International Journal of Security and Networks (9 papers in press)
XOR-based Unexpanded Meaningful Visual Secret Sharing Scheme
by Suresh Prasad Kannojia, Jasvant Kumar
Abstract: Visual cryptography is a technique to conceal the secret information into n shares, distributed to n participants. When any k ≤ n, 2 ≤ k ≤ n, shares are printed on transparencies and stacked together, information about secret image can be revealed
directly by the human visual system with poor visual quality. It is an issue for the
researchers, to improve the quality of shares and reconstructed image. This paper proposes n-out-of- n, n = 2
Keywords: Visually Pleasing shares;Meaningful Shares;Unexpanded Shares; XOR-operation; Secret Sharing; Visual Cryptography; Visual secret sharing Schemes; Pixel Expansion.
Group-IKEv2 for Multicast IPsec in the Internet of Things
by Kiki Rizki, Argyro Lamproudi, Marco Tiloca, Shahid Raza
Abstract: This paper presents Group-IKEv2, a group key management protocol supporting secure group communication based on multicast IPsec. Group-IKEv2 is an adaptation of the IKEv2 protocol for the IPsec suite, and is especially designed to address Internet of Things (IoT) scenarios composed of resource-constrained devices. Compared to static approaches, Group-IKEv2 enables dynamic and flexible establishment of IPsec Group Security Associations as well as group key material. Also, it enables the management and renewal of group key material on a periodical fashion and upon group membership changes. We have implemented Group-IKEv2 for the Contiki OS and tested it on the OpenMote resource-constrained platform. Our experimental performance evaluation confirms that Group-IKEv2 is affordable and deployable also on constrained IoT platforms.
Keywords: Security; Group IKEv2; Multicast IPsec; Group communication; Secure communication; Key management; Internet of Things.
A DV-Hop Positioning algorithm Based on the Glowworm Swarm Optimization of Mixed Chaotic Strategy
by Ling Song, Liqin Zhao, Jin Ye
Abstract: DV-Hop, as a typical location algorithm without ranging, is widely used in node localization of wireless sensor networks. However, in the third phase of DV-Hop, a least square method is used to solve the nonlinear equations. Using this method to locate the unknown nodes will produce large coordinates errors, poor stability of positioning accuracy, low location coverage and high energy consumption. An improved localization algorithm based on hybrid chaotic strategy (MGDV-Hop) is proposed in this paper. Firstly, a glowworm swarm optimization of hybrid chaotic strategy based on chaotic mutation and chaotic inertial weight updating (MC-GSO) is proposed. Then, MC-GSO is used to replace the least square method in estimating node coordinates. By establishing the error fitness function, the linear solution of coordinates is transformed into a two-dimensional combinatorial optimization problem. Simulation results show that the average location error is reduced, while the location coverage is increased and the energy consumption is decreased.
Keywords: node positioning; DV-Hop algorithm; glowworm swarm optimization algorithm.
A formation generation algorithm of multiple agents in naval battlefield environments
by Yani CUI, Jia REN, Delong FU, Chao DONG
Abstract: This study aims to present a model of the formation generation for multiple agents using a modified binary particle swarm optimization (MBPSO). The major objective of this study is to maximize the formation combat capability and reduce the formation generation cost. We treat the ratio of the aforementioned two values as a measure of formation combat effectiveness. Additionally, chaos theory is adopted in the initialization of MBPSO to acquire diversified particle population. Moreover, particle diversity is utilized to dynamically adjust the particle position updating process to guarantee the global convergence. A case study for multi-agent formation generation model in a naval battlefield is conducted. It is shown that the proposed algorithm can accomplish multi-agent formation generation under multiple constraints. Compared with the existing related algorithms, the proposed algorithm has improved search performance and better convergence characteristics.
Keywords: multiple agents; formation generation; particle swarm optimization; chaos theory; particle diversity.
A Novel Architecture for An Integrated Enterprise Network Security System
by Thanudas Bhoothanathapillai, Sreelal Sreedharan Pillai, Cyril Raj Vellankanni, Anugolu Purnesh Sairam, Vinay Gajmoti, Palash Joshi
Abstract: Securing an enterprise network has become a challenging task as the cyber malware attacks are improving in sophistication. Traditional centralized gateway solutions such as firewall and intrusion detection systems fail to detect highly sophisticated cyber malwares and are no longer helpful for complete protection of large sized enterprise networks. In this paper, we propose a novel architecture, integrated enterprise network security system~(IENSS), that consists of distributed security agents and a central controller. Each network segment is covered by one or more agents which operate based on instructions from the controller. The agents gather network traffic as well as other information and process the inputs before sending them to the controller. The controller receives the information collected by agents and processes the data in order to detect various malwares, attacks, or back doors to the enterprise network. Controller utilizes machine learning, data mining, and traffic analysis to accomplish various detection approaches. We have presented the IENSS architecture and five detection techniques those are implemented over it. New solutions can be incorporated in our architecture.
