International Journal of Information Privacy, Security and Integrity (4 papers in press)
A Novel Integrated Approach Using Euclids and Fuzzy Logic for Secure Communication
by Sailaja Rayi, Rupa CH, Chakravarthy A S N
Abstract: Today there is a terrific rise in internet security attacks. Even though many encryption algorithms are developed to fight against the attacks, most of them are key centric algorithms. The security of algorithm is very much dependent on security of the key. A new cryptographic algorithm has been proposed based on internal key table, Euclids theorem and fuzzy logic. The proposed algorithm doesnt involve key exchange or sharing. It takes the help of internal key table whose indexes will be converted in to numeric form using Euclids and fuzzy logic to get the cipher text. The secrecy of the communication will be compromised if key is compromised. So there is a desperate need for key less algorithms to thwart against man-in-the-middle and spoofing attacks. The proposed approach will provide a solution for key exchange attacks. The performance of proposed work is evaluated by comparing with existing approaches and it shows better results.
Keywords: Fuzzy logic; Euclid’s algorithm; Key table.
Privacy Preserving Association Rule Mining based on Homomorphic Computations
by Baby Vadlana, Subhash Chandra N
Abstract: The collection and analysis of data are continuously growing due to the pervasiveness of computing devices. The analysis of such information is fostering businesses and contributing beneficially to the society in many different fields. However, this storage and flow of possibly sensitive data poses serious privacy concerns. Methods that allow the knowledge extraction from data, while preserving privacy, are known as privacy-preserving data mining (PPDM) techniques. Many
of the researchers have recently made an effort to preserve privacy of
sensitive knowledge or information in a real database. Association rule mining and frequent itemset mining are two popular and widely studied data analysis techniques for a range of applications.To ensure data privacy, in this paper, we design an efficient homomorphic encryption based scheme for privacy preserving data mining. Later, we gave correctness proof, security analysis and experimental results for the proposed system. We also presented the comparison of our proposed method with other significant state of the art methods. The main issues with some of the known privacy preserving methods are - high computational complexity and large communication cost required for their execution. In this work, we achieved perfect secrecy and resist various attacks to some extent in association rule mining process.
Keywords: Security; Association rule mining; Homomorphic encryption,
Distributed computation; Transactional itemsets.
An Early Detection Tool in Eclipse to Support Secure Coding Practices
by Benjamin White, Jun Dai, Cui Zhang
Abstract: Developing secure software in a world where companies like Anthem Blue Cross, Twitter, Facebook, and Target have had massive amounts of data stolen by hackers is as challenging as it is important. Insecure coding practices are major contributors to software security vulnerabilities. Even though several static analysis tools are available that can search for and identify security holes in software applications, this process usually runs too late and any remediation will be more costly after large portions of the software have been built. The early detection tools that do exist are closed source and utilize proprietary software vulnerability rule sets. What is missing is an open-source secure coding enforcement tool utilizing well-documented rules that software developers can use to predict potential pitfalls, learn from their mistakes and aid in the construction of secure programs as they build them. To address the need, we have designed a new tool called Secure Coding Assistant for the Eclipse Development Environment that semi-automates several secure coding rules set forth by the CERT division at Carnegie Mellon University. The tool detects violations of the CERT rules for the Java programming language but it is easily extensible to other languages supported by Eclipse. It is an open-source tool with an emphasis on educating software developers in secure coding practices. The tool and a tool demo is disseminated via github at http://benw408701.github.io/SecureCodingAssistant/.
Keywords: Secure Coding; Development Tool; Java; Eclipse; Static Analysis; Education.
THE PRIVACY PARADOX IN USING FACEBOOK AMONG ARAB TEENS: BETWEEN DECLARATIONS AND BEHAVIOR
by Moanes H. Tibi, Asmaa N. Ganayem, Khaled Asad
Abstract: The present study examines the issue of privacy and awareness of it among Arab teens using the social network, Facebook. It examines, on the one hand, how Arab teens view the issue of privacy on Facebook, and on the other hand, how participants actually behave when they face issues of privacy. The study is based on a questionnaire, intended to map out teens views, opinions, and behavior on the topic of privacy. The participants in this study were 500 Israeli Arab students from high schools and middle schools, from the Northern to the Southern regions of the country.
The studys results show that teens disclose different types of information in varying degrees; certain private information, such as name, date of birth, name of ones school, and email are more readily disclosed than information regarding ones family, such as family pictures or home address. Most participants reported that they are aware of the issue of privacy yet do not make changes to the sites default privacy settings. This demonstrates a gap between the declared inclination in favor of protecting ones privacy, and the actual behavior in this area. This behavior undoubtedly supports the existence of some degree of the privacy paradox among participants, which is likely to be expressed in various online interactions.
This study is likely to contribute to an understanding of Arab teens patterns of behavior on the internet, and the degree to which they disclose their personal information. The results of the study can help educators and parents gain a better understanding of teens behavior in the digital arena, perhaps contributing to the creation of better and more suitable educational approaches.
Keywords: Social media; social network sites; Facebook; privacy; privacy paradox; teenagers.