International Journal of Electronic Security and Digital Forensics (11 papers in press)
- A new identity based ring signcryption scheme
by Lunzhi Deng
Abstract: This paper presents a new identity-based ring signcryption scheme. With
this technique, anyone can choose n − 1 entities to generate a verifiable ring
signcryption on behalf of the group of n members, yet the actual signcrypter
remain anonymous. The scheme is proven to be indistinguishable against
adaptive chosen ciphertext attacks, existentially unforgeable against adaptive
chosen message and identity attacks, and unconditional signcrypter ambiguity
under the random oracle model.
Keywords: Identity-based cryptography, Ring signcryption, Random oracle model, Security
- A method for forensic artifact collection, analysis and incident response in environments running Session Initiation Protocol (SIP) and Session Description Protocol (SDP)
by Ioannis Psaroudakis, Vasilios Katos, Panagiotis Saragiotis, Lilian Mitrou
Abstract: In this paper we perform an analysis of SIP, a popular Voice over IP (VoIP) protocol and propose a framework for capturing andrnanalyzing volatile VoIP data in order to determine forensic readiness requirements for effectively identifying an attacker. The analysis wasrnperformed on real attack data and the findings were encouraging. It seems that if appropriate forensic readiness processes and controls arernin place, a wealth of evidence can be obtained. The type of the end user equipment of the internal users, the private IP, the software that isrnused can help build a reliable baseline information database. On the other hand the private IP addresses of the potential attacker even duringrnthe presence of NAT services, as well as and the attack tools employed by the malicious parties are logged for further analysis.
Keywords: Network forensics, SIP, VoIP Forensics, Intrusion Detection Systems (IDS)
- Symmetric Key Management for Mobile Ad hoc Networks using Novel Secure and Authenticated Key Distribution Protocol
by Anand Jegatheesan
Abstract: The wireless nature of communication and lack of security infrastructure raises several security problems in MANET. So, security routing is essential for Mobile Ad hoc Networks. A number of routing methods have been proposed for security routing. The key idea in our algorithm is to explore key authentication at the time of key sharing. Authentication is performed for key distribution and communication. This paves an integrity and authenticity. Collisions of source and destination nodes are reduced and Internal and external attacks are overcome using less cryptographic techniques with less computation steps. Confidentiality is achieved by encrypting the keys. A novel symmetric key sharing method is proposed which emphasizes the efficient and secure key sharing and key updates. In our Scheme, Digital Signature and Symmetric key combine together and protects the efficiency aspects. Through extensive simulation analysis it is inferred that our algorithm provides an efficient approach towards security and in the mobile ad hoc network.
Keywords: MANET; Symmetric key; Authentication; Secured Hash.
- Hybrid Technique for Robust and Imperceptible Dual Watermarking using Error Correcting Codes for Application in Telemedicine
by Amit Singh
Abstract: In this paper, the effects of different error correction codes on the robustness and the image quality are investigated. Three different error correcting codes such as Hamming, the BCH (Bose, Ray-Chaudhuri, Hocquenghem) and the Reed-Solomon code are considered to encode the watermark. The embedding watermarks method based on the two most popular transform techniques which are discrete wavelet transforms (DWT) and singular value decomposition (SVD). The proposed algorithm is robust against number of signal processing attacks without significant degradation of the image quality. The experimental results demonstrate that this algorithm combines the advantages and remove the disadvantages of these two transform. Out of three error correcting codes tested, it has been found that Reed-Solomon shows the best performance. A detailed analysis of the results of implementation is given.
Keywords: image watermarking, steganography, discrete wavelet transforms, singular value decomposition, error correcting codes.
