Papers by Opeyemi Ayokunle Osanaiye
Int. J. Communications, Network and System Sciences, 2018
Industry leaders are currently setting out standards for 5G networks projected for 2020 or even s... more Industry leaders are currently setting out standards for 5G networks projected for 2020 or even sooner. Future generation networks will be heterogeneous in nature as no single network type will be capable of optimally meeting all the rapid changes in customer demands. With the advent of multi-homed devices and heterogeneous network (HetNet) solution, great concerns arise in the processes involved for successful handover. Active calls that get dropped or cases of poor quality of service experienced by mobile users can be attributed to the phenomenon of delayed handover (HO) or an outright case of an unsuccessful handover procedure. This work compares multiple criteria handover basis to its traditional single relative signal strength (RSS) base counterpart. It analyses the performance of a fuzzy-based VHO algorithm scheme in a Wi-Fi, WiMAX, UMTS and LTE integrated network using OMNeT++ event simulator. The loose coupling network architecture is adopted and simulation results analysed for the two major categories of handover; the multiple and single criteria. Results obtained show a better overall through-put, better call dropped rate and shorter handover time for the multiple criteria based decision method as compared to the single criteria based technique. This work also highlights current research trends, challenges of seamless handover and initiatives for Next Generation HetNet.
—Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS... more —Notwithstanding the increased popularity of cloud computing, Distributed Denial of Service (DDoS) remains a threat to its adoption. In this paper, we propose the use of a change-point monitoring algorithm to detect DDoS flooding attacks against cloud services by examining the packet inter-arrival time (IAT). This method leverages on the fact that most DDoS attacks are automated and exhibit similar patterns. These patterns, when closely examined, can be distinguished from normal traffic patterns, and can therefore be tracked using a cumulative sum (CUSUM) algorithm. The proposed solution was validated by conducting a trace-driven simulation and empirical evaluation. The results demonstrated the efficiency and accuracy of this proposed solution.
Widespread adoption of cloud computing has increased the attractiveness of such services to cyber... more Widespread adoption of cloud computing has increased the attractiveness of such services to cybercriminals. Distributed denial of service (DDoS) attacks targeting the cloud's bandwidth, services and resources to render the cloud unavailable to both cloud providers, and users are a common form of attacks. In recent times, feature selection has been identified as a pre-processing phase in cloud DDoS attack defence which can potentially increase classification accuracy and reduce computational complexity by identifying important features from the original dataset during supervised learning. In this work, we propose an ensemble-based multi-filter feature selection method that combines the output of four filter methods to achieve an optimum selection. We then perform an extensive experimental evaluation of our proposed method using intrusion detection benchmark dataset, NSL-KDD and decision tree classifier. The findings show that our proposed method can effectively reduce the number of features from 41 to 13 and has a high detection rate and classification accuracy when compared to other classification techniques.
– Incessant attacks in the internet in general and in the cloud specifically has necessitated the... more – Incessant attacks in the internet in general and in the cloud specifically has necessitated the proposal of defense measures. The magnitude of traffic to be analysed has brought to the fore data mining and machine learning approaches. In the midst of this, feature selection has been identified as a pre-processing phase during attack defense that increases the classification accuracy and reduces computational complexity by extracting important features from original data. In this work, we analyse different filter selection methods and machine learning classification algorithms to establish a correlation between them. An Intrusion detection benchmark dataset, NSL-KDD, was used for performance evaluation by considering two performance metrics, detection accuracy, and time to build model. J48, a version of C4.5 decision tree and chi-squared filter selection method, using 14 most important features, exhibit a high correlation by considering both performance metrics, thus presents the best result.
Spoofing of IP is a key attribute of Distributed Denial of Service (DDoS) attack that consumes Cl... more Spoofing of IP is a key attribute of Distributed Denial of Service (DDoS) attack that consumes Cloud resources and network bandwidth within a short period of time. This is costly to both the providers and users of Cloud. Cloud computing offers a
metered service, which uses pay-per use. Therefore providing a
high available Cloud will improve the Cloud provider’s reputation and financial proceeds. To the Cloud users, it solely depends on the provider for its resources therefore it must always be available as contained in the service level agreement (SLA). The goal of this paper is to analyse and compare the TCP/IP packet header features of incoming traffic that identifies remote hosts according to their Operating System. This is used to detect the true source of a packet during spoofed DDoS attack. Our solution further analyses the observed final TTL value in both active and passive stage of the OS fingerprints to cater for false negative during detection. We demonstrated our proposed solution on a Xen Cloud Platform Test bed.
