International Journal of Electronic Security and Digital Forensics (14 papers in press)
- Efficient Scalar Product Protocol and Its Privacy-Preserving Application
by Youwen Zhu, Tsuyoshi Takagi
Abstract: Scalar product protocol aims at securely computing the dot productrnof two private vectors. As a basic tool, the protocol has been widely used inrnprivacy preserving distributed collaborative computations. In this paper, at thernexpense of disclosing partial sum of some private data, we propose a linearlyrnefficient Even-Dimension Scalar Product Protocol(EDSPP) without employingrnexpensive homomorphic crypto-system and any third party. The correctness andrnsecurity of EDSPP are confirmed by theoretical analysis. In comparison withrnsix most frequently-used schemes of scalar product protocol, the new scheme is the most efficient one, and it has good fairness.rnSimulated experiment results intuitively indicate the good performance of ourrnscheme. Consequently, in the situations where divulging very limited informationrnabout private data is acceptable, EDSPP is an extremely competitive candidaternsecure primitive to achieve practical schemes of privacy preserving distributedrncooperative computations.We also discuss the application of EDSPP, and presentrna secure distance comparison protocol based on EDSPP, which can be usedrnin many privacy-preserving computations, such as privacy-preserving k-nearestrnneighbors computation. Additionally, a hybrid scheme is put forward to securelyrncompute the scalar product of arbitrary-length private vectors.
Keywords: privacy preserving; distributed computation; scalar product protocol;rnapplication
- STEGANOGRAPHIC DETECTION IN IMAGE USING THE REDUCTION OF SUPPORT VECTORS
by Imen Bouguerne, Yamina Tlili
Abstract: Steganography is the technique for hiding secret information in other data such as still, multimedia images, text, audio. The Steganalysis is the reverse technique in which detection of the secret is done in the stego image. The contourlet transform is a new two dimensional extension of the wavelet transform using multi-scale and directional filter banks.
In This paper, we propose a new universal steganalysis method for JPEG images based upon hybrid transform features (cosinus discret and contourlet transform). Then the detection is usually cast as classification problem, we used kernel-based methods for the reducting of the computational cost of classification, by using linear algebra of a kernel Gram matrix of the support vectors (SVs) low computational cost. The pruning is based on the evaluation of the performance of the classifier which is formed by the reduced SVs in SVM. The feasibility of the evaluation criterion and the effectiveness of the proposed method are demonstrated.
Keywords: Steganography; DCT; Contourlet Transform; SVM;Steganalysis.
- Robust symmetric cryptography using plain-text variant session key
by Hari Narayan Khan, Ayan Chaudhuri, Souvik Kar, Parijat Roy, Atal Chaudhuri
Abstract: The secured data communication over internet is the most important concern nowadays. One of the common security processes is data encryption. The main goals of encryption are Data Confidentiality, Data Integrity, Authentication, and Non-Repudiation. Within the field of cryptography one can see two separate divisions: cryptographer and cryptanalysis or attacker. The cryptographer seeks methods to ensure the safety and security of conversations while the cryptanalyst tries to undo the formers work by breaking his system. So our main aim is to build an apparently attack resistant encryption model. Session key may be one solution where new encryption key is used in every session but that needs key exchange prior to every communication. Common solution is, the new key be the function of the previous key as well as the function of the previous plain-text. Here after every communication one needs to extract the next session key and to remember till the next communication. In this paper we have proposed a scheme where session key is the function of a secret key (agreed between a pair of sender and receiver once for ever at beginning) and the current plain-text. Thus in each session the encryption key is changing but there is no need to extract and remember the next session key. Moreover we have used double encryption technique and shown that our scheme is better against crypto-analysis than other existing schemes like DES or AES.
Keywords: Symmetric cryptography; Session key; Advanced Encryption Standard (AES); Secure Hash Algorithm (SHA); Transpose Cipher.
- Random Linear Network Coding with Probabilistic Polynomial-time Wiretap Adversary
by Zhiwen Hu, Li Zhu, Huaqing Mao
Abstract: Linear network coding can achieve the network capacity in the single source multicast case. For the single source multicast network with wiretap adversary, Cai and Yeung (Cai and Yeung, 2002) suggest an information-secure linear coding which tightly achieves the transmitting rate upper bound C-t, where C is the capacity of the network and t is the maximum number of edges with wiretap adversary. In this paper, we considers the cryptographic security for the messages in the random linear network coding setting. The indistinguishability under chosen-message-attack (or CMA-Security) from probabilistic polynomial-time (PPT) wiretap adversary is defined. With a pseudorandom generator against linear cryptanalysis, a peer-to-peer protocol is constructed for multicast network using random linear network coding. When the adversary wiretap less than C edges, the protocol is CMA-Secure and attains transmitting rate approaching the networks capacity C from below, asymptotically in the expanding ratio (i.e., length of output string/length of input string) of the pseudorandom generator. Compared with secret-key based scheme, no secret is needed by the receiver nodes, which means the key managing issues for dynamic networks would never come up.
