Forthcoming articles

International Journal of Electronic Security and Digital Forensics

International Journal of Electronic Security and Digital Forensics (IJESDF)

These articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Register for our alerting service, which notifies you by email when new issues are published online.

Open AccessArticles marked with this Open Access icon are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.
We also offer which provide timely updates of tables of contents, newly published articles and calls for papers.

International Journal of Electronic Security and Digital Forensics (26 papers in press)

Regular Issues

  • Biometric Data Security using Joint Encryption and Watermarking   Order a copy of this article
    by Garima Mehta, Malay Kishore Dutta, Pyung Soo Kim 
    Abstract: Confidentiality and content ownership are considered to be an important aspect of security applications and therefore a joint watermarking and encryption scheme is developed. This work addresses the issue of authenticity and integrity of watermark or ownership identification by embedding biometric iris template as a watermark in a fingerprint host image. The proposed approach is a two-step approach which includes encryption and watermarking. During the encryption, iris features are encrypted using combination of FRWT with Arnold cat map while watermark embedding is done by using dual DWT-SVD scheme to improve robustness and protection of biometric security systems. Experimental results demonstrate that the proposed joint encryption and watermarking introduces efficiency, security and robustness against image processing attacks.
    Keywords: Biometric; Encryption; Watermarking; Fractional Wavelet Transform; Arnold Cat Map; Discrete Wavelet Transform; Singular Value Decomposition.

  • The Pseudo Metadata Concept For The Chain of Custody of Digital Evidence   Order a copy of this article
    by Yudi Prayudi, Ahmad Ashari, Tri Kuntoro Priyambodo 
    Abstract: The chain of custody is an important part of the investigation process which will guarantee the evidence is acceptable in the court. The handling of the chain of custody for digital evidence is a complex issue and more difficult than physical evidence. The main problem in the chain of custody of digital evidence is related to how to record and what should be documented the information of evidence in an investigative process. This paper proposed a solution through the concept of Chain of Custody Pseudo Metadata (C2PM). This concept will provide a mechanism for recording and documentation of digital evidence as well as mapping information that must exist for a chain of custody of digital evidence. The recording mechanism is performed after the acquisition and disk imaging of electronic evidence while mapping the information is done into two parts, static and dynamic information. There are 42 information fields divided into nine groups of information that has been built following the basic criteria of information needs chain of custody from various points of view. The grouping of this information will complement the information necessary for the management of digital evidence as well as ISO 27037: 2008. To support the interoperability of this system, the XML approach is used as the implementation of Chain of Custody Pseudo Metadata. This concept is expected to be an alternative solution for digital evidence handling and to provide solutions for information standards for a chain of custody of digital evidence.
    Keywords: Chain of Custody; Digital Evidence; Metadata; Digital Forensics; XML. Acquisition; Disk Imaging.

  • Superpixel-based Zernike Moments for Palm-print Recognition   Order a copy of this article
    by BILAL ATTALLAH, Serir Amina, Chahir Youssef, Abdelwahhab Boudjelal 
    Abstract: In the contemporary period, significant attention has been focused on the prospects of innovative personal recognition methods based on palm print biometrics. However, diminished local consistency and interference from noise are only some of the obstacles that hinder the most common methods of palm-print imaging such as the grey texture and other low-level of the palm. Nevertheless, the development of the process and tackling of the obstacles faced have a potential solution in the form of high-level characteristic imaging for palm-print identification. In this study, Zernike Moments are used for acquiring superpixel features that are spiral scanned images, which is an innovative recognition method. By using the extreme learning machine, the inter- and intra-similarities of the palm-print feature maps are determined. Our experiments yield good results with an accuracy rate of 97.52 and an equal error rate of 1.47 % on the palm-print PolyU database.
    Keywords: palm-print recognition;image segmentation;feature extraction;ELM;image matching.

  • Security Methods and Approaches for Internal and External Network Hospital Information Systems with Single Sign-On (SSO)   Order a copy of this article
    by Kostas Kardaras, George Lambrou, Dimitrios Koutsouris 
    Abstract: Hospital Information Systems are vast and very complex, and include a variety of services. They have become a necessity nowadays, both due to the value added services they provide and to their penetration in the Healthcare Market. Yet, there is a variety of security issues that need to be met and overcome in order to build robust Hospital Information Systems. This paper suggests several security measures in order to enhance security of the sensitive medical data both in an intranet and an extranet environment, and to provide value-added services for efficient health information management. The authors propose an architecture that enables the integration of such security measures in a HIS, especially with the use of SSO, which can cover a wide range of applications.
    Keywords: Hospital Intranet; Hospital Extranet; Single Sign On (SSO); Information Systems.

