International Journal of Information and Computer Security http://www.inderscience.com/browse/index.php?journalID=151&year=2011&vol=4&issue=4 Inderscience Publishers Ltd en-uk International Journal of Information and Computer Security 1744-1765 1744-1773 © 2011 Inderscience Publishers Ltd editor@inderscience.com https://www.inderscience.com/images/files/coverImgs/ijics_scoverijics.jpg http://www.inderscience.com/browse/index.php?journalID=151&year=2011&vol=4&issue=4 http://www.inderscience.com/link.php?id=44821 In this paper, we discuss a novel statistical learning algorithm that predicts normal flows of process data in a distributed control system, i.e., process data evolutions that characterise the normal behaviour of a cyber-physical system such as a power plant. The algorithm's prediction capability allows for determining whether the payload of a network packet that is about to be processed by a computer device in a distributed control system is normal or malicious. This classification is based on whether or not the process data evolution that a network packet under inspection has potential to cause is predicted as normal by the algorithm. In this paper, we also discuss a probabilistic validation of the algorithm. We construct stochastic activity networks with activity-marking oriented reward structures that model pertinent aspects of the normal operation of a cyber-physical system as a whole as perceived by the algorithm. The solution of these models via a tool such as Mbius indicates whether the algorithm's perception of normalcy is correct. We have implemented the algorithm in the MATLAB programming language, and thus in the paper we also discuss practical testing and evaluation of the effectiveness of the algorithm in a testbed that resembles a power plant. Anomaly detection via statistical learning in industrial communication networks
Julian L. Rrushi
International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 295 - 315
In this paper, we discuss a novel statistical learning algorithm that predicts normal flows of process data in a distributed control system, i.e., process data evolutions that characterise the normal behaviour of a cyber-physical system such as a power plant. The algorithm's prediction capability allows for determining whether the payload of a network packet that is about to be processed by a computer device in a distributed control system is normal or malicious. This classification is based on whether or not the process data evolution that a network packet under inspection has potential to cause is predicted as normal by the algorithm. In this paper, we also discuss a probabilistic validation of the algorithm. We construct stochastic activity networks with activity-marking oriented reward structures that model pertinent aspects of the normal operation of a cyber-physical system as a whole as perceived by the algorithm. The solution of these models via a tool such as Mbius indicates whether the algorithm's perception of normalcy is correct. We have implemented the algorithm in the MATLAB programming language, and thus in the paper we also discuss practical testing and evaluation of the effectiveness of the algorithm in a testbed that resembles a power plant.

]]> 10.1504/IJICS.2011.044821 International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 295 - 315 Julian L. Rrushi Faculty of Computer Science, University of New Brunswick, 550 Windsor St., Fredericton, New Brunswick E3B 5A3, Canada distributed control systems DCS anomaly intrusion detection applied statistics stochastic activity networks SANs anomaly detection power plants reward structures cyber-physical systems industrial communication networks. 2012-01-09T23:20:50-05:00 4 4 295 315 2012-01-09T23:20:50-05:00 http://www.inderscience.com/link.php?id=44822 Encryption can provide multimedia data with the desired security during transmission. However, once a piece of multimedia content is decrypted, the dishonest customer can redistribute it arbitrarily. Digital fingerprinting is an emerging technology for copyright protection of multimedia data, where unique identification information called fingerprint is embedded into each distributed copy. Once an unauthorised content copy is found somewhere, the embedded fingerprint can uniquely identify the source of the leakage. There are three main problems with digital fingerprinting systems, which are collusion attack, the distribution of the marked copies and the fairness of both the merchant and the customer. In this paper, we summarise the current state-of-the-art of the solutions to the main problems of digital fingerprinting. Digital fingerprinting: problems and solutions
Defa Hu; Juanjuan Luo
International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 316 - 331
Encryption can provide multimedia data with the desired security during transmission. However, once a piece of multimedia content is decrypted, the dishonest customer can redistribute it arbitrarily. Digital fingerprinting is an emerging technology for copyright protection of multimedia data, where unique identification information called fingerprint is embedded into each distributed copy. Once an unauthorised content copy is found somewhere, the embedded fingerprint can uniquely identify the source of the leakage. There are three main problems with digital fingerprinting systems, which are collusion attack, the distribution of the marked copies and the fairness of both the merchant and the customer. In this paper, we summarise the current state-of-the-art of the solutions to the main problems of digital fingerprinting.

