International Journal of Information and Computer Security (70 papers in press)
Adaptive Classifier based Intrusion Detection System using Logistic Regression and Euclidean Distance on Network Probe Vectors in Resource Constrained Networks
by Rahul Saha, Gulshan Kumar, Mritunjay Kumar Rai, Hye-jin Kim
Abstract: Intrusion detection system is a second layer of security in network security paradigm. With the progressing wireless technologies, the malicious activities are also increased with a rapid pace. But to secure the data communication in such environment, we need to have intrusion detection mechanism in use. Several mechanisms are introduced for the intrusion detection purpose. These existing algorithms are also capable of incorporating adaptive features but lack in the complexity and usability issues. Moreover, the real time adaptive learning is a missing link in these algorithms. In this paper, we have proposed a model of intrusion detection that deals with the learning mechanism on network probe data and identifies the intrusion by detecting the outliers with Logistic Regression. We have used Euclidean distance for outlier detection. The results show that our model is less complex in terms of time consumption and efficiently detects the intrusions.
Keywords: intrusion; outliers; learning; profile; classification; Euclidean; threshold.
Time-Shared AES-128 Implementation with extremely low cost for smart card applications
by SARAVANAN PARAMASIVAM, Shanthi Rekha Shanmugham
Abstract: Smart cards have seen tremendous growth in the past few years due to their multiple functions delivering ability. They can be used for personal identification, healthcare applications, financial applications etc. Smart cards contain an embedded circuit that stores and processes a large amount of data. One of the key function performed by the circuit is the cryptographic operation namely encryption. Since these devices are resource constrained, low-cost implementations of cryptographic algorithms are desirable. AES is one of the standard encryption algorithm proposed by NIST and is proved to be a suitable candidate for secure and lightweight implementations on hardware compared to its other symmetric counterparts. This work proposes a novel low-cost implementation of AES-128 algorithm using time-shared architectures for contactless smart card applications. The proposed architecture reuses the primitives in a twofold mechanism leading to a novel resource efficient architecture on an FPGA platform.
Keywords: Smart Cards; Advanced Encryption Standard; Cryptography; Low Cost Implementation; Throughput; Resource Constrained; VLSI Implementation;.
Privacy Preserving Techniques for Decision Trees
by Xiaoqian Liu, Qianmu Li, Tao Li, Ming Wu
Abstract: As a representative classification model, decision tree has been extensively applied in data mining. It generates a series of if-then rules based on the homogeneity of class distribution. In a society where data spreads everywhere for knowledge discovery, the privacy of the data respondents is likely to be leaked and abused. Based on this concern, we propose an overview of the rapidly evolving research results focusing on privacy preserving decision tree induction. The research results are summarized according to the characteristics of related privacy preservation techniques, which include data perturbation, cryptography, and data anonymization. In addition, we demonstrate the comparison between the merits and demerits of these methods considering the specific property of decision tree induction. At last, we conclude the future trend of privacy preserving techniques.
Keywords: decision tree; privacy preservation; ensemble; differential privacy.
A robust multi-factor remote user authentication scheme for cloud-IoT services
by Geeta Sharma, Sheetal Kalra
Abstract: The rapid growth of communication technologies with the Internet as a backbone requires secure remote access. Cloud computing and Internet of Things (IoT) is a growing Information and Communication Technologies (ICT) paradigm which consists of several Internet-enabled devices. Due to the ever increasing amount of data generated in cloud-IoT environment, securing these systems becomes crucial. This paper proposes a robust remote user authentication scheme for cloud-IoT services. Formal and informal security analysis proves that the scheme is resilient to potential attacks. The simulation of the proposed scheme using AVISPA proves the security of the proposed scheme.
Keywords: Authentication; AVISPA; Cloud computing; Internet of Things.
Enhanced Bitcoin with Two-Factor Authentication
by Fatemeh Rezaeibagha, Yi Mu
Abstract: Bitcoin transactions rely on digital signatures to prove the ownership of bitcoin.
The private signing key of the bitcoin owner is the key component to enable a bitcoin transaction.
If the signing key of a bitcoin is stolen, the theft who possesses
the key can make a transaction of the bitcoin.
In this paper, based on the distance-based encryption (DBE), we propose an enhanced version of bitcoin in order to protect the signing key. Our approach is based on our two-factor authentication, where the signing key cannot be retrieved without being identified via the password and biometric authentication scheme,
and the user is only required to enter his password and fingerprint (or other biometric information such as a factual image) to retrieve the key. By doing this, we can effectively improve the bitcoin security and provide
stronger authentication. An attractive feature of our scheme is that one of encryption schemes
is asymmetric, in the sense that the decryption key (biometric information) is not stored in the device.
We also provide the security model and proof
to justify the security of our scheme.
Keywords: Authentication; Encryption; Bitcoin; Blockchain.
Secure Key Exchange Scheme: A DNA Computing based Approach to Resist MITM in DHKE
by Sreeja Sukumaran, Mohammed Misbahuddin
Abstract: Diffie-Hellman Key Exchange (DHKE) protocol was a pioneering work and considered as a new direction in the field of Cryptography though it is not an encryption protocol. DHKE is a method to exchange the keys securely, based on the discrete logarithm problem. It has applications in Internet security protocols including SSL, IP Sec, and SSH. The major issue with DHKE is its vulnerability to Man in the middle attack (MITM). Various techniques have been proposed to resist the MITM attack including digital signatures. This paper proposes DNA Computing based encryption techniques to resist MITM in DHKE. DNA Cryptography builds on the concepts of biomolecular computations which is considered as one of the emerging directions in the Cryptography. The proposed methodology also includes an encryption technique based on DNA based Codebook, secret sharing and DNA Cryptography to exchange parameters securely. The security analysis of the proposed scheme is evaluated by theoretical analysis. Formal analysis of the proposed protocol is done using Scyther and all the modeled claims are validated and positive results are obtained.
Keywords: DHKE; DNA; DNA Encryption; MITM; DNA-DHKE.
Blockchain-Based Decentralized Access Control Scheme for Dynamic Hierarchies
by Gaurav Pareek, B.R. Purushothama
Abstract: Cryptographic hierarchical access control is widely employed in systems that manage data or resources. To meet scalability and high availability requirements, it is desirable that an access control scheme is decentralized in nature. Proposing a blockchain-based cryptographically decentralized access control scheme for dynamic hierarchies that is consistent with the standard centralized hierarchical access control model is the main focus of this paper. Towards this, we propose a new decentralized key assignment scheme for a dynamic hierarchy of mutually distrustful security classes. We use blockchain transactions, consensus and validation mechanisms as tools to achieve cryptographic decentralization of hierarchical access control. Important highlight of the paper is that the proposed decentralized scheme does not compromise on performance and storage requirements of the standard centralized hierarchical key assignment schemes. In particular, the proposed scheme requires symmetric decryption operations for key derivation, is secure under strong key indistinguishability and features efficient dynamic update operations without any trusted third-party. Proposed is the first hierarchical key assignment scheme that features all the aforementioned properties.
Keywords: Blockchain; Decentralization; Hierarchical Access Control; Strong Key Indistinguishability.
An Improved Privacy Aware Secure Multi-Cloud Model With Proliferate Elgamal Encryption for Big Data Storage
by PRABU KANNA, Vasudevan V
Abstract: With the massive deployment of resources and the diverse applications, the cloud computing is emerged with sort span of time. The increase in number of users and the service providers cause massive data transmission. The secure data storage in cloud server is a major issue. The isolation of sensitive attributes in the customer profile and the uploading of encrypted data to the multi-server-based cloud are the major issues in the existing applications. This paper proposes the novel Rule based Statistical Disclosure Method (RSDM) and Access Control Policy based Access Restriction (ACPAR) to integrate the activities of sensitive attribute prediction and the data uploading stages in cloud computing. Initially, the normalization based on the hide and visibility metric assignment to the fields in the dataset used to isolate the sensitive and normal attributes in the customer profile. Then, the data encryption is performed through proliferate ElGamal algorithm sequentially and stored into the cloud. The RSDM serves as the base for sensitive data isolation. Then, the access control policy is designed to control the profile-viewing ability of bank employees to assure the security. The proposed work decrypts the data associated with the denormalized profile for integrity. The comparative analysis between the proposed RSDM-ACPAR with the existing sensitive data prediction models regarding the encryption time, policy generation time, execution time and the access time shows the effectiveness of proposed work in sensitive data-based applications.
Keywords: Big Data Storage; Security; Rule-based Statistical Disclosure Control (RSDC) method; Multi-Cloud Model; Proliferate ElGamal Encryption and Decryption; Cloud Service Provider (CSP); Access Control Policy.
On Power Analysis Attacks against Hardware Stream Ciphers
by Rangana De Silva, Iranga Navaratna, Malitha Kumarasiri, Janaka Alawatugoda, Chuah Chai Wen
Abstract: Power analysis attacks are a type of attack which measures and analyses thernpower consumption of electronic circuits to extract secret information,rnparticularly the secret encryption key. These attacks have become a hugernthreat for embedded systems, in which the security depends on ciphers. Hence,rnmany researchers try to find vulnerabilities of cryptosystems against powerrnanalysis attacks, so that they can develop countermeasures to ensure thernsecurity of such systems. In this paper, we review some of the recent powerrnanalysis attacks on modern hardware stream ciphers such as Trivium, Grain andrnMICKEY.