  • Using machine learning and the first digit law to detect forgeries in digital images   Order a copy of this article
    by Hieu Cuong Nguyen, Duc Thang Vo 
    Abstract: Digital image tampering is becoming popular and it might cause serious problems on different areas. Therefore, detection forgeries in digital images are urgent need. There are various forgery types, which can be exposed by different forensic techniques. In this paper, we propose a new detection scheme using the first-digit law (also known as Benfords law) in order to identify several types of image forgeries. We extract specific features, which are fed to a machine learning based classifier in order to distinguish original images and manipulated images. Through experiments, we found that the proposed scheme work well for detecting double JPEG compression and Gaussian noise addition. Copy-move is among the most popular types of image forgeries, where a part of an image is copied and pasted to another position of the same image. However, we show that, this manipulation does not affect the law. Experiments on a large-scale image dataset show that the proposed scheme is reliable and it can achieve detection rate up to 90% or higher.
    Keywords: Image forensics; Benford’s law; SVM; double JPEG compression.

  • Cost-effective Provable Secure Cloud Storage Self-auditing Scheme for Big Data in WMSNs   Order a copy of this article
    by Xiaojun Zhang, Jie Zhao, Liming Mu 
    Abstract: Medical big data have recently received considerable attention in the modern medical systems, since they give great opportunities to mine new medical knowledge. In the wireless medical sensor networks (WMSNs), medical big data can be generated and processed everywhere at any time. With the rapid development of cloud computing, cloud-based WMSNs can provide more efficient processing of patients physiology parameters and support richer storage services. Meanwhile, the integrity of medical big data becomes significant, since medical big data will be employed to provide the medical diagnosis and other medical treatments. In this paper, we propose a cost-effective self-auditing scheme for cloud storage medical big data without pairings. In the proposed scheme, a patient can personally check the medical big data integrity effectively, without retrieving the entire medical big data, and thus dramatically reduces the communication overhead. Moreover, we extend the proposed scheme to a batch self-auditing scheme, such that a patient can efficiently perform self-auditing for multiple different medical big data files simultaneously. The performance comparison shows that the proposed scheme is much more light-weight, and more practical in WMSNs.
    Keywords: Medical big data; wireless medical sensor networks; cloud computing; self-auditing.

  • Data hiding using adaptive LSB and PVD technique resisting PDH and RS analysis   Order a copy of this article
    by Aditya Kumar Sahu, Gandharba Swain 
    Abstract: This paper proposes an improved data hiding technique using the principle of least significant bit (LSB) substitution and pixel value differencing (PVD). It addresses two issues, (i) the error block problem (EBP), and (ii) the fall of boundary problem (FOBP). The image is divided into non-overlapping blocks of two consecutive pixels. The blocks are divided into 3 levels depending upon the pixel value difference. The level of the block and the pixel difference range decides the hiding capacity of a block. The proposed technique has been compared with related existing techniques in terms of parameters like peak signal to noise ratio (PSNR), quality index (Q), hiding capacity, bits per pixel (BPP), and the count of the blocks suffering from FOBP. The experimental results prove that the proposed technique offers better PSNR and hiding capacity as compared to the related existing techniques. Furthermore, the proposed technique is resistant to pixel difference histogram (PDH) analysis and RS analysis.
    Keywords: Steganography; LSB Steganography; PVD steganography; PDH analysis; RS analysis.

