User:Bobalily/Network eavesdropping/Bibliography

This is where you will compile the bibliography for your Wikipedia assignment. Please refer to the following resources for help:

• Adding citations
• Evaluating articles and sources

1. Bonguet A, Bellaiche M, (2017). "A Survey of Denial-of-Service and Distributed Denial of Service Attacks and Defenses in Cloud Computing" Future Internet 9(43), pp.1-19.

The source is a scholarly journal article on cloud computing; denial-of-service, network eavesdropping, security, and countermeasures. The purpose of this paper is to evaluate cloud computing as a model and how eavesdropping attacks can happen. The article starts with an abstract explaining what cloud computing and Denial-of-Service is. Then the introduction explains the features of cloud computing including large-scale, resource-pooling, network access, on-demand self-service. It also highlights that users do not own the computing servers and their data can be accessed by different devices(smartphone, computer). Then it goes on about the security in cloud computing when developing services, such as isolating users’ data, implementing authentication mechanisms. It goes on about integrity where traffic hijacking can eavesdrop on activities and transactions, manipulate data, redirect users to illegitimate sites, and more. Later on, it discusses design experiments used to evaluate DoS defenses. Works related to the classification of security, identifying possible attacks and attackers are discussed. Active attackers may attack by sending signals to users, while passive attackers may just eavesdrop, so that victims may not be aware that their machine is being watched or monitored. Passive attackers may launch eavesdropping attacks to capture communication. Virtual Machine Monitor(VMM) is proposed as a detector to monitor the attacks, and the Intrusion Detection Systems(IDS) examines network traffic and user behaviors so they will be alerted when an attack occurs. The journal article mentioned other systems as well and moved on to how to evaluate defense systems. The source is reliable because 55 sources are referenced, and the source is not biased because it is informing readers and not putting any opinions. This source is useful because it introduces new concepts to monitoring network eavesdropping and brings in different ideas and criteria. The target audience is people who want to learn more about cloud computing and models to deal with network attacks. Also, the reading level of the article is low such that a beginner in learning about network security will understand it pretty well. This article did not shape any of my arguments; this article is more of explaining concepts.

2. Li X, Wang Q, Dai H-N, Wang H, (2018). “A Novel Friendly Jamming Scheme in Industrial Crowdsensing Networks against Eavesdropping Attack” Sensors 18(1938), pp.1-23.

The source is a scholarly article on a proposal of an anti-eavesdropping attack. It starts with introducing friendly-jamming schemes as a promising approach to enhance network security so that it can generate a jamming signal to increase the noise level at the eavesdropper, making the eavesdropper fail to wiretap the communications. Then it introduces the model that focuses on uplinking transmission from sensor devices to the receiver and explains how the model can help with jamming eavesdroppers, and impacts of it. The source is reliable because 31 sources are referenced, and the source is not biased because it is informing readers and not putting any opinions. This source is useful because it introduces an anti-eavesdropping model to jam eavesdroppers, and has any information on how it works. Also, this article is useful for people that want to learn how to propose an anti-eavesdropping attack model or any models regarding network security. The targeting audience is people who want to learn more about anti-eavesdropping and a model to deal with network attacks. The reading level is difficult to comprehend such that a beginner learning about network security will understand it pretty well. Also, this scholarly article involves many mathematical formulas that many may not be familiar with so it is difficult to learn or understand. This journal article helps me shape my knowledge on anti-eavesdropping attacks with jamming schemes, and that there are different ways of tackling eavesdropping attacks on the internet. In addition to shaping my knowledge, this scholarly article provides models that act against eavesdropping attacks but is difficult to completely understand as it requires machine learning and more mathematical background. Also, this journal article is a proposal and not a completed tested out model which may not be the best to refer to when trying to build a jamming scheme to jam network eavesdroppers.

3. Chakravarty, S., Portokalidis, G., Polychronakis, M., and Keromytis, A., 2014. “Detection and analysis of eavesdropping in anonymous communication networks.” International Journal of Information Security, 14(3), pp.205-220.