Keywords: network coding; confidentiality; computational bounded adversaries; pseudorandom generator; linear cryptanalysis
- Certificate-based Encoding of Gate Level Description for Secure Transmission
by Debasis Mitra, Sandip Ghoshal, Subhasis Bhattacharjee
Abstract: Modern System-on-Chip (SoC) design cycle strongly depends on secure exchange of Intellectual Properties (IPs) between developers, integrators, foundries, etc. But, sharing of IPs between authorities involve high security risks in today
Keywords: Intellectual property protection;secure transmission;encryption;VLSI design;gate level description
- A Hybrid Evolutionary Algorithm for Feature & Ensemble Selection in Image Tampering Detection
by Jonathan Goh, Vrizlynn L. L. Thing
Abstract: The detection of the presence of tampered images is of significant importance in digital forensics. The problem with image tampering detection is the vast number of features that are currently available in the literature. It is very challenging to determine what are the best features to correctly characterize these images. This paper proposes a hybrid evolutionary framework to perform a quantitative study to evaluate all features in image tampering for the best feature set. Upon feature evaluation and selection, the classification mechanism must be optimized for good performance. Therefore, in addition to being able to determine an optimal set of features for a classifier, the hybrid framework is capable of determining the optimal multiple classifier ensemble while achieving the best classification performance in terms of low complexity and high accuracy for image tampering detection. Using a training data set of only 5% of the dataset, we were able to obtain accuracies of 90.18% on a CASIA 1 dataset with 1457 test images, 96.21% on a CASIA 2 dataset with 10200 and 94.64% on a combined CASIA 1 & 2 dataset with 11657 testing images. The experiment result shows that our image tampering detection can support large-scale digital image evidence authenticity verification with consistent good accuracy.
Keywords: Image forgery; evolutionary algorithms; optimal feature selection;rnmultiple classifiers systems.
- Hybrid Secure GSM Architecture using DNA Computing based Hyperelliptic Curve Cryptography
by Vijayakumar Perumal
Abstract: Wireless Mobile Communication has become more familiar and popular among other communication system for transmitting data to enable the user to communicate with other third parties at any place at any time. Due to third party interception, transmission of data, connection establishment, connection release, billing processes are in insecure environments. So many researchers had put their effort to develop an innovative authentication scheme for GSM network. The existing authentication scheme provides security with high communication and computational overhead using a symmetric key cryptography. The proposed scheme mainly focuses on providing security to Global System for Mobile communication system using Hyperelliptic Curve Cryptography and DNA computing technique for Mutual Authentication, Secret key generation and, data encryption and decryption algorithm. Finally a security analysis shows that authentication algorithm is more secure and efficient.
Keywords: Deoxyribo Nucleic Acid, Hyperelliptic Curve Cryptography, Global System for Mobile communication, Mutual Authentication, Secret key generation, Encryption and Decryption, Communication and Computational Complexity
- Preserving the Confidentiality of Digital Images Using a Chaotic Encryption Scheme
by Alireza Jolfaei, Ahmadreza Matinfar, Abdolrasoul Mirghadri
Abstract: Confidentiality of digital images is an important requirement for many multimedia applications and services. To maintain confidentiality, encryption of digital images is essential. Digital images are usually very large and encrypting such bulky data induces many performance overheads, which can be too expensive for real-time applications in resource constrained environments. In this paper, we propose a chaotic image encryption scheme which satisfies the need for both lightweightedness and security. To justify the security and efficiency, the new cipher was evaluated using a series of statistical tests. These tests included visual testing and histogram analysis, randomness analysis, correlation analysis, entropy analysis and image encryption quality analysis. Based on all analyses and experimental results, it is concluded that the proposed scheme is effective, efficient and trustworthy to be adopted for image encryption.
Keywords: Chaos; efficiency; initialization process; image encryption; security; stream cipher
- Real-time digital forensic triaging for cloud data analysis using MapReduce on Hadoop framework
by Digambar Povar, Saibharath , G. Geethakumari
Abstract: Cloud computing is a relatively new model in the computing world after several computing paradigms like personal, ubiquitous, grid, mobile, and utility computing. Cloud computing is synonymous with virtualization which is about creating virtual versions of the hardware platform, the Operating System or the storage devices. Virtualization is omnipresent in the cloud environment that poses challenges to implementation of security as well as cybercrime investigation. Techniques used in traditional digital forensics may not be appropriate for timely analysis of large capacity virtual machine hard disk file or virtual storage of a cloud user. Hence, there is a need for reducing analysis time for cloud crime cases like child pornography, murder, hacking, death threats, missing persons, drugs activity, financial frauds etc. In this paper we designed and developed a new Real-time digital forensic analysis process that will minimize the overall processing time of evidence using parallel programming model (MapReduce) on a distributed computing platform Hadoop. The approach we designed would answer the queries of Investigator in real time by searching user specified patterns in given evidence by distributing parts of evidence to clusters of commodity machines with local store and processing them in parallel. This approach can also be used for indexing search patterns (for example - headers and footers of files) to carve files from evidence data.