Keywords: Power Analysis Attack; Stream Cipher; Trivium; Grain; MICKEY.
Securing IoT-based Collaborative Applications Using a New Compressed and Distributed MIKEY Mode
by Mohammed Riyadh ABDMEZIEM
Abstract: Multimedia Internet KEYing protocol (MIKEY) aims at establishing
secure credentials between two communicating entities. However, existing
MIKEY modes fail to meet the requirements of low-power and low-processing
devices. To address this issue, we combine two previously proposed approaches
to introduce a new compressed and distributed MIKEY mode applied to a
collaborative Internet of Things context. A set of third parties is used to discharge the constrained nodes from heavy computational operations. Doing so, the MIKEY pre-shared mode is used in the constrained part of network, while the
public key mode is used in the unconstrained part of the network. Furthermore,
to mitigate the communication cost we introduce a new header compression
scheme that reduces the size of MIKEYs header from 12 Bytes to 3 Bytes in the
best compression case. To assess our approach, we performed a detailed security
analysis using a formal validation tool (i.e. Avispa). In addition, we performed
an energy evaluation of both communicational and computational costs. The
obtained results show that our proposed mode is energy preserving whereas its
security properties are preserved untouched.
Keywords: Internet of Things (IoT); Collaborative applications; MIKEY protocol; Key management protocols; Security.
ExOShim: Preventing Memory Disclosure using Execute-Only Kernel Code
by Scott Brookes, Robert Denz, Martin Osterloh, Stephen Taylor
Abstract: Information leakage and memory disclosure are major threats to the security in modern computer systems. If an attacker is able to obtain the binary-code of an application, it is possible to reverse-engineer the source code, uncover vulnerabilities, craft exploits, and patch together code-segments to produce code-reuse attacks. These issues are particularly concerning when the application is an operating system because they open the door to privilege-escalation and exploitation techniques that provide kernel-level access. This paper describes ExOShim: a 325-line, lightweight shim layer, using Intels commodity virtualization features, that prevents memory disclosures by rendering all kernel code execute-only. This technology, when combined with non-deterministic refresh and load-time diversity, prevents disclosure of kernel code on time-scales that facilitate kernel-level exploit development. Additionally, it utilizes self-protection and hiding techniques to guarantee its operation even when the attacker gains full root access. The proof-of-concept prototype described here has been demonstrated on a 64-bit microkernel. It is evaluated using metrics that quantify its code size and complexity, associated run-time performance costs, and its effectiveness in thwarting information leakage. ExOShim provides complete execute-only protection for kernel code at a runtime performance overhead of only 0.86%. The concepts are general and could also be applied to other operating systems.
Keywords: virtualization; operating systems; security; memory disclosure;.
Image steganalysis: real-time adaptive colour image segmentation for hidden message retrieval and Matthew's correlation coefficient calculation
by B. Yamini, R. Sabitha
Abstract: Adaptive image steganography is the method of hiding secret information in colour adaptive regions of the image. Its counter method to reveal hidden secret information is called as adaptive image steganalysis. In the proposed method, the colour correlations between pixels are used to identify the adaptive region of the image by real time adaptive colour image segmentation. Bi-cubic interpolation method is applied on these colour adaptive regions to extract the features from the selected region. These features are considered for classification using support vector machine classifier, to distinguish between stego and cover images. Reversible two least significant bit (LSB) technique is used to identify and to retrieve the hidden content from the payload locations. The accuracy is measured using Matthew's correlation coefficient calculation. The results of real-time adaptive colour image segmentation outperform the methods, normalised cut segmentation, MX-quadtree segmentation and watershed segmentation.
Keywords: adaptive steganalysis; steganography; stego images; F-score; Matthew's correlation coefficient; bi-cubic interpolation method; reversible two LSB; support vector machine; SVM.
Security Analysis and Improvements of a Universal Construction for Round-Optimal Password Authenticated Key Exchange Protocol
by Hongfeng Zhu, Xintong Wang
Abstract: Authenticated key exchange (AKE) protocols enable two parties to generate a shared, cryptographically strong key while communicating over an insecure network under the complete control of an adversary. Recently, Jonathan et al presents two PAKE protocols which make the communication reduce to one-round. At the same time Jonathans protocols achieve the mutual authentication and agreement the session key by constructing smooth projective hash functions. However Jonathans two protocols are subjected to KCI (Key Compromise Impersonation) attack. Based on these motivations, this paper firstly put forwards a framework one-round PAKE protocols. And then we propose a provably secure and flexible one-round PAKE scheme based on chaotic maps. Comparison with Jonathans two protocols, the results show that our one-round PAKE scheme can not only refrain from consuming modular exponential computing and scalar multiplication, but is also robust to resist various attacks, especially for KCI attack. Finally we also give the provable security of our scheme.
Keywords: Authentication; Key exchange; Chaotic maps; One-round communication; Key Compromise Impersonation.
SoC-based Abnormal Ethernet Packet Detector with Automatic Ruleset Generator
by Jiwoong Kang, Jaehyun Park
Abstract: The importance of a high performance network intrusion detectionrnsystem (NIDS) increases for the network security. To match the high bandwidthrnnetwork, hardware-based rather than software-based NIDS is necessarilyrnrequired. In this paper, a system on chip(SoC)-based Ethernet packet detectorrnthat supports an automatic ruleset generator is proposed. The proposed rulesetrngenerator automatically constructs the whitelist ruleset from the collectedrnEthernet packets. The whitelist ruleset is composed of 6-tuples; MAC address,rnIP address, and TCP/UDP port number of source and destination network nodes.rnThe prototype system was implemented using Xilinxs Zynq-7030 SoC runningrnat 250MHz. The network header of the Ethernet packets are compared to thern256 whitelist rulesets within 0.032μsec, which means that the malicious packetsrnfrom the abnormal network nodes are filtered out even before the whole packetsrnarrives. This real-time packet filtering feature is useful in protecting highlyrnsecure network systems like the industrial control systems.
Keywords: Ethernet packet detector; network intrusion detection system; System on Chip (SoC).
Scalable Shares Generation to Increase Participants of Counting-Based Secret Sharing Technique
by Taghreed M. Alkhodaidi, Adnan A. Gutub
Abstract: Secret sharing scheme is one of the efficient methods which offers secret information protection against unauthorized persons. This scheme formed by some share keys that can share access the secret key using their share keys at the same time. Many techniques of information security and secret sharing have been developing over the last years. This research focuses on the counting-based secret sharing scheme. This work introduces a new algorithm to improve the generation of share keys by increasing the size of the secret key for generating an unlimited number of share keys. We achieved that by expanding the size of the secret key and repeating its value. The paper shows interesting results as analysis and comparisons among the proposed expansion options of the secret key.
Keywords: secret sharing; secret key; share key; information security; generation; shares generation.
Adaptive Steganographic Scheme using a Variable Matrix Embedding
by Youssef Taouil, El Bachir Ameur, Amine Benhfid, Rachid Harba, Hassan Douzi
Abstract: Steganography is the art of concealing secret information within digital media. The main challenge of steganography resides in the discretion of the concealment, it must not modify the cover image to an extent that might arise the suspicion of eavesdroppers. In this paper, an adaptive steganographic scheme based on Faber-Schauder Discrete Wavelet Transform (DWT) is proposed. Data is hidden in the details coefficients, which are divided into smooth and complex areas. Smooth area does not tolerate changes with a great magnitude, we hide one bit in every coefficient via a variable matrix embedding that hides 2n bits of data into 2n+1 coefficients while modifying at most n coefficients. In the complex area, data is hidden by substituting the Least Significant Bits (LSB)s of the coefficients, and the Optimal Pixel Adjustment Procedure (OPAP) is utilized to minimize the modification. The performance of the proposed work is tested through experiments on a variety of images and comparison with literature. We obtain a good imperceptibility and embedding rate that respect the complexity of the cover image. We also reach a high level of security by using a correcting procedure that preserves the histogram in the smooth area.
Keywords: Steganography; Information Hiding; Faber-Schauder DWT; Matrix Embedding; Least Significant Bit; Optimal Pixel Adjustment Procedure; Adaptive Steganography.
A truncated mean lp-LDA approach for intrusion detection system
by Zyad Elkhadir, Mohammed Benattou
Abstract: Dealing with cyber threats, especially intrusion identication, is a critical area of research in the field of information assurance. The hackers employ polymorphic mechanisms to masquerade the attack payload and evade the detection techniques.Numerous feature extraction methods have been used to increase the efficacy of intrusionrndetection systems (IDSs) such as Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA). Nonetheless, the classical LDA approach that is based on the l2-norm maximization is very sensitive to outliers. As a solution to this weakness, the researchers proposed many LDA models which rely on l1 and lp norms (p < 2). These variants gave satifactory results in solving many pattern recognition problems. However,these LDA models have an important limitation. The class mean vectors employed arernalways estimated by the class sample averages. This approximation is not sufficient enough to represent the class mean, particularly in case there are samples that deviate from the rest of data (outliers). In this paper, we suggest to use the truncated mean to estimate the class mean vectors in lp-LDA model. Many experiments on KDDcup99 indicate the superiority of the lp-LDA over many LDA variants.
Keywords: Linear Discriminant Analysis; truncated mean; Network Anomaly Detection; KDDcup99.
