International Journal of Information and Computer Security (31 papers in press)

Regular Issues

• Re-Evaluation of PhishI Game and its utilization in Eliciting Security Requirements  
  by Rubia Fatima, Affan Yasin, Lin Liu, Wang Jianmin 
  Abstract: The COVID-19 coronavirus pandemic has sparked considerable alarm amongst the general community and has significantly affected the societal attitudes and perceptions. In the current era, social engineers are applying various strategies to exploit human weakness. Phishing, a social engineering technique, is one of the most widely used and effective ways to undermine human assets. In this research study, firstly, we aim to educate the participants regarding phishing attacks; secondly, the dangers associated with excessive online sharing, and thirdly, how to utilise game scenarios developed by the participants to elicit security requirements. We have employed various research methods, such as, survey, observation, personas development, and scenario-based technique to achieve these objectives. Our re-evaluation results show that the PhishI game effectively educates participants regarding phishing attacks and dangers associated with disclosing excessive online information.
  Keywords: social engineering; phishing attack; awareness; security requirements elicitation; serious game; online information disclosure; human factor.
  DOI: 10.1504/IJICS.2023.10052188
   
  
• A New hybrid chaotic System and its analysis  
  by Mandeep Kaur Sandhu, Surender Singh, Manjit Kaur 
  Abstract: In this paper, we introduce and examine a new hybrid hyper-chaotic system named eight-dimensional (8D) hyper-chaotic system. The proposed system is designed by combining the hyper-chaotic systems with some modifications. 8D hyper-chaotic system is sensitive to its initial parameters. Therefore, a grey wolf optimisation algorithm is used to tune its initial parameters. The proposed 8D hyper-chaotic system shows hyper-chaotic behaviour and a unique equilibrium with a large range of parameters and six positive Lyapunov exponents. The analyses of the proposed 8D hyper-chaotic system are achieved using amplitude fluctuations, auto and cross-correlation, pseudo phase space trajectories, and equilibrium points. Besides, Lyapunov exponents, bifurcation diagrams, and butterfly effects are also evaluated by defining the initial conditions and specific parameters. Experimental analyses reveal the presence of chaotic and hyper-chaotic attractors, high accuracy, and stable performance of the proposed 8D hyper-chaotic system. Finally, the proposed 8D hyper-chaotic system is used to design the secret key for showing the application in the field of image encryption. It provides a large keyspace and can resist various security attacks.
  Keywords: hyper-chaotic; chaotic; Lyapunov exponents; bifurcation.
  DOI: 10.1504/IJICS.2023.10053890
   
  
• On the Performance of AES Algorithm Variants  
  by Mohammed N. Alenezi, Haneen Alabdulrazzaq, Hajed M. Alhatlani, Faisal A. S. AlObaid 
  Abstract: Advanced encryption standard (AES) is frequently used to encrypt data transmission over the internet since it is not prone to practical attacks. Many variants of AES exist with different key sizes and block cipher modes. Choosing an AES variant depends on several factors such as speed, the extent of security required, and the type of the application. As such, it becomes vital to test the performance of these variants to help users choose the most suitable one for their needs. This research presents a performance evaluation of encryption/decryption time and throughput of AES-128, AES-192, AES-256 using modes such as CTR, CBC, CFB, and OFB in Python on various file sizes ranging from 1 MB to 50 MB. The results show a natural pattern where an increase in key size and/or file size prolonged encryption and decryption time. Furthermore, CBC mode was the highest in performance for all key sizes.
  Keywords: security; advanced encryption standard; AES; cryptographic algorithms; block cipher modes; throughput.
  DOI: 10.1504/IJICS.2023.10054850
   
  
• A new architecture with a new protocol for m-payment  
  by BOUKERS Saâd, Abdelkader Belkhir 
  Abstract: The use of mobile payments by a significant number of consumers in recent years has encouraged without exception all other m-payment actors to invest more in this area. The reasons for this use are diverse and multiple. At the same time, this new situation requires all mobile payment actors to increase their cyber resilience in front of the rapid evolution of the techniques used by cybercriminals to properly secure financial transactions and consumer data in order to further increase the popularity of this payment means in the world. In this context, our contribution consists in offering a new architecture with a new protocol for mobile payment that further strengthens confidence in m-payment. Our solution is universal in its design and implementation and uses the SMS service. It is mainly based on the public key infrastructure (PKI), the session key and national and international digital identities of consumers and merchants.
  Keywords: mobile payment; SMS; digital identity; public key infrastructure; PKI; encryption; digital certificate; certification authority; block cipher; end-to-end encryption.
  DOI: 10.1504/IJICS.2023.10054871
   
