International Journal of Electronic Security and Digital Forensics (8 papers in press)
- A new identity based ring signcryption scheme
by Lunzhi Deng
Abstract: This paper presents a new identity-based ring signcryption scheme. With
this technique, anyone can choose n − 1 entities to generate a verifiable ring
signcryption on behalf of the group of n members, yet the actual signcrypter
remain anonymous. The scheme is proven to be indistinguishable against
adaptive chosen ciphertext attacks, existentially unforgeable against adaptive
chosen message and identity attacks, and unconditional signcrypter ambiguity
under the random oracle model.
Keywords: Identity-based cryptography, Ring signcryption, Random oracle model, Security
- A method for forensic artifact collection, analysis and incident response in environments running Session Initiation Protocol (SIP) and Session Description Protocol (SDP)
by Ioannis Psaroudakis, Vasilios Katos, Panagiotis Saragiotis, Lilian Mitrou
Abstract: In this paper we perform an analysis of SIP, a popular Voice over IP (VoIP) protocol and propose a framework for capturing andrnanalyzing volatile VoIP data in order to determine forensic readiness requirements for effectively identifying an attacker. The analysis wasrnperformed on real attack data and the findings were encouraging. It seems that if appropriate forensic readiness processes and controls arernin place, a wealth of evidence can be obtained. The type of the end user equipment of the internal users, the private IP, the software that isrnused can help build a reliable baseline information database. On the other hand the private IP addresses of the potential attacker even duringrnthe presence of NAT services, as well as and the attack tools employed by the malicious parties are logged for further analysis.
Keywords: Network forensics, SIP, VoIP Forensics, Intrusion Detection Systems (IDS)
- Symmetric Key Management for Mobile Ad hoc Networks using Novel Secure and Authenticated Key Distribution Protocol
by Anand Jegatheesan
Abstract: The wireless nature of communication and lack of security infrastructure raises several security problems in MANET. So, security routing is essential for Mobile Ad hoc Networks. A number of routing methods have been proposed for security routing. The key idea in our algorithm is to explore key authentication at the time of key sharing. Authentication is performed for key distribution and communication. This paves an integrity and authenticity. Collisions of source and destination nodes are reduced and Internal and external attacks are overcome using less cryptographic techniques with less computation steps. Confidentiality is achieved by encrypting the keys. A novel symmetric key sharing method is proposed which emphasizes the efficient and secure key sharing and key updates. In our Scheme, Digital Signature and Symmetric key combine together and protects the efficiency aspects. Through extensive simulation analysis it is inferred that our algorithm provides an efficient approach towards security and in the mobile ad hoc network.
Keywords: MANET; Symmetric key; Authentication; Secured Hash.
- Hybrid Technique for Robust and Imperceptible Dual Watermarking using Error Correcting Codes for Application in Telemedicine
by Amit Singh
Abstract: In this paper, the effects of different error correction codes on the robustness and the image quality are investigated. Three different error correcting codes such as Hamming, the BCH (Bose, Ray-Chaudhuri, Hocquenghem) and the Reed-Solomon code are considered to encode the watermark. The embedding watermarks method based on the two most popular transform techniques which are discrete wavelet transforms (DWT) and singular value decomposition (SVD). The proposed algorithm is robust against number of signal processing attacks without significant degradation of the image quality. The experimental results demonstrate that this algorithm combines the advantages and remove the disadvantages of these two transform. Out of three error correcting codes tested, it has been found that Reed-Solomon shows the best performance. A detailed analysis of the results of implementation is given.
Keywords: image watermarking, steganography, discrete wavelet transforms, singular value decomposition, error correcting codes.