- Vietnamese Privacy Concerns & Security in Using Online Social Networks
by Mathews Nkhoma
Abstract: According to a report by Vietnam Network Information Center (VNNIC) on Vietnam Internet resources in 2012, the number of Internet users in Vietnam had increased by 15 times compared to 2000. As a result of increased Internet usage, 35.49% of the Vietnamese population had a 53% chance of encountering online threats without even knowing it. The purpose of this research is to investigate the relationship and influence of security and privacy issues on Internet users trust, and their intention to participate in a safe online community in order to provide preliminary insights for building a safer Online Social Network (OSN) landscape in Vietnam by examining the relationships among online privacy concerns, security, trust, and intention. Using Structural Equation Modeling, the findings show that privacy correlates with security but these two variables do not have a significant impact on users trust. Moreover, only trust and security affect users intention to use OSN.
Keywords: Online social network, privacy concerns, security, trust, intention
- A Secure and Timestamp based Communication Scheme for Cloud Environment
by Abu Salim, Sachin Tripathi, Rajesh Kumar Tiwari
Abstract: Cloud computing provides the capability to use computing and storage resources on a rented basis and reduce the investments in an organizations computing infrastructure. With all its benefits, cloud computing also brings with it concerns about the security and privacy of information extant on the cloud as a result of its size, structure, and geographical dispersion. Secure communication in Cloud Environment is necessary to access remote resources in a controlled and efficient way. For validation and authentication digital signatures using public key cryptography is extensively used in cloud computing. Further to keep confidentiality, Digital Envelope which is the combination of the encrypted message and signature with the encrypted symmetric key is also used. In this paper we propose a Timestamp based authentication scheme for cloud client with a modified Digital Envelope. As hyperelliptic curve cryptosystem (HECC) is known for its small key size and high security, we have taken HECC encryption technique. We have also presented a security analysis to show that our scheme can resist various attacks related to Cloud Environment.
Keywords: Cloud Computing, HECC, Digital Envelope, Digital Signature, Public Key, Private Key
- Efficient Scalar Product Protocol and Its Privacy-Preserving Application
by Youwen Zhu, Tsuyoshi Takagi
Abstract: Scalar product protocol aims at securely computing the dot productrnof two private vectors. As a basic tool, the protocol has been widely used inrnprivacy preserving distributed collaborative computations. In this paper, at thernexpense of disclosing partial sum of some private data, we propose a linearlyrnefficient Even-Dimension Scalar Product Protocol(EDSPP) without employingrnexpensive homomorphic crypto-system and any third party. The correctness andrnsecurity of EDSPP are confirmed by theoretical analysis. In comparison withrnsix most frequently-used schemes of scalar product protocol, the new scheme is the most efficient one, and it has good fairness.rnSimulated experiment results intuitively indicate the good performance of ourrnscheme. Consequently, in the situations where divulging very limited informationrnabout private data is acceptable, EDSPP is an extremely competitive candidaternsecure primitive to achieve practical schemes of privacy preserving distributedrncooperative computations.We also discuss the application of EDSPP, and presentrna secure distance comparison protocol based on EDSPP, which can be usedrnin many privacy-preserving computations, such as privacy-preserving k-nearestrnneighbors computation. Additionally, a hybrid scheme is put forward to securelyrncompute the scalar product of arbitrary-length private vectors.
Keywords: privacy preserving; distributed computation; scalar product protocol;rnapplication
- STEGANOGRAPHIC DETECTION IN IMAGE USING THE REDUCTION OF SUPPORT VECTORS
by Imen Bouguerne, Yamina Tlili
Abstract: Steganography is the technique for hiding secret information in other data such as still, multimedia images, text, audio. The Steganalysis is the reverse technique in which detection of the secret is done in the stego image. The contourlet transform is a new two dimensional extension of the wavelet transform using multi-scale and directional filter banks.
In This paper, we propose a new universal steganalysis method for JPEG images based upon hybrid transform features (cosinus discret and contourlet transform). Then the detection is usually cast as classification problem, we used kernel-based methods for the reducting of the computational cost of classification, by using linear algebra of a kernel Gram matrix of the support vectors (SVs) low computational cost. The pruning is based on the evaluation of the performance of the classifier which is formed by the reduced SVs in SVM. The feasibility of the evaluation criterion and the effectiveness of the proposed method are demonstrated.