  
• A Robust Feature Points Based Screen-shooting Resilient Watermarking Scheme  
  by Ruixia Yan, Yuan Jia, Lin Gao 
  Abstract: Screen-shooting will lead to information leakage. Anti screen-shooting watermark, which can track the leaking sources and protect the copyrights of images, plays an important role in image information security. Due to the randomness of shooting distance and angle, more robust watermark algorithms are needed to resist the mixed attack generated by screen-shooting. A robust digital watermarking algorithm that is resistant to screen-shooting is proposed in this paper. We use improved Harris-Laplace algorithm to detect the image feature points and embed the watermark into the feature domain. In this paper, all test images are selected on the dataset USC-SIPI and six related common algorithms are used for performance comparison. The experimental results show that within a certain range of shooting distance and angle, this algorithm presented can not only extract the watermark effectively but also ensure the most basic invisibility of watermark. Therefore, the algorithm has good robustness for anti screen-shooting.
  Keywords: blind watermarking; screen-shooting; robustness; invisibility; feature points; QR code; discrete cosine transform; DCT.
  DOI: 10.1504/IJICS.2023.10056328
   
  
• Technique for Detecting Hardware-Based Trojans Using a Convolutional Neural Network  
  by Ravichandran C, Nagalakshmi T.J., Shyamala Bharathi P, Siva Kumaran 
  Abstract: The hardware Trojan, also known as HT, has emerged as a danger to the integrated circuit (IC) sector and the supply chain, leading to the creation of a plethora of Trojan detection strategies. The detection of HT is very necessary to ensure both the chip’s functionality and its safety. This article discusses a recently discovered risk to integrated circuits (ICs) safety. Using a deep convolutional neural network, the authors of this research offer a novel partial RE-based HT detection algorithm. This method can identify Trojan horses in IC layout photos (DCNN). The suggested DCNN model is made up of many convolutional and pooling layers that are stacked on top of one another. By giving proof of concept implementation of the various approaches to FPGAs, we demonstrate the practicability of the presented strategies by demonstrating how they may be implemented.
  Keywords: hardware Trojan; security; deep neural network; FPGA.
  DOI: 10.1504/IJICS.2023.10056329
   
  
• Post-Quantum zk-SNARKs from QAPs  
  by Ken Naganuma, Masayuki Yoshino, Noboru Kunihiro, Atsuo Inoue, Yukinori Matsuoka, Mineaki Okazaki 
  Abstract: In recent years, the zero-knowledge proof and zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) have drawn significant attention as privacy-enhancing technologies in various domains, especially the cryptocurrency industry and verifiable computations. rnA post-quantum designated verifier type zk-SNARK for Boolean circuits was proposed by Gennaro et al. in ACM CCS '18. However, this scheme does not include arithmetic circuits. Furthermore, it is difficult to use it in various applications. Their paper described the construction of a post-quantum designated verifier zk-SNARK for arithmetic circuits from quadratic arithmetic programs (QAPs) as an open problem. rnRecently, Nitulescu proposed a post-quantum designated verifier zk-SNARK for arithmetic circuits using square arithmetic programs (SAPs), which are the special cases of QAPs. rnIn this paper, we give other answers to this problem and propose rntwo post-quantum designated verifier zk-SNARK schemes for arithmetic circuits using QAPs. Our first proposal is based on the data structure used in Pinocchio, a previous study, and can be easily implemented using the existing Pinocchio-based systems. Furthermore, this scheme does not require strong security assumptions. rnIn our second proposal, which also employs QAPs, the zero-knowledge proof comprises three learning with errors (LWE) ciphertexts, and the size of the proof is smaller compared with that of the first proposal. Our second proposal is also more efficient than the first one or all other known post-quantum zk-SNARKs. rnWe implemented our proposed schemes and other known schemes using the libsnark library. Our experimental results show that the second scheme is faster than the previous post-quantum zk-SNARK schemes. rnThe second scheme can generate a zero-knowledge proof for an arithmetic circuit that comprises $2^{16}$ gates in a processing time of only 50 s, which is approximately three times faster than that of the post-quantum zk-SNARKs by Gennaro et al. or two times faster than the one by Nitulescu.
  Keywords: Zero-knowledge proof; zk-SNARKs; LWE encryption; Blockchain technology; Post-quantum cryptography.
  
