International Journal of Electronic Security and Digital Forensics (11 papers in press)
- Web Browser Artefacts in Private and Portable Modes: A Forensic Investigation
by Cassandra Flowers, Ali Mansour, Haider Al-Khateeb
Abstract: Web browsers are essential tools for accessing the Internet. Extra complexities are added to forensic investigations when recovering browsing artefacts as portable and private browsing are now common and available in popular web browsers. Browsers claim that whilst operating in private mode, no data is stored on the system. This paper investigates whether the claims of web browsers discretion are true by analysing the remnants of browsing left by the latest versions of Internet Explorer, Chrome, Firefox, and Opera when used in a private browsing session, as a portable browser, and when the former is running in private mode. Some of our key findings show how forensic analysis of the file system recovers evidence from IE while running in private mode whereas other browsers seem to maintain better user privacy. We analyse volatile memory and demonstrate how physical memory by means of dump files, hibernate and page files are the key areas where evidence from all browsers will still be recoverable despite their mode or location they run from.
Keywords: Web browser forensics; Portable applications; Private Browsing; Incognito mode; Physical Memory; Windows; IE; Chrome; Firefox; Opera; OSForensics
- A Fuzzy Logic Approach for Detecting Redirection Spam
by Kanchan Hans, Laxmi Ahuja, SK Muttoo
Abstract: Redirection spam is a relatively newer technique whereby spammers redirect the search user to an unwanted webpage or download malware on the victims machine without his consent. Spammers are making use of chained redirections to hide their nefarious activities. Detecting such malicious redirections is of prime importance for maintaining web security. In this paper we have identified the factors that assist in detecting redirection spam and propose a fuzzy logic based model for redirection spam detection. We validated our model against a set of URLs and were able to detect the spammed redirections with high accuracy.
- Concatenated and Interleaving Codes for MC DS CDMA Using Cadence virtuoso
by Saravanakumar Selvan, Deepa Rangasamy
Abstract: Multi Carrier DS CDMA technique is the next generation mobile communication system for future advances. Error correcting codes and concatenated codes are used for correcting the errors in data transmission. In this paper hybrid concatenated codes for MC DS CDMA structure has been proposed and parameters like usage time, power consumption and Area are estimated. Further system performance can be attained by serially concatenating the proposed scheme with outer and inner codes. The interleavers are used for concatenated codes and it reduces the burst errors between outer and inner code of encoding and decoding operation in the MC DS CDMA model. In this paper : Verilog code is used for designing the entire structure of CDMA model. The simulation and estimated parameters is done by CADENCE design environment .
Keywords: MC DS CDMA, Power consumption, Area, Concatenated Code, Interleaver, Verilog code, Cadence
- Audio Data Hiding Technique using Integer Wavelet Transform
by Hemalatha S, U. Dinesh Acharya, Renuka A
Abstract: Secret data when transmitted over the network must be protected from the illegal copy, modification or destruction by the malicious user. Audio steganography is a technique that provides a platform for secure transmission of secret data over the internet. In audio steganography, the secret data is transmitted with audio signal as the carrier. This paper proposes a high capacity and security audio steganography technique to hide secret audio signal. In this technique, in lieu to ensconcing the secret information as a whole in the cover object a key corresponding to the secret information is produced and hidden imperceptibly in the cover signal. The key is used to retrieve the secret information. To generate the key and to conceal it in the cover, Integer Wavelet Transform (IWT) is used. The performance metrics obtained are well above the required level of HAS, indicating good security and robustness of the stego system.
Keywords: Information Security; Audio steganography; Wavelet Transform; Integer Wavelet Transform; Lifting scheme; Signal to Noise Ratio; Squared Pearson Correlation Coefficient.
- An efficient certificateless multi-proxy signature scheme without pairing
by Qu Yunyun, Deng Lunzhi
Abstract: In this paper, we propose the first certificateless multi-proxy signature scheme without pairing.We show our scheme is particularly suitable for practical applications with severely constrained resources due to significant reduction in costs of computation and storage and our scheme is secure against both of the Type I and the Type II adversaries.
Keywords: Certificateless public key cryptography; Multi-proxy signaturernscheme; discrete logarithm problem (DLP); Random oracle model
- Enhancing malware detection: clients deserve more protection
by Mohammed I. Al-Saleh, Bilal Shebaro
Abstract: Sophisticated malware is designed to spread over the network and infect as many connected client machines as possible before being detected. Network security engineers have always been challenged to detect and track down such malware before infecting new client machines. Consequently, they proposed several techniques that are deployed at different network boundaries, such as network-based intrusion detection systems (IDS) and proxy-based solutions. However, recent malware has been successfully able to bypass security protocols and anti-malware shields deployed at the network level, leaving the client machines at high risk of infection. The client antivirus (AV) software is considered the last line of defense against attacks that bypass network-based protection systems. Had the AV also been bypassed, the client would have been infected and compromised. In this paper, we propose an improvement to the client-based AV software to complement the network-based anti-malware software. We propose an AV add-on feature that enhances the capability of existing AV software to scan network data. We show that our solution is capable of detecting malware spread over the network upon arrival to the client machine and before it starts to behave maliciously. In addition, our solution shows that it has no significant overhead on the system under normal network traffic.