  • A 3-Layer RDH Method in Encrypted Domain for Medical Information Security   Order a copy of this article
    by Debabala Swain, Jayanta Mondal 
    Abstract: Digitization of sensitive images demands a lossless security mechanism and a sophisticated privacy preservation technique. Sensitive imagery e.g. medical, forensic, military images etc., needs special care during transmission as a little distortion can lead to catastrophic diagnosis mistake. With immense advancements, popularity, and success of service-oriented architecture (SOA), providing safe and secure online medical facility is one hard challenge for both research community and the industry. This paper proposes a 3-layer embedding mechanism enabled reversible data hiding (RDH) scheme with additional electronic patient record (EPR) hiding technique for encrypted medical images. LSB modification and LSB substitution technique are used for the embedding and EPR hiding. The experiments carried out on the medical test images on three levels of embedding and the experimental results show great potential in terms of security, embedding capacity, and recovered image quality.
    Keywords: Reversible Data Hiding; Least Significant Bit; Electronic Patient Record;Encryption; Data Embedding.

  • Application of Quality in Use Model to Assess The User Experience of Open Source Digital Forensics Tools   Order a copy of this article
    by Manar Abu Talib, Reem Alnanih, Adel Khelifi 
    Abstract: Open source digital forensics tools are playing an important role for law enforcement agencies, security company operations, forensics investigations and enterprise security teams. There is a strong need to assess these software tools using quality in use models to ensure that they meet users needs and are adaptable to the context in which they are being used. The existing literature does not satisfy the requirements of assessing the quality-in-use of these software tools. In this paper, we adopt a standardized set of existing quality models and apply the quality-in-use measurement model in terms of five important characteristics, namely, effectiveness, productivity, efficiency, error safety, and cognitive load. We assess three of the most used open source digital forensics tools, namely Autopsy, DFF, and DART. The results of experiments have demonstrated that the performance of Autopsy, DFF, and DART is similar in terms of efficiency and productivity. However, DDF outperformed the other two slightly in effectiveness. Autopsy was the best in terms of error safety, and DART had the highest cognitive load. As a result, the open source digital forensics tools community may consider these findings in selecting the right solution in order to perform its duties properly. The idea for this research paper is to initiate research activities that can ultimately lead to a clear and more simply applied set of quality requirements for the aforementioned tools. So, future research will involve conducting a more comprehensive study that will encompass additional aspects of software quality. In addition, a comparative study of open and closed source digital forensics programs using standardized software quality requirements should be considered. This will enhance testing efforts and increase the quality of this type of software.
    Keywords: Quality Models; Open Source Software (OSS); digital forensics tools; Autopsy; DFF; DART; Quality-in-use Model; ISO/IEC 25010; Designing user interfaces.

  • Authenticate Audio Video-Crypto Invisible Watermarking Approach for Enhancing Hidden Information Security and Robustness   Order a copy of this article
    by Mahesh Gangarde 
    Abstract: Now a days for any type of watermarking techniques imperceptibility, robustness, embedding capacity, security of hidden watermark secret data and recovery of good visual quality of both covers as well as watermark secret data are the major issues. There is always a tradeoff between embedding capacity, robustness and imperceptibility, hence the suggested approach gives the perfect solution to all these major issues. To solve these issues the selected frame of video and the secret data as image and audio is divided into the number of parts and every part is mapped using APLM (Adaptive Pixel Location Mapping) algorithm to get watermarked video, hence the embedding capacity and security of hidden watermark secret data is increased. To increase the robustness and imperceptibility of the proposed system a number of attacks have applied on watermarked video during transmission. The proposed system also calculates the key security parameters like Peak Signal to Noise Ratio (PSNR), Mean Square Error (MSE), Histogram, Structural Similarity Index Module (SSIM), Cross Correlation Factor (CCF) and Bit Error Rate (BER) before watermarking, after watermarking and after recovering the secret data from watermarked video which are found to be identical, hence the proposed system is more resistive to any type of attack. Furthermore, the obtained simulation result shows that the suggested audio, video-crypto invisible watermarking approach is found to be better in terms of perceptibility, robustness, privacy, security and large embedding capacity and recovery of cover video and secret watermark data as compared to any existing techniques.
    Keywords: Audio Video Watermarking; APLM; Perceptibility; Robustness; Watermark Information Security.