  
• Multi-level Image Security using Modified Rubik’s Cube Algorithm  
  by Rupesh Sinha, Sitanshu Sekhar Sahu 
  Abstract: With the rapid growth in usage of multimedia images and digital data exchange, it is very important to safeguard the images from unauthorised access. In this context, we proposed a multi-level chaotic encryption scheme using modified Rubik’s cube algorithm. First, the original image is jumbled using two secret keys. These keys are generated using chaotic functions with different parameters. Then rows and columns of the jumbled image are again mixed with XOR operator. Performance of the proposed work is evaluated with correlation coefficient (CC), number of pixel change rate (NPCR) and unified average changing intensity (UACI). From the experimental analysis and parameters evaluation it is observed that the proposed scheme can resist exhaustive attack, statistical attack as well as differential attack.
  Keywords: image security; multi-level chaotic encryption; Rubik’s algorithm; XOR operator; correlation coefficient.
  DOI: 10.1504/IJICS.2023.10057698
   
  
• Robust watermarking of Medical Images using SVM and hybrid DWT-SVD  
  by Kumari Suniti Singh, Harsh Vikram Singh 
  Abstract: In the present scenario, the security of medical images is an important aspect in the field of image processing. Support vector machines (SVMs) are a supervised machine learning technique used in image classification. The roots of SVM are from statistical learning theory. It has gained excellent significance because of its robust, accurate, and very effective algorithm, even though it was applied to a small set of training samples. SVM can classify data into binary classification or multiple classifications according to the application’s needs. Discrete wavelet transform (DWT) and singular value decomposition (SVD) transform techniques are utilised to enhance the image’s security. In this paper, the image is first classified using SVM into ROI and RONI, and thereafter, to enhance the images diagnostic capabilities, the DWT-SVD-based hybrid watermarking technique is utilised to embed the watermark in the RONI region. Overall, our work makes a significant contribution to the field of medical image security by presenting a novel and effective solution. The results are evaluated using both perceptual and imperceptibility testing using PSNR and SSIM parameters. Different attacks were introduced to the watermarked image, which shows the efficacy and robustness of the proposed algorithm.
  Keywords: support vector machine; SVM; discrete wavelet transform; DWT; singular value decomposition; SVD; watermark embedding; image watermarking.
  DOI: 10.1504/IJICS.2023.10057699
   
  
• An Image Encryption Using Hybrid Grey Wolf Optimization and Chaotic Map  
  by Ali Akram Abdul-Kareem, Waleed Ameen Mahmoud Al-Jawher 
  Abstract: Image encryption is a critical and attractive issue in digital image processing that has gained approval and interest of many researchers in the world. A proposed hybrid encryption method was implemented by using the combination of the Nahrain chaotic map with a well-known optimised algorithm namely the grey wolf optimisation (GWO). It was noted from analysing the results of the experiments conducted on the new hybrid algorithm, that it gave strong resistance against expected statistical invasion as well as brute force. Several statistical analyses were carried out and showed that the average entropy of the encrypted images is near to its ideal information entropy.
  Keywords: cryptography; optimisation algorithm; grey wolf optimisation; GWO; chaotic system; chaos; security applications; secure communication.
  DOI: 10.1504/IJICS.2023.10057701
   
  
• Efficient Multi-party Quantum Key Agreement Protocol Based on New Bell State Encoding Mode  
  by Zexi Li, Kefan Cheng, Yan Sun, Hongfeng Zhu 
  Abstract: Although there are many quantum key agreement protocols currently in existence, they cannot be merged in terms of resource utilisation, efficiency, security, and other aspects, and there are also significant differences in the nature of two and more parties. Therefore, it is necessary to design a quantum key agreement protocol that can balance efficiency and security and is suitable for multiple participants. In view of this, this paper proposes a multi-party quantum key agreement protocol based on a new coding mode of bell state: temporary session keys are negotiated between adjacent participants, and then shared keys for all participants are negotiated through the exchange, conversion, and computation of quantum resources. During the implementation of the protocol, not only can the identity of the participants be authenticated, but also the quantum resources used are single, and the quantum operations performed are simple. Moreover, efficiency is fixed and does not decrease due to the increase of participants or quantum resources. In addition, the protocol also allows participants to dynamically join and leave. In terms of security, the protocol can resist most common quantum attacks. Under the existing quantum technology, this protocol is completely feasible.
  Keywords: bell state encoding; multi-party; quantum key agreement; QKA; authentication.
  DOI: 10.1504/IJICS.2023.10057985
   
