International Journal of Electronic Security and Digital Forensics (20 papers in press)
A 3-Layer RDH Method in Encrypted Domain for Medical Information Security
by Debabala Swain, Jayanta Mondal
Abstract: Digitization of sensitive images demands a lossless security mechanism and a sophisticated privacy preservation technique. Sensitive imagery e.g. medical, forensic, military images etc., needs special care during transmission as a little distortion can lead to catastrophic diagnosis mistake. With immense advancements, popularity, and success of service-oriented architecture (SOA), providing safe and secure online medical facility is one hard challenge for both research community and the industry. This paper proposes a 3-layer embedding mechanism enabled reversible data hiding (RDH) scheme with additional electronic patient record (EPR) hiding technique for encrypted medical images. LSB modification and LSB substitution technique are used for the embedding and EPR hiding. The experiments carried out on the medical test images on three levels of embedding and the experimental results show great potential in terms of security, embedding capacity, and recovered image quality.
Keywords: Reversible Data Hiding; Least Significant Bit; Electronic Patient Record;Encryption; Data Embedding.
Application of Quality in Use Model to Assess The User Experience of Open Source Digital Forensics Tools
by Manar Abu Talib, Reem Alnanih, Adel Khelifi
Abstract: Open source digital forensics tools are playing an important role for law enforcement agencies, security company operations, forensics investigations and enterprise security teams. There is a strong need to assess these software tools using quality in use models to ensure that they meet users needs and are adaptable to the context in which they are being used. The existing literature does not satisfy the requirements of assessing the quality-in-use of these software tools.
In this paper, we adopt a standardized set of existing quality models and apply the quality-in-use measurement model in terms of five important characteristics, namely, effectiveness, productivity, efficiency, error safety, and cognitive load. We assess three of the most used open source digital forensics tools, namely Autopsy, DFF, and DART. The results of experiments have demonstrated that the performance of Autopsy, DFF, and DART is similar in terms of efficiency and productivity. However, DDF outperformed the other two slightly in effectiveness. Autopsy was the best in terms of error safety, and DART had the highest cognitive load. As a result, the open source digital forensics tools community may consider these findings in selecting the right solution in order to perform its duties properly.
The idea for this research paper is to initiate research activities that can ultimately lead to a clear and more simply applied set of quality requirements for the aforementioned tools. So, future research will involve conducting a more comprehensive study that will encompass additional aspects of software quality. In addition, a comparative study of open and closed source digital forensics programs using standardized software quality requirements should be considered. This will enhance testing efforts and increase the quality of this type of software.
Keywords: Quality Models; Open Source Software (OSS); digital forensics tools; Autopsy; DFF; DART; Quality-in-use Model; ISO/IEC 25010; Designing user interfaces.
Authenticate Audio Video-Crypto Invisible Watermarking Approach for Enhancing Hidden Information Security and Robustness
by Mahesh Gangarde
Abstract: Now a days for any type of watermarking techniques imperceptibility, robustness, embedding capacity, security of hidden watermark secret data and recovery of good visual quality of both covers as well as watermark secret data are the major issues. There is always a tradeoff between embedding capacity, robustness and imperceptibility, hence the suggested approach gives the perfect solution to all these major issues. To solve these issues the selected frame of video and the secret data as image and audio is divided into the number of parts and every part is mapped using APLM (Adaptive Pixel Location Mapping) algorithm to get watermarked video, hence the embedding capacity and security of hidden watermark secret data is increased. To increase the robustness and imperceptibility of the proposed system a number of attacks have applied on watermarked video during transmission. The proposed system also calculates the key security parameters like Peak Signal to Noise Ratio (PSNR), Mean Square Error (MSE), Histogram, Structural Similarity Index Module (SSIM), Cross Correlation Factor (CCF) and Bit Error Rate (BER) before watermarking, after watermarking and after recovering the secret data from watermarked video which are found to be identical, hence the proposed system is more resistive to any type of attack. Furthermore, the obtained simulation result shows that the suggested audio, video-crypto invisible watermarking approach is found to be better in terms of perceptibility, robustness, privacy, security and large embedding capacity and recovery of cover video and secret watermark data as compared to any existing techniques.
Keywords: Audio Video Watermarking; APLM; Perceptibility; Robustness; Watermark Information Security.
