International Journal of Information and Computer Security (111 papers in press)
Regular Issues
Prediction Based Robust Blind Reversible Watermarking for Relational Databases 
by Unni Krishnan K, Pramod K V
Abstract: Objectives: As the size of database grows, the possibility of database corruption also increases. One such example is of temporal databases in which deletion never occurs except in case of vacuuming. A strong security mechanism is needed to find any database modification. In case of any tampering, tampered data should be identified and recovery of original data from the tampered one is also essential. Methods: In this work, a new watermarking scheme for database authentication and forensic analysis is developed. The proposed system uses a set of watermark bits to make a validation and recovery mechanism for database authentication. In order to measure the robustness of this approach, online available yahoo financial data is watermarked through this approach and simulation of insertion, modification and deletion attacks are performed. Findings: Normalized Correlation (NC) and Mean Square Error (MSE) are used for measuring the performance of this approach. Extensive analysis shows that the proposed method is robust against various forms of database attacks, including insertion, deletion and modification. Improvement: In future, in order to identify the best possible locations for embedding the watermark, optimization algorithms can be used. Also methods may be developed for enhancing the embedding capacity of the watermark.
Keywords: Database Watermarking; Database Forensic Analysis; Tuple Insertion Attack; Tuple Deletion Attack; Tuple Modification Attack; Blind Watermarking; Reversible Watermarking;.
Improved RSA Lossy Trapdoor Function and Applications
by Nanyuan Cao, Zhenfu Cao, Xiaolei Dong, Haijiang Wang
Abstract: Kakvi and Kiltz (EUROCRYPT'12) proposed the fristtight security reduction for RSA Full Domain Hash signature scheme (RSA-FDH) with public exponent $e < N^{1/4}$ in the random oracle (RO) model, and they left an open problem which called for a tightly secure RSA-FDH for $ N^{frac{1}{4}} Keywords: RSA; Lossy Trapdoor Function; Full Domain Hash; Blind Signatures.
On the Adoption of Scramble Keypad for Unlocking PIN-protected Smartphones
by Geetika Kovelamudi, Bryan Watson, Jun Zheng, Srinivas Mukkamala
Abstract: Lock screen is a user interface feature used in mobile operating systems to prevent unauthenticated access and protect sensitive private information in the mobile devices. PIN (Personal Identification Number) is a simple and effective mechanism for screen unlocking used by about one third of smartphone users. However, PIN unlock is also susceptible to a number of attacks such as guessing attacks, shoulder surfing attacks, smudge attacks and side-channel attacks. Scramble keypad is a method proposed to improve the security of PIN by changing the keypad layout in each PIN-entry process. However, scramble keypad has not been provided as a standard feature in popular mobile operating systems like Android and iOS. In this work, we conducted a security and usability analysis of scramble keypad through theoretical analysis and user studies. The security analysis shows that scramble keypad can defend smudge attacks perfectly and greatly reduce the threats of side-channel attacks. The results of our user study demonstrate that scramble keypad has a significant better chance to defend shoulder surfing attacks than standard keypad. We also investigated how the usability of scramble keypad is compromised for the improved security through a user study. Our work suggests that it is worthy to include scramble keypad as a standard option of mobile operating systems for unlocking PIN-protected smartphones.
Keywords: scramble keypad; PIN unlock; mobile security; usability; attacks.
Vulnerability Severity Prediction Model For Software Based on Markov Chain
by Gul Jabeen, Xi Yang, Ping Luo
Abstract: Software vulnerabilities primarily constitute security risks. Commonalities between faults and vulnerabilities prompt developers to utilize traditional fault prediction models and metrics for vulnerability prediction. Although traditional models can predict the number of vulnerabilities and their occurrence time, they fail to accurately determine the seriousness of vulnerabilities, impacts, and severity level. To address these deficits, we propose a method for predicting software vulnerabilities based on a Markov Chain model, which offers a more comprehensive descriptive model with the potential to accurately predict vulnerability type, i.e., the seriousness of the vulnerabilities. The experiments are performed using real vulnerability data of three types of popular software: Windows 10, Adobe Flash Player and Firefox, and our model is shown to produce accurate predictive results.
Keywords: software vulnerability; VL; severity/seriousness; prediction model; software security; Markov Chain.
DOI: 10.1504/IJICS.2019.10020761
FairAccess 2.0: a smart contract-based authorization framework for enabling granular access control in IoT
by Aafaf OUADDAH
Abstract: In this paper, we explore access control area as one of the most crucial aspect of security and privacy in IoT. Actually, conventional security and privacy solutions tend to be less tailored for IoT. Then, designing a distributed access control with user-driven approach and privacy-preserving awareness in IoT environment is of a paramount importance. In this direction, we have investigated in our previous work a new way to build a distributed access control framework based on the blockchain technology through our proposed framework FairAccess. The first version of FairAccess was based on the UTXO model. However, this version presents limitations in expressing more granular access control policies. To tackle this issue, this paper upgrades the proposed Framework to FairAccess 2.0 that uses SmartContract concept instead of the unlocking script. Thus, we show a possible working implementation based on ABAC policies, deployed on the Ethereum blockchain. The obtained results show the efficiency of FairAccess 2.0 and its compatibility with a wide range of existing access control models mainly the ABAC model. Finally, a performance and cost evaluation, discussion and future work are elaborated.
Keywords: security; privacy; access control; authorization; ABAC; blockchain; smart contract; IoT; Raspberry PI; Ethereum.
A Complexity Reduced and Reliable Integrity Protection for Large Relational Data over Clouds
by Waqas Haider, Wasif Nisar, Tanzila Saba, Muhammad Sharif, Raja Umair, Nadeem Bilal, Muhammad Attique
Abstract: At present governments and private business operations are highly dependent on relational data applications such as bank accounts, citizen registration etc. These relational data dependent operations require reliable integrity protection while utilizing the cloud computing storage infrastructure. Identification and recovery of stolen bits are a major assistance to the reliable integrity protection services for the sensitive relational data applications. To deal with the problems of detecting and recovering tampering in large relational data at minimum computational complexity, in this paper N8WA (briefed in section 2.1) coding based scheme is presented. Overall the scheme is comprised of two cross functional modules. The first module is labeled as compact code generation using N8WA coding and code registration at registration module (RM). In the second module which is called accurate locating/restoring tampering, utilizing the mismatching of different compact codes based on N8WA from RM, the major/minor tampered data is accurately located and restored. Investigational outcome indicates that the scheme ensures the computational complexity of O(n2) while minimum to maximum alterations is accurately localized and restored successfully.
Keywords: Cloud Data Recovery; Database Integrity verification; Digital Tamper-proofing; Localization; Restoration; Multiple Data types; Fragile watermarking; Zero Watermarking; Lossless compression.
Secure Session between IoT Device and Cloud Server based on Elliptic Curve Cryptosystem
by Ting-Fang Cheng, Ying-Chin Chen, Zhu-Dao Song, Ngoc-Tu Huynh, Jung-San Lee
Abstract: The Internet of Things (IoT) has brought the properties of convenience, intelligence, and manageability into our daily lives. Nevertheless, it also gives malicious attackers lots of opportunity to compromise our private information. Hence, the security issue over IoT has become an emergent and crucial research topic. Kalra and Sood proposed an authentication scheme for IoT device and cloud server in 2015 [13]. Unfortunately, Chang et al. have pointed out weaknesses of Kalra and Sood scheme and provided proper improvements in 2017 [14]. However, we have found that the improved version still exists potential risks. Thus, we aim to develop a brand-new ECC based authentication mechanism for offering a secure session between IoT device and could server. In particular, the new method is proved secure under the examination of AVISPA, which is a formal verification tool.
Keywords: IoT; authentication; ECC cryptosystem.
A hierarchical method for assessing cyber security situation based on ontology and fuzzy cognitive maps
by Zhijie Fan, Chengxiang Tan, Xin Li
Abstract: The hierarchical analysis method is widely used in the field of cyber security situation assessment, it is a key research topic. However, lots of them have paid less attention to the analysis of interrelationships among cyber security situation elements, and still have no effective cyber security events tracking capability. In this work, we proposed a hierarchical cyber security situation assessment method based on ontology and Fuzzy Cognitive Maps (FCM). Firstly, we collected cyber security events from multiple ways and created a general cyber security risk events according to structured description of events based on ontology. Secondly, we generated semi-automatically the FCM structure according to general cyber security risk events using our FCM build method. Thirdly, we assessed and quantified cyber security situation based on ontology and FCM, and then determined the cyber security situation level according to relevant cyber security risk level table. At last, the cyber security events tracking capability was introduced. In our experiment, we used DARPA2000 dataset to verify and analyze our cyber security assessment method and explained tracing the high-risk events in target network. The result shows that our method can reflect the cyber security situation accurately and has the cyber security tracing capability.
Keywords: cyber security situation; situation assessment; hierarchical analysis; ontology; fuzzy cognitive maps; tracing back.
DOI: 10.1504/IJICS.2021.10034834
Multi-Writer Multi-Reader Conjunctive Keyword Searchable Encryption
by Dhruti Sharma, Devesh C. Jinwala
Abstract: We explore the area of searchable encryption aiming to identify the schemes supporting multiple data owner (writers) and multiple data users (readers). Especially, we observe multi-writer multi-reader (MWMR) searchable encryption schemes focusing on multi-keyword search. However, such MWMR schemes offer a centralized token generation approach whereby an Enterprise Trusted Authority (ETA) issues a search token to each reader in system, and thus introduce two serious issues, viz. leakage of keywords to ETA and $O(q cdot R)$ communication overhead for $R$ readers and $q$ queries per reader. In this paper, we alleviate these issues by proposing an MWMR scheme with a decentralized token generation approach. With such an approach, a registered data reader constructs a search token without interacting with ETA and thus provides an efficient token generation with keyword privacy from ETA. Additionally, we incorporate a more expressive especially, conjunctive keyword search with the scheme. With formal security analysis, we prove that the scheme effectively stands against chosen keyword attack performed by inside or outside attacker. With theoretical and empirical analysis, we justify the effectiveness of the proposed scheme.
Keywords: Searchable Encryption; Multi-Writer Multi-Reader Searchable Encryption; Conjunctive Keyword Search; Indistinguishability of ciphertext against Chosen Keyword Attack.
DOI: 10.1504/IJICS.2019.10023071
On QoS-aware Location Privacy in Mobile Networks
by Nour El Houda Senoussi, Abdelmalik Bachir, Abdelmadjid Bouabdallah
Abstract: We deal with the threats to user privacy in the context of wireless local networks. We focus on location privacy where an adversary tries to learn a user's past and current locations. The current WiFi standard is vulnerable to location privacy and mobility profiling attacks due to the transmission of personally identifying information such as the MAC address in plain text. We provide a generic mathematical model to quantify and express the privacy and elaborate a decentralized algorithm that allows users to attain their desired levels of privacy while lowering its effect on the QoS perceived by them. We evaluate our proposal with numerical simulation and mobility traces collected from WiFi users in an office environment. We show that higher privacy can be obtained with a variable effect on the throughput available to users.
Keywords: Location Privacy; Entropy; Distributed Algorithms; Quality of Service; WiFi.
A Provably Secure Lightweight Certificateless Aggregate Signature Scheme for Healthcare Wireless Sensor Networks
by Ismaila Kamil, Sunday Ogundoyin
Abstract: In healthcare wireless sensor networks (HWSNs), a patient's body usually contains several wearable or implantable wireless sensors which generate and transmit physiological data to a medical server (MS) where authorized medical professionals can access relevant medical data for efficient patient's diagnosis and treatments. Due to the sensitivity of patient's health information, data authenticity, and integrity are critical issues to be addressed in healthcare industry. To achieve data integrity and authenticity, aggregate signature is generally used. Several certificateless aggregate signature (CL-AS) schemes have been proposed to address the certificate management issue in the traditional public key cryptography and to solve key escrow problem. However, their designs are based on bilinear pairing operation which is known to be mathematically complex. Thus, the performances of the existing CL-AS schemes are sometimes unsatisfactory.
In this work, we propose a novel pairing-free certificateless aggregate signature scheme with strong anonymity for HWSN. The scheme does not only achieves data integrity and authenticity, but solves private-key compromise problem and provides countermeasure against privilege escalation. We show that the scheme is provably secure against Type I and Type II adversaries in the random oracle model based on the Elliptic Curve Discrete Logarithm Problem (ECDLP) assumption. The performance analysis and comparison show that the scheme has a significant efficiency in terms of computation and communication overhead. Therefore, the proposed scheme is more suitable for practical applications in a resource-constraint Internet-of-Things (IoT) environment.
Keywords: Healthcare; Wireless Sensor Network; Cryptography; Elliptic Curve Discrete Logarithm Problem; Certificateless; Batch Verification.
High utility Differential privacy based on smooth sensitivity and individual ranking
by Fagen Song, Tinghuai Ma
Abstract: Differential privacy can provide provable privacy security protection. In recent years, a great improvement has been made, however, in practical applications, the utility of original data is highly susceptible to noise, and thus, it limits its application and extension. To address the above problem, a new differential privacy method based on smooth sensitivity has been proposed in this paper. Using this method, the datasets utility is improved greatly by reducing the amount of noise that is added.
Keywords: differential privacy; privacy protection; data publish; smooth sensitivity; k-anonymous.
A Lightweight Security and Privacy-Aware Routing
Scheme for Energy-Constraint Multi-hop Wireless
Sensor Networks
by Oladayo Olakanmi
Abstract: Unique constraints associated with wireless
sensor networks notably, limited resources and physical
exposure of sensor nodes have warranted the need for a
lightweight and low energy demand security mechanisms
for wireless sensor networks (WSNs). Most of the existing
security schemes demand computational power beyond the
computational capacity of WSNs making them unsuitable
security schemes for WSNs routing protocols.
In this work, a lightweight security and privacy scheme
for WSNs routing protocol is developed. An elliptic
curve cryptography, scalar blinding, symmetric encryption,
and modified Diffie Hellman key exchange protocol
are adopted to evolve an additive perturbation that ensures
data integrity, and an effective authentication that ensure
confidentiality during routing. The security analysis shows
that our scheme is secured against possible known attacks
and performs better than some of the considered state-of-
the-art schemes used in WSNs. Both the analytical
and experimental results not only show that the proposed
scheme requires lower computational power but with
increase level of security and speed.
Keywords: Wireless Sensor network; Obfuscation;
Encryption; Routing protocol; Security and Privacy.
Local Anatomy for Personalized Privacy Protection
by Boyu Li, Yanheng Liu, Minghai Wang, Geng Sun, Bin Li
Abstract: Anonymization technique has been extensively studied and widely applied for privacy-preserving data publishing. However, most existing methods ignore personal anonymity requirements. In these approaches, the microdata consists of three categories of attribute: explicit-identifier, quasi-identifier, and sensitive attribute. In fact, the data sensitivity should be determined by individuals. An attribute is semi-sensitive if it contains both QI and sensitive values. In this paper, we propose a novel anonymization approach, called local anatomy, to address personalized privacy protection. Local anatomy partitions the tuples who consider the value as sensitive into buckets inside each attribute. We conduct some experiments to illustrate that local anatomy can protect all the sensitive values and preserve great information utility. Additionally, we also present the concept of intelligent anonymization system as our direction of future work.