Keywords: Cloud computing; virtual machine; cybercrime; digital evidence; digital forensics; cloud crime; cloud forensics; digital forensic triage
- Assessment of uniformity of byte distribution in a file based on the wavelet transform as an approach to search encrypted data
by Vesta Matveeva
Abstract: This article is focused on the search of the encrypted data in the file system, which is an important step in digital forensics. Encryption is widely used today, among others by malefactors to conceal data, suggesting that encrypted information can be hidden in the file system. There are means of detection of encrypted files, but they have significant limitations and may not be used for the free space of the file system. Statistical tests can also be used for this purpose but they are resource and time consuming. Therefore, the article proposes a new approach to searching for encrypted data, based on the assessment of uniformity of data, with the ability to localize the heterogeneity, which reduces type I error to zero. This approach has its drawbacks, in the form of type II errors; however it can be improved by manipulating parameters that are used for assessment of uniformity.
Keywords: digital forensics; conceal data; random data; statistical tests; encrypted data; density of distribution; uniform sequence; assessment of uniformity; localization of heterogeneity; wavelet transform; chi-squared test.
Special Issue on: "Issues and Development of Network Security Algorithms,"
- Adaptation Of Frames For GOP Using NSEW Affine Translation For Effective Privacy Protection Mechanism
by D. Raveena Judie Dolly, Josemin Bala, J.Dinesh Peter
Abstract: The Group of Pictures (GOP) plays a very vital role in the privacy protection mechanism when data hiding is preferred through video transmission. GOP varies for every conventional video compression standards. The frame identification plays a key role in framing GOP. If frames are chosen adaptively using a matching criteria instead of precoded GOP the further processing for video compression could be effectively done. The quality of the reconstructed video after compression can be improved subjectively if GOP is selected properly and thus the embedded data can be retrieved without degradation. It is observed that B-frames in a GOP takes more computation time since it depends on the previous and next frame to be processed. So, NSEW affine translation technique is proposed to convert B-frames to either P-frames or I-frames depending on the matching criteria between frames. The result shows that the performance objective evaluation coincides with the subjective evaluation.
Keywords: B-Frame; Frame identification; Group of Pictures; I-Frame; P-Frame; Video Compression; Data hiding
- Recognition of Elephants in Infrared Images Using Clustering based Image Segmentation
by Siva Mangai
Abstract: Object recognition is a challenging task in image processing and computer vision. This paper proposes a clustering based image segmentation approach for elephant recognition. Appreciable recognition rate was achieved by k-means clustering technique followed by feature extraction and K nearest neighbour (K-NN) classifier. The k-means clustering algorithm employs the concept of fitness and belongingness to provide a more adaptive and better clustering process as compared to several conventional algorithms. Elephant shape features are extracted for the recognition. Recognition rate for each class is calculated for performance evaluation. Recognition rate for different K values in K-NN classifier is calculated to find a proper K value for the proposed design.
Keywords: elephant; clustering; k-means; recognition; feature extraction; KNN classifier
- NETWORK LAYER INTRUSION DETECTION IN MOBILE ADHOC NETWORK USING ON-DEMAND ATTACK DETECTION (ODAD) PROTOCOL
by Durai Pandian, C Palanisamy
Abstract: In mobile adhoc network, all the nodes will act as client/server and it has the capability to forward the packets. Security is major concern in wireless network due to decentralized topology. Intruders may attack the transmission path between source and destination. Existing technique used Adhoc On Demand Vector (AODV) routing protocol to detect the attackers by on demand basis. But it is not sufficient to detect all the denial of service attack. So proposed the new protocol as On Demand Attack Detection (ODAD) protocol is designed to detect various attacks in a different ways. It contains three modes to detect the various attacks. They are i. FDN (Finding Drop Node), ii. ACK (Acknowledgment) and iii. SNC (Self Node Correction). These modes are used to detect the attackers inside the mobile adhoc network and then inform about the intruders to remaining node in the network. Experimental results analyze the performance of throughput, packet delivery rate, drop rate and delay. This technique decrease the delay and drop rate, and increase the delivery rate and throughput compared with the existing technique.
Keywords: AODV, Throughput, Drop rate, Acknowledgement and Denial of service attack.
- A Localized Clustering Scheme to Detect Attacks in Wireless Sensor Network
by P. P. Joby, P Sengottuvelan
Abstract: Wireless Sensor networks (WSN) is an embryonic communication technique in the universe to be engaged for precarious circumstances resembling battle arenas and viable applications such as construction, transportation surveillance, territory monitoring, clever homes etc. Currently wireless sensor network facing a foremost problem is result from security issues. There are many security methodologies were available for wireless sensor network. Generally classified as two levels; one is low level, further categorized into privacy, key establishment, trusted network, secrecy, authentication, secure routing and etc. Another one is High level, further categorized into secure group management, Intrusion detection, data integrity and etc. This research Focusing on the network availability, prior revisions offered to protect the network beside denial of service attacks with the use of traffic monitoring proxies on some nodes. But if the governor nodes are miserable, then its vulnerable to network. To overcome this, the research put front a mechanism called election method to elect the control nodes in a clusters. To simulate this methodology, Packet tracer tool is used.
Keywords: Wireless Sensor Network, Election Method, Security Methodologies, Control proxies.