]]> 10.1504/IJICS.2011.044822 International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 316 - 331 Defa Hu; Juanjuan Luo School of Information, Hunan University of Commerce, Changsha 410205, Hunan, China. ' Department of Economic Trade Management, Hunan Railway Professional Technology College, Zhuzhou 412001, Hunan, China digital fingerprinting digital copyright protection secure multimedia distribution collusion resistance information hiding encryption embedded fingerprints collusion attacks fairness data security. 2012-01-09T23:20:50-05:00 4 4 316 331 2012-01-09T23:20:50-05:00 http://www.inderscience.com/link.php?id=44823 To protect digital data, provide secure communication and ensure privacy, many encryption algorithms have been proposed recently. Many of the proposed image encryption methods are based on shuffling the image pixels to make the relation between the encrypted and original images unclear. The shuffling-based methods with small key space, usually, lack the security, since knowing the encryption algorithm will help the hacker recover the original image. In this paper, a new image encryption algorithm with large key space is proposed which uses least square approximation techniques in the decrypting stage. The encrypted image is obtained through multiplying the original image by randomly generated vectors. At the receiver, least square approximation techniques are applied on the encrypted image and the randomly generated vectors to recover the original image. The method has been tested on a large number of images and the simulations show the effectiveness and the enhancement in security of the proposed algorithm. Image encryption method based on using least square error techniques at the decryption stage
Mahmood Al-khassaweneh
International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 332 - 344
To protect digital data, provide secure communication and ensure privacy, many encryption algorithms have been proposed recently. Many of the proposed image encryption methods are based on shuffling the image pixels to make the relation between the encrypted and original images unclear. The shuffling-based methods with small key space, usually, lack the security, since knowing the encryption algorithm will help the hacker recover the original image. In this paper, a new image encryption algorithm with large key space is proposed which uses least square approximation techniques in the decrypting stage. The encrypted image is obtained through multiplying the original image by randomly generated vectors. At the receiver, least square approximation techniques are applied on the encrypted image and the randomly generated vectors to recover the original image. The method has been tested on a large number of images and the simulations show the effectiveness and the enhancement in security of the proposed algorithm.

]]> 10.1504/IJICS.2011.044823 International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 332 - 344 Mahmood Al-khassaweneh Hijjawi Faculty for Engineering Technology, Department of Computer Engineering, Yarmouk University, Irbid 21163, Jordan image encryption information security least squares approximation decryption privacy protection simulation cryptography. 2012-01-09T23:20:50-05:00 4 4 332 344 2012-01-09T23:20:50-05:00 http://www.inderscience.com/link.php?id=44824 Password authentication systems, which are used as first level of defence, are not efficient enough to withstand the dynamic techniques of attackers. In this work, an authentication scheme using first trial protocol (FTR protocol) was developed to prevent dictionary and brute force attacks. FTR protocol uses a rule-based reasoning and splits the process of authentication into two layers; first and second layer protocols. The first layer undertakes the validation of the login password against set of recorded invalid passwords in the first layer repository. The second layer is the second line of authentication in another host different from that of first layer containing the protocol and its penalties. 11,000,000 human authentication request data were used to conduct an evaluation experiment. Zero vulnerability was found in the protocol and an efficient value of 97.89% was established as a confidence measure. This shows that the protocol is secured against online password guessing attacks. A countermeasure algorithm for password guessing attacks
Adesina S. Sodiya; A.A. Afolorunso; Omoniyi P. Ogunderu
International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 345 - 364
Password authentication systems, which are used as first level of defence, are not efficient enough to withstand the dynamic techniques of attackers. In this work, an authentication scheme using first trial protocol (FTR protocol) was developed to prevent dictionary and brute force attacks. FTR protocol uses a rule-based reasoning and splits the process of authentication into two layers; first and second layer protocols. The first layer undertakes the validation of the login password against set of recorded invalid passwords in the first layer repository. The second layer is the second line of authentication in another host different from that of first layer containing the protocol and its penalties. 11,000,000 human authentication request data were used to conduct an evaluation experiment. Zero vulnerability was found in the protocol and an efficient value of 97.89% was established as a confidence measure. This shows that the protocol is secured against online password guessing attacks.