Keywords: data publishing; personalized privacy protection; semi-sensitive attribute.
DOI: 10.1504/IJICS.2019.10021466
Cryptographic Strength Evaluation of AES S-box Variants
by Umer Waqas, Shazia Afzal, Mubeen Akhtar Mir, Muhammad Yousaf
Abstract: The 8x8 s-box of AES produced in Galois Field of Degree 8 (GF(2^{8})) is a non-linear transformation that have the significant effect on the strength of entire cipher algorithm. In recent years, many researchers have constructed AES s-box variants by changing the values of the parameters in the equation of AES s-box generation algorithm. The strength of these S-box variants is mainly evaluated against the cryptographic properties like avalanche effect, non-linearity, and bit independence criteria, however, there are many other important cryptographic properties of s-box, which need to be evaluated before adopting the s-box in a cipher algorithm. In this paper, ten cryptographic properties are evaluated for the cryptographic strength of AES s-box variants. The results of five properties namely differential and linear probability, non-linear measurement, balance property and algebraic degree remains the same for any s-box variant, it is due to isomorphic equivalence nature of the variants. Whereas, strict avalanche effect, bit independence criteria, correlation immunity, cyclic property and fix point property showed different results for different s-box variant, which are highlighted in this paper. The results of s-box variants for above mentioned cryptographic properties are compared with the standard AES s-box. Finally, the conclusion of overall security of s-box variants with respect to these ten properties is conferred.rn
Keywords: BIC ; CAM Variants ; CIP Variants ; CIPA Variants ; Non-rnlinearity ; S-box Variants ; SAC.
DOI: 10.1504/IJICS.2019.10023727
Optimized K-Anonymization Technique to deal with Mutual Friends and Degree Attacks
by Amardeep Singh, Monika Singh, Divya Bansal, Sanjeev Sofat
Abstract: Online social networks have become a predominant service on the web collecting the huge amount of users information. It is drastically revolutionizing the way people interact with each other. Publishing data of social network users for researchers, academicians, advertising organizations etc. has raised many serious privacy implications. Lots of techniques have been proposed for preserving the privacy of individuals handling different types of attack scenarios used by adversaries. In this paper, we address a new attack model i.e. mutual friends attack model, in which an adversary can identify the victim nodes by using information about the number of their mutual friends. An algorithm Optimized K-anonymization has been devised that can deal with two types of attacks i.e. degree attacks and the number of mutual friends attacks. The experimental results illustrate that our proposed algorithm can preserve the identification of individuals and subsequently maintain the utility of data.
Keywords: Privacy preserving; Social Networks; Degree attacks; Mutual friends attacks; K-Anonymization; Twitter; APL; Information loss.
New Approach in the Applications and Forensics of the Networks of the Internet of Things Based on the Fog Infrastructure Using SDN
by Shahrzad Sedaghat
Abstract: Ubiquitous computing with smart mobile devices, Internet of Things, virtualization, cloud, and fog is changing yesteryears static networks to dynamic networks of mobile smart devices. Fog computing is a pattern which expands cloud computing and the provision of related services to the network edge. Therefore, fog computing was recently introduced to provide storage and network services between end users and traditional cloud computing data centers. The present study aimed to consider the structure, architecture, and applications of fog computing and analyze its differences and similarities with cloud computing, examine forensics in these networks and finally, present a new approach in this regard. This paper describes how the emerging technology- Software Defined Networking (SDN) can be deployed a single infrastructure and leveraged to provide scalable flexible forensic solutions in this diverse and service providers/IT in a deal with the dynamic nature of todays networks attacks.
Keywords: Cloud computing; fog computing; forensics; Internet of Things; software-defined networks.
A Robust Passive Blind Copy-Move Image Forgery Detection
by Jayashree D. Gavade, S.R. Chougule, Vishwaja Rathod
Abstract: In this digital era, digital image forensic is the important research area which deals to verify the authenticity of the digital image. Copy-move forgery is a very common type of forgery used to change the meaning of the image. This paper proposes the passive blind forensic technique to detect the copy-move forgery in the image. In this technique, the combination of Dyadic Wavelet Transform (DyWT) and Scale Invariant Feature Transform (SIFT) algorithms is used to detect the copy-move forgery. In last step, RANSAC is used to improve the detection accuracy. The performance of the proposed method is verified with 45 original and forged images. To test the robustness of the algorithm, forged images with various attacks, such as scaling, rotation, small object and multiple copy-move pasting are considered. The experimental results reveal that the proposed technique identifies and locates the forged area even when the images are contaminated with rotation or scaling attacks. This method also can effectively detect multiple copy-move forgeries. The comparison of the proposed method is carried out with the existing methods in terms of detection accuracy, recall, and precision. The simulation results show that for the most of the cases the proposed method outperforms the existing methods.
Keywords: Image forensic; Copy-move forgery; SIFT; DyWT; DWT; RANSAC etc.
DOI: 10.1504/IJICS.2019.10033714
Performance Evaluation of Optimized Protocol in MANET
by Mamata Rath, Binod Kumar Pattanayak
Abstract: Reliability being the major issue in efficient data transmission of real time applications in Mobile Adhoc Networks (MANET), this paper presents the design of a trustworthy routing protocol with delay optimization and power competence for MANET. The scheme is based on the routing technique of Adhoc On demand Distance Vector Routing (AODV) protocol which is a prominent reactive routing protocol of MANET. The key design methodology used in this research work is based on calculation of threshold value at every node regarding the power consumption rate of the node during processing, allowable delay at node with respect to the bounded delay and the packet processing rate. A cross layer approach of communication has been presented at the junction of data link layer and network layer in order to distribute the total route searching overhead for application specific packets among both the layers. The proposed protocol displays superior performance in terms of throughput, delay and more network life time when compared with conventional AODV protocol which can be derived from the simulation results of Network Simulator NS 2.35.
Keywords: MANET,QoS,Network Layer.PDO,AODV.
A Handwriting Document Encryption Scheme Based on Segmentation and Chaotic Logarithmic Map
by Fadi Abu-Amara, Ameur Bensefia
Abstract: A one-dimensional chaotic logarithmic map (CLM) is proposed. Characteristics of the CLM are investigated and used to develop a symmetric handwriting document encryption scheme that consists of three phases. The segmentation phase divides a handwriting image into graphemes. The permutation phase shuffles pixel locations of each grapheme. Finally, the substitution phase modifies pixel intensity values of the corresponding permutated grapheme utilizing the chaotic logarithmic map. Experimental results indicate that the proposed CLM poses interesting characteristics such as wide range chaotic behaviour, robust chaos, s-unimodality, and high sensitivity to a small change in initial condition. Results also indicate that the randomly generated keystreams by the CLM pass the NIST statistical tests. Furthermore, the proposed segmentation and encryption scheme achieves a key space of 2^180 and provides a high encryption performance for handwriting documents. In addition, statistical results indicate the superior permutation and substitution properties of the proposed encryption scheme over other image encryption schemes of the same structure.
Keywords: Handwriting Document; Grapheme; segmentation; Chaotic Logarithmic Map; Image Encryption.
DOI: 10.1504/IJICS.2019.10024887
DroidMD: An Efficient and Scalable Android Malware Detection Approach at Source Code Level
by Junaid Akram, Majid Mumtaz, Gul Jabeen, Ping Luo
Abstract: Security researchers and antivirus industries have speckled a stress
on Android malware, which can actually damage your phones and threatens the
Android markets. In this paper, we propose and develop DroidMD, a scalable self-improvement based tool, based on auto optimization of signature set, which detect malicious apps in the market at source code level. A prototype has been developed tested and implemented to detect malware in applications. We implement and
evaluate our approach on almost 30,000 applications including 27,000 benign and
3,670 malware applications. DroidMD detects malware in different applications
at partial level and full level. It analyzes only the applications code, which increase
its reliability. DroidMD detected similar malware code fragments in different
malware families and also victim source code files from benign applications.
Additionally, DroidMD detects similar code fragments which were injected into
many applications, which can be the indication of malware. Our evaluation of
DroidMD demonstrates that our approach is very efficient in detecting malware
at large scale with high accuracy of 95.5%.
Keywords: Mobile security; Mobile software; Malware detection; Code clones; Android apps reusability; Android evolution.
DOI: 10.1504/IJICS.2019.10020453
Digital video watermarking tools: an overview
by H.R. Lakshmi, Surekha Borra
Abstract: Piracy and copyright infringement is a serious concern with internet connectivity becoming a necessity rather than luxury. Due to this, there is a constant need to come up with new copyright protection algorithms and also new watermarking tools to suit users needs. This paper provides a survey on various video watermarking tools available in the market. This paper summarizes the basic concepts in video watermarking, new attacks and latest applications of video watermarking which are evolving. Each tool has been described highlighting its pros and cons for its applicability. The challenges involved in watermarking of video content have also been detailed.
Keywords: Watermarking tools; Video watermarking; Applications; Challenges in Watermarking.
DOI: 10.1504/IJICS.2019.10023312
CICIDS2017 Dataset: Performance Improvements and Validation as a Robust Intrusion Detection System Testbed.
by Akram Boukhamla, Javier Coronel Gaviro
Abstract: Nowadays, network security represents a huge challenge on the fight against new sophisticated attacks that are continually increasing in terms of information security threats. Many Intrusion Detection Systems (IDS) have been developed and improved to prevent not allowed access from malicious intruders.
Developing and evaluating accurate IDS involve the use of varied datasets that collect most relevant features and real data from up-to-date types of attacks to real hardware and software scenarios. Unfortunately, there are only a few complete datasets available for public use, due to privacy and security reasons.
This paper describes and optimizes a new dataset available called CICIDS2017, which overcomes issues mentioned above, and provides researchers data to test with their new IDS developments, with updated real-life attacks. Using Principal Component Analysis (PCA) for the optimization process of the CICIDS2017 dataset, the dimensionality of the features and records have been reduced without losing specificity and sensitivity, thus, reducing the overall size and leading to faster IDS. Finally, the optimized CICIDS2017 dataset is evaluated using three well known classifiers (KNN, C4.5 and Na
Keywords: Detection System (IDS); Network security; Network attacks; CICIDS2017; Principal Component Analysis (PCA); Machine learning.
Empirical risk assessment of attack graphs using time to compromise framework
by Urvashi Garg, Geeta Sikka, Lalit Awasthi
Abstract: The proliferated complexity of network size together with the expeditious development of software system applications and their large number of vulnerabilities, security hardening is becoming a challenge for security specialists. Operating systems and applications need to be updated on time to ensure the security of the system, but it is neither feasible nor possible to remove every single vulnerability on a system. In this research work, time-based analysis strategy has been proposed to prioritize the machines in terms of their risk factor so as to handle riskier one first. In this regard, a real-time network has been analyzed and observed for vulnerabilities present on various systems/ machines/ hosts in the network and attack graph is generated. Further, the proposed technique was applied on attack nodes (hosts) to find the approximate time to exploit the systems which can be further used to prioritize hosts and attack paths according to their risk of being exploited. Additionally, the proposed methodology can be advantageous in a finding minimal set of machines that needs attention to ensure complete network security. To the best of authors knowledge, this is the first time that attack paths have been analyzed and prioritized using the time to compromise scheme.
Keywords: Attack graph analysis; Attack path time; Vulnerability analysis; Time to compromise model.
Fault-based testing for discovering SQL injection vulnerabilities in web applications
by Izzat Alsmadi, Ahmed AlEroud, Ahmad A. Saifan
Abstract: In this paper we proposed a model to investigate the behaviour of websites when dealing with invalid inputs. Many vulnerabilities rise from invalid inputs. An invalid input is considered as a form of a successful attack if it is processed by the website code or back-end database. Based on this assumption, we proposed a list of indicators that tested invalid inputs are processed. A tool is developed to implement this model. We tested the model through evaluating several websites selected randomly. Our tool has no special credentials or access to any of the tested websites. We found many SQL injection vulnerabilities based on our proposed model. Upon the manual investigation of the web pages that showed such vulnerabilities, we found few instances of false positives. We believe that this can provide a systematic and automated approach to test websites for vulnerabilities related to improper input validation.
Keywords: SQL-injection attacks; security; web applications; software testing.
Leveraging Intel SGX to Enable Trusted and Privacy Preserving Membership Service in Distributed Ledgers
by Xueping Liang, Sachin Shetty, Deepak Tosh, Peter Foytik, Lingchen Zhang
Abstract: Distributed Ledger Technology (DLT) provides decentralized services by removing the need of trust among distributed nodes and the trust of central authority in the distributed system. Transactions across the whole network are visible to all participating nodes. However, some transactions may contain sensitive information such as business contracts and financial reports, or even personal health records. To protect user privacy, the architecture of distributed multi-channel ledger with membership service as a critical component can be adopted. We make a step towards such vision by proposing a multi-channel membership service architecture that combines two promising technologies, distributed ledger and Intel Software Guard Extensions (SGX). With SGX remote attestation and isolated execution features, each distributed node can be enrolled as a trusted entity to a specific channel or a set of channels. Multiple channels help to separate different applications and provide better flexibility to participants of transactions. We propose security properties for membership service in distributed ledger and illustrate how SGX capabilities help to achieve these properties in each phase of membership service, including member registration, enrollment, multi-channel formation, transaction signing and verifying, transaction auditing, as well as certificate renewal and revocation. Our security analysis and performance evaluation show that the SGX enabled membership service could enhance the support of privacy preservation, and defense capabilities against adversarial attacks, with scalability and cost effectiveness.
Keywords: Intel SGX; Distributed Ledger; Blockchain; Membership Service; Security; Privacy; Channel.
Multi-Channel Time-Frequency Fusion Attacks
by Yuchen Cao, Yongbin Zhou, Hailong Zhang
Abstract: Side-Channel Analysis (SCA) is one of the most powerful attacks against cryptographic implementations. Multi-channel Fusion Attack (MCFA) which can utilize leakages measured from different side channels is a new type of SCA. Till now, existing MCFAs mainly work in the time domain. This paper take time-frequency joint information into consideration, and proposes Time-Frequency Fusion Attacks (TFFA). TFFA can be easily expanded to multi-channel case, and this kind of attack is named Multi-Channel Time-Frequency Fusion Attack (MCTFFA). In comparison to existing MCFAs, TFFA and MCTFFA are more effective. Practical experiments against unprotected AES-128 (implemented on MCU and FPGA) and masked AES-128 (implemented on FPGA) show that proper MCTFFA can reduce the number of traces needed to achieve a success rate of 1 by 23\% to 60\%, compared to that of MCFA. These improvements can be achieved without overhead in measurement complexity.
Keywords: Side Channel Attacks; Multi-Channel Fusion Attacks; Joint Time-Frequency Analysis.
