International Journal of Electronic Security and Digital Forensics (12 papers in press)
Design and Implementation of a Ring Oscillator-Based Physically Unclonable Function on Field Programmable Gate Array to Enhance Electronic Security
by Massoud Masoumi
Abstract: Physically Unclonable Functions (PUFs) are functions that generate a set of random responses when stimulated by a set of pre-defined challenges. Since this challenge-response scheme extracts the secrets from complex physical properties of substrate material, such as the manufacturing variability of CMOS process and devices, they are called as physically unclonable or unpredictable functions. They are mostly used for hardware verification and/or device authentication mechanisms, access control, protection of sensitive intellectual property (IP) on devices and protection against insecure hardware connections and communications. PUF-based security approaches have numerous advantages compared to traditional cryptography-based techniques, including more robustness against physical and side channel attacks and suitability for lightweight devices such RFIDs.rnIn FPGA devices, PUFs are instantiated by exploiting the propagation delay differences of signals caused by manufacturing process variations. However, the real implementation of PUFs on FPGAs is a big challenge given the fact that the resources inside the FPGA is limited, and that it is not easy to simulate the behavior of PUF using the Xilinx software tools. In addition, many details about the implementation of PUFs is not given by the authors in related articles. In practice, it usually takes a long time to get a simple PUF to work both in simulations and on the board.rnIn this work, we describe a real implementation of ring-oscillator based PUF on Xilinx FPGAs and illustrate how such architecture is mapped into the FPGA fabric. Using this architecture, we obtained a unique 45-bit code which can be used to identify a chip between many similar devices of the same family in order to provide a strong access control and authentication mechanism. rn
Keywords: Electronic Security; Physically Unclonable Functions; Ring Oscillator; FPGA Implementation.
UML based Process Model for Mobile Cloud Forensic Application Framework- A Preliminary Study
by Puneet Sharma, Deepak Arora, T. Sakthivel
Abstract: Mobile cloud alleviates the burden of mobile computing technology through a cyber - foraging methodology that bridges the resource-constrained mobile devices and resources-abundant cloud. Mobile cloud augments the mobile device capabilities that allow the access of social networking sites, online file storage, and Webmail from anywhere over the Internet by using the cloud. With the increasing popularity of Smartphones and cloud-based mobile applications, cybercriminals misuse the potential vulnerabilities to promote the criminal activities. Thus, the mobile cloud forensics has received a greater attention within the digital forensics community and the mobile devices have become a significant source for the forensic investigators to collect fruitful case-specific evidences. The rapid usage of Smartphones and technological advancements become a critical factor that creates significant challenges to forensic investigation process. Most notably, collecting the potential evidences from the mobile devices and cloud by applying forensically sound methods faces severe setback due to technological challenges. The rapid advancement of forensic investigation tools and methods are inevitable to cope up with the increasing criminal activities on the mobile cloud platform. To overcome these challenges, this study proposes a forensic process framework for mobile cloud applications that provide deep insights into the mobile cloud forensic process and identify the critical methods essential for forensic investigators. This is a preliminary study that presents a mobile cloud forensic process primarily consists of identification, collection and preservation, examination and analysis, and evidence correlation and presentation phases. Moreover, the proposed mobile cloud forensic process introduces examination and analysis of inter and intra-application on the mobile device and the evidence correlation phase between the mobile and cloud. The forensic examination and analysis phase targets to improve the evidence traceability in the cloud by determining the evidences related to the malicious activity of the suspected device in an efficient manner.
Keywords: Mobile Cloud Forensics; Forensic Process Framework; Forensic Investigations; Forensic methods; Use Cases; and UML Sequence Diagrams.
Design and Development of Two Levels Electronic Security and Safety System for Buildings
by Kalpana Chauhan, Rajeev Kumar Chauhan
Abstract: Today, security is not just a requirement but a necessity. It could be of any place like residences, business installations, educational institutions etc. With the project undertaken by us on electronic security and safety system we would like to do our bit in ridding the society of menace of burglars. In this paper we have initially a four digit authentic system on the door which would enable the authentic user to enter the installation. Our second line of defense would be a trap of infrared motion detectors which on detection of any unauthorized entrance would activate an alarm which is in the hand of the owner. Thus in the above said manner we would be able to secure every nook and corner of the installation. The present paper is an application of electronics and communication in electrical systems. The microcontroller-based digital security system presented here is an access control system that allows only authorized persons to access a restricted area.
Keywords: electronics security; authentic; infrared; authorised.