Botract: Abusing Smart Contracts and Blockchains for Botnet Command and Control
by Omar Alibrahim, Majid Malaika
Abstract: This paper presents how smart contracts and blockchains can be potentially abused to create seemingly unassailable botnets. This involves publishing command and control (C2) logic in the form of smart contracts to the blockchain and then calling the functions of the smart contract for sending and receiving commands and keeping track of the state of bots. We call this technique Botract derived by merging two words: bot and contract. In addition to describing how hackers can exploit smart contracts for C2, we also explain why is it difficult to disarm Botract given the distributed nature of the blockchain and the persistent nature of smart contracts deployed on top of them. Next, we describe the architecture for deploying blockchain-based botnets and implement a proof-of-concept using isolated testnet environments. Our goal is to prove the feasibility of our approach, hoping to create awareness among the community on the importance of auditing smart contracts on the blockchain and defending against these botnets before they become widespread.
Keywords: smart contract; blockchain; security; botnets; Ethereum.
A data-owner centric privacy model with blockchain and adapted attribute-based encryption for Internet-of-Things and Cloud environment
by Youcef Ould-Yahia, Samia Bouzefrane, Hanifa Boucheneb, Soumya Banerjee
Abstract: Advances in Internet of Things (IoT) and cloud computing technologies have led to the emergence of new applications such as in e-Health domain bringing convenience for both physicians and patients. However, the development of these new technologies makes users' privacy vulnerable. The threats on private data may arise from service providers themselves voluntarily or by inadvertence. As a result, the data owner would like to ensure that the collected data are securely stored and accessed only by authorized users. In this paper, we propose a novel data-owner centric privacy model in IoT/cloud environment. Our model combines two promising paradigms for data privacy, which are Attribute-Based Encryption (ABE) and blockchain, to strengthen the data-owner privacy protection. We propose a new scheme of ABE that is, in one hand, suitable to resource-constrained devices by externalizing the computing capabilities, thanks to Fog computing paradigm and, in the other hand, combined with a blockchain-based protocol to overcome a single point of trust and to enhance data-owner access control.
Keywords: IoT; Cloud; Privacy; Fog computing; Blockchain; Attribute-Based Encryption; e-Health.
Design and Implementation of an ASIP for SHA-3 Hash Algorithm
by Yavar Safaei Mehrabani, Roghayeh Ataie, Mohammad Hossein Shafiabadi, Abolghasem Ghasempour
Abstract: In recent years application specific instruction set processor (ASIP) has attracted many researchers attention. These processors resemble application specific integrated circuits (ASICs) and digital signal processors (DSPs) from the performance and flexibility point of view, respectively. In other words ASIP makes compromise between performance and flexibility criteria. The SHA-3 hashing algorithm has been introduced as the safest and the newest algorithm in 2015 as a global standard. In this paper a processor with specific instruction set is designed and implemented with regard to variant execution steps of this algorithm. In order to modeling and simulation of the processor we have used the VHDL hardware description language and the ModelSim SE 6.1 tool. Moreover in order to implement it on field programmable gate array (FPGA) platform we have used the Xilinx ISE 10.1 tool. The implemented processor has 213.356 MHz operating frequency and 3.004 Mbps throughput.
Keywords: ASIP; Processor; Instruction set architecture; Hash; SHA-3 Algorithm.
Simple multi-scale human abnormal behavior detection based on video
by Gang Ke, Ruey-Shun Chen, Yeh-Cheng Chen, Yu-Xi Hu, Tsu-Yang Wu
Abstract: Aiming at the problem of real-time and low accuracy of automatic recognition of human abnormal behavior in public area surveillance video, a simple multi-scale human anomaly behavior detection algorithm based on video was proposed. Firstly, the binary image sequence of human body in surveillance video is acquired by background modeling method based on visual background extraction(ViBe). Then, the simple multi-scale algorithm is constructed by combining the aspect ratio, motion trajectory and video continuous interframe motion acceleration of the minimum circumscribed rectangle of the binarized image. The human target behavior is judged, and then the normal behavior of the human bodystanding, walking, jogging, and abnormal behaviorcalling for help, falling, throwing, squatting, and sudden running are identified. The experimental results show that the human body moving target recognition by ViBe combined with simple multi-scale algorithm for abnormal behavior detection has good real-time performance and high accuracy.
Keywords: pedestrian recognition;anomalous behavior detection; ViBe algorithm;simple multi-scale algorithm.
A New Image Encryption Algorithm Based on Cascaded Chaos and Arnold Transform
by Yujie Wan, Baoxiang Du
Abstract: Aiming at the problem that the existing one-dimensional chaotic system hasrnsmall chaotic interval, Lyapunov exponent is small and the generated chaotic sequence is unevenly distributed, and the correlation is high, a new image encryption algorithm is proposed by this paper. The Logistic chaotic mapping and Tent chaotic mapping are cascaded by iteration based on Arnold transform, Logistic and Tent mapping. Experiments show that the algorithm effectively extends the key space of chaotic systems, has good encryption effect and security, and can resist several common attacks.
Keywords: Image encryption; Cascade chaos; Image scrambling; Arnold mapping;Logistic.
The effectiveness of cost sensitive machine learning algorithms in classifying Zeus flows
by Ahmad Azab
Abstract: Zeus botnet is regarded as one of the primary sources of financial losses for both individuals and organizations. Therefore, the identification of its Command and Control (C&C) network traffic has become an important research field. Although the literature provided machine learning and other solutions for C&C identification, they suffer from various drawbacks. In this paper, we provide a framework that bridges the gap in terms of the machine learning solution, by building a classifier to detect the untrained version of Zeus botnet C&C traffic. The framework showed efficacy in detecting a new version of Zeus botnet, by building the classifier on an older version, compared to the machine learning approach used in the current research.
Keywords: Zeus; network; security; machine learning; botnet.
One privacy-preserving multi-keyword ranked search scheme revisited
by Zhengjun Cao, Xiqi Wang, Lihua Liu
Abstract: Searchable encryption is a useful tool which allows a user to securely
search over encrypted data through keywords and retrieve documents of interest.
It plays a key role in big data and outsourcing computation scenarios.
In this paper, we show that the privacy-preserving multi-keyword ranked
search scheme over encrypted cloud data [IEEE TPDS, 2014, 25(1), 222--233] is flawed, because the introduced similarity scores do not represent the true similarities between indexing vectors and a querying vector. The returned documents by cloud server could be irrelevant to the queried keyword. We also present a revision based on the technique introduced by Wong et al. [SIGMOD'09, 139--152].
Keywords: cloud computing; multi-keyword ranked search; privacy-preserving search; scalar-product-preserving encryption.
A Fault Tolerance Data Aggregation Scheme for Fog Computing
by Zhixin Zeng, Liang Chang, Yining Liu
Abstract: The appearance of fog computing makes the traditional cloud-based Internet of Things to be more suitable for time and location-sensitive IoT applications. However, the infant fog computing paradigm is facing challenges in order to balance the usability of data and the privacy protection. In the past years, some excellent works have tried to address this concern using the aggregation method. However, the fact that a minority of IoT devices at the edge of the network maybe malfunction is not paid enough attention. In this paper, a fault-tolerant data aggregation scheme for fog computing networks is presented by employing Shamir's secret sharing and ElGamal cryptosystem, which not only enables the cloud server to obtain accurate sum value of collected data in a virtual area, but also protects the individual privacy from being leaked. Moreover, even though a few IoT devices fail to work, the aggregated value can still be obtained with the number of IoT devices that reach the threshold of collaboration. In addition, the security analysis and the performance evaluation show that the proposed scheme achieves the security, privacy, and efficiency.
Keywords: Fog Computing; Internet of Things; Fault Tolerance; Data Aggregation; Shamir Secret Sharing; Privacy Preservation.
Extracting Malicious Behaviors
by Khanh Huu The Dam, Tayssir Touili
Abstract: In recent years, the damage cost caused by malwares is huge. Thus, malware detection is a big challenge. The task of specifying malware takes a huge amount of time and engineering effort since it currently requires the manual study of the malicious code. Thus, in order to avoid the tedious manual analysis of malicious codes, this task has to be automatized. To this aim,rn we propose in this work to represent malicious behaviors using extended API call graphs, where nodes correspond to API function calls, edges specify the execution order between the API functions, and edge labels indicate the dependence relation between API functions parameters. We define new static analysis techniques that allow to extract such graphs from programs, and show how to automatically extract, from a set of malicious and benign programs, an extended API call graph that represents the malicious behaviors. Finally, We show how this graph can be used for malware detection. We implemented our techniques and obtained encouraging results: 95.66% of detection rate with 0% of false alarms.
Keywords: Malware detection; Static analysis; Information Extraction.
Efficient Post-Quantum Private Set-Intersection Protocol
by Sumit Debnath, Nibedita Kundu, Tanmay Choudhury
Abstract: Private Set Intersection (PSI) is a cryptographic protocol that enables two parties to securely determine the intersection of their private datasets without revealing anything except the intersection. Most of the existing PSI protocols are based on traditional number theoretic problems, such as discrete logarithm problem and factorization problem. Unfortunately, these protocols would be broken if efficient quantum computer emerges. The post-quantum PSI is an important alternative to traditional PSI protocols for its potential to resist future attacks of quantum computers. In this work, we present first post-quantum PSI protocol that achieves size-hiding property. Space-efficient probabilistic data structure Bloom filter along with lattice based public key encryption are used as building blocks of our construction. It attains linear complexity and security in standard model under the decisional learning with errors (DLWE) assumption. Moreover, we extend our post-quantum PSI to its authorized variant APSI retaining all the properties.