Time-based Key Management in Attribute-based Encryption using Piecewise Key Generation
by Geng Wang
Abstract: Key management is essential in using attribute-based encryption (ABE)
for dynamic access control in the practicalworld. Although user or key delegation
has been widely discussed for ABE, it cannot solve all the key management
problems. In this paper, we give a time-based key management scheme for
ABE, providing the ABE scheme has piecewise key generation and ciphertext
delegation, based on the revocation scheme in (21). In detail, we introduce a
public time-related key generated by KDS, which stores the beginning time of the
currently valid secret key for each user. For any ciphertext, user must download
a time-related key which is generated later than the ciphertext, and use the timerelated
key along with the user private key to decrypt the ciphertext successfully.
The user private key must be generated at the time stored in the time-related key, so
any user cannot use outdated or revoked private keys to decrypt new ciphertexts,
and ciphertext delegation is used to renew any ciphertext up to the current time.
We also prove the security of the ABE schemes with time-based key management
based on the security of piecewise key generation, for both KP-ABE and CP-ABE
schemes.
Keywords: Attribute-Based Encryption; Key Management; Dynamic Access Control.
Heuristic Trust Based Neighbour Centric Routing for CPS enabled Wireless Sensor and Adhoc Network
by Chetna Singhal, Rajesh A
Abstract: Security in cyber physical system (CPS) enabled wireless sensor and adhoc network(WSN) is carried out using trustworthy intermediate neighbor nodes, through which sensed information can be securely dispatched to the destination. In this paper, we propose a trust dependent routing scheme to select secure most routes in such network, which focuses on evaluating any neighboring entity through direct and indirect trust opinion. Trust assessment is carried out on neighbors by various trust metrics, namely, packet delivery ratio, delay, throughput, topology, energy, and control packets. Initially, we developed the Trust Based Neighbor Centric Routing (TBNCR) algorithm for static CPS enabled WSN. At later stage, this is further enhanced to meet the dynamic challenges of Mobile Ad-hoc Network (MANET) and also tested with various network density and probable security threats. Our simulation reveals that the proposed TBNCR protocol achieved almost 10-15% higher throughput and reduced packet loss when compared with similar works carried out in literature.
Keywords: Cyber physical system; Trust based Routing; Wireless Sesnor and Ad-Hoc Network; TBNCR.
Supporting Features for Flow-Level Packet Analysis towards Cyber Threat Detection: A Pilot Study
by Emmanuel C. Ogu, Olusegun Ojesanmi, Oludele Awodele, Afolashade Kuyoro
Abstract: Thousands of new threats and threat categories continue to emerge every second in cyberspace, even as known threats keep adapting robustly to existing solutions. This has challenged modern approaches and solutions to threat detection and potentially rendered some of these obsolete even before they are able to find applicability. Much contemporary cyber / network threat detection solutions rely largely on flow-level packet analysis, by monitoring trends and patterns of activity in supporting flow features of interest. However, while this has been the case, little attention has been paid to whether or not such supporting flow features still present an effective means of reaching accurate conclusions regarding imminent or occurrent cyber threat incidents, especially in the face of a rapidly evolving and adapting 21st century cyber threat landscape. This research is therefore a necessary pilot study to a larger research that aims to develop a state-of-the-art detection solution against a newly uncovered category of cyber threats known as subversive cyber threats. The goal of this pilot study being to reinvestigate four of the more commonly used supporting flow features in modern threat detection solutions, viz. Flow Packet Count, Flow Packet Throughput (bytes/s), Flow Packet Throughput (packets/s), and Average Flow Packet Size (bytes), in trying to ascertain / verify their continued relevance in the development of new cyber threat detection solutions. The study adopts the methodology of data simulation with descriptive infographic analysis using the recent UNSW-NB15 cybersecurity dataset.
Keywords: Threat Intelligence; Cyber Threats; Packet Analysis; Flow Features; Threat Detection; Cyber Security; Network Security.
A Layer-Crossing, Multi-factor and Dynamic Security Model over Moving Target Defense
by Zhanwei Cui, Jianping Zeng, Chengrong Wu
Abstract: As an emerging technology for network security, moving target defense (MTD) has a broad prospect for application. At present, the techniques based on moving target defense mainly focus on the single parameter hopping and rarely refer to the hopping of multiple parameters in multiple layers. With the background of database security, this paper constructs a layer-crossing, multi-parameter and dynamic security model over moving target defense. The model selects seven parameters which belong to different layers in the database connection, and through mathematical modeling of the attack behavior and the reconnection time of the legitimate users, this model obtains the two functions of the successful attack probability and the average reconnection time to the hopping intervals of the seven parameters. Then through mathematical analysis to the two functions, this paper comes to the conclusion that it is impossible to let the successful attack probability and the average reconnection time take the minimum values at the same time. Finally, combined with specific scenarios, this paper gives the specific expressions of the two functions above and the optimal hopping interval of each parameter under different scenarios. Compared to actual application, this paper mainly focuses on the theoretical study of the security model, so the model and methods proposed in this paper are not only applicable to the security of database system, but also applicable to other information systems.
Keywords: Moving target defense; layer-crossing; multi-parameter; security model; optimization analysis.
Modelling and Visualising SSH Brute Force Attack Behaviors Through a Hybrid Learning Framework
by Xiao Luo, Chengchao Yao, A. Nur Zincir-Heywood
Abstract: Much research has focused on increasing the network anomaly detection rate while reducing the false positive rate through exploring different learning algorithms, including the most recent deep learning neural networks. However, many of the learning algorithms work as a `black box' and do not provide insight into the anomaly behaviours to support the decision-making process. This research explores a proposed hybrid learning framework to model and visualise the host-based normal and attack network behaviours. The framework consists of two major learning components: the Self-Organizing Map (SOM) is employed to recognize the network flow clusters and to visualise them on a two-dimensional space; and the Association Rule Mining (ARM) algorithm is deployed to analyse and interpret the traffic behaviours within clusters. Sequential patterns of the flows are also analysed and visualised through the sequences of clusters or neurons on the trained SOM maps. The proposed framework is evaluated on six SSH traffic sets to measure and understand how successful it is at extracting and interpreting the patterns representing normal and attack behaviours. The visualized patterns demonstrate that the SSH brute force attacks behave similarly to each other but differently than the SSH normal traffic. The proposed framework sheds light on how learning systems could be designed to model and visualise network behaviours in terms of data extraction and representation.
Keywords: Data Modelling; Pattern Visualisation; Traffic Analysis; Network Security; Attack Detection; Learning Framework.
Vulnerability Discovery Modeling: A General Framework
by Adarsh Anand, Navneet Bhatt, Omar H. Alhazmi
Abstract: Due to the rising popularity of software-based systems, software engineers are required to continuously monitor the software to have deep insights about the loopholes and keep a close check on the vulnerability discovery process. Over time each module of software is tested and identified for loopholes using various vulnerability discovery models (VDMs) that exist. In this paper, based on hazard rate function approach, we have developed a unified framework to capture the behavior of various vulnerability trends during the discovery process. The utility of the proposed approach helps in identifying and studying different discovery scenarios (various distribution functions) under one canopy. Furthermore, we also discuss a method called normalized criteria distance, which compares different sets of VDMs using a set of comparison criteria in order to rank and select the best model from among VDMs. The proposal has been supplemented with validation done on real life vulnerability discovery data sets.
Keywords: Vulnerability; Vulnerability discovery models (VDMs); Hazard rate; Unification approach; Security; Breaches; Ranking Method.
Adaptive Classifier based Intrusion Detection System using Logistic Regression and Euclidean Distance on Network Probe Vectors in Resource Constrained Networks
by Rahul Saha, Gulshan Kumar, Mritunjay Kumar Rai, Hye-jin Kim
Abstract: Intrusion detection system is a second layer of security in network security paradigm. With the progressing wireless technologies, the malicious activities are also increased with a rapid pace. But to secure the data communication in such environment, we need to have intrusion detection mechanism in use. Several mechanisms are introduced for the intrusion detection purpose. These existing algorithms are also capable of incorporating adaptive features but lack in the complexity and usability issues. Moreover, the real time adaptive learning is a missing link in these algorithms. In this paper, we have proposed a model of intrusion detection that deals with the learning mechanism on network probe data and identifies the intrusion by detecting the outliers with Logistic Regression. We have used Euclidean distance for outlier detection. The results show that our model is less complex in terms of time consumption and efficiently detects the intrusions.
Keywords: intrusion; outliers; learning; profile; classification; Euclidean; threshold.
DOI: 10.1504/IJICS.2019.10020902
Time-Shared AES-128 Implementation with extremely low cost for smart card applications
by SARAVANAN PARAMASIVAM, Shanthi Rekha Shanmugham
Abstract: Smart cards have seen tremendous growth in the past few years due to their multiple functions delivering ability. They can be used for personal identification, healthcare applications, financial applications etc. Smart cards contain an embedded circuit that stores and processes a large amount of data. One of the key function performed by the circuit is the cryptographic operation namely encryption. Since these devices are resource constrained, low-cost implementations of cryptographic algorithms are desirable. AES is one of the standard encryption algorithm proposed by NIST and is proved to be a suitable candidate for secure and lightweight implementations on hardware compared to its other symmetric counterparts. This work proposes a novel low-cost implementation of AES-128 algorithm using time-shared architectures for contactless smart card applications. The proposed architecture reuses the primitives in a twofold mechanism leading to a novel resource efficient architecture on an FPGA platform.
Keywords: Smart Cards; Advanced Encryption Standard; Cryptography; Low Cost Implementation; Throughput; Resource Constrained; VLSI Implementation;.
Privacy Preserving Techniques for Decision Trees
by Xiaoqian Liu, Qianmu Li, Tao Li, Ming Wu
Abstract: As a representative classification model, decision tree has been extensively applied in data mining. It generates a series of if-then rules based on the homogeneity of class distribution. In a society where data spreads everywhere for knowledge discovery, the privacy of the data respondents is likely to be leaked and abused. Based on this concern, we propose an overview of the rapidly evolving research results focusing on privacy preserving decision tree induction. The research results are summarized according to the characteristics of related privacy preservation techniques, which include data perturbation, cryptography, and data anonymization. In addition, we demonstrate the comparison between the merits and demerits of these methods considering the specific property of decision tree induction. At last, we conclude the future trend of privacy preserving techniques.
Keywords: decision tree; privacy preservation; ensemble; differential privacy.
A robust multi-factor remote user authentication scheme for cloud-IoT services
by Geeta Sharma, Sheetal Kalra
Abstract: The rapid growth of communication technologies with the Internet as a backbone requires secure remote access. Cloud computing and Internet of Things (IoT) is a growing Information and Communication Technologies (ICT) paradigm which consists of several Internet-enabled devices. Due to the ever increasing amount of data generated in cloud-IoT environment, securing these systems becomes crucial. This paper proposes a robust remote user authentication scheme for cloud-IoT services. Formal and informal security analysis proves that the scheme is resilient to potential attacks. The simulation of the proposed scheme using AVISPA proves the security of the proposed scheme.
Keywords: Authentication; AVISPA; Cloud computing; Internet of Things.
Enhanced Bitcoin with Two-Factor Authentication
by Fatemeh Rezaeibagha, Yi Mu
Abstract: Bitcoin transactions rely on digital signatures to prove the ownership of bitcoin.
The private signing key of the bitcoin owner is the key component to enable a bitcoin transaction.
If the signing key of a bitcoin is stolen, the theft who possesses
the key can make a transaction of the bitcoin.
In this paper, based on the distance-based encryption (DBE), we propose an enhanced version of bitcoin in order to protect the signing key. Our approach is based on our two-factor authentication, where the signing key cannot be retrieved without being identified via the password and biometric authentication scheme,
and the user is only required to enter his password and fingerprint (or other biometric information such as a factual image) to retrieve the key. By doing this, we can effectively improve the bitcoin security and provide
stronger authentication. An attractive feature of our scheme is that one of encryption schemes
is asymmetric, in the sense that the decryption key (biometric information) is not stored in the device.
We also provide the security model and proof
to justify the security of our scheme.
Keywords: Authentication; Encryption; Bitcoin; Blockchain.
Pixel based Hybrid Copy Move Image Forgery Detection using Zernike Moments and Auto Color Correlogram
by Jitesh Kumar Bhatia, Anand Singh Jalal
Abstract: In the todays era, nearly all of us rely on the images for the memories of our life and loved ones. The images are useful in proving anything in the court of law by showing them as an evidence of the event, getting insurance of a mishappening, getting appreciation, or for conveying personal lifestyle to their friends through social media. However, various Image editing tools like Adobe Photoshop, Picasa, and Light room, etc. can produce forged images, thus changing the perspective of the viewer about the event. Image Forgery has become much prominent nowadays and is being done either for fun or for an intention. In this paper, a method to detect copy move forgery is presented by combining the two features namely, Zernike Moments and Auto color correlogram. The Zernike moment checks the shape of the objects in the block. The Auto color correlogram checks for distance of each color pixel taking into account the 64 colors. These two features combine together to identify the regions for which copy-move forgery exists. Thus, the method detects the presence of copy-move forgery in the image along with the localization of the forged region. The method out-performs the existing methods which are also based on the probability approach.
Keywords: Image Forgery; Image Forensics; Blind Techniques.
DOI: 10.1504/IJICS.2019.10036171
Secure Key Exchange Scheme: A DNA Computing based Approach to Resist MITM in DHKE
by Sreeja Sukumaran, Mohammed Misbahuddin
Abstract: Diffie-Hellman Key Exchange (DHKE) protocol was a pioneering work and considered as a new direction in the field of Cryptography though it is not an encryption protocol. DHKE is a method to exchange the keys securely, based on the discrete logarithm problem. It has applications in Internet security protocols including SSL, IP Sec, and SSH. The major issue with DHKE is its vulnerability to Man in the middle attack (MITM). Various techniques have been proposed to resist the MITM attack including digital signatures. This paper proposes DNA Computing based encryption techniques to resist MITM in DHKE. DNA Cryptography builds on the concepts of biomolecular computations which is considered as one of the emerging directions in the Cryptography. The proposed methodology also includes an encryption technique based on DNA based Codebook, secret sharing and DNA Cryptography to exchange parameters securely. The security analysis of the proposed scheme is evaluated by theoretical analysis. Formal analysis of the proposed protocol is done using Scyther and all the modeled claims are validated and positive results are obtained.
Keywords: DHKE; DNA; DNA Encryption; MITM; DNA-DHKE.
Blockchain-Based Decentralized Access Control Scheme for Dynamic Hierarchies
by Gaurav Pareek, B.R. Purushothama
Abstract: Cryptographic hierarchical access control is widely employed in systems that manage data or resources. To meet scalability and high availability requirements, it is desirable that an access control scheme is decentralized in nature. Proposing a blockchain-based cryptographically decentralized access control scheme for dynamic hierarchies that is consistent with the standard centralized hierarchical access control model is the main focus of this paper. Towards this, we propose a new decentralized key assignment scheme for a dynamic hierarchy of mutually distrustful security classes. We use blockchain transactions, consensus and validation mechanisms as tools to achieve cryptographic decentralization of hierarchical access control. Important highlight of the paper is that the proposed decentralized scheme does not compromise on performance and storage requirements of the standard centralized hierarchical key assignment schemes. In particular, the proposed scheme requires symmetric decryption operations for key derivation, is secure under strong key indistinguishability and features efficient dynamic update operations without any trusted third-party. Proposed is the first hierarchical key assignment scheme that features all the aforementioned properties.