  • A Novel Approach to Secret Data Concealment with High Cover Text Capacity and Security   Order a copy of this article
    by Muhammad Azeem, Jingsha He, Allah Ditta, Faheem Akhtar, Sher Muhammad Daudpota 
    Abstract: The security of confidential information has been employed by using Cryptography and Steganography. To secure secret data has become more challenging for security researchers and defence departments due to the rapid growth of internet and massive technological advancement. Although steganography techniques was also evolved but still require large amount of cover text to conceal large size of message. Therefore, to deal the issue of data hiding capacity and stego text size present research articulates a novel approach to achieve high data concealment capacity of cover text along with security by using combination of steganography and cryptography. Current algorithm applies four-layer encryption on secret binary value before embedding and seven Unicode characters such as Invisible Plus (IP), Invisible Separator (IS), Inhabit Symmetric Swapping (ISS), Left to Right Override (LRO), (ZWNJ), Zero Width Joiner (ZWJ), Zero Width Non-Joiner and Zero Width Character (ZWC), are employed to embed secret information into English carrier text. Finally, an output file stego text object is generated. The result reflects tremendous raise in carrier text capacity up to 300% and encryption significantly enhances the security of secret data. Moreover, the identical carrier and stego text reduces hacker‟s attention. The projected technique is simple but hard to break and avoids overhead of secret key involvement.
    Keywords: Unicode; Bit Rotation; Carrier Media; Cryptography; Text Steganography.
    DOI: 10.1504/IJESDF.2020.10020454
     
  • Augmenting Smart Home Network Security Using Blockchain technology   Order a copy of this article
    by Utkarsh Saxena, J.S. Sodhi, Rajneesh Tanwar 
    Abstract: The idea of smart home existed from 1970s onwards but has come into knowledge of researchers and data scientist due to the development in the domain of Internet of things (IoT)[1], but it still suffers from privacy and security vulnerabilities . Conventional security policies or approaches are not applicable for IoT, mainly due to its decentralized topology and the resource constraints of the majority of its devices [2]. This Paper presents an innovative, novel and decentralized approach that can be used to augment the existing security architecture of a smart home network. Our scheme guarantees both trustworthiness and user privacy preservations.
    Keywords: Proof of Data; Blockchain; Smart Home; Internet of Things; peer to peer.

  • FORENSIC OF An UNROOTED MOBILE DEVICE   Order a copy of this article
    by Animesh Kumar Agrawal 
    Abstract: With the people switching over to mobiles for all their computing needs, these ubiquitous devices have become huge data warehouses. In order to extract the required data, the inbuilt critical security mechanism of the device needs to be bypassed. With increased device security being implemented in latest android versions, gaining root access is a huge challenge. The research addresses the issue of getting data from smart phone without performing the rooting operation and without enabling USB debugging, which is one of the key challenges for mobile forensics. This paper proposes a mechanism to extract data by flashing TWRP (Team Win Recovery Project) on the device after unlocking the boot loader.
    Keywords: mobile forensics; android; custom recovery; twrp; root; fastboot.rnrn.

  • Efficient light-weight private auditing scheme for cloud-based wireless body area networks   Order a copy of this article
    by Xiaojun Zhang 
    Abstract: With the rapid development of cloud computing, cloud-based wireless body area networks (WBANs) provide powerful storage services, and process massive medical data efficiently. As the medical data are exploited to perform the clinical diagnosis and other special medical treatments, the integrity of the medical data stored in the cloud server is increasingly important. In this paper, based on the elliptic curve digital signature algorithm (ECDSA), we propose an efficient light-weight cloud storage private auditing scheme for medical data in WBANs. Our scheme enables a data owner to check the medical data integrity effectively personally, and does not need to retrieve the entire medical data set, thereby dramatically reducing the communication overhead. Moreover, we further extend our private auditing scheme to private batch auditing. Thus, the data owner can perform auditing task for multiple different medical data files simultaneously. The performance comparison demonstrates that our scheme is much more light-weight, and more practical in cloud-based wireless body area networks.
    Keywords: Cloud storage; Wireless body area networks; Elliptic curve digital signature; Light-weight; Private auditing.