Keywords: PSI; APSI; Bloom Filter; Post-Quantum Cryptography; Lattice-Based Cryptosystem.
A Node Screening Algorithm for Wireless Sensor Network based on Threshold Measurement
by Bin Wu, Xiao Yi
Abstract: The normal operation of nodes ensures the realization of network functions. When abnormal nodes appear in the network, the network may be in chaos. A node screening algorithm based on threshold measurement is proposed to solve the problem of nodes screening in wireless sensor networks. First, the membership and non-membership of nodes are determined by using the correlation distance values calculated by the node attribute vector constructed through quantized node network attributes and the threshold vector. Second, an intuitionistic fuzzy set is constructed by the membership. Finally, the screening of wireless sensor network nodes is completed through similarity function. Simulation experiment and analysis show that this algorithm dramatically improves the detection probability compared with the node detection algorithm based on fuzzy theory.
Keywords: Wireless Sensor Network; Node Monitoring; Fuzzy Theory; Membership; Non-membership; Hesitant fuzzy sets.
Network Traffic Prediction Based on Least Squares Support Vector Machine with Simple Estimation of Gaussian Kernel Width
by Gang Ke, Shanshan Ji, Ruey-Shun Chen
Abstract: In order to improve the accuracy of network traffic prediction and overcome the disadvantages of slow convergence speed and easy to fall into local minimum value in the process of least squares support vector machine (LSSVM) network traffic prediction, a network traffic security prediction model based on LSSVM which simply estimates the width of Gaussian kernel is proposed. The model assigns different Gauss kernel widths for each sampling point according to the local density of the sampling point. The simulation results show that, compared with LSSVM and PSO-LSSVM, the model proposed in this paper improves the accuracy of network traffic security prediction, reduces the training time of sample data, and provides strong decision support for network traffic planning and network security management.
Keywords: LSSVM; gauss kernel width; local density of sampling points; network traffic prediction.
A hierarchical particle swarm optimization algorithm for cloud computing environment
by Yen-wu Ti, Shang-Kuan Chen, Wen-Cheng Wang
Abstract: Cloud computing is known to provide dynamic services to a large number of users over the Internet. The scheduling of multiple virtual machines has become the core issue of Infrastructure as a Service (IAAS). In this paper, production scheduling and vehicle routing are integrated to solve a task scheduling problem with a timing requirement in cloud computing. The issues of multiple compute resources for a lot of tasks are considered. Each task is generally defined by the dependent data preparation time and compute time, and the communication time and time window for computing. A hierarchical particle swarm optimization algorithm is proposed to solve the scheduling problem in cloud computing and achieve a minimum delay.
Keywords: Cloud Computing; Job Scheduling; Priority.
The Count-min Sketch is Vulnerable to Offline Password-guessing Attacks
by Jaryn Shen, Qingkai Zeng
Abstract: The Count-min Sketch is used to prevent users from selecting popular passwords so as to increase password-guessing attackers cost and difficulty. This approach was proposed by Schechter et al. at USENIX Conference on Hot Topics in Security in 2010. Schechter et al. originally intended the Count-min Sketch to resist password-guessing attacks. In this paper, however, for the first time, we point out that the Count-min Sketch is vulnerable to offline password-guessing attacks. Taking no account of the false positive rate, the offline password-guessing attack against the Count-min Sketch and the password file requires less computational cost than the benchmark attack against only the password file. Taking the false positive into account, in order to eliminate the threat to quicken password-guessing rate, the lower bound of the false positive rate must be greater than 33% in the naked Count-min Sketch and greater than 31% in the expensive Count-min Sketch, both of which are too high and unacceptable.
Keywords: password; guess; offline attacks; count-min sketch; password file; false positive; authentication.
FFRR: A software diversity technique for defending against buffer overflow attacks
by Raghu Kisore Neelisetti, Shiva Kumar K.
Abstract: To date several software diversity techniques have been proposed as defense to buffer overflow attacks. The existing diversity techniques sometimes rely on hardware support or modifications to operating system which makes them difficult to deploy. Further, the diversity is determined at the time of either compilation, link or load time, making them vulnerable to brute force attacks and attacks based on information leakage. In this work we study and implement Function Frame Runtime Randomization (FFRR) technique that generates variants of program binary from a single variant of the source program at runtime. We implemented FFRR as a compile time flag in gcc (C compiler) that can be activated at compile time and hence can be easily applied to legacy programs. FFRR provides a very fine grained randomization at the level of individual variables on the stack and the amount of randomization can be adjusted without having to recompile the source program. The proposed technique is able to achieve a fine grained randomization at the level of individual variables on the program stack with no significant performance overhead either in terms of memory or program execution time. The proposed solution incurs an average execution time overhead (SPEC CPU 2006) of 16%, while ASLR incurs an overhead of 21%. Finally, while the existing mechanisms make it difficult for a single patch to be pushed to all installed versions of software, the fine grained nature of FFRR makes it easy to manage and maintain software systems. We conclude the work by highlighting the effectiveness of FFRR and it's ability to significantly slow down the propagation of a large scale cyber attack.
Keywords: Function Frame; Run time Randomization; Software Security; Software Diversity; Buffer Overflows.
Managing Vulnerabilities during the Development of a Secure ETL processes
by Salma Dammak, Faiza Ghozzi, Asma Sellami, Faiez Gargouri
Abstract: Vulnerabilities in information systems (IS) are high-value assets to a
cybercriminal. These vulnerabilities can be targeted for exploitation which results in unauthorized access to the IS. Due to the increasing demand of preventing cyber-crimes, decisional systems should focus on ETL (Extract, Transform, and Load) processes security which is one of the most critical and complex issues considered during DW development. The intent of this paper is to provide a structured method for managing vulnerabilities that can affect ETL processes throughout its development (preventive) and along its exploitation (corrective). We anticipate and evaluate vulnerabilities by defining an impact of severity score measured based on CVSS standard and two scores presented the required preventive and corrective actions based on the COSMIC method. We propose an algorithm to order and prioritize these vulnerabilities using the defined scores. The prioritization algorithm allows the vulnerabilities treatment during the development and exploitation of ETL processes. Il also helps and assists the ETL designers in ensuring security.
Keywords: ETL processes; security; measure; vulnerabilities; cost; COSMIC; CVSS.
DDoS Amplification Attacks and Impacts on Enterprise Service-Oriented Network Infrastructures: DNS Servers
by Duncan-Allan Byamukama, John Ngubiri
Abstract: Of recent, government agencies have adopted ICT in the process of service delivery even in low e-Infrastructures settings especially developing countries. Protecting the assets of government is a crucial responsibility and priority. Assets include sensitive information such as product plans, citizen or client records, financial data and the IT Infrastructure of the institution, government or organization. However, DDoS attacks have continued to be a threat to network assets and services. The attacks can be executed in different ways causing different extents of damage. Recent research found an increase of 55% in large DDoS attacks spanning over 10mbps just in the first quarter of 2017 alone. DDoS attacks have continued to be a threat to network assets and services, predictions by expatriates in network security place these attacks as severe in the near future. The authors study the classification of DDoS attacks which can threaten large distributed enterprise network DNS components, the authors predict severity and mitigation approaches systematically. Finally, the authors analyze and assess the advantages and risks of the emerging usage of enterprise infrastructures, and assert the various kinds of DDoS attack tools.
Keywords: DNS; DNSSEC; DNS Infrastructures; DDoS; DNIs; e-Government.
Enhanced ant colony based AODV for analysis of black and gray hole attacks in MANET
by Premala Bhande, Md. Bakhar
Abstract: The security issue is major concerns in mobile ad hoc network (MANET). There are numerous works have been done on security challenges by various researcher communities. There are various solutions on secure routing protocols are developed to count the well- known attacks. In this network, mobile nodes are capable to communicate with each other through various wireless technologies. This network does not require any fixed infrastructure for its deployment. This network is always highly vulnerable to attackers due to wireless communication medium. This is quite easy for attackers to access the wireless medium and easily enter into the network. So, any kind of attacks occur in the network degrades the network performance and increases the packet overhead in the network. In this paper, we have proposed Enhanced ant colony based AODV (EAAODV) protocol for the analysis of gray and black-hole attack effects. A comparative analysis is shown among EAACO (Energy aware ant colony optimization) and EAODV (Enhanced AODV) protocols. We compared the performance of these protocols based on various QoS parameters delay, control overhead, throughput and the packet delivery ratio. The reproduction results show that our protocol performance clarity is better than others.
Keywords: MANET; Black Hole; Gray Hole Attack; Malicious node.
