International Journal of Electronic Security and Digital Forensics (18 papers in press)
Security awareness and the use of location based services, technologies and games
by Jacques Barnard, Magda Huisman, Gunther Drevin
Abstract: Rapid expansion and development in the modern mobile technology market has created an opportunity for the use of location-based technologies and games. Because of this fast expanding market and new technology, it is important to be aware of the implications this expansive technology could have on computer security. This paper will endeavour to measure the impact of location-based technologies and games on the security awareness of first- to fourth-year computer science university students. A questionnaire, posted on the web, and completed by computer science students from different year groups, was used to collect the data for this study. The major results of this study are the following: There is a difference in the security awareness of students who use and play location-based services, technologies and games and those who do not. This study also determined that the computer science students are cautious of security implications although they do not take preventative measures.
Keywords: Technology use; mobile location-based games; mobile location-based service; security awareness;.
An Investigation into the Forensic Implications of the Windows 10 Operating System: Recoverable Artefacts and Significant Changes from Windows 8.1
by Diana Hintea, Robert Bird, Michael Green
Abstract: With the release of Microsofts latest operating system, Windows 10, forensic investigators must examine it in order to determine the changes implemented from Windows 8.1 and the addition of new artefacts. This study is an analysis of Windows 10 and its new features in order to distinguish these artefacts. The tools used include: VMware Fusion, FTK Imager, Process Monitor, Process Explorer, ESEDatabase View and Registry Explorer. The paper also determines if artefacts have changed in Windows 10 in comparison to the previous version of Windows, Windows 8.1. When comparing the two it was found that many of the pre-existing artefacts found within Windows 8.1 are still present in Windows 10. Slight differences are noted in the way Prefetch files are compressed and also the Thumbnail databases. Significant artefacts related to the new features in Windows 10 are also reported.
Keywords: Windows 10; Forensic Analysis; Digital Forensic Acquisition.
An Evidence Collection and Analysis of Windows Registry
by DINESH PATIL, Bandu Meshram
Abstract: The cyber crimes are committed internally or externally. The malwares and the remote access are the means of committing the cyber crimes externally, whereas the trusted insider in an organization causes industrial espionage internally. On the Windows System, the Registry is a source of evidence against the cyber criminal as it maintains the details of the activity on the system. The digital forensic investigation of the Windows Registry helps in collecting forensic information relevant to the case. The Registry maintains a very large amount of system and user related information. In order to gather the potential evidence about the malicious activities of the user, the forensic investigator is needed to search the entire Registry; resulting in the wastage of the time and the effort. This raises the need for an evidence collection and analysis methodology to identify, extract and analyze the evidence specifically related to the user activities on the system. After considering the existing research, this paper suggests a framework with the improved evidence collection and analysis methodology to aid in the process of Digital Forensic Investigation of Registry for identifying the potential malicious insider.
Keywords: Registry; Registry Key; Hives; Integrated Analysis; Timeline.
Embedding Digital Watermark in One-Dimensional Signals Using Wavelet & Schur Decomposition
by Arashdeep Kaur, Malay Kishore Dutta, K.M. Soni, Nidhi Taneja
Abstract: An efficient, robust and secure audio watermarking algorithm which can hide large number of watermarking bits without perceptually affecting the quality of the audio signal is presented in this paper. The proposed algorithm has been de-signed using Schur decomposition of wavelet coefficients to achieve the optimal balance between conflicting design parameters of audio watermarking. Schur de-composition makes the proposed method significantly robust against challenging signal processing attacks and discrete wavelet transform gives a good opportunity for accommodating very high watermarking payload without affecting the percep-tual quality. The choice of these two domains complement each other in address-ing the contradictory design requirements of watermarking. Experimental results indicate that this algorithm is highly perceptually transparent and have excellent subjective audible quality at 480 bps embedding capacity. This algorithm has shown very good robustness to the challenging synchronization attacks like com-pression and various signal processing attacks at very high payload without af-fecting the audible quality of the signal. The computation time of the proposed al-gorithm is also found to be very less making it suitable for real time applications.
Keywords: Audio Watermarking; Wavelet decomposition; Digital Watermark; High embedding rate; Schur decomposition.