A Novel Approach to Secret Data Concealment with High Cover Text Capacity and Security
by Muhammad Azeem, Jingsha He, Allah Ditta, Faheem Akhtar, Sher Muhammad Daudpota
Abstract: The security of confidential information has been employed by using Cryptography and Steganography. To secure secret data has become more challenging for security researchers and defence departments due to the rapid growth of internet and massive technological advancement. Although steganography techniques was also evolved but still require large amount of cover text to conceal large size of message. Therefore, to deal the issue of data hiding capacity and stego text size present research articulates a novel approach to achieve high data concealment capacity of cover text along with security by using combination of steganography and cryptography. Current algorithm applies four-layer encryption on secret binary value before embedding and seven Unicode characters such as Invisible Plus (IP), Invisible Separator (IS), Inhabit Symmetric Swapping (ISS), Left to Right Override (LRO), (ZWNJ), Zero Width Joiner (ZWJ), Zero Width Non-Joiner and Zero Width Character (ZWC), are employed to embed secret information into English carrier text. Finally, an output file stego text object is generated. The result reflects tremendous raise in carrier text capacity up to 300% and encryption significantly enhances the security of secret data. Moreover, the identical carrier and stego text reduces hacker‟s attention. The projected technique is simple but hard to break and avoids overhead of secret key involvement.
Keywords: Unicode; Bit Rotation; Carrier Media; Cryptography; Text Steganography.
Augmenting Smart Home Network Security Using Blockchain technology
by Utkarsh Saxena, J.S. Sodhi, Rajneesh Tanwar
Abstract: The idea of smart home existed from 1970s onwards but has come into knowledge of researchers and data scientist due to the development in the domain of Internet of things (IoT), but it still suffers from privacy and security vulnerabilities . Conventional security policies or approaches are not applicable for IoT, mainly due to its decentralized topology and the resource constraints of the majority of its devices . This Paper presents an innovative, novel and decentralized approach that can be used to augment the existing security architecture of a smart home network. Our scheme guarantees both trustworthiness and user privacy preservations.
Keywords: Proof of Data; Blockchain; Smart Home; Internet of Things; peer to peer.
FORENSIC OF An UNROOTED MOBILE DEVICE
by Animesh Kumar Agrawal
Abstract: With the people switching over to mobiles for all their computing needs, these ubiquitous devices have become huge data warehouses. In order to extract the required data, the inbuilt critical security mechanism of the device needs to be bypassed. With increased device security being implemented in latest android versions, gaining root access is a huge challenge. The research addresses the issue of getting data from smart phone without performing the rooting operation and without enabling USB debugging, which is one of the key challenges for mobile forensics. This paper proposes a mechanism to extract data by flashing TWRP (Team Win Recovery Project) on the device after unlocking the boot loader.
Keywords: mobile forensics; android; custom recovery; twrp; root; fastboot.rnrn.
Efficient light-weight private auditing scheme for cloud-based wireless body area networks
by Xiaojun Zhang
Abstract: With the rapid development of cloud computing, cloud-based wireless body area networks (WBANs) provide powerful storage services, and process massive medical data efficiently. As the medical data are exploited to perform the clinical diagnosis and other special medical treatments, the integrity of the medical data stored in the cloud server is increasingly important. In this paper, based on the elliptic curve digital signature algorithm (ECDSA), we propose an efficient light-weight cloud storage private auditing scheme for medical data in WBANs. Our scheme enables a data owner to check the medical data integrity effectively personally, and does not need to retrieve the entire medical data set, thereby dramatically reducing the communication overhead. Moreover, we further extend our private auditing scheme to private batch auditing. Thus, the data owner can perform auditing task for multiple different medical data files simultaneously. The performance comparison demonstrates that our scheme is much more light-weight, and more practical in cloud-based wireless body area networks.
Keywords: Cloud storage; Wireless body area networks; Elliptic curve digital signature; Light-weight; Private auditing.
Monitor and Detect Suspicious Transactions with Database Forensics and Dempster-Shafer Theory of Evidence
by Harmeet Khanuja
Abstract: The digital investigators have now approached databases for investigating the cyber crimes. The illegal financial transactions on the web which goes undetected can now be revealed through database forensics. In response to this, we have proposed a methodology to detect the illegal financial transactions through database audit logs. The aim here is to monitor the database, detect the suspicious transactions and report the risk level of these transactions. Different databases are monitored to extract SQL transactions through their respective audit logs. The SQL transactions obtained are transformed and loaded in a standard XML format which contains financial records along with its metadata. Initially, we process the financial transaction
records with Rule-Based outlier detection algorithm and classifies the transactions as per RBI rules. The suspected transactions obtained as outliers are marked with initial belief values. To verify the uncertainty of the suspected transactions we apply Dempster-Shafers theory of evidence which combines various evidence of suspected transactions obtained through audit logs. The experiments performed manifest the risk level of suspected transactions.
