Forthcoming and Online First Articles

International Journal of Information and Computer Security

International Journal of Information and Computer Security (IJICS)

Forthcoming articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Online First articles are published online here, before they appear in a journal issue. Online First articles are fully citeable, complete with a DOI. They can be cited, read, and downloaded. Online First articles are published as Open Access (OA) articles to make the latest research available as early as possible.

Open AccessArticles marked with this Open Access icon are Online First articles. They are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

Register for our alerting service, which notifies you by email when new issues are published online.

We also offer which provide timely updates of tables of contents, newly published articles and calls for papers.

International Journal of Information and Computer Security (62 papers in press)

Regular Issues

  • Searching the Space of Tower Field Implementations of the F(2^8) Inverter - with Applications to AES, Camellia, and SM4   Order a copy of this article
    by Zihao Wei, Siwei Sun, Lei Hu, Man Wei, René Peralta 
    Abstract: The tower field implementation of the F(2^8) inverter is not only the key technique for compact implementations of the S-boxes of several internationally standardized block ciphers such as AES, Camellia, and SM4, but also the underlying structure many side-channel attack resistant AES implementations rely on. In this work, we conduct an exhaustive study of the tower field representations of the F(2^8) inverter with normal bases by applying several state-of-the-art combinatorial logic minimization techniques. As a result, we achieve improved implementations of the AES, Camellia and SM4 S-boxes in terms of area footprint. Surprisingly, we are still able to improve the currently known most compact implementation of the AES S-box from CHES 2018 by 5.5 GE, beating the record again. For Camellia and SM4, the improvements are even more significant. The Verilog codes of our implementations of the AES, Camellia and SM4 S-boxes are openly available.
    Keywords: Tower field; Inverter; S-box; AES; Camellia; SM4.

  • Emerging DNA Cryptography based Encryption Schemes: A Review   Order a copy of this article
    by Pratyusa Mukherjee, Chittaranjan Pradhan, Rabindra Kumar Barik, Harishchandra Dubey 
    Abstract: Security has been the fundamental apprehension during information transmission and storage. Communication network is inordinately susceptible to intrusion from unpredictable adversaries thus threatening the confidentiality, integrity and authenticity of data. This is where cryptography facilitates us and encodes the original message into an incomprehensible and unintelligible form. DNA cryptography is the latest propitious field in cryptography that has transpired with the advancement of DNA computing. The immense parallelism, unrivalled energy efficiency and exceptional information density of DNA molecules is being traversed for cryptographic purpose. Currently, it is in the preliminary stage and necessitates avid scrutinization. The foremost hindrance in the field of DNA cryptography is computational complexity and lack of sophisticated laboratories. In this paper, we discuss the existing DNA cryptographic approaches and compare their achievements and limitations to provide a better perception. In the end, a modified version of the DNA cryptography combined with soft computing is also suggested.
    Keywords: Security; DNA Cryptography; DNA Computing; Bio-inspired Cryptography; Encryption.
    DOI: 10.1504/IJICS.2022.10036907
  • Attack Resistant Chaos-based Cryptosystem by Modified Baker Map and Logistic Map   Order a copy of this article
    by Debanjan Chatterjee, Barnali Gupta Banik, Abhinandan Banik 
    Abstract: In recent years, information security has become a crucial aspect of data storage and communication. A large portion of digital data transfer takes place in the form of images such as social media images, satellite images, medical imaging; hence there is a requirement for fast and secure image encryption techniques. Conventional encryption schemes such as DES, AES, prove ineffective due to specific intrinsic properties of images. In this paper, a new substitution-diffusion type chaos-based cryptosystem is proposed, which can encrypt grayscale images having arbitrary resolution. In the substitution stage, image pixels are permuted using a modified form of the discretized 2-D Baker map. Substitution is followed by a two-step diffusion approach that employs a chaotic logistic map. The proposed cryptosystem is resistant to brute force attacks (measured by key-space and key-sensitivity analysis), statistical attacks (tested by Histogram and Chi-Square test) and differential attacks (measured against NPCR, UACI, and Hamming Distance); The proposed method has also been tested for Encryption Quality, Correlation Analysis, Entropy Analysis, and Performance Analysis by measuring Encryption Speed as well as Time Complexity. Therefore, it is sufficiently secured to be used in real-world applications. To prove the unparalleled outcome of the proposed system, four sets of comparisons have been presented with respect to NPCR & UACI, Encryption throughput, and, lastly, with similar & non-similar existing cryptosystems.
    Keywords: Data Security; Encryption; Image Communication; Chaos; Sensitivity Analysis; Statistical Analysis;.

  • A Novel Traceback Model for DDoS Attacks Using Modified Floyd-Warshall Algorithm   Order a copy of this article
    by Mohamed Zaki, Sherif Emara, Sayed Abdelhady 
    Abstract: Distributed denial of service, DDoS, attacks are drastically increasing, therefore, they cause serious threats for information networks. One of the most dangerous aspects of such attacks is phishing i.e. the ability of masking the attacker IP address. Thus, it is extremely difficult to traceback DDoS attackers. However, there are different reasonable methods that are capable of tracing them back. These methods include packet marking, logging, combination of both marking and logging and entropy variation techniques. This paper proposes, for the first time, the use of a graph theoretic approach to exploit the entropy techniques for detecting and tracing back DDoS attackers. It presents a novel approach to traceback DDoS Attacks using modified Floyd-Warshall Algorithm, TDA/MFWA. Such model starts by feeding the network adjacency matrix in which the link weights are changed to comply with the network traffic entropy, accordingly the reachability from node to node can be examined. Then we borrowed the idea of enumerating all the intermediate points between every pair of network nodes from Floyd-Warshall algorithm and modified it to find out the victim node(s). The fact that entropy at network nodes is systematically accounted using a modified Floyd-Warshall algorithm contributes to the smartness and dependability of TDA/MFWA. This fact is confirmed by a large set of experiments that emphasized not only the effectiveness of the model but also its superiority with respect to other DoS/DDoS traceback algorithms.
    Keywords: Packet logging; Packet marking; Entropy variation; Modified Floyd-Warshall Algorithm; Traceback; DoS/DDoS attack.

  • Data Privacy with Heuristic Anonymization   Order a copy of this article
    by Sevgi Arca, Rattikorn Hewett 
    Abstract: Data are abundant. This makes data privacy more vulnerable than ever as attackers can infer confidential data from different query sources. Anonymization ad-dresses the issue of data privacy by making sure that each set of "critical" data values belongs to more than one individual so that the identity of the individual can be protected. Techniques for anonymization have been studied extensively but most have been designed to address each specific goal as opposed to providing an integrated system solution for computation, optimality, and data usage. This paper articulates and compares various aspects of privacy objectives for data anonymization. Most importantly, the paper also presents HeuristicMin, a new anonymization approach that applies generalizations along with optimal Artificial intelligence search to securing privacy by satisfying user-specified anonymity requirements while maximizing information preservation. By exploiting monotonicity property of generalization and using simple heuristics with appropriate generalization grain size (to prune and narrow down the search space), HeuristicMin is both effective for practice and theoretically grounded. We illustrate and provide analytical and empirical comparisons of our approach with other representatives including those designed for optimal generalization and classification. We differentiate the meanings of optimality. Furthermore, experimental results show that in addition to achieving the optimal generalized data to satisfy anonymity requirements, HeuristicMin can sustain the data quality for classification relatively well even though its intent is to keep the generalized data as close as possible to the original.
    Keywords: privacy; anonymization; data generalization; bottom-up generalization.

  • Collaborative Filtering based Recommendations against Shilling Attacks with Particle Swarm Optimizer and Entropy Based Mean Clustering   Order a copy of this article
    by Anjani Kumar Verma, Veer Sain Dixit 
    Abstract: Recommender System (RS) in the present web environment is required to gain the knowledge of the users and their commitments such as like and dislike about any items available on the e-commerce sites. Movie recommendations are one of such type in which shilling attack is increasing day by day, this will destroy or abruptly disturb the meaning of the data when recommended to others. Also, the hazards of shilling attacks degrade the performance of web recommendations. Hence, to address this issue the paper, Collaborative Filtering (CF) based hybrid model is proposed for movie recommendations. The Entropy-Based Mean (EBM) clustering technique is used to filter out the different clusters out of which the top-N profile recommendations have been taken and then applied with Particle Swarm Optimization (PSO) technique to get the more optimized recommendations. This research is focused is on getting secure recommendations from different recommender systems.
    Keywords: Collaborative Filtering; Entropy Based Mean; Particle Swarm Optimizer; Recommender System; Shilling Attack.