  
• Secure Digital Academic Certificate Verification System using Blockchain  
  by Sunil Patel, Saravanan Chandran, Purushottam Kumar 
  Abstract: At present, there is a need for an authentic and fast approach to certificate verification. Which verifies and authenticates the certificates to reduce the extent of duplicity and time. An academic certificate is significant for students, the government, universities, and employers. Academic credentials play a vital role in the career of students. A few people manipulate academic documents for their benefit. There are cases identified where people produced fake academic certificates for jobs or higher education admission. Various research works are developing a secure model to verify genuine academic credentials. This research article proposed a new security model which contains several security algorithms such as timestamps, hash function, digital signature, steganography, and blockchain. The proposed model issues secure digital academic certificates. It enhanced security measures and automated educational certificate verification using blockchain technology. The advantages of the proposed model are automated, cost-effective, secured, traceable, accurate, and time-saving.
  Keywords: digital academic certificate; DAC; hash function; blockchain technology; digital signature; steganography.
  DOI: 10.1504/IJICS.2023.10058109
   
  
• WTSEMal: A Malware Classification Scheme Based on Wavelet and SE-Resnet  
  by Dongwen Zhang, Shaohua Zhang, Guanghua Zhang, Naiwen Yu 
  Abstract: Aiming at the problem that traditional malware feature extraction data is huge and features are diverse, which requires lots of reverse engineering expertise and the detection effect is poor. In this study, we propose a visual malware classification scheme based on Wavelet and SE-Resnet network named WTSEMal. Firstly, convert the binary file of the malware sample into an image format. Then, after the image is pre-processed by normalisation, mean filtering and data augmentation, the image is decomposed and reorganised by wavelet transform (WT). Finally, the reconstructed image is input into SE-Resnet network for family classification. The experimental results show that the accuracy of the proposed WTSEMal classification scheme in malimg and Big15 is 99.22% and 97.49%, respectively, which are better than the existing machine learning malware classification methods. Compared with traditional classification methods, it has a good detection effect in detecting confusion or variant samples, and has strong generalisation ability.
  Keywords: malware detection; wavelet transform; WT; malware visualisation; deep learning.
  DOI: 10.1504/IJICS.2023.10058896
   
  
• Feature-driven intrusion detection method based on improved CNN and LSTM  
  by Jing Zhang, Yufei Zhao, Jiawei Zhang, Lin Guo, Xiaoqin Zhang 
  Abstract: To make up the lack of detection capabilities of traditional machine learning methods. A network intrusion detection method based on improved convolutional neural network (CNN) and improved long and short-term memory network (HMLSTM) is proposed. The proposed method is mainly divided into four steps, namely data pre-processing, feature extraction, model training and detecting. First, we use the normalisation technology to pre-process the data; and then we use the lion swarm optimisation (LSO) algorithm to optimise the hyperparameters of the CNN to form the optimal CNN (OCNN) structure, and combine HMLSTM model to extract the spatial and temporal features. Finally, we use the spatial-temporal feature vectors to train and detect the upper classifier of OCNN-HMLSTM. This paper selects three commonly used datasets to do lots of experiments. The results show that the proposed method significantly improves the accuracy of network intrusion detection, and other metrics.
  Keywords: feature-driven; intrusion detection; convolutional neural network; CNN; long-short-term memory; LSTM.
  DOI: 10.1504/IJICS.2023.10059327
   
  
• A Taxonomy of DDoS Attacks and its Impact on Docker Architecture  
  by Sushant Chamoli, Varsha Mittal 
  Abstract: Cloud infrastructure has become a favourite target for attackers as more and more organisations are switching to it owing to features like availability, scalability, and cost savings. Virtualisation has been the core of cloud computing and Docker containers are picking up ubiquity as a virtualisation tool, owing to their lighter weight and quicker start-up times. However, because the containers share the underlying host kernel, any container-level attack can have serious consequences for the host system. This study analyses and categorises the DDoS attack
  Keywords: distributed-denial-of-service; DDoS; distributed denial of service; Docker; cloud; security; taxonomy.
  DOI: 10.1504/IJICS.2024.10061783
   
  
• Machine Learning and Deep Learning Techniques for Detecting and Mitigating Cyber Threats in IoT-Enabled Smart Grids: A Comprehensive Review  
  by Aschalew Tirulo, Siddharth Chauhan, Kamlesh Dutta 
  Abstract: The confluence of the internet of things (IoT) with smart grids has ushered in a paradigm shift in energy management, promising unparalleled efficiency, economic robustness and unwavering reliability. However, this integrative evolution has concurrently amplified the grid’s susceptibility to cyber intrusions, casting shadows on its foundational security and structural integrity. Machine learning (ML) and deep learning (DL) emerge as beacons in this landscape, offering robust methodologies to navigate the intricate cybersecurity labyrinth of IoT-infused smart grids. While ML excels at sifting through voluminous data to identify and classify looming threats, DL delves deeper, crafting sophisticated models equipped to counteract avant-garde cyber offensives. Both of these techniques are united in their objective of leveraging intricate data patterns to provide real-time, actionable security intelligence. Yet, despite the revolutionary potential of ML and DL, the battle against the ceaselessly morphing cyber threat landscape is relentless. The pursuit of an impervious smart grid continues to be a collective odyssey. In this review, we embark on a scholarly exploration of ML and DL’s indispensable contributions to enhancing cybersecurity in IoT-centric smart grids. We meticulously dissect predominant cyber threats, critically assess extant security paradigms, and spotlight research frontiers yearning for deeper inquiry and innovation.
  Keywords: smart grid; cyber threats; cybersecurity; internet of things; IoT; deep learning; machine learning.
  DOI: 10.1504/IJICS.2024.10061784
   