Keywords: audit logs; database forensics;Dempster Shafer Theory; money laundering; outliers; suspicious transactions.
Robust, Imperceptible and Blind Video Steganography using RGB Secret, Maximum Likelihood Estimation and Fibonacci Encryption
by Barnali Gupta Banik, Abhinandan Banik
Abstract: According to the International Telecommunication Union, currently 51% of the world's population has Internet access; In developing countries, online video penetration has reached over 80% of total Internet usage. This implies that video sharing is very popular. Therefore, for secure confidential communication, secret data hiding in video can be a viable option to keep privacy. Hence in this article, a blind, key based technique of video steganography has been proposed in transform domain which can hide RGB image within a colour video. The novelty of this approach lies in the security imposed by various factors including scene change detection, pre-processing of secret image and the embedding technique. Here Maximum Likelihood Estimation has been applied as scene change detector to identify the video frame where the secret data embedding is taking place; For enhancing security, the secret image is scrambled by Fibonacci encryption before embedding. Lastly, Discrete Wavelet Transform based data hiding method has been implemented here which requires key for operation, can easily hide colour images without any perceivable differences and doesnt require cover video frame during extraction. Quality of the proposed method has been analysed by Peak Signal to Noise Ratio, Structural Similarity Index, Normalized Absolute Error and Correlation Coefficient; Robustness tests have been performed against various Steganalysis attacks namely Random Cropping, Rotating, Resizing and Histogram Equalization; At last, this method has been compared with the existing research works to demonstrate technological advancements.
Keywords: Data Privacy; Information Security; Video Sharing; Image Colour Analysis; Encryption; Discrete Wavelet Transforms;.
Identifying Phishing Attacks in Communication Networks using URL Consistency Features
by Nureni Ayofe Azeez, Balikis Bolanle Salaudeen, Sanjay Misra, Robertas Damasevicius, Rytis Maskeliunas
Abstract: Phishing is a fraudulent attempt by cybercriminals, where the target audience is addressed by a text message, phone call or e-mail, requesting classified and sensi-tive information after presenting himself/herself as a legitimate agent. Successful phishing attack may result into financial loss and identity theft. Identifying foren-sic characteristics of phishing attack can help to detect the attack and its perpetua-tors and well as to enable defense against it. To shield internet users from phishing assaults, numerous anti-phishing models have been proposed. Currently employed techniques to handle these challenges are not sufficient and capable enough. We aim at identifying phishing sites in order to guard internet users from being vulnerable to any form of phishing attacks by verifying the conceptual and literal consistency between the Uniform Resource Locator (URL) and the web content. The implementation of the proposed PhishDetect method achieves an accuracy of 99.1%; indicating that it is effective in detecting various forms of phishing attacks.
Keywords: phishing attacks; risk assessment; cybersecurity; digital forensics; digital evidence.
Improving performance overhead of a trust-clustering key management protocol in
by Mustapha SADI, Mourad AMAD, Nadjib BADACHE
Abstract: Group key management is a challenge for securing group communications in the networks. This area is well studied in the literature. The strict characteristics of mobile Ad-Hoc networks makes the adaptation of classical existing solutions a real challenge. Elliptic Curves Cryptography (ECC) became the choice of encryption for wireless Ad-Hoc and sensor networks. It uses very small keys and is mathematically very effective, which makes them ideal in communication for small devices used today. Scalability is a basic factor that determines the e
Keywords: Group Key Managment; Trust clustering; lliptic curve cryptography;
Detecting Phishing Pages Using the Relief Feature Selection and Multiple Classifiers
by Seyyed-Mohammad Javadi-Moghaddam
Abstract: Website phishing is a deception in e-commerce, which attempts to steal user confidential information using similar websites. The classification technique is one of the common ways to detect phishing websites. According to high-volume main data, attribute reduction algorithms play an essential role. This paper presents an appropriate model based on the Relief algorithm to reduce dimension. Moreover, the proposed approach uses multiple- classifiers to increase accuracy. The evaluated results show higher accuracy and superiority than conventional methods.
Keywords: Attribute Reduction; Combining classifications Algorithm; Phishing; Relief algorithm.
