Special issue on “Cyber Security”

After careful reviewing and emphasizing the recent advances in information assurance and network security, this special issue of the Cairo University Journal of Advanced Research, an Elsevier publications, contains three parts with total of nine papers; part I addresses network security, part II focuses on software and applications security, while part III discusses cyber infrastructure protection. Part I, Network Security, has three papers. The first paper, DoS Detection in IEEE 802.11 with the Presence of Hidden Nodes, by Joseph Soryal and Tarek Saadawi presents a novel approach to detect and identify the attacker who is employing denial of service (DoS) attack to disrupt the wireless networks with the presence of hidden nodes employing the widely used IEEE 802.11 DCF protocols. Malicious nodes alter the IEEE 802.11 standards to illicitly capture the channel and increase the probability of successful packet transmission on the expense of innocent nodes that follow the protocol standards. The detection process utilizes the theoretical network through-put derived using two dimensional Markov chain to determine the network capacity and use the results as baseline for detection. The paper by Jayaram Raghuram, David J. Miller, and George Kesidis titled; Unsupervised, low latency anomaly detection of algorithmically generated domain names by generative probabilistic modeling, presents a method for detecting anomalous domain names. The paper focuses on algorithmically generated domain names which are frequently associated with malicious activities such as fast flux service networks, particularly for bot networks (or botnets), malware, and phishing. The method is based on learning a (null hypothesis) probability model based on a large set of domain names that have been white listed by some reliable authority. Since these names are mostly assigned by humans, they are pronounceable, and tend to have a distribution of characters, words, word lengths, and number of words that are typical of some language (mostly English), and often consist of words drawn from a known lexicon. The third paper is entitled An Efficient Method to Detect Periodic Behavior in Botnet Traffic by Analyzing Control Plane Traffic, by Basil AsSadhan and Jose´M.F. Moura. Botnets pose a significant threat to Internet's communications and applications. A botnet relies on command and control (C2) communications channels traffic between its members for its attack execution. C2 traffic occurs prior to any attack; hence, the detection botnet's C2 traffic enables detection of members of the botnet before any real harm happens. The authors analyze C2 traffic and find …