  
• An Intelligent Approach to Classify and Detection of Image forgery attack (Scaling and Cropping) using Transfer Learning  
  by Ravi Sheth, Chandresh Parekha 
  Abstract: Image forgery detection techniques refer to the process of detecting manipulated or altered images, which can be used for various purposes, including malicious intent or misinformation. Image forgery detection is a crucial task in digital image forensics, where researchers have developed various techniques to detect image forgery. These techniques can be broadly categorised into: active, passive, machine learning-based and hybrid. Active approaches involve embedding digital watermarks or signatures into the image during the creation process, which can later be used to detect any tampering. On the other hand, passive approaches rely on analysing the statistical properties of the image to detect any inconsistencies or irregularities that may indicate forgery. In this paper for the detection of scaling and cropping attack a deep learning method has been proposed using ResNet. The proposed method (Res-Net-Adam-Adam) is able to achieve highest amount of accuracy of 99.14% (0.9914) while detecting fake and real images.
  Keywords: image forgery; scaling; cropping; deep learning; transform learning; ResNet.
  DOI: 10.1504/IJICS.2024.10062129
   
  
• A Novel Blockchain Consensus Protocol with Quantum Private Comparison for Internet of Vehicles  
  by Kefan Cheng, Lu Zhang, Yan Sun, Hongfeng Zhu 
  Abstract: Consensus protocols are a key feature in decentralised systems/networks which aiming to obtain and agree on a shared state among multiple unreliable nodes with diverse applications. Therefore, that integrated design with new technologies will become a difficult and hot research topic, especially in combining new fields such as quantum information and blockchain. Spontaneously, we propose a new consensus protocol in combination with quantum private comparison (QPC) in internet of vehicles (IoV) using practical Byzantine fault tolerance (PBFT) to achieve security and efficiency at higher levels. Through multi-node collaborative computing, different vehicles can quickly reach a consensus. More importantly, we have added quantum technology in the identity authentication and consensus phase, which can make our integrated network more robust and prevent malicious attacks. In other words, our protocol adopts QPC to make it impossible for any malicious node to maliciously disturb the order between nodes in the consensus phase, thus improving security. Finally, compared with the recent related literature, our consensus protocol has strong practicability and universality and can be well applied in the IoV environment.
  Keywords: quantum cryptography; quantum private comparison; internet of vehicles; IoV; blockchain.
  DOI: 10.1504/IJICS.2024.10062130
   
  
• Generating key-dependent involutory MDS matrices through permutations, direct exponentiation, and scalar multiplication  
  by Tran Thi Luong, Hoang Dinh Linh 
  Abstract: Block ciphers are a crucial type of cryptographic algorithm being used to ensure information security for many applications today. However, there are numerous potential active attacks on block ciphers, so the research and design of dynamic block ciphers to advance the security of block ciphers is a matter of concern today. Maximum distance separable (MDS) matrices are a crucial component of many block ciphers. Involutory MDS matrices are primarily selected because using an involutory matrix allows for both encryption and decryption operations to be performed using the identical circuitry, resulting in an equal implementation cost for both processes. In this article, we propose algorithms to generate 4 x 4 and 8 x 8 Hadamard involutory MDS matrices based on column and row permutations. Next, we propose an algorithm to create key-dependent involutory MDS matrices based on column and row permutation, scalar multiplication, and direct exponentiation. Then, we experimentally strengthen the dynamic AES block cipher based on the proposed algorithm, conduct security analysis, and evaluate the NIST statistical criteria for AES and the dynamic AES algorithm. The outcomes of our research could potentially enhance the robustness of the AES block cipher against numerous contemporary powerful attacks.
  Keywords: MDS matrix; Hadamard involutory MDS; AES; dynamic AES.
  DOI: 10.1504/IJICS.2024.10062529
   