  • DIP-QGA: A Secure and Robust Watermarking Technique Based-on Direct Image Projection and Quantum Genetic Algorithm.   Order a copy of this article
    by Djalila Belkebir 
    Abstract: This paper presents three novel methods for hiding and extracting a watermark. The strategy of the first method is to project pixels into a new image. The key is a combination of the rotation and distance related to the viewer. The new pixel positions resulted from the direct image projection (DIP) are then used to hide the secret message. The aim of the second method relies on improving the security of a message against image manipulations (i.e., histogram analysis and RS steganalysis) where a combination between DIP and genetic algorithm (DIP-GA) is done. After that, we highlight the main challenges and issues that occur from the use of GA. Due to that, we propose the main contribution in our paper which is the use of quantum genetic algorithm (QGA) in the DIP method (DIP-QGA). QGA is based on the concepts and principles of quantum computing, such as quantum bits, quantum gates, and superposition of states. We evaluate our proposal’s performance on the USC-SIPI dataset As a result, an improvement in PNSR and MSE is obtained (90.15% and 94.34% respectively).
    Keywords: direct image projection; DIP; steganography; watermarking; quantum computing; genetic algorithms.
    DOI: 10.1504/IJICS.2022.10038272
  • Push and Nuke Attacks Detection using DNN-HHO Algorithm   Order a copy of this article
    by Veer Sain Dixit, Akanksha Bansal Chopra 
    Abstract: Collaborative recommender systems are widely used as a tool to offer recommendation for a product to its users. These systems produce recommendations to its users using information based on user-item ratings. However, these systems are highly vulnerable to biased ratings injected by malicious users. These biased ratings lead to attacks, namely, push attacks and nuke attacks that degrade the performance of collaborative recommender systems. To handle this problem, the paper proposes a novel model to improve the detection of attack profiles in collaborative recommender systems by using a hybrid approach. The proposed algorithm is then compared with baseline algorithms. The study also evaluates and compares various measure metrics for both proposed and traditional algorithms.
    Keywords: push attack; nuke attack; DNN-HHO.
    DOI: 10.1504/IJICS.2022.10040154
  • User Anonymity based Secure Authentication Protocol for Telemedical Server Systems   Order a copy of this article
    by Sunil Gupta, Pradeep Arya, Hitesh Kumar Sharma 
    Abstract: Telemedical server system enables a user to support the monitoring of health at home and access the medical facility over the network. Recently, many schemes have been proposed for providing security in the medical server system. Recently in year 2017, Limbasiya and Shivam proposed a scheme for medical applications using two-factor key verification. They claimed that the protocol provides security against all types of known active and passive attacks. In this paper we show that the Limbasiya and Shivam scheme suffers from user anonymity, replay and impersonation attack. The Limbasiya and Shivam scheme fails to provide low power consumption in terms of cryptographic computational operation and over head to the server. We propose a secure user anonymity-based authentication protocol to remove the weakness of formerly protocols. Our scheme is more effective in terms of mutual authentication and low power consumption. The performance analysis of our protocol shows less cryptographic computational cost and the server overload. The proposed protocol is tested and analysed using AVISPA security verification to confirm the secure and authentic protocol for telemedical server system.
    Keywords: authentication; telemedical server; AVISPA; efficiency; smart card.
    DOI: 10.1504/IJICS.2022.10040155
  • Malware Detection Approach Based on Deep Convolutional Neural Networks   Order a copy of this article
    by Hoda EL MERABET, Abderrahmane HAJRAOUI 
    Abstract: Malware detection field becomes more valuable nowadays regarding the continuously growing number of malware codes emerging every day. Besides, machine learning techniques have been widely used in various fields. For the purpose of employing machine learning in malware detection, an executable file should be represented by its features. Therefore, a dataset of labelled benign and malicious files is considered. Then, the developers extract the appropriate features to their model from each file. These features are displayed as inputs to a machine learning classifier. In previous researches, multiple features and classifiers were adopted in different combinations for a better classification. In this paper, we have been interested to PE header fields features, and a deep convolutional neural network for classification. We extracted the bytes of the PE header fields values and fed them to our model as greyscale images. Our model is constituted of 31 consecutive convolutional layers. The model was trained on the train dataset, and finally tested on the test dataset. The results were impressive reaching a test accuracy of 97.85%.
    Keywords: Convolutional neural networks; residual networks; deep learning; PE features; machine learning; malware detection.