Keywords: Blockchain; Decentralization; Hierarchical Access Control; Strong Key Indistinguishability.
An Improved Privacy Aware Secure Multi-Cloud Model With Proliferate Elgamal Encryption for Big Data Storage
by PRABU KANNA, Vasudevan V
Abstract: With the massive deployment of resources and the diverse applications, the cloud computing is emerged with sort span of time. The increase in number of users and the service providers cause massive data transmission. The secure data storage in cloud server is a major issue. The isolation of sensitive attributes in the customer profile and the uploading of encrypted data to the multi-server-based cloud are the major issues in the existing applications. This paper proposes the novel Rule based Statistical Disclosure Method (RSDM) and Access Control Policy based Access Restriction (ACPAR) to integrate the activities of sensitive attribute prediction and the data uploading stages in cloud computing. Initially, the normalization based on the hide and visibility metric assignment to the fields in the dataset used to isolate the sensitive and normal attributes in the customer profile. Then, the data encryption is performed through proliferate ElGamal algorithm sequentially and stored into the cloud. The RSDM serves as the base for sensitive data isolation. Then, the access control policy is designed to control the profile-viewing ability of bank employees to assure the security. The proposed work decrypts the data associated with the denormalized profile for integrity. The comparative analysis between the proposed RSDM-ACPAR with the existing sensitive data prediction models regarding the encryption time, policy generation time, execution time and the access time shows the effectiveness of proposed work in sensitive data-based applications.
Keywords: Big Data Storage; Security; Rule-based Statistical Disclosure Control (RSDC) method; Multi-Cloud Model; Proliferate ElGamal Encryption and Decryption; Cloud Service Provider (CSP); Access Control Policy.
On Power Analysis Attacks against Hardware Stream Ciphers
by Rangana De Silva, Iranga Navaratna, Malitha Kumarasiri, Janaka Alawatugoda, Chuah Chai Wen
Abstract: Power analysis attacks are a type of attack which measures and analyses thernpower consumption of electronic circuits to extract secret information,rnparticularly the secret encryption key. These attacks have become a hugernthreat for embedded systems, in which the security depends on ciphers. Hence,rnmany researchers try to find vulnerabilities of cryptosystems against powerrnanalysis attacks, so that they can develop countermeasures to ensure thernsecurity of such systems. In this paper, we review some of the recent powerrnanalysis attacks on modern hardware stream ciphers such as Trivium, Grain andrnMICKEY.
Keywords: Power Analysis Attack; Stream Cipher; Trivium; Grain; MICKEY.
DOI: 10.1504/IJICS.2019.10023739
Securing IoT-based Collaborative Applications Using a New Compressed and Distributed MIKEY Mode
by Mohammed Riyadh ABDMEZIEM
Abstract: Multimedia Internet KEYing protocol (MIKEY) aims at establishing
secure credentials between two communicating entities. However, existing
MIKEY modes fail to meet the requirements of low-power and low-processing
devices. To address this issue, we combine two previously proposed approaches
to introduce a new compressed and distributed MIKEY mode applied to a
collaborative Internet of Things context. A set of third parties is used to discharge the constrained nodes from heavy computational operations. Doing so, the MIKEY pre-shared mode is used in the constrained part of network, while the
public key mode is used in the unconstrained part of the network. Furthermore,
to mitigate the communication cost we introduce a new header compression
scheme that reduces the size of MIKEYs header from 12 Bytes to 3 Bytes in the
best compression case. To assess our approach, we performed a detailed security
analysis using a formal validation tool (i.e. Avispa). In addition, we performed
an energy evaluation of both communicational and computational costs. The
obtained results show that our proposed mode is energy preserving whereas its
security properties are preserved untouched.
Keywords: Internet of Things (IoT); Collaborative applications; MIKEY protocol; Key management protocols; Security.
ExOShim: Preventing Memory Disclosure using Execute-Only Kernel Code
by Scott Brookes, Robert Denz, Martin Osterloh, Stephen Taylor
Abstract: Information leakage and memory disclosure are major threats to the security in modern computer systems. If an attacker is able to obtain the binary-code of an application, it is possible to reverse-engineer the source code, uncover vulnerabilities, craft exploits, and patch together code-segments to produce code-reuse attacks. These issues are particularly concerning when the application is an operating system because they open the door to privilege-escalation and exploitation techniques that provide kernel-level access. This paper describes ExOShim: a 325-line, lightweight shim layer, using Intels commodity virtualization features, that prevents memory disclosures by rendering all kernel code execute-only. This technology, when combined with non-deterministic refresh and load-time diversity, prevents disclosure of kernel code on time-scales that facilitate kernel-level exploit development. Additionally, it utilizes self-protection and hiding techniques to guarantee its operation even when the attacker gains full root access. The proof-of-concept prototype described here has been demonstrated on a 64-bit microkernel. It is evaluated using metrics that quantify its code size and complexity, associated run-time performance costs, and its effectiveness in thwarting information leakage. ExOShim provides complete execute-only protection for kernel code at a runtime performance overhead of only 0.86%. The concepts are general and could also be applied to other operating systems.
Keywords: virtualization; operating systems; security; memory disclosure;.
Secured Spray and Focus Protocol Design in Intermittently Connected Mobile Networks
by Maitreyi Ponguwala, Meda Sreenivasa Rao
Abstract: Mobile Adhoc networks are the wireless networks in which there is not a fixed route form source to destination because of dynamic topology. One of such networks is an intermittently connected mobile networks. In these networks the conventional routing algorithms like AODV fails as they develop an end- to end path form source to destination. Generally we may go with spreading type of flood based routing methods for this type of networks. We are suffering with a lot disturbances with these routings and they deliver the packet with the high probability due to wastage of energy. In turn performance of the network goes down. In this paper we proposed an efficient way of routing by a spray and focus algorithm in order improve the overall performance by reducing of delays for message transmission.
Keywords: Ad hoc networks; delay tolerant networks; intermittent connectivity.
DOI: 10.1504/IJICS.2019.10022979
Image steganalysis: real-time adaptive colour image segmentation for hidden message retrieval and Matthew's correlation coefficient calculation
by B. Yamini, R. Sabitha
Abstract: Adaptive image steganography is the method of hiding secret information in colour adaptive regions of the image. Its counter method to reveal hidden secret information is called as adaptive image steganalysis. In the proposed method, the colour correlations between pixels are used to identify the adaptive region of the image by real time adaptive colour image segmentation. Bi-cubic interpolation method is applied on these colour adaptive regions to extract the features from the selected region. These features are considered for classification using support vector machine classifier, to distinguish between stego and cover images. Reversible two least significant bit (LSB) technique is used to identify and to retrieve the hidden content from the payload locations. The accuracy is measured using Matthew's correlation coefficient calculation. The results of real-time adaptive colour image segmentation outperform the methods, normalised cut segmentation, MX-quadtree segmentation and watershed segmentation.
Keywords: adaptive steganalysis; steganography; stego images; F-score; Matthew's correlation coefficient; bi-cubic interpolation method; reversible two LSB; support vector machine; SVM.
DOI: 10.1504/IJICS.2019.10023087
Effort Based Fault Detection and Correction Modeling for Multi Release of Software
by Iqra Saraf, A.K. Shrivastava, Javaid Iqbal
Abstract: Most of work on SRGMs in a unified multi release approach has been done using calendar time. Not much heed is given to consumption pattern of various testing resources. Due to stiff market rivalry, developers need to develop latest versions of software in multiple releases. Apart from being beneficial, it also turns to be challengeable as revision in the code creates hindrances in updating the software. Testers may find it difficult to rectify a detected fault resulting in imperfect debugging or error generation. Testing phase is affected by many factors which may change at any time, concept called as change point. In this work, we propose detection and correction based general scheme for modeling multi-release of software under the realistic environment of imperfect debugging, error generation, change point and testing effort. Parameter estimation has been done on Tandem data and SRGMs have been ranked using Distance Based Approach.
Keywords: Imperfect debugging; Mean Value Function (MVF); Non-Homogenous Poisson Process(NHPP); Software Reliability Growth Model(SRGM); Testing effort Function (TEF); Non-Linear Regression; Multi release; Distance Based approach(DBA).
DOI: 10.1504/IJICS.2021.10033715
Security Analysis and Improvements of a Universal Construction for Round-Optimal Password Authenticated Key Exchange Protocol
by Hongfeng Zhu, Xintong Wang
Abstract: Authenticated key exchange (AKE) protocols enable two parties to generate a shared, cryptographically strong key while communicating over an insecure network under the complete control of an adversary. Recently, Jonathan et al presents two PAKE protocols which make the communication reduce to one-round. At the same time Jonathans protocols achieve the mutual authentication and agreement the session key by constructing smooth projective hash functions. However Jonathans two protocols are subjected to KCI (Key Compromise Impersonation) attack. Based on these motivations, this paper firstly put forwards a framework one-round PAKE protocols. And then we propose a provably secure and flexible one-round PAKE scheme based on chaotic maps. Comparison with Jonathans two protocols, the results show that our one-round PAKE scheme can not only refrain from consuming modular exponential computing and scalar multiplication, but is also robust to resist various attacks, especially for KCI attack. Finally we also give the provable security of our scheme.
Keywords: Authentication; Key exchange; Chaotic maps; One-round communication; Key Compromise Impersonation.
SoC-based Abnormal Ethernet Packet Detector with Automatic Ruleset Generator
by Jiwoong Kang, Jaehyun Park
Abstract: The importance of a high performance network intrusion detectionrnsystem (NIDS) increases for the network security. To match the high bandwidthrnnetwork, hardware-based rather than software-based NIDS is necessarilyrnrequired. In this paper, a system on chip(SoC)-based Ethernet packet detectorrnthat supports an automatic ruleset generator is proposed. The proposed rulesetrngenerator automatically constructs the whitelist ruleset from the collectedrnEthernet packets. The whitelist ruleset is composed of 6-tuples; MAC address,rnIP address, and TCP/UDP port number of source and destination network nodes.rnThe prototype system was implemented using Xilinxs Zynq-7030 SoC runningrnat 250MHz. The network header of the Ethernet packets are compared to thern256 whitelist rulesets within 0.032μsec, which means that the malicious packetsrnfrom the abnormal network nodes are filtered out even before the whole packetsrnarrives. This real-time packet filtering feature is useful in protecting highlyrnsecure network systems like the industrial control systems.
Keywords: Ethernet packet detector; network intrusion detection system; System on Chip (SoC).
Scalable Shares Generation to Increase Participants of Counting-Based Secret Sharing Technique
by Taghreed Alkhodaidi, Adnan Gutub
Abstract: Secret sharing scheme is one of the efficient methods which offers secret information protection against unauthorized persons. This scheme formed by some share keys that can share access the secret key using their share keys at the same time. Many techniques of information security and secret sharing have been developing over the last years. This research focuses on the counting-based secret sharing scheme. This work introduces a new algorithm to improve the generation of share keys by increasing the size of the secret key for generating an unlimited number of share keys. We achieved that by expanding the size of the secret key and repeating its value. The paper shows interesting results as analysis and comparisons among the proposed expansion options of the secret key.
Keywords: secret sharing; secret key; share key; information security; generation; shares generation.
Adaptive Steganographic Scheme using a Variable Matrix Embedding
by Youssef Taouil, El Bachir Ameur, Amine Benhfid, Rachid Harba, Hassan Douzi
Abstract: Steganography is the art of concealing secret information within digital media. The main challenge of steganography resides in the discretion of the concealment, it must not modify the cover image to an extent that might arise the suspicion of eavesdroppers. In this paper, an adaptive steganographic scheme based on Faber-Schauder Discrete Wavelet Transform (DWT) is proposed. Data is hidden in the details coefficients, which are divided into smooth and complex areas. Smooth area does not tolerate changes with a great magnitude, we hide one bit in every coefficient via a variable matrix embedding that hides 2n bits of data into 2n+1 coefficients while modifying at most n coefficients. In the complex area, data is hidden by substituting the Least Significant Bits (LSB)s of the coefficients, and the Optimal Pixel Adjustment Procedure (OPAP) is utilized to minimize the modification. The performance of the proposed work is tested through experiments on a variety of images and comparison with literature. We obtain a good imperceptibility and embedding rate that respect the complexity of the cover image. We also reach a high level of security by using a correcting procedure that preserves the histogram in the smooth area.
Keywords: Steganography; Information Hiding; Faber-Schauder DWT; Matrix Embedding; Least Significant Bit; Optimal Pixel Adjustment Procedure; Adaptive Steganography.
DOI: 10.1504/IJICS.2019.10025032
A truncated mean lp-LDA approach for intrusion detection system
by Zyad Elkhadir, Mohammed Benattou
Abstract: Dealing with cyber threats, especially intrusion identi�cation, is a critical area of research in the �field of information assurance. The hackers employ polymorphic mechanisms to masquerade the attack payload and evade the detection techniques.Numerous feature extraction methods have been used to increase the efficacy of intrusionrndetection systems (IDSs) such as Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA). Nonetheless, the classical LDA approach that is based on the l2-norm maximization is very sensitive to outliers. As a solution to this weakness, the researchers proposed many LDA models which rely on l1 and lp norms (p < 2). These variants gave satifactory results in solving many pattern recognition problems. However,these LDA models have an important limitation. The class mean vectors employed arernalways estimated by the class sample averages. This approximation is not sufficient enough to represent the class mean, particularly in case there are samples that deviate from the rest of data (outliers). In this paper, we suggest to use the truncated mean to estimate the class mean vectors in lp-LDA model. Many experiments on KDDcup99 indicate the superiority of the lp-LDA over many LDA variants.
Keywords: Linear Discriminant Analysis; truncated mean; Network Anomaly Detection; KDDcup99.
DOI: 10.1504/IJICS.2021.10032177
Botract: Abusing Smart Contracts and Blockchains for Botnet Command and Control
by Omar Alibrahim, Majid Malaika
Abstract: This paper presents how smart contracts and blockchains can be potentially abused to create seemingly unassailable botnets. This involves publishing command and control (C2) logic in the form of smart contracts to the blockchain and then calling the functions of the smart contract for sending and receiving commands and keeping track of the state of bots. We call this technique Botract derived by merging two words: bot and contract. In addition to describing how hackers can exploit smart contracts for C2, we also explain why is it difficult to disarm Botract given the distributed nature of the blockchain and the persistent nature of smart contracts deployed on top of them. Next, we describe the architecture for deploying blockchain-based botnets and implement a proof-of-concept using isolated testnet environments. Our goal is to prove the feasibility of our approach, hoping to create awareness among the community on the importance of auditing smart contracts on the blockchain and defending against these botnets before they become widespread.
Keywords: smart contract; blockchain; security; botnets; Ethereum.