Security Efficient Command Control Communication and Integration with Digital Television (DTV)
by Kostantinos Kardaras, George Lambrou, Dimitrios Koutsouris
Abstract: In the present work we propose an Intelligence C3I concept by integrating public safety radio communication networks and DTV. Transparent operation is achieved through Internet Protocol (IP) interfaces. Terrestrial DTV will be used as an alternative Intelligence communications path that will be activated during major crisis and emergencies where system unavailability occurs. Decision support systems will take over to coordinate, command and control agencies in the public sector. The advantageous property of the proposed architecture is the autonomous, robust and reliable operation of the infrastructures regardless their operations in a stand-alone capacity or as integral part of a greater and transparent security/Intelligence network. The proposed network architecture can be used as a means to countermeasure against crisis (terrorist attacks, physical disasters etc.).
Keywords: Digital Television; Command Control; C3I; Information Systems.
Problems of Legal Regulations of Relations in the Sphere of the Electronic Document Flow
by Ainur Kussainova, Aiman Omarova, Djamilya Ospanova, Duman Kussainov, Rysgul Abilsheyeva
Abstract: Regulation of the electronic document flow stand as allied form of the legal structure. The document flow contains elements of the general law of regulation and reaffirms the necessity of following specific instructions. Its electronic form gives an opportunity for the information interchange between subjects of an economical and legal activity. This defines the possibility of formation of separate branch of legal regulation in the document flow. The possibility of the structuring and correlation of an informational and other branch of the law for the aim of complex usage of an electronic document flow is viewed as separate aspect. The innovation of the research is explained by the reason that the mechanism of the governmental legislation is fully investigated and approved Practical significance is explained, from which the definition of the branch of legislative regulation allows to raise the structure and the regulation of the legislative system.
Keywords: Electronic document; electronic document flow; electronic form; informational technologies; electronic signature.
A New Colour Image Encryption Approach using a Combination of Two 1D Chaotic Map
by Djamel Herbadji, Nadir Derouiche, Aissa Belmeguenai, Nedal Tahat, Selma Boumerdassi
Abstract: In this paper, we propose an improved chaotic map by coupling two existing ones. Numerical tests prove that it owns closely complex behaviour and wider chaotic range than their seed maps. A new colour image encryption approach using the enhanced chaotic map has been suggested. The proposed scheme is based on the conventional confusion-diffusion structure that contains a new permutation process has designed to randomly scramble neighbouring pixels. The performance and the quality measurement of the proposed scheme are analyzed by comparing it with some existing research
Keywords: Image encryption; security; chaotic map.
The Crimes in the Field of High Technology: Concept, Problems and Methods of Counteraction in Kazakhstan
by Kanat Lakbayev, Gulnara Rysmagambetova, Alizhan Umetov, Askar Sysoyev
Abstract: The article investigates the concept, problems and methods of counteraction to crimes in the field of high technology. The main attention of the authors is aimed at determining the essence of these crimes and the dynamics of their spread in the global and regional aspects. At the same time, the article gives the example of the experience of foreign countries where the relevant methods of counteraction to high-tech crimes have already been developed. Special attention is paid to the study of criminal acts committed using the Internet world network where new types and methods of committing crimes regularly appear and develop. The gaps in the regulatory support of law enforcement agencies involved in the detection and investigation of crimes in the field of high technology were revealed. On the basis of the materials certain criminal cases identified the main problems contributing to their commission were revealed.
Keywords: crimes in high technology field; computer crime; phishing sites; RAT-programs – (Remote Administration Tools – hidden remote access); anonymizer programs; "hidden" Internet (Darknet).
Risk Assessment of Smart Grids under Cyber-physical Attacks using Bayesian Networks
by Anas AlMajali, Yatin Wadhawan, Mahmood Saadeh, Laith Shalalfeh, Clifford Neuman
Abstract: Different technologies are used to manage the integration of smart devices with the conventional power grid. This new integration allows more control and monitoring capabilities for stakeholders and customers. However, it also makes the smart grid susceptible to new classes of cyber-physical threats that have to be analyzed, evaluated and mitigated. In this paper, we specifically evaluate the risk of manipulating circuit breakers that connect a power generator to the smart grid. Our main contribution is performing risk assessment of the grid by combining the vulnerabilities of its cyber domain and the transient stability analysis of its physical domain. First, we estimate the probability of compromising the Energy Control Center (ECC) using a Bayesian Network. The ECC can be exploited to manipulate circuit breakers. Second, we analyze the impact of manipulating circuit breakers in the IEEE 39-bus test system. Third, the probability of compromise and its impact are combined to quantify risk. Finally, we analyze the effect of integrating Photovoltaic (PV) systems on the stability of the smart grid under the same attack scenarios. The results indicate that integrating smart grids with PV systems can improve resilience even if a cyber-attack succeeds.