  • Monitor and Detect Suspicious Transactions with Database Forensics and Dempster-Shafer Theory of Evidence   Order a copy of this article
    by Harmeet Khanuja 
    Abstract: The digital investigators have now approached databases for investigating the cyber crimes. The illegal financial transactions on the web which goes undetected can now be revealed through database forensics. In response to this, we have proposed a methodology to detect the illegal financial transactions through database audit logs. The aim here is to monitor the database, detect the suspicious transactions and report the risk level of these transactions. Different databases are monitored to extract SQL transactions through their respective audit logs. The SQL transactions obtained are transformed and loaded in a standard XML format which contains financial records along with its metadata. Initially, we process the financial transaction records with Rule-Based outlier detection algorithm and classifies the transactions as per RBI rules. The suspected transactions obtained as outliers are marked with initial belief values. To verify the uncertainty of the suspected transactions we apply Dempster-Shafers theory of evidence which combines various evidence of suspected transactions obtained through audit logs. The experiments performed manifest the risk level of suspected transactions.
    Keywords: audit logs; database forensics;Dempster Shafer Theory; money laundering; outliers; suspicious transactions.

  • Robust, Imperceptible and Blind Video Steganography using RGB Secret, Maximum Likelihood Estimation and Fibonacci Encryption   Order a copy of this article
    by Barnali Gupta Banik, Abhinandan Banik 
    Abstract: According to the International Telecommunication Union, currently 51% of the world's population has Internet access; In developing countries, online video penetration has reached over 80% of total Internet usage. This implies that video sharing is very popular. Therefore, for secure confidential communication, secret data hiding in video can be a viable option to keep privacy. Hence in this article, a blind, key based technique of video steganography has been proposed in transform domain which can hide RGB image within a colour video. The novelty of this approach lies in the security imposed by various factors including scene change detection, pre-processing of secret image and the embedding technique. Here Maximum Likelihood Estimation has been applied as scene change detector to identify the video frame where the secret data embedding is taking place; For enhancing security, the secret image is scrambled by Fibonacci encryption before embedding. Lastly, Discrete Wavelet Transform based data hiding method has been implemented here which requires key for operation, can easily hide colour images without any perceivable differences and doesnt require cover video frame during extraction. Quality of the proposed method has been analysed by Peak Signal to Noise Ratio, Structural Similarity Index, Normalized Absolute Error and Correlation Coefficient; Robustness tests have been performed against various Steganalysis attacks namely Random Cropping, Rotating, Resizing and Histogram Equalization; At last, this method has been compared with the existing research works to demonstrate technological advancements.
    Keywords: Data Privacy; Information Security; Video Sharing; Image Colour Analysis; Encryption; Discrete Wavelet Transforms;.

  • Identifying Phishing Attacks in Communication Networks using URL Consistency Features   Order a copy of this article
    by Nureni Ayofe Azeez, Balikis Bolanle Salaudeen, Sanjay Misra, Robertas Damasevicius, Rytis Maskeliunas 
    Abstract: Phishing is a fraudulent attempt by cybercriminals, where the target audience is addressed by a text message, phone call or e-mail, requesting classified and sensi-tive information after presenting himself/herself as a legitimate agent. Successful phishing attack may result into financial loss and identity theft. Identifying foren-sic characteristics of phishing attack can help to detect the attack and its perpetua-tors and well as to enable defense against it. To shield internet users from phishing assaults, numerous anti-phishing models have been proposed. Currently employed techniques to handle these challenges are not sufficient and capable enough. We aim at identifying phishing sites in order to guard internet users from being vulnerable to any form of phishing attacks by verifying the conceptual and literal consistency between the Uniform Resource Locator (URL) and the web content. The implementation of the proposed PhishDetect method achieves an accuracy of 99.1%; indicating that it is effective in detecting various forms of phishing attacks.
    Keywords: phishing attacks; risk assessment; cybersecurity; digital forensics; digital evidence.

  • Improving performance overhead of a trust-clustering key management protocol in Ad-Hoc networks   Order a copy of this article
    by Mustapha SADI, Mourad AMAD, Nadjib BADACHE 
    Abstract: Group key management is a challenge for securing group communications in the networks. This area is well studied in the literature. The strict characteristics of mobile Ad-Hoc networks makes the adaptation of classical existing solutions a real challenge. Elliptic Curves Cryptography (ECC) became the choice of encryption for wireless Ad-Hoc and sensor networks. It uses very small keys and is mathematically very effective, which makes them ideal in communication for small devices used today. Scalability is a basic factor that determines the e
    Keywords: Group Key Managment; Trust clustering; lliptic curve cryptography; MANETs.