A data-owner centric privacy model with blockchain and adapted attribute-based encryption for Internet-of-Things and Cloud environment
by Youcef Ould-Yahia, Samia Bouzefrane, Hanifa Boucheneb, Soumya Banerjee
Abstract: Advances in Internet of Things (IoT) and cloud computing technologies have led to the emergence of new applications such as in e-Health domain bringing convenience for both physicians and patients. However, the development of these new technologies makes users' privacy vulnerable. The threats on private data may arise from service providers themselves voluntarily or by inadvertence. As a result, the data owner would like to ensure that the collected data are securely stored and accessed only by authorized users. In this paper, we propose a novel data-owner centric privacy model in IoT/cloud environment. Our model combines two promising paradigms for data privacy, which are Attribute-Based Encryption (ABE) and blockchain, to strengthen the data-owner privacy protection. We propose a new scheme of ABE that is, in one hand, suitable to resource-constrained devices by externalizing the computing capabilities, thanks to Fog computing paradigm and, in the other hand, combined with a blockchain-based protocol to overcome a single point of trust and to enhance data-owner access control.
Keywords: IoT; Cloud; Privacy; Fog computing; Blockchain; Attribute-Based Encryption; e-Health.
A Dynamic Key Management Paradigm for Secure Wireless Ad Hoc Network Communications
by AJEET SINGH, Appala Tentu Naidu, V. Ch. Venkaiah
Abstract: Mobile Adhoc Network (MANET) is an autonomous system of mobile nodes, which are connected each other through wireless links. A mobile adhoc network (MANET) is a type of self configuring network and have dynamic topology. Since each node in MANET is free to move independently, they can change their links to other nodes frequently. Secure communication among nodes in mobile adhoc networks is a major concern. Many key management (KM) schemes and protocols have been\r\nevolved in past years, but developing fundamentally secure key management scheme for dynamic MANETs is still an open research problem. In this paper, first we reviewed some significant existing KM schemes and compared based on various criterias and design parameters. Next, we have proposed a scheme for pairwise Key Agreement with updation of key pre-distribution shares while new nodes are getting added to the MANET. Further, we have given our simulation results and performed a comparative analysis based on different simulations parameters. Future research issues are also discussed at the end of the paper.
Keywords: Mobile adhoc network; Security; Key management; Key predistribution; Symmetric key management.
DOI: 10.1504/IJICS.2021.10029986
Anti-Forensic Reversible Multi Frame Block to Block Pixel Mapping Information Concealing Approach to Increase the Robustness and Perceptibility
by Sunil K. Moon, Rajshree D. Raut
Abstract: Since last two decades internet, cloud computing, digital media creates their strong self-existence due to YouTube, Twitter, Facebook, WhatsApp and transfer of cryptocurrency through net banking. Due to these developments, every nation and its people are communicating with each other. All this internet application requires video and audio, hence so there is a requirement to improve the security, privacy and confidentiality of transmitted the sensitive information over internet applications is the biggest issue. The major key challenges in any type of steganography are the security of hidden information, very good recovery of both secret and original data, perceptibility, and robustness. The proposed algorithm resolves all the key issues in the existing steganography transmitted data through internet protocol which is built on the latest reversible video crypto steganography approach. In this paper, reversible audio video crypto steganography is implemented using Multi Frame Block to Block Pixel Mapping Exploding Modification Direction (MFBBPM EMD) algorithm is to embed secret data as images and audio. Furthermore, to increase the perceptibility, robustness, and security of hidden data, anti-forensic detection approach and different types of attacks are applied on stego video during transmission which does not disturb the original stego video and secret data. Theoretical analysis and simulation result obtain through Lab View shows the effectiveness of the proposed novel technique which maintains good recovery of both original and secret data without any distortion with larger data conceal capacity as compared to any existing techniques.
Keywords: Audio Video Crypto Steganography; MFBBPM-EMD; Anti-Forensic Detection; Data Security; Attacks; Lab View.
DOI: 10.1504/IJICS.2019.10033436
Design and Implementation of an ASIP for SHA-3 Hash Algorithm
by Yavar Safaei Mehrabani, Roghayeh Ataie, Mohammad Hossein Shafiabadi, Abolghasem Ghasempour
Abstract: In recent years application specific instruction set processor (ASIP) has attracted many researchers attention. These processors resemble application specific integrated circuits (ASICs) and digital signal processors (DSPs) from the performance and flexibility point of view, respectively. In other words ASIP makes compromise between performance and flexibility criteria. The SHA-3 hashing algorithm has been introduced as the safest and the newest algorithm in 2015 as a global standard. In this paper a processor with specific instruction set is designed and implemented with regard to variant execution steps of this algorithm. In order to modeling and simulation of the processor we have used the VHDL hardware description language and the ModelSim SE 6.1 tool. Moreover in order to implement it on field programmable gate array (FPGA) platform we have used the Xilinx ISE 10.1 tool. The implemented processor has 213.356 MHz operating frequency and 3.004 Mbps throughput.
Keywords: ASIP; Processor; Instruction set architecture; Hash; SHA-3 Algorithm.
DOI: 10.1504/IJICS.2019.10033341
Simple multi-scale human abnormal behavior detection based on video
by Gang Ke, Ruey-Shun Chen, Yeh-Cheng Chen, Yu-Xi Hu, Tsu-Yang Wu
Abstract: Aiming at the problem of real-time and low accuracy of automatic recognition of human abnormal behavior in public area surveillance video, a simple multi-scale human anomaly behavior detection algorithm based on video was proposed. Firstly, the binary image sequence of human body in surveillance video is acquired by background modeling method based on visual background extraction(ViBe). Then, the simple multi-scale algorithm is constructed by combining the aspect ratio, motion trajectory and video continuous interframe motion acceleration of the minimum circumscribed rectangle of the binarized image. The human target behavior is judged, and then the normal behavior of the human bodystanding, walking, jogging, and abnormal behaviorcalling for help, falling, throwing, squatting, and sudden running are identified. The experimental results show that the human body moving target recognition by ViBe combined with simple multi-scale algorithm for abnormal behavior detection has good real-time performance and high accuracy.
Keywords: pedestrian recognition;anomalous behavior detection; ViBe algorithm;simple multi-scale algorithm.
A New Image Encryption Algorithm Based on Cascaded Chaos and Arnold Transform
by Yujie Wan, Baoxiang Du
Abstract: Aiming at the problem that the existing one-dimensional chaotic system hasrnsmall chaotic interval, Lyapunov exponent is small and the generated chaotic sequence is unevenly distributed, and the correlation is high, a new image encryption algorithm is proposed by this paper. The Logistic chaotic mapping and Tent chaotic mapping are cas�caded by iteration based on Arnold transform, Logistic and Tent mapping. Experiments show that the algorithm effectively extends the key space of chaotic systems, has good encryption effect and security, and can resist several common attacks.
Keywords: Image encryption; Cascade chaos; Image scrambling; Arnold mapping;Logistic.
The effectiveness of cost sensitive machine learning algorithms in classifying Zeus flows
by Ahmad Azab
Abstract: Zeus botnet is regarded as one of the primary sources of financial losses for both individuals and organizations. Therefore, the identification of its Command and Control (C&C) network traffic has become an important research field. Although the literature provided machine learning and other solutions for C&C identification, they suffer from various drawbacks. In this paper, we provide a framework that bridges the gap in terms of the machine learning solution, by building a classifier to detect the untrained version of Zeus botnet C&C traffic. The framework showed efficacy in detecting a new version of Zeus botnet, by building the classifier on an older version, compared to the machine learning approach used in the current research.
Keywords: Zeus; network; security; machine learning; botnet.
DOI: 10.1504/IJICS.2020.10026851
One privacy-preserving multi-keyword ranked search scheme revisited
by Zhengjun Cao, Xiqi Wang, Lihua Liu
Abstract: Searchable encryption is a useful tool which allows a user to securely
search over encrypted data through keywords and retrieve documents of interest.
It plays a key role in big data and outsourcing computation scenarios.
In this paper, we show that the privacy-preserving multi-keyword ranked
search scheme over encrypted cloud data [IEEE TPDS, 2014, 25(1), 222--233] is flawed, because the introduced similarity scores do not represent the true similarities between indexing vectors and a querying vector. The returned documents by cloud server could be irrelevant to the queried keyword. We also present a revision based on the technique introduced by Wong et al. [SIGMOD'09, 139--152].
Keywords: cloud computing; multi-keyword ranked search; privacy-preserving search; scalar-product-preserving encryption.
A Fault Tolerance Data Aggregation Scheme for Fog Computing
by Zhixin Zeng, Liang Chang, Yining Liu
Abstract: The appearance of fog computing makes the traditional cloud-based Internet of Things to be more suitable for time and location-sensitive IoT applications. However, the infant fog computing paradigm is facing challenges in order to balance the usability of data and the privacy protection. In the past years, some excellent works have tried to address this concern using the aggregation method. However, the fact that a minority of IoT devices at the edge of the network maybe malfunction is not paid enough attention. In this paper, a fault-tolerant data aggregation scheme for fog computing networks is presented by employing Shamir's secret sharing and ElGamal cryptosystem, which not only enables the cloud server to obtain accurate sum value of collected data in a virtual area, but also protects the individual privacy from being leaked. Moreover, even though a few IoT devices fail to work, the aggregated value can still be obtained with the number of IoT devices that reach the threshold of collaboration. In addition, the security analysis and the performance evaluation show that the proposed scheme achieves the security, privacy, and efficiency.
Keywords: Fog Computing; Internet of Things; Fault Tolerance; Data Aggregation; Shamir Secret Sharing; Privacy Preservation.
Extracting Malicious Behaviors
by Khanh Huu The Dam, Tayssir Touili
Abstract: In recent years, the damage cost caused by malwares is huge. Thus, malware detection is a big challenge. The task of specifying malware takes a huge amount of time and engineering effort since it currently requires the manual study of the malicious code. Thus, in order to avoid the tedious manual analysis of malicious codes, this task has to be automatized. To this aim,rn we propose in this work to represent malicious behaviors using extended API call graphs, where nodes correspond to API function calls, edges specify the execution order between the API functions, and edge labels indicate the dependence relation between API functions parameters. We define new static analysis techniques that allow to extract such graphs from programs, and show how to automatically extract, from a set of malicious and benign programs, an extended API call graph that represents the malicious behaviors. Finally, We show how this graph can be used for malware detection. We implemented our techniques and obtained encouraging results: 95.66% of detection rate with 0% of false alarms.
Keywords: Malware detection; Static analysis; Information Extraction.
Efficient Post-Quantum Private Set-Intersection Protocol
by Sumit Debnath, Nibedita Kundu, Tanmay Choudhury
Abstract: Private Set Intersection (PSI) is a cryptographic protocol that enables two parties to securely determine the intersection of their private datasets without revealing anything except the intersection. Most of the existing PSI protocols are based on traditional number theoretic problems, such as discrete logarithm problem and factorization problem. Unfortunately, these protocols would be broken if efficient quantum computer emerges. The post-quantum PSI is an important alternative to traditional PSI protocols for its potential to resist future attacks of quantum computers. In this work, we present first post-quantum PSI protocol that achieves size-hiding property. Space-efficient probabilistic data structure Bloom filter along with lattice based public key encryption are used as building blocks of our construction. It attains linear complexity and security in standard model under the decisional learning with errors (DLWE) assumption. Moreover, we extend our post-quantum PSI to its authorized variant APSI retaining all the properties.
Keywords: PSI; APSI; Bloom Filter; Post-Quantum Cryptography; Lattice-Based Cryptosystem.
A Node Screening Algorithm for Wireless Sensor Network based on Threshold Measurement
by Bin Wu, Xiao Yi
Abstract: The normal operation of nodes ensures the realization of network functions. When abnormal nodes appear in the network, the network may be in chaos. A node screening algorithm based on threshold measurement is proposed to solve the problem of nodes screening in wireless sensor networks. First, the membership and non-membership of nodes are determined by using the correlation distance values calculated by the node attribute vector constructed through quantized node network attributes and the threshold vector. Second, an intuitionistic fuzzy set is constructed by the membership. Finally, the screening of wireless sensor network nodes is completed through similarity function. Simulation experiment and analysis show that this algorithm dramatically improves the detection probability compared with the node detection algorithm based on fuzzy theory.
Keywords: Wireless Sensor Network; Node Monitoring; Fuzzy Theory; Membership; Non-membership; Hesitant fuzzy sets.
Network Traffic Prediction Based on Least Squares Support Vector Machine with Simple Estimation of Gaussian Kernel Width
by Gang Ke, Shanshan Ji, Ruey-Shun Chen
Abstract: In order to improve the accuracy of network traffic prediction and overcome the disadvantages of slow convergence speed and easy to fall into local minimum value in the process of least squares support vector machine (LSSVM) network traffic prediction, a network traffic security prediction model based on LSSVM which simply estimates the width of Gaussian kernel is proposed. The model assigns different Gauss kernel widths for each sampling point according to the local density of the sampling point. The simulation results show that, compared with LSSVM and PSO-LSSVM, the model proposed in this paper improves the accuracy of network traffic security prediction, reduces the training time of sample data, and provides strong decision support for network traffic planning and network security management.
Keywords: LSSVM; gauss kernel width; local density of sampling points; network traffic prediction.
A hierarchical particle swarm optimization algorithm for cloud computing environment
by Yen-wu Ti, Shang-Kuan Chen, Wen-Cheng Wang
Abstract: Cloud computing is known to provide dynamic services to a large number of users over the Internet. The scheduling of multiple virtual machines has become the core issue of Infrastructure as a Service (IAAS). In this paper, production scheduling and vehicle routing are integrated to solve a task scheduling problem with a timing requirement in cloud computing. The issues of multiple compute resources for a lot of tasks are considered. Each task is generally defined by the dependent data preparation time and compute time, and the communication time and time window for computing. A hierarchical particle swarm optimization algorithm is proposed to solve the scheduling problem in cloud computing and achieve a minimum delay.
Keywords: Cloud Computing; Job Scheduling; Priority.
The Count-min Sketch is Vulnerable to Offline Password-guessing Attacks
by Jaryn Shen, Qingkai Zeng
Abstract: The Count-min Sketch is used to prevent users from selecting popular passwords so as to increase password-guessing attackers cost and difficulty. This approach was proposed by Schechter et al. at USENIX Conference on Hot Topics in Security in 2010. Schechter et al. originally intended the Count-min Sketch to resist password-guessing attacks. In this paper, however, for the first time, we point out that the Count-min Sketch is vulnerable to offline password-guessing attacks. Taking no account of the false positive rate, the offline password-guessing attack against the Count-min Sketch and the password file requires less computational cost than the benchmark attack against only the password file. Taking the false positive into account, in order to eliminate the threat to quicken password-guessing rate, the lower bound of the false positive rate must be greater than 33% in the naked Count-min Sketch and greater than 31% in the expensive Count-min Sketch, both of which are too high and unacceptable.
Keywords: password; guess; offline attacks; count-min sketch; password file; false positive; authentication.
