International Journal of Security and Networks (11 papers in press)

Regular Issues

• A Hybrid Malware Analysis Approach for Identifying Process-Injection Malware Based on Machine Learning  
  by Chia-Mei Chen, Ze-Yu Lin, Ya-Hui Ou 
  Abstract: Advanced Persistent Threat (APT) attacks take place every day, utilizing stealthy and customized malware to disrupt the service or sabotage the network. Such advanced malware may subvert the defense mechanism by abusing process injection techniques provided by operating system and injecting malicious code into a benign process. Some process injection techniques may be identified by static analysis, but some can only be discovered at run time execution. This study adopts deep learning models and two malware analysis approaches to detect process injection malware. By applying transfer learning, this study proposes a CNN-based detection model with the features selected from static and dynamic analysis to identify process-injection malware. The experimental results demonstrate that the proposed method could detect process-injection malware efficiently as well as unknown malware.
  Keywords: malware detection; process injection; machine learning.
  
  
• Research on system safety in the case of component failure based on degree correlation  
  by Wuchao Shi 
  Abstract: Nowadays, complex systems play an irreplaceable role in life, network security reflects a series of network controllability problems. In this paper, we focus on the topological characteristics of the network, starting from the degree correlation of the network, and studying the controllability of the network for different network types. For different network data sets, we adopt different security strategies to protect the network. Experiments show that the network controllability of different data sets under different security strategies is very different. Neutral networks and networks with the same configuration have little difference in the performance of each node in the face of network attacks; in the face of network attacks with heterogeneous networks, the security protection strategy of the central node can maintain network security to the greatest extent. Through different security strategies to achieve network controllability, the greatest possible realization of system security.
  Keywords: Network controllability; topological characteristics; degree correlation; security strategies.
  
  
• Privacy Preserving Dynamic Data Release Based on Non-synonymous Diverse Anatomy  
  by Yan Yan, Eyeleko Anselme Herman, Adnan Mahmood, Sun Zichao, Dong Zhuoyue, Xu Fei 
  Abstract: The publishing and using of big data brought unprecedented convenience to users. However, it also results in the disclosure of personal privacy information. In order to mitigate the privacy leakage risk of sensitive information during dynamic data updating, this paper envisages a non-synonymous diverse anatomy method for the privacy preserving dynamic data publishing. The envisaged method inherits the advantages of the traditional anatomy method, retains the availability of the original data to the greatest extent, and avoids the loss of information caused by the generalisation process. A series of indicators are designed to evaluate the synonymous linkage between non-numerical sensitive values. A novel grouping mechanism is further proposed to achieve l-diversity anatomy by combining the concept of synonymous linkage and synonymous entropy with the dynamic update procedure. Experimental analysis suggests that the envisaged method can provide better privacy protection effect on the published data.
  Keywords: privacy protection; data publishing; anatomy; synonymous attack; l-diversity; dynamic data update.
  DOI: 10.1504/IJSN.2022.10051234
   
  
• An Abnormal Intrusion Detection Method Based on Self-organizing Model  
  by Hehui Zhang, Yong Yang, Xi Song, Wenhui Li, Shuqiang Guo 
  Abstract: Intelligent video analysis is a new application direction in computer vision. Aiming at the decline of abnormal intrusion detection accuracy caused by background change in the intelligent video analysis field, an anomaly detection method for monitoring video based on a self-organising model is proposed. In this method, the idea of a self-organising mapping neural network in machine learning is applied to anomaly intrusion detection, and the gridded video image is regarded as input excitation. Then, the method constructs the expression model of a normal image by generating, updating, and deleting nodes and uses the node state in this model to calculate the anomaly degree, to judge whether there is an abnormal intrusion. Experiments show that the anomaly detection method based on a self-organising model can effectively detect the abnormal intrusion of pedestrians and vehicles in the scenes taken by a fixed lens camera and rotating ball camera. Its performance is significantly better than common detection methods. Compared with the Gaussian mixture model and grow when required network methods, the accuracy is improved by 5.8% and 2.7%, respectively.
  Keywords: self-organising model; anomaly intrusion detection; video surveillance.
  DOI: 10.1504/IJSN.2022.10054767
   
  
• Sensitive Information Leakage Analysis of Database Code by Abstract Interpretation  
  by ANGSHUMAN JANA 
  Abstract: An information system stores outside data in the backend database, to process them efficiently and protects sensitive data from illegitimate flow or unauthorised users. However, most of the information systems are made in such a way that the sensitive information stored in a database may be leaked explicitly or implicitly during data processing along with the control structure of the program to the output channels. Therefore, sensitive data leakage is one of the crucial security threat. In this paper, main objective is to detect the illegitimate flow of confidential information in an information system. We propose a framework to detect sensitive information leakage through the data-flow paths of an information system. In particular, to compute the precise set of data-flow paths, we use the non-relational abstract property of the interval domain and the relational abstract property of the polyhedra domain that enables the framework to produce efficient security analysis results.
  Keywords: formal methods; database program; data dependency graph; data security; abstract interpretation.
  DOI: 10.1504/IJSN.2023.10054893
   
  
• Security in smart home environment: issues, challenges, and countermeasures - a survey  
  by Redhwan M.A. Saad, Khaled A.M. Al Soufy, Samir I. Shaheen 
  Abstract: The accelerated spread of the IoT and rapid development of modern communication networks and technologies have connected the physical world with computational elements in the smart home environment. The smart home is based on IoT technology which facilitates device observing in order to increase the availability of various tools for securing home automation. Thus, it has been used as a feature of the future wireless sensor network to be able to operate without human intervention. However, it is vulnerable to vulnerabilities and security threats. Due to interconnected, heterogeneous, and dynamic nature of the smart home, challenges related to security, authentication, and confidentiality are created. In this paper attacks on the security of smart homes are investigated to assess their impact on the security of the system as a whole. The technologies and security solutions in such environment are also identified. Therefore, current security measures are discussed to counter such security attacks.
  Keywords: internet of things; IoT; malware; security attacks; smart home.
  DOI: 10.1504/IJSN.2023.10055132
   