The source is a scholarly article on detecting and analyzing eavesdropping in communication networks. It starts by defining anonymous communication networks and how eavesdropping happens. It goes on by describing many services and protocols relying on non-encrypted communication so that malicious users or parties can easily eavesdrop or collect information and data from other users. This leads to the discussion on detecting these misbehaviors like transmission of decoy traffic that contains easily reusable and sensitive information via all nodes of the network to decoy servers under their control. Then, it describes honeypots which are the detected activities of some eavesdropping incidents, they have added honeypots to the system, and Beacon-bearing decoy documents that contain fake sensitive information so when eavesdroppers open it, it will be triggered. The article then explains their model and implementation, and some eavesdropping incidents. The source is reliable because it uses fifty-six different sources, and is not biased because it presents a model and defines technical terms, so it does not include opinions. It is useful for people that are trying to learn about detecting and analyzing eavesdropping in anonymous communication networks and or people that want to learn more models for detecting network eavesdropping attacks. The targeted audience is people that are interested to learn models that detect and analyze network eavesdroppers or people that are trying to learn about analyzing anonymous communication networks. Moreover, the reading level is simple so that new learners or people that do not know much about network eavesdropping can understand the article. This scholarly article helps people to understand how to detect eavesdroppers that are unknown and anonymous. It dives deeply into the method of detection which is difficult to completely understand but is useful to refer to when addressing ways to detect anonymous eavesdroppers, so it is helpful to refer to when addressing network eavesdropping.

4. Chakravarty, S., (2014). “Traffic Analysis Attacks And Defenses In Low Latency Anonymous Communication” Cs.columbia.edu, pp.1-139.

The source is a scholarly article on assumptions and network eavesdropping attacking models. It starts with identifying the attacks and describing important assumptions and attacker models. Then it explains anonymous network communication systems, attacks and defends against it, and detects eavesdropping by Tor Exit Nodes. It then describes traffic analysis against anonymity networks using remote bandwidth estimation such as threat model and attack approach and evaluations of it. Then, it describes traffic analysis against anonymity networks using flow records, such as network monitoring, and again a model and evaluation of it. It then determines potential adversaries of anonymity networks, specifically eavesdrop detection in anonymity networks. The system model, implementation, results, and future works. This source is reliable because it covers a different model and has over fifty resources listed. Also, this source is unbiased because it describes the model, evaluations, and discusses future ideas about attack models. Moreover, the scholarly article is useful for people that want to compare different models that find network eavesdroppers or for people that want to learn more about it. It targets audiences that are interested in how different eavesdropping detecting models work and their findings and results of it. This article is slightly difficult to read just because of its length and because it covers a few models compared to only focusing on one which might be a little more to handle, especially for beginners. It also requires some background knowledge of how Nodes work and how communication systems work in general. This article helps with understanding network eavesdropping because this article has information on anonymous communications on the internet. In addition to that, the scholarly article is relevant to network eavesdropping because oftentimes, eavesdroppers do not know the user that they are eavesdropping from, and staying anonymous is important for eavesdroppers to stay unknown.

5. Wang, Y., Zheng, N., Xu, M., Qiao, T., Zhang, Q., Yan, F., and Xu, J., 2019. “Hierarchical Identifier: Application to User Privacy Eavesdropping on Mobile Payment App.” Sensors, 19(14), p.1-19.

The source is a scholarly journal article on mobile payment apps and users of those apps’ privacy might be eavesdropped on or collected by attackers, which this article considers a way to monitor these actions and monitor people’s privacy on the app. This article first introduces the problem of security and privacy as an important factor for app users and developers, and topics on identification and privacy have been discussed a lot in recent years. It then explains that a hierarchical identification system is created to classify financial transaction actions in mobile payment apps via encrypted network traffic. It identifies traffic data and extracts features that can characterize user actions on the app. It discusses mobile app identification and user action identification. Later, it characterizes network traffic on the mobile payment app, like a description of user actions and steps, traffic characteristics on the app, overview of the system’s framework, traffic mirroring, traffic segmentation, feature extraction, classifying algorithm design, hierarchical identification, and ends with evaluations on data description. This source is reliable because it uses twenty-nine different sources in it. In addition to being reliable, the source is unbiased because it describes mobile payment apps and eavesdropping which does not mention any arguments on it. This article will be useful for people who are curious about mobile payment apps and how secure they are and how people are trying to create a better system to monitor eavesdropper in those payment apps. The targeted audience is people that have some knowledge of network security and eavesdropping issues because it does not define eavesdropping but goes straight specifically to mobile payment apps issues on network security. This also shows that the article is difficult to comprehend. This journal article helps with researching network eavesdropping because it is unique in terms of studying its effect on mobile payment apps.