  • Distributed integrity and non-repudiation scheme in the dynamic vehicular cloud environment   Order a copy of this article
    by Nayana Hegde, Sunilkumar Manvi 
    Abstract: Data storage is one of the major applications of vehicular cloud computing (VCC) where the data is shared concurrently among many vehicles participating in vehicular communications. Integrity and non-repudiation are some of the important security challenges encountered during the provisioning of data storage services. This paper proposes an integrity and non-repudiation verification scheme in dynamic vehicular cloud storage environment. Vehicle authentication is performed by employing Boneh-Lynn-Shacham (BLS) short signature mechanism. The cryptographic hash function and bitwise exclusive-OR (XOR) operation provide data integrity checking of messages which are uploaded from the vehicle to the cloud. RSU acts as a trusted verifier for data transactions. We evaluated the efficiency of the proposed scheme against standard attacks such as replay attack and tampering attack. Extensive simulations are carried out and the results are compared to ID-based cryptographic schemes. The scheme proposed achieved better in terms of computation overhead, average throughput and communication overhead.
    Keywords: security; non-repudiation; integrity; vehicular cloud; trusted verifier; road side unit; RSU.
    DOI: 10.1504/IJICS.2022.10042652
  • FPGA Implementation of AES Encryptor based on Rolled and Masked Approach   Order a copy of this article
    by Monika Mathur, Nidhi Goel 
    Abstract: The present work proposes a modified 8-bit AES architecture that performs AES core operations in a single round wherein data is iterated ten times instead of having ten different rounds leading to substantial decrease in area and power consumption. To enhance the security of AES encryption, boolean masking has been employed for all AES operations, rounds and intermediate data. Modified architecture for AddRoundKey and ByteSubstitution operation has been proposed that employs high order masking. Also, an enhanced key expansion algorithm is proposed that makes AES less vulnerable to saturation attacks and differential power analysis (DPA) attacks. Implementation of the proposed architecture has been done using Vivado Design Suite on Virtex-7 FPGA. Result analysis depicts that, during the performance explore strategy, 179.73 MHz maximum frequency with a throughput of 143.78 Mbps has been achieved whereas, the proposed architecture utilises 757 slices, 962 LUTs and 0.313 watt power using area explore strategy.
    Keywords: advanced encryption standard; AES; field-programmable gate array; FPGA; Boolean masking; enhanced key expansion algorithm; DPA attack; rolled architecture.
    DOI: 10.1504/IJICS.2022.10042653
  • CloudSec (3FA): A Multifactor with Dynamic Click Colour Based Dynamic Authentication for Securing Cloud Environment   Order a copy of this article
    by A. Saravanan, Sathya Bama S 
    Abstract: Availability, scalability, and security are the main concerns in a cloud environment and so it undergoes various challenges in the availability and security of sensitive and critical data stored in it. Multifactor authentication is one solution that offers layered defence in order to perform verification and validation of the users’ credentials that makes it difficult for an adversary to access the data stored in the cloud. This paper addresses the security issues in the cloud environment by suggesting a multifactor authentication model that utilises three significant factors such as static authentication, click colour based dynamic authentication and behavioural biometrics specifically keystroke with cryptographic encryption and hashing technique. Based on the experimental results, it is clear that the proposed method verifies and validates the authorised users thereby eliminating the adversaries with more than 96% of accuracy. Also, the model decreases the false positive and error rate to an extent of 3%.
    Keywords: cloud computing; multifactor authentication; click colour authentication; behavioural biometrics; layered defence; cryptographic two-fish encryption; bcrypt hash algorithm.
    DOI: 10.1504/IJICS.2022.10043102
  • Design of automatic monitoring system for network information security in cloud computing environment   Order a copy of this article
    by Jing NIU 
    Abstract: Aiming at the problems of incomplete monitoring, slow response speed and low accuracy of the existing network information security automatic monitoring system, the paper designs an automatic network information security monitoring system in a cloud computing environment. Based on the overall system architecture, the design of information collection, information transmission and information security early warning modules has realised the acquisition of network information changes, the transmission and integration of network information, and the risk warning of network abnormalities. Using relative protection entropy as the theoretical basis, the network information security threshold under the cloud computing environment is further set, and the automatic monitoring of network information security is realised by judging the threshold risk coefficient. Experimental results show that the system has a high comprehensive monitoring capability, the response speed is within 0.5s, and the accuracy of information monitoring is as high as 99%.
    Keywords: cloud computing; network information; monitoring system; information collection; response speed.
    DOI: 10.1504/IJICS.2022.10043103
  • Comprehensive Review on Distributed Denial-of-Service (DDoS) Attacks in Wireless Sensor Networks   Order a copy of this article
    by Shalini Subrmani, Selvi M 
    Abstract: Distributed denial of service (DDoS) is the most popular disruptive type of attack in wireless sensor networks (WSNs) and it is extremely harmful for the functioning of the network, since it is generating a huge amount of traffic through flooding of the spam packets into the target system. The malicious nodes present in the network prevent the legitimate users from the access to the network through flooding. Hence, it is necessary to handle this issue. Intrusion detection systems (IDSs) are used to monitor all incoming packets and they can compare the traffic patterns to detect the anomalous network activity. In this paper, a survey of works on DDoS attacks launched by the malicious users and the detection of such attacks using IDS are discussed. Moreover, this survey focuses on the IDSs developed using classification techniques since they have been used for detecting and preventing the DDoS attacks more efficiently.
    Keywords: DoS attacks; distributed denial of service; DDoS attacks; intrusion detection systems; IDSs; artificial intelligence and machine learning approaches; wireless sensor networks; WSNs.
    DOI: 10.1504/IJICS.2022.10043105
  • Two-Level Machine Learning Driven Intrusion Detection Model for IoT Environments   Order a copy of this article
    by Yuvraj Singh Malhi, Virendra Singh Shekhawat 
    Abstract: As a consequence of the growing number of cyber-attacks on IoT devices, the need for defences like intrusion detection systems (IDSs) has significantly risen. But current IDS implementations for IoT are complex to design, difficult to incorporate, platform-specific, and limited by IoT device’s resource constraints. This paper proposes a deployment-ready network IDS for IoT that overcomes the shortcomings of the existing IDS solutions and can detect 22 types of attacks. The proposed IDS provides the flexibility to work in multiple modes as per IoT device computing power, made possible via development of three machine learning-based IDS modules. The intrusion detection task has been divided at two levels: at edge devices (using two light modules based on neural network and decision tree) and at centralised controller (using a random forest and XGBoost combination). To ensure the best working tandem of developed modules, different IDS deployment strategies are also given.
    Keywords: deep learning; machine learning; intrusion detection system; IDS; random forest; network security; internet of things; IoT; denial-of-service.
    DOI: 10.1504/IJICS.2022.10043106
  • A Stable Cryptographic Key Generation from Fingerprint Biometrics Using Gray Code for Secure Data Storage   Order a copy of this article
    by Suresh Kaliyannan, Rajarshi Pal, S.R. Balasundaram 
    Abstract: Cryptographic techniques play a major role in digital information security. In cryptography, securing/storing the cryptographic key is an arduous task. The proposed stable cryptographic key generation directly from fingerprint biometrics overcomes this security concern. It eradicates the need of storing a cryptographic key. Rather, the key can be generated from a fingerprint biometrics on a need basis. In this work, a novel Gray code-based method is introduced to generate a stable cryptographic key from fingerprint. Usage of Gray code representation significantly reduces the number of mismatch bits between the generated bit strings from the two instances of the same fingerprint. Hence, Reed-Solomon error correction code is able to successfully correct the errors which may occur due to variations in captured images of the same fingerprint. This generated bit string is used in a symmetric key setup for secure data storage.
    Keywords: cryptographic key; key generation; bio-cryptosystems; fingerprint; biometrics; secure storage; reed-solomon code; Gray code.
    DOI: 10.1504/IJICS.2022.10043107
  • Lightweight Authentication Scheme based on Modified EAP Security for CoAP Protocol based IoMT Applications   Order a copy of this article
    by Pritam Salankar, Vinay Avasthi, Ashutosh Pasricha 
    Abstract: The medical data generated from the patients that are communicated and stored on servers are highly sensitive, and also the IoMT network creates open spaces for an adversary. The proposed work designs a lightweight authentication scheme to support the extensible authentication protocol (EAP) called lightweight EAP (L-EAP). The proposed L-EAP modifies the EAP model and dynamically changes the security service as per healthcare application requirements. The L-EAP selectively applies the data encryption and integrity without frequent re-handshaking with the server using one-bit epoch field in the EAP message header. The L-EAP performs such a key generation process as a part of the authentication phase and enlarges the lifetime of the IoMT network. The advanced encryption standard (AES) is improved for providing data confidentiality in L-EAP. The L-EAP improves the confusion property of cipher text in AES and applies shift row and XOR operations to all the words.
    Keywords: internet of medical things; IoMT; lightweight mutual authentication; improved AES-based encryption; modified EAP; dynamic service change.
    DOI: 10.1504/IJICS.2022.10044087
  • An Efficient Two-level Image Encryption System using Chaotic Maps   Order a copy of this article