FFRR: A software diversity technique for defending against buffer overflow attacks
by Raghu Kisore Neelisetti, Shiva Kumar K.
Abstract: To date several software diversity techniques have been proposed as defense to buffer overflow attacks. The existing diversity techniques sometimes rely on hardware support or modifications to operating system which makes them difficult to deploy. Further, the diversity is determined at the time of either compilation, link or load time, making them vulnerable to brute force attacks and attacks based on information leakage. In this work we study and implement Function Frame Runtime Randomization (FFRR) technique that generates variants of program binary from a single variant of the source program at runtime. We implemented FFRR as a compile time flag in gcc (C compiler) that can be activated at compile time and hence can be easily applied to legacy programs. FFRR provides a very fine grained randomization at the level of individual variables on the stack and the amount of randomization can be adjusted without having to recompile the source program. The proposed technique is able to achieve a fine grained randomization at the level of individual variables on the program stack with no significant performance overhead either in terms of memory or program execution time. The proposed solution incurs an average execution time overhead (SPEC CPU 2006) of 16%, while ASLR incurs an overhead of 21%. Finally, while the existing mechanisms make it difficult for a single patch to be pushed to all installed versions of software, the fine grained nature of FFRR makes it easy to manage and maintain software systems. We conclude the work by highlighting the effectiveness of FFRR and it's ability to significantly slow down the propagation of a large scale cyber attack.
Keywords: Function Frame; Run time Randomization; Software Security; Software Diversity; Buffer Overflows.
Managing Vulnerabilities during the Development of a Secure ETL processes
by Salma Dammak, Faiza Ghozzi, Asma Sellami, Faiez Gargouri
Abstract: Vulnerabilities in information systems (IS) are high-value assets to a
cybercriminal. These vulnerabilities can be targeted for exploitation which results in unauthorized access to the IS. Due to the increasing demand of preventing cyber-crimes, decisional systems should focus on ETL (Extract, Transform, and Load) processes security which is one of the most critical and complex issues considered during DW development. The intent of this paper is to provide a structured method for managing vulnerabilities that can affect ETL processes throughout its development (preventive) and along its exploitation (corrective). We anticipate and evaluate vulnerabilities by defining an impact of severity score measured based on CVSS standard and two scores presented the required preventive and corrective actions based on the COSMIC method. We propose an algorithm to order and prioritize these vulnerabilities using the de�fined scores. The prioritization algorithm allows the vulnerabilities treatment during the development and exploitation of ETL processes. Il also helps and assists the ETL designers in ensuring security.
Keywords: ETL processes; security; measure; vulnerabilities; cost; COSMIC; CVSS.
DDoS Amplification Attacks and Impacts on Enterprise Service-Oriented Network Infrastructures: DNS Servers
by Duncan-Allan Byamukama, John Ngubiri
Abstract: Of recent, government agencies have adopted ICT in the process of service delivery even in low e-Infrastructures settings especially developing countries. Protecting the assets of government is a crucial responsibility and priority. Assets include sensitive information such as product plans, citizen or client records, financial data and the IT Infrastructure of the institution, government or organization. However, DDoS attacks have continued to be a threat to network assets and services. The attacks can be executed in different ways causing different extents of damage. Recent research found an increase of 55% in large DDoS attacks spanning over 10mbps just in the first quarter of 2017 alone. DDoS attacks have continued to be a threat to network assets and services, predictions by expatriates in network security place these attacks as severe in the near future. The authors study the classification of DDoS attacks which can threaten large distributed enterprise network DNS components, the authors predict severity and mitigation approaches systematically. Finally, the authors analyze and assess the advantages and risks of the emerging usage of enterprise infrastructures, and assert the various kinds of DDoS attack tools.
Keywords: DNS; DNSSEC; DNS Infrastructures; DDoS; DNIs; e-Government.
Enhanced ant colony based AODV for analysis of black and gray hole attacks in MANET
by Premala Bhande, Md. Bakhar
Abstract: The security issue is major concerns in mobile ad hoc network (MANET). There are numerous works have been done on security challenges by various researcher communities. There are various solutions on secure routing protocols are developed to count the well- known attacks. In this network, mobile nodes are capable to communicate with each other through various wireless technologies. This network does not require any fixed infrastructure for its deployment. This network is always highly vulnerable to attackers due to wireless communication medium. This is quite easy for attackers to access the wireless medium and easily enter into the network. So, any kind of attacks occur in the network degrades the network performance and increases the packet overhead in the network. In this paper, we have proposed Enhanced ant colony based AODV (EAAODV) protocol for the analysis of gray and black-hole attack effects. A comparative analysis is shown among EAACO (Energy aware ant colony optimization) and EAODV (Enhanced AODV) protocols. We compared the performance of these protocols based on various QoS parameters delay, control overhead, throughput and the packet delivery ratio. The reproduction results show that our protocol performance clarity is better than others.
Keywords: MANET; Black Hole; Gray Hole Attack; Malicious node.
DOI: 10.1504/IJICS.2021.10034136
Pairing Based Strong Key-Insulated Signature Scheme
by P. Vasudeva Reddy, A. Ramesh Babu, N.B. GAYATHRI
Abstract: All Public key cryptosystems are secure based on the assumption that users private keys are absolutely secure. Exposure of this private key may leads to failure of the communication system. To diminish the damage of private key exposure in public key cryptosystem, key-insulation mechanism was introduced. In key-insulated cryptosystems, user can update his private key with helper assistance from time to time. Identity-based cryptosystem avoids the heavy certificate management problems in traditional public key cryptosystem. Recently, many Identity-Based Key Insulated Signature schemes have been appeared in literature; To improve the efficiency and to resist the problem of private key exposure in Identity-based signature schemes, we present an efficient key insulated signature scheme in ID-based setting using bilinear pairings over elliptic curves. The proposed scheme is unforgeable and achieves strong key insulation property with secure key updates under the hardness of the Computational Diffie Hellman Problem. The proposed scheme is more efficient than the existing schemes.
Keywords: Identity-based Signature Scheme; Key Insulation mechanism; ROM Security Model; Computational Diffie Hellman Problem.
QC-PRE: Quorum Controlled Proxy Re-encryption Scheme for Access Control Enforcement Delegation of Outsourced Data
by Shravani Mahesh Patil, B.R. Purushothama
Abstract: Proxy re-encryption is used to delegate the task of providing access control to the outsourced data on a cloud storage server. However the straightforward application of proxy re-encryption to delegate the task of access control enforcement of the outsourced data requires the cloud storage server to be trusted. The cloud storage servers are however, often, honest-but-curious or untrusted. Towards solving the problem of access control enforcement delegation of outsourced data, we design a quorum controlled proxy re-encryption scheme. Using the quorum controlled proxy re-encryption scheme, the task of enforcing access control can be delegated to a set of proxies, such that a quorum of proxies should come together to enforce access control. By distributing trust among multiple proxies, the single point of trust is eliminated and the system is made fault tolerant. We prove the IND-CPA security of the proposed scheme under the DBDHI assumption. We show that the proposed scheme satisfies most of the desirable properties of a proxy re-encryption scheme and outperforms the existing schemes. We show that by employing the proposed quorum controlled proxy re-encryption scheme, a group of proxies should participate in enforcing access control, thereby eliminating a single point of trust.
Keywords: Quorum Controlled Proxy Re-encryption; Cloud Storage Server; Access Control Delegation; Data Sharing; Access Rights.
Synthetic Arabic handwritten CAPTCHA
by Suliman A. Alsuhibany, Fatimah N. Almohaimeed, Naseem A. Alrobah
Abstract: Differentiating between human and bots became a critical issue of websites security. Therefore, a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a test to limit the ability of cyber attackers when it comes to scaling their activities using automated bots. Several Latin-based CAPTCHAs, which are widely used, have been broken, while Arabic script and handwritten text inherit characteristics that have been proven to be beneficial for cybersecurity. Accordingly, we proposed a method for using Arabic handwritten text to generate infinite CAPTCHAs challenges. In order to assess the proposed CAPTCHA generator, experimental studies are conducted. The results show a gap between machine and human recognition abilities while using Arabic handwritten script
Keywords: Arabic script; Handwriting synthesis; CAPTCHA; Cyber Security; Web Security.
DOI: 10.1504/IJICS.2021.10034739
Generalized Multi Release Framework for Fault Determination with Fault reduction Factor
by Shozab Khurshid, A.K. Shrivastava, Javaid Iqbal
Abstract: The world is now moving towards technologically active age where almost everything is tackled with the help of the software from small tasks to safety critical ones. Such a huge dependability on software systems has led to the need of reliable software that too in a very short span of time. One of the ways to achieve this is to provide a series of versions of the software so as to do multiple up-gradations of the software. Thus, firms release the first version of the software with some desired level of reliability in which all the faults are not removed. The remaining faults from the previous version are removed during the up-gradation of the software. The main focus in this paper is to deal with multi-release modelling incorporating the concept of fault reduction factor (FRF). FRF is considered as a significant factor in determining the reliability of the software and is defined as the net reduction in the number of faults in proportion to the total number of experienced failures. In this paper, multi-release models are proposed incorporating a constant FRF with imperfect debugging, change point and effort function. The parameter estimation is done on the four releases of tandem dataset. Numerical illustrations are given to determine the validity of the proposed model.
Keywords: Software Reliability Growth Model (SRGM); Non-Homogenous Poisson Process (NHPP); Modelling; Imperfect Debugging; Change Point; Testing effort; Multi-Release; Fault Reduction Factor (FRF).
DOI: 10.1504/IJICS.2020.10034037
Robustness Attack on Copyright Protection Scheme for H.264/AVC and SVC
by Grace C.-W. Ting, Bok-Min Goi, Sze-Wei Lee
Abstract: Digital content protection is a vital because nowadays video sharing via social media and mobile messaging plays an important role in our society. As such, there exist many digital watermarking schemes that enable owners to prove the ownership of their shared content. This paper presents an attack on the watermarking-based copyright protection scheme proposed by Park and Shin. We show that their scheme unfortunately is not able to achieve the design objective of proof of ownership. We also include analytical results showing why our attack works and empirical results demonstrating that attacked outputs are of acceptable quality. This type of robustness attack is an essential part of a copyright protection designer's consideration. Therefore, it is important that designers and security practitioners are aware of whether such attacks exist on any proposed copyright protection schemes, to prevent future designs from inheriting their weaknesses.
Keywords: copyright protection; robustness; watermarking; video sharing; security.
An intelligent stage light-based actor identification and positioning system
by Jianqing Gao, Haiyang Zou, Fuquan Zhang, Tsu-Yang Wu
Abstract: At this stage, the lighting control method of the stage actor is still in the stage of manual adjustment, so that the follow-up light cannot accurately and timely track the actors. In order to solve the above problems, an intelligent stage light-based actor identification and positioning system using tracking algorithm based on deep convolutional neural network is proposed, which can control the lighting system to automatically track actors. Firstly, the framework of the intelligent stage light based actor identification and positioning system was analyzed, and the process of actor identification and positioning function was designed. The particle filter is then used to generate the candidate target image and input as a rectangle. Finally, the deep neural network structure is constructed by combining the feature pre-training process and the convolutional neural network, and the real-time target tracking is completed. Performance verification was performed with multiple video test sets. The test results show that compared with other algorithms, this tracking algorithm can complete rectangular target tracking with strong real-time performance and exhibits high accuracy and robustness.
Keywords: identification; tracking; deep neural network; stage actor; stage light.
Effect of Black Hole Attack in Different Mobility Models of MANET using OLSR protocol
by Abdellah NABOU, My Driss Laanaoui, Mohammed Ouzzif
Abstract: The Mobile Ad hoc Network (MANET) is a self-configuring network when, the communication between nodes is insured directly without aid of fixed equipment or a specific administration. Due to mobility in MANET, each node has a role to insure the communication between the source and the destination; it is considered as a router by using specific routing protocols. There are many routing protocols destined for ad hoc network. One of these routing protocols is Optimized Link State Routing Protocol (OLSR), it is a proactive protocol that keeps track of the destinations in a routing table. Multi-Point Relay (MPR) is a specific concept used by the OLSR routing protocol. The goal of MPR nodes is to avoid blind flooding or the retransmission of the same routing packets in the same region of the network; the OLSR routing protocol is also exposed to several attacks that reduces its performances. Black Hole Attack is the best known in literature, in our paper we evaluate OLSR routing protocol under the single and multiple Black Hole Attack in two scenarios with Constant and Random Waypoint Mobility Model. The measurements are taken in terms of Throughput, Packet Delivery Ratio (PDR) and Packet Lost (PL). Simulation is done in recent Network Simulator (NS-3.25).
Keywords: MANET; Routing Protocols; OLSR; MPR; Black Hole Attack; Constant Waypoint Mobility; Random Waypoint Mobility.
Secure Zero-Effort Two-Factor Authentication Based on Time-Frequency Audio Analysis
by Mingyue Wang, Shen Yan, Wei Wang, Jiwu Jing
Abstract: Two-factor authentication (2FA) protects users online account even if his/her password is leaked. Conventional 2FA systems require extra interaction like typing a verification code, which might not be very user-friendly. To improve user experience, recent researchers aim at zero-effort 2FA, in which a smart phone placed close to a client computer (browser) automatically assists with the authentication. In this paper, we propose SoundAuth, a secure zero-effort 2FA mechanism based on (two kinds of) ambient audio signals. We consider the comparison of the surrounding sounds and certain unpredictable near-ultrasounds as a classification problem and employ machine learning techniques for analysis. To evaluate the usability and security of SoundAuth, we study the effects of the recording duration and distance between two devices. Experiments show SoundAuth outperforms existent schemes for specific simulation attacks.
Keywords: zero-effort two-factor authentication; 2FA; audio signals; ambient sound; near-ultrasound; challenge-response protocol; co-presence detection; machine learning technique; time synchronization.
Revocable Key Aggregate Searchable Encryption with User Privacy and Anonymity
by Mukti Padhya, Devesh Jinwala
Abstract: The Key Aggregate Searchable Encryption (KASE) schemes serve the advantages of both, searching over the encrypted dataset and delegating search rights using a constant size key, opening up many possible applications that require both these features. In particular, searchable group data sharing in the cloud is a prime example. However, when the existing KASE schemes are deployed in real-time applications, it is highly required to manage users' access control. Specifically, in a delegation system, if the shared documents are modified or if the delegated rights for the shared documents need to be revoked, the revocation of delegated rights must be supported by the system for managing the users' authorities. Furthermore, as the KASE schemes allow fine-grained delegation of search rights over a selected dataset using an aggregate key, the revocation should be at a fine-grained level. Therefore, in this paper we propose two solutions for the fine-grained revocation of delegated rights considering two different scenarios. First, we present a basic scheme that supports fine-grained revocation of the delegated rights on document level, instead of coarse-grained all-or-nothing access. The user is not allowed to search the document by the old trapdoor computed from the old secret key if his search privileges are revoked on that document. Under a multi-user setting, we propose an advance scheme that can make the fine-grained revocation of the delegated rights on the user level. In the proposed solutions, the re-encryption of ciphertexts is not required to make the revocation of the delegated rights. Additionally, the revocation in the proposed approaches does not affect the non-revoked users, as they do not require updating their corresponding delegated keys. The proposed approaches also preserve users' privacy and anonymity. We present the schemes' correctness proof, formal security analysis as well as performance analysis, which confirm that they are provably secure and practically efficient.
Keywords: Revocation; User Privacy; Annonyity; Searchable encryption; Data sharing; Data retrieval; Cloud server.
A Highly Secure Three-Party Authentication Key Exchange Protocol and its Application in E-Business Communication with ECK Model
by Chien-Ming Wang, Chih-Hung Wang
Abstract: Since for the e-business development, users sometimes need to share sensitive personal information through a public network, they do not want their privacy information revealed by the malicious attackers. In 2007, LaMacchia et al. proposed a two-party authentication key exchange (2PAKE) protocol under the security assumption of Extended Canetti-Krawczyk (ECK) model. Although the ECK model is well designed to guarantee security in a two-party key exchange, it is not suitable in several other real situations with more parties, such as in auction, space communication, and Internet of Things (IOT), among others. Considering these problems, we first propose several ECK-based three-party authentication key exchange protocols, which provide personal privacy security protection and increase the usability of the authentication key exchange protocols. We also discuss three cases in different application environments. Moreover, the pairing operations are used in some cases if the application situations require less communication steps.
Keywords: Extended Canetti-Krawczyk (ECK) model; three-party authentication key exchange (3PAKE); Diffie-Hellman assumptions; pairing algorithm.
On a secured channel selection in Cognitive Radio Networks
by Asma Amraoui
Abstract: Cognitive radio is a technology that improves the use of the radio spectrum by allowing opportunistic exploitation of the wireless spectrum. In this paper, we are interested in securing the cognitive radio network against the PUE (Primary User Emulation) attack. Firstly, our work is concerned with securing the cognitive radio network, by proposing two methods: Secure CR and Optimal CR using a Multi Criteria Decision Making (MCDM) algorithm to choose the best offer and another algorithm which is Blowfish for the authentication. Secondly, we proposed a method using machine learning. After a comparative study, we found that the Secure CR algorithm is more efficient in response time, secured but it does not give the best offer. On the other hand, the Optimal CR algorithm is less efficient than the first, optimal and gives a better result.
Keywords: cognitive radio; multicriteria decision making; machine learning; security; PUE attack.
An Efficient and Provably Secure Authentication Scheme Based on Elliptic Curve Signature Using a Smart Card
by Syed Amma Sheik, Amutha Prabakar Muniyandi
Abstract: Smart card-based authentication schemes play an important role in remote system access and provide a secure method for resource sharing. Over the past two decades, many password-based authentication schemes have been proposed and illustrated by researchers. In this paper, we propose a robust and secure authentication scheme using an ECC (elliptic curve cryptography)-based digital signature scheme along with a smart card. The proposed authentication scheme satisfies all the basic secure requirements described by the researchers. The security analysis for the proposed authentication scheme is performed using a widely accepted random-oracle model. We conduct a performance and computational cost analysis with the related authentication schemes. The proposed authentication scheme shows better efficiency in terms of security and performance compared to related authentication schemes.\r\n
Keywords: Elliptic curve; Authentication; Session key; Smart card; Mask identity.
A Feature Selection Method based on Neighborhood Rough Set and Genetic Algorithm for Intrusion Detection
by Min Ren, Zhihao Wang, Peiying Zhao
Abstract: This paper put forward a feature selection algorithm based on neighborhood rough set and genetic algorithm. Firstly, neighborhood rough set model, expanding the equivalence relation of discrete space to that of continuous space, was improved from two aspects. One was that class average distance of decision attributes was defined to automatically calculate the parameter neighborhood according to the characteristic of the data set. The other was that attribute significance of neighborhood rough set was improved, considering both the impact on decision of a single attribute and the dependency between an attribute and others. Then, genetic algorithm was used to select optimal feature subset based on improved attribute significance. Finally, in order to verify the feasibility, experiments were done on KDD CUP 99, and the results showed that the feature subset selected by the proposed algorithm ensured FCM getting higher accuracy.
Keywords: Rough Set; Neighborhood Relation; Genetic Algorithm; Feature Selection; Attribute Reduction.
Research on intrusion detection method based on SMOTE and DBN-LSSVM
by Gang Ke, Ruey-Shun Chen, Yeh-Cheng Chen
Abstract: Aiming at the problems of low accuracy and high false alarm rate when traditional machine learning algorithm processes massive and complex intrusion detection data, this paper proposes a network intrusion detection method (dbn-smote-lssvm) which combines deep belief network (DBN), synthetic minority oversampling technique(SMOTE) and least square support vector machine (LSSVM). In this algorithm, intrusion detection data is input to the DBN for depth feature extraction, and then a small number of samples are added through smote algorithm. Finally, lssvm is used for classification. Through the effective evaluation of dbn-smote-lssvm model by NSL-KDD data set, the experimental results show that dbn-smote-lssvm algorithm has the advantages of high accuracy and low false alarm rate compared with other algorithms, and improves the detection rate of small sample attacks.
Keywords: deep belief network; least square support vector machine; SMOTE; intrusion detection; nsl-kdd data set;.
A N-Party Authenticated Group Key Distribution protocol using quantum-reflection Architecture
by Hongfeng Zhu, Zhiqin Du, Liwei Wang, Yuanle Zhang
Abstract: Password-based group key agreement protocol (PGKA) can be widely used in situations where multiple participants participate and the participants have high requirements for communication security. For example, the security of communication between many people in social software, privacy protection between teams and so on. In this paper, quantum reflection security protocol is studied and an n-party authenticated group key distribution protocol (N-AGKDP) based on semi-quantum reflection architecture is proposed. The N-AGKDP is a protocol that can implement identity authentication between participants and quickly distribute group keys. In this protocol, a trusted third party (server) selects the session key and sends the quantum sequence containing the session key through the quantum channel to the first participant entering the session in chronological order. The first session participant used the shared base with the server to receive information and put the quantum information he did not need into the delay line device. After the quantum sequence is fully received, the quantum sequence in the delay line device is sent to the next participant. Repeat the above operation until all participants get the session key. The protocol has a general structure for implementing the n-party PGKA program .In addition, we give an example of n=3 so that readers can better understand our agreement. Compared with the traditional password-based group key protocol, our new protocol can resist the attack of quantum computers and is more secure.
Keywords: Semi-quantum protocol; Group key; Authentication; N-party; Quantum-reflection.
Obfuscated Code is Identifiable by a Token Based Code Clone Detection Technique
by Junaid Akram
Abstract: Recently developers use obfuscation techniques to make their code difficult to understand or analyze, especially malware developers. In Android applications, if the application is obfuscated, it is hard to retrieve the exact
source code after applying reverse engineering techniques on it. In this paper, we propose an approach which is based on clone detection technique and it can detect obfuscated code in Android applications very efficiently. We perform two experiments on different types of datasets including obfuscated and non-obfuscated applications source code. We successfully detected the obfuscated code of two types, including identifier-renaming and string-encryption with a high accuracy of 95%. A comparative study with other state-of-the-art tools prove the
efficiency of our proposed approach. Experimental results show that our approach is reliable, efficient and can be implemented at a large-scale level.
Keywords: Obfuscation handling; Code clones; Software security; Malware detection; Android applications; Code reuse.
Safety monitoring of machinery equipment and fault diagnosis method based on support vector machine and improved evidence theory
by Xingtong Zhu
Abstract: Safe and reliable operation of machinery is the primary requirement of enterprise production and the basis for realising the economic benefits. Some of the fault diagnosis methods use evidence theory to determine the fault type by collecting the vibration signals. However, in a complex operating environment, the evidence of vibration signal is high-conflict, so it is difficult to obtain the correct fault type. In order to solve this problem, an improved evidence theory based fault diagnosis method is proposed. First, vibration sensors are used to monitor operating conditions of mechanical equipment and collect vibration signals, and then the dimensionless indicators of these vibration signals are calculated to build the feature dataset. Next, the support vector machine (SVM) is applied to the preliminary fault diagnosis, and the probability of various fault types obtained by the SVM primary fault diagnosis is used as the basic probability assignment (BPA) of evidence. Finally, the improved evidence combination rule based on the Tanimoto coefficient and information entropy is used to fuse the evidence, thus forming the final diagnosis result. The experiments show that the proposed method is effective, achieving the fault diagnosis accuracy of 93.33%.
Keywords: Safety monitoring; fault diagnosis; support vector machine; D-S evidence theory; Tanimoto coefficient; information entropy.
Reinforcement learning based Cooperative Sensing in Cognitive Radio Networks for Primary User Detection
by K. Venkata Vara Prasad, Trinatha Rao
Abstract: Cognitive Radio Networks achieve a better utilization of spectrum through spectrum sharing. Due to interference, power levels and hidden terminal problem, it becomes challenging to detect the presence of primary users accurately and without this spectrum sharing cannot be optimized. Thus detection of primary users has become an important research problem in cognitive radio network. Existing solutions have low accuracy when effect of multipath fading and shadowing are considered. Reinforcement based learning solutions are able to learn the environment dynamically and able to achieve higher accuracy in detection of primary users. However the computational complexity and latency is higher in the previous solutions on application of reinforcement learning to spectrum sensing. In this work,Reinforcementlearningmodel is proposedto detect the presence of primary user.This approach has higher accuracy due to reliance on multi objective functions and reduced computational complexity.
Keywords: Reinforcement learning; Machine Learning; cooperative spectrum sensing; Intelligent Systems.
Methods for automatic malware analysis and classification: A Survey
by Toni Grzinic, Eduardo Blazquez Gonzalez
Abstract: In this review we try to summarize modern malware classification methods rnand analysis tools, and give some insight into the current research efforts that are used rnto build state of the art malware classification systems later used to detectrnmost dangerous malware families built for the operating system Microsoft Windows. rnBefore diving into features used for automatic classification, rnwe describe the accompanying analysis methods that are the rnfundamental building block of every automatic classifier. rnWe try to summarize and categorize efforts of researches and recognize rnthe upcoming problems and challenges in the vibrant malware landscape.
Keywords: malware classification; static analysis; dynamic analysis; review.
Searching the Space of Tower Field Implementations of the F(2^8) Inverter - with Applications to AES, Camellia, and SM4
by Zihao Wei, Siwei Sun, Lei Hu, Man Wei, René Peralta
Abstract: The tower field implementation of the F(2^8) inverter is not only the key technique for compact implementations of the S-boxes of several internationally standardized block ciphers such as AES, Camellia, and SM4, but also the underlying structure many side-channel attack resistant AES implementations rely on. In this work, we conduct an exhaustive study of the tower field representations of the F(2^8) inverter with normal bases by applying several state-of-the-art combinatorial logic minimization techniques. As a result, we achieve improved implementations of the AES, Camellia and SM4 S-boxes in terms of area footprint. Surprisingly, we are still able to improve the currently known most compact implementation of the AES S-box from CHES 2018 by 5.5 GE, beating the record again. For Camellia and SM4, the improvements are even more significant. The Verilog codes of our implementations of the AES, Camellia and SM4 S-boxes are openly available.
Keywords: Tower field; Inverter; S-box; AES; Camellia; SM4.
Emerging DNA Cryptography based Encryption Schemes: A Review
by Pratyusa Mukherjee, Chittaranjan Pradhan, Rabindra Kumar Barik, Harishchandra Dubey
Abstract: Security has been the fundamental apprehension during information transmission and storage. Communication network is inordinately susceptible to intrusion from unpredictable adversaries thus threatening the confidentiality, integrity and authenticity of data. This is where cryptography facilitates us and encodes the original message into an incomprehensible and unintelligible form. DNA cryptography is the latest propitious field in cryptography that has transpired with the advancement of DNA computing. The immense parallelism, unrivalled energy efficiency and exceptional information density of DNA molecules is being traversed for cryptographic purpose. Currently, it is in the preliminary stage and necessitates avid scrutinization. The foremost hindrance in the field of DNA cryptography is computational complexity and lack of sophisticated laboratories. In this paper, we discuss the existing DNA cryptographic approaches and compare their achievements and limitations to provide a better perception. In the end, a modified version of the DNA cryptography combined with soft computing is also suggested.
Keywords: Security; DNA Cryptography; DNA Computing; Bio-inspired Cryptography; Encryption.
DOI: 10.1504/IJICS.2022.10036907
Acquiring or Accessing Control Technologies for Big Data Management System: Application and Future Prospective
by Jiying Wu, JEAN-JACQUES DOMINIQUE BERAUD
Abstract: Since Roger Mougalas of O'Relly media coined the word "big data" in 2005, it has been of great interest and has become an area of in-depth research. While most studies have focused on big data in many research areas, the security and confidentiality of data depend on the size, variety, and speed of big data, as well as the lack of reference data models and data manipulation language application associated with them. In this study, we focus on one of the important functions of data security, namely access control to information, diversity of data, management practices and the definition of Data Security Services, namely Access Control, highlighting the differences with traditional Data Management Systems and highlighting some requirements that any large Data Access solution can answer by defining the state of the art and tackle the problems in public. We collected data on some of the best research databases in various research databases. The results showed that Google Scholar has the largest collection of big data. Also, content issues, integration of ideas, key methods, target groups, and big data security, and variable management were integrated into a detailed architectural structure. Finally, critical criticism has been taken into account and the results will add a variety of ways to help researchers interested in learning more about big data management and security by providing new ideas and perspectives for big data access control and management in the future.
Keywords: Big Data; Access control; Data Management System; Security.
Detecting over-claim permissions and recognizing dangerous permission in Android apps
by Monika Shah
Abstract: Android's security is one of the hot research topics in current days. This is mainly due to the leakage of user's privacy information from third-party apps on mobile. Even after the permission model defined by Android we all are witnessing leakage of our critical information. This is mainly due to (1) the Permission model is proportionally coarse granular (2) Insufficient knowledge of user make him approve over-claim permission mistakenly. Henceforth this paper focuses on recognizing dangerous over-claim permission. This starts with describing the permission model,over-claim permission, and some of the dangerous over-claim permission. This paper specifically proposes an algorithm to detect the signature of dangerous permission incorporated during the upgrading version of third-party software.
Keywords: App Upgrade; Android permission model; Over-claim permission ; Dangerous permission ; Information Security.
Hierarchical Data Partition Defense against Co-resident Attacks
by Junfeng Tian, Zilong Wang, Zhen Li
Abstract: Co-resident attacks are one of the most dangerous types of attack in the cloud environment, posing a great threat to data security and survivability for users. The existing data partition-based and data backup solutions provide users with higher storage overhead while improving the data security and survivability for users. A hierarchical data partitioning scheme is proposed that enables the multilevel partitioning of the data and makes the data have a certain order, which improves the security of user data while facilitating data management. At the same time, through the encrypted data backup, under the premise of improving the survivability of the users data, the users storage overhead is reduced. Finally, experiments prove that the proposed scheme improves the data security and survivability and reduces the users storage overhead.
Keywords: Cloud computing; Co-resident attack; Hierarchical data partition; Encrypted backup; Data theft; Data corruption.
Attack Resistant Chaos-based Cryptosystem by Modified Baker Map and Logistic Map
by Debanjan Chatterjee, Barnali Gupta Banik, Abhinandan Banik
Abstract: In recent years, information security has become a crucial aspect of data storage and communication. A large portion of digital data transfer takes place in the form of images such as social media images, satellite images, medical imaging; hence there is a requirement for fast and secure image encryption techniques. Conventional encryption schemes such as DES, AES, prove ineffective due to specific intrinsic properties of images. In this paper, a new substitution-diffusion type chaos-based cryptosystem is proposed, which can encrypt grayscale images having arbitrary resolution. In the substitution stage, image pixels are permuted using a modified form of the discretized 2-D Baker map. Substitution is followed by a two-step diffusion approach that employs a chaotic logistic map. The proposed cryptosystem is resistant to brute force attacks (measured by key-space and key-sensitivity analysis), statistical attacks (tested by Histogram and Chi-Square test) and differential attacks (measured against NPCR, UACI, and Hamming Distance); The proposed method has also been tested for Encryption Quality, Correlation Analysis, Entropy Analysis, and Performance Analysis by measuring Encryption Speed as well as Time Complexity. Therefore, it is sufficiently secured to be used in real-world applications. To prove the unparalleled outcome of the proposed system, four sets of comparisons have been presented with respect to NPCR & UACI, Encryption throughput, and, lastly, with similar & non-similar existing cryptosystems.
Keywords: Data Security; Encryption; Image Communication; Chaos; Sensitivity Analysis; Statistical Analysis;.
A Comprehensive Study of Watermarking Schemes for 3-D Polygon Mesh Objects
by Hitendra Garg
Abstract: Three-Dimensional (3-D) objects have been used in machine design, architecture design, entertainment, cultural heritage, medical field, etc during the last two decades. Increasing trends of 3-D objects attract the researcher, academician, and industry persons for various processing operations on 3-D objects. Extensive growth in specific areas requires Intellectual Property Rights protection and authentication problems. The proposed survey paper provides a comprehensive study of various watermarking solution for 3-D Polygon Mesh Objects (3-D PMO). This comprehensive survey includes an introduction, strength, and limitations to the relevant state of the art. The proposed study write down various problems encountered and their respective solution suggested in various state of art. The robustness of various algorithms is also studied against various attacks applied to watermarked models. At last, future scope and new directions for the robustness and optimization of watermarks on various parameters are suggested.
Keywords: 3-D Object; Polygon Mesh; Robust watermarking; fragile watermarking; attacks; Spatial Domain;Transform frequency Domain.
Cryptanalysis and Improvement of an Authentication Scheme for IoT
by Rahul Kumar, Mridul K. Gupta, Saru Kumari
Abstract: With the interference of various types of embedded devices, sensors and gadgets in day-to-day life, the buzzword Internet of Things (IoT) has become very popular. In the context of the IoT environment, proper device authentication is important. Recently, Wang et al. introduced an authentication protocol for secure communication between the embedded device and the cloud server over IoT networks. They insisted that their protocol is secure from various attacks in the open network. However, we show that Wang et al.'s protocol is not secure against impersonation attack, replay attack and it does not provide devices anonymity. To conquer these problems, we design an improvement of Wang et al.s protocol. We show that our protocol is secure against various attacks; specifically it is free from the attacks pointed out in Wang et al.s protocol. Through performance evaluation of our proposed protocol with the existing related protocols, we show that the proposed protocol is suitable for the IoT environment.
Keywords: Internet of Things; Impersonation attack; Device’s anonymity; ECC; Embedded device.
Game theory approach for analyzing attack graphs
by Khedoudja BOUAFIA, Lamia HAMZA
Abstract: Many real problems involve the simultaneous security of computer networks and systems
as it penetrates all areas of our daily lives. The purpose of attack graph analysis is to be able to protect
computer systems and networks against attacks related to them. In this paper, we have proposed a new
approach to analyzing attack graphs based on game theory in order to reduce network vulnerabilities.
This approach consists of turning a computer security problem into a two-player game and extracting
the best strategies for each of the both of them. The purpose of this work is to help administrator to
take a good decision to better secure network by using game theory methods.
Keywords: Computer security; Network; Vulnerability; Game Theory; Strategies; Attack graph.
Volatile Memory Forensics of Privacy Aware Browsers
by Nilay Mistry, Krupa Gajjar, S.O. Junare
Abstract: Internet Privacy has become a notable concern in todays world. Aside from the common usage of web browsers, users are using such browsers which can protect their privacy using anonymity. Such growing concerns regarding privacy over the Internet have led to the development of privacy-enhanced web browsers whose main aim is to provide better privacy to its users by not storing any information on users personal computers,and at the same time also keeps the users anonymous while browsing. Some users have found an alternative use of these web browsers somewhat illegal in nature. This research encompasses the acquisition and analysis of such kind of Privacy Browsers and compares its outcomes with that of the Portable Web Browsers and Private Modes of Commonly-used Web Browsers to establish the claim of these Privacy Browsers of keeping providing a higher level of privacy
Keywords: Privacy Browser; Portable Browser; Memory Forensics; RAM Analysis; Digital Forensics; Cyber Crime.
A Novel Traceback Model for DDoS Attacks Using Modified Floyd-Warshall Algorithm
by Mohamed Zaki, Sherif Emara, Sayed Abdelhady
Abstract: Distributed denial of service, DDoS, attacks are drastically increasing, therefore, they cause serious threats for information networks. One of the most dangerous aspects of such attacks is phishing i.e. the ability of masking the attacker IP address. Thus, it is extremely difficult to traceback DDoS attackers. However, there are different reasonable methods that are capable of tracing them back. These methods include packet marking, logging, combination of both marking and logging and entropy variation techniques. This paper proposes, for the first time, the use of a graph theoretic approach to exploit the entropy techniques for detecting and tracing back DDoS attackers. It presents a novel approach to traceback DDoS Attacks using modified Floyd-Warshall Algorithm, TDA/MFWA. Such model starts by feeding the network adjacency matrix in which the link weights are changed to comply with the network traffic entropy, accordingly the reachability from node to node can be examined. Then we borrowed the idea of enumerating all the intermediate points between every pair of
network nodes from Floyd-Warshall algorithm and modified it to find out the victim node(s).
The fact that entropy at network nodes is systematically accounted using a modified Floyd-Warshall algorithm contributes to the smartness and dependability of TDA/MFWA. This fact is confirmed by a large set of experiments that emphasized not only the effectiveness of the model but also its superiority with respect to other DoS/DDoS traceback algorithms.
Keywords: Packet logging; Packet marking; Entropy variation; Modified Floyd-Warshall Algorithm; Traceback; DoS/DDoS attack.
Data Privacy with Heuristic Anonymization
by Sevgi Arca, Rattikorn Hewett
Abstract: Data are abundant. This makes data privacy more vulnerable than ever as attackers can infer confidential data from different query sources. Anonymization ad-dresses the issue of data privacy by making sure that each set of "critical" data values belongs to more than one individual so that the identity of the individual can be protected. Techniques for anonymization have been studied extensively but most have been designed to address each specific goal as opposed to providing an integrated system solution for computation, optimality, and data usage. This paper articulates and compares various aspects of privacy objectives for data anonymization. Most importantly, the paper also presents HeuristicMin, a new anonymization approach that applies generalizations along with optimal Artificial intelligence search to securing privacy by satisfying user-specified anonymity requirements while maximizing information preservation. By exploiting monotonicity property of generalization and using simple heuristics with appropriate generalization grain size (to prune and narrow down the search space), HeuristicMin is both effective for practice and theoretically grounded. We illustrate and provide analytical and empirical comparisons of our approach with other representatives including those designed for optimal generalization and classification. We differentiate the meanings of optimality. Furthermore, experimental results show that in addition to achieving the optimal generalized data to satisfy anonymity requirements, HeuristicMin can sustain the data quality for classification relatively well even though its intent is to keep the generalized data as close as possible to the original.
Keywords: privacy; anonymization; data generalization; bottom-up generalization.
Collaborative Filtering based Recommendations against Shilling Attacks with Particle Swarm Optimizer and Entropy Based Mean Clustering
by Anjani Kumar Verma, Veer Sain Dixit
Abstract: Recommender System (RS) in the present web
environment is required to gain the knowledge of the users and
their commitments such as like and dislike about any items
available on the e-commerce sites. Movie recommendations are
one of such type in which shilling attack is increasing day by day,
this will destroy or abruptly disturb the meaning of the data when
recommended to others. Also, the hazards of shilling attacks
degrade the performance of web recommendations. Hence, to
address this issue the paper, Collaborative Filtering (CF) based
hybrid model is proposed for movie recommendations. The
Entropy-Based Mean (EBM) clustering technique is used to filter
out the different clusters out of which the top-N profile
recommendations have been taken and then applied with Particle
Swarm Optimization (PSO) technique to get the more optimized
recommendations. This research is focused is on getting secure
recommendations from different recommender systems.
Keywords: Collaborative Filtering; Entropy Based Mean;
Particle Swarm Optimizer; Recommender System; Shilling
Attack.
Special Issue on: Current Trends in Computational Intelligence for Security and Privacy of Cloud and IoT-based Consumer Data
Research on Privacy Protection System of RFID Personal Consumption Data Based on Internet of Things and Cloud Computing
by Ningning Du, Chongxu Chen
Abstract: Internet of Things and cloud computing have caused the subversion of traditional concepts in sociology, law and ethics, in order to improve the privacy protection level of personal consumption data, the Internet of things and cloud computing are used to construct the privacy protection model. Firstly, legal Interpretation of personal privacy data protection in RFID is carried out. Secondly, the privacy protection model based on clouding computing, and the corresponding algorithm is designed. Thirdly, the privacy protection authentication protocol of RFID personal consumption data is designed. Finally, the protocol search time-consuming comparison based on the traditional and proposed privacy protection systems are carried out based on simulation analysis, results show that the proposed model can effectively protect the personal consumption data.
Keywords: Internet of Things; cloud computing; privacy protection; RFID personal consumption data.
Research on Network Security Defense Based on Big Data Clustering Algorithms
by Jianchao Zhao
Abstract: To improve the security of network in big data era, the improved clustering algorithm is applied to carry out network security defense. Firstly, application of large data clustering algorithms in network security defense is analyzed. Secondly, Network Security Defense Model is studied, and corresponding mathematical model is designed. Thirdly, the improved clustering algorithm based on big data is established through analysis text requirements and data characteristics. Finally, simulation analysis is carried out, and the effectiveness of the proposed algorithm is verified. The theory analysis results show that the proposed model can provide the theoretical basis for designing network information security defense system.
Keywords: network security defense; big data; improved clustering algorithm.
Information Protection of End Users on the Web: Privacy Issues and Measures
by Nooh Bany Muhammad, Aya Kandil
Abstract: In the current world, everyone needs to be connected to the Internet. However, as technology develops, online scammers also advance with technology. To protect private information, the end users must ensure their data is protected. There are ways of protecting data from online hackers that end users are supposed to apply in order to keep their files safe. This paper is going to discuss what is happening nowadays? What are the ways of protection do websites use? How to protect our information and what's the best behavior? And about the End users victims over the web.
Keywords: Web Privacy; Security; Malware; Protection; Internet Privacy.
E-commerce Process Reengineering for Customer Privacy Protection
by Fengming Ma, Gang Sheng, Yuefeng Ma
Abstract: E-Commerce has become a new engine to promote the economic growth, which has injected new vitality into economic development and has profoundly changed the way people work and live. However, the privacy protection measure for customer information is not in place in the E-Commerce process, which leads to the occurrence of privacy leakage in different links and brings different degree of influence to the customer. Privacy leakage is a major hidden danger for the healthy and orderly development of E-Commerce. The main reason for privacy leakage of the customer information lies in that the customer information is stored and displayed in plaintext in the E-Commerce process. It is so easy for the lawless elements to get the customer information. In this paper, according to the characteristics of E-Commerce, a customer privacy protection platform is presented on the basis of the analysis of the main reason of privacy leakage, where such technical measures as information segmentation, data encryption and access authorization are taken for the customer privacy information. The traditional process of E-Commerce is changed and the customer information is used on demand. The traceability helps to prevent the leakage and abuse of the consumer information as much as possible.
Keywords: e-commerce; privacy protection; access authorization.
The Prediction of Network Security Situation Based on Deep Learning Method
by Zhixing Lin, Jian Yu, Shunfa Liu
Abstract: Network security situational awareness is one of the important issues in the research of network space security technology. In this paper, deep learning technology is applied to analyze and learn network data, generate counter network by classification for sample amplification, use sparse noise reduction autoencoder for feature selection, and then use LSTM for deep learning model of security situation prediction. After the experiment proved that the proposed based on sparse noise reduction since the encoder - LSTM network security situation prediction model can solve various level attack against small number, not balanced, using the model prediction results more accurate, and in predicting regional security situation has the advantage for a long time in order to solve the above problems, the network security management become passive to active, adaptation measures in advance.
Keywords: computer security; network security situation prediction; deep learning; auto-encoder; generating adversarial networks.
A Hybrid Approach for Preserving Privacy for Real Estate Data
by Parmod Kalia, Divya Bansal, Sanjeev Sofat
Abstract: In this digital age, usage of the internet has increased many folds as users have become dependent on the cloud-based application including online services such as e-banking, e-commerce, and e-payment, etc. The disclosure of personal and sensitive information on such a platform becomes a prospective threat for an attack. It is essential to preserve the personal and sensitive information from an unauthorized adversary and at the same time ensuring that the requisite data could be retrieved for the specific purpose for which it is collected without disclosing the sensitive data. Researchers have used randomized data distortion techniques to conceal the sensitive data by transforming the data with random addition of noise to the original dataset. This type of perturbation technique has relevance for the numerical datasets and has the limitation of usage in other types of data. To overcome the limitation of randomized data distortion techniques and ensuring effective data privacy and utility, we propose a hybrid model of two phases encoding with additive random noise value. In this paper, a predefined classification of attributes based on sensitivity is introduced to sensitize the data structure. The proposed approach of using encoding with additive noise value to the original data ensures nondisclosure of private and sensitive information and maintaining an effective balance between data privacy and data utility. The paper presents results on the application of the proposed technique on different data sizes of the real estate industry in terms of efficiency and effectiveness in preserving privacy and data utility. The outcome of the retrieval algorithm of the proposed approach has been evaluated in terms of privacy level and information loss and has proved effective in comparison with other privacy-preserving techniques such as perturbation and encryption in terms of efficiency, space complexity.
Keywords: cloud computing; data mining; hybrid approach; preserving privacy; sensitive attribute; quasi identifier; nonsensitive; perturbation; encoding; computational complexity; cryptography.
|
Articles marked with this Open Access icon are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.
Our Blog 
Follow us on Twitter 
Visit us on Facebook