Encryption Scheme Classification : A Deep Learning Approach
by Jonathan Pan
Abstract: Encryption has an important role in protecting cyber assets. However use of weak encryption algorithms could render this intent useless as it could be exploited to gain unauthorized access to these important assets. This vulnerability may be exploited intentionally. Hence this vulnerability has been formally recognized with its own Common Vulnerabilities and Exposures (CVE) label by cyber security community as the vulnerability to protect. When exploited, detecting this vulnerability from encrypted data is very difficult task to undertake. This research explores the use of recent advancement in machine learning algorithms specifically deep learning algorithms to classify encryption schemes based on entropy measurements of encrypted data with no feature engineering. Past research work using various machine learning algorithms have failed to achieve good accuracy results in classification. The research entails applying encryption algorithms Data Encryption Standard (DES) and Advanced Encryption Standard (AES) with block cipher modes namely Electronic Codebook (ECB) and Cipher Block Chaining (CBC) over the image dataset from CIFAR10. Two ImageNet winning Convolutional Neural Network deep learning models namely AlexNet and GoogleNet are used to perform the classification. Transfer learning and layer modification were applied to evaluate the classification effectiveness. This research concludes that deep learning algorithms can be used to perform such classification where other algorithms have failed.
Keywords: Encryption Classification; Deep Learning; Artificial Intelligence.
Comments on "An improved authentication scheme for mobile satellite communication systems"
by Lili Yan, Yan Chang, Shibin Zhang
Abstract: Recently, Lee et al. proposed an authentication scheme for satellite communication systems. Then Zhang et al. found that their scheme is vulnerable to the smart card loss attack, the denial of service attack and the replay attack. In addition, they proposed an improved authentication scheme for satellite communication systems, and claimed resistance against these attacks. Nevertheless, in this paper, we show that the Zhang et al.'s scheme is as insecure as the original protocol against the denial of service attack. Then an improved version is proposed to avoid this security flaw. Finally, the security, reliability and performance analysis of the improved protocol are given. It demonstrates that the improved version meets the security requirements and has lower computation costs, which is more suitable for mobile satellite communication systems.
Keywords: satellite communication systems； authentication； security； smart card.
Efficient Multi-receiver Identity-based Signcryption from Lattice Assumption
by Xiaojun Zhang, Chunxiang Xu
Abstract: Signcryption is a public-key cryptographic primitive which combines the functions of public-key encryption and digital signature into a single logical step at low computational and communication costs. While multi-receiver signcryption is suited for a situation where a sender wants to send a signcrypted message to multiple receivers in a confidential and authenticated way. Due to this attractive property, recently, multi-receiver signcryption plays an important role in some practical applications such as virtual conference as well as authenticated mail transferring. In this paper, we present an efficient multi-receiver identity-based signcryption (MIBSC) scheme from lattice assumption which is believed to resist quantum computer attacks. The proposed scheme is provably secure in the random oracle model, which has the indistinguishability against chosen ciphertext attacks under the hardness of learning with errors (LWE), and existentially unforgeability against chosen message attacks under the small integer solution assumption (SIS). Moreover, we also compare our MIBSC scheme with existing schemes from performance efficiency and security, the result shows that our proposed scheme is more efficient and more secure. In particular, our scheme can be properly applied in the post-quantum communication environments.
Keywords: multi-receiver signcryption; lattice assumption; post-quantum cryptography; learning with errors (LWE); small integer solution assumption (SIS).
A Novel Chaotic Hash based Attribute-Based Encryption and Decryption on Cloud Computing
by Lakshmi Naga Divya Tamma, Shaik Shakeel Ahamad
Abstract: Cloud computing has evolved as widely accepted and used paradigm for service providers as well as customers on internet. Customers provide their sensitive information on cloud, thus it has become an important concern of the cloud service providers. As users share their sensitive information on cloud, it has become the major concern of the cloud service providers to make their environment more secure and trustworthy. For adding extended security, the sensitive data are needed to be encrypted prior to its upload on cloud. Numbers of cryptographic algorithms are proposed by various researchers for this purpose. The main objective of Attribute-Based Encryption(ABE) model is to achieve security and access control. Here users attributes used as the main factor in both secret key as well as in cipher text. If the attributes of secret key and cipher text are same as a threshold d, decryption is possible. ABE is also collision resistant. The main problem of these models is users public keys are needed for the process of encryption by data owner. This drawback forbids the implementation of this model in real environment due to involvement of monotonic attributes. To resolve the issue of this conventional attribute-based model, a novel modified and extended Hash based ABE model was implemented on the cloud storage data. Experimental results proved that the proposed model has high computational accuracy compared to traditional ABE models in terms of time and data size are concerned.
Keywords: ABE; Cloud security; Hash Algorithm,CPABE,KPABE.