Keywords: Steganography; DCT; Contourlet Transform; SVM;Steganalysis.
- Robust symmetric cryptography using plain-text variant session key
by Hari Narayan Khan, Ayan Chaudhuri, Souvik Kar, Parijat Roy, Atal Chaudhuri
Abstract: The secured data communication over internet is the most important concern nowadays. One of the common security processes is data encryption. The main goals of encryption are Data Confidentiality, Data Integrity, Authentication, and Non-Repudiation. Within the field of cryptography one can see two separate divisions: cryptographer and cryptanalysis or attacker. The cryptographer seeks methods to ensure the safety and security of conversations while the cryptanalyst tries to undo the formers work by breaking his system. So our main aim is to build an apparently attack resistant encryption model. Session key may be one solution where new encryption key is used in every session but that needs key exchange prior to every communication. Common solution is, the new key be the function of the previous key as well as the function of the previous plain-text. Here after every communication one needs to extract the next session key and to remember till the next communication. In this paper we have proposed a scheme where session key is the function of a secret key (agreed between a pair of sender and receiver once for ever at beginning) and the current plain-text. Thus in each session the encryption key is changing but there is no need to extract and remember the next session key. Moreover we have used double encryption technique and shown that our scheme is better against crypto-analysis than other existing schemes like DES or AES.
Keywords: Symmetric cryptography; Session key; Advanced Encryption Standard (AES); Secure Hash Algorithm (SHA); Transpose Cipher.
Special Issue on: "Issues and Development of Network Security Algorithms"
- A Localized Clustering Scheme to Detect Attacks in Wireless Sensor Network
by P. P. Joby ,P. Sengottuvelan, Sengot tuvelaan
Abstract: Wireless Sensor networks (WSN) is an embryonic communication technique in the universe to be engaged for precarious circumstances resembling battle arenas and viable applications such as construction, transportation surveillance, territory monitoring, clever homes etc. Currently wireless sensor network facing a foremost problem is result from security issues. There are many security methodologies were available for wireless sensor network. Generally classified as two levels; one is low level, further categorized into privacy, key establishment, trusted network, secrecy, authentication, secure routing and etc. Another one is High level, further categorized into secure group management, Intrusion detection, data integrity and etc. This research Focusing on the network availability, prior revisions offered to protect the network beside denial of service attacks with the use of traffic monitoring proxies on some nodes. But if the governor nodes are miserable, then itâ€™s vulnerable to network. To overcome this, the research put front a mechanism called election method to elect the control nodes in a clusters. To simulate this methodology, Packet tracer tool is used.
Keywords: Wireless Sensor Network, Election Method, Security Methodologies, Control proxies.
- Adaptation Of Frames For GOP Using NSEW Affine Translation For Effective Privacy Protection Mechanism
by D. Raveena Judie Dolly, Josemin Bala, J.Dinesh Peter
Abstract: The Group of Pictures (GOP) plays a very vital role in the privacy protection mechanism when data hiding is preferred through video transmission. GOP varies for every conventional video compression standards. The frame identification plays a key role in framing GOP. If frames are chosen adaptively using a matching criteria instead of precoded GOP the further processing for video compression could be effectively done. The quality of the reconstructed video after compression can be improved subjectively if GOP is selected properly and thus the embedded data can be retrieved without degradation. It is observed that B-frames in a GOP takes more computation time since it depends on the previous and next frame to be processed. So, NSEW affine translation technique is proposed to convert B-frames to either P-frames or I-frames depending on the matching criteria between frames. The result shows that the performance objective evaluation coincides with the subjective evaluation.
Keywords: B-Frame; Frame identification; Group of Pictures; I-Frame; P-Frame; Video Compression; Data hiding