Design and Implementation of a Ring Oscillator-Based Physically Unclonable Function on Field Programmable Gate Array to Enhance Electronic Security
by Massoud Masoumi
Abstract: Physically Unclonable Functions (PUFs) are functions that generate a set of random responses when stimulated by a set of pre-defined challenges. Since this challenge-response scheme extracts the secrets from complex physical properties of substrate material, such as the manufacturing variability of CMOS process and devices, they are called as physically unclonable or unpredictable functions. They are mostly used for hardware verification and/or device authentication mechanisms, access control, protection of sensitive intellectual property (IP) on devices and protection against insecure hardware connections and communications. PUF-based security approaches have numerous advantages compared to traditional cryptography-based techniques, including more robustness against physical and side channel attacks and suitability for lightweight devices such RFIDs.rnIn FPGA devices, PUFs are instantiated by exploiting the propagation delay differences of signals caused by manufacturing process variations. However, the real implementation of PUFs on FPGAs is a big challenge given the fact that the resources inside the FPGA is limited, and that it is not easy to simulate the behavior of PUF using the Xilinx software tools. In addition, many details about the implementation of PUFs is not given by the authors in related articles. In practice, it usually takes a long time to get a simple PUF to work both in simulations and on the board.rnIn this work, we describe a real implementation of ring-oscillator based PUF on Xilinx FPGAs and illustrate how such architecture is mapped into the FPGA fabric. Using this architecture, we obtained a unique 45-bit code which can be used to identify a chip between many similar devices of the same family in order to provide a strong access control and authentication mechanism. rn
Keywords: Electronic Security; Physically Unclonable Functions; Ring Oscillator; FPGA Implementation.
UML based Process Model for Mobile Cloud Forensic Application Framework- A Preliminary Study
by Puneet Sharma, Deepak Arora, T. Sakthivel
Abstract: Mobile cloud alleviates the burden of mobile computing technology through a cyber - foraging methodology that bridges the resource-constrained mobile devices and resources-abundant cloud. Mobile cloud augments the mobile device capabilities that allow the access of social networking sites, online file storage, and Webmail from anywhere over the Internet by using the cloud. With the increasing popularity of Smartphones and cloud-based mobile applications, cybercriminals misuse the potential vulnerabilities to promote the criminal activities. Thus, the mobile cloud forensics has received a greater attention within the digital forensics community and the mobile devices have become a significant source for the forensic investigators to collect fruitful case-specific evidences. The rapid usage of Smartphones and technological advancements become a critical factor that creates significant challenges to forensic investigation process. Most notably, collecting the potential evidences from the mobile devices and cloud by applying forensically sound methods faces severe setback due to technological challenges. The rapid advancement of forensic investigation tools and methods are inevitable to cope up with the increasing criminal activities on the mobile cloud platform. To overcome these challenges, this study proposes a forensic process framework for mobile cloud applications that provide deep insights into the mobile cloud forensic process and identify the critical methods essential for forensic investigators. This is a preliminary study that presents a mobile cloud forensic process primarily consists of identification, collection and preservation, examination and analysis, and evidence correlation and presentation phases. Moreover, the proposed mobile cloud forensic process introduces examination and analysis of inter and intra-application on the mobile device and the evidence correlation phase between the mobile and cloud. The forensic examination and analysis phase targets to improve the evidence traceability in the cloud by determining the evidences related to the malicious activity of the suspected device in an efficient manner.
Keywords: Mobile Cloud Forensics; Forensic Process Framework; Forensic Investigations; Forensic methods; Use Cases; and UML Sequence Diagrams.
Design and Development of Two Levels Electronic Security and Safety System for Buildings
by Kalpana Chauhan, Rajeev Kumar Chauhan
Abstract: Today, security is not just a requirement but a necessity. It could be of any place like residences, business installations, educational institutions etc. With the project undertaken by us on electronic security and safety system we would like to do our bit in ridding the society of menace of burglars. In this paper we have initially a four digit authentic system on the door which would enable the authentic user to enter the installation. Our second line of defense would be a trap of infrared motion detectors which on detection of any unauthorized entrance would activate an alarm which is in the hand of the owner. Thus in the above said manner we would be able to secure every nook and corner of the installation. The present paper is an application of electronics and communication in electrical systems. The microcontroller-based digital security system presented here is an access control system that allows only authorized persons to access a restricted area.
Keywords: electronics security; authentic; infrared; authorised.
