International Journal of Security and Networks (12 papers in press)
A Black Hole Attack Model using Topology Approximation for Reactive Ad-hoc Routing Protocols
by Christopher W. Badenhop, Barry E. Mullins
Configurable Workflow Platform based on SaaS Model
by Zhenhua Wei, Zhifeng Liu, Jie Mao, Lihua Li, Wei Xu
Abstract: With the continuous development and the in-depth integration of the internet and cloud computing technologies, SaaS (Software as a Service) model as a new type of commercial operation mode came into being. Taking the SaaS model and workflow combined as the breakthrough point, a scheme has been formed based on the Activiti web process designer and function configuration under the SaaS model. The scheme is designed mainly aiming at the platform function, process and logo configurations. The configuration scheme makes the tenants be able to customize the platform on-demand simply and quickly. The tenants can easily complete the process definition and modification with the web process designer, and greatly improve the work efficiency. The SaaS workflow platform is of the distinctive multi-tenant and configurable characteristics. Thus, the platform realized the multi-tenant on-demand service customization, and achieved the effect to build the information platform fast, conveniently and cheaply.
Keywords: SaaS Model; Workflow Platform; Configurable Technology.
NetFlowMatrix: A Visual Approach for Analyzing Large NetFlow Data
by Yingjie Chen, Baijian Yang, Weijie Wang
Abstract: NetFlowMatrix is a visual analytics system design that adopts small multiple charts to help analysts monitor NetFlow data of a computer network. This design provides an overview and drill-down interactions that allow analysts to see and analyze traffic data from a computer network of thousands of computers and millions of flow records. Various network activities generate NetFlow records with different characteristics. Visualizing and analyzing these NetFlows can provide insights for the administrators as they detect potential network attacks and recognize patterns when monitoring the network. Multiple small charts are adopted to group network flow information into a matrix of cells to display aggregate flows based on payload size and flow duration. The aggregate overview method is scalable that allows the design to support much larger computer networks. To visually boost the graphs in the cells with low quantity, we use different scales to plot the graph and different color shades to distinguish the scale. Utilizing this innovative overview design, professionals can easily identify patterns and instances, obvious or subtle, from a large number of network flows. Through simple interaction, network security professionals can drill down to detect abnormal network traffic and identify cyber-attack events.
Keywords: Network security situation awareness; Network Monitoring; Network Traffic Analysis; Visual Analytics; Intrusion Detection; Port Scan; DDOS; Server Redirection; Subtle Cyber Attacks.
Intrusion Detection Systems Using a Hybrid SVD Based Feature Extraction Method
by Jamal Ghasemi, Jamal Esmaily
Abstract: Intrusion Detection Systems (IDS) are able to diagnose network anomalies with the help of Machine Learning techniques. This paper presents a novel Singular Value Decomposition (SVD)-based method that creates a new feature, which is applied to an IDS. The main goal is to build an effective model on datasets which have the least possible number of features. Using the least possible number of features is inevitable in case of improving the efficiency and de-escalating the effect of Curse of Dimensionality in datasets with large number of features. The proposed method combines the SVD method with four classification algorithms; Decision Tree, Na
Keywords: Intrusion Detection Systems; Machine Learning; Classification; Singular Value Decomposition.
A Promising Security Protocol for Protecting Near Field Communication Devices from Networking Attacks
by Abu Asaduzzaman, Shanta Mazumder, Sergio Salinas
Abstract: Due to the popularity of the Near Field Communication (NFC) applications, NFC technology is being adopted by a wide variety of devices suitable for the internet of things (IoT). However, NFC is vulnerable to numerous networking attacks such as tag manipulation. In this work, a security protocol for the NFC chip is introduced to protect the NFC devices and associated data from several attacks. In addition, the NFC Data Exchange Format (NDEF) message is modified with a certificate record and the alert mechanism is improved to enhance security. The proposed secure protocol in the NFC system checks the authenticity of the incoming NDEF messages sender (by checking the signature record) and validity of the message/data (by checking the certificate), then if appropriate, stores the incoming NDEF messages in the devices memory for further processing. MATLAB simulation results suggest that the proposed protocol offers better security by detecting certificate modification, message modification, etc. It is also observed that the processing time remains almost the same for various record sizes and the processing time increases linearly as the certificate size increases. The proposed secure technique for NFC can be extended to enhance security in mobile IoT devices.