Pairing Based Strong Key-Insulated Signature Scheme
by P. Vasudeva Reddy, A. Ramesh Babu, N.B. GAYATHRI
Abstract: All Public key cryptosystems are secure based on the assumption that users private keys are absolutely secure. Exposure of this private key may leads to failure of the communication system. To diminish the damage of private key exposure in public key cryptosystem, key-insulation mechanism was introduced. In key-insulated cryptosystems, user can update his private key with helper assistance from time to time. Identity-based cryptosystem avoids the heavy certificate management problems in traditional public key cryptosystem. Recently, many Identity-Based Key Insulated Signature schemes have been appeared in literature; To improve the efficiency and to resist the problem of private key exposure in Identity-based signature schemes, we present an efficient key insulated signature scheme in ID-based setting using bilinear pairings over elliptic curves. The proposed scheme is unforgeable and achieves strong key insulation property with secure key updates under the hardness of the Computational Diffie Hellman Problem. The proposed scheme is more efficient than the existing schemes.
Keywords: Identity-based Signature Scheme; Key Insulation mechanism; ROM Security Model; Computational Diffie Hellman Problem.
QC-PRE: Quorum Controlled Proxy Re-encryption Scheme for Access Control Enforcement Delegation of Outsourced Data
by Shravani Mahesh Patil, B.R. Purushothama
Abstract: Proxy re-encryption is used to delegate the task of providing access control to the outsourced data on a cloud storage server. However the straightforward application of proxy re-encryption to delegate the task of access control enforcement of the outsourced data requires the cloud storage server to be trusted. The cloud storage servers are however, often, honest-but-curious or untrusted. Towards solving the problem of access control enforcement delegation of outsourced data, we design a quorum controlled proxy re-encryption scheme. Using the quorum controlled proxy re-encryption scheme, the task of enforcing access control can be delegated to a set of proxies, such that a quorum of proxies should come together to enforce access control. By distributing trust among multiple proxies, the single point of trust is eliminated and the system is made fault tolerant. We prove the IND-CPA security of the proposed scheme under the DBDHI assumption. We show that the proposed scheme satisfies most of the desirable properties of a proxy re-encryption scheme and outperforms the existing schemes. We show that by employing the proposed quorum controlled proxy re-encryption scheme, a group of proxies should participate in enforcing access control, thereby eliminating a single point of trust.
Keywords: Quorum Controlled Proxy Re-encryption; Cloud Storage Server; Access Control Delegation; Data Sharing; Access Rights.
Synthetic Arabic handwritten CAPTCHA
by Suliman A. Alsuhibany, Fatimah N. Almohaimeed, Naseem A. Alrobah
Abstract: Differentiating between human and bots became a critical issue of websites security. Therefore, a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a test to limit the ability of cyber attackers when it comes to scaling their activities using automated bots. Several Latin-based CAPTCHAs, which are widely used, have been broken, while Arabic script and handwritten text inherit characteristics that have been proven to be beneficial for cybersecurity. Accordingly, we proposed a method for using Arabic handwritten text to generate infinite CAPTCHAs challenges. In order to assess the proposed CAPTCHA generator, experimental studies are conducted. The results show a gap between machine and human recognition abilities while using Arabic handwritten script
Keywords: Arabic script; Handwriting synthesis; CAPTCHA; Cyber Security; Web Security.
Generalized Multi Release Framework for Fault Determination with Fault reduction Factor
by Shozab Khurshid, A.K. Shrivastava, Javaid Iqbal
Abstract: The world is now moving towards technologically active age where almost everything is tackled with the help of the software from small tasks to safety critical ones. Such a huge dependability on software systems has led to the need of reliable software that too in a very short span of time. One of the ways to achieve this is to provide a series of versions of the software so as to do multiple up-gradations of the software. Thus, firms release the first version of the software with some desired level of reliability in which all the faults are not removed. The remaining faults from the previous version are removed during the up-gradation of the software. The main focus in this paper is to deal with multi-release modelling incorporating the concept of fault reduction factor (FRF). FRF is considered as a significant factor in determining the reliability of the software and is defined as the net reduction in the number of faults in proportion to the total number of experienced failures. In this paper, multi-release models are proposed incorporating a constant FRF with imperfect debugging, change point and effort function. The parameter estimation is done on the four releases of tandem dataset. Numerical illustrations are given to determine the validity of the proposed model.
Keywords: Software Reliability Growth Model (SRGM); Non-Homogenous Poisson Process (NHPP); Modelling; Imperfect Debugging; Change Point; Testing effort; Multi-Release; Fault Reduction Factor (FRF).
Robustness Attack on Copyright Protection Scheme for H.264/AVC and SVC
by Grace C.-W. Ting, Bok-Min Goi, Sze-Wei Lee
Abstract: Digital content protection is a vital because nowadays video sharing via social media and mobile messaging plays an important role in our society. As such, there exist many digital watermarking schemes that enable owners to prove the ownership of their shared content. This paper presents an attack on the watermarking-based copyright protection scheme proposed by Park and Shin. We show that their scheme unfortunately is not able to achieve the design objective of proof of ownership. We also include analytical results showing why our attack works and empirical results demonstrating that attacked outputs are of acceptable quality. This type of robustness attack is an essential part of a copyright protection designer's consideration. Therefore, it is important that designers and security practitioners are aware of whether such attacks exist on any proposed copyright protection schemes, to prevent future designs from inheriting their weaknesses.
Keywords: copyright protection; robustness; watermarking; video sharing; security.
An intelligent stage light-based actor identification and positioning system
by Jianqing Gao, Haiyang Zou, Fuquan Zhang, Tsu-Yang Wu
Abstract: At this stage, the lighting control method of the stage actor is still in the stage of manual adjustment, so that the follow-up light cannot accurately and timely track the actors. In order to solve the above problems, an intelligent stage light-based actor identification and positioning system using tracking algorithm based on deep convolutional neural network is proposed, which can control the lighting system to automatically track actors. Firstly, the framework of the intelligent stage light based actor identification and positioning system was analyzed, and the process of actor identification and positioning function was designed. The particle filter is then used to generate the candidate target image and input as a rectangle. Finally, the deep neural network structure is constructed by combining the feature pre-training process and the convolutional neural network, and the real-time target tracking is completed. Performance verification was performed with multiple video test sets. The test results show that compared with other algorithms, this tracking algorithm can complete rectangular target tracking with strong real-time performance and exhibits high accuracy and robustness.
Keywords: identification; tracking; deep neural network; stage actor; stage light.
Effect of Black Hole Attack in Different Mobility Models of MANET using OLSR protocol
by Abdellah Nabou, My Driss Laanaoui, Mohammed Ouzzif
Abstract: The Mobile Ad hoc Network (MANET) is a self-configuring network when, the communication between nodes is insured directly without aid of fixed equipment or a specific administration. Due to mobility in MANET, each node has a role to insure the communication between the source and the destination; it is considered as a router by using specific routing protocols. There are many routing protocols destined for ad hoc network. One of these routing protocols is Optimized Link State Routing Protocol (OLSR), it is a proactive protocol that keeps track of the destinations in a routing table. Multi-Point Relay (MPR) is a specific concept used by the OLSR routing protocol. The goal of MPR nodes is to avoid blind flooding or the retransmission of the same routing packets in the same region of the network; the OLSR routing protocol is also exposed to several attacks that reduces its performances. Black Hole Attack is the best known in literature, in our paper we evaluate OLSR routing protocol under the single and multiple Black Hole Attack in two scenarios with Constant and Random Waypoint Mobility Model. The measurements are taken in terms of Throughput, Packet Delivery Ratio (PDR) and Packet Lost (PL). Simulation is done in recent Network Simulator (NS-3.25).
Keywords: MANET; Routing Protocols; OLSR; MPR; Black Hole Attack; Constant Waypoint Mobility; Random Waypoint Mobility.
Secure Zero-Effort Two-Factor Authentication Based on Time-Frequency Audio Analysis
by Mingyue Wang, Shen Yan, Wei Wang, Jiwu Jing
Abstract: Two-factor authentication (2FA) protects users online account even if his/her password is leaked. Conventional 2FA systems require extra interaction like typing a verification code, which might not be very user-friendly. To improve user experience, recent researchers aim at zero-effort 2FA, in which a smart phone placed close to a client computer (browser) automatically assists with the authentication. In this paper, we propose SoundAuth, a secure zero-effort 2FA mechanism based on (two kinds of) ambient audio signals. We consider the comparison of the surrounding sounds and certain unpredictable near-ultrasounds as a classification problem and employ machine learning techniques for analysis. To evaluate the usability and security of SoundAuth, we study the effects of the recording duration and distance between two devices. Experiments show SoundAuth outperforms existent schemes for specific simulation attacks.
Keywords: zero-effort two-factor authentication; 2FA; audio signals; ambient sound; near-ultrasound; challenge-response protocol; co-presence detection; machine learning technique; time synchronization.