6. Abiodun, Esther Omolara, et al, (2020). “Reinforcing the Security of Instant Messaging Systems Using an Enhanced Honey Encryption Scheme: The Case of WhatsApp” Wireless Personal Communications, 112(4), pp. 2533–2556.

This source is a scholarly article on the honey encryption (HE) scheme for reinforcing the security of instant messaging systems, specifically WhatsApp. It starts by introducing instant messaging and why this technology is becoming popular, including speed, applications, and usability. Then, it explains how eavesdropping can happen during the transmission of the messages. After that, it explains several systems implementing secure encryption schemes and explains WhatsApp uses the Advanced Encryption Standard-256 for security. However, the article states that a problem is that messages are transmitted using ASCII, so an eavesdropper can easily decrypt the message. A loophole that was mentioned is that hackers can access group chats and share false news easily, as well as put in bugs when users do video calls, and more. This leads to the discussion on Honey encryption (HE) on conventional cryptosystems, where HE schemes can facilitate secure communication between users. The design, building blocks, and algorithm of the HE scheme are discussed, and experimental results on the proposed HE scheme are reported. Fifty-three sources are referred to and stated at the end of the article, so this scholarly article is reliable. This scholarly article is easy to read because it uses simple wordings and if there are technological words used, it is explained. In addition to that, it is also very relevant to the majority of the population because many of us are using instant messaging systems like Facebook, WhatsApp, or Snapchat. The targeted audience is for people that are interested in learning about the security scheme used for instant messaging systems and how it works. The advantages and disadvantages of the HE scheme are discussed in the article which shows that the source is not biased. This scholarly article is useful for research on network eavesdropping because this source explains how some people eavesdrop through instant messaging systems, and how the HE scheme is used to prevent eavesdroppers to succeed in their actions.

7. Cecconello Stefano, Compagno Alberto, Conti Mauro, Lain Daniele, Tsudik Gene, (2019). “Skype & Type: Keyboard Eavesdropping in Voice-over-IP” ACM Transactions on Privacy and Security, 22(4), pp. 1-34.

This source is a scholarly article on keyboard eavesdropping on Skype and Type. It starts by introducing what voice-over-IP (VOIP) software is. Then it explains Skype & Type (S&T) that is a new keyboard acoustic eavesdropping attack using VOIP. After that, it mentions differences with the preliminary version of the S&T and organization that overviews keyboard eavesdropping. Attacks using sound emanations are stated as well as other emanations like non-acoustic side-channels. It also describes how typing on a keyboard causes electrical components to emit electromagnetic waves that can let eavesdroppers recover original keystrokes. Then, it describes the system model that acts out how the attacker retrieves private information from users through eavesdropping using VOIP software, as well as some images to show the process. It concludes by expressing the high accuracy of eavesdropping through VOIP and S&T, and that it can be easily implemented in different systems. This scholarly article is reliable because it references forty-five sources, and it is not biased because it explains how eavesdropping happens using voice-over-IP and keyboards. Moreover, the scholarly article is useful for people who want a general sense of how eavesdropping works using VOIP, and for people who do not have much background knowledge of models for network eavesdropping. The targeted audience is people who want to learn about network eavesdropping through VOIP or keyboard acoustic attacks, and new learners for network eavesdropping. Also, the reading level is easy because it explains concepts thoroughly and has clear images to show how the eavesdropping process goes as well as sentences to explain. This scholarly article is useful for the research on network eavesdropping because it shows the model that the eavesdroppers use and it is unique. It also shows a side of how eavesdroppers eavesdrop and not how models are built to attack eavesdroppers.

8. Chauhan R, Kaur H, Chang V, (2020). “An Optimized Integrated Framework of Big Data Analytics Managing Security and Privacy in Healthcare Data” Wireless Personal Communications, pp. 1-22.