Keywords: malware; antivirus; network security; intrusion detection systems; IDS; network-based anti-malware tools; network data scanner; network packet capturing; UnixBench; malicious software; vulnerability discovery; security barriers; denial-of-service attacks; TCP protocol.
- An efficient resource-fair commit-prove-fair-open protocol
by Ou Ruan, Jing Zhou, Mingwu Zhang
Abstract: With the development of modern internet and mobile networks, there is an increasing need for privacy-preserving cooperative computation and cloud computing. Secure multi-party computation (SMPC) gives a general solution to these applications and has become a hot topic in privacy-carrying protocols. The commit-prove-fair-open protocol is one of multi-party fair exchange protocols against the malicious adversary in breaking the fair play of the participants, and it provides an important tool of SMPC to make it possible to achieve the fairness with corrupted majority according to the standard real/ideal world simulation paradigm framework. In this paper, we at first prove two lemmas about the simplified Camenisch-Shoup commitment and the time-lines, and then propose a very efficient resource-fair commit-prove-fair-open protocol. Compared with the other commit-prove-fair-open protocols, our new protocol enjoys two important advantages: 1) communications cost and computations price are less than 20%; 2) it allows commitment to obtain value 0, which is not implemented in the other constructions.
Keywords: commit-prove-fair-open; resource fairness; secure multi-party computation; SMPC; fair exchange; time-lines.
- An image steganographic algorithm on smart mechanism of embedding secret data in images
by P. Mohan Kumar, J. Arokia Renjith
Abstract: In reversible compressed image data hiding, the exact cover image is restored at approximate efficient rate after extracting the secret data from the stego-image. The improved version of the traditional histogram shifting method as proposed, prevents overflow and underflow to a greater extent. The primary objective of this paper is to develop a high data hiding capability in histogram-based reversible data hiding algorithm by introducing a relatively lower distortion after embedding the secret message.
Keywords: histogram shifting; reversible data hiding; quad-tree segmentation; image security; pixel value differencing.
- Robust and imperceptible image watermarking in DWT-BTC domain
by Anum Javeed Zargar, Amit Kumar Singh
Abstract: In this paper, an algorithm for digital image watermarking based on discrete wavelet transforms (DWT) and block truncation coding (BTC) has been proposed. In the embedding process, the host image is decomposed into first level DWT and the watermark image is compressed by BTC. The compressed watermark is then embedded into the selected sub-band of the host image. The proposed method has been extensively tested against numerous known signal processing attacks and has been found to be robust and highly imperceptible. Further, the performance of the algorithm has been tested with fractal compression technique. The performance of the BTC-based technique is better than the fractal-based compression techniques in terms of robustness and imperceptibility.
Keywords: watermarking; discrete wavelet transform; DWT; block truncation coding; BTC; robustness; peak signal to noise ratio PSNR; NC.
- Hiding biometric features in audio signals using Gram-Schmidt orthogonalisation
by Arashdeep Kaur, Malay Kishore Dutta, K.M. Soni, Nidhi Taneja
Abstract: This paper presents a method of imperceptibly inserting a biometric-based digital watermark generated from iris image in an audio signal. The use of biometric features as a watermark is proposed in this paper to address the issue of ownership of digital watermark and digital content. There is a need to design special audio watermarking algorithm which can accommodate biometric-based watermark without disturbing robustness and perceptual transparency as biometric-based watermarks are generally larger in size. The algorithm is designed using Gram-Schmidt orthogonalisation in third level detailed coefficients of multi-resolution decomposition to achieve high payload with good robustness such that watermark is not audible to human auditory system. The embedding capacity of the proposed method is evaluated to be 480 bps and the highest SNR achieved is 41.519 dB. Experimental results validate that the biometric watermark extracted even under different attack situations can be identified uniquely in the iris database.
Keywords: Gram-Schmidt orthogonalisation; authentication; multi-resolution decomposition; biometric features.
- Enabling identity-based cloud storage public auditing with quantum computers resistance
by Xiaojun Zhang, Chunxiang Xu, Chunhua Jin
Abstract: With the rapid development of cloud storage technology, users choose to store their data in the cloud server remotely. Without the burden of local data storage and maintenance, users can enjoy on-demand high quality cloud storage services. Recently, lattice-based cryptography has been considered as the best choice for post-quantum cryptography, which can resist quantum computer attacks. Considering the forthcoming of the quantum computer in the near future, in this paper, we propose an efficient identity-based cloud storage public auditing scheme, which is constructed based on lattice. We prove our scheme can guarantee public verifiability, unforgeability. Moreover, our scheme can prevent the third party auditor (TPA) from revealing the primitive data blocks of cloud users. In particular, to achieve efficient data dynamics, by utilising index hash tables, our auditing scheme can efficiently perform dynamic operations. Efficient performance analysis demonstrates that our public auditing scheme is more efficient and more practical even in the post-quantum cryptographic era.
Keywords: public auditing; cloud storage; lattice-based signature; post-quantum cryptography.