Revocable Key Aggregate Searchable Encryption with User Privacy and Anonymity
by Mukti Padhya, Devesh Jinwala
Abstract: The Key Aggregate Searchable Encryption (KASE) schemes serve the advantages of both, searching over the encrypted dataset and delegating search rights using a constant size key, opening up many possible applications that require both these features. In particular, searchable group data sharing in the cloud is a prime example. However, when the existing KASE schemes are deployed in real-time applications, it is highly required to manage users' access control. Specifically, in a delegation system, if the shared documents are modified or if the delegated rights for the shared documents need to be revoked, the revocation of delegated rights must be supported by the system for managing the users' authorities. Furthermore, as the KASE schemes allow fine-grained delegation of search rights over a selected dataset using an aggregate key, the revocation should be at a fine-grained level. Therefore, in this paper we propose two solutions for the fine-grained revocation of delegated rights considering two different scenarios. First, we present a basic scheme that supports fine-grained revocation of the delegated rights on document level, instead of coarse-grained all-or-nothing access. The user is not allowed to search the document by the old trapdoor computed from the old secret key if his search privileges are revoked on that document. Under a multi-user setting, we propose an advance scheme that can make the fine-grained revocation of the delegated rights on the user level. In the proposed solutions, the re-encryption of ciphertexts is not required to make the revocation of the delegated rights. Additionally, the revocation in the proposed approaches does not affect the non-revoked users, as they do not require updating their corresponding delegated keys. The proposed approaches also preserve users' privacy and anonymity. We present the schemes' correctness proof, formal security analysis as well as performance analysis, which confirm that they are provably secure and practically efficient.
Keywords: Revocation; User Privacy; Annonyity; Searchable encryption; Data sharing; Data retrieval; Cloud server.
A Highly Secure Three-Party Authentication Key Exchange Protocol and its Application in E-Business Communication with ECK Model
by Chien-Ming Wang, Chih-Hung Wang
Abstract: Since for the e-business development, users sometimes need to share sensitive personal information through a public network, they do not want their privacy information revealed by the malicious attackers. In 2007, LaMacchia et al. proposed a two-party authentication key exchange (2PAKE) protocol under the security assumption of Extended Canetti-Krawczyk (ECK) model. Although the ECK model is well designed to guarantee security in a two-party key exchange, it is not suitable in several other real situations with more parties, such as in auction, space communication, and Internet of Things (IOT), among others. Considering these problems, we first propose several ECK-based three-party authentication key exchange protocols, which provide personal privacy security protection and increase the usability of the authentication key exchange protocols. We also discuss three cases in different application environments. Moreover, the pairing operations are used in some cases if the application situations require less communication steps.
Keywords: Extended Canetti-Krawczyk (ECK) model; three-party authentication key exchange (3PAKE); Diffie-Hellman assumptions; pairing algorithm.
On a secured channel selection in Cognitive Radio Networks
by Asma Amraoui
Abstract: Cognitive radio is a technology that improves the use of the radio spectrum by allowing opportunistic exploitation of the wireless spectrum. In this paper, we are interested in securing the cognitive radio network against the PUE (Primary User Emulation) attack. Firstly, our work is concerned with securing the cognitive radio network, by proposing two methods: Secure CR and Optimal CR using a Multi Criteria Decision Making (MCDM) algorithm to choose the best offer and another algorithm which is Blowfish for the authentication. Secondly, we proposed a method using machine learning. After a comparative study, we found that the Secure CR algorithm is more efficient in response time, secured but it does not give the best offer. On the other hand, the Optimal CR algorithm is less efficient than the first, optimal and gives a better result.
Keywords: cognitive radio; multicriteria decision making; machine learning; security; PUE attack.
An Efficient and Provably Secure Authentication Scheme Based on Elliptic Curve Signature Using a Smart Card
by Syed Amma Sheik, Amutha Prabakar Muniyandi
Abstract: Smart card-based authentication schemes play an important role in remote system access and provide a secure method for resource sharing. Over the past two decades, many password-based authentication schemes have been proposed and illustrated by researchers. In this paper, we propose a robust and secure authentication scheme using an ECC (elliptic curve cryptography)-based digital signature scheme along with a smart card. The proposed authentication scheme satisfies all the basic secure requirements described by the researchers. The security analysis for the proposed authentication scheme is performed using a widely accepted random-oracle model. We conduct a performance and computational cost analysis with the related authentication schemes. The proposed authentication scheme shows better efficiency in terms of security and performance compared to related authentication schemes.\r\n
Keywords: Elliptic curve; Authentication; Session key; Smart card; Mask identity.
A Feature Selection Method based on Neighborhood Rough Set and Genetic Algorithm for Intrusion Detection
by Min Ren, Zhihao Wang, Peiying Zhao
Abstract: This paper put forward a feature selection algorithm based on neighborhood rough set and genetic algorithm. Firstly, neighborhood rough set model, expanding the equivalence relation of discrete space to that of continuous space, was improved from two aspects. One was that class average distance of decision attributes was defined to automatically calculate the parameter neighborhood according to the characteristic of the data set. The other was that attribute significance of neighborhood rough set was improved, considering both the impact on decision of a single attribute and the dependency between an attribute and others. Then, genetic algorithm was used to select optimal feature subset based on improved attribute significance. Finally, in order to verify the feasibility, experiments were done on KDD CUP 99, and the results showed that the feature subset selected by the proposed algorithm ensured FCM getting higher accuracy.
Keywords: Rough Set; Neighborhood Relation; Genetic Algorithm; Feature Selection; Attribute Reduction.
Research on intrusion detection method based on SMOTE and DBN-LSSVM
by Gang Ke, Ruey-Shun Chen, Yeh-Cheng Chen
Abstract: Aiming at the problems of low accuracy and high false alarm rate when traditional machine learning algorithm processes massive and complex intrusion detection data, this paper proposes a network intrusion detection method (dbn-smote-lssvm) which combines deep belief network (DBN), synthetic minority oversampling technique(SMOTE) and least square support vector machine (LSSVM). In this algorithm, intrusion detection data is input to the DBN for depth feature extraction, and then a small number of samples are added through smote algorithm. Finally, lssvm is used for classification. Through the effective evaluation of dbn-smote-lssvm model by NSL-KDD data set, the experimental results show that dbn-smote-lssvm algorithm has the advantages of high accuracy and low false alarm rate compared with other algorithms, and improves the detection rate of small sample attacks.
Keywords: deep belief network; least square support vector machine; SMOTE; intrusion detection; nsl-kdd data set;.
A N-Party Authenticated Group Key Distribution protocol using quantum-reflection Architecture
by Hongfeng Zhu, Zhiqin Du, Liwei Wang, Yuanle Zhang
Abstract: Password-based group key agreement protocol (PGKA) can be widely used in situations where multiple participants participate and the participants have high requirements for communication security. For example, the security of communication between many people in social software, privacy protection between teams and so on. In this paper, quantum reflection security protocol is studied and an n-party authenticated group key distribution protocol (N-AGKDP) based on semi-quantum reflection architecture is proposed. The N-AGKDP is a protocol that can implement identity authentication between participants and quickly distribute group keys. In this protocol, a trusted third party (server) selects the session key and sends the quantum sequence containing the session key through the quantum channel to the first participant entering the session in chronological order. The first session participant used the shared base with the server to receive information and put the quantum information he did not need into the delay line device. After the quantum sequence is fully received, the quantum sequence in the delay line device is sent to the next participant. Repeat the above operation until all participants get the session key. The protocol has a general structure for implementing the n-party PGKA program .In addition, we give an example of n=3 so that readers can better understand our agreement. Compared with the traditional password-based group key protocol, our new protocol can resist the attack of quantum computers and is more secure.
Keywords: Semi-quantum protocol; Group key; Authentication; N-party; Quantum-reflection.
Obfuscated Code is Identifiable by a Token Based Code Clone Detection Technique
by Junaid Akram, Danish Vasan, Ping Luo
Abstract: Recently developers use obfuscation techniques to make their code difficult to understand or analyze, especially malware developers. In Android applications, if the application is obfuscated, it is hard to retrieve the exact
source code after applying reverse engineering techniques on it. In this paper, we propose an approach which is based on clone detection technique and it can detect obfuscated code in Android applications very efficiently. We perform two experiments on different types of datasets including obfuscated and non-obfuscated applications source code. We successfully detected the obfuscated code of two types, including identifier-renaming and string-encryption with a high accuracy of 95%. A comparative study with other state-of-the-art tools prove the
efficiency of our proposed approach. Experimental results show that our approach is reliable, efficient and can be implemented at a large-scale level.
Keywords: Obfuscation handling; Code clones; Software security; Malware detection; Android applications; Code reuse.
Safety monitoring of machinery equipment and fault diagnosis method based on support vector machine and improved evidence theory
by Xingtong Zhu
Abstract: Safe and reliable operation of machinery is the primary requirement of enterprise production and the basis for realising the economic benefits. Some of the fault diagnosis methods use evidence theory to determine the fault type by collecting the vibration signals. However, in a complex operating environment, the evidence of vibration signal is high-conflict, so it is difficult to obtain the correct fault type. In order to solve this problem, an improved evidence theory based fault diagnosis method is proposed. First, vibration sensors are used to monitor operating conditions of mechanical equipment and collect vibration signals, and then the dimensionless indicators of these vibration signals are calculated to build the feature dataset. Next, the support vector machine (SVM) is applied to the preliminary fault diagnosis, and the probability of various fault types obtained by the SVM primary fault diagnosis is used as the basic probability assignment (BPA) of evidence. Finally, the improved evidence combination rule based on the Tanimoto coefficient and information entropy is used to fuse the evidence, thus forming the final diagnosis result. The experiments show that the proposed method is effective, achieving the fault diagnosis accuracy of 93.33%.
Keywords: Safety monitoring; fault diagnosis; support vector machine; D-S evidence theory; Tanimoto coefficient; information entropy.