Keywords: IENSS; distributed architecture; agent design; controller design; botnet detection techniques.
A dynamic evolution model of balanced energy consumption scale-free fault-tolerant topology based on fitness function for wireless sensor networks
by Chao Wang
Abstract: The network life can be prolonged to some extent by the scale-free topology which has strong fault-tolerance for the random failure of nodes. However, the unevenness of the scale-free topological structure can result in the imbalance of consumption of network. In order to resolve the problem, a dynamic evolution model of consumption of balanced energy with scale-free fault-tolerant topology based on fitness function for wireless sensor networks is proposed. First, the effect of nodal energy and the distance between the nodes on the network life is analyzed as per the energy consumption model. Thereafter, the ratio between the residual energy of the node and the distance between nodes is used as the fitness function along with the dynamic behavior of link and variations in network topology Thus, a fault-tolerant topology model with scale-free properties is obtained. The simulation results indicate that the proposed model can not only balance the energy consumption of the nodes and the network by prolonging the life of network, but can enhance the fault tolerance and the invasion ability of the network by comparing with Barab
Keywords: wireless sensor networks; balanced energy consumption; scale-free topology; fault-tolerance; fitness function; dynamic evolution.
An improved multi-objective genetic algorithm and data fusion in structural damage identification
by Along Yu, Jiajia Ji, Shiyu Sun
Abstract: With the aging of civil engineering structures, it is urgent to detect the damage status of structures for timely maintenance. Genetic algorithm has been gradually applied to structural damage identification owing to its powerful global search capability and better adaptability. In this paper, we present a novel multi-objective genetic algorithm based on fuzzy optimization theory to identify damage for large-scale structures. Furthermore, fuzzy logic data fusion is implemented to process a large amount of data collected by displacement sensors, acceleration sensors and stress sensors in order to improve the accuracy of identification results. The experimental results show that the improved multi-objective genetic algorithm has faster convergence speed and higher computational efficiency than traditional genetic algorithm. Besides, the data fusion method can process the displacement parameter and the frequency mode parameter synchronously, which shows more reliable recognition results than single-class parameter identification.
Keywords: large-scale structures; genetic algorithm; damage identification; fuzzy optimization; data fusion.
A secure communication model using lightweight Diffie-Hellman method in vehicular ad hoc networks
by Tayeb Diab, Marc Gillg, Pascal LORENZ
Abstract: Nowadays, vehicular ad hoc networks (VANETs) have become more interesting research area. High number of safety, traffic management and even comfort applications have been developed to secure driving and make travellers satisfied. This evolution opens up a vast area of research in several fields. Specifically in the security domain, huge researches are proposed to give new approaches and mechanisms of security. VANETs as wireless and mobile networks require the implementation of secure and lightweight algorithms dealing with its critical characteristics to face different attacks. In this paper, we propose a novel approach of security to face some known attacks. We design a model of communication that combines digital signature, message authentication mechanisms, to securely generate the secret key, and thereby, achieve integrity, confidentiality, session key security and non-repudiation. In the end, we prove the security of our model by analysing different cases of attacks.
Keywords: VANETs; security; communication model; authenticity; Diffie-Hellman; session key; signature; encryption; network databases.
Dynamic Key Password Authentication
by Mikhail Styugin
Abstract: Passwords still remain the most popular method of user authentication. Passwords appear to be the easiest way of registration and logging into remote services such as web sites. However, passwords also appear to be the most insecure authentication method. One of the most popular attack techniques aimed at compromising passwords is to leak their hashes directly from their storage location to be cracked off-line. rnThe paper presents an authentication method with passwords, which complicates carrying out the attacks that succeed in extracting information sufficient for password cracking. The authentication method is called Dynamic Key Password Authentication (DKAuth).The method is based on a password ''blurring'' using a number of network hosts. The ''blurring'' is performed by encryption of password hash with a key that is not stored anywhere. The key is divided into parts and distributed among a number of different hosts. The key is modified for every password and changes due to change of the number of hosts in the system. Storage and authentication of a dynamic key is arranged so that it can never be recovered completely, that is even assuming cracking or rearrangement of each and every host where DKAuth key data is stored, an adversary will not be able to recover hashes and will have to crack them by brute-force attack. Practical implementation of DKAuth as an authentication service for external web sites demonstrated low time and computational requirements for user registration and authentication.
Keywords: Authentication; Hash Functions; Passwords; Password Storage; Secret Sharing.