- Vietnamese Privacy Concerns & Security in Using Online Social Networks
by Mathews Nkhoma
Abstract: According to a report by Vietnam Network Information Center (VNNIC) on Vietnam Internet resources in 2012, the number of Internet users in Vietnam had increased by 15 times compared to 2000. As a result of increased Internet usage, 35.49% of the Vietnamese population had a 53% chance of encountering online threats without even knowing it. The purpose of this research is to investigate the relationship and influence of security and privacy issues on Internet users trust, and their intention to participate in a safe online community in order to provide preliminary insights for building a safer Online Social Network (OSN) landscape in Vietnam by examining the relationships among online privacy concerns, security, trust, and intention. Using Structural Equation Modeling, the findings show that privacy correlates with security but these two variables do not have a significant impact on users trust. Moreover, only trust and security affect users intention to use OSN.
Keywords: Online social network, privacy concerns, security, trust, intention
- A Secure and Timestamp based Communication Scheme for Cloud Environment
by Abu Salim, Sachin Tripathi, Rajesh Kumar Tiwari
Abstract: Cloud computing provides the capability to use computing and storage resources on a rented basis and reduce the investments in an organizations computing infrastructure. With all its benefits, cloud computing also brings with it concerns about the security and privacy of information extant on the cloud as a result of its size, structure, and geographical dispersion. Secure communication in Cloud Environment is necessary to access remote resources in a controlled and efficient way. For validation and authentication digital signatures using public key cryptography is extensively used in cloud computing. Further to keep confidentiality, Digital Envelope which is the combination of the encrypted message and signature with the encrypted symmetric key is also used. In this paper we propose a Timestamp based authentication scheme for cloud client with a modified Digital Envelope. As hyperelliptic curve cryptosystem (HECC) is known for its small key size and high security, we have taken HECC encryption technique. We have also presented a security analysis to show that our scheme can resist various attacks related to Cloud Environment.
Keywords: Cloud Computing, HECC, Digital Envelope, Digital Signature, Public Key, Private Key
- Efficient Scalar Product Protocol and Its Privacy-Preserving Application
by Youwen Zhu, Tsuyoshi Takagi
Abstract: Scalar product protocol aims at securely computing the dot productrnof two private vectors. As a basic tool, the protocol has been widely used inrnprivacy preserving distributed collaborative computations. In this paper, at thernexpense of disclosing partial sum of some private data, we propose a linearlyrnefficient Even-Dimension Scalar Product Protocol(EDSPP) without employingrnexpensive homomorphic crypto-system and any third party. The correctness andrnsecurity of EDSPP are confirmed by theoretical analysis. In comparison withrnsix most frequently-used schemes of scalar product protocol, the new scheme is the most efficient one, and it has good fairness.rnSimulated experiment results intuitively indicate the good performance of ourrnscheme. Consequently, in the situations where divulging very limited informationrnabout private data is acceptable, EDSPP is an extremely competitive candidaternsecure primitive to achieve practical schemes of privacy preserving distributedrncooperative computations.We also discuss the application of EDSPP, and presentrna secure distance comparison protocol based on EDSPP, which can be usedrnin many privacy-preserving computations, such as privacy-preserving k-nearestrnneighbors computation. Additionally, a hybrid scheme is put forward to securelyrncompute the scalar product of arbitrary-length private vectors.
Keywords: privacy preserving; distributed computation; scalar product protocol;rnapplication
- STEGANOGRAPHIC DETECTION IN IMAGE USING THE REDUCTION OF SUPPORT VECTORS
by Imen Bouguerne, Yamina Tlili
Abstract: Steganography is the technique for hiding secret information in other data such as still, multimedia images, text, audio. The Steganalysis is the reverse technique in which detection of the secret is done in the stego image. The contourlet transform is a new two dimensional extension of the wavelet transform using multi-scale and directional filter banks.
In This paper, we propose a new universal steganalysis method for JPEG images based upon hybrid transform features (cosinus discret and contourlet transform). Then the detection is usually cast as classification problem, we used kernel-based methods for the reducting of the computational cost of classification, by using linear algebra of a kernel Gram matrix of the support vectors (SVs) low computational cost. The pruning is based on the evaluation of the performance of the classifier which is formed by the reduced SVs in SVM. The feasibility of the evaluation criterion and the effectiveness of the proposed method are demonstrated.
Keywords: Steganography; DCT; Contourlet Transform; SVM;Steganalysis.