Effective Methods to Detect Metamorphic Malware: A Systematic Review
by Mustafa Irshad, Haider Al-Khateeb, Ali Mansour
Abstract: The succeeding code for metamorphic Malware is routinely rewritten to remain stealthy and undetected within infected environments. This characteristic is maintained by means of encryption and decryption methods, obfuscation through garbage code insertion, code transformation and registry modification which makes detection very challenging. The main objective of this study is to contribute an evidence-based narrative demonstrating the effectiveness of recent proposals. Sixteen primary studies were included in this analysis based on a pre-defined protocol. The majority of the reviewed detection methods used Opcode, Control Flow Graph (CFG) and API Call Graph. Key challenges facing the detection of metamorphic malware include code obfuscation, lack of dynamic capabilities to analyse code and application difficulty. Methods were further analysed on the basis of their approach, limitation, empirical evidence and key parameters such as dataset, Detection Rate (DR) and False Positive Rate (FPR).
Keywords: Metaphoric malware; Malware Detection; Review; Opcode; Control Flow Graph; API Call Graph.
A novel smooth texture based visual cryptography approach for secure communication
by Ram Barik, Sitanshu Sahu, Suvamoy Changder
Abstract: This paper proposes a novel encoding technique to encrypt information as visual object embedded in an image. The textures of the objects are made up of lines to form a geometrical shape. The images of the textures are combined to produce an overt cipher host image which appears as a grid structured image. The cipher host image holds the covert informations which are embedded inside those sub-image or grids as an object in a chaotic pattern. The textures of objects for encoding the information is generated then reshuffled and arranged to barred it from eavesdropping. For decryption visual character recognition is being applied using artificial neural network. The reliability of the proposed approach has been illustrated with some empirical examples. The overall cryptography process in a digital image makes it a simple and effective methodology for the secure communication.
Keywords: Grid Structured; Cryptography; Texture; Visual Cryptography; Multilayer Perceptron; Shuffling pattern; RSA; DES (Data encryption Standard); AES (Advanced Encryption Standard.
An information system risk assessment model: A case study in on-line banking system
by Sajjad Sokouhyar, Azadeh Karimisefat, Maryam Nezafatbakhsh
Abstract: Today, almost all bank affairs are automatic and all transactions, processing and money transfers are performed by applying information systems technologies. Moreover, to codify the strategies and making management decisions more effectively, banks, rely on electronic information systems. The remarkable point is the security and the security risk management of information systems which the traditional point of view would not overcome its future challenge. This paper, identified the relevant elements to the security risks of informational electronic banking systems based on previous research studies. The final weight of all elements was then determined by fuzzy analytic hierarchy process and Chung weighing method. After that, the final weights of all elements in three case studies from banking section have been calculated. Ultimately, elements securities of those banks were clarified by using Jaeger Fuzzy Classification. The results indicated that the vulnerability element has the most weight.
Keywords: Risk management; Information security; informative systems; Fuzzy logic.
Implementation of RFID Mutual Authentication Protocol
by Sivasankaran Kumaravel, Ashik JOJI
Abstract: RFID (Radio Frequency Identification): The most flexible auto identification technology has a dereliction in its security. Over the years researchers have worked on the security issue of the long established commonly used Passive UHF RFID tags and have come up with some authentication protocols scorning its hardware implementation. Here a lightweight mutual authentication protocol is implemented in ASIC based on the EPC Class 1 Generation 2 framework released by EPC global, which is the widely used industrial standard for passive UHF RFID communication. We have proposed to incorporate ROM to store message signal, which shows significant reduction in area and power as compared to existing digital baseband architecture.
Keywords: EPC; security; RFID; LFSR; lightweight; authentication; VLSI; pierndecoder; fm0 encoder.
Information Hiding: Arabic Text Steganography by Using Unicode Characters to Hide Secret Data
by Allah Ditta, Cai Yongquan
Abstract: In the recent years, information security has become a very important topic for researchers as well as military and government officials. For secure communication, it is necessary to develop novel ways to hide information. For this purpose, Steganography is commonly used to send secret information to its destination using different techniques. In this article, our main focus is on text-based Steganography. Hidden information in text files is difficult to discover as text data has low redundancy in comparison to other mediums of Steganography. Hence, we use Arabic text to hide secret information using a combination of Unicode characters Zero-Width-Character and Zero-Width-Joiner in our proposed algorithm. The experimental results show hidden data capacity per word is significantly increased in comparison to the recently proposed algorithms. The major advantage of our proposed algorithm over previous research is the high visual similarity in both cover and stego-text that can reduce the attention of intruders.
Keywords: Information Hiding; Text Steganography; Arabic Text; Secret Information; Zero-Width-Character (ZWC); Zero-Width-Joiner (ZWJ); Information Security.