  
• A Robust Intrusion Detection Techniques on Improved Features Selection Generalised Variable Precision Rough Set  
  by R. RAJESHWARI, M.P. Anuradha 
  Abstract: Network-based communication is becoming more and more susceptible as it is used extensively for outsiders and attacks in many areas. Intrusion detection is an essential process for a complete communication network security strategy. Intruders learn tactics of attacks every day, so they try to observe the significance of the intrusion detection system thoroughly, and they deny the services of IDS to the respective users. The three prominent roles that perform essential tasks in the network security of IDS are data collection, selection of optimal parameters, and classification made by decision-making engines. The recent research area highly relies on selecting an IDS optimal feature. Machine learning has explored various novel methods to improve performance and achieve a high accuracy rate. The proposed work implements a generalised rough set theory for optimal parameter selection, which leads to a formal way to enhance the accuracy. Support vector machines are used to classify network packet threats using machine learning. The suggested work uses the NSL-KDD dataset because it improves network communication security. Pre-processing data and feature selection on generic variable precision rough sets should be compared to best initial search and genetic search.
  Keywords: intrusion detection system; IDS; anomaly detection; generalised variable precision rough set; GVPRS; feature selection; machine learning; support vector machine; SVM; NSL-KDD dataset.
  DOI: 10.1504/IJICS.2024.10063042
   
  
• Image Forgery Detection on Multi-Resolution Splicing Attacks using DCT and DWT  
  by Bhavani Ranbida, Debabala Swain, Bijay Paikaray 
  Abstract: Digital images play a vital role in this age of digitisation. Digital images can be easily forged by image editing tools intentionally or unintentionally. After forgery, these images are difficult to detect with the naked eye directly which creates social and legal troubles in feature vectors. Hence more efficient techniques need to be evolved that can easily detect the alterations in the digital image. Various methods have been proposed to carry out forensic analysis, but not so accurate and more time-consuming. In this paper we have proposed an innovative image forgery detection technique on copy-move and splicing attacks and the image authentication using discrete cosine transform (DCT) and discrete wavelet transform (DWT). The proposed technique detects the forgery regions in the images more accurately. The DCT and DWT techniques are mainly used for reduction in the dimension of the cover image and further partitioning into fixed sized non-overlapping blocks. This method significantly improves the detection of spliced area, the execution time, and accuracy result. Moreover, this technique is robust towards images with rotation, scaling, multiple copy-move forgery attack, splicing, etc. It provides a reliable and efficient solution for detection and ensuring image authenticity.
  Keywords: digital image forensic; multi-resolution; counterfeit detection; discrete wavelet transform; DWT.
  DOI: 10.1504/IJICS.2024.10063043
   
  
• Unified Singular Protocol Flow for OAuth (USPFO) Ecosystem  
  by Jaimandeep Singh, Naveen Chaudhary 
  Abstract: OAuth 2.0 authorizes third-party clients to access a user's account on another app with limited permissions. The specification classifies clients by their ability to keep credentials confidential and grants different access types. This paper proposes USPFO, a new approach that combines different client and grant types into a unified protocol flow. USPFO can be used by both confidential and public clients to simplify the OAuth flow and reduce vulnerabilities. It also provides built-in protections against known OAuth 2.0 vulnerabilities such as client impersonation and token theft through integrity, authenticity, and audience binding. USPFO is compatible with existing RFCs, OAuth 2.0 extensions, and active internet drafts. By combining different client and grant types, USPFO streamlines the process and addresses the unique security and usability considerations for each type. This approach offers an alternative solution for OAuth providers looking to enhance their security and user experience.
  Keywords: OAuth 2.0 · USPFO · Unified Protocol Flow · Authorization Framework · Client Impersonation · Security; Vulnerabilities · Authentication · OAuth Extensions · Internet Standards.
  DOI: 10.1504/IJICS.2024.10063044
   
  
• Data Dissemination and Policy Enforcement in Multi-Level Secure Multi-Domain Environments  
  by Joon Son, Essia Hamouda, Garo Pannosian, Vjay Bhuse 
  Abstract: Several challenges exist in disseminating multi-level secure (MLS) data in multi-domain environments. First, the security domains participating in data dissemination generally use different MLS labels and lattice structures. Second, when MLS data objects are transferred across multiple domains, there is a need for an agreed security policy that must be properly applied, and correctly enforced for the data objects. Moreover, the data sender may not be able to predetermine the data recipients located beyond its trust boundary. To address these challenges, we propose a new framework that enables secure dissemination and access of the data as intended by the owner. Our novel framework leverages simple public key infrastructure and active bundle, and allows domains to securely disseminate data without the need to repackage it for each domain.
  Keywords: active bundle; simple public key infrastructure; SPKI; mandatory access control; MAC; trust delegation; authorisation certificate.
  DOI: 10.1504/IJICS.2024.10063045
   