This source is a scholarly article about managing security and privacy in healthcare data. Big data analytics is brought up in the beginning and explains how it may be concerning maintaining the privacy and security of healthcare patient’s data. It mentions that big data analytics can be efficient and effective, as well as secure and private. Eavesdropping of patient’s health records happens when attackers illegally attack the communication network, and cryptographic protocols are suggested. Then, the article discusses the framework for privacy in big data analytics, including data capture, data pre-processing, medical data and privacy-preserving data mining, predictive data analytics, and the results of the framework. The source is reliable as it references forty-two resources, and is unbiased because it discusses the framework of a model in providing security and privacy for storing personal data, and does not include any opinions in it.  This scholarly article is easy to comprehend because it uses simple wordings and there are no technical words used. It also describes their method very detailedly with organized sections and a diagram that shows the flow. Moreover, healthcare is something everyone is involved in, and possibly every person’s health care information is stored in a database so it is relevant to everyone and makes the reading more engaging. It also shows that it is useful reading for people that want to know more about how their personal medical information can be potentially stored and protected. The targeted audience is people who want to learn about potential ways of storing a large amount of data with a high-security level or people who want to learn about how healthcare data is stored. This scholarly article helps research network eavesdropping because it explains how big data analytics can provide a secure way of storing a large amount of personal data and preventing eavesdropper from collecting data illegally.

9. Li D, Zhou H, Yang W, (2019). “Privacy-Preserving Consensus over a Distributed Network against Eavesdropping Attacks” Electronics 8(966), pp. 1-25.

This source is a scholarly article on privacy-preserving consensus based on the increasing risk of data leaks on the network. A consensus protocol with privacy-preserving function is introduced in the beginning, and its privacy-preserving effects are measured and analyzed. This article focuses on networks of embedded devices like sensor networks and social networks that require independent consensus decision-making and is especially vulnerable to eavesdropping attacks. Then, a criterion is proposed to measure the degree of network privacy leaks when an eavesdropper attempts to attack the network. In addition to that, networks with ring topology and small-world topology are considered so that an eavesdropping strategy that can maximize the probability of privacy leaks. Then, it ends with verifying the derived results by numerical examples. This scholarly article is reliable because it refers to thirty-eight different resources. It also is unbiased because it explains a protocol and privacy preservation in typical networks. However, the reading level is very difficult and is hard to comprehend. This is because this scholarly article includes many mathematical expressions and graphs that require a heavy math background that many people may not have. It also had proofs of math theorems that are hard to understand and does not include enough explanation to understand as a beginner. People that have a deeper understanding of network eavesdropping and the actual mathematical part of it would learn more in this article and think that it is relevant to their learning. Hence, the targeted audience is people that have a mathematical and computer science background that wants to learn more about the proofs and the mathematical side of how privacy-preserving functions and protocols can help secure and prevent network eavesdropping. This scholarly article does not help with researching network eavesdropping because it is too difficult to understand and does not include enough information that explains the mathematical proofs.

10. Potnuru, Mani. (2011). “Limits of Federal Wiretap Act's Ability to Protect Against Wi-Fi Sniffing” SSRN Electronic Journal, 111, pp 1-29.

This source is a scholarly journal article about the Federal Wiretap Act that is stated to be protected against Wi-Fi sniffing and examines the Act on its ability and effectiveness. It starts with introducing the Wi-Fi technology landscape with Google and explaining that Google used “packet sniffing” to eavesdrop on users by intercepting and decoding network communications.  It then mentions how “hotspots” in public places allow hackers to packet sniff easily. Then, it shows how intercepting network communications violates the Federal Wiretap Act using different parts of the Act, which leads to the discussion of the Act may only protect private Wi-Fi communications and may not apply to unsecured Wi-Fi communications. After that, it discusses applying it to the real world, facing configuration issues, and what a Wi-Fi user expects. The journal article ends with the need for amending the Wiretap Act. This source is reliable because it refers to over a hundred resources, and is slightly biased towards eavesdropping or packet sniffing is negative since it discusses a law that protects people’s privacy on the internet. It is easy to comprehend as it explains the act thoroughly, as well as the advantages and disadvantages of the law. The journal article also uses simple words to explain the Act, and when there are difficult concepts, there will be an explanation to it. The targeted audience is people that want to know about a law that attempts to protect people’s privacy while using Wi-Fi, or people that are interested to learn about how eavesdroppers use a loophole in the law to illegally retrieve Wi-Fi user’s information. This scholarly journal article helps with research on network eavesdropping because it provides information on how the law is protecting Wi-Fi user’s privacy and provides insight on amends to the law that can increase the effectiveness of it.