Reinforcement learning based Cooperative Sensing in Cognitive Radio Networks for Primary User Detection
by K. Venkata Vara Prasad, Trinatha Rao
Abstract: Cognitive Radio Networks achieve a better utilization of spectrum through spectrum sharing. Due to interference, power levels and hidden terminal problem, it becomes challenging to detect the presence of primary users accurately and without this spectrum sharing cannot be optimized. Thus detection of primary users has become an important research problem in cognitive radio network. Existing solutions have low accuracy when effect of multipath fading and shadowing are considered. Reinforcement based learning solutions are able to learn the environment dynamically and able to achieve higher accuracy in detection of primary users. However the computational complexity and latency is higher in the previous solutions on application of reinforcement learning to spectrum sensing. In this work,Reinforcementlearningmodel is proposedto detect the presence of primary user.This approach has higher accuracy due to reliance on multi objective functions and reduced computational complexity.
Keywords: Reinforcement learning; Machine Learning; cooperative spectrum sensing; Intelligent Systems.
Methods for automatic malware analysis and classification: A Survey
by Toni Grzinic, Eduardo Blazquez Gonzalez
Abstract: In this review we try to summarize modern malware classification methods rnand analysis tools, and give some insight into the current research efforts that are used rnto build state of the art malware classification systems later used to detectrnmost dangerous malware families built for the operating system Microsoft Windows. rnBefore diving into features used for automatic classification, rnwe describe the accompanying analysis methods that are the rnfundamental building block of every automatic classifier. rnWe try to summarize and categorize efforts of researches and recognize rnthe upcoming problems and challenges in the vibrant malware landscape.
Keywords: malware classification; static analysis; dynamic analysis; review.
Searching the Space of Tower Field Implementations of the F(2^8) Inverter - with Applications to AES, Camellia, and SM4
by Zihao Wei, Siwei Sun, Lei Hu, Man Wei, René Peralta
Abstract: The tower field implementation of the F(2^8) inverter is not only the key technique for compact implementations of the S-boxes of several internationally standardized block ciphers such as AES, Camellia, and SM4, but also the underlying structure many side-channel attack resistant AES implementations rely on. In this work, we conduct an exhaustive study of the tower field representations of the F(2^8) inverter with normal bases by applying several state-of-the-art combinatorial logic minimization techniques. As a result, we achieve improved implementations of the AES, Camellia and SM4 S-boxes in terms of area footprint. Surprisingly, we are still able to improve the currently known most compact implementation of the AES S-box from CHES 2018 by 5.5 GE, beating the record again. For Camellia and SM4, the improvements are even more significant. The Verilog codes of our implementations of the AES, Camellia and SM4 S-boxes are openly available.
Keywords: Tower field; Inverter; S-box; AES; Camellia; SM4.
Emerging DNA Cryptography based Encryption Schemes: A Review
by Pratyusa Mukherjee, Chittaranjan Pradhan, Rabindra Kumar Barik, Harishchandra Dubey
Abstract: Security has been the fundamental apprehension during information transmission and storage. Communication network is inordinately susceptible to intrusion from unpredictable adversaries thus threatening the confidentiality, integrity and authenticity of data. This is where cryptography facilitates us and encodes the original message into an incomprehensible and unintelligible form. DNA cryptography is the latest propitious field in cryptography that has transpired with the advancement of DNA computing. The immense parallelism, unrivalled energy efficiency and exceptional information density of DNA molecules is being traversed for cryptographic purpose. Currently, it is in the preliminary stage and necessitates avid scrutinization. The foremost hindrance in the field of DNA cryptography is computational complexity and lack of sophisticated laboratories. In this paper, we discuss the existing DNA cryptographic approaches and compare their achievements and limitations to provide a better perception. In the end, a modified version of the DNA cryptography combined with soft computing is also suggested.
Keywords: Security; DNA Cryptography; DNA Computing; Bio-inspired Cryptography; Encryption.
Acquiring or Accessing Control Technologies for Big Data Management System: Application and Future Prospective
by Jiying Wu, JEAN-JACQUES DOMINIQUE BERAUD
Abstract: Since Roger Mougalas of O'Relly media coined the word "big data" in 2005, it has been of great interest and has become an area of in-depth research. While most studies have focused on big data in many research areas, the security and confidentiality of data depend on the size, variety, and speed of big data, as well as the lack of reference data models and data manipulation language application associated with them. In this study, we focus on one of the important functions of data security, namely access control to information, diversity of data, management practices and the definition of Data Security Services, namely Access Control, highlighting the differences with traditional Data Management Systems and highlighting some requirements that any large Data Access solution can answer by defining the state of the art and tackle the problems in public. We collected data on some of the best research databases in various research databases. The results showed that Google Scholar has the largest collection of big data. Also, content issues, integration of ideas, key methods, target groups, and big data security, and variable management were integrated into a detailed architectural structure. Finally, critical criticism has been taken into account and the results will add a variety of ways to help researchers interested in learning more about big data management and security by providing new ideas and perspectives for big data access control and management in the future.
Keywords: Big Data; Access control; Data Management System; Security.
Detecting over-claim permissions and recognizing dangerous permission in Android apps
by Monika Shah
Abstract: Android's security is one of the hot research topics in current days. This is mainly due to the leakage of user's privacy information from third-party apps on mobile. Even after the permission model defined by Android we all are witnessing leakage of our critical information. This is mainly due to (1) the Permission model is proportionally coarse granular (2) Insufficient knowledge of user make him approve over-claim permission mistakenly. Henceforth this paper focuses on recognizing dangerous over-claim permission. This starts with describing the permission model,over-claim permission, and some of the dangerous over-claim permission. This paper specifically proposes an algorithm to detect the signature of dangerous permission incorporated during the upgrading version of third-party software.
Keywords: App Upgrade; Android permission model; Over-claim permission ; Dangerous permission ; Information Security.
Hierarchical Data Partition Defense against Co-resident Attacks
by Junfeng Tian, Zilong Wang, Zhen Li
Abstract: Co-resident attacks are one of the most dangerous types of attack in the cloud environment, posing a great threat to data security and survivability for users. The existing data partition-based and data backup solutions provide users with higher storage overhead while improving the data security and survivability for users. A hierarchical data partitioning scheme is proposed that enables the multilevel partitioning of the data and makes the data have a certain order, which improves the security of user data while facilitating data management. At the same time, through the encrypted data backup, under the premise of improving the survivability of the users data, the users storage overhead is reduced. Finally, experiments prove that the proposed scheme improves the data security and survivability and reduces the users storage overhead.
Keywords: Cloud computing; Co-resident attack; Hierarchical data partition; Encrypted backup; Data theft; Data corruption.
Attack Resistant Chaos-based Cryptosystem by Modified Baker Map and Logistic Map
by Debanjan Chatterjee, Barnali Gupta Banik, Abhinandan Banik
Abstract: In recent years, information security has become a crucial aspect of data storage and communication. A large portion of digital data transfer takes place in the form of images such as social media images, satellite images, medical imaging; hence there is a requirement for fast and secure image encryption techniques. Conventional encryption schemes such as DES, AES, prove ineffective due to specific intrinsic properties of images. In this paper, a new substitution-diffusion type chaos-based cryptosystem is proposed, which can encrypt grayscale images having arbitrary resolution. In the substitution stage, image pixels are permuted using a modified form of the discretized 2-D Baker map. Substitution is followed by a two-step diffusion approach that employs a chaotic logistic map. The proposed cryptosystem is resistant to brute force attacks (measured by key-space and key-sensitivity analysis), statistical attacks (tested by Histogram and Chi-Square test) and differential attacks (measured against NPCR, UACI, and Hamming Distance); The proposed method has also been tested for Encryption Quality, Correlation Analysis, Entropy Analysis, and Performance Analysis by measuring Encryption Speed as well as Time Complexity. Therefore, it is sufficiently secured to be used in real-world applications. To prove the unparalleled outcome of the proposed system, four sets of comparisons have been presented with respect to NPCR & UACI, Encryption throughput, and, lastly, with similar & non-similar existing cryptosystems.
Keywords: Data Security; Encryption; Image Communication; Chaos; Sensitivity Analysis; Statistical Analysis;.
A Comprehensive Study of Watermarking Schemes for 3-D Polygon Mesh Objects
by Hitendra Garg
Abstract: Three-Dimensional (3-D) objects have been used in machine design, architecture design, entertainment, cultural heritage, medical field, etc during the last two decades. Increasing trends of 3-D objects attract the researcher, academician, and industry persons for various processing operations on 3-D objects. Extensive growth in specific areas requires Intellectual Property Rights protection and authentication problems. The proposed survey paper provides a comprehensive study of various watermarking solution for 3-D Polygon Mesh Objects (3-D PMO). This comprehensive survey includes an introduction, strength, and limitations to the relevant state of the art. The proposed study write down various problems encountered and their respective solution suggested in various state of art. The robustness of various algorithms is also studied against various attacks applied to watermarked models. At last, future scope and new directions for the robustness and optimization of watermarks on various parameters are suggested.
Keywords: 3-D Object; Polygon Mesh; Robust watermarking; fragile watermarking; attacks; Spatial Domain;Transform frequency Domain.