]]> 10.1504/IJICS.2011.044824 International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 345 - 364 Adesina S. Sodiya; A.A. Afolorunso; Omoniyi P. Ogunderu Department of Computer Science, University of Agriculture, P.M.B. 2240, Abeokuta, Ogun State, Nigeria. ' School of Science and Technology, National Open University of Nigeria, 14 – 16, Ahmadu Bello Way, Victoria Island, Lagos, Nigeria. ' Department of Computer Science, University of Agriculture, P.M.B. 2240, Abeokuta, Ogun State, Nigeria computer security password authentication online passwords password guessing attacks dictionary attack brute force attacks first trial protocol FTR protocol. 2012-01-09T23:20:50-05:00 4 4 345 364 2012-01-09T23:20:50-05:00 http://www.inderscience.com/link.php?id=44825 Task delegation presents one of the business process security leitmotifs. It defines a mechanism that bridges the gap between workflow and access control systems. Delegation completion and authorisation enforcement are specified under specific constraints so-called events. In this article, we aim to reason about delegation events to model task delegation and to specify delegation policies using a logical framework. To that end, we propose an event-based task delegation model to control the delegation execution. We then identify relevant events responsible for the dynamic enforcement of delegation policies. Further, we define a task-oriented access control model to specify delegation constraints into authorisation policies. Finally, we propose a technique to automate the delegation policies integration. Using event calculus, we develop a reasoning tool to control the delegation execution and to increase the compliance of all delegation changes in the existing policy of the workflow. A logical framework for reasoning about delegation policies in workflow management systems
Khaled Gaaloul; H.A. Proper; Ehtesham Zahoor; François Charoy; Claude Godart
International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 365 - 388
Task delegation presents one of the business process security leitmotifs. It defines a mechanism that bridges the gap between workflow and access control systems. Delegation completion and authorisation enforcement are specified under specific constraints so-called events. In this article, we aim to reason about delegation events to model task delegation and to specify delegation policies using a logical framework. To that end, we propose an event-based task delegation model to control the delegation execution. We then identify relevant events responsible for the dynamic enforcement of delegation policies. Further, we define a task-oriented access control model to specify delegation constraints into authorisation policies. Finally, we propose a technique to automate the delegation policies integration. Using event calculus, we develop a reasoning tool to control the delegation execution and to increase the compliance of all delegation changes in the existing policy of the workflow.

]]> 10.1504/IJICS.2011.044825 International Journal of Information and Computer Security, Vol. 4, No. 4 (2011) pp. 365 - 388 Khaled Gaaloul; H.A. Proper; Ehtesham Zahoor; François Charoy; Claude Godart CRP Henri Tudor, L-1855 Luxembourg-Kirchberg, Luxembourg. ' CRP Henri Tudor, L-1855 Luxembourg-Kirchberg, Luxembourg. ' LORIA, Nancy University, UMR 7503, BP 239, F-54506 Vandoeuvre-lès-Nancy Cedex, France. ' LORIA, Nancy University, UMR 7503, BP 239, F-54506 Vandoeuvre-lès-Nancy Cedex, France. ' LORIA, Nancy University, UMR 7503, BP 239, F-54506 Vandoeuvre-lès-Nancy Cedex, France workflow management task delegation access control authorisation policy event calculus business process security reasoning tools. 2012-01-09T23:20:50-05:00 4 4 365 388 2012-01-09T23:20:50-05:00