The project led by Raihana Syahirah Abdullah, from the Faculty of Information Technology and Communication at the Universiti Teknikal Malaysia Melaka (UTeM) finalized their project and submitted their technical report.
The research focused on getting the parameter from raw infection codes using a reverse engineering approach as well as addressing the behaviours of IoT botnets. The main objective of the research was to develop a new model in detecting IoT botnets using graph analytics theory model with analysing the selection of influence feature factor. The output of this research is a scheme that is able to remove and quarantine the suspicious codes as well as able to detect the behaviour changes in the IoT devices. The model also can be used as a security tool to discover the real behaviors of IoT botnets from the raw infection codes that exists in particular IoT devices and machines.
Many telecommunications networks in the Pacific interconnect not directly but via international carriers in the United States or Australia. This has a profound impact on both the cost and the performance of regional traffic. While web traffic is slowed, real-time collaborations are rendered unusable, creating barriers for inter-island collaboration.
Governments, competitive carriers, Internet societies, and activists argue that direct interconnection, or peering, is the answer to these performance problems. They believe that if competitive networks are allowed to exchange traffic free-of-charge with incumbent networks, the cost of Internet will go down, and performance will go up.
Incumbent networks throughout the Pacific steadfastly refuse to openly peer with other carriers, education networks, and government networks – and a change in this behaviour is not in sight. Not only do they refuse to peer, they sometimes charge their competitors more for direct access to their networks than competitors pay for global Internet connectivity. Competitors, activists, and even governments say this is a clear violation of network neutrality. This project investigating carrier interconnections in the Pacific has shown the situation to be far more nuanced.
This project’s objective was to share research collected during an earlier iteration of the project via the web in a dynamic way. This included information on physical and routed topologies, telecommunications market data, and information on the relationships Pacific Island nations have with the rest of the world.
In support of these objectives, the project has produced a website that reviews the telecommunications environment of the Pacific Islands. The site looks at each market’s connectivity to the world: telecommunications, sea freight, air routes, and trade. It provides real-time statistics on carrier market share. Finally, it considers the complexity of island telecommunications through a composite case study on peering.
Dr. Di Ma from the Internet DNS Beijing Engineering Research Center (ZDNS) has completed the report for one of the grants that was allocated in 2018 for implementation in 2019, titled “RPKI Monitor and Visualizer for Detecting and Alerting for RPKI Errors”.
This project implements an RPKI security mechanism that detects and counters adverse actions in the RPKI, which helps mitigate risks to global routing system. The mechanism is implemented by two components: the monitor, which detects erroneous or malicious RPKI changes, and the visualizer, which displays graphically the validation process passed to it by the validator and the alert information issued by the monitor.
The project achieved the following objectives:
Develop an RPKI Monitor to detect RPKI problems due to mistakes by or attacks against CAs and repositories, and generate alerts to the affected parties to remedy the problems. It also provides suggestions to guide RPs in deciding whether to accept or defer accepting those changes.
Develop an RPKI Visualizer to display graphically the validation process and involved RPKI data passed to it by the validator and the alert information issued by the Monitor.
Prof. Winston Seah from the School of Engineering and Computer Science at the Victoria University of Wellington has completed the report for one of the grants that was allocated in 2017 for implementation in 2018, titled “Scalable Traffic Classification in Internet of Things (IoT) for Network Anomaly Detection”.
The project focused on accurate traffic classification in the Internet of Things (IoT). The IoT comprises large numbers of heterogeneous simple devices running single applications, often with little to no security features making them easily compromised and used as tools in cyberattacks. As we become more connected and reliant on the Internet, any form of disruption in connectivity due network anomalies can result in adverse consequences, ranging from loss of productivity and revenue, to destruction of critical infrastructure and loss of life. In the last decade, cyberattacks have increased at an alarming rate, even just based on the reported incidents. We need to be able to classify new traffic types coming from IoT devices accurately and promptly, so that anomalous traffic can be identified and dealt with quickly.
Payload-based (PB) techniques although can reach high accuracy, but suffers from several limitations. The limitations of PB classification are expected to be addressed by statistical-based (SB) techniques. SB approaches are based on flow features and the traffic is classified using Machine Learning algorithms (MLAs). SB classification assumes that specific flow-level features such as flow duration, inter-arrival time, transmitted bytes, packet length and packet size can distinguish different types of traffic flows. We studied how unsupervised machine learning can be applied to network anomaly detection in the dynamic IoT environment where previously unencountered traffic types and patterns are regularly emerging and need to be identified and classified. This project involves the study and selection of appropriate MLAs (to be implemented as a proof-of-concept prototype) and identification of those flow features which have the highest impact on the traffic classification accuracy. This project contributes to making safer cyber-physical systems that are an integral component of the IoT.
Prof. Vijay Varadharajan from the Faculty of Engineering and Built Environment at The University of Newcastle has completed the report for one of the grants that was allocated for implementation in 2018, titled “Software Defined Networks based Security Architecture for IoT Infrastructures”.
The project developed fine granular security policies and a lightweight security protocol to authenticate IoT devices and authorise them to access services in network infrastructure in a secure manner. The project involved three stages:
In the first stage, the project team conducted a detailed study of security attacks on IoT infrastructures and the different security solutions that currently exist to counteract the various types of attacks. Then, analysed the pros and cons of the existing solutions, and developed security requirements that need to be addressed in designing security architecture for IoT Applications.
As part of second stage, the team developed a lightweight authentication protocol based on a novel public key encryption scheme. The proposed protocol achieved a balance between the efficiency and communication cost without sacrificing security.
In the third stage, the team proposed a SDN based security architecture for IoT systems. Their security architecture allowed specification of fine granular access policy constraints on communications between end users, devices and services in a distributed environment. A novel feature of the proposed architecture is its ability to specify path based security policies, which is a distinct advantage in SDNs.
The Centre for Advanced Internet Architectures (CAIA) from the Swinburne University of Technology, explored a new technique that quickly detects different BGP anomalies as part of their Internet Operations Research Grant they received from ISIF Asia during 2016 and implemented during 2017.
The Internet’s default inter-domain routing protocol, the Border Gateway Protocol (BGP) is vulnerable to different types of anomalies such as hijacking, misconfiguration, and Denial of Service (DoS) attacks. Although considerable research has been carried out into BGP anomalies, existing approaches were not able to mitigate or identify BGP misconfiguration and lack of ground truth time stamps for BGP events.
In this project, CAIA’s team introduced two new tools, real-time BGP Anomaly Detection Tool (RTBADT) and BGP Replay Tool (BRT), to detect BGP anomalies in real-time. Specifically, RTBADT can be used by ISP operators to monitor and detect BGP anomalies through peering it with the intended peer AS, while BRT is able to replay past BGP updates with time-stamps. These tools enable network operators to protect their network from the worst consequence and mitigate the threats of Internet stability.
Remote locations such as many Pacific Islands face a significant challenge to access reliable and fast Internet connectivity. Shared narrowband Internet satellite links are a staple in many islands of the South Pacific. They often underperform due to the difficulties that the dominant Internet transport protocol TCP faces in estimating the available capacity across the link.
ISIF Asia 2016 Grant recipient, The University of Auckland, has built a simulator capable of replicating the demand profile and other conditions encountered on such links in order to be able to study potential solutions to the problem, such as network coding or performance enhancing proxies.
Thanks to the funds from the ISIF Asia grant, the project team developed tools to automate the experimentation process, including scripts that configure the link emulator, the “island clients” and the “world servers” (a combined total of over 100 machines), any encoders, decoders, and performance enhancing proxies.