Security Efficient Command Control Communication and Integration with Digital Television (DTV)
by Kostantinos Kardaras, George Lambrou, Dimitrios Koutsouris
Abstract: In the present work we propose an Intelligence C3I concept by integrating public safety radio communication networks and DTV. Transparent operation is achieved through Internet Protocol (IP) interfaces. Terrestrial DTV will be used as an alternative Intelligence communications path that will be activated during major crisis and emergencies where system unavailability occurs. Decision support systems will take over to coordinate, command and control agencies in the public sector. The advantageous property of the proposed architecture is the autonomous, robust and reliable operation of the infrastructures regardless their operations in a stand-alone capacity or as integral part of a greater and transparent security/Intelligence network. The proposed network architecture can be used as a means to countermeasure against crisis (terrorist attacks, physical disasters etc.).
Keywords: Digital Television; Command Control; C3I; Information Systems.
Problems of Legal Regulations of Relations in the Sphere of the Electronic Document Flow
by Ainur Kussainova, Aiman Omarova, Djamilya Ospanova, Duman Kussainov, Rysgul Abilsheyeva
Abstract: Regulation of the electronic document flow stand as allied form of the legal structure. The document flow contains elements of the general law of regulation and reaffirms the necessity of following specific instructions. Its electronic form gives an opportunity for the information interchange between subjects of an economical and legal activity. This defines the possibility of formation of separate branch of legal regulation in the document flow. The possibility of the structuring and correlation of an informational and other branch of the law for the aim of complex usage of an electronic document flow is viewed as separate aspect. The innovation of the research is explained by the reason that the mechanism of the governmental legislation is fully investigated and approved Practical significance is explained, from which the definition of the branch of legislative regulation allows to raise the structure and the regulation of the legislative system.
Keywords: Electronic document; electronic document flow; electronic form; informational technologies; electronic signature.
A New Color Image Encryption Approach using a Combination of Two 1D Chaotic Map
by Djamel Herbadji, Nadir Derouiche, Aissa Belmeguenai, Nedal Tahat, Selma Boumerdassi
Abstract: In this paper, we propose an improved chaotic map by coupling two existing ones. Numerical tests prove that it owns closely complex behavior and wider chaotic range than their seed maps.Anewcolor image encryption approach using the enhanced chaotic map has been suggested. The proposed scheme is based on the conventional confusion-diffusion structure that contains a new permutation process has designed to randomly scramble neighboring pixels. The performance and the quality measurement of the proposed scheme are analyzed by comparing it with some existing research
Keywords: Image encryption; security; chaotic map.
The Crimes in the Field of High Technology: Concept, Problems and Methods of Counteraction in Kazakhstan
by Kanat Lakbayev, Gulnara Rysmagambetova, Alizhan Umetov, Askar Sysoyev
Abstract: The article investigates the concept, problems and methods of counteraction to crimes in the field of high technology. The main attention of the authors is aimed at determining the essence of these crimes and the dynamics of their spread in the global and regional aspects. At the same time, the article gives the example of the experience of foreign countries where the relevant methods of counteraction to high-tech crimes have already been developed. Special attention is paid to the study of criminal acts committed using the Internet world network where new types and methods of committing crimes regularly appear and develop. The gaps in the regulatory support of law enforcement agencies involved in the detection and investigation of crimes in the field of high technology were revealed. On the basis of the materials certain criminal cases identified the main problems contributing to their commission were revealed.
Keywords: crimes in high technology field; computer crime; phishing sites; RAT-programs – (Remote Administration Tools – hidden remote access); anonymizer programs; "hidden" Internet (Darknet).
Risk Assessment of Smart Grids under Cyber-physical Attacks using Bayesian Networks
by Anas AlMajali, Yatin Wadhawan, Mahmood Saadeh, Laith Shalalfeh, Clifford Neuman
Abstract: Different technologies are used to manage the integration of smart devices with the conventional power grid. This new integration allows more control and monitoring capabilities for stakeholders and customers. However, it also makes the smart grid susceptible to new classes of cyber-physical threats that have to be analyzed, evaluated and mitigated. In this paper, we specifically evaluate the risk of manipulating circuit breakers that connect a power generator to the smart grid. Our main contribution is performing risk assessment of the grid by combining the vulnerabilities of its cyber domain and the transient stability analysis of its physical domain. First, we estimate the probability of compromising the Energy Control Center (ECC) using a Bayesian Network. The ECC can be exploited to manipulate circuit breakers. Second, we analyze the impact of manipulating circuit breakers in the IEEE 39-bus test system. Third, the probability of compromise and its impact are combined to quantify risk. Finally, we analyze the effect of integrating Photovoltaic (PV) systems on the stability of the smart grid under the same attack scenarios. The results indicate that integrating smart grids with PV systems can improve resilience even if a cyber-attack succeeds.
Keywords: smart grid; photovoltaic system; cyber-physical attack; risk; resilience.