    by K. Abhimanyu Kumar Patro, Bibhudendra Acharya 
    Abstract: This paper proposes an image securing technique that aims to provide two-level security on two images in terms of encryption at the same time. In this technique, both bit and pixel-level encryptions are carried out, first, the pixel-level-shuffling is performed using the piece-wise linear chaotic map (PWLCM) and then the diffusion in bit-level is performed using the key-image. The bit-level diffusion using chaos not just to confuse the pixels, but is also diffuses them intensely. In addition, the bit and pixel-level processes improve that algorithm’s security. Additionally, the parallel bit-plane diffusion process reduces the method’s computational complexity. This technique uses one type of one-dimensional chaotic map in both permutation and diffusion, thereby increasing the algorithm’s hardware and software efficiency. The results of the security analysis and simulation show that the suggested method is more effective in encoding and improves the security of the encrypted images.
    Keywords: security; dual-image encryption; chaos; hash algorithm; permutation; diffusion.
    DOI: 10.1504/IJICS.2022.10044091
  • An Approach for Secure Data Transmission in Smart grids   Order a copy of this article
    by Jagdish Pandey, Mala Kalra 
    Abstract: Smart grids (SG) require data compression and encryption algorithms to communicate large amount of data in the secure way. However, existing algorithms are not appropriate for smart grid as they consume huge memory and take significant amount of execution time. Consequently, we explored other algorithms and choose the neighbourhood indexing sequence algorithm (NIS) for data compression and the PICO algorithm for cryptography. Further, PICO algorithm is enhanced in two ways. Firstly, random bits are generated and added to the plaintext to increase the block size that improves the security of the algorithm. The random bits are generated by hybrid of cuckoo search and genetic algorithm. Secondly, software optimisation algorithms namely loop unrolling and binary search algorithms are used to reduce execution time. The experimental results demonstrate the better performance of proposed algorithm EPICO over PICO in terms of memory consumption, execution time, correlation coefficient and avalanche effect.
    Keywords: smart grid security; binary search; cryptography; loop unrolling; neighbourhood indexing sequence algorithm; NIS; PICO algorithm.
    DOI: 10.1504/IJICS.2022.10044642
  • Generation of 8   Order a copy of this article
    by Vikas Tiwari, Ajeet S., Appala Naidu Tentu, Ashutosh Saxena 
    Abstract: Substitution boxes (S-boxes) have a very important role in the recent developments of block ciphers as it provides the nonlinearity for the ciphers. To resist different kinds of attacks, S-boxes must be constructed very cautiously. There are some schemes which are known to design S-boxes, interestingly these are based on evolutionary heuristics. In this paper, we have proposed a new approach for the construction of 8
    Keywords: substitution-box; nonlinearity; strict avalanche criterion; differential approximation; linear approximation.
    DOI: 10.1504/IJICS.2022.10044644
  • Performance Driven Hyperledger-Fabric Based Blockchain Framework for Mass e-Voting in India   Order a copy of this article
    by Amith K. K, SANJAY H. A, Ajay Venkat, Harshitha K, Eshwar D, K. Aditya Shastry 
    Abstract: The Indian voting infrastructure of today currently has a high cost per voter and low voter turnout. Several other countries have tried to tackle these issues by providing a way for voters to vote online, and the most promising and trustworthy solutions come in the form of blockchain-backed voting. But most current blockchain voting systems do not provide a verifiable secret ballot and use computationally expensive Byzantine fault tolerant proof of work algorithms that are often slow at appending new transactions/votes. To address the issues, we propose a performance driven Hyperledger Fabric-based voting framework that can sustain over 200 votes/sec with a reasonable end user latency. This effort introduces a multitude of solutions to the current age dilemma of voting, both offline and online with unique features including cost effective deployments, instantaneous vote counting, cast as intended verifiability and an observable and auditable architecture.
    Keywords: blockchain; hyperledger; consensus; e-voting; proof of work; deterministic consensus; India.
    DOI: 10.1504/IJICS.2022.10044795
  • BYOD security issues and controls framework: An outcome of a systematic literature review   Order a copy of this article
    by Thembekile Mayayise 
    Abstract: Various organisations and individuals consider the bring your own device (BYOD) practice as a flexible method for remote working. However, as cybercrime continues to surge under the current teleworking climate, organisations are compelled to strengthen their existing security posture. The aim of this study was to uncover the BYOD security issues and appropriate controls through a systematic literature review (SLR) of peer-reviewed journal articles from 2010
    Keywords: bring your own device; BYOD; information security; mobile devices; IT consumerisation; cybersecurity; security controls; systematic literature reviews; theories.
    DOI: 10.1504/IJICS.2022.10044796
  • A Cyberstalking-Free Global Network with Artificial Intelligence Approach   Order a copy of this article
    by NURENI AYOFE AZEEZ, Odejinmi Oluwatobi Samuel 
    Abstract: Cyber harassment is a cybercrime that has posed a great danger to social media users. This work aims at comparing the traditional classifiers and deep learning in detecting cyber harassment. Seven machine learning algorithms
    Keywords: cyber-harassment; deep-learning; cybercrime; machine-learning; algorithms; metrics; ensemble.
    DOI: 10.1504/IJICS.2022.10045210
  • Secure Proof of Ownership for Deduplicated Cloud Storage System   Order a copy of this article
    Abstract: Deduplication is a popular data reduction technique that minimises storage and communication costs. However, in a deduplicated system, an adversary can obtain access to the entire file on the server by showing just hash of file. A standard solution is that the server sends a file-based challenge to verify the client’s file-ownership. Unfortunately, in the state-of-the-art schemes, adversary can correctly respond to the challenge with knowledge of the hash of file-blocks, where 'Hash(blocks)'
    Keywords: deduplication; proof of ownership; ownership authenticity; cloud storage security.
    DOI: 10.1504/IJICS.2022.10045493
  • A Comprehensive Survey on Fuzzy based Intelligent Intrusion Detection System for Internet of Things   Order a copy of this article
    by Nandhini U, Santhosh Kumar SVN 
    Abstract: Internet of things (IoT) is rapidly expanding, and it is having a greater impact on daily life. The internet of things is widely applied in a wide range of industries, from small to large. IoT-based is a collection of distributed smart devices with software that is capable of detecting data from a sensing domain, collaborate, and transmit the sensed data to a sink via internet as a backbone using multi-hop communication. Due to its resource constrained nature and also since the communication between the devices takes place via an open channel, providing security and monitoring the behaviour of the devices is a major challenge. It attracts cybercriminals attention, who have made IoT an easy target for malicious attacks. In the literature, various IoT-based intrusion detection systems (IDSs) have been proposed to address the security challenges of the IoT network. In this paper, a survey on fuzzy-based IDSs is carried out for highlighting their contribution and limitations with reference to intrusion detection accuracy, false positive rate and overall network performance. Moreover, this survey provides a detail analysis on fuzzy-based intrusion detection systems which aims in analysing intrusion detection accuracy and minimising false data rate to show the way for the future direction.
    Keywords: intrusion detection system; IDS; internet of things; IoT; security; malicious attacks; soft computing.
    DOI: 10.1504/IJICS.2022.10046235
  • Unified Identity Authentication Scheme of System Wide Information Management Based on SAML-PKI-LDAP   Order a copy of this article
    by Lizhe Zhang, Zhuoning Bai, Zhijun Wu, Kenian Wang 
    Abstract: System wide information management (SWIM) is a platform to share and exchange information on the new air traffic management (ATM) services between different departments and systems in the civil aviation field. Through the connection of SWIM and various application services, a virtual information pool is formed to solve the interconnection issues of different systems. To ensure data security in the system and quick authentication of legitimate users, we propose a unified identity authentication scheme for SWIM. This scheme improves the security assertion markup language (SAML) cross-domain authentication model and integrates it with the public key infrastructure (PKI) authentication system and lightweight directory access protocol (LDAP). Experimental results show that this scheme realises the functions of user management, identity authentication, and cross-domain access, which can meet requirements of the SWIM gateway.
    Keywords: system wide information management; SWIM; security assertion markup language; SAML; identity authentication; digital certificate; directory access protocol.
    DOI: 10.1504/IJICS.2022.10046260
  • Blockchain Based EHR Storage and Access Control System   Order a copy of this article
    by Sunil Gupta, Akansha Bhansiya, Mansi Saini, Amuleek Sidhu 
    Abstract: Medical records of patients are stored digitally as electronic health record (EHR) for maintaining large data and easy accessibility from anywhere. Medical data is highly confidential and must not be tampered because it affects the treatment given to patient and if the data is tampered, it may lead to wrong medication. There are some technical challenges and vulnerabilities to storage and access of EHRs in cloud databases. Major challenges include ensuring confidentiality, privacy and integrity while sharing medical records with other users/doctors. Patient does not have complete ownership over their medical records. Even if access control is applied there are chances of data leak if an adversary gets access to the database in which EHRs are stored. Other than this a proper history of EHR access and update should be maintained and patient’s permission should be required while editing his/her records to ensure that data is not edited by an unauthorised person or by an adversary. In this paper we will discuss some approaches to overcome the above-mentioned challenges and ensure complete control of owner over their medical records.
    Keywords: electronic health record; EHR; access control; blockchain.