Exploring robust and blind watermarking approach of color images in DWT-DCT-SVD domain for copyright protection
by Xiaobing Kang
Abstract: This paper presented a new robust and invisible blind watermarking approach of color images using discrete cosine transform (DCT) and singular value decomposition (SVD) in discrete wavelet transform (DWT) domain for copyright protection. In this method, firstly each DCT coefficient block of the low-low(LL) sub-band from the luminance component (Y) of the original cover image processed by DWT and DCT in sequence is scanned in zigzag order. Then 16 low-middle frequency DCT coefficients are extracted to produce a feature matrix. Next SVD transform is utilized to decompose the feature matrix. And finally the watermark bit sequence are embedded by modifying the size distribution of the obtained singular values from SVD transform. The results of experiments illustrate that the proposed approach outperforms some existing popular watermarking methods in robustness to resist Gaussian noise, salt and pepper noise, median filter, cropping, and so on, especially in case of lossy JPEG compression in addition to good imperceptibility.
Keywords: robust and blind watermarking; discrete wavelet transform; singular value decomposition; discrete cosine transform; Arnold transform.
Novel image watermarking method based on FRWT and SVD
by Zhihai Zhuo
Abstract: The fractional wavelet transform (FRWT) is a generation of WT associated with the convolution theorem in fractional Fourier transform (FRFT) domain . The FRWT not only inherits the advantages of multi-resolution analysis of the wavelet transform (WT), but also has the capability of image representations in the FRFT domain. In view of the above characteristic, a novel digital image watermarking method based on FRWT and SVD is proposed in this paper. The experimental results show that this method is robust to geometric attacks and image processing attack.
Keywords: Digital image watermarking; Fractional wavelet transform; wavelet transform; Singular value decomposition.
Improvement of Signature Scheme Based on Factoring and Chaotic Maps
by Nedal Tahat, Eddie Esmail
Abstract: Chain and Kuo (2013) proposed an efficient signature scheme based on chaotic maps and factorization. Their scheme is secure but requires many keys for signing documents. In this article, we shall propose an improvement of Chain and Kuos signature scheme. The improved scheme will outperform their scheme in the number of keys.
Keywords: chaotic maps; digital signature; factorization; cryptography.
Certificateless Aggregate Deniable Authentication Protocol for Ad Hoc Networks
by Chunhua Jin
Abstract: Deniable authentication allows a receiver to identify the source of a given message, but cannot prove the source of a given message to any third party. It can be employed in electronic voting (e-voting) systems, electronic tendering (e-tendering) systems and secure networks negotiation. These applications can be well realized in ad hoc networks. Therefore, deniable authentication is an essential security requirement for ad hoc networks. Aggregate deniable authentication is a method for combining n authenticator of n distinct messages from n distinct users into one single authenticator. This feature is very attractive in bandwidth-limited ad hoc networks. In this paper, we present an efficient certificateless aggregate deniable authentication protocol. Our protocol is based on certificateless public key cryptography that has neither the public key certificates management problem in traditional public key infrastructure(PKI) cryptography nor the key escrow problem in identity-based cryptography. The security of our protocol can be proven in the random oracle model under the bilinear Diffie-Hellman(BDH) and computational Diffie-Hellman (CDH) problems. In addition, our protocol adopts aggregate verification that can speed up the verification of authenticators. Our protocol is very suitable for ad hoc networks.
Keywords: Ad hoc networks; Deniable authentication; Aggregate; Certificateless cryptography; Random oracle model.
Special Issue on: CCC 2016 Cybersecurity in the Connected World
Black hole attack evaluation for AODV and AOMDV routing protocols
by Abdelwadood Mesleh
Abstract: A mobile ad hoc network (MANET) is a collection of independent mobile nodes (MNs), MANETs communicate with each other by establishing a multi-hop radio network, because of their popularity, security becomes a main challenge due to their characteristics. Protecting their network layer from malicious attacks is one of the main challenging security issues, many of those attacks are reported on Ad-hoc On Demand Distance Vector (AODV) and Ad hoc on-demand multipath distance vector routing (AOMDV) protocols. Black hole attack (BHA) is among the serious attacks, in which wireless packets are redirected to a specific fake MN, actually, the fake MN does not exist in MANETs and it is similar to the black hole (BH) in the universe in which things disappear. This fake MN attacks other MNs as it presents itself in such a way that has the shortest path. This paper aims at investigating the security of the network layer of MANETs, it addresses the security issues of AODV and AOMDV to provide secure communication between MNs in MANETs, studies the impact of BHA on the performance of AODV and MAODV in terms of throughput, end-to-end delay and packet delivery ratio using network simulator version 2 (NS-2), and, compares the resiliency of these routing protocols against BHAs. Simulation results revealed that AOMDV is more resilient against BHAs as it is able to easily find alternative routes to destination MNs.
Keywords: Black hole attack; AODV; MANETs; Intrusion detection; ad hoc network security;.