  • Drone forensics: examination and analysis   Order a copy of this article
    by Farkhund Iqbal, Benjamin Yankson, Maryam A. AlYammahi, Naeema AlMansoori, Suaad Mohammed Qayed, Babar Shah, Thar Baker 
    Abstract: Unmanned aerial vehicles (UAVs), also known as drones, provides unique functionalities, which allows area surveillance, inspection, surveying, unarmed cargo, armed attack machines, and aerial photography. Drones are susceptible to GPS spoofing attacks, integrity attacks and de-authentication attacks, which can allow criminals to access data, intercept the drone and use it commit a crime. Thus, this paper is presented to report on potential attacks against the Parrot Bebop 2 drone, and the ability for an investigator to collect evidence about the attacks on the drone. This paper aims at examining the possibility of establishing ownership and collecting data to reconstruct events, linking the drone controller with the drone to prove ownership, flight origins and other potentially useful information necessary to identify the proprietor of a crime. In addition, we have also proposed small-scale drone ontology for modelling drone context data, and simple forensic processing framework for small-scale drones.
    Keywords: digital forensics; investigation; drone security; drone attack; context data; drone ontology.
    DOI: 10.1504/IJESDF.2019.10020543
     
  • Comparison analysis of electricity theft detection methods for advanced metering infrastructure in smart grid   Order a copy of this article
    by Hamed Barzamini, Mona Ghassemian 
    Abstract: While smart grid technologies are deployed to help achieve improved grid reliability and efficiency, energy companies are vulnerable to cyber-attacks leading to billions of dollars loss. The selection of an appropriate classification method for the electricity theft detection relies on operational requirements and resource constraints in real scenarios. Since unsupervised methods have high error rates, we employ a semi-supervised anomaly detection method [the principal component analysis (PCA)] technique for the electricity theft detection. PCA is compared with the peer-to-peer (P2P) method based on linear equations. The P2P method assumes known particular electricity theft patterns and in the absence of which, the P2P method detection system results in 100% false alarm. While PCA does not require any prior assumptions about the pattern of the electricity theft, 4% false alarm rate is observed. Our analysis shows an average of 45% improvement in the detection accuracy rate in comparison with the P2P method.
    Keywords: smart grid; electricity theft; classification method; principal component analysis; PCA; advanced metering infrastructure.
    DOI: 10.1504/IJESDF.2019.10020548
     
  • A novel LSB-based RDH with dual embedding for encrypted images   Order a copy of this article
    by Jayanta Mondal, Debabala Swain, Devee Darshani Panda 
    Abstract: A novel reversible data hiding technique for encrypted images is proposed in this paper. Encryption helps achieving privacy which is a necessity for sensitive imagery such as medical and military images. In encrypted domain data embedding capacity remains a big challenge. A dual embedding scheme is proposed to enhance the additional data hiding capability. The general architecture includes a content owner, a data hider, and a receiver. This scheme is subjected to work on 512 × 512 grey-scale image. The encryption is done using a random 512 × 512 key matrix followed by a two phase data hiding technique to embed bits differently in odd and even blocks. Experiments are conducted in different block sizes in the embedding phase to achieve maximum data hiding potential. Experimental results show a huge increase in embedding capability. The error rate has significantly reduced over 50% in the recovered image and visual quality and image recovery is better than the existing methods.
    Keywords: reversible data hiding; RDH in encrypted domain; image encryption; least significant bit; LSB modification; dual embedding.
    DOI: 10.1504/IJESDF.2019.10020549
     
  • Countermeasures for timing-based side-channel attacks against shared, modern computing hardware   Order a copy of this article
    by Reza Montasari, Richard Hill, Amin Hosseinian-Far, Farshad Montaseri 
    Abstract: There are several vulnerabilities in computing systems hardware that can be exploited by attackers to carry out devastating microarchitectural timing-based side-channel attacks against these systems and as a result compromise the security of the users of such systems. By exploiting microarchitectural resources, adversaries can potentially launch different variants of timing attacks, for instance, to leak sensitive information through timing. In view of these security threats against computing hardware, in a recent study, titled 'Are timing-based side-channel attacks feasible in shared, modern computing hardware?', currently undergoing the review process, we presented and analysed several such attacks. This extended study proceeds to build upon our recent study in question. To this end, we analyse the existing countermeasures against timing attacks and propose new strategies in dealing with such attacks.
    Keywords: side channels; timing attacks; hardware attacks; channel attacks; digital investigations; countermeasures.
    DOI: 10.1504/IJESDF.2019.10020551
     