    DOI: 10.1504/IJICS.2022.10046929
  • The Hybrid Framework of Ensemble Technique in Machine Learning for Phishing Detection   Order a copy of this article
    by Akanksha Mahajan, Pradnya Navale, Vaishnavi Patil, Vijay Khadse, Parikshit Mahalle 
    Abstract: The benefit of online systems has been availed by users and cybercrimes alike. Phishing has become a popular cybercrime. Phishing is a significant criminal activity for financial gains. Studies about different machine learning algorithms are a perpetual journey to detect malicious data. There are lots of algorithms proposed for detecting a phishing website. The selection of the best solution for the problem is not an easy task in a phishing domain. In this study, the focus is on experimental study of ensemble learning methods, feature reduction techniques and hybrid approach. In machine learning, for improvement in performance ensemble learning plays a crucial role. In this study, we do a comparative analysis of bagging, boosting and stacking ensemble learning models and propose a new hybrid model in the phishing domain.
    Keywords: machine learning; phishing; hybrid ensemble models; ensemble techniques; feature reduction techniques; principal component analysis; PCA; linear discriminant analysis; LDA; isometric mapping.
    DOI: 10.1504/IJICS.2022.10046930
  • Ciphertext-Policy Attribute-Based Delay Encryption   Order a copy of this article
    by Lijiao Chen, Kewei Lv 
    Abstract: Timed-release CP-ABE can provide fine-grained and timed-release access control while ensuring data confidentiality. Existing schemes usually rely on a trusted third-party called time server. This paper proposes a novel timed-release CP-ABE scheme named ciphertext-policy attribute-based delay encryption (CP-ABDE), which does not require a time server. Specifically, we formalise the notion of CP-ABDE and its system model and security model. Furthermore, we provide a formal construction that is secure under the decisional bilinear Diffie-Hellman assumption and repeated squaring assumption. Finally, performance analysis shows that the scheme performs well while achieving timed-release access control.
    Keywords: ciphertext-policy attribute-based encryption; CP-ABE; time-lock puzzle; TLP; access control; timed-release; delay.
    DOI: 10.1504/IJICS.2022.10046931
  • Implementation of a Secret Sharing based Masking Scheme against Side-channel attack for Ultra-lightweight Ciphers in IoT   Order a copy of this article
    by Swapnil Sutar, Vikas Tiwari, Ajeet Singh 
    Abstract: IoT applications consist of a group of small physical devices with sensing capabilities, working collaboratively to provide a specific functionality. Collaboration is realised by sending data from one or more devices in a network to another device or group of devices. Data stored or processed across an IoT ecosystem is likely to contain sensitive information, requiring strong confidentiality. Cryptographic algorithmic modules embedded on these physical devices are particularly vulnerable to side channel analysis. The most common countermeasure for block cipher implementations is masking, which basically randomises the variables to be protected by combining them with numerous random values. In this paper, masked implementation of lightweight block ciphers PRESENT and BORON is demonstrated. In the framework, secret sharing-based masking procedure is adapted as an alternative to Boolean masking. We then conduct a security analysis and empirical observations of our framework. To prove the novelty and practical adaptability of the proposed framework, implementation and obtained results are also presented in the paper.
    Keywords: masked nonlinear transformation; lightweight block cipher; PRESENT; BORON; randomised propagation; countermeasures; secret sharing.
    DOI: 10.1504/IJICS.2022.10046932
  • Artificial Neural Network based Intrusion Detection System using Multi-objective Genetic Algorithm   Order a copy of this article
    by Narottam Patel, B.M. Mehtre, Rajeev Wankar 
    Abstract: With recent advances in cyber-attacks, traditional rule-based intrusion detection systems are not adequate to meet the present-day challenge. Recently machine learning-based intrusion detection system (IDS) has been proposed to detect such advanced/unknown cyber-attacks. The performance of such machine learning-based IDS largely depends upon the feature set used. Generally, using more features increases the accuracy of attack detection and increases detection time. This paper proposes a new network intrusion detection system based on an artificial neural network (ANN), which uses a multi-objective genetic algorithm to satisfy the requirements: accuracy of attack detection and faster response. The performance of the proposed method is tested by using the KDD
    Keywords: intrusion detection system; IDS; advanced persistent threat; KDD‘99; NSL-KDD; CIC-IDS-2017; feature selection; artificial neural network; ANN; multi-objective genetic algorithm.
    DOI: 10.1504/IJICS.2022.10046933
  • Blockchain Based Image Encryption with Spiral Mapping and Hashing Techniques in Dual Level Security Scheme   Order a copy of this article
    by Chithra PL, Aparna R. 
    Abstract: As the technology is growing, the value of data is tremendously increasing. Different ways of security threats and hacking techniques are initiated by intruders to obtain the secret data. Image dataset holds huge information. Hence, it’s crucial to safeguard the secret image data. In this paper, a blockchain-based strong encryption method combined with stegano to withstand security breaching is proposed. 2D Image data segments are scrambled by random permutation and spiral mapped to obtain the cipher blocks. Each cipher blocks are chained by SHA-512 hash and embedded in covering audio signal to enhance protection. LSB encoding is adapted to maximise the correlation coefficient. Standard datasets for secret image and covering audio signal are used and the PSNR, SSIM, Correlation values are compared with existing methods to prove the efficacy of the proposed method. The ideology of applying blockchain technique in cryptography upholds the novelty of our work. Dual level security scheme (DLSS) strengthens the overall performance by sending the cipher blocks embedded within audio signals.
    Keywords: blockchain; hash matrix; encryption; spiral mapping; dual level security scheme; DLSS; cipherblocks.
    DOI: 10.1504/IJICS.2022.10046934
  • A Shallow based Neural Network Model for Fake News Detection in Social Networks   Order a copy of this article
    by S.P. Ramya, Eswari Rajagopal 
    Abstract: The convenience of connecting through the internet and eagerness to spread any news through online social media is very intriguing as it can be done rapidly and with very little effort. This permits the very quick spread of fake news globally and misleads the people against democracy and freedom. The content of fake news very closely resembles true news. So, technically, it is tough for a deep neural network to
    Keywords: attention mechanism; deep learning; optimisation; natural language processing; NLP; convolution neural networks; CNN.
    DOI: 10.1504/IJICS.2022.10046935
  • Outsourcing decryption of KP-ABE using elliptic curve cryptography   Order a copy of this article
    by Dilip Kumar, Manoj Kumar 
    Abstract: Internet of things (IoT) has changed our lives greatly and impacted almost everything in the digital world. Devices used in IoT are connected with each other through the internet for communication. These devices are vulnerable to various interceptions and suffer from resource limitations. Key policy attribute-based encryption (KP-ABE) is a modern cryptographic scheme that provides security and access control mechanism in an IoT environment. Therefore, an outsourcing scheme is proposed to outsource decryption of KP-ABE to reduce decryption overhead for resource-constrained devices (RCDs). In our scheme, computational complexity is reduced by using elliptic curve cryptography (ECC) and a linear secret sharing (LSS) scheme is utilised to represent the access policy. The security of our scheme is given under the replayable chosen-ciphertext attacks (RCCAs) model. The implementation shows that our proposed scheme reduces the complexity of decryption and computational time as compared to other schemes.
    Keywords: internet of things; IoT; key policy attribute-based encryption; KP-ABE; elliptic curve cryptography; ECC; point scalar multiplication; PSM; access structure; LSS scheme.
    DOI: 10.1504/IJICS.2022.10046937
  • Dynamic Group Signature Scheme Using Ideal Lattices   Order a copy of this article
    by Abhilash M. H, Amberker B. B 
    Abstract: Group signature scheme is a cryptographic primitive that allows its registered group members to generate signatures on behalf of the whole group without revealing their identity. Ling et al. (2018) proposed the first constant size group signature scheme using ideal lattices, where signatures size is independent of number of users N in the group. This is a partial dynamic scheme that supports only registration of new users. It doesn’t allow revocation of group users. In this paper, we construct an ideal lattice based constant size dynamic group signature scheme that supports both revocation and registration. In addition, an efficient revocation technique based on time bound signing keys is proposed to reduces the verification cost. The security of the proposed scheme is proved in the random oracle model based on the hardness of Ring Short Integer Solution (RSIS) and Ring Learning With Errors (RLWE) assumptions.
    Keywords: Group signature scheme; Lattice based cryptography; Ideal lattices; Dynamic group signature scheme; VLR; Time bound keys.
    DOI: 10.1504/IJICS.2022.10047374
  • A Method of Speech Information Hiding in Inactive Frame Based on Pitch Modulation   Order a copy of this article
    by Zhijun Wu, Chenlei Zhang, Junjun Guo 
    Abstract: To solve the problem that the speech information hiding algorithm based on random position selection and matrix coding has insufficient hiding capacity, the paper proposes a novel pitch modulation steganography method based on inactive frame. In this method, the least significant bit (LSB) replacement method is adopted for inactive frames, and the speech information hiding algorithm based on random position selection and matrix coding is adopted for active frames, which realises the pitch modulation information hiding method based on inactive frames. Finally, simulation experiments are carried out for the pitch modulation information hiding method based on inactive frames. The results indicate that the maximum hiding capacity of the algorithm in this paper can reach 241.67 bps, which significantly improves the hiding capacity, and at the same time the concealment has also been improved to a certain extent.
    Keywords: information hiding; random position selection; matrix encoding; pitch modulation; inactive frame.
    DOI: 10.1504/IJICS.2022.10047375