  
• SEGC-PP: Structure Entropy based Graph Clustering Algorithm for Privacy Preservation in Social-Internet-of-Things (S-IoT)  
  by Rahul Gaikwad, Venkatesh R, Karthik M, Venugopal K. R, Satish B. Basapur 
  Abstract: The results of data analysis depend solely on the techniques that extract essential information from the underlying structure of SIoT with huge uncertainty of data embedded in it. Extracting structural essential information and preserving private sensitive information in SIoT is hindering the knowledge discovery process. The methods proposed in this research paper extracts original and essential structural information from a set of IoT objects and a set of social relations in SIoT. From extracted essential structural information, user sensitive and private information are encrypted using a homomorphic encryption algorithm to produce a graph structure in an encrypted state. The degree of information exchange between graph nodes and the node-optimal module partition method are used to divide the encrypted graph structure into several modules. Further, a k-dimensional essential information algorithm is used to cluster nodes in the module. Normalised essential information, residual uncertainty, and clustering similarity algorithms are used to evaluate the correctness and similarity in clustering results. The simulation experiment results demonstrate results of SIoT graph structure clustering in ciphertext state have better efficiency and scalability. In conclusion, theoretical and security analyses demonstrate that the proposed model produces correct clustering results.
  Keywords: original and essential structural information; degree of correlation; residual uncertainty; clusters; homomorphic encryption; partition tree.
  DOI: 10.1504/IJICS.2024.10063665
   
  
• Feature selection and Deep Learning approach for anomaly network intrusion detection  
  by Khadidja Bennaceur, Zakaria Sahraoui, Ahmed Nacer Mohamed 
  Abstract: The growth of Internet-scale systems and data as well as increased cyber attacks call for more robust security solution. A crucial element in this regard is Network Intrusion Detection System (NIDS), which analyzes network traffic to detect attacks. However, a key challenge for NIDS is real-time detection of all possible attacks. The present work proposes a new approach, Chi2-GRU-MLP, to build an efficient anomaly network intrusion detection. With this innovative approach, we harness the capabilities of two deep learning models, namely Gated Recurrent Unit and Multi-Layer Perceptron, to make a suitable supervised classifier. Additionally, the uniqueness of this proposal lies in its utilization of dependency feature selection that is used together with a proposed selection method for pre-processing the network traffic. This combination is designed to boost the efficiency and the acceleration of the proposed approach. The proposed approach is compared with other recent anomaly network intrusion detection works in terms of several metrics and using three different well-known datasets such as NSL-KDD, CICIDS-2017 andUNSW-NB15. Comparison shows that our proposed approach significantly outperforms earlier ANIDS.
  Keywords: Anomaly Network Intrusion Detection; Deep Learning; Dependency based feature selection; Chi-square; Gated Recurrent Unit; Multi-Layer Perceptron; Feature relevance degree.
  
  

Special Issue on: Security and Privacy for Emerging Technology

• The Relationship between Digital Information Security of the Supply Chain and Enterprise Development  
  by Zhezhou Li, Xiangrong Kong, Xiaozhen Jiang 
  Abstract: This study aims to enhance the core competitiveness of enterprises in the competitive environment and realise the rapid and sound development of enterprise security. The relationship between the digital transformation of the supply chain and the core competitiveness of enterprises is discussed from the perspective of constructing the information security (IS) of the internet of things (IoT). Firstly, the ciphertext-policy attribute-based encryption (CP-ABE) model of the information centre is established to study the technical problems of information encryption of IoT enterprises. Secondly, the correlation analysis method is used to determine the impact of supply chain transformation on the future development of enterprises through the correlation between the digital transformation of the supply chain and enterprise competitiveness. Finally, targeted solutions are proposed for the digital transformation of the supply chain and the IS of IoT of enterprises.
  Keywords: information security of the internet of things; supply chain digital transformation; algorithm response time; core competitiveness of enterprises; correlation analysis.
  DOI: 10.1504/IJICS.2023.10057702
   
  
• Encryption by block based on rekeying and inter-intra pixel permutation  
  by Rachid RIMANI, Adda Ali Pacha, Naima HADJ SAID 
  Abstract: The growing use of ICT exposes exchanges to certain risks, which require the existence of adequate security measures of information. The data encryption is often an effective way to meet these requirements of security and confidentiality. This paper present a novel cryptosystem by block depended on the secret key and subkeys and respect the fundamental principles of modern cryptography for encrypting images, since images have some intrinsic features such as large data capacity, strong correlation between adjacent pixels and high redundancy of information. The proposed cryptosystem is based on rekeying to apply permutation inter-intra pixel of each block according to the secret key and subkeys using a random, nonlinear, dynamic and secret scrambled technique there be called RNDSS. Experimental tests demonstrate the high security of the proposed cryptosystem with RNDSS technique and show the high sensitive dependence to any subtle change in the secret key, which guarantees the security against brute force attacks.
  Keywords: cryptosystem by block; permutation inter-intra pixel; rekeying; RNDSS technique; secret key.
  DOI: 10.1504/IJICS.2024.10061312
   