  • Fingerprint authentication based on fuzzy extractor in the mobile device   Order a copy of this article
    by Li Li, Siqin Zhou, Hang Tu 
    Abstract: Bio-cryptography is the combination of biometrics and cryptography that is a new security technology. For the fuzzy of fingerprint, fuzzy extractor that is a good model to protect the biometric data and can reliably extract almost the same random keys R from the closest input. however, many experiments about fuzzy extractors base on computer, we implement an application for fingerprint authentication in mobile devices based on the fuzzy extractor, the help data we need to store is in the capacity of the mobile extern storage. Unlike previous work, the construction of the input in secure sketch is very simple and uses ISO IEC 19794-2 standard minutia data. Most importantly, the scheme can be more secure to protect the biometric template.
    Keywords: fingerprint authentication; fuzzy extractor; BCH; android application.
    DOI: 10.1504/IJESDF.2019.10020550
     
  • A survey on security analysis and privacy issues of wireless multimedia communication system   Order a copy of this article
    by A. Vyasa Bharadwaja, V. Ganesan 
    Abstract: Wireless multimedia communication (WMC) is an emerging service that integrates voice, video, and data in the same service. The wireless handheld device used to provide multimedia communication such as PDA, Sensor, Mobile phones etc., are resource constrained and also need security protocol for successful multimedia communication between server and user. Many researchers are put their effort to develop secure cryptography algorithms and protocol to allow the user to access the data securely in telemedicine, surveillance system, and video on demand, digital cash, online shopping, digital content delivery and video conferencing technology. This paper focuses on security analysis of different encryption algorithm, secure architecture, encoding algorithm, authentication protocol and video encoding method. It also discuss about security multimedia challenges, characteristics, multimedia services, different attacks, software information and forecasts future perspectives of wireless multimedia technology.
    Keywords: security; wireless multimedia communication; WMC; elliptic curve cryptography; DNA cryptographic algorithm; privacy; secure accumulation; authentication.
    DOI: 10.1504/IJESDF.2019.10020532
     
  • Secure Gray code-based reversible data hiding scheme in radiographic images   Order a copy of this article
    by B. Karthikeyan, S. Venkata Keerthy, G. Hariharan 
    Abstract: Transmitting medical information through a network for the purpose of tele-diagnosis involves greater risk of losing confidentiality and integrity of the information being transmitted. This paper presents a scheme that ensures reversibility of the cover image and also makes it suitable for the field of telemedicine. The methodology uses cryptographic and the steganographic methods. The proposed work decreases the overhead by reducing the size of the auxiliary data to be embedded which is used to achieve the reversibility of the cover image. The proposed method also improves security of the data and enhances the image quality. The algorithm yields a reversible data hiding (RDH) scheme based on pixel value ordering (PVO). The methodology differs from other basic schemes as it uses Gray code instead of ordinary binary codes. It naturally suits for medical steganography as the carrier image can be reconstructed after extraction of the secret data and also the distortion caused due to embedding is very less. The method is also robust as one time pad cryptographic technique is used to generate the key.
    Keywords: reversible data hiding; RDH; pixel value ordering; PVO; medical steganography; one-time pad; telemedicine.
    DOI: 10.1504/IJESDF.2019.10020552
     
  • Dealing with the problem of collection and analysis of electronic evidence   Order a copy of this article
    by Jong-Min Sin, Hye-Ryon Son 
    Abstract: Today, the internet is being used in everybody's daily life thanks to rapid development of science and technology including information and communications technology. The cyberspace has also been used as a den for cybercriminals, whose recent number remarkably increases getting things worse and worse. Cybercrime is technically distinguished from traditional one, which makes it very hard to investigate cybercrime. In particular, a number of technical and legal issues arising in the collection and analysis of digital evidence have great influence in cybercrime investigation. The paper explores general concept of electronic evidence, basic requirements for collecting and analysing digital evidence and general procedures and methodologies thereof.
    Keywords: cybercrime; electronic evidence; digital evidence; collection; analysis; cybercrime investigation; internet.
    DOI: 10.1504/IJESDF.2019.10020553