  • JPBlock: Augmenting Security of Current Journal and Paper Publication Processes using Blockchain and Smart Contract   Order a copy of this article
    by Justice Odoom, Huang Xiaofang, Richlove S. Soglo 
    Abstract: Scholarly journals (SJ) play an indispensable role in the scrutiny and dissemination of research. However, the current SJ and academic paper publishing infrastructure is fragmented and dependent on centralized servers compelling researchers to hop from one journal platform to another for familiarity, account registration and subsequent usage. In this work, we advance a secure blockchain-based multi-tenant decentralized framework dubbed JPBlock to facilitate paper submission through to publication and discoverability. Leveraging fundamental attributes of blockchain, smart contract and decentralized storage technology, we advance novel capabilities including paper tracking, proof of authorship and voting on reputation of journals while enforcing core security principles on-chain and off-chain. Open access papers are made available on a global scale while non-open access papers are securely encrypted supporting the subscription-like model. Proof-of-concept implementation reveals that the framework is feasible and satisfies fundamental security requirements with journals and authors incurring overall costs of $46.66 and $25.61 respectively.
    Keywords: Authors; Blockchain; Decentralized applications (DApps); Ethereum; Journals; Smart contract.
    DOI: 10.1504/IJICS.2022.10047376
  • An Effective Ensemble Method for Missing Data Imputation   Order a copy of this article
    by Bikash Baruah, Manash Pratim Dutta, Dhruba K. Bhattacharyya 
    Abstract: The presence of missing data in a dataset plays a vital role in the design of classification, clustering, or regression methods. An efficient missing data imputation can enhance the overall performance of a machine learning method. This paper ensembles k-nearest neighbour imputation, local least square imputation, miss forest imputation, and k-means clustering imputation using the bagging approach to handle missing values over a wide range of datasets. The method has been tested with eight different datasets in terms of root mean square error, median absolute percentage error, mean absolute percentage error, and standard deviation. Experimental results show that our method gives a low error rate compared to its closed competitors.
    Keywords: missing data imputation; ensemble method; k-nearest neighbour; KNN; local least square; LLC; miss forest; k-means clustering; KMC.
    DOI: 10.1504/IJICS.2022.10047377
  • Tree Derived Feature Importance and Bayesian Optimization For Improved Multi-class classification of DDoS Attacks in Software Defined Networks   Order a copy of this article
    by Ancy Sherin Jose, Latha R. Nair, Varghese Paul 
    Abstract: Software defined networking (SDN) is an emerging networking paradigm which mitigates the inadequacies of traditional networks. The centralised controller in SDN allows for the global view of network as well as for controlling the network operations from a single point. Like the traditional networks, SDN is also prone to network vulnerabilities. Intrusion detection based on machine learning techniques is effectively used in traditional networks and have found promising results. The research in security of SDN is in its early stages and researchers from academia and industry are working for this cause. In this paper, machine learning-based intrusion detection is attempted for multi-class classification of distributed denial of service (DDoS) attacks in a software defined networking (SDN) environment. The feature importance derived from tree-based classifiers has been used for the feature selection to reduce the feature space which in turn reduces the time and space complexities. Hyperparameter tuning with TPE driven Bayesian optimisation (BO) has also been used for performance enhancement of the classifier. This multistage machine learning model achieves DDoS detection accuracy of 99.87%. The experimental evaluation is performed with SDN DDoS dataset and the results have been tabulated.
    Keywords: software defined networking; SDN; DDoS attack detection; machine learning; ML; multi-class classification; Bayesian optimisation; feature importance.
    DOI: 10.1504/IJICS.2022.10047378
  • Outlier Detection in WSN with SVDD via Multi-Interpolation Auto-encoder   Order a copy of this article
    by Bhanu Chander, Kumaravelan Gopalakrishnan 
    Abstract: Due to limited resources and harsh deployment environments, data outliers frequently rise in wireless sensor networks (WSNs). Hence, the collected data observations contain poor data quality and reliability. In recent years, research attempts have focused on utilising temporal and spatial correlation of the sensed data in WSNs but ignored the dependencies among the sensor node’s attributes, which reduce overall communication. Instead of transmitting every sensed data of a corresponding sensor node to the base station, this paper pursues a novel approach to incorporating a representation method using an auto-encoder to identify the redundant data in its transmission path through cluster head (CH). With this scenario, this paper also empirically assesses the integration of auto-encoders and SVDD to learn a condensed form of a low dimensional data point by interpolating the convex combination of the sensed data, which can semantically mix their characteristics in a distributed manner and identify the outlier respectively.
    Keywords: wireless sensor network; WSN; anomaly detection; outlier; auto-encoder; support vector data description; Parzen neural networks.
    DOI: 10.1504/IJICS.2022.10047379
  • A Comparative Study of Deep Transfer Learning Models for Malware Classification using Image Datasets   Order a copy of this article
    by Ranjeet Kumar Ranjan, AMIT SINGH 
    Abstract: This paper proposes deep convolution neural network-based malware classification approach. The proposed work is a transfer learning approach, where we have developed multiple deep learning classification models. The classification models are built by adapting multiple pre-trained convolutional neural networks, namely; Xception, VGG19, InceptionResNetV2, MobileNet, InceptionV3, DenseNet, and ResNet50. In the current work, weights of pre-trained models are embellished by adding three fully connected (FC) layers. The proposed models have been evaluated on two different malware datasets, Microsoft and MalImg, consisting of malware images. The focus of this paper is to analyse the performance of fine-tuned CNN models for malware classification. The results of our experiments show that InceptionResNetV2 and Xception models have performed considerably well for the Microsoft dataset with accuracy equal to 96% and 95%, respectively. In the case of the MalImg dataset, InceptionResNetV2, InceptionV3, and Xception models have achieved excellent performance with an accuracy of up to 96%.
    Keywords: cyber security; malware classification; deep learning; transfer learning; convolutional neural network; malware image dataset.
    DOI: 10.1504/IJICS.2022.10047490
  • Enriching Blockchain with Spatial Keyword Query Processing   Order a copy of this article
    by Muhammad Kashif Azhar, Bin Yao, Zhongpu Chen 
    Abstract: Recently, after successfully revolutionising financial services, blockchain is now transforming a variety of other domains. However, current working abstraction requires technology to have more maturity from several key perspectives, and linear data processing is one of them. Blockchain, with its core characteristics like immutability, traceability, and decentralisation, has the potential to support various types of data. Currently, we found this design an ideal model to support spatial kind of data structures, which to the best of our knowledge is a novel feature. We lead this opportunity to enrich blockchain with efficient spatial keyword data. We introduce spatial keyword index for block (SKIB), which is a cryptographically signed tree, thus maintaining the storage and integrity of original data from its spatial topological contexts. To demonstrate our work, we implement both textual first and spatial first pruning techniques. The comprehensive evaluation shows that SKIB provides efficient spatial keyword data processing on blockchains.
    Keywords: blockchain; query processing; spatial keyword data; indexing.
    DOI: 10.1504/IJICS.2022.10047992
  • A Message Encryption Scheme inspired by Sudoku Puzzle (MESP)   Order a copy of this article
    by Shadi Masadeh, Hamza Abbass Al-Sewadi, Mohammed Abbas Fadhil Al-Husainy 
    Abstract: Lightweight cryptographic systems are recently sought for applications with limited computation capabilities, storage space, and power constraints. Such applications include Radio-frequency identification devices, remote sensing networks, health care instruments, smart cards, etc. This paper proposes a lightweight symmetric stream cipher cryptosystem that is inspired by the Japanese game
    Keywords: symmetric cryptosystems; Sudoku puzzle; pseudo-random numbers; lightweight cryptography; dynamic permutation.
    DOI: 10.1504/IJICS.2022.10047993
  • Data hiding in the optimal keyframes using circular shifting and mutation operations for improvement in imperceptibility   Order a copy of this article
    by Sahil Gupta, Naresh Kumar Garg 
    Abstract: Video steganography hides the information in the cover video and helps in a secure communication over the unsecured network. The existing steganography methods are lacking in terms of efficient keyframe selection algorithm and also show less imperceptibility. The proposed method used the Kullback Leibler divergence (KLD) and edge features to extract the keyframes from any type of video dataset whereas circular shifting and mutation operations are used to improve the imperceptibility. The circular shifting operation helps in searching for the optimal direction of secret data, whereas the mutation operation was deployed to adjust the pixel values to reduce the variability more. To validate the proposed algorithm, the computations were performed on the standard videos and image datasets. The computational results validate that the proposed algorithm has achieved better imperceptibility in a fewer number of iterations. Furthermore, the keyframes extraction technique helps to increase the security of the proposed system for any type of video dataset.
    Keywords: imperceptibility; video steganography; mean square error; MSE; mutation; optimal data hiding; circular shifting; peak signal to noise ratio; PSNR; Kullback Leibler divergence.
    DOI: 10.1504/IJICS.2022.10047994
  • Intrusion Detection System using RBPSO and Fuzzy Neuro Genetic Classification Algorithms in Wireless Sensor Networks   Order a copy of this article
    by Shalini Subramani, Selvi M 