  
• Enterprise Intelligent Financial Sharing Mechanism in the Security Environment of the Internet of Things  
  by Yongling Zhang, Xuandong Zhang, Jinlong Song 
  Abstract: This study aims to enhance the functional development of enterprise intelligent financial sharing and ensure the security of financial information transmission within organisations. It begins by comprehensively understanding the current state of the internet of things (IoT) security environment and the establishment of enterprise intelligent financial sharing mechanisms. Subsequently, this study analyses and discusses the continuous identity authentication and security threat assessment control model in the context of IoT security under decentralised computing. Finally, the grey clustering trigonometric function evaluation model is employed to establish a functional evaluation mechanism for enterprise intelligent financial sharing, thereby improving the functionality of financial sharing. The findings indicate that IoT data exhibits the highest levels of security and reliability. By continuously controlling the attack rate below 0.2, the number of malicious nodes is significantly reduced, leading to a basic guarantee of IoT information security.
  Keywords: sharing of intelligent enterprise finance; internet of things security; continuous identity authentication; indicator integration; grey clustering.
  DOI: 10.1504/IJICS.2024.10061313
   
  
• Library Data Protection and Threat Detection System Based on Network Security  
  by Jianxin Xiong, Xianping Wang 
  Abstract: Traditional libraries may have security risks such as data breach, network attack and virus infection, which requires a library data protection and threat detection system based on network security to effectively manage and protect. Based on the premise of network security, this article focused on analysing library data protection and threat detection, constructing a library data protection and threat detection system using encryption algorithms, and testing its performance. According to the experimental results, it can be concluded that the average response time of unknown threats in the library data protection and threat detection system based on network security ranged from 0.4s to 0.8s under different test times. It can be seen that the system not only performs well, but also has very good user satisfaction. This article aimed to ensure the security of users’ use of library resources and services through effective threat detection and data protection measures.
  Keywords: library data protection; threat detection; network security; encryption algorithm; security vulnerability scanning; data breach.
  DOI: 10.1504/IJICS.2024.10061565
   
  
• Analysis of Competitive Differences in the Bilateral Platforms of the Digital Economy Using Artificial Intelligence and Network Data Security  
  by Jingfeng Jiang, Yongyi Wu 
  Abstract: This work aims to conduct a more precise and secure analysis of the competitive differences in bilateral platforms of the digital economy based on AI and network data security. The application of Artificial Intelligence (AI) technology on bilateral platforms can significantly enhance the level of intelligence and personalization in services. However, it also drives continuous advancements in data security technology. This work explores the characteristics and advantages of different platforms, providing decision support and strategic guidance to relevant institutions and businesses. Based on this, this work first establishes a distributed training scheme under fog computing to counter data poisoning and safeguard privacy. This scheme is utilized for data collection, storage, and processing while incorporating stringent measures for data privacy protection, such as data encryption, identity authentication, and access control.
  Keywords: artificial intelligence; network data security; digital economy; bilateral platforms; analysis of competitiveness differences.
  DOI: 10.1504/IJICS.2024.10061566
   
  
• The Optimization of Enterprise Internet of Things Security Management System under Digital Economy  
  by Jianhua Liu, Huijie Ma 
  Abstract: In the context of the digital economy, this study integrates the Internet of Things (IoT), blockchain, ant colony optimization (ACO), neural network, and other modern digital information technologies. An enterprise IoT Security Management System (SMS) is built to address the security risks of enterprise IoT information and data. The improved backpropagation (BP) algorithm optimizes data transactions and network security templates in enterprise IoT SMS. At the same time, this study also introduces the ACO to improve the performance of the BP neural network. Firstly, the methods of enterprise IoT security management under the growth of the digital economy and the technical path of digital technology for enterprise security management are explained. Secondly, a BP algorithm based on an ant colony algorithm and genetic algorithm optimization is established to improve the speed and security of data transactions and network security module processing information data in the enterprise IoT SMS.
  Keywords: Digital economy; Internet of Things; Blockchain; Enterprise security management; System optimization; Ant colony optimization.
  DOI: 10.1504/IJICS.2024.10061567