Keywords: Security-Aware Architecture; Near Field Communication; NFC architecture; Systems security; Secure protocol;.
Hierarchical Secret Sharing Scheme using Parts of Speech of English Grammar
by Sumanta Chatterjee, Sashidhar G. Koolagudi
Abstract: In this paper a model to share secret information in conjunctive and disjunctive hierarchical access structure using obfuscation is proposed. Indistinguishability Obfuscation is achieved with a context free grammar as a mimic function. Obfuscation is used to maintain confidentiality of the message in the presence of a dishonest distributor who is curious to know the secret. A new way to effectively reduce the size of the share is also achieved in this model. First, mimic function is used to convert the statistical profile of the message to a random distribution of words from a chosen paragraph. The frequency distribution of different parts of speech components of the obfuscated string is used to build a model for distribution of shares to $n$ people based on the responsibility of the person in a hierarchy. Sharing the information and reconstruction of the original message is also shown. It is also shown that the obfuscation is secure against chosen plain text attack.
Keywords: Parts of Speech; Hierarchical Threshold Sharing; Context Free Grammar; Indistinguishability Obfuscation; Mimic Function.
A Review of the Current State of Honeynet Architectures and Tools
by Danny Velasco, Glen Rodriguez
Abstract: Honeynets originated as a security tool designed to be tracked, attacked and compromised by hypothetical intruders. They consist of network environments and sets of applications, and after being installed and configured with all of these components, the Honeynet is ready to be attacked with the purpose of maintaining a controlled environment for the study of the events that occurred. Through the analysis of these events, it is possible to understand the objectives, tactics and interests that the attackers have for the proposed environment. This paper describes the state of the art of Honeynets, referring to architectures, Honeynet types, tools used in Honeynets, Honeynet models and applications in the real world that are focused on capturing information.
Keywords: Intrusion detection; Honeypot; Honeynets; Alert Correlation; Capture data; Network Security.
CRT based Multi-Secret Sharing Schemes: Revisited
by Appala Naidu Tentu, Venkaiah V Ch, Kamakshi Prasad V
Abstract: Secret sharing is a cryptographic primitive, which is used to distribute a secret among a set of participants in such a way that an authorized subset of participants can uniquely reconstruct the secret and an unauthorized subset can get no information about the secret. Several schemes are proposed in the literature. Some of these schemes are extended to share multiple secrets. Efficient techniques such as Lagrange interpolation, Chinese Reminder Theorem (CRT), Error correcting codes, etc. are used to construct these schemes.
This paper reviews some of these schemes that are based on CRT. It also proposes a new multi-stage multi-secret sharing scheme that uses the Mignottes sequence and a multi-level multi-secret sharing scheme that uses the Asmuths Bloom sequence. Advantage of the proposed schemes is that the secret space is larger than that of the existing schemes and multiple secrets can be shared. There is no leakage of information through public values. Proposed schemes are computationally perfect and the novelty of these schemes is that the participants can reuse their shares for each new set of secrets as long as is required without refreshing their shares. Moreover, the first scheme can verify the honesty of both the dealer and the participants. Correctness of the proposed schemes is discussed and show that the proposed schemes are computationally secure.
Keywords: Multi-Stage; Multi-Secret; Mignotte’s sequence; CRT; Secret sharing scheme;Cheating detection.