Keywords: smart grid; photovoltaic system; cyber-physical attack; risk; resilience.
An Ontological Approach to Threats Pattern Collection and Classification: a preliminary study to Security Management
by O.T. Arogundade, T.E. Abioye, Sanjay Misra
Abstract: This study presents an agent based approach to resolve issues related to the collection and classification of software application anomalies and misuses with the aim of facilitating the reappraisal of security controls of information system (IS).The proposed system is assumed to be integrated with the existing IS in order to enhance information system security maintenance by continuously collecting identified threat behavior from the application intrusion detection system (IDS). The system comprises of several functional agents like the input collector agent, classifier agent, and tracking agent. The collector agent collects the identified threats by the IDS, the categorizer agent categorizes according to STRIDE model using pattern matching algorithm on the content of security knowledge base. The security knowledge repository is developed based on existing security ontology. The classifier classifies based on the threats IP address while the tracking agent collates all the threats profile. We presented the collect-categorize-classify-track (C3T) model. The potential usability of our work is demonstrated by a case study and its useful integration with further studies is also discussed.rn
Keywords: threats; STRIDE; ontology; intrusion detection system; agents; risk; security.
Forward secure certificateless proxy multi-signature scheme
by Ronghai Gao
Abstract: In order to deal with key exposure problem, we introduce forward secure technique into certificateless proxy multisignature scheme, and give the formal definition and security model of forward secure certificateless proxy multisignature.Furthermore, we present a construction of forward secure certificateless proxy multi-signature scheme.Based on the difficulty of computational Diffie-Hellman problem, the proposed scheme is existentially unforgeable against adaptively chosen-message attacks and chosen- warrant attacks in the random oracle model. The proposed scheme does not use bilinear pairs in the key update and generation proxy signature phases, and updated proxy key is easy, thus it is more suitable for mobile environments. Our scheme has effectively dealt with the key exposure problem and certificate management problem.
Keywords: certificateless cryptography; proxy signature; proxy multi-signature; forward secure; computational Diffie-Hellman problem.
Possible Attempts to Identify E-mail Header of the Sender for Academic Qualification Fraud
by Nathaporn Utakrit, Pongpisit Wuttidittachotti
Abstract: Education is the core of the countrys development. A good education can increase a persons chances of having a good job, consistent pay raises, and a stable life; without a degree, it will be more challenging to have these things. A diploma mill arises when a person without a degree wants to get a better job and earn a more substantial salary. Buying and selling degrees over e-mail is one way to avoid detection. This research aims to contribute to forensic counteractive measures that can identify and track the people who use e-mail for data sharing. This examination focused on senders e-mail that could be used as a part of juridical significance in criminal justice. This research had adopted e-mail forensic process to acquire, extract, analyse, and interpret data. The authors conducted the empirical analysis from the experimental e-mails headers using forensic tools and manual approach based on the Request for Comments (RFCs) as the primary guidelines. The scope excluded the analyses of e-mail contents and attachments. The study found that the commercial tool extracted headers less often than the free alternatives. All sending channels could identify the senders identification. E-mail sent from desktops provided the computer name and ISP of the sender. However, typical and anonymous e-mails can only trace back to the original mail servers. Although tools could provide investigators with ease and convenience, data acquisition and validation need to be done manually. Digital forensic experts must utilise their strong forensic analytical and investigative skills to formulate and present results and conclusions in a format that can be easily understood. This research is not the ad hoc mechanism, but it can be implemented in other criminal investigations or related endeavours.
Keywords: E-mail message header; e-mail forensics; anonymous e-mail; typical e-mails; diploma mills; Request for Comments.
Forensic Analysis and Data Recovery from Water-Submerged Hard Drives
by Alicia Francois, Alastair Nisbet
Abstract: In many digital forensic investigations, a common location to recover files as evidence of wrongdoing is a computer hard drive. Hard drives have increased greatly in storage capacity since their introduction in computers in the 1950s making them a rich source of evidence for the forensic investigator. This awareness may also lead to the destruction of hard drives or entire computers by throwing them into water in an attempt to prevent recovery of data. This research looks at the solid state hard drives alongside platter hard drives in particular and the time water will take to enter the hard drive once it is submerged. Experiments show that once water has entered the drive, various components will be affected by the water and the drive will become inoperable. A guide for forensic investigators is constructed indicating the likely time required to recover the drive before water ingress occurs, and the various parts of the drive that may be damaged and whether repairs or replacement of those parts is possible.
Keywords: Forensics; Security; Hard Drive; Water Damage.