    Abstract: In the recent years, intrusion detection systems (IDSs) are used to detect malicious attacks in WSNs. Most of the IDSs are developed using two phases namely, a feature selection phase for selecting only the important features and classification phase to classify the intrusions. The existing works on IDS are focusing on providing security to wired networks, databases and operating systems. However, WSNs need a different type of IDS due to the mobility of nodes, limited energy in nodes and necessity for base station to collect the data. Therefore, we propose a new IDS that is more suitable for securing the communication in WSN. In this paper, a new feature selection algorithm based on PSO is proposed called rule-based PSO (RBPSO) and fuzzy neuro genetic classification algorithm (FNGCA) for securing WSN. The major uses of this proposed model include increased detection rate and reliable communication with reduction in energy consumption and delay.
    Keywords: intrusion detection system; IDS; wireless sensor networks; particle swarm optimisation; fuzzy logic; clustering method; neuro-genetic algorithm and secure routing.
    DOI: 10.1504/IJICS.2022.10048818
  • Formal Verification of Software-only Mechanisms for Live Migration of SGX Enclaves   Order a copy of this article
    by Oualid Demigha, Nabil Haddad 
    Abstract: Live migration is not supported by current Intel?R SGX implementations. So, software emulation is unavoidable to enable deployed hypervisors migrating live virtual machines running SGX enclaves in the cloud. However, copying the running state of an enclave requires read/write of enclave’s memory from outside, which is impossible. Therefore, software-only mechanisms, as opposed to hardware extensions, are not transparent to the virtual machines, and need to deduce some hardware-defined metadata by emulation. Also, they need to synchronise enclaves’ stop/resume between two remote platforms. In this paper, we formally verify the only solution proposed in the literature that uses such a mechanism, in which we identify a severe critical situation where the whole live migration process gets stuck. Moreover and due to a specification flaw, we determine a condition that leads to the violation of instance uniqueness of enclaves. That may induce vulnerabilities for fork and rollback attacks. To remedy to these design shortcomings, we propose some easy-to-implement solutions to remove deadlock situations and ensure state uniqueness at the expense of a longer downtime.
    Keywords: trusted execution environment; trust cloud computing; Intel?R SGX; hardware-assisted security; SPIN; PROMELA; model-checking; live migration; fork attack; rollback attack.
    DOI: 10.1504/IJICS.2022.10048819
  • Sentiment Analysis in Social network data using Multilayer Perceptron Neural Network with Hill-Climbing Meta-Heuristic Optimization   Order a copy of this article
    by Samson Ebenezar Uthirapathy, Domnic Sandanam 
    Abstract: Social networks such as Twitter, Facebook, and Instagram are the most widely used communication media in which users share their feelings and opinions about current events in society. For example, the occurrence of COVID19, its causes, symptoms, precautions, safety measures, prohibitions, etc. This work proposes a multi-class sentiment classification model to classify the tweets under various polarisation categories of the social network data. For Twitter data classification, this work proposes a model based on a multilayer perceptron neural network with hill-climbing optimisation. The heuristic hill climbing is used at the backpropagation for learning. TF-ID method is used for feature extraction from the dataset. This work compares the proposed method with the existing sentiment classification models of social network data. The proposed multi-class sentiment classification model has shown improvements in performance with the measures namely f1-score, precision, accuracy and recall over the existing sentiment classification models.
    Keywords: sentiment analysis; Twitter; classification; hill-climbing algorithm; optimisation; multilayer perceptron; MLP; coronavirus.
    DOI: 10.1504/IJICS.2022.10049056
  • A Secure Access control model based on Improved Attribute-Based Cryptosystem in Cloud Environment   Order a copy of this article
    by Garima Verma, Ashutosh Kumar 
    Abstract: To handle cloud security challenges, an improved access control system has been proposed for secure data and resource access using attribute-based encryption (ABE) to handle the above-discussed challenges. The owner will broadcast the message and specific users with certain attributes and parameters will be able to access that message. At the initial stage, the encryption will be done based on the attributes of the users. Then, a secret share of each user will be created as per their identity information. Then, the decryption key and ciphertext share will be distributed into the distributed hash table (DHT). Finally, the authorised group of users can extract the broadcasted ciphertext only by using secret shares and required attributes. The results of this experimental study are further compared with some existing state of art systems. It has been found that the proposed model is more effective than other schemes.
    Keywords: security; confidentiality; identity; attribute-based encryption; ABE; distributed hash table; DHT; ciphertext; biometrics; attacks.
    DOI: 10.1504/IJICS.2022.10049533
  • On Construction of Weighted Orthogonal Matrices over Finite Field and its Application in Cryptography   Order a copy of this article
    by Shipra Kumari, Hrishikesh Mahato 
    Abstract: In this article, we propose a method to construct self-orthogonal matrix, orthogonal matrix and antiorthogonal matrix over the finite field. Orthogonal matrices have numerous applications in cryptography, so here we demonstrate the application of weighted orthogonal matrix into cryptography. Using the proposed method of construction we see that it is very easy to transmit the private key and can easily convert the encrypted message into original message and at the same time it will be difficult to get the key matrix for intruder.
    Keywords: orthogonal matrix; self-orthogonal matrix; antiorthogonal matrix; finite field; Hill ciphers.
    DOI: 10.1504/IJICS.2022.10049669
  • Lightweight Integrated Cryptosystem based on Reconfigurable Hardware for IoT Security   Order a copy of this article
    by Abiy Tadesse, Yalemzewd Negash, Suresh Kumar Pendem 
    Abstract: Small footprint security protocols are essential for trustworthy information exchanges in IoT network. Cryptography is a crucial security technique, but a single algorithm is insufficient to address the security requirements. Moreover, it is important to scale existing complex cryptosystems considering the resource, performance and security requirements of applications. In this research, lightweight and efficient cryptographic architectures are proposed and implemented based on FPGA targeting IoT security. The major contributions include FPGA-based small footprint architecture for an authenticated encryption algorithm, efficient and lightweight architecture for elliptic curve point multiplication of ECC, and an integrated cryptosystem architecture using only two algorithms with robust security, reduced hardware complexity, less space, and minimised key management and key storage issues. It involves prevention techniques against attacks including side-channel attacks. Compared to existing outcomes, 55% reduction of slices utilisation for the integrated system, 15% and 15.7% throughput improvements for ECC and ASCON implementations, respectively, are achieved.
    Keywords: authenticated encryption with associated data; AEAD; BRAM; DSP slices; ECC; fog-based IoT; FPGA; information security; integrated cryptosystem.
    DOI: 10.1504/IJICS.2023.10050225
  • Performance analysis of privacy preservation based authentication scheme and cryptographic-based data protocols for DSaC in cloud   Order a copy of this article
    by Ankush Balaram Pawar, Shashikant U. Ghumbre, Rashmi M. Jogdand 
    Abstract: Advanced technology is the cloud computing that has the ability to preserve massive amount of data and shares the data resources over the internet. Cloud computing has a wide range of applications like business fields, software infrastructure, government agencies, and financial industries. The main challenging factors in cloud computing are data privacy and security. Such issues are addressed through the developed method named privacy preservation-based data security that secure protocol for data storage that is distributed and communication (DSaC) in the cloud such that this method provides effective authentication and secure data storage in cloud. An effective performance analysis is done between done between privacy preservation-based data security approach for authenticated encrypted access and secure data protocol for DSaC in cloud and the approaches are compared with the traditional schemes like Ins-PAbAC, homomorphic proxy re-encryption (HPRE), LAM-CIoT, SA-EDS, advanced encryption standard (AES) and data encryption standard (DES).
    Keywords: cloud computing; privacy preservation; authentication; data encryption; data security; data storage and communication; DSaC.
    DOI: 10.1504/IJICS.2023.10050594
  • A Comprehensive Survey on Effective Key Management schemes for secured Authentication in Vehicular Ad Hoc Network   Order a copy of this article
    by Jayashree S, Santhosh Kumar SVN 
    Abstract: ad hoc network (VANET) refers to the network structure of ad hoc networks where different moving vehicles of different mobility communicate with each other over the wireless medium to exchange the information with one another. Since, communication in VANET takes place by using wireless medium which is open channel and it is vulnerable to various types of attacks during the data transmission. Hence, providing efficient authentication to the VANET is one of the important challenges needed to be addressed. Among all the security requirements, this work focuses on providing the comprehensive analysis on various authentication schemes employed for providing efficient authentication in the VANET. In this paper, a comprehensive analysis on various authentication schemes in VANET is carried out to highlight their advantages and limitations. Moreover, this paper also provides detailed analysis of various authentication protocols with respect to anonymity, integrity, reliability and authenticity to pave the way for the future researchers for designing efficient authentication protocol for achieving secure communication in VANET.
    Keywords: vehicular ad hoc network; VANET; key management; authentication and security.
    DOI: 10.1504/IJICS.2023.10050597
  • A Secure Three-Factor Authentication Protocol for Mobile Networks   Order a copy of this article
    by Devender Kumar, Satish Chand, Bijendra Kumar 