Cryptanalysis and Improvement of an Authentication Scheme for IoT
by Rahul Kumar, Mridul K. Gupta, Saru Kumari
Abstract: With the interference of various types of embedded devices, sensors and gadgets in day-to-day life, the buzzword Internet of Things (IoT) has become very popular. In the context of the IoT environment, proper device authentication is important. Recently, Wang et al. introduced an authentication protocol for secure communication between the embedded device and the cloud server over IoT networks. They insisted that their protocol is secure from various attacks in the open network. However, we show that Wang et al.'s protocol is not secure against impersonation attack, replay attack and it does not provide devices anonymity. To conquer these problems, we design an improvement of Wang et al.s protocol. We show that our protocol is secure against various attacks; specifically it is free from the attacks pointed out in Wang et al.s protocol. Through performance evaluation of our proposed protocol with the existing related protocols, we show that the proposed protocol is suitable for the IoT environment.
Keywords: Internet of Things; Impersonation attack; Device’s anonymity; ECC; Embedded device.
Game theory approach for analyzing attack graphs
by Khedoudja BOUAFIA, Lamia HAMZA
Abstract: Many real problems involve the simultaneous security of computer networks and systems
as it penetrates all areas of our daily lives. The purpose of attack graph analysis is to be able to protect
computer systems and networks against attacks related to them. In this paper, we have proposed a new
approach to analyzing attack graphs based on game theory in order to reduce network vulnerabilities.
This approach consists of turning a computer security problem into a two-player game and extracting
the best strategies for each of the both of them. The purpose of this work is to help administrator to
take a good decision to better secure network by using game theory methods.
Keywords: Computer security; Network; Vulnerability; Game Theory; Strategies; Attack graph.
Volatile Memory Forensics of Privacy Aware Browsers
by Nilay Mistry, Krupa Gajjar, S.O. Junare
Abstract: Internet Privacy has become a notable concern in todays world. Aside from the common usage of web browsers, users are using such browsers which can protect their privacy using anonymity. Such growing concerns regarding privacy over the Internet have led to the development of privacy-enhanced web browsers whose main aim is to provide better privacy to its users by not storing any information on users personal computers,and at the same time also keeps the users anonymous while browsing. Some users have found an alternative use of these web browsers somewhat illegal in nature. This research encompasses the acquisition and analysis of such kind of Privacy Browsers and compares its outcomes with that of the Portable Web Browsers and Private Modes of Commonly-used Web Browsers to establish the claim of these Privacy Browsers of keeping providing a higher level of privacy
Keywords: Privacy Browser; Portable Browser; Memory Forensics; RAM Analysis; Digital Forensics; Cyber Crime.
A Novel Traceback Model for DDoS Attacks Using Modified Floyd-Warshall Algorithm
by Mohamed Zaki, Sherif Emara, Sayed Abdelhady
Abstract: Distributed denial of service, DDoS, attacks are drastically increasing, therefore, they cause serious threats for information networks. One of the most dangerous aspects of such attacks is phishing i.e. the ability of masking the attacker IP address. Thus, it is extremely difficult to traceback DDoS attackers. However, there are different reasonable methods that are capable of tracing them back. These methods include packet marking, logging, combination of both marking and logging and entropy variation techniques. This paper proposes, for the first time, the use of a graph theoretic approach to exploit the entropy techniques for detecting and tracing back DDoS attackers. It presents a novel approach to traceback DDoS Attacks using modified Floyd-Warshall Algorithm, TDA/MFWA. Such model starts by feeding the network adjacency matrix in which the link weights are changed to comply with the network traffic entropy, accordingly the reachability from node to node can be examined. Then we borrowed the idea of enumerating all the intermediate points between every pair of
network nodes from Floyd-Warshall algorithm and modified it to find out the victim node(s).
The fact that entropy at network nodes is systematically accounted using a modified Floyd-Warshall algorithm contributes to the smartness and dependability of TDA/MFWA. This fact is confirmed by a large set of experiments that emphasized not only the effectiveness of the model but also its superiority with respect to other DoS/DDoS traceback algorithms.
Keywords: Packet logging; Packet marking; Entropy variation; Modified Floyd-Warshall Algorithm; Traceback; DoS/DDoS attack.
Data Privacy with Heuristic Anonymization
by Sevgi Arca, Rattikorn Hewett
Abstract: Data are abundant. This makes data privacy more vulnerable than ever as attackers can infer confidential data from different query sources. Anonymization ad-dresses the issue of data privacy by making sure that each set of "critical" data values belongs to more than one individual so that the identity of the individual can be protected. Techniques for anonymization have been studied extensively but most have been designed to address each specific goal as opposed to providing an integrated system solution for computation, optimality, and data usage. This paper articulates and compares various aspects of privacy objectives for data anonymization. Most importantly, the paper also presents HeuristicMin, a new anonymization approach that applies generalizations along with optimal Artificial intelligence search to securing privacy by satisfying user-specified anonymity requirements while maximizing information preservation. By exploiting monotonicity property of generalization and using simple heuristics with appropriate generalization grain size (to prune and narrow down the search space), HeuristicMin is both effective for practice and theoretically grounded. We illustrate and provide analytical and empirical comparisons of our approach with other representatives including those designed for optimal generalization and classification. We differentiate the meanings of optimality. Furthermore, experimental results show that in addition to achieving the optimal generalized data to satisfy anonymity requirements, HeuristicMin can sustain the data quality for classification relatively well even though its intent is to keep the generalized data as close as possible to the original.
Keywords: privacy; anonymization; data generalization; bottom-up generalization.
Collaborative Filtering based Recommendations against Shilling Attacks with Particle Swarm Optimizer and Entropy Based Mean Clustering
by Anjani Kumar Verma, Veer Sain Dixit
Abstract: Recommender System (RS) in the present web
environment is required to gain the knowledge of the users and
their commitments such as like and dislike about any items
available on the e-commerce sites. Movie recommendations are
one of such type in which shilling attack is increasing day by day,
this will destroy or abruptly disturb the meaning of the data when
recommended to others. Also, the hazards of shilling attacks
degrade the performance of web recommendations. Hence, to
address this issue the paper, Collaborative Filtering (CF) based
hybrid model is proposed for movie recommendations. The
Entropy-Based Mean (EBM) clustering technique is used to filter
out the different clusters out of which the top-N profile
recommendations have been taken and then applied with Particle
Swarm Optimization (PSO) technique to get the more optimized
recommendations. This research is focused is on getting secure
recommendations from different recommender systems.
Keywords: Collaborative Filtering; Entropy Based Mean;
Particle Swarm Optimizer; Recommender System; Shilling
DIP-QGA: A Secure and Robust Watermarking Technique Based-on Direct Image Projection and Quantum Genetic Algorithm.
by Djalila Belkebir
Abstract: This paper presents three novel methods for hiding and extracting a watermark. The strategy of the first method is to project pixels into a new image. The key is a combination of the rotation and distance related to the viewer. The new pixel positions resulted from the direct image projection (DIP) are then used to hide the secret message. The aim of the second method relies on improving the security of a message against image manipulations (i.e., histogram analysis and RS steganalysis) where a combination between DIP and genetic algorithm (DIP-GA) is done. After that, we highlight the main challenges and issues that occur from the use of GA. Due to that, we propose the main contribution in our paper which is the use of quantum genetic algorithm (QGA) in the DIP method (DIP-QGA). QGA is based on the concepts and principles of quantum computing, such as quantum bits, quantum gates, and superposition of states. We evaluate our proposals performance on the USC-SIPI dataset As a result, an improvement in PNSR and MSE is obtained (90.15% and 94.34% respectively).
Keywords: direct image projection; DIP; steganography; watermarking; quantum computing; genetic algorithms.
Push and Nuke Attacks Detection using DNN-HHO Algorithm
by Veer Sain Dixit, Akanksha Bansal Chopra
Abstract: Collaborative recommender systems are widely used as a tool to offer recommendation for a product to its users. These systems produce recommendations to its users using information based on user-item ratings. However, these systems are highly vulnerable to biased ratings injected by malicious users. These biased ratings lead to attacks, namely, push attacks and nuke attacks that degrade the performance of collaborative recommender systems. To handle this problem, the paper proposes a novel model to improve the detection of attack profiles in collaborative recommender systems by using a hybrid approach. The proposed algorithm is then compared with baseline algorithms. The study also evaluates and compares various measure metrics for both proposed and traditional algorithms.
Keywords: push attack; nuke attack; DNN-HHO.
User Anonymity based Secure Authentication Protocol for Telemedical Server Systems
by Sunil Gupta, Pradeep Arya, Hitesh Kumar Sharma
Abstract: Telemedical server system enables a user to support the monitoring of health at home and access the medical facility over the network. Recently, many schemes have been proposed for providing security in the medical server system. Recently in year 2017, Limbasiya and Shivam proposed a scheme for medical applications using two-factor key verification. They claimed that the protocol provides security against all types of known active and passive attacks. In this paper we show that the Limbasiya and Shivam scheme suffers from user anonymity, replay and impersonation attack. The Limbasiya and Shivam scheme fails to provide low power consumption in terms of cryptographic computational operation and over head to the server. We propose a secure user anonymity-based authentication protocol to remove the weakness of formerly protocols. Our scheme is more effective in terms of mutual authentication and low power consumption. The performance analysis of our protocol shows less cryptographic computational cost and the server overload. The proposed protocol is tested and analysed using AVISPA security verification to confirm the secure and authentic protocol for telemedical server system.
Keywords: authentication; telemedical server; AVISPA; efficiency; smart card.