":null,"url":null,"abstract":"Concerns for service computer networks’ security and reliability are growing rapidly due to increasing service devices with connections to external networks. This aggravates vulnerability of service networks to cyber attacks through external connections. Though encryption can provide security for user data transmissions, encryption itself could not provide protections against traffic analysis attacks. Techniques against traffic-analysis attacks through statistically controlling the transmission rate of padded and encrypted frames are unsuited for power system applications. This paper proposes three security operation modes for the newly developed security layer, located below DNP3 data-link layer, to strengthen encryption and authentication operations against the effectiveness of trafficanalysis and cryptanalysis attacks. The security models use padding to disguise the amount of user data transmitted and disguise the user data link layer frame amongst a group of manufactured frames similar to statistically controlling data transmission rate. The proposed security operations have been successfully applied to enhance power system security controls.","PeriodicalId":220909,"journal":{"name":"International Journal of Recent Technology and Engineering","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Improvement of Network Cyber Security Services using Security Operation Models\",\"authors\":\"\",\"doi\":\"10.35940/ijrte.a1279.059120\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Concerns for service computer networks’ security and reliability are growing rapidly due to increasing service devices with connections to external networks. This aggravates vulnerability of service networks to cyber attacks through external connections. Though encryption can provide security for user data transmissions, encryption itself could not provide protections against traffic analysis attacks. Techniques against traffic-analysis attacks through statistically controlling the transmission rate of padded and encrypted frames are unsuited for power system applications. This paper proposes three security operation modes for the newly developed security layer, located below DNP3 data-link layer, to strengthen encryption and authentication operations against the effectiveness of trafficanalysis and cryptanalysis attacks. The security models use padding to disguise the amount of user data transmitted and disguise the user data link layer frame amongst a group of manufactured frames similar to statistically controlling data transmission rate. The proposed security operations have been successfully applied to enhance power system security controls.\",\"PeriodicalId\":220909,\"journal\":{\"name\":\"International Journal of Recent Technology and Engineering\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-05-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Recent Technology and Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.35940/ijrte.a1279.059120\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Recent Technology and Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.35940/ijrte.a1279.059120","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Improvement of Network Cyber Security Services using Security Operation Models
Concerns for service computer networks’ security and reliability are growing rapidly due to increasing service devices with connections to external networks. This aggravates vulnerability of service networks to cyber attacks through external connections. Though encryption can provide security for user data transmissions, encryption itself could not provide protections against traffic analysis attacks. Techniques against traffic-analysis attacks through statistically controlling the transmission rate of padded and encrypted frames are unsuited for power system applications. This paper proposes three security operation modes for the newly developed security layer, located below DNP3 data-link layer, to strengthen encryption and authentication operations against the effectiveness of trafficanalysis and cryptanalysis attacks. The security models use padding to disguise the amount of user data transmitted and disguise the user data link layer frame amongst a group of manufactured frames similar to statistically controlling data transmission rate. The proposed security operations have been successfully applied to enhance power system security controls.