    Abstract: User authentication is a necessary mechanism to communicate securely for mobile networks Recently, Xie et al have discussed a three-factor authentication (3FA) scheme using ECC for mobile networks and claimed that it is secure even if the user's two factors are known to the attacker However, in this paper, we cryptanalyze their scheme and find the off-line password guessing and user impersonation attacks in it We also propose a secure 3FA scheme for mobile networks using ECC by removing the weaknesses of their scheme We show the formal security verification of the proposed scheme using the ProVerif tool We discuss its informal security analysis to show that it is resistant to the various known attacks We also present its performance analysis along with the related schemes in terms of computational cost and security features, and show that it offers more security features as compared to the related schemes.
    Keywords: Authentication; user impersonation attack; biometrics; off-line password guessing attack;  mutual authentication.
    DOI: 10.1504/IJICS.2023.10050706
  • HEMC: A Dynamic Behavior Analysis System for Malware based on Hardware Virtualization   Order a copy of this article
    Abstract: Since many malwares disguise themselves by encrypting, obfuscating and recompiling, it is not easy for static analysis methods to recognise new or unknown malwares. This paper proposes a novel dynamic analysis technology based on hardware virtualisation to analyse more malwares with lower computational resources. Firstly, it intercepts the system-call functions to achieve on-demand behaviour analysis by setting special permissions in their physical addresses, which can be dynamically acquired when system-call functions are loaded into memory, as well as only monitoring high-risk functions, which take a small part of the whole functions. Then, this paper utilises copy-on-write technique and incremental image capability to reduce hard drive consumption and hard disk replication time. Finally, this paper proposes a novel approach to capture the return value of system-call functions to deeply analyse the poisoned results of malware samples. Meanwhile, a prototype system, called HEMC, is implemented based on QEMU/KVM. The experiments demonstrate that proposed methods outperform existing methods in efficiency and performance on malware dynamic analysis.
    Keywords: malware; dynamic analysis; hardware virtualisation; high-risk functions.
    DOI: 10.1504/IJICS.2023.10050989
  • A Novel Stream Cipher Based on Quasigroups and QG-PRNG   Order a copy of this article
    by Umesh Kumar, V. Ch. Venkaiah 
    Abstract: Stream ciphers that use the XOR-function are vulnerable to known-plaintext and reused-key attacks. To overcome such shortcomings of the existing ciphers, we hereby propose a novel stream cipher based on a quasigroup and a pseudo-random number generator (QG-PRNG). The QG-PRNG is also defined in this paper. Novelty of the proposed cipher is that a keystream once generated can be reused multiple times. The proposed cipher is analysed against various attacks, including reused-key, chosen-ciphertext, chosen-plaintext, and known-plaintext attacks and found it to be resistant to these attacks. The proposed cipher and QG-PRNG are implemented in C++, and the performance of the proposed cipher is compared with some existing quasigroup-based stream ciphers, finding that the proposed cipher is more efficient than the existing proposals. We also evaluated both the QG-PRNG and the proposed cipher using various statistical tests of the NIST-STS, and we found that both the schemes pass these tests.
    Keywords: cryptography; Latin square; NIST test; QG-PRNG; quasigroup; stream cipher.
    DOI: 10.1504/IJICS.2023.10050991
  • Trilinear Pairing-Based Cryptosystem Authentication: For Electronic Health Record Security in Healthcare System   Order a copy of this article
    by RAJA SOHAIL AHMED LARIK, Yongli Wang, Irfan Ali Kandhro, Nabila Sehito, Ghulam Ali Mallah, Fayyaz Ali 
    Abstract: Electronic health record (EHR) provides us medical information about the patient and provides the overall history of the individual. EHR works automatically. It gives access to health records and workflow of physician. Authentication, timeliness and accessibility to information between doctors and patients are also maintained by this healthcare cryptosystem. The strong cryptosystem consists of doctors’ and patients’ authentic interaction. Hence, we propose trilinear pairing-based cryptosystem security and authentication using elliptic curve cryptography (ECC) and elliptic curve discrete logarithm problem (ECDLP) techniques. Our proposed model authenticates the patients and doctors by key sharing, transmission and authentication to secure the healthcare system. The analysis outcome shows in the performance, accuracy, time and attacks.
    Keywords: electronic health record; EHR; elliptic curve cryptography; ECC; key sharing; authentication; security.
    DOI: 10.1504/IJICS.2023.10051700
  • Cryptanalysis of Common Prime RSA with Two Decryption Exponents: Jochemsz and May Approach   Order a copy of this article
    by Ravva Santosh Kumar, Srm Krishna 
    Abstract: RSA is a well-known public key cryptosystem in modern-day cryptography. Common prime RSA (CP-RSA) is a variant of RSA which is introduced by Wiener to avoid the small secret exponent attack on RSA. Lattice-based reduction algorithms were successfully used for cryptanalysis for RSA and its variants. In this paper, we mount an attack on CP-RSA by following the Jochemsz and May approach. Jochemsz and May approach is the standard way to construct the lattices for the attacks on RSA and its variants. Our attack improves the bounds of attacks on standard RSA and CP-RSA.
    Keywords: CP-RSA; Jochemsz and May approach; cryptanalysis; RSA; lattice reduction.
    DOI: 10.1504/IJICS.2023.10051701
  • Performance Evaluation of Various Deep Convolutional Neural Network Models Through Classification of Malware   Order a copy of this article
    by Zareen Tasneem, Maria Afnan, Md Arman Hossain, Md. Mahbubur Rahman, Samrat Kumar Dey 
    Abstract: Malware, a collective name for malicious programs, is a piece of software, system or scripts, causing damage to the system. Lately, use of internet has favored criminal activities like malware assaults. Hence malware classification comes in the first line of defense. Machine learning (ML) techniques have drawn attention to malware classifiers over all other techniques in the last decade. Very little investigation highlights the results of the existing studies in malware classification using ML approach. The progress is slow due to difficulties of developing a deep learning system: dataset collection, labelling, feature extraction, model construction, training and testing the models, and evaluation. A systematic way of summarising the current knowledge also lacks in latest methods. This study utilises a systematic literature review and presents implementation of different CNN models for malware classification into their respective families. Its objective is to analyse the most popular architectures for and evaluate their results.
    Keywords: malware; classification; image; deep learning; convolutional neural network.
    DOI: 10.1504/IJICS.2023.10052186
  • PBDG: A Malicious Code Detection Method Based on Precise Behavior Dependency Graph   Order a copy of this article
    by Chenghua Tang, Mengmeng Yang, Qingze Gao, Baohua Qiang 
    Abstract: Using behaviour association or dependency to detect malicious code can improve the recognition rate of malicious code. A malicious code detection method based on precise behaviour dependency graph (PBDG) is proposed. We create a stain file index by filtering the stain source blacklist, which not only saves storage space, but also quickly locates instructions. An active variable path verification algorithm is proposed to verify and purify the Source?Sink path. The PBDG and its matching algorithm are constructed to identify the malicious code family of the source program. The experimental results on six data sets show the effectiveness of this method. The introduction of active variable paths reduces the number of paths that need to be traversed by 91.2% at most. In terms of the detection effect of malicious code, especially for web applications, it has a good detection accuracy and a low false positive rate.
    Keywords: malicious code; stain file; path space; behaviour dependency graph; vulnerability detection.
    DOI: 10.1504/IJICS.2023.10052187
  • Re-Evaluation of PhishI Game and its utilization in Eliciting Security Requirements   Order a copy of this article
    by Rubia Fatima, Affan Yasin, Lin Liu, Wang Jianmin 
    Abstract: The COVID-19 coronavirus pandemic has sparked considerable alarm amongst the general community and has significantly affected the societal attitudes and perceptions. In the current era, social engineers are applying various strategies to exploit human weakness. Phishing, a social engineering technique, is one of the most widely used and effective ways to undermine human assets. In this research study, firstly, we aim to educate the participants regarding phishing attacks; secondly, the dangers associated with excessive online sharing, and thirdly, how to utilise game scenarios developed by the participants to elicit security requirements. We have employed various research methods, such as, survey, observation, personas development, and scenario-based technique to achieve these objectives. Our re-evaluation results show that the PhishI game effectively educates participants regarding phishing attacks and dangers associated with disclosing excessive online information.
    Keywords: social engineering; phishing attack; awareness; security requirements elicitation; serious game; online information disclosure; human factor.
    DOI: 10.1504/IJICS.2023.10052188
  • Deep multi-locality convolutional neural network for DDoS detection in smart home IoT.   Order a copy of this article
    by Mohammed Almehdhar, Mohammed M. Abdelsamea, Ruan Na 
    Abstract: Internet of things (IoT) devices usually offer limited resources such as processing, memory, and network capacity, bringing more security threats to the environment. Distributed denial of service (DDoS) signal attacks are among the most serious threats. Software-defined networking (SDN) is a promising paradigm that could offer a scalable security solution optimised for the IoT ecosystem. However, investigating a robust security solution is still one of the most challenging problems that a smart home environment faces in SDN. In this paper, we introduce a multi-locality deep learning model for the detection of DDoS signals in an SDN-based smart home. It employs convolutional neural networks (CNNs) by learning different levels of local information from the data. In this work, an ensemble of two CNNs to detect malicious traffic flows with low computation overhead framework is proposed. Experimental results demonstrate the robustness, effectiveness, and efficiency of our solution in detecting DDoS attacks in SDN smart home.
    Keywords: smart home; internet of things; IoT; deep convolutional neural networks; distributed denial of service; DDoS.
    DOI: 10.1504/IJICS.2023.10052345