Distributed Denial of Service (DDoS) attack has been identified as the biggest security threat to... more Distributed Denial of Service (DDoS) attack has been identified as the biggest security threat to service availability in Cloud Computing. It prevents legitimate Cloud Users from accessing pool of resources provided by Cloud Providers by flooding and consuming network bandwidth to exhaust servers and computing resources. A major attribute of a DDoS attack is spoofing of IP address that hides the identity of the attacker. This paper discusses different methods for detecting spoofed IP packet in Cloud Computing and proposes Host-Based Operating System (OS) fingerprinting that uses both passive and active method to match the Operating System of incoming packet from its database. Additionally, how the proposed technique can be implemented was demonstrated in Cloud Computing environment
What an alternative. Most people argue that if something works well there is no sense in changing... more What an alternative. Most people argue that if something works well there is no sense in changing it. This is exactly what is happening with VoIP today. Voice over Internet Protocol usually called VoIP is the transmission of voice, video conferencing, data, faxes over an IP based network. VoIP technology has received much attention due to several emerging application in voice communication. This paper presents a tutorial on a basic way of deploying VoIP using miniSipServer on an existing Metropolitan Area Network (MAN). After which security solution is deployed on the network using Virtual Private Network (VPN) due to the high security risk posed by VoIP as compared to the Public Switch Telephony Network (PSTN).
Telecommunications in recent years has been undergoing a rapid growth all over the world. Promine... more Telecommunications in recent years has been undergoing a rapid growth all over the world. Prominent among the advancements of telecommunication is the evolution of modern converged network that provides the trio of data, voice and video network on a single network platform. The converged technology uses the internet as a medium to transmit data, voice and video packets using packet switching. This comes with numerous benefits by providing add-ons to both the service providers and users. The VoIP technology has been widely accepted and has received a boost in most western countries like the US and UK where users are now migrating from the legendry Public Switch Telephony Network (PSTN) to VoIP because of the numerous benefits it offers but unfortunately the business environment in Nigeria is yet to key into this promising technology. This study therefore focuses on introducing and implementing this technology in a converged network in Nigerian environment. It will also showcase VoIP’s numerous advantages and look at issues likely to be encountered during its implementation. It is hoped that it will help to serve as a tool in decision making process by converging the VoIP network with the already available data network.
The internet has been undergoing rapid and continuous growth over the past few years. The most si... more The internet has been undergoing rapid and continuous growth over the past few years. The most significant development the telecommunication industry has witnessed is the evolution of Voice over IP technology. This technology uses the internet as a medium for transmitting voice during a telephone conversation between two or more parties. VoIP technology comes with numerous benefits like reduced call cost and wide variety of add-ons to both the service providers and the end users. Despite all these, the technology is subjected to security risk because of the open nature of the internet. Much emphasis has been placed on the quality of service of VoIP over the years and dark eyes have been turned on its security. This study therefore aims to identify the security threats and attack VoIP can be exposed to during transmission, produce a VoIP system using the open source Asterisks before securing the network using IPSec VPN
Uploads
Papers by Opeyemi Ayokunle Osanaiye
metered service, which uses pay-per use. Therefore providing a
high available Cloud will improve the Cloud provider’s reputation and financial proceeds. To the Cloud users, it solely depends on the provider for its resources therefore it must always be available as contained in the service level agreement (SLA). The goal of this paper is to analyse and compare the TCP/IP packet header features of incoming traffic that identifies remote hosts according to their Operating System. This is used to detect the true source of a packet during spoofed DDoS attack. Our solution further analyses the observed final TTL value in both active and passive stage of the OS fingerprints to cater for false negative during detection. We demonstrated our proposed solution on a Xen Cloud Platform Test bed.
metered service, which uses pay-per use. Therefore providing a
high available Cloud will improve the Cloud provider’s reputation and financial proceeds. To the Cloud users, it solely depends on the provider for its resources therefore it must always be available as contained in the service level agreement (SLA). The goal of this paper is to analyse and compare the TCP/IP packet header features of incoming traffic that identifies remote hosts according to their Operating System. This is used to detect the true source of a packet during spoofed DDoS attack. Our solution further analyses the observed final TTL value in both active and passive stage of the OS fingerprints to cater for false negative during detection. We demonstrated our proposed solution on a Xen Cloud Platform Test bed.