Evaluation of Anonymous Digital Signatures for Privacy-Enhancing Mobile Applications
by Lukas Malina, Petr Dzurenda, Jan Hajny
Abstract: Privacy-enhancing mobile applications that employ anonymous digital signature schemes can be beneficial for users who strongly concern about their privacy and security. This paper deals with anonymous digital signature schemes and their usability on smartphones. We implement seven anonymous digital signature schemes on smartphones in order to get the practical results. Further, we discuss the usability of these schemes in different scenarios such as data collection, access control and data notification. We believe that our analysis and performance assessment can help engineers and security experts to choose a proper anonymous digital signature scheme into their secure and privacy-friendly mobile applications.
Keywords: Anonymous Digital Signature; Cryptography; Group Signature; Performance Evaluation; Privacy.
An ID-based Authentication Scheme to Achieve the Security of Smart Card
by Ning Xu, Haiping Huang, Zhengtao Li, Yunqi Wang, Chao Sha
Abstract: With the rapid development of cloud computing and social network service, customers' lives have become more and more convenient due to the wide use of mobile payment and online transaction. When customers enjoy the benefits from these pervasive electronic applications, what we cannot ignore is that the adversaries may infringe privacy by cracking the authentication information between users and servers. As an effective countermeasure, smart-card-based ID authentication scheme is currently paid more attention, and many researchers have proposed considerable ID authentication methods based on smart card and they have claimed that their methods can withstand most known attacks, such as impersonation attack and smart card stolen attack. However, these proposed methods are found actually more or less vulnerable to some certain attacks. Therefore, we propose an authentication scheme based on smart card's mutual authentication mechanism, which can completely hide all the information concerned with the user's ID and defeat most known attacks launched by the adversaries. When the user uses the same identity and password to register different accounts in different websites, the attacker cannot obtain the user's password even if he knows the user's corresponding identity and cannot achieve a password guessing attack. Compared with several prevalent schemes, without sacrificing the computational efficiency, our solution can achieve higher security.
Keywords: smart card; ID-based authentication; password authentication; security; computational efficiency.
An Android Malware Static Detection Scheme Based on Cloud Security Structure
by Yu Bencheng, Song Peisen, Xu Xiaoyuan
Abstract: With the popularity of Android system mobile phones, the security threat brought by its own security mechanism flaws is increasingly severe. Therefore, it is necessary to design a highly efficient and accurate detection scheme for Android malwares. In this paper, an Android malware static detection scheme which is based on cloud security structure is designed. For one thing, the main detection works of the detection scheme are deployed on the cloud servers, which can make the detection work efficient and fast. For another, use highly efficient classifying algorithm to make static analysis on the source code of targeted APK (Android Package) file can determine whether the application (app) is safe or malicious more accurately. Finally, in order to estimate the detection efficiency and accuracy, 1143 malware app samples and 2937 normal applied app samples are collected.
Keywords: Android Malware; Cloud Security; Static Detection; Black-and-White List Mechanism; Decompile Technology; Accuracy of Sample Classification.
Privacy-Aware Transmission Scheme Based on Homomorphic Proxy Re-Encryption for NDN
by Xian Guo
Abstract: NDN (Named Data Networking) is data-centric network architecture. NDN has got great attentions due to its features such as data-centric, in-network caching etc. It is the most competitive Future Internet Architecture. Although some security mechanisms have been introduced in interest and data packets of NDN, security is still a significant problem. In this paper, we propose a Privacy-Aware Transmission Scheme for NDN (PATS_NDN) based on homomorphism and proxy re-encryption mechanism. To resolve name privacy in PATS_NDN, a content consumer can subscribe the interested content from the network by using a blinded alias of a content name, and a data source can publish the produced content to the network by using a blinded name. The alias of a content name can be gotten from a constructed quadratic function. To protect privacy information, we use the blinding algorithm on a content name and alias. In addition, two mechanisms such as homomorphic encryption and proxy re-encryption are used to achieve secure content transmission between a content consumer and a content producer. It has been proven that only a legitimate user can publish and access content on the network. Finally, we analyze security attributes of our scheme and make a simply comparison with other related schemes.
Keywords: Content-Centric Networking; Named Data Networking; Homomorphic Encryption; Proxy Re-Encryption; Privacy Protection.