  
• An ex-convict recognition method based on text mining  
  by Mingyue Qiu, Xueying Zhang, Xinmeng Wang 
  Abstract: Currently, a large proportion of existing cases in the grassroots public security organisations were committed by ex-convicts. Grassroots police officers cannot directly and rapidly judge whether a suspect is an ex-convict who has committed a case. To solve this problem, an attempt is made to analyse the case report data in a branch bureau in 2021 through data mining. Using the brief case texts in the case report data as the data source, different models based on various algorithms were established to judge whether the ex-convict committed the case. Next, using different algorithms, the ex-convict in the database was ascertained based on the similarity degree results. Finally, the similarity results (the highest similarity reached 94.8) using different methods were calculated, added, and ranked in descending order to submit an ex-convict list to the grassroots police officers for further artificial judgement. Accordingly, grassroots police officers can conduct rapid recognition of ex-convicts when a case is reported. The present model is tested well in the actual applications in the local police stations, suggesting that the model can provide overwhelming support in the daily work of police stations, and with the mutual cooperation and gradual promotion among the police stations, large amounts of human and material resources can finally be saved.
  Keywords: natural language processing; text mining; similarity analysis; recognition of people with previous conviction.
  DOI: 10.1504/IJSN.2022.10049089
   
  
• A multi-theory model to evaluate new factors influencing information security compliance  
  by Aatish Chiniah, Feroz Ghannoo 
  Abstract: Many organisations recognise that their employees, who are often considered the weakest link in information security, can also be great assets in the effort to reduce risk related to information security. This research identifies the antecedents of employee compliance with the information security policy (ISP) of an organisation. A survey among computer users of organisations in Mauritius which have established information security policy was carried out. A novel multi-theory model is derived from theory of reasoned action, cognitive evaluation theory and hanoo, and that model is presented to evaluate the data gathered through the survey. The results show that an employee's intention to comply is influenced by attitude, security awareness programs and rewards. Intention to comply in turn influences actual compliance to ISP.
  Keywords: information security; compliance behaviour; information security policy.
  DOI: 10.1504/IJSN.2022.10053519
   
  
• MB-CIM: a multi-round budgeted competitive influence maximisation  
  by Nadia Niknami, Jie Wu 
  Abstract: Influence maximisation is trying to select a small set of seed users in the social network to maximise the spread of influence. An individual's decision to adopt a product or innovation will be highly dependent on the choices made by the individual's neighbours in the social network. In CIM, competitors need to decide which nodes would be an influential one and how many resources should be allocated to this member. Identifying the best algorithm for the influence maximisation under budget constraint has become a demanding task. Predicting, and controlling social influence is an exciting topic in social network analysis. We are interested in multi-round CIM where each competitor needs to decide the location and the amount of budget to invest in the most influential members simultaneously and repeatedly under a given total budget. This paper proposes a tree-approximate game-theoretical framework and introduces the new measurement as a dynamic node weight.
  Keywords: budget allocation; game theory; reinforcement learning; social networks; multi-round influence maximisation.
  DOI: 10.1504/IJSN.2022.10046054
   
  
• A slice-based encryption scheme for IPFS  
  by Changsong Zhou, Guozi Sun, Xuan You, Yu Gu 
  Abstract: The interplanetary file system (IPFS) has been used more and more widely because of its advantages of smooth integration with the current blockchain platform and its advantages as a distributed file system. However, the authors found that IPFS has some privacy issues; it cannot completely avoid unauthorised access to data by malicious nodes. In response to this problem, the authors propose a lightweight encryption scheme based on the characteristics of IPFS file slicing combined with AES256 and SHA256, which can be smoothly integrated into IPFS. During the upload process, this scheme encrypts some sliced file blocks according to the strategy formulated by the user. During the download process, the encrypted block is identified and decrypted according to a special encryption method. Through this scheme, the system can increase file security without affecting the performance of IPFS itself and retain the deduplication effect of IPFS to the utmost extent.
  Keywords: advanced encryption standard; AES; SHA256; blockchain; distributed storage; security; Merkle DAG; interplanetary file system; IPFS; slice; deduplication.
  DOI: 10.1504/IJSN.2022.10047182
   
  
• A blockchain-based NFV market in the multi-node edge computing network  
  by Suhan Jiang, Jie Wu 
  Abstract: Currently, network function virtualisation (NFV) incorporates cloud computing (CC) and forms a market, providing elastic and cost-efficient chained network services. This paper considers a new NFV market in edge computing, where NFV providers deploy service chains on near-by EC nodes instead of remote data centres. An optimisation problem is formulated to minimise the deployment costs of a required service chain from an NFV provider's perspective, with user service delay guarantees. Due to its NP-hardness, we investigate two special network models, where we can turn to dynamic programming solutions. We propose a pricing mechanism based on bargaining theory to decide fair resource prices for EC nodes. To relinquish the full power of the NFV provider, we design a blockchain-based system to implement our algorithms using smart contract. Simulations are conducted and numerical evaluations are presented to demonstrate the efficiency of our solutions and the applicability of our system.
  Keywords: bargaining theory; blockchain; dynamic programming; edge computing; NFV market; service chain.
  DOI